├── dist ├── role │ ├── .gitignore │ ├── spec │ │ ├── spec_helper.rb │ │ └── classes │ │ │ └── init_spec.rb │ ├── manifests │ │ ├── dns.pp │ │ ├── tftp.pp │ │ ├── dhcp.pp │ │ ├── webserver.pp │ │ ├── yumrepo.pp │ │ ├── kickstart.pp │ │ ├── puppet.pp │ │ ├── phpmyadmin.pp │ │ ├── mysql_server.pp │ │ └── build.pp │ ├── metadata.json │ ├── tests │ │ └── init.pp │ ├── Rakefile │ └── README.md └── profile │ ├── .rspec │ ├── .gitignore │ ├── spec │ ├── fixtures │ │ ├── hieradata │ │ │ ├── build.yaml │ │ │ ├── tftp.yaml │ │ │ ├── puppet.example.com.yaml │ │ │ ├── phpmyadmin.yaml │ │ │ ├── dns.yaml │ │ │ ├── yum.yaml │ │ │ ├── dhcp.yaml │ │ │ ├── mysql.yaml │ │ │ └── default.yaml │ │ └── hiera.yaml │ ├── classes │ │ ├── rcfiles │ │ │ ├── bash_spec.rb │ │ │ └── vim_spec.rb │ │ ├── linuxfw │ │ │ ├── linuxfw_post_spec.rb │ │ │ └── linuxfw_pre_spec.rb │ │ ├── dns_spec.rb │ │ ├── linuxfw_spec.rb │ │ ├── mysql │ │ │ ├── mysql_client_spec.rb │ │ │ └── mysql_server_spec.rb │ │ ├── apache_spec.rb │ │ ├── build_spec.rb │ │ ├── kickstart_spec.rb │ │ ├── yumrepo_spec.rb │ │ ├── dhcp_spec.rb │ │ ├── tftp_spec.rb │ │ ├── puppetdb_spec.rb │ │ ├── base_spec.rb │ │ ├── phpmyadmin_spec.rb │ │ └── puppet_master_spec.rb │ ├── spec_helper.rb │ └── unit │ │ └── facter │ │ └── puppet_role_spec.rb │ ├── manifests │ ├── mysql │ │ ├── client.pp │ │ └── server.pp │ ├── apache.pp │ ├── puppetdb.pp │ ├── linuxfw │ │ ├── post.pp │ │ └── pre.pp │ ├── tftp.pp │ ├── linuxfw.pp │ ├── rcfiles │ │ ├── bash.pp │ │ └── vim.pp │ ├── yumrepo.pp │ ├── dns.pp │ ├── build.pp │ ├── dhcp.pp │ ├── puppet_master.pp │ ├── kickstart.pp │ ├── base.pp │ └── phpmyadmin.pp │ ├── templates │ ├── kickstart │ │ └── clear_firewall.erb │ └── phpmyadmin │ │ └── config.inc.php.erb │ ├── tests │ └── init.pp │ ├── lib │ └── facter │ │ └── puppet_role.rb │ ├── metadata.json │ ├── .fixtures.yml │ ├── Rakefile │ ├── files │ └── bashrc.puppet │ ├── README.md │ └── .rubocop.yml ├── hiera ├── environment │ └── production.yaml ├── clientcert │ └── puppet.example.yaml ├── puppet_role │ ├── tftp.yaml │ ├── kickstart.yaml │ ├── server.yaml │ ├── build.yaml │ ├── phpmyadmin.yaml │ ├── yumrepo.yaml │ ├── dhcp.yaml │ ├── dns.yaml │ ├── puppet.yaml │ └── mysql.yaml └── global.yaml ├── environment.conf ├── hosts_remove.pp ├── manifests └── site.pp ├── .gitignore ├── hosts_add.pp ├── hiera.yaml ├── hiera.pp ├── master.pp ├── .travis.yml ├── r10k_installation.pp ├── Gemfile ├── puppet.conf ├── bootstrap.sh ├── README.md └── Puppetfile /dist/role/.gitignore: -------------------------------------------------------------------------------- 1 | spec/fixtures/ 2 | -------------------------------------------------------------------------------- /dist/profile/.rspec: -------------------------------------------------------------------------------- 1 | --format documentation 2 | --color 3 | -------------------------------------------------------------------------------- /hiera/environment/production.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | key: value 3 | -------------------------------------------------------------------------------- /environment.conf: -------------------------------------------------------------------------------- 1 | modulepath = dist:modules:$basemodulepath 2 | -------------------------------------------------------------------------------- /hiera/clientcert/puppet.example.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | key: value 3 | -------------------------------------------------------------------------------- /dist/profile/.gitignore: -------------------------------------------------------------------------------- 1 | /spec/fixtures/* 2 | !/spec/fixtures/hiera* 3 | -------------------------------------------------------------------------------- /hiera/puppet_role/tftp.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | - '::role::tftp' 4 | -------------------------------------------------------------------------------- /hiera/puppet_role/kickstart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | role::kickstart 4 | -------------------------------------------------------------------------------- /hiera/puppet_role/server.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | - '::role::webserver' 4 | -------------------------------------------------------------------------------- /dist/role/spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require 'puppetlabs_spec_helper/module_spec_helper' 2 | -------------------------------------------------------------------------------- /hosts_remove.pp: -------------------------------------------------------------------------------- 1 | host { 'puppet.example.com': 2 | ensure => 'absent', 3 | } 4 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hieradata/build.yaml: -------------------------------------------------------------------------------- 1 | profile::build::gems: 2 | test: 3 | ensure: present 4 | -------------------------------------------------------------------------------- /manifests/site.pp: -------------------------------------------------------------------------------- 1 | Package { 2 | allow_virtual => true, 3 | } 4 | 5 | node default { 6 | hiera_include('classes', []) 7 | } 8 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hieradata/tftp.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | tftp::files: 3 | pxelinux.0: 4 | source: puppet://modules/test/pxelinux.0 5 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .*.sw? 2 | /pkg 3 | /spec/fixtures 4 | /.rspec_system 5 | /.vagrant 6 | /.bundle 7 | /vendor 8 | /Gemfile.lock 9 | /junit 10 | /log 11 | .yardoc 12 | coverage 13 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hiera.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | :backends: 3 | - yaml 4 | :yaml: 5 | :datadir: './spec/fixtures/hieradata' 6 | :hierarchy: 7 | - '%{::clientcert}' 8 | - 'default' 9 | -------------------------------------------------------------------------------- /hiera/puppet_role/build.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | - '::role::build' 4 | profile::build::rvm_version: 'ruby-1.9.3-p551' 5 | profile::build::gems: 6 | fpm: 7 | ensure: '1.3.3' 8 | -------------------------------------------------------------------------------- /hosts_add.pp: -------------------------------------------------------------------------------- 1 | host { 'puppet.example.com': 2 | ensure => 'present', 3 | host_aliases => ['puppet'], 4 | ip => '10.0.1.5', 5 | target => '/etc/hosts', 6 | } 7 | -------------------------------------------------------------------------------- /dist/role/spec/classes/init_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'role' do 3 | 4 | context 'with defaults for all parameters' do 5 | it { should contain_class('role') } 6 | end 7 | end 8 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hieradata/puppet.example.com.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | puppet::server: true 3 | puppet::dns_alt_names: 4 | - 'puppet' 5 | puppet::puppetdb_server: 'puppet.example.com' 6 | puppet::puppetdb: true 7 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hieradata/phpmyadmin.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | profile::phpmyadmin::cname: 'phpmyadmin.example.com' 3 | profile::phpmyadmin::servers: 4 | test: 5 | host: '1.2.3.4' 6 | user: 'phpMyAdmin' 7 | pass: 'password' 8 | -------------------------------------------------------------------------------- /hiera.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | :backends: 3 | - yaml 4 | :hierarchy: 5 | - clientcert/%{clientcert} 6 | - puppet_role/%{puppet_role} 7 | - global 8 | 9 | :yaml: 10 | :datadir: /etc/puppetlabs/code//environments/%{environment}/hiera 11 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hieradata/dns.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | bind_server_confs: 3 | '/etc/named.conf': 4 | listen_on_addr: 5 | - '127.0.0.1' 6 | allow_query: 7 | - 'localhost' 8 | bind_server_files: 9 | 'named.test': 10 | source: 'name.test' 11 | -------------------------------------------------------------------------------- /hiera.pp: -------------------------------------------------------------------------------- 1 | Package { 2 | allow_virtual => true, 3 | } 4 | 5 | class {'hiera': 6 | hierarchy => [ 7 | 'clientcert/%{clientcert}', 8 | 'puppet_role/%{puppet_role}', 9 | 'global', 10 | ], 11 | datadir => '/etc/puppetlabs/code/environments/%{::environment}/hiera', 12 | } 13 | -------------------------------------------------------------------------------- /dist/profile/manifests/mysql/client.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::mysql::client 2 | # 3 | # MySQL client application 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::mysql::client { 14 | include ::mysql::client 15 | } 16 | -------------------------------------------------------------------------------- /hiera/puppet_role/phpmyadmin.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | - '::role::phpmyadmin' 4 | profile::phpmyadmin::serveradmin : 'root@example.com' 5 | profile::phpmyadmin::docroot : '/usr/share/phpMyAdmin/' 6 | profile::phpmyadmin::servers: 7 | mysql: 8 | host : '10.0.1.40' 9 | user : 'phpMyAdmin' 10 | pass : 'password' 11 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hieradata/yum.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | profile::yumrepo::repodirs: 3 | - '/repodir' 4 | - '/cachedir' 5 | profile::yumrepo::repos: 6 | 'testrepo': 7 | repository_dir : '/repodir/testrepo' 8 | repo_cache_dir : '/cachedir/testrepo' 9 | repo_group : 'root' 10 | suppress_cron_stdout : true 11 | -------------------------------------------------------------------------------- /dist/role/manifests/dns.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::dns 2 | # 3 | # DNS Service role 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class role::dns { 14 | include profile::base # All roles should have the base profile 15 | include profile::dns 16 | } 17 | -------------------------------------------------------------------------------- /dist/role/manifests/tftp.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::tftp 2 | # 3 | # TFTP Service 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class role::tftp { 14 | include profile::base # All roles should have the base profile 15 | include profile::tftp 16 | } 17 | -------------------------------------------------------------------------------- /dist/role/manifests/dhcp.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::dhcp 2 | # 3 | # DHCP Service role 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class role::dhcp { 14 | include profile::base # All roles should have the base profile 15 | include profile::dhcp 16 | } 17 | -------------------------------------------------------------------------------- /dist/role/manifests/webserver.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::webserver 2 | # 3 | # Webserver role 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class role::webserver { 14 | include profile::base # All roles should have the base profile 15 | include profile::apache 16 | } 17 | -------------------------------------------------------------------------------- /dist/role/manifests/yumrepo.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::yumrepo 2 | # 3 | # Yum repo Server role 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class role::yumrepo { 14 | include profile::base # All roles should have the base profile 15 | include profile::yumrepo 16 | } 17 | -------------------------------------------------------------------------------- /dist/profile/templates/kickstart/clear_firewall.erb: -------------------------------------------------------------------------------- 1 | # Flush the firewall rules out and disable firewalld 2 | systemctl disable firewalld 3 | systemctl stop firewalld 4 | yum -y install iptables-services 5 | systemctl start iptables 6 | systemctl enable iptables 7 | iptables -F 8 | iptables -X 9 | /usr/libexec/iptables/iptables.init save 10 | systemctl restart iptables 11 | -------------------------------------------------------------------------------- /dist/role/manifests/kickstart.