-class nodo::kvm inherits nodo::physical {
+class nodo::kvm inherits nodo {
+ include syslog-ng
+ include initramfs
+ include modprobe
+ include firewire
+ include sysctl
+ include ups
+ include utils::physical
+ include smartmontools
+ include resolver
+ include monkeysphere_nodo
+
+ # SSL computational DoS mitigation
+ # See http://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.html
+ $firewall_ssl_ratelimit = $firewall_ssl_ratelimit ? {
+ '' => $firewall_global_ssl_ratelimit ? {
+ '' => '-',
+ default => $firewall_global_ssl_ratelimit,
+ },
+ default => $firewall_ssl_ratelimit,
+ }
+
+ # Firewall configuration
+ include firewall
+
+ # Vserver configuration
+ $vserver_vdirbase = "/var/vservers"
+ include vserver::host
+
+ if $use_nagios != false {
+ if $use_nagios_fqdn == true {
+ include nagios::target::fqdn
+ }
+ else {
+ include nagios::target
+ }
+ nagios::service::ping { "$fqdn": }
+ }
+
+ # Time configuration
+ case $ntpdate {
+ false: { include timezone }
+ default: { include ntpdate }
+ }
+
+ # SSH Server
+ #
+ # We need to restrict listen address so multiple instances
+ # can live together in the same physical host.
+ #
+ case $sshd_listen_address {
+ '': { $sshd_listen_address = [ "$ipaddress" ] }
+ }
+ include sshd
+
+ backupninja::sys { "sys":
+ ensure => present,
+ }
+
+ # Munin configuration
+ munin_node { "$hostname":
+ port => '4900',
+ }
+
+ # Removable media folder
+ file { [ "/media/usb", "/media/cdrom" ]:
+ ensure => directory,
+ mode => 0755,
+ }
+
# fstab
file { "/etc/fstab":
source => "puppet://$server/modules/nodo/etc/fstab/kvm",
projects / puppet-nodo.git / commitdiff