feat: prepare puppet for debian
- set yum::versionlock to be only for redhat family - set puppet-agent require statement to use apt or yum - remove requirement of downloading puppet7-release-$dist.deb - create all paths in $base_path for vault certificate - set correct $PATH for update-ca-certificates - dynamically set debian release name - split packages to install from common.yaml to os-specific - create groups profile to manage local groups - change sysadmin to be a member of admins group - setup admins sudo rules
This commit is contained in:
+19
-2
@@ -30,6 +30,12 @@ lookup_options:
|
||||
haproxy::backend:
|
||||
merge:
|
||||
strategy: deep
|
||||
sudo::configs:
|
||||
merge:
|
||||
strategy: deep
|
||||
profiles::base::groups::local:
|
||||
merge:
|
||||
strategy: deep
|
||||
|
||||
facts_path: '/opt/puppetlabs/facter/facts.d'
|
||||
|
||||
@@ -59,7 +65,6 @@ profiles::packages::install:
|
||||
- iotop
|
||||
- jq
|
||||
- lz4
|
||||
- lzo
|
||||
- mtr
|
||||
- ncdu
|
||||
- neovim
|
||||
@@ -79,7 +84,6 @@ profiles::packages::install:
|
||||
- vim
|
||||
- vnstat
|
||||
- wget
|
||||
- xz
|
||||
- zsh
|
||||
- zstd
|
||||
|
||||
@@ -111,6 +115,19 @@ profiles::puppet::client::usecacheonfailure: false
|
||||
prometheus::node_exporter::export_scrape_job: true
|
||||
prometheus::systemd_exporter::export_scrape_job: true
|
||||
|
||||
profiles::base::groups::local:
|
||||
admins:
|
||||
ensure: present
|
||||
gid: 10000
|
||||
allowdupe: false
|
||||
forcelocal: true
|
||||
|
||||
sudo::configs:
|
||||
admins:
|
||||
priority: 10
|
||||
content: |
|
||||
%admins ALL=(ALL) NOPASSWD: ALL
|
||||
|
||||
profiles::accounts::sysadmin::sshkeys:
|
||||
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZ8SRLlPiDylBpdWR9LpvPg4fDVD+DZst4yRPFwMMhta4mnB1H9XuvZkptDhXywWQ7QIcqa2WbhCen0OQJCtwn3s7EYtacmF5MxmwBYocPoK2AArGuh6NA9rwTdLrPdzhZ+gwe88PAzRLNzjm0ZBR+mA9saMbPJdqpKp0AWeAM8QofRQAWuCzQg9i0Pn1KDMvVDRHCZof4pVlHSTyHNektq4ifovn0zhKC8jD/cYu95mc5ftBbORexpGiQWwQ3HZw1IBe0ZETB1qPIPwsoJpt3suvMrL6T2//fcIIUE3TcyJKb/yhztja4TZs5jT8370G/vhlT70He0YPxqHub8ZfBv0khlkY93VBWYpNGJwM1fVqlw7XbfBNdOuJivJac8eW317ZdiDnKkBTxapThpPG3et9ib1HoPGKRsd/fICzNz16h2R3tddSdihTFL+bmTCa6Lo+5t5uRuFjQvhSLSgO2/gRAprc3scYOB4pY/lxOFfq3pU2VvSJtRgLNEYMUYKk= ben@unkin.net
|
||||
|
||||
|
||||
Reference in New Issue
Block a user