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::kickstart 2 | # 3 | # Kickstart service role 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2016 Rob Nelson 12 | # 13 | class role::kickstart { 14 | include profile::base # All roles should have the base profile 15 | include profile::kickstart 16 | } 17 | -------------------------------------------------------------------------------- /dist/role/manifests/puppet.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::puppet 2 | # 3 | # Puppet Master role 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class role::puppet { 14 | include profile::base # All roles should have the base profile 15 | include profile::puppet_master 16 | include profile::puppetdb 17 | } 18 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/rcfiles/bash_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::rcfiles::bash', :type => :class do 3 | context 'with defaults for all parameters' do 4 | it { is_expected.to create_class('profile::rcfiles::bash') } 5 | 6 | it { is_expected.to create_file('/etc/bashrc.puppet') } 7 | it { is_expected.to create_file_line('bashrc_skel_puppet_source') } 8 | end 9 | end 10 | -------------------------------------------------------------------------------- /dist/role/manifests/phpmyadmin.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::phpmyadmin 2 | # 3 | # phpMyAdmin Server role 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class role::phpmyadmin { 14 | include profile::base # All roles should have the base profile 15 | include profile::apache 16 | include profile::phpmyadmin 17 | } 18 | -------------------------------------------------------------------------------- /hiera/puppet_role/yumrepo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | - '::role::yumrepo' 4 | profile::yumrepo::repodirs: 5 | - '/var/www/html/puppetrepo' 6 | - '/var/cache/puppetrepo' 7 | profile::yumrepo::repos: 8 | 'el7': 9 | repository_dir : '/var/www/html/puppetrepo/el7' 10 | repo_cache_dir : '/var/cache/puppetrepo/el7' 11 | repo_group : 'wheel' 12 | suppress_cron_stdout : true 13 | -------------------------------------------------------------------------------- /dist/profile/manifests/apache.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::apache 2 | # 3 | # Apache profile 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::apache { 14 | include ::apache 15 | 16 | firewall { '100 HTTP inbound': 17 | dport => 80, 18 | proto => tcp, 19 | action => accept, 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hieradata/dhcp.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | dhcp_server_subnets: 3 | '10.0.1.0': 4 | broadcast : '10.0.1.255' 5 | netmask : '255.255.255.0' 6 | routers : '10.0.1.1' 7 | range_begin : '10.0.1.100' 8 | range_end : '10.0.1.150' 9 | dns_servers : 10 | - '10.0.1.1' 11 | dhcp_server_hosts: 12 | sample: 13 | address: 10.0.1.254 14 | hwaddress: 00:00:00:00:00:0a 15 | -------------------------------------------------------------------------------- /dist/role/manifests/mysql_server.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::mysql_server 2 | # 3 | # MySQL Server role 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class role::mysql_server { 14 | include profile::base # All roles should have the base profile 15 | include profile::mysql::server 16 | include profile::mysql::client 17 | } 18 | -------------------------------------------------------------------------------- /master.pp: -------------------------------------------------------------------------------- 1 | Package { 2 | allow_virtual => true, 3 | } 4 | 5 | include ::epel 6 | Yumrepo<| |> -> Package <| |> 7 | 8 | class { '::puppet': 9 | server => true, 10 | server_version => latest, 11 | dns_alt_names => [ 12 | 'puppet', 13 | ], 14 | puppetdb_server => 'puppet.example.com', 15 | manage_puppetdb => false, 16 | manage_hiera => false, 17 | firewall => true, 18 | runmode => service, 19 | } 20 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sudo: false 3 | cache: bundler 4 | language: ruby 5 | branches: 6 | only: 7 | production 8 | bundler_args: --without development system_tests 9 | script: "cd dist/profile && bundle exec rake test" 10 | notifications: 11 | email: false 12 | rvm: 13 | - 1.9.3 14 | - 2.1.0 15 | env: 16 | - PUPPET_GEM_VERSION="~> 3.0" STRICT_VARIABLES=yes FUTURE_PARSER=yes 17 | - PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES=yes 18 | -------------------------------------------------------------------------------- /dist/role/manifests/build.pp: -------------------------------------------------------------------------------- 1 | # == Class: role::build 2 | # 3 | # Role for nodes providing the service 'build' 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class role::build { 14 | include ::profile::base # All roles should have the base profile 15 | include ::profile::build 16 | include ::profile::rcfiles::vim 17 | include ::profile::rcfiles::bash 18 | } 19 | -------------------------------------------------------------------------------- /dist/profile/manifests/puppetdb.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::puppetdb 2 | # 3 | # PuppetDB profile 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::puppetdb { 14 | include ::puppetdb 15 | include ::puppetdb::master::config 16 | 17 | firewall {'100 PuppetDB Dashboard': 18 | dport => 8080, 19 | proto => tcp, 20 | action => accept, 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /dist/profile/manifests/linuxfw/post.pp: -------------------------------------------------------------------------------- 1 | # == Class: linuxfw::post.pp 2 | class profile::linuxfw::post { 3 | firewall { '998 input reject': 4 | proto => 'all', 5 | action => 'reject', 6 | reject => 'icmp-host-prohibited', 7 | before => undef, 8 | } 9 | firewall { '999 forward reject': 10 | proto => 'all', 11 | chain => 'FORWARD', 12 | action => 'reject', 13 | reject => 'icmp-host-prohibited', 14 | before => undef, 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/linuxfw/linuxfw_post_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::linuxfw::post', :type => :class do 3 | let :facts do 4 | { 5 | :kernel => 'Linux', 6 | } 7 | end 8 | 9 | context 'with defaults for all parameters' do 10 | it { is_expected.to create_class('profile::linuxfw::post') } 11 | it { is_expected.to contain_firewall('998 input reject') } 12 | it { is_expected.to contain_firewall('999 forward reject') } 13 | end 14 | end 15 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/dns_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::dns', :type => :class do 3 | let :facts do 4 | { 5 | :clientcert => 'dns', 6 | } 7 | end 8 | 9 | context 'with defaults for all parameters' do 10 | it { is_expected.to create_class('profile::dns') } 11 | it { is_expected.to contain_package('bind') } 12 | it { is_expected.to contain_bind__server__conf('/etc/named.conf') } 13 | it { is_expected.to contain_bind__server__file('named.test') } 14 | end 15 | end 16 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/linuxfw_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::linuxfw', :type => :class do 3 | let :facts do 4 | { 5 | :kernel => 'Linux', 6 | } 7 | end 8 | 9 | context 'with defaults for all parameters' do 10 | it { is_expected.to create_class('profile::linuxfw') } 11 | it { is_expected.to contain_class('profile::linuxfw::pre') } 12 | it { is_expected.to contain_class('profile::linuxfw::post') } 13 | it { is_expected.to contain_class('firewall') } 14 | end 15 | end 16 | -------------------------------------------------------------------------------- /dist/role/metadata.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "puppetinabox-role", 3 | "version": "1.0.0", 4 | "author": "rnelson0", 5 | "summary": "Role module for roles and profiles", 6 | "license": "Apache 2.0", 7 | "source": "https://github.com/puppetinabox/role", 8 | "issues_url": "https://github.com/puppetinabox/role/issues", 9 | "project_page": "https://github.com/puppetinabox/role", 10 | "dependencies": [ 11 | { 12 | "name": "puppetlabs-stdlib", 13 | "version_range": ">= 1.0.0" 14 | } 15 | ] 16 | } 17 | 18 | -------------------------------------------------------------------------------- /dist/profile/manifests/tftp.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::tftp 2 | # 3 | # TFTP service 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::tftp { 14 | include ::tftp 15 | 16 | $tftp_files = hiera_hash('tftp::files', undef) 17 | if ($tftp_files) { 18 | create_resources('tftp::file', $tftp_files) 19 | } 20 | 21 | firewall { '100 tftp requests': 22 | dport => 69, 23 | proto => udp, 24 | action => accept, 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/mysql/mysql_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::mysql::client', :type => :class do 3 | let :facts do 4 | { 5 | :osfamily => 'RedHat', 6 | :operatingsystem => 'RedHat', 7 | :operatingsystemrelease => '7.2', 8 | :operatingsystemmajrelease => '7', 9 | } 10 | end 11 | 12 | context 'with defaults for all parameters' do 13 | it { is_expected.to create_class('profile::mysql::client') } 14 | it { is_expected.to contain_class('mysql::client') } 15 | end 16 | end 17 | -------------------------------------------------------------------------------- /dist/role/tests/init.pp: -------------------------------------------------------------------------------- 1 | # The baseline for module testing used by Puppet Labs is that each manifest 2 | # should have a corresponding test manifest that declares that class or defined 3 | # type. 4 | # 5 | # Tests are then run by using puppet apply --noop (to check for compilation 6 | # errors and view a log of events) or by fully applying the test in a virtual 7 | # environment (to compare the resulting system state to the desired state). 8 | # 9 | # Learn more about module testing here: 10 | # http://docs.puppetlabs.com/guides/tests_smoke.html 11 | # 12 | include role 13 | -------------------------------------------------------------------------------- /dist/profile/spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require 'puppetlabs_spec_helper/module_spec_helper' 2 | require 'rspec-puppet-facts' 3 | 4 | include RspecPuppetFacts 5 | 6 | require 'simplecov' 7 | require 'simplecov-console' 8 | 9 | SimpleCov.start do 10 | add_filter '/spec' 11 | add_filter '/vendor' 12 | formatter SimpleCov::Formatter::MultiFormatter[ 13 | SimpleCov::Formatter::HTMLFormatter, 14 | SimpleCov::Formatter::Console 15 | ] 16 | end 17 | 18 | RSpec.configure do |c| 19 | c.hiera_config = File.expand_path(File.join(__FILE__, '../fixtures/hiera.yaml')) 20 | end 21 | -------------------------------------------------------------------------------- /hiera/puppet_role/dhcp.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | - '::role::dhcp' 4 | dhcp_server_subnets: 5 | '10.0.1.0': 6 | broadcast : '10.0.1.255' 7 | netmask : '255.255.255.0' 8 | routers : '10.0.1.1' 9 | range_begin : '10.0.1.100' 10 | range_end : '10.0.1.150' 11 | dns_servers : 12 | - '10.0.1.253' 13 | domain_name : 'example.com' 14 | other_opts : 15 | - 'option ntp-servers 10.0.1.1' 16 | - 'next-server 10.0.1.251' 17 | dhcp_server_hosts: 18 | www: 19 | address: 10.0.1.20 20 | hwaddress: 00:00:00:9a:1d:3f 21 | -------------------------------------------------------------------------------- /dist/profile/tests/init.pp: -------------------------------------------------------------------------------- 1 | # The baseline for module testing used by Puppet Labs is that each manifest 2 | # should have a corresponding test manifest that declares that class or defined 3 | # type. 4 | # 5 | # Tests are then run by using puppet apply --noop (to check for compilation 6 | # errors and view a log of events) or by fully applying the test in a virtual 7 | # environment (to compare the resulting system state to the desired state). 