├── README.md └── freebsd.pp /README.md: -------------------------------------------------------------------------------- 1 | # Puppet Standalone Recipes 2 | 3 | ## FreeBSD Recipe 4 | 5 | ### Install Steps 6 | 7 | Dependencies 8 | 9 | pkg_add -r bash 10 | 11 | Installing and Configuring RVM 12 | 13 | curl -L https://get.rvm.io | bash -s stable 14 | 15 | rvm install 1.8.7 16 | 17 | rvm gemset create base18 18 | 19 | rvm gemset use base18 20 | 21 | Installing Puppet 22 | 23 | gem install puppet 24 | 25 | Configuring FreeBSD recipe 26 | 27 | Edit `freebsd.pp` and change settings to match your needs. Don't forget to generate a new password to use in password field. 28 | 29 | openssl passwd -1 changepass 30 | 31 | Finally, run it: 32 | 33 | puppet freebsd.pp 34 | -------------------------------------------------------------------------------- /freebsd.pp: -------------------------------------------------------------------------------- 1 | # FreeBSD Puppet standalone recipe 2 | # Francisco Cabrita : francisco.cabrita@gmail.com 3 | # 18/Jun/2012 4 | 5 | # TODO: Configure environment variables 6 | # TODO: Configure SSHD KEYS 7 | # TODO: Configure sysctls 8 | 9 | # CHANGE THIS VARIABLES TO MATCH YOU NEEDS 10 | 11 | $fbsd::username = 'include' 12 | $fbsd::password = '$1$KnukxEEq$k/btq06o9z.mBTF1MNd8M0' 13 | $fbsd::fullname = 'Francisco Cabrita' 14 | $fbsd::email = 'francisco.cabrita@gmail.com' 15 | $fbsd::mydomain = 'jailaxy.com' 16 | $fbsd::ip = $::ipaddress_em0 17 | $fbsd::dns = '8.8.8.8' 18 | 19 | $fbsd::dotfiles_repo = 'https://github.com/include/dotfiles.git' 20 | 21 | ## 22 | # YOU! 23 | class users { 24 | 25 | @group { 'puppet': ensure => present } 26 | 27 | realize Group['puppet'] 28 | 29 | @user { $fbsd::username: 30 | ensure => present, 31 | comment => $fbsd::fullname, 32 | shell => '/usr/local/bin/bash', 33 | home => "/home/${fbsd::username}", 34 | password => $fbsd::password, 35 | managehome => true, 36 | groups => [ 'wheel' ] 37 | } 38 | 39 | realize User[$fbsd::username] 40 | } 41 | 42 | 43 | ## 44 | # BSD packages 45 | class packages { 46 | package { [ 'curl', 47 | 'bash', 48 | 'vim-lite', 49 | 'git', 50 | 'portaudit', 51 | 'portmaster', 52 | 'tmux', 53 | 'augeas' ]: 54 | ensure => installed, 55 | provider => freebsd 56 | } 57 | } 58 | 59 | 60 | ## 61 | # BSD Services 62 | class services { 63 | 64 | exec { 'bindssh': 65 | command => "sed -i -e 's/#ListenAddress 0.0.0.0/ListenAddress ${fbsd::ip}/' /etc/ssh/sshd_config", 66 | path => [ '/usr/bin' ] 67 | } 68 | 69 | if $::is_virtual == true { 70 | $services = [ 'sshd' ] 71 | } 72 | else { 73 | $services = [ 'ntpdate', 'sshd' ] 74 | } 75 | 76 | service { $::services: 77 | ensure => running, 78 | enable => true 79 | } 80 | } 81 | 82 | 83 | ## 84 | # Core puppet environment 85 | class puppetenv { 86 | 87 | $puppet_dirs = [ '/var/lib/puppet', 88 | '/var/lib/puppet/facts', 89 | '/var/lib/puppet/client_data', 90 | '/var/lib/puppet/run', 91 | '/var/lib/puppet/state', 92 | '/var/lib/puppet/state/graphs', 93 | '/var/lib/puppet/client_yaml', 94 | '/var/lib/puppet/lib', 95 | '/var/lib/puppet/clientbucket', 96 | '/var/lib/puppet/log', 97 | '/var/lib/puppet/rrd' ] 98 | 99 | file { $::puppet_dirs: 100 | ensure => directory, 101 | owner => 'root', 102 | group => 'puppet', 103 | mode => '0750' 104 | } 105 | } 106 | 107 | 108 | ## 109 | # Base node settings 110 | class base { 111 | include puppetenv 112 | 113 | file { '/etc/resolv.conf': 114 | content => "nameserver ${fbsd::dns}" } 115 | 116 | host { 'localhost': 117 | ensure => present, 118 | ip => '127.0.0.1', 119 | host_aliases => ['localhost'], 120 | target => '/etc/hosts' 121 | } 122 | host { $::hostname: 123 | ensure => present, 124 | ip => $fbsd::ip, 125 | host_aliases => [$::hostname], 126 | target => '/etc/hosts' 127 | } 128 | host { 'services': 129 | ensure => present, 130 | ip => '192.168.10.20', 131 | host_aliases => ["services.${fbsd::mydomain}"], 132 | target => '/etc/hosts' 133 | } 134 | host { 'proxy': 135 | ensure => present, 136 | ip => '192.168.10.31', 137 | host_aliases => ["proxy.${fbsd::mydomain}"], 138 | target => '/etc/hosts' 139 | } 140 | 141 | exec { 'gitclonedotfiles': 142 | command => "git clone ${fbsd::dotfiles_repo} /${::id}/dotfiles", 143 | cwd => "/${::id}/", 144 | creates => "/${::id}/dotfiles", 145 | path => [ '/usr/local/bin' ], 146 | require => Package['git'] 147 | } 148 | 149 | exec { 'linkdotfiles': 150 | command => "/${::id}/dotfiles/makelinks.sh", 151 | #cwd => "/${id}/dotfiles", 152 | require => Exec['gitclonedotfiles'] 153 | } 154 | } 155 | 156 | 157 | ## 158 | # TBD - Jail settings 159 | class jail { 160 | notify {'Info: HI CAN HAZ JAIL!': } 161 | } 162 | 163 | 164 | ## 165 | # Set MOTD 166 | class bsd::conf::motd { 167 | 168 | file { 'motd': 169 | ensure => file, 170 | path => '/etc/motd', 171 | mode => '0644', 172 | content => "Welcome to ${::operatingsystem} ${::operatingsystemrelease} \n\n" } 173 | } 174 | 175 | 176 | ## 177 | # Set localtime 178 | class bsd::conf::localtime { 179 | 180 | file { '/etc/localtime': 181 | ensure => link, 182 | source => 'file:///usr/share/zoneinfo/Europe/Lisbon' } 183 | } 184 | 185 | 186 | ## 187 | # BSD specific class 188 | class bsd { 189 | include base 190 | include users 191 | include packages 192 | include services 193 | include bsd::conf::motd 194 | include bsd::conf::localtime 195 | 196 | case $::virtual { 197 | /jail/: { include jail } 198 | default: { fail('HAZ NO JAILS') } 199 | } 200 | } 201 | 202 | 203 | # default node rule 204 | node default { 205 | case $::operatingsystem { 206 | /FreeBSD/: { include bsd } 207 | default: { fail("Unrecognized operating system: ${::operatingsystem}") } 208 | } 209 | } 210 | --------------------------------------------------------------------------------