Merge branch 'develop' into neoloc/mariadbgalera

This commit is contained in:
2023-12-10 16:34:42 +11:00
18 changed files with 256 additions and 80 deletions
+3
View File
@@ -16,6 +16,9 @@ class profiles::base (
}
}
# manage the puppet agent
include profiles::puppet::agent
# manage puppet clients
if ! member($puppet_servers, $trusted['certname']) {
include profiles::puppet::client
+15 -15
View File
@@ -1,21 +1,21 @@
# This class manages the installation of packages for the base profile
#
# Parameters:
# - $packages: An array of package names to be installed (optional)
# - $ensure: Enum of present, absent, latest or installed (optional)
#
# Example usage:
# class { 'profiles::base::packages':
# packages => ['package1', 'package2', 'package3'],
# - $add: An array of package names to be installed
# - $remove: An array of package names to be removed
#
class profiles::packages::base (
Array $packages = lookup('profiles::packages::base', Array, 'first', []),
Enum[
'present',
'absent',
'latest',
'installed'
] $ensure = 'installed',
){
ensure_packages($packages, {'ensure' => $ensure})
Array $add = [],
Array $remove = [],
) {
# Ensure packages to add are installed
ensure_packages($add, {'ensure' => 'present'})
# Ensure packages to remove are absent
$remove.each |String $package| {
package { $package:
ensure => 'absent',
}
}
}
+35
View File
@@ -0,0 +1,35 @@
# profiles::puppet::agent
# This class manages Puppet agent package and service.
class profiles::puppet::agent (
String $puppet_version = 'latest',
) {
# Ensure the puppet-agent package is installed and locked to a specific version
package { 'puppet-agent':
ensure => $puppet_version,
}
# if puppet-version is anything other than latest, set a versionlock
$puppet_versionlock_ensure = $puppet_version ? {
'latest' => 'absent',
default => 'present',
}
$puppet_versionlock_version = $puppet_version ? {
'latest' => undef,
default => $puppet_version,
}
yum::versionlock{'puppet-agent':
ensure => $puppet_versionlock_ensure,
version => $puppet_versionlock_version,
}
# Ensure the puppet service is running
service { 'puppet':
ensure => 'running',
enable => true,
hasrestart => true,
require => Package['puppet-agent'],
}
}
+1 -38
View File
@@ -1,15 +1,6 @@
# Class: profiles::puppet::client
#
# This class manages Puppet client configuration and service.
#
# Parameters:
# vardir - Directory path for variable data.
# logdir - Directory path for logs.
# rundir - Directory path for run-time data.
# pidfile - File path for the PID file.
# codedir - Directory path for code data.
# dns_alt_names - Array of alternate DNS names for the server.
# server - Server's name.
# This class manages Puppet client configuration.
#
# site/profile/manifests/puppet/client.pp
class profiles::puppet::client (
@@ -21,36 +12,8 @@ class profiles::puppet::client (
Integer $runtimeout = 3600,
Boolean $show_diff = true,
Boolean $usecacheonfailure = false,
String $puppet_version = 'latest',
) {
# Ensure the puppet-agent package is installed and locked to a specific version
package { 'puppet-agent':
ensure => $puppet_version,
}
# if puppet-version is anything other than latest, set a versionlock
$puppet_versionlock_ensure = $puppet_version ? {
'latest' => 'absent',
default => 'present',
}
$puppet_versionlock_version = $puppet_version ? {
'latest' => undef,
default => $puppet_version,
}
yum::versionlock{'puppet-agent':
ensure => $puppet_versionlock_ensure,
version => $puppet_versionlock_version,
}
# Ensure the puppet service is running
service { 'puppet':
ensure => 'running',
enable => true,
hasrestart => true,
require => Package['puppet-agent'],
}
# Assuming you want to manage puppet.conf with this profile
file { '/etc/puppetlabs/puppet/puppet.conf':
ensure => 'present',
@@ -1,5 +1,7 @@
# setup the autosyncer
class profiles::reposync::autosyncer {
class profiles::reposync::autosyncer (
Stdlib::Absolutepath $basepath = '/data/repos',
) {
# Ensure the autosyncer script is present and executable
file { '/usr/local/bin/autosyncer':
+14 -8
View File
@@ -4,26 +4,32 @@ define profiles::reposync::repos (
String $description,
String $osname,
String $release,
Stdlib::HTTPUrl $baseurl,
Stdlib::HTTPUrl $gpgkey,
String $arch = 'x86_64',
String $repo_owner = 'root',
String $repo_group = 'root',
Stdlib::Absolutepath $basepath = '/data/repos',
Optional[Stdlib::HTTPUrl] $baseurl = undef,
Optional[Stdlib::HTTPUrl] $mirrorlist = undef,
){
if ($mirrorlist == undef and $baseurl == undef) or ($mirrorlist != undef and $baseurl != undef) {
fail('profiles::reposync::repos must have either mirrorlist or baseurl set, but not both')
}
$repos_name = downcase("${osname}-${release}-${repository}-${arch}")
$conf_file = "/etc/reposync/conf.d/${repos_name}.conf"
# Create the repository configuration
yumrepo { $repos_name:
ensure => 'present',
descr => $description,
baseurl => $baseurl,
gpgkey => $gpgkey,
target => '/etc/yum.repos.d/reposync.repo',
enabled => 0,
gpgcheck => 1,
ensure => 'present',
descr => $description,
baseurl => $baseurl,
mirrorlist => $mirrorlist,
gpgkey => $gpgkey,
target => '/etc/yum.repos.d/reposync.repo',
enabled => 0,
gpgcheck => 1,
}
# Ensure the repo dest path exists
@@ -30,6 +30,15 @@ class profiles::reposync::webserver (
}
}
# export cnames for webserver
profiles::dns::record { "${::facts['networking']['fqdn']}_repos.main.unkin.net_CNAME":
value => $::facts['networking']['hostname'],
type => 'CNAME',
record => 'repos.main.unkin.net.',
zone => $::facts['networking']['domain'],
order => 10,
}
if $selinux {
# include packages that are required
@@ -0,0 +1,18 @@
# profiles::yum::autoupdater
#
# manage automatic updates for dnf
#
class profiles::yum::autoupdater (
String $on_calendar = '*-*-* 05:00:00',
Integer $randomized_delay_sec = 1800,
Boolean $enabled = true,
) {
# Ensure the timer is enabled and running
systemd::timer { 'dnf-autoupdate.timer':
timer_content => template('profiles/yum/autoupdate_timer.erb'),
service_content => template('profiles/yum/autoupdate_service.erb'),
active => true,
enable => true,
}
}
+4
View File
@@ -86,4 +86,8 @@ class profiles::yum::global (
class { 'profiles::yum::puppet7':
managed_repos => $managed_repos,
}
# setup dnf-autoupdate
include profiles::yum::autoupdater
}