8 | # 9 | # Learn more about module testing here: 10 | # http://docs.puppetlabs.com/guides/tests_smoke.html 11 | # 12 | include ::profile::base 13 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/rcfiles/vim_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::rcfiles::vim', :type => :class do 3 | context 'with defaults for all parameters' do 4 | it { is_expected.to create_class('profile::rcfiles::vim') } 5 | 6 | it { is_expected.to contain_package('vim-enhanced') } 7 | it { is_expected.to contain_vcsrepo('/usr/share/vim/puppet') } 8 | it { is_expected.to contain_file_line('vimrc_runtimepath') } 9 | it { is_expected.to contain_file_line('vimrc_indent') } 10 | it { is_expected.to contain_file_line('vimrc_shiftwidth') } 11 | end 12 | end 13 | -------------------------------------------------------------------------------- /dist/profile/manifests/linuxfw.pp: -------------------------------------------------------------------------------- 1 | # == Class: linuxfw 2 | # 3 | # Base linux firewall policy 4 | # 5 | # === Examples 6 | # 7 | # include linuxfw 8 | # 9 | # === Authors 10 | # 11 | # Rob Nelson 12 | # 13 | # === Copyright 14 | # 15 | # Copyright 2015 Rob Nelson 16 | # 17 | class profile::linuxfw { 18 | resources { 'firewall': 19 | purge => true, 20 | } 21 | 22 | Firewall { 23 | before => Class['profile::linuxfw::post'], 24 | require => Class['profile::linuxfw::pre'], 25 | } 26 | 27 | include ::profile::linuxfw::pre, ::profile::linuxfw::post 28 | 29 | include ::firewall 30 | } 31 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/linuxfw/linuxfw_pre_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::linuxfw::pre', :type => :class do 3 | let :facts do 4 | { 5 | :kernel => 'Linux', 6 | } 7 | end 8 | 9 | context 'with defaults for all parameters' do 10 | it { is_expected.to create_class('profile::linuxfw::pre') } 11 | it { is_expected.to contain_firewall('000 accept related established rules') } 12 | it { is_expected.to contain_firewall('001 accept all icmp') } 13 | it { is_expected.to contain_firewall('002 accept all to lo interface') } 14 | it { is_expected.to contain_firewall('003 accept ssh connections') } 15 | end 16 | end 17 | -------------------------------------------------------------------------------- /dist/profile/manifests/rcfiles/bash.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::rcfiles::bash 2 | # 3 | # Bash rcfiles 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::rcfiles::bash { 14 | file { '/etc/bashrc.puppet': 15 | ensure => file, 16 | path => '/etc/bashrc.puppet', 17 | source => 'puppet:///modules/profile/bashrc.puppet', 18 | } 19 | 20 | file_line {'bashrc_skel_puppet_source': 21 | ensure => present, 22 | path => '/etc/skel/.bashrc', 23 | line => '[[ -f /etc/bashrc.puppet ]] && source /etc/bashrc.puppet', 24 | after => '# .bashrc', 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /dist/role/Rakefile: -------------------------------------------------------------------------------- 1 | require 'rubygems' 2 | require 'puppetlabs_spec_helper/rake_tasks' 3 | require 'puppet-lint/tasks/puppet-lint' 4 | PuppetLint.configuration.send('disable_80chars') 5 | PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] 6 | 7 | desc "Validate manifests, templates, and ruby files" 8 | task :validate do 9 | Dir['manifests/**/*.pp'].each do |manifest| 10 | sh "puppet parser validate --noop #{manifest}" 11 | end 12 | Dir['spec/**/*.rb','lib/**/*.rb'].each do |ruby_file| 13 | sh "ruby -c #{ruby_file}" unless ruby_file =~ /spec\/fixtures/ 14 | end 15 | Dir['templates/**/*.erb'].each do |template| 16 | sh "erb -P -x -T '-' #{template} | ruby -c" 17 | end 18 | end 19 | -------------------------------------------------------------------------------- /dist/profile/manifests/yumrepo.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::yumrepo 2 | # 3 | # Create a yum-compatible repo 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::yumrepo ( 14 | $vhost = 'yum.example.com', 15 | $repodirs, 16 | ) { 17 | include ::profile::apache 18 | 19 | file { $repodirs: 20 | ensure => directory, 21 | } 22 | 23 | $yumrepos = hiera_hash('profile::yumrepo::repos', undef) 24 | if ($yumrepos != undef) { 25 | create_resources('::createrepo', $yumrepos, {require => File[$repodirs]} ) 26 | } 27 | 28 | apache::vhost {$vhost: 29 | docroot => '/var/www/html/puppetrepo', 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /dist/profile/lib/facter/puppet_role.rb: -------------------------------------------------------------------------------- 1 | # ((a-z]+)-([a-z]+)[0-9]*, i.e. dur-www01 or chi-logger have a puppet_role of www or logger 2 | Facter.add(:puppet_role) do 3 | confine :hostname do |value| 4 | value =~ /^([a-z]+)-([a-z]+)[0-9]*$/ 5 | end 6 | 7 | setcode { Facter.value(:hostname)[/^([a-z]+)-([a-z]+)[0-9]*$/, 2] } 8 | end 9 | 10 | # ([a-z]+)[0-9]*, i.e. www01 or logger have a puppet_role of www or logger 11 | Facter.add(:puppet_role) do 12 | confine :hostname do |value| 13 | value =~ /^([a-z]+)[0-9]*$/ 14 | end 15 | 16 | setcode { Facter.value(:hostname)[/^([a-z]+)[0-9]*$/, 1] } 17 | end 18 | 19 | # Set to 'default' if no patterns match 20 | Facter.add(:puppet_role) do 21 | setcode { 'default'} 22 | end 23 | -------------------------------------------------------------------------------- /hiera/puppet_role/dns.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | - '::role::dns' 4 | bind_server_confs: 5 | '/etc/named.conf': 6 | listen_on_addr: 7 | - '127.0.0.1' 8 | - '10.0.1.253' 9 | allow_query: 10 | - 'localhost' 11 | - '10.0.1.0/24' 12 | zones: 13 | 1.0.10.in-addr.arpa: 14 | - 'type master' 15 | - 'file "named.1.0.10"' 16 | - 'allow-update { none; }' 17 | example.com: 18 | - 'type master' 19 | - 'file "named.example.com"' 20 | - 'allow-update {none; }' 21 | bind_server_files: 22 | 'named.example.com': 23 | source: 'puppet:///modules/lab_config/dns/example.com' 24 | 'named.1.0.10': 25 | source: 'puppet:///modules/lab_config/dns/1.0.10' 26 | -------------------------------------------------------------------------------- /dist/profile/manifests/linuxfw/pre.pp: -------------------------------------------------------------------------------- 1 | # == Class: linuxfw::pre 2 | class profile::linuxfw::pre { 3 | Firewall { 4 | require => undef, 5 | } 6 | 7 | # Default firewall rules 8 | firewall { '000 accept related established rules': 9 | proto => 'all', 10 | state => ['ESTABLISHED', 'RELATED'], 11 | action => 'accept', 12 | } 13 | firewall { '001 accept all icmp': 14 | proto => 'icmp', 15 | action => 'accept', 16 | }-> 17 | firewall { '002 accept all to lo interface': 18 | proto => 'all', 19 | iniface => 'lo', 20 | action => 'accept', 21 | }-> 22 | firewall { '003 accept ssh connections': 23 | proto => 'tcp', 24 | dport => 22, 25 | state => 'NEW', 26 | action => 'accept', 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /dist/profile/manifests/dns.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::dns 2 | # 3 | # SSH VPN Tunnel 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::dns { 14 | # Named package and configs 15 | include ::bind 16 | $bind_server_confs = hiera_hash('bind_server_confs', undef) 17 | if ($bind_server_confs) { 18 | create_resources('bind::server::conf', $bind_server_confs) 19 | } 20 | $bind_server_files = hiera_hash('bind_server_files', undef) 21 | if ($bind_server_files) { 22 | create_resources('bind::server::file', $bind_server_files) 23 | } 24 | 25 | firewall { '100 DNS lookups': 26 | dport => 53, 27 | proto => udp, 28 | action => accept, 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/apache_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::apache', :type => :class do 3 | let :facts do 4 | { 5 | :id => 'root', 6 | :kernel => 'Linux', 7 | :osfamily => 'RedHat', 8 | :operatingsystem => 'RedHat', 9 | :operatingsystemrelease => '6', 10 | :concat_basedir => '/dne', 11 | :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 12 | } 13 | end 14 | 15 | context 'with defaults for all parameters' do 16 | it { is_expected.to create_class('profile::apache') } 17 | it { is_expected.to contain_package('httpd') } 18 | it { is_expected.to contain_user("apache") } 19 | end 20 | end 21 | -------------------------------------------------------------------------------- /dist/profile/manifests/build.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::build 2 | # 3 | # build profile 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::build ( 14 | $rvm_version = 'ruby-1.9.3-p511', 15 | $gems = {}, 16 | ) { 17 | package {['ruby-devel', 'gcc', 'rpm-build']: 18 | ensure => present, 19 | } 20 | 21 | if ($::is_pe == true) { 22 | # Do nothing yet 23 | } 24 | else { 25 | include ::rvm 26 | rvm_system_ruby{ $rvm_version: 27 | ensure => present, 28 | default_use => true, 29 | } 30 | if ($gems) { 31 | create_resources('rvm_gem', $gems, { 32 | ruby_version => $rvm_version, 33 | require => Rvm_system_ruby[$rvm_version], 34 | }) 35 | } 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /r10k_installation.pp: -------------------------------------------------------------------------------- 1 | Package { 2 | allow_virtual => true, 3 | } 4 | 5 | sshkey { 'github.com': 6 | type => 'ssh-rsa', 7 | key => 'AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==', 8 | } 9 | 10 | class { 'r10k': 11 | version => '2.1.1', 12 | sources => { 13 | 'puppet' => { 14 | 'remote' => 'git@github.com:puppetinabox/controlrepo.git', 15 | 'basedir' => $::settings::environmentpath, 16 | 'prefix' => false, 17 | }, 18 | }, 19 | manage_modulepath => false 20 | } 21 | 22 | -------------------------------------------------------------------------------- /dist/profile/manifests/dhcp.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::dhcp 2 | # 3 | # DHCP service 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::dhcp { 14 | # DHCP service and host reservations 15 | include ::dhcp::server 16 | $dhcp_server_subnets = hiera_hash('dhcp_server_subnets', undef) 17 | if ($dhcp_server_subnets) { 18 | create_resources('dhcp::server::subnet', $dhcp_server_subnets) 19 | } 20 | 21 | $dhcp_server_hosts = hiera_hash('dhcp_server_hosts', undef) 22 | if ($dhcp_server_hosts) { 23 | create_resources('dhcp::server::host', $dhcp_server_hosts) 24 | } 25 | 26 | firewall { '100 dhcp requests': 27 | sport => [67, 68], 28 | dport => [67, 68], 29 | proto => udp, 30 | action => accept, 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/build_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::build' do 3 | let :facts do 4 | { 5 | :clientcert => 'build', 6 | } 7 | end 8 | 9 | context 'with defaults for all parameters' do 10 | let :facts do 11 | super().merge({ 12 | :is_pe => false, 13 | }) 14 | end 15 | 16 | it { should create_class('profile::build') } 17 | it { should contain_class('rvm') } 18 | it { should contain_rvm_system_ruby('ruby-1.9.3-p511') } 19 | it { should contain_rvm_gem('test').with({ 20 | :require => "Rvm_system_ruby[ruby-1.9.3-p511]", 21 | } ) } 22 | end 23 | 24 | context 'using puppet enterprise' do 25 | let :facts do 26 | super().merge({ 27 | :is_pe => true, 28 | }) 29 | end 30 | 31 | it { should_not contain_class('rvm') } 32 | end 33 | end 34 | -------------------------------------------------------------------------------- /dist/profile/templates/phpmyadmin/config.inc.php.erb: -------------------------------------------------------------------------------- 1 | 5 | * Version: $Id: setup.php 9697 2006-11-13 08:32:28Z nijel $ 6 | * Date: Fri, 25 May 2007 09:48:34 GMT 7 | */ 8 | 9 | /* Servers configuration */ 10 | $i = 0; 11 | 12 | <% @servers.each do |hostname,config| %> 13 | $i++; 14 | $cfg['Servers'][$i]['host'] = '<%= config['host'] %>'; 15 | $cfg['Servers'][$i]['extension'] = 'mysqli'; 16 | $cfg['Servers'][$i]['connect_type'] = 'tcp'; 17 | $cfg['Servers'][$i]['compress'] = false; 18 | $cfg['Servers'][$i]['auth_type'] = 'config'; 19 | $cfg['Servers'][$i]['user'] = '<%= config['user'] %>'; 20 | $cfg['Servers'][$i]['password'] = '<%= config['pass'] %>'; 21 | 22 | <% end %> 23 | /* End of servers configuration */ 24 | 25 | ?