Merge branch 'develop' into feature/apt_repository

hieradata/common.yaml

@@ -7,3 +7,4 @@ profiles::puppet::autosign::subnet_ranges:
   - '198.18.17.0/24'
 
 profiles::puppet::enc::enc_repo: https://git.unkin.net/unkinben/puppet-enc.git
+profiles::puppet::r10k::r10k_repo: https://git.unkin.net/unkinben/puppet-r10k.git

site/profiles/manifests/git/git.pp

@@ -0,0 +1,24 @@
+# Class: profiles::git::git
+#
+# This class ensures that the Git package is installed.
+#
+# It uses the 'package' resource to manage the Git package,
+# and will ensure that it is installed. This class does not 
+# manage any configurations related to Git, it only ensures 
+# that the package is installed.
+#
+# The class does not take any parameters.
+#
+# Example usage:
+# --------------
+# To use this class, you simply need to declare it in your manifest:
+# 
+# include profiles::git::git
+#
+# You do not need to pass any parameters.
+#
+class profiles::git::git {
+  package { 'git':
+    ensure => installed,
+  }
+}

site/profiles/manifests/puppet/enc.pp

@@ -37,9 +37,7 @@ class profiles::puppet::enc (
   String $enc_repo,
 ) {
 
-  package { 'git':
+  include profiles::git::git
-    ensure => installed,
-  }
 
   vcsrepo { '/opt/puppetlabs/enc':
     ensure   => latest,

site/profiles/manifests/puppet/puppetmaster.pp

@@ -23,6 +23,7 @@
 # Limitations:
 # This is designed to work on Unix-like systems.
 class profiles::puppet::puppetmaster {
+  include profiles::puppet::r10k
   include profiles::puppet::g10k
   include profiles::puppet::enc
   include profiles::puppet::autosign

site/profiles/manifests/puppet/r10k.pp

@@ -0,0 +1,91 @@
+# Class: profiles::puppet::r10k
+#
+# This class manages a Git repository at /etc/puppetlabs/r10k. It includes a 
+# systemd service and timer to keep the repository updated every minute.
+# The Git package is installed if not present, and the repository at the given 
+# location will always reflect the state of the remote Git repository.
+#
+# Parameters:
+# - r10k_repo: The URL of the Git repository to clone.
+#
+# Actions:
+# - Ensures the Git package is installed.
+# - Ensures the /etc/puppetlabs/r10k directory is a clone of the given Git repository.
+# - Creates a helper script '/opt/puppetlabs/bin/puppet-r10k' for updating the Git repository.
+# - Creates a systemd service and timer that runs the git update script every minute.
+#
+# Usage:
+#   Directly include the class in your node definitions or classify your nodes 
+#   using an enc or Hiera.
+#   Example:
+#     node 'puppet.example.com' {
+#       class { 'profiles::puppet::r10k':
+#         r10k_repo => 'https://github.com/user/repo.git',
+#       }
+#     }
+#
+# Requirements:
+# - The 'puppet-vcsrepo' module should be installed on your puppetmaster.
+# - The 'puppet-systemd' module should be installed on your puppetmaster.
+# - '/opt/puppetlabs/bin/' directory must exist and be writable.
+# - Puppet master must have access to the specified Git URL.
+#
+# Limitations:
+# This is designed to work on Unix-like systems only.
+#
+class profiles::puppet::r10k (
+  String $r10k_repo,
+){
+
+  include profiles::git::git
+
+  vcsrepo { '/etc/puppetlabs/r10k':
+    ensure   => latest,
+    provider => git,
+    source   => $r10k_repo,
+    require  => Package['git'],
+  }
+
+  file { '/opt/puppetlabs/bin/puppet-r10k':
+    ensure  => file,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0755',
+    content => "#!/bin/bash\n(
+      cd /etc/puppetlabls/r10k
+      git reset --hard master
+      git clean -fd
+      git pull\n)",
+    require => Package['git'],
+  }
+
+  $_timer = @(EOT)
+  [Unit]
+  Description=puppet-r10k downloader timer
+  [Timer]
+  OnCalendar=*:0/5
+  RandomizedDelaySec=1s
+  [Install]
+  WantedBy=timers.target
+  EOT
+
+  $_service = @(EOT)
+  [Unit]
+  Description=puppet-r10k downloader service
+  [Service]
+  Type=oneshot
+  ExecStart=/opt/puppetlabs/bin/puppet-r10k
+  User=root
+  Group=root
+  PermissionsStartOnly=false
+  PrivateTmp=no
+  EOT
+
+  systemd::timer { 'puppet-r10k.timer':
+    timer_content   => $_timer,
+    service_content => $_service,
+    active          => true,
+    enable          => true,
+    require         => File['/opt/puppetlabs/bin/puppet-r10k'],
+  }
+}