> 26 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/kickstart_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::kickstart', :type => :class do 3 | let :facts do 4 | { 5 | :id => 'root', 6 | :kernel => 'Linux', 7 | :osfamily => 'RedHat', 8 | :operatingsystem => 'RedHat', 9 | :operatingsystemrelease => '7.2', 10 | :operatingsystemmajrelease => '7', 11 | :concat_basedir => '/dne', 12 | :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 13 | } 14 | end 15 | 16 | context 'with defaults for all parameters' do 17 | it { is_expected.to create_class('profile::kickstart') } 18 | it { is_expected.to contain_class('apache') } 19 | it { is_expected.to contain_community_kickstarts__centos7('/var/www/html/centos7.ks') } 20 | end 21 | end 22 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/yumrepo_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::yumrepo', :type => :class do 3 | let :facts do 4 | { 5 | :clientcert => 'yum', 6 | :id => 'root', 7 | :kernel => 'Linux', 8 | :osfamily => 'RedHat', 9 | :operatingsystem => 'RedHat', 10 | :operatingsystemrelease => '6', 11 | :concat_basedir => '/dne', 12 | :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 13 | } 14 | end 15 | 16 | context 'with defaults for all parameters' do 17 | it { is_expected.to create_class('profile::yumrepo') } 18 | it { is_expected.to contain_file('/repodir') } 19 | it { is_expected.to contain_createrepo('testrepo') } 20 | it { is_expected.to contain_apache__vhost('yum.example.com') } 21 | end 22 | end 23 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/dhcp_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::dhcp', :type => :class do 3 | let :facts do 4 | { 5 | :clientcert => 'dhcp', 6 | :id => 'root', 7 | :kernel => 'Linux', 8 | :osfamily => 'RedHat', 9 | :operatingsystem => 'RedHat', 10 | :operatingsystemrelease => '6', 11 | :concat_basedir => '/dne', 12 | :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 13 | } 14 | end 15 | 16 | context 'with defaults for all parameters' do 17 | it { is_expected.to create_class('profile::dhcp') } 18 | it { is_expected.to contain_package('dhcp') } 19 | it { is_expected.to contain_dhcp__server__subnet('10.0.1.0') } 20 | it { is_expected.to contain_dhcp__server__host('sample') } 21 | end 22 | end 23 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source "https://rubygems.org" 2 | 3 | group :test do 4 | gem "rake" 5 | gem "puppet", ENV['PUPPET_GEM_VERSION'] || '~> 4.0' 6 | gem "rspec", '< 3.2.0' 7 | gem "rspec-puppet" 8 | gem "puppetlabs_spec_helper" 9 | gem "metadata-json-lint" 10 | gem "rspec-puppet-facts" 11 | gem 'rubocop', '0.33.0' 12 | gem 'simplecov' 13 | gem 'simplecov-console' 14 | 15 | gem "puppet-lint-absolute_classname-check" 16 | gem "puppet-lint-leading_zero-check" 17 | gem "puppet-lint-trailing_comma-check" 18 | gem "puppet-lint-version_comparison-check" 19 | gem "puppet-lint-classes_and_types_beginning_with_digits-check" 20 | gem "puppet-lint-unquoted_string-check" 21 | end 22 | 23 | group :development do 24 | gem "travis" 25 | gem "travis-lint" 26 | gem "puppet-blacksmith" 27 | gem "guard-rake" 28 | gem 'generate-puppetfile' 29 | end 30 | 31 | group :system_tests do 32 | gem "beaker" 33 | gem "beaker-rspec" 34 | gem "beaker-puppet_install_helper" 35 | end 36 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hieradata/mysql.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | mysql::server::root_password: 'strongpassword' 3 | mysql::server::users: 4 | 'someuser@localhost': 5 | ensure : 'present' 6 | password_hash : 'SOMETHING' 7 | mysql::server::grants: 8 | 'someuser@localhost/somedb.*': 9 | ensure : 'present' 10 | options : ['GRANT'] 11 | privileges : ['SELECT', 'INSERT', 'UPDATE', 'DELETE'] 12 | table : 'somedb.*' 13 | user : 'someuser@localhost' 14 | mysql::server::databases: 15 | somedb: 16 | ensure : 'present' 17 | charset : 'utf8' 18 | mysql::server::backup::backupuser : 'dbbackup' 19 | mysql::server::backup::backuppassword : 'password' 20 | mysql::server::backup::backupdir : '/data/mysql/backups' 21 | mysql::server::backup::backupcompress : 'true' 22 | mysql::server::backup::backuprotate : 90 23 | mysql::server::backup::file_per_database : 'true' 24 | mysql::server::backup::time : ['*', '00'] 25 | -------------------------------------------------------------------------------- /dist/profile/manifests/puppet_master.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::puppet_master 2 | # 3 | # Puppet Master profile 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::puppet_master { 14 | include ::epel 15 | include ::puppet 16 | include ::hiera 17 | 18 | include ::r10k 19 | include ::r10k::webhook::config 20 | include ::r10k::webhook 21 | Class['r10k::webhook::config'] -> Class['r10k::webhook'] 22 | Package['puppetdb'] -> Service[webhook] 23 | 24 | # Deploy the configuration module on a regular basis 25 | cron {'lab_config deploy': 26 | ensure => present, 27 | command => 'r10k deploy module lab_config', 28 | minute => [0, 15, 30, 45], 29 | } 30 | 31 | # evenup/puppet includes a firewall rule for the puppetserver service 32 | firewall { '110 zack-r10k web hook': 33 | dport => 8088, 34 | proto => tcp, 35 | action => accept, 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/tftp_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::tftp', :type => :class do 3 | let :facts do 4 | { 5 | :clientcert => 'tftp', 6 | :id => 'root', 7 | :kernel => 'Linux', 8 | :osfamily => 'RedHat', 9 | :operatingsystem => 'RedHat', 10 | :operatingsystemrelease => '6', 11 | :concat_basedir => '/dne', 12 | :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 13 | } 14 | end 15 | 16 | context 'with defaults for all parameters' do 17 | it { is_expected.to create_class('profile::tftp') } 18 | it { is_expected.to contain_package('tftpd-hpa') } 19 | it { is_expected.to contain_tftp__file('pxelinux.0')} 20 | it { is_expected.to contain_firewall('100 tftp requests').with({ 21 | :dport => '69', 22 | :proto => 'udp', 23 | :action => 'accept' 24 | } ) } 25 | end 26 | end 27 | -------------------------------------------------------------------------------- /dist/profile/manifests/kickstart.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::kickstart 2 | # 3 | # kickstart webserver and files 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2016 Rob Nelson 12 | # 13 | class profile::kickstart { 14 | include ::apache 15 | 16 | $el7_packages = [ 17 | '@core', 18 | 'ntpdate', 19 | 'ntp', 20 | 'wget', 21 | 'screen', 22 | 'git', 23 | 'perl', 24 | 'openssh-clients', 25 | 'open-vm-tools', 26 | 'man', 27 | 'mlocate', 28 | 'bind-utils', 29 | 'traceroute', 30 | 'mailx', 31 | ] 32 | $post_fragments = [ 33 | 'community_kickstarts/install_puppet.erb', 34 | 'profile/kickstart/clear_firewall.erb', 35 | ] 36 | 37 | ::community_kickstarts::centos7{'/var/www/html/centos7.ks': 38 | post_fragments => $post_fragments, 39 | } 40 | 41 | firewall { '100 HTTP/S inbound': 42 | dport => [80, 443], 43 | proto => tcp, 44 | action => accept, 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/puppetdb_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::puppetdb', :type => :class do 3 | let :facts do 4 | { 5 | :kernel => 'Linux', 6 | :osfamily => 'RedHat', 7 | :operatingsystem => 'RedHat', 8 | :operatingsystemmajrelease => '7', 9 | :operatingsystemrelease => '7.2', 10 | :processors => { 11 | "count" => 2, 12 | "models" => ["Intel(R) Xeon(R) CPU E31220 @ 3.10GHz", "Intel(R) Xeon(R) CPU E31220 @ 3.10GHz"], 13 | "physicalcount" => 2 14 | }, 15 | :puppetversion => '4.0.0', 16 | :concat_basedir => '/dne', 17 | :clientcert => 'puppet.example.com', 18 | } 19 | end 20 | 21 | context 'with defaults for all parameters' do 22 | it { is_expected.to create_class('profile::puppetdb') } 23 | it { is_expected.to contain_class('puppetdb') } 24 | it { is_expected.to contain_class('puppetdb::master::config') } 25 | it { is_expected.to contain_firewall('100 PuppetDB Dashboard') } 26 | end 27 | end 28 | -------------------------------------------------------------------------------- /puppet.conf: -------------------------------------------------------------------------------- 1 | [main] 2 | # The Puppet log directory. 3 | # The default value is '$vardir/log'. 4 | logdir = /var/log/puppet 5 | 6 | # Where Puppet PID files are kept. 7 | # The default value is '$vardir/run'. 8 | rundir = /var/run/puppet 9 | 10 | # Where SSL certificates are kept. 11 | # The default value is '$confdir/ssl'. 12 | ssldir = $vardir/ssl 13 | 14 | environmentpath = $confdir/environments 15 | 16 | [agent] 17 | # The file in which puppetd stores a list of the classes 18 | # associated with the retrieved configuratiion. Can be loaded in 19 | # the separate ``puppet`` executable using the ``--loadclasses`` 20 | # option. 21 | # The default value is '$confdir/classes.txt'. 22 | classfile = $vardir/classes.txt 23 | 24 | # Where puppetd caches the local configuration. An 25 | # extension indicating the cache format is added automatically. 26 | # The default value is '$confdir/localconfig'. 27 | localconfig = $vardir/localconfig 28 | 29 | [master] 30 | pluginsync = true 31 | environmentpath = $confdir/environments 32 | -------------------------------------------------------------------------------- /hiera/puppet_role/puppet.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | - '::role::puppet' 4 | hiera::hierarchy: 5 | - 'clientcert/%%{::}{clientcert}' 6 | - 'puppet_role/%%{::}{puppet_role}' 7 | - 'global' 8 | hiera::datadir: '/etc/puppetlabs/code/environments/%%{::}{::environment}/hiera' 9 | puppet::server: true 10 | puppet::server_version: 'latest' 11 | puppet::dns_alt_names: 12 | - 'puppet' 13 | puppet::puppetdb_server: 'puppet.example.com' 14 | puppet::puppetdb: true 15 | puppet::manage_puppetdb: false 16 | puppet::manage_hiera: false 17 | puppet::firewall: true 18 | puppetdb::listen_address: '0.0.0.0' 19 | r10k::version: '2.1.1' 20 | r10k::sources: 21 | puppet: 22 | remote: 'git@github.com:puppetinabox/controlrepo.git' 23 | basedir: '/etc/puppetlabs/code/environments' 24 | prefix: false 25 | r10k::manage_modulepath: false 26 | r10k::webhook::config::use_mcollective: false 27 | r10k::webhook::config::public_key_path: '/etc/puppetlabs/puppetdb/ssl/public.pem' 28 | r10k::webhook::config::private_key_path: '/etc/puppetlabs/puppetdb/ssl/private.pem' 29 | r10k::webhook::user: 'root' 30 | r10k::webhook::group: 0 31 | -------------------------------------------------------------------------------- /dist/profile/manifests/rcfiles/vim.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::rcfiles::vim 2 | # 3 | # VIm rcfiles 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::rcfiles::vim { 14 | package {'vim-enhanced': 15 | ensure => present, 16 | } -> 17 | vcsrepo {'/usr/share/vim/puppet': 18 | ensure => present, 19 | provider => git, 20 | source => 'https://github.com/rodjek/vim-puppet.git', 21 | } -> 22 | file_line {'vimrc_runtimepath': 23 | ensure => present, 24 | path => '/etc/vimrc', 25 | line => 'set runtimepath+=/usr/share/vim/puppet', 26 | after => 'set nocompatible', 27 | } -> 28 | file_line {'vimrc_indent': 29 | ensure => present, 30 | path => '/etc/vimrc', 31 | line => 'filetype plugin indent on', 32 | after => '/usr/share/vim/puppet', 33 | } -> 34 | file_line {'vimrc_shiftwidth': 35 | ensure => present, 36 | path => '/etc/vimrc', 37 | line => 'set shiftwidth=2', 38 | after => 'filetype plugin indent on', 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /dist/profile/spec/fixtures/hieradata/default.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ssh_authorized_keys: 3 | testkey: {} 4 | yumrepo_url: 'http://yum.example.com/testrepo/' 5 | local_users: 6 | testuser: 7 | state: 'present' 8 | comment: 'Test User' 9 | groups: 10 | - 'group1' 11 | - 'group2' 12 | password: 'encryptedstring' 13 | ssh::server::options: 14 | 'PermitRootLogin' : 'yes' 15 | 'Protocol' : '2' 16 | 'SyslogFacility' : 'AUTHPRIV' 17 | 'PasswordAuthentication' : 'yes' 18 | 'GSSAPIAuthentication' : 'yes' 19 | 'GSSAPICleanupCredentials' : 'yes' 20 | 'AcceptEnv' : 'LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION LC_ALL LANGUAGE XMODIFIERS' 21 | 'Subsystem' : ' sftp /usr/libexec/openssh/sftp-server' 22 | 'Banner' : '/etc/issue.net' 23 | ssh::client::options: 24 | 'Host *' : 25 | 'SendEnv' : 'LANG LC_*' 26 | 'HashKnownHosts' : 'yes' 27 | 'GSSAPIAuthentication' : 'yes' 28 | 'GSSAPIDelegateCredentials' : 'no' 29 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/base_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::base', :type => :class do 3 | let :facts do 4 | { 5 | :id => 'root', 6 | :kernel => 'Linux', 7 | :osfamily => 'RedHat', 8 | :operatingsystem => 'RedHat', 9 | :operatingsystemrelease => '7.2', 10 | :operatingsystemmajrelease => '7', 11 | :concat_basedir => '/dne', 12 | :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 13 | :puppetversion => '4.3.1', 14 | :sudoversion => '1.8.6p7', 15 | } 16 | end 17 | 18 | context 'with defaults for all parameters' do 19 | it { is_expected.to create_class('profile::base') } 20 | it { is_expected.to contain_class('profile::linuxfw') } 21 | it { is_expected.to contain_class('ssh::server') } 22 | it { is_expected.to contain_class('ssh::client') } 23 | it { is_expected.to contain_class('ntp') } 24 | it { is_expected.to contain_ssh_authorized_key('testkey') } 25 | it { is_expected.to contain_yumrepo('lab') } 26 | it { is_expected.to contain_exec('shosts.equiv') } 27 | it { is_expected.to contain_class('sudo') } 28 | it { is_expected.to contain_sudo__conf('wheel') } 29 | it { is_expected.to contain_local_user('testuser') } 30 | end 31 | end 32 | -------------------------------------------------------------------------------- /dist/profile/metadata.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "puppetinabox-profile", 3 | "version": "1.0.0", 4 | "author": "rnelson0", 5 | "summary": "Profile module for roles and profiles", 6 | "license": "Apache-2.0", 7 | "source": "https://github.com/puppetinabox/profile", 8 | "project_page": "https://github.com/puppetinabox/profile", 9 | "issues_url": "https://github.com/puppetinabox/profile/issues", 10 | "dependencies": [ 11 | { 12 | "name": "puppetlabs-stdlib", 13 | "version_range": ">= 1.0.0" 14 | }, 15 | { 16 | "name": "puppetlabs-firewall", 17 | "version_range": ">= 1.1.1" 18 | }, 19 | { 20 | "name": "puppetlabs-apache", 21 | "version_range": ">= 1.0.1" 22 | }, 23 | { 24 | "name": "puppetlabs-puppetdb", 25 | "version_range": ">= 3.0.1" 26 | }, 27 | { 28 | "name": "puppetlabs-ntp", 29 | "version_range": ">= 3.0.3" 30 | }, 31 | { 32 | "name": "puppetlabs-lvm", 33 | "version_range": ">= 0.3.1" 34 | }, 35 | { 36 | "name": "saz-rsyslog", 37 | "version_range": ">= 3.1.0" 38 | }, 39 | { 40 | "name": "saz-ssh", 41 | "version_range": ">= 2.3.6" 42 | }, 43 | { 44 | "name": "stephenrjohnson-puppet", 45 | "version_range": ">= 0.0.23" 46 | } 47 | ] 48 | } 49 | 50 | -------------------------------------------------------------------------------- /bootstrap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Add bootstrap modules 4 | mkdir -p /root/bootstrap/modules 5 | puppet module install --modulepath=/root/bootstrap/modules jlambert121/puppet --version 0.7.0 6 | puppet module install --modulepath=/root/bootstrap/modules zack/r10k --version 3.2.0 7 | puppet module install --modulepath=/root/bootstrap/modules stahnma/epel --version 1.2.2 8 | puppet module install --modulepath=/root/bootstrap/modules hunner/hiera --version 1.4.1 9 | 10 | # Configure the master, hiera, and r10k services 11 | puppet apply --modulepath=/root/bootstrap/modules master.pp && \ 12 | puppet apply --modulepath=/root/bootstrap/modules hiera.pp && \ 13 | puppet apply --modulepath=/root/bootstrap/modules r10k_installation.pp && \ 14 | # If everything went well, deploy using r10k 15 | r10k deploy environment -p 16 | 17 | 18 | # If everything is successful, run puppet, otherwise alert 19 | if [ $? -eq 0 ] 20 | then 21 | # Ensure changes to hiera and the master configuration are in place before continuing 22 | systemctl restart puppetserver 23 | puppet agent -t 24 | systemctl enable puppet 25 | systemctl start puppet 26 | else 27 | echo "Some part of the bootstrap process failed. Investigate the errors and proceed with manual bootstrapping." 28 | echo "" 29 | echo "See https://github.com/puppetinabox/documentation#bootstrap for the steps." 30 | echo "" 31 | fi 32 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Puppet-In-A-Box 2 | 3 | Pre-packaged collection of modules and data to quickly bootstrap a lab or POC network with Puppet. 4 | 5 | ## Installation & Usage 6 | 7 | Please refer to the Wiki on the right side of this page or by following [this link](https://github.com/puppetinabox/controlrepo/wiki). 8 | 9 | ## Contributing 10 | 11 | 1. Fork it! 12 | 2. Create your feature branch: `git checkout -b my-new-feature` 13 | 3. Commit your changes: `git commit -am 'Add some feature'` 14 | 4. Push to the branch: `git push origin my-new-feature` 15 | 5. Submit a pull request :D 16 | 17 | View project status at [waffle.io](https://waffle.io/puppetinabox/controlrepo/): [![Stories in Ready](https://badge.waffle.io/puppetinabox/controlrepo.svg?label=ready&title=Ready)](http://waffle.io/puppetinabox/controlrepo) 18 | 19 | [![Throughput Graph](https://graphs.waffle.io/puppetinabox/controlrepo/throughput.svg)](https://waffle.io/puppetinabox/controlrepo/metrics) 20 | 21 | ## History 22 | 23 | Jan 2015: Initial commit. 24 | Feb 2016: New release with puppetserver; tagged v2.0.1 as the last build supporting passenger. 25 | 26 | ## Credits 27 | 28 | Founder: [Rob Nelson](https://github.com/rnelson) 29 | 30 | Contributing authors: 31 | * [Matyas Danter](https://github.com/mdanter) 32 | * [Sean Scott King](https://github.com/seanscottking) 33 | 34 | ## License 35 | 36 | TODO: Write license 37 | -------------------------------------------------------------------------------- /dist/profile/spec/unit/facter/puppet_role_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | require 'facter/puppet_role' 3 | 4 | describe 'custom fact puppet_role', :type => :fact do 5 | let (:hostname_fact) { 6 | self.class.description 7 | } 8 | before (:each) do 9 | Facter.fact(:hostname).stubs(:value).returns(hostname_fact) 10 | Facter.flush 11 | end 12 | subject { Facter.fact(:puppet_role).value } 13 | 14 | context "hostname 'loc-test72'" do 15 | before do 16 | Facter.fact(:hostname).stubs(:value).returns('loc-test72') 17 | end 18 | 19 | it "should return test" do 20 | expect(Facter.fact(:puppet_role).value).to eq('test') 21 | end 22 | end 23 | 24 | context "hostname 'test72'" do 25 | before do 26 | Facter.fact(:hostname).stubs(:value).returns('test72') 27 | end 28 | 29 | it "should return test" do 30 | expect(Facter.fact(:puppet_role).value).to eq('test') 31 | end 32 | end 33 | 34 | context "hostname 'role'" do 35 | before do 36 | Facter.fact(:hostname).stubs(:value).returns('role') 37 | end 38 | 39 | it "should return role" do 40 | expect(Facter.fact(:puppet_role).value).to eq('role') 41 | end 42 | end 43 | 44 | context "hostname '99luftballons'" do 45 | before do 46 | Facter.fact(:hostname).stubs(:value).returns('99luftballoons') 47 | end 48 | 49 | it "should return default" do 50 | expect(Facter.fact(:puppet_role).value).to eq('default') 51 | end 52 | end 53 | end 54 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/phpmyadmin_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::phpmyadmin', :type => :class do 3 | let :facts do 4 | { 5 | :clientcert => 'phpmyadmin', 6 | :id => 'root', 7 | :kernel => 'Linux', 8 | :osfamily => 'RedHat', 9 | :operatingsystem => 'RedHat', 10 | :operatingsystemrelease => '6', 11 | :concat_basedir => '/dne', 12 | :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 13 | } 14 | end 15 | 16 | context 'with dbpass and cname' do 17 | it { is_expected.to create_class('profile::phpmyadmin') } 18 | it { is_expected.to contain_package('phpMyAdmin') } 19 | it { is_expected.to contain_selboolean('httpd_can_network_connect_db') } 20 | it { is_expected.to contain_selboolean('httpd_can_network_connect') } 21 | it { is_expected.to contain_certs__vhost('phpmyadmin.example.com') } 22 | it { is_expected.to contain_apache__vhost('phpmyadmin.example.com') } 23 | it { is_expected.to contain_class('apache::mod::php') } 24 | it { is_expected.to contain_file('/etc/httpd/conf.d/phpMyAdmin.conf').with({ 25 | :ensure => 'absent' 26 | } ) } 27 | it { is_expected.to contain_file('/etc/phpMyAdmin').with({ 28 | :ensure => 'directory', 29 | :mode => '0755' 30 | } ) } 31 | it { is_expected.to contain_file('config.inc.php').with({ 32 | :mode => '0644' 33 | } ) } 34 | end 35 | end 36 | -------------------------------------------------------------------------------- /dist/profile/manifests/base.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::base 2 | # 3 | # Base profile 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 5014 Rob Nelson 12 | # 13 | class profile::base { 14 | # Base firewall policy 15 | include ::profile::linuxfw 16 | 17 | # SSH server and client 18 | include ::ssh::server 19 | include ::ssh::client 20 | 21 | include ::ntp 22 | 23 | # Add ssh_authorized_key 24 | $ssh_authorized_keys = hiera_hash('ssh_authorized_keys', undef) 25 | if ($ssh_authorized_keys != undef) { 26 | create_resources('ssh_authorized_key', $ssh_authorized_keys) 27 | } 28 | 29 | # Yum repository 30 | # Enable when in use 31 | $yumrepo_url = hiera('yumrepo_url') 32 | yumrepo {'lab': 33 | descr => 'Lab EL - x86_64', 34 | baseurl => $yumrepo_url, 35 | enabled => 0, 36 | gpgcheck => 0, 37 | } 38 | Yumrepo<| |> -> Package<| |> 39 | 40 | # Set up shosts.equiv for automated logins from known hosts 41 | exec {'shosts.equiv': 42 | command => '/bin/cat /etc/ssh/ssh_known_hosts | grep -v "^#" | awk \'{print $1}\' | sed -e \'s/,/\n/g\' > /etc/ssh/shosts.equiv', 43 | require => Class['ssh::knownhosts'], 44 | } 45 | 46 | # Local user setup 47 | include '::sudo' 48 | ::sudo::conf { 'wheel': 49 | priority => 10, 50 | content => '%wheel ALL=(ALL) ALL', 51 | } 52 | 53 | $local_users = hiera('local_users', undef) 54 | if ($local_users != undef) { 55 | create_resources('local_user', $local_users) 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /dist/profile/manifests/mysql/server.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::mysql::server 2 | # 3 | # MySQL server 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::mysql::server { 14 | package {'policycoreutils-python': 15 | ensure => present, 16 | } -> 17 | exec {'set-mysql-selinux-context': 18 | command => '/usr/sbin/semanage fcontext -a -t mysqld_db_t "/data(/.*)?"', 19 | unless => '/bin/ls /etc/selinux/targeted/contexts/files/file_contexts.local', 20 | } -> 21 | lvm::volume { 'lv_mysql': 22 | ensure => present, 23 | vg => 'vg_mysql', 24 | pv => '/dev/sda3', 25 | fstype => 'ext4', 26 | size => '40G', 27 | } -> 28 | file {'/data': 29 | ensure => directory, 30 | } -> 31 | mount {'/data': 32 | ensure => 'mounted', 33 | name => '/data', 34 | device => '/dev/mapper/vg_mysql-lv_mysql', 35 | fstype => 'ext4', 36 | options => 'defaults', 37 | atboot => true, 38 | } -> 39 | file {'/data/mysql': 40 | ensure => directory, 41 | } -> 42 | exec {'enforce-mysql-selinux-context': 43 | command => '/sbin/restorecon -R /data', 44 | unless => '/bin/ls -ladZ /data/mysql/mysql | /bin/grep unconfined_u:object_r:mysqld_db_t', 45 | } 46 | 47 | include ::mysql::server 48 | include ::mysql::server::backup 49 | 50 | firewall { '100 MySQL inbound': 51 | dport => 3306, 52 | proto => tcp, 53 | action => accept, 54 | } 55 | 56 | Exec['enforce-mysql-selinux-context'] -> Service['mysqld'] 57 | } 58 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/puppet_master_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'profile::puppet_master', :type => :class do 4 | let (:facts) do 5 | { 6 | :kernel => 'Linux', 7 | :osfamily => 'RedHat', 8 | :operatingsystem => 'RedHat', 9 | :operatingsystemmajrelease => '7', 10 | :operatingsystemrelease => '7.2', 11 | :processors => { 12 | "count" => 2, 13 | "models" => ["Intel(R) Xeon(R) CPU E31220 @ 3.10GHz", "Intel(R) Xeon(R) CPU E31220 @ 3.10GHz"], 14 | "physicalcount" => 2 15 | }, 16 | :puppetversion => '4.3.1', 17 | :concat_basedir => '/dne', 18 | :clientcert => 'puppet.example.com', 19 | } 20 | end 21 | 22 | let (:pre_condition) { 23 | "package{'puppetdb': ensure => present, }" 24 | } 25 | 26 | context 'with defaults for all parameters' do 27 | it { is_expected.to create_class('profile::puppet_master') } 28 | it { is_expected.to contain_class('epel') } 29 | it { is_expected.to contain_class('puppet') } 30 | 31 | # These resources are included based on hieradata 32 | it { is_expected.to contain_class('puppet::server') } 33 | it { is_expected.to contain_package('puppetserver'). 34 | with_ensure('latest') 35 | } 36 | 37 | it { is_expected.to contain_class('hiera') } 38 | it { is_expected.to contain_class('r10k') } 39 | it { is_expected.to contain_class('r10k::webhook') } 40 | it { is_expected.to contain_class('r10k::webhook::config') } 41 | it { is_expected.to contain_firewall('110 zack-r10k web hook') } 42 | it { is_expected.to contain_cron('lab_config deploy') } 43 | end 44 | end 45 | -------------------------------------------------------------------------------- /hiera/global.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ssh_authorized_keys: 3 | 'rsa-key-20150105': 4 | user: 'padmin' 5 | type: 'ssh-rsa' 6 | key: 'AAAAB3NzaC1yc2EAAAABJQAAAIEAixib8xiytdy6OHNR1gpYff0xcaC8CbETinn2BjgMb9kFCgymWu1oaIYhdDYAAsF3pNraP9gMLb1UE/EzdjjaXdHvMNV2wUmqRGc7X5ad8RJE3XDR1bBfN6OPCLQMAdrZ8TAACBUpocRNyOqFSgwbccaEUgWFL4XelY3OCmRK76k=' 7 | local_users: 8 | padmin: 9 | state: 'present' 10 | comment: 'Puppet Admin' 11 | groups: 12 | - 'wheel' 13 | manage_groups: true 14 | last_change: '2015-01-01' 15 | password: '$6$h\/T72V5u$BBYRNaVoJQ7VNTH\/3LnSGjtdDdaedI13Qm3KaAJwVrx4oCJV5y\/4mkcsY3E7D7QNbmN2k7ENtEmZpk10Rp7FD0' 16 | password_max_age: '1000' 17 | yumrepo_url: 'http://yum.example.com/el7/' 18 | ssh::server::options: 19 | 'PermitRootLogin' : 'yes' 20 | 'Protocol' : '2' 21 | 'SyslogFacility' : 'AUTHPRIV' 22 | 'PasswordAuthentication' : 'yes' 23 | 'GSSAPIAuthentication' : 'yes' 24 | 'GSSAPICleanupCredentials' : 'yes' 25 | 'AcceptEnv' : 'LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION LC_ALL LANGUAGE XMODIFIERS' 26 | 'Subsystem' : ' sftp /usr/libexec/openssh/sftp-server' 27 | 'Banner' : '/etc/issue.net' 28 | ssh::client::options: 29 | 'Host *' : 30 | 'SendEnv' : 'LANG LC_*' 31 | 'HashKnownHosts' : 'yes' 32 | 'GSSAPIAuthentication' : 'yes' 33 | 'GSSAPIDelegateCredentials' : 'no' 34 | ntp::servers: 35 | - '0.pool.ntp.org' 36 | - '2.centos.pool.ntp.org' 37 | - '1.rhel.pool.ntp.org' 38 | puppet::runmode: 'service' 39 | -------------------------------------------------------------------------------- /dist/profile/.fixtures.yml: -------------------------------------------------------------------------------- 1 | fixtures: 2 | symlinks: 3 | profile: "#{source_dir}" 4 | repositories: 5 | apache: 'git://github.com/puppetlabs/puppetlabs-apache' 6 | bind: 'git://github.com/thias/puppet-bind' 7 | certs: 'git://github.com/rnelson0/puppet-certs' 8 | concat: 'git://github.com/puppetlabs/puppetlabs-concat' 9 | createrepo: 'git://github.com/pall-valmundsson/puppet-createrepo' 10 | dhcp: 'git://github.com/ajjahn/puppet-dhcp' 11 | epel: 'git://github.com/stahnma/puppet-module-epel' 12 | firewall: 'git://github.com/puppetlabs/puppetlabs-firewall' 13 | git: 'git://github.com/puppetlabs/puppetlabs-git' 14 | inifile: 'git://github.com/puppetlabs/puppetlabs-inifile' 15 | local_user: 'git://github.com/rnelson0/puppet-local_user' 16 | lvm: 'git://github.com/puppetlabs/puppetlabs-lvm' 17 | mysql: 'git://github.com/puppetlabs/puppetlabs-mysql' 18 | ntp: 'git://github.com/puppetlabs/puppetlabs-ntp' 19 | postgresql: 'git://github.com/puppetlabs/puppetlabs-postgresql' 20 | puppet: https://github.com/jlambert121/jlambert121-puppet 21 | puppetdb: 'git://github.com/puppetlabs/puppetlabs-puppetdb' 22 | r10k: 'git://github.com/acidprime/r10k' 23 | ruby: 'git://github.com/puppetlabs/puppetlabs-ruby' 24 | rvm: 'git://github.com/maestrodev/puppet-rvm' 25 | ssh: 'git://github.com/saz/puppet-ssh' 26 | stdlib: 'git://github.com/puppetlabs/puppetlabs-stdlib' 27 | sudo: 'git://github.com/saz/puppet-sudo' 28 | tftp: 'git://github.com/puppetlabs/puppetlabs-tftp' 29 | vcsrepo: "git://github.com/puppetlabs/puppetlabs-vcsrepo" 30 | xinetd: 'git://github.com/puppetlabs/puppetlabs-xinetd' 31 | hiera: https://github.com/hunner/puppet-hiera 32 | community_kickstarts: https://github.com/voxpupuli/puppet-community_kickstarts 33 | kickstart: https://github.com/danzilio/puppet-kickstart 34 | -------------------------------------------------------------------------------- /dist/profile/Rakefile: -------------------------------------------------------------------------------- 1 | require 'rubygems' 2 | require 'bundler/setup' 3 | 4 | require 'puppetlabs_spec_helper/rake_tasks' 5 | require 'puppet/version' 6 | require 'puppet/vendor/semantic/lib/semantic' unless Puppet.version.to_f < 3.6 7 | require 'puppet-lint/tasks/puppet-lint' 8 | require 'puppet-syntax/tasks/puppet-syntax' 9 | require 'metadata-json-lint/rake_task' 10 | require 'rubocop/rake_task' 11 | 12 | # These gems aren't always present, for instance 13 | # on Travis with --without development 14 | begin 15 | require 'puppet_blacksmith/rake_tasks' 16 | rescue LoadError # rubocop:disable Lint/HandleExceptions 17 | end 18 | 19 | RuboCop::RakeTask.new 20 | 21 | exclude_paths = [ 22 | "bundle/**/*", 23 | "pkg/**/*", 24 | "vendor/**/*", 25 | "spec/**/*", 26 | ] 27 | 28 | # Coverage from puppetlabs-spec-helper requires rcov which 29 | # doesn't work in anything since 1.8.7 30 | Rake::Task[:coverage].clear 31 | 32 | Rake::Task[:lint].clear 33 | 34 | PuppetLint.configuration.relative = true 35 | PuppetLint.configuration.disable_80chars 36 | PuppetLint.configuration.disable_arrow_alignment 37 | PuppetLint.configuration.disable_class_inherits_from_params_class 38 | PuppetLint.configuration.disable_class_parameter_defaults 39 | PuppetLint.configuration.fail_on_warnings = true 40 | 41 | PuppetLint::RakeTask.new :lint do |config| 42 | config.ignore_paths = exclude_paths 43 | end 44 | 45 | PuppetSyntax.exclude_paths = exclude_paths 46 | 47 | desc "Run acceptance tests" 48 | RSpec::Core::RakeTask.new(:acceptance) do |t| 49 | t.pattern = 'spec/acceptance' 50 | end 51 | 52 | desc "Populate CONTRIBUTORS file" 53 | task :contributors do 54 | system("git log --format='%aN' | sort -u > CONTRIBUTORS") 55 | end 56 | 57 | desc "Run syntax, lint, and spec tests." 58 | task :test => [ 59 | :metadata_lint, 60 | :syntax, 61 | :lint, 62 | :rubocop, 63 | :spec, 64 | ] 65 | -------------------------------------------------------------------------------- /Puppetfile: -------------------------------------------------------------------------------- 1 | forge 'http://forge.puppetlabs.com' 2 | 3 | # Modules discovered by generate-puppetfile 4 | mod 'ajjahn/dhcp', '1.0.0' 5 | mod 'croddy/make', '0.0.5' 6 | mod 'garethr/erlang', '0.3.0' 7 | mod 'gentoo/portage', '2.3.0' 8 | mod 'golja/gnupg', '1.2.3' 9 | mod 'hunner/hiera', '2.0.1' 10 | mod 'jlambert121/puppet', '0.8.1' 11 | mod 'maestrodev/rvm', '1.12.1' 12 | mod 'nanliu/staging', '1.0.3' 13 | mod 'palli/createrepo', '1.1.0' 14 | mod 'puppetlabs/activemq', '0.4.0' 15 | mod 'puppetlabs/apache', '1.8.0' 16 | mod 'puppetlabs/apt', '2.2.1' 17 | mod 'puppetlabs/concat', '1.2.5' 18 | mod 'puppetlabs/firewall', '1.7.2' 19 | mod 'puppetlabs/gcc', '0.3.0' 20 | mod 'puppetlabs/git', '0.4.0' 21 | mod 'puppetlabs/inifile', '1.4.3' 22 | mod 'puppetlabs/java', '1.4.3' 23 | mod 'puppetlabs/java_ks', '1.4.0' 24 | mod 'puppetlabs/lvm', '0.7.0' 25 | mod 'puppetlabs/mcollective', '99.99.99' 26 | mod 'puppetlabs/mysql', '3.6.2' 27 | mod 'puppetlabs/ntp', '4.1.2' 28 | mod 'puppetlabs/pe_gem', '0.2.0' 29 | mod 'puppetlabs/postgresql', '4.7.0' 30 | mod 'puppetlabs/puppetdb', '5.0.0' 31 | mod 'puppetlabs/rabbitmq', '5.3.1' 32 | mod 'puppetlabs/ruby', '0.4.0' 33 | mod 'puppetlabs/stdlib', '4.11.0' 34 | mod 'puppetlabs/tftp', '0.2.3' 35 | mod 'puppetlabs/vcsrepo', '1.3.2' 36 | mod 'puppetlabs/xinetd', '1.5.0' 37 | mod 'richardc/datacat', '0.5.0' 38 | mod 'rnelson0/certs', '0.7.0' 39 | mod 'rnelson0/local_user', '1.0.7' 40 | mod 'saz/ssh', '2.8.1' 41 | mod 'saz/sudo', '3.1.0' 42 | mod 'stahnma/epel', '1.2.2' 43 | mod 'thias/bind', '0.5.2' 44 | mod 'yguenane/augeas', '0.1.1' 45 | mod 'yguenane/ygrpms', '0.1.0' 46 | mod 'zack/r10k', '3.2.0' 47 | mod 'danzilio/kickstart', '0.2.0' 48 | mod 'puppet/community_kickstarts', '0.2.3' 49 | # Discovered elements from existing Puppetfile 50 | # Modules from Github 51 | mod 'lab_config', 52 | :git => 'git@github.com:puppetinabox/lab_config.git', 53 | :branch => 'puppetserver' 54 | -------------------------------------------------------------------------------- /dist/profile/spec/classes/mysql/mysql_server_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | describe 'profile::mysql::server', :type => :class do 3 | let :facts do 4 | { 5 | :clientcert => 'mysql', 6 | :osfamily => 'RedHat', 7 | :operatingsystem => 'RedHat', 8 | :operatingsystemrelease => '7.2', 9 | :operatingsystemmajrelease => '7', 10 | :puppetversion => '4.3.1', 11 | } 12 | end 13 | 14 | context 'with defaults for all parameters' do 15 | it { is_expected.to create_class('profile::mysql::server') } 16 | it { is_expected.to contain_package('policycoreutils-python') } 17 | it { is_expected.to contain_exec('set-mysql-selinux-context') } 18 | it { is_expected.to contain_lvm__volume('lv_mysql').with({ 19 | :pv => '/dev/sda3', 20 | :fstype => 'ext4', 21 | :size => '40G' 22 | } ) } 23 | it { is_expected.to contain_file('/data').with({ 24 | :ensure => 'directory' 25 | } ) } 26 | it { is_expected.to contain_mount('/data').with({ 27 | :ensure => 'mounted', 28 | :name => '/data', 29 | :device => '/dev/mapper/vg_mysql-lv_mysql', 30 | :fstype => 'ext4', 31 | :atboot => 'true', 32 | } ) } 33 | it { is_expected.to contain_file('/data/mysql').with({ 34 | :ensure => 'directory' 35 | } ) } 36 | it { is_expected.to contain_exec('enforce-mysql-selinux-context') } 37 | it { is_expected.to contain_class('mysql::server') } 38 | it { is_expected.to contain_class('mysql::server::backup') } 39 | it { is_expected.to contain_firewall('100 MySQL inbound').with({ 40 | :dport => '3306', 41 | :proto => 'tcp', 42 | :action => 'accept' 43 | } ) } 44 | it { is_expected.to contain_mysql_user('someuser@localhost') } 45 | it { is_expected.to contain_mysql_grant('someuser@localhost/somedb.*') } 46 | it { is_expected.to contain_mysql_database('somedb').with({ 47 | :charset => 'utf8' 48 | } ) } 49 | end 50 | end 51 | -------------------------------------------------------------------------------- /dist/profile/manifests/phpmyadmin.pp: -------------------------------------------------------------------------------- 1 | # == Class: profile::phpmyadmin 2 | # 3 | # phpMyAdmin service 4 | # 5 | # === Authors 6 | # 7 | # Rob Nelson 8 | # 9 | # === Copyright 10 | # 11 | # Copyright 2015 Rob Nelson 12 | # 13 | class profile::phpmyadmin ( 14 | $cname = 'phpmyadmin.nelson.va', 15 | $serveradmin = 'rnelson0@gmail.com', 16 | $docroot = '/usr/share/phpMyAdmin', 17 | $servers = {}, 18 | ) { 19 | 20 | # SELinux booleans 21 | $selbooleans = [ 22 | 'httpd_can_network_connect_db', 23 | 'httpd_can_network_connect', 24 | ] 25 | selboolean { $selbooleans: 26 | value => on, 27 | persistent => true, 28 | } 29 | 30 | include ::apache 31 | 32 | # Certificates are based on the cname 33 | certs::vhost { $cname: 34 | source_path => hiera('certs::vhost::source_path', 'undef'), 35 | } 36 | Certs::Vhost<| |> -> Apache::Vhost<| |> 37 | 38 | ::apache::vhost { $cname: 39 | port => 443, 40 | docroot => $docroot, 41 | ssl => true, 42 | ssl_cert => "/etc/ssl/certs/${cname}.crt", 43 | ssl_key => "/etc/ssl/certs/${cname}.key", 44 | serveradmin => $serveradmin, 45 | directories => [ 46 | { 47 | 'path' => '/usr/share/phpMyAdmin/', 48 | }, 49 | ], 50 | } 51 | include ::apache::mod::php 52 | 53 | include ::epel 54 | 55 | # Packages 56 | Yumrepo['epel'] -> Package<| |> 57 | $packages = ['phpMyAdmin'] 58 | package { $packages: 59 | ensure => latest, 60 | } -> 61 | file {'/etc/httpd/conf.d/phpMyAdmin.conf': 62 | ensure => absent, 63 | notify => Service['httpd'], 64 | } 65 | file {'/etc/phpMyAdmin': 66 | ensure => directory, 67 | mode => '0755', 68 | } 69 | file {'config.inc.php': 70 | ensure => file, 71 | path => '/etc/phpMyAdmin/config.inc.php', 72 | mode => '0644', 73 | require => Package['phpMyAdmin'], 74 | content => template('profile/phpmyadmin/config.inc.php.erb'), 75 | } 76 | } 77 | -------------------------------------------------------------------------------- /hiera/puppet_role/mysql.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | classes: 3 | - '::role::mysql_server' 4 | mysql::server::root_password : 'password' 5 | mysql::server::restart : 'true' 6 | mysql::server::backup::backupuser : 'dbbackup' 7 | mysql::server::backup::backuppassword : 'password' 8 | mysql::server::backup::backupdir : '/data/mysql/backups' 9 | mysql::server::backup::backupcompress : 'true' 10 | mysql::server::backup::backuprotate : 90 11 | mysql::server::backup::file_per_database : 'true' 12 | mysql::server::backup::time : ['03', '00'] 13 | mysql::server::override_options : 14 | 'client': 15 | socket : '/data/mysql/mysql.sock' 16 | 'mysqld': 17 | bind-address : '0.0.0.0' 18 | log-bin : '/data/mysql/replog/mysql-bin.log' 19 | log_bin_index : '/data/mysql/replog/mysql-bin.log.index' 20 | relay-log : '/data/mysql/replog/slave-relay.log' 21 | relay-log-index : '/data/mysql/replog/slave-relay-log.index' 22 | socket : '/data/mysql/mysql.sock' 23 | datadir : '/data/mysql' 24 | 'mysqld_safe': 25 | socket : '/data/mysql/mysql.sock' 26 | mysql::server::users: 27 | '@localhost': 28 | ensure : 'absent' 29 | '@mysql': 30 | ensure : 'absent' 31 | 'root@127.0.0.1': 32 | ensure : 'present' 33 | password_hash : '*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19' 34 | 'root@mysql': 35 | ensure : 'present' 36 | password_hash : '*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19' 37 | 'phpMyAdmin@10.0.1.41': 38 | ensure : 'present' 39 | password_hash : '*579B049DA51764AAB35E4F86F04E149178A23745' 40 | 'puppetinaboxuser@10.0.1.%': 41 | ensure : 'present' 42 | password_hash : '*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19' 43 | mysql::server::grants: 44 | 'phpMyAdmin@10.0.1.41/*.*': 45 | ensure : 'present' 46 | options : ['GRANT'] 47 | privileges : ['ALL'] 48 | table : '*.*' 49 | user : 'phpMyAdmin@10.0.1.41' 50 | 'puppetinaboxuser@10.0.1.%/puppetinaboxdb.*': 51 | ensure : 'present' 52 | options : '' 53 | privileges : ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'CREATE', 'DROP', 'REFERENCES', 'INDEX', 'ALTER', 'CREATE TEMPORARY TABLES', 'LOCK TABLES', 'CREATE ROUTINE', 'ALTER ROUTINE', 'EXECUTE'] 54 | table : 'wikidb.*' 55 | user : 'puppetinaboxuser@10.0.1.%' 56 | mysql::server::databases: 57 | test: 58 | ensure : 'absent' 59 | puppetinaboxdb: 60 | ensure : 'present' 61 | charset : 'utf8' 62 | 63 | -------------------------------------------------------------------------------- /dist/profile/files/bashrc.puppet: -------------------------------------------------------------------------------- 1 | # NOTE: This file is managed by Puppet; any changes you make will be erased. 2 | 3 | # Reset 4 | Color_Off='\e[0m' # Text Reset 5 | 6 | # Regular Colors 7 | Black='\e[0;30m' # Black 8 | Red='\e[0;31m' # Red 9 | Green='\e[0;32m' # Green 10 | Yellow='\e[0;33m' # Yellow 11 | Blue='\e[0;34m' # Blue 12 | Purple='\e[0;35m' # Purple 13 | Cyan='\e[0;36m' # Cyan 14 | White='\e[0;37m' # White 15 | 16 | # Bold 17 | BBlack='\e[1;30m' # Black 18 | BRed='\e[1;31m' # Red 19 | BGreen='\e[1;32m' # Green 20 | BYellow='\e[1;33m' # Yellow 21 | BBlue='\e[1;34m' # Blue 22 | BPurple='\e[1;35m' # Purple 23 | BCyan='\e[1;36m' # Cyan 24 | BWhite='\e[1;37m' # White 25 | 26 | # Underline 27 | UBlack='\e[4;30m' # Black 28 | URed='\e[4;31m' # Red 29 | UGreen='\e[4;32m' # Green 30 | UYellow='\e[4;33m' # Yellow 31 | UBlue='\e[4;34m' # Blue 32 | UPurple='\e[4;35m' # Purple 33 | UCyan='\e[4;36m' # Cyan 34 | UWhite='\e[4;37m' # White 35 | 36 | # Background 37 | On_Black='\e[40m' # Black 38 | On_Red='\e[41m' # Red 39 | On_Green='\e[42m' # Green 40 | On_Yellow='\e[43m' # Yellow 41 | On_Blue='\e[44m' # Blue 42 | On_Purple='\e[45m' # Purple 43 | On_Cyan='\e[46m' # Cyan 44 | On_White='\e[47m' # White 45 | 46 | # High Intensity 47 | IBlack='\e[0;90m' # Black 48 | IRed='\e[0;91m' # Red 49 | IGreen='\e[0;92m' # Green 50 | IYellow='\e[0;93m' # Yellow 51 | IBlue='\e[0;94m' # Blue 52 | IPurple='\e[0;95m' # Purple 53 | ICyan='\e[0;96m' # Cyan 54 | IWhite='\e[0;97m' # White 55 | 56 | # Bold High Intensity 57 | BIBlack='\e[1;90m' # Black 58 | BIRed='\e[1;91m' # Red 59 | BIGreen='\e[1;92m' # Green 60 | BIYellow='\e[1;93m' # Yellow 61 | BIBlue='\e[1;94m' # Blue 62 | BIPurple='\e[1;95m' # Purple 63 | BICyan='\e[1;96m' # Cyan 64 | BIWhite='\e[1;97m' # White 65 | 66 | # High Intensity backgrounds 67 | On_IBlack='\e[0;100m' # Black 68 | On_IRed='\e[0;101m' # Red 69 | On_IGreen='\e[0;102m' # Green 70 | On_IYellow='\e[0;103m' # Yellow 71 | On_IBlue='\e[0;104m' # Blue 72 | On_IPurple='\e[0;105m' # Purple 73 | On_ICyan='\e[0;106m' # Cyan 74 | On_IWhite='\e[0;107m' # White 75 | 76 | function is_on_git() { 77 | git rev-parse 2> /dev/null 78 | } 79 | 80 | function parse_git_dirty() { 81 | [[ $(git status 2> /dev/null | tail -n1) != *"working directory clean"* ]] && echo "±" 82 | } 83 | 84 | function parse_git_branch() { 85 | git branch --no-color 2> /dev/null | sed -e '/^[^*]/d' -e "s/* \(.*\)/\1$(parse_git_dirty)/" 86 | } 87 | export PS1="\[${Yellow}\][\[${IRed}\]\u@\h \[${Green}\]\W\$(is_on_git && [[ -n \$(git branch 2> /dev/null) ]] && echo \":\")\[${IPurple}\]\$(parse_git_branch)\[${Color_Off}\]\[${Yellow}\]]\[${Color_Off}\]$ " 88 | 89 | # If not running interactively, do not do anything 90 | [[ $- != *i* ]] && return 91 | -------------------------------------------------------------------------------- /dist/role/README.md: -------------------------------------------------------------------------------- 1 | # role 2 | 3 | #### Table of Contents 4 | 5 | 1. [Overview](#overview) 6 | 2. [Module Description - What the module does and why it is useful](#module-description) 7 | 3. [Setup - The basics of getting started with role](#setup) 8 | * [What role affects](#what-role-affects) 9 | * [Setup requirements](#setup-requirements) 10 | * [Beginning with role](#beginning-with-role) 11 | 4. [Usage - Configuration options and additional functionality](#usage) 12 | 5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) 13 | 5. [Limitations - OS compatibility, etc.](#limitations) 14 | 6. [Development - Guide for contributing to the module](#development) 15 | 16 | ## Overview 17 | 18 | A one-maybe-two sentence summary of what the module does/what problem it solves. 19 | This is your 30 second elevator pitch for your module. Consider including 20 | OS/Puppet version it works with. 21 | 22 | ## Module Description 23 | 24 | If applicable, this section should have a brief description of the technology 25 | the module integrates with and what that integration enables. This section 26 | should answer the questions: "What does this module *do*?" and "Why would I use 27 | it?" 28 | 29 | If your module has a range of functionality (installation, configuration, 30 | management, etc.) this is the time to mention it. 31 | 32 | ## Setup 33 | 34 | ### What role affects 35 | 36 | * A list of files, packages, services, or operations that the module will alter, 37 | impact, or execute on the system it's installed on. 38 | * This is a great place to stick any warnings. 39 | * Can be in list or paragraph form. 40 | 41 | ### Setup Requirements **OPTIONAL** 42 | 43 | If your module requires anything extra before setting up (pluginsync enabled, 44 | etc.), mention it here. 45 | 46 | ### Beginning with role 47 | 48 | The very basic steps needed for a user to get the module up and running. 49 | 50 | If your most recent release breaks compatibility or requires particular steps 51 | for upgrading, you may wish to include an additional section here: Upgrading 52 | (For an example, see http://forge.puppetlabs.com/puppetlabs/firewall). 53 | 54 | ## Usage 55 | 56 | Put the classes, types, and resources for customizing, configuring, and doing 57 | the fancy stuff with your module here. 58 | 59 | ## Reference 60 | 61 | Here, list the classes, types, providers, facts, etc contained in your module. 62 | This section should include all of the under-the-hood workings of your module so 63 | people know what the module is touching on their system but don't need to mess 64 | with things. (We are working on automating this section!) 65 | 66 | ## Limitations 67 | 68 | This is where you list OS compatibility, version compatibility, etc. 69 | 70 | ## Development 71 | 72 | Since your module is awesome, other users will want to play with it. Let them 73 | know what the ground rules for contributing are. 74 | 75 | ## Release Notes/Contributors/Etc **Optional** 76 | 77 | If you aren't using changelog, put your release notes here (though you should 78 | consider using changelog). You may also add any additional sections you feel are 79 | necessary or important to include here. Please use the `## ` header. 80 | -------------------------------------------------------------------------------- /dist/profile/README.md: -------------------------------------------------------------------------------- 1 | # profile 2 | 3 | #### Table of Contents 4 | 5 | 1. [Overview](#overview) 6 | 2. [Module Description - What the module does and why it is useful](#module-description) 7 | 3. [Setup - The basics of getting started with profile](#setup) 8 | * [What profile affects](#what-profile-affects) 9 | * [Setup requirements](#setup-requirements) 10 | * [Beginning with profile](#beginning-with-profile) 11 | 4. [Usage - Configuration options and additional functionality](#usage) 12 | 5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) 13 | 5. [Limitations - OS compatibility, etc.](#limitations) 14 | 6. [Development - Guide for contributing to the module](#development) 15 | 16 | ## Overview 17 | 18 | A one-maybe-two sentence summary of what the module does/what problem it solves. 19 | This is your 30 second elevator pitch for your module. Consider including 20 | OS/Puppet version it works with. 21 | 22 | ## Module Description 23 | 24 | If applicable, this section should have a brief description of the technology 25 | the module integrates with and what that integration enables. This section 26 | should answer the questions: "What does this module *do*?" and "Why would I use 27 | it?" 28 | 29 | If your module has a range of functionality (installation, configuration, 30 | management, etc.) this is the time to mention it. 31 | 32 | ## Setup 33 | 34 | ### What profile affects 35 | 36 | * A list of files, packages, services, or operations that the module will alter, 37 | impact, or execute on the system it's installed on. 38 | * This is a great place to stick any warnings. 39 | * Can be in list or paragraph form. 40 | 41 | ### Setup Requirements **OPTIONAL** 42 | 43 | If your module requires anything extra before setting up (pluginsync enabled, 44 | etc.), mention it here. 45 | 46 | ### Beginning with profile 47 | 48 | The very basic steps needed for a user to get the module up and running. 49 | 50 | If your most recent release breaks compatibility or requires particular steps 51 | for upgrading, you may wish to include an additional section here: Upgrading 52 | (For an example, see http://forge.puppetlabs.com/puppetlabs/firewall). 53 | 54 | ## Usage 55 | 56 | Put the classes, types, and resources for customizing, configuring, and doing 57 | the fancy stuff with your module here. 58 | 59 | ## Reference 60 | 61 | Here, list the classes, types, providers, facts, etc contained in your module. 62 | This section should include all of the under-the-hood workings of your module so 63 | people know what the module is touching on their system but don't need to mess 64 | with things. (We are working on automating this section!) 65 | 66 | ## Limitations 67 | 68 | This is where you list OS compatibility, version compatibility, etc. 69 | 70 | ## Development 71 | 72 | Since your module is awesome, other users will want to play with it. Let them 73 | know what the ground rules for contributing are. 74 | 75 | ## Release Notes/Contributors/Etc **Optional** 76 | 77 | If you aren't using changelog, put your release notes here (though you should 78 | consider using changelog). You may also add any additional sections you feel are 79 | necessary or important to include here. Please use the `## ` header. 80 | -------------------------------------------------------------------------------- /dist/profile/.rubocop.yml: -------------------------------------------------------------------------------- 1 | AllCops: 2 | Exclude: 3 | # Ignore HTML related things 4 | - '**/*.erb' 5 | # Ignore vendored gems 6 | - 'vendor/**/*' 7 | # Ignore code from test fixtures 8 | - 'spec/fixtures/**/*' 9 | 10 | Lint/ConditionPosition: 11 | Enabled: true 12 | 13 | Lint/ElseLayout: 14 | Enabled: true 15 | 16 | Lint/UnreachableCode: 17 | Enabled: true 18 | 19 | Lint/UselessComparison: 20 | Enabled: true 21 | 22 | Lint/EnsureReturn: 23 | Enabled: true 24 | 25 | Lint/HandleExceptions: 26 | Enabled: true 27 | 28 | Lint/LiteralInCondition: 29 | Enabled: true 30 | 31 | Lint/ShadowingOuterLocalVariable: 32 | Enabled: true 33 | 34 | Lint/LiteralInInterpolation: 35 | Enabled: true 36 | 37 | Style/RedundantReturn: 38 | Enabled: true 39 | 40 | Lint/AmbiguousOperator: 41 | Enabled: true 42 | 43 | Lint/AssignmentInCondition: 44 | Enabled: true 45 | 46 | Style/SpaceBeforeComment: 47 | Enabled: true 48 | 49 | # DISABLED - not useful 50 | Style/HashSyntax: 51 | Enabled: false 52 | 53 | # USES: as shortcut for non nil&valid checking a = x() and a.empty? 54 | # DISABLED - not useful 55 | Style/AndOr: 56 | Enabled: false 57 | 58 | # DISABLED - not useful 59 | Style/RedundantSelf: 60 | Enabled: false 61 | 62 | # DISABLED - not useful 63 | Metrics/MethodLength: 64 | Enabled: false 65 | 66 | # DISABLED - not useful 67 | Style/WhileUntilModifier: 68 | Enabled: false 69 | 70 | # DISABLED - the offender is just haskell envy 71 | Lint/AmbiguousRegexpLiteral: 72 | Enabled: false 73 | 74 | # DISABLED 75 | Lint/Eval: 76 | Enabled: false 77 | 78 | # DISABLED 79 | Lint/BlockAlignment: 80 | Enabled: false 81 | 82 | # DISABLED 83 | Lint/DefEndAlignment: 84 | Enabled: false 85 | 86 | # DISABLED 87 | Lint/EndAlignment: 88 | Enabled: false 89 | 90 | # DISABLED 91 | Lint/DeprecatedClassMethods: 92 | Enabled: false 93 | 94 | # DISABLED 95 | Lint/Loop: 96 | Enabled: false 97 | 98 | # DISABLED 99 | Lint/ParenthesesAsGroupedExpression: 100 | Enabled: false 101 | 102 | Lint/RescueException: 103 | Enabled: false 104 | 105 | Lint/StringConversionInInterpolation: 106 | Enabled: false 107 | 108 | Lint/UnusedBlockArgument: 109 | Enabled: false 110 | 111 | Lint/UnusedMethodArgument: 112 | Enabled: false 113 | 114 | Lint/UselessAccessModifier: 115 | Enabled: true 116 | 117 | Lint/UselessAssignment: 118 | Enabled: true 119 | 120 | Lint/Void: 121 | Enabled: true 122 | 123 | Style/AccessModifierIndentation: 124 | Enabled: false 125 | 126 | Style/AccessorMethodName: 127 | Enabled: false 128 | 129 | Style/Alias: 130 | Enabled: false 131 | 132 | Style/AlignArray: 133 | Enabled: false 134 | 135 | Style/AlignHash: 136 | Enabled: false 137 | 138 | Style/AlignParameters: 139 | Enabled: false 140 | 141 | Metrics/BlockNesting: 142 | Enabled: false 143 | 144 | Style/AsciiComments: 145 | Enabled: false 146 | 147 | Style/Attr: 148 | Enabled: false 149 | 150 | Style/BracesAroundHashParameters: 151 | Enabled: false 152 | 153 | Style/CaseEquality: 154 | Enabled: false 155 | 156 | Style/CaseIndentation: 157 | Enabled: false 158 | 159 | Style/CharacterLiteral: 160 | Enabled: false 161 | 162 | Style/ClassAndModuleCamelCase: 163 | Enabled: false 164 | 165 | Style/ClassAndModuleChildren: 166 | Enabled: false 167 | 168 | Style/ClassCheck: 169 | Enabled: false 170 | 171 | Metrics/ClassLength: 172 | Enabled: false 173 | 174 | Style/ClassMethods: 175 | Enabled: false 176 | 177 | Style/ClassVars: 178 | Enabled: false 179 | 180 | Style/WhenThen: 181 | Enabled: false 182 | 183 | # DISABLED - not useful 184 | Style/WordArray: 185 | Enabled: false 186 | 187 | Style/UnneededPercentQ: 188 | Enabled: false 189 | 190 | Style/Tab: 191 | Enabled: false 192 | 193 | Style/SpaceBeforeSemicolon: 194 | Enabled: false 195 | 196 | Style/TrailingBlankLines: 197 | Enabled: false 198 | 199 | Style/SpaceInsideBlockBraces: 200 | Enabled: false 201 | 202 | Style/SpaceInsideBrackets: 203 | Enabled: false 204 | 205 | Style/SpaceInsideHashLiteralBraces: 206 | Enabled: false 207 | 208 | Style/SpaceInsideParens: 209 | Enabled: false 210 | 211 | Style/LeadingCommentSpace: 212 | Enabled: false 213 | 214 | Style/SingleSpaceBeforeFirstArg: 215 | Enabled: false 216 | 217 | Style/SpaceAfterColon: 218 | Enabled: false 219 | 220 | Style/SpaceAfterComma: 221 | Enabled: false 222 | 223 | Style/SpaceAfterControlKeyword: 224 | Enabled: false 225 | 226 | Style/SpaceAfterMethodName: 227 | Enabled: false 228 | 229 | Style/SpaceAfterNot: 230 | Enabled: false 231 | 232 | Style/SpaceAfterSemicolon: 233 | Enabled: false 234 | 235 | Style/SpaceAroundEqualsInParameterDefault: 236 | Enabled: false 237 | 238 | Style/SpaceAroundOperators: 239 | Enabled: false 240 | 241 | Style/SpaceBeforeBlockBraces: 242 | Enabled: false 243 | 244 | Style/SpaceBeforeComma: 245 | Enabled: false 246 | 247 | Style/CollectionMethods: 248 | Enabled: false 249 | 250 | Style/CommentIndentation: 251 | Enabled: false 252 | 253 | Style/ColonMethodCall: 254 | Enabled: false 255 | 256 | Style/CommentAnnotation: 257 | Enabled: false 258 | 259 | Metrics/CyclomaticComplexity: 260 | Enabled: false 261 | 262 | Style/ConstantName: 263 | Enabled: false 264 | 265 | Style/Documentation: 266 | Enabled: false 267 | 268 | Style/DefWithParentheses: 269 | Enabled: false 270 | 271 | Style/DeprecatedHashMethods: 272 | Enabled: false 273 | 274 | Style/DotPosition: 275 | Enabled: false 276 | 277 | # DISABLED - used for converting to bool 278 | Style/DoubleNegation: 279 | Enabled: false 280 | 281 | Style/EachWithObject: 282 | Enabled: false 283 | 284 | Style/EmptyLineBetweenDefs: 285 | Enabled: false 286 | 287 | Style/IndentArray: 288 | Enabled: false 289 | 290 | Style/IndentHash: 291 | Enabled: false 292 | 293 | Style/IndentationConsistency: 294 | Enabled: false 295 | 296 | Style/IndentationWidth: 297 | Enabled: false 298 | 299 | Style/EmptyLines: 300 | Enabled: false 301 | 302 | Style/EmptyLinesAroundAccessModifier: 303 | Enabled: false 304 | 305 | Style/EmptyLiteral: 306 | Enabled: false 307 | 308 | Metrics/LineLength: 309 | Enabled: false 310 | 311 | Style/MethodCallParentheses: 312 | Enabled: false 313 | 314 | Style/MethodDefParentheses: 315 | Enabled: false 316 | 317 | Style/LineEndConcatenation: 318 | Enabled: false 319 | 320 | Style/TrailingWhitespace: 321 | Enabled: false 322 | 323 | Style/StringLiterals: 324 | Enabled: false 325 | 326 | Style/TrailingComma: 327 | Enabled: false 328 | 329 | Style/GlobalVars: 330 | Enabled: false 331 | 332 | Style/GuardClause: 333 | Enabled: false 334 | 335 | Style/IfUnlessModifier: 336 | Enabled: false 337 | 338 | Style/MultilineIfThen: 339 | Enabled: false 340 | 341 | Style/NegatedIf: 342 | Enabled: false 343 | 344 | Style/NegatedWhile: 345 | Enabled: false 346 | 347 | Style/Next: 348 | Enabled: false 349 | 350 | Style/SingleLineBlockParams: 351 | Enabled: false 352 | 353 | Style/SingleLineMethods: 354 | Enabled: false 355 | 356 | Style/SpecialGlobalVars: 357 | Enabled: false 358 | 359 | Style/TrivialAccessors: 360 | Enabled: false 361 | 362 | Style/UnlessElse: 363 | Enabled: false 364 | 365 | Style/VariableInterpolation: 366 | Enabled: false 367 | 368 | Style/VariableName: 369 | Enabled: false 370 | 371 | Style/WhileUntilDo: 372 | Enabled: false 373 | 374 | Style/EvenOdd: 375 | Enabled: false 376 | 377 | Style/FileName: 378 | Enabled: false 379 | 380 | Style/For: 381 | Enabled: false 382 | 383 | Style/Lambda: 384 | Enabled: false 385 | 386 | Style/MethodName: 387 | Enabled: false 388 | 389 | Style/MultilineTernaryOperator: 390 | Enabled: false 391 | 392 | Style/NestedTernaryOperator: 393 | Enabled: false 394 | 395 | Style/NilComparison: 396 | Enabled: false 397 | 398 | Style/FormatString: 399 | Enabled: false 400 | 401 | Style/MultilineBlockChain: 402 | Enabled: false 403 | 404 | Style/Semicolon: 405 | Enabled: false 406 | 407 | Style/SignalException: 408 | Enabled: false 409 | 410 | Style/NonNilCheck: 411 | Enabled: false 412 | 413 | Style/Not: 414 | Enabled: false 415 | 416 | Style/NumericLiterals: 417 | Enabled: false 418 | 419 | Style/OneLineConditional: 420 | Enabled: false 421 | 422 | Style/OpMethod: 423 | Enabled: false 424 | 425 | Style/ParenthesesAroundCondition: 426 | Enabled: false 427 | 428 | Style/PercentLiteralDelimiters: 429 | Enabled: false 430 | 431 | Style/PerlBackrefs: 432 | Enabled: false 433 | 434 | Style/PredicateName: 435 | Enabled: false 436 | 437 | Style/RedundantException: 438 | Enabled: false 439 | 440 | Style/SelfAssignment: 441 | Enabled: false 442 | 443 | Style/Proc: 444 | Enabled: false 445 | 446 | Style/RaiseArgs: 447 | Enabled: false 448 | 449 | Style/RedundantBegin: 450 | Enabled: false 451 | 452 | Style/RescueModifier: 453 | Enabled: false 454 | 455 | Style/RegexpLiteral: 456 | Enabled: false 457 | 458 | Lint/UnderscorePrefixedVariableName: 459 | Enabled: false 460 | 461 | Metrics/ParameterLists: 462 | Enabled: false 463 | 464 | Lint/RequireParentheses: 465 | Enabled: false 466 | 467 | Lint/SpaceBeforeFirstArg: 468 | Enabled: false 469 | 470 | Style/ModuleFunction: 471 | Enabled: false 472 | 473 | Lint/Debugger: 474 | Enabled: false 475 | 476 | Style/IfWithSemicolon: 477 | Enabled: false 478 | 479 | Style/Encoding: 480 | Enabled: false 481 | 482 | Style/BlockDelimiters: 483 | Enabled: False 484 | 485 | Style/MultilineBlockLayout: 486 | Enabled: False 487 | --------------------------------------------------------------------------------