From: Silvio Rhatto Date: Mon, 23 Oct 2017 21:43:47 +0000 (-0200) Subject: Merge commit '1bfffe2e0adff6e44ec33726988b64f95ea2f599' into develop X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=b45c60df8af294fe97b8912a0b9703c76e5de8d6;p=debian.git Merge commit '1bfffe2e0adff6e44ec33726988b64f95ea2f599' into develop --- b45c60df8af294fe97b8912a0b9703c76e5de8d6 diff --cc puppet/.gitignore index ce9693b,0000000..15a8f56 mode 100644,000000..100644 --- a/puppet/.gitignore +++ b/puppet/.gitignore @@@ -1,2 -1,0 +1,3 @@@ - modules/* ++keys ++ssl +.vagrant diff --cc puppet/.mrconfig index 5c24dc7,0000000..06755dd mode 100644,000000..100644 --- a/puppet/.mrconfig +++ b/puppet/.mrconfig @@@ -1,255 -1,0 +1,237 @@@ + +[puppet/modules/apache] +checkout = git clone git://git.fluxo.info/puppet-apache.git apache + +[puppet/modules/apcupsd] +checkout = git clone git://git.fluxo.info/puppet-apcupsd.git apcupsd + +[puppet/modules/apparmor] +checkout = git clone git://git.fluxo.info/puppet-apparmor.git apparmor + +[puppet/modules/apt] +checkout = git clone git://git.fluxo.info/puppet-apt.git apt + - [puppet/modules/autofs] - checkout = git clone git://git.fluxo.info/puppet-autofs.git autofs ++[puppet/modules/augeas] ++checkout = git clone git://git.fluxo.info/puppet-augeas.git augeas + +[puppet/modules/autossh] +checkout = git clone git://git.fluxo.info/puppet-autossh.git autossh + +[puppet/modules/avahi] +checkout = git clone git://git.fluxo.info/puppet-avahi.git avahi + +[puppet/modules/backup] +checkout = git clone git://git.fluxo.info/puppet-backup.git backup + +[puppet/modules/backupninja] +checkout = git clone git://git.fluxo.info/puppet-backupninja.git backupninja + +[puppet/modules/bind] +checkout = git clone git://git.fluxo.info/puppet-bind.git bind + +[puppet/modules/bitcoind] +checkout = git clone git://git.fluxo.info/puppet-bitcoind.git bitcoind + - [puppet/modules/common] - checkout = git clone git://git.fluxo.info/puppet-common.git common - +[puppet/modules/concat] +checkout = git clone git://git.fluxo.info/puppet-concat.git concat + +[puppet/modules/cron] +checkout = git clone git://git.fluxo.info/puppet-cron.git cron + +[puppet/modules/daap_server] +checkout = git clone git://git.fluxo.info/puppet-daap_server.git daap_server + +[puppet/modules/database] +checkout = git clone git://git.fluxo.info/puppet-database.git database + +[puppet/modules/dhcp] +checkout = git clone git://git.fluxo.info/puppet-dhcp.git dhcp + +[puppet/modules/domain_check] +checkout = git clone git://git.fluxo.info/puppet-domain_check.git domain_check + +[puppet/modules/drupal] +checkout = git clone git://git.fluxo.info/puppet-drupal.git drupal + +[puppet/modules/dyndns] +checkout = git clone git://git.fluxo.info/puppet-dyndns.git dyndns + +[puppet/modules/ejabberd] +checkout = git clone git://git.fluxo.info/puppet-ejabberd.git ejabberd + +[puppet/modules/ekeyd] +checkout = git clone git://git.fluxo.info/puppet-ekeyd.git ekeyd + +[puppet/modules/etherpad] +checkout = git clone git://git.fluxo.info/puppet-etherpad.git etherpad + +[puppet/modules/exim] +checkout = git clone git://git.fluxo.info/puppet-exim.git exim + +[puppet/modules/firewall] +checkout = git clone git://git.fluxo.info/puppet-firewall.git firewall + +[puppet/modules/git] +checkout = git clone git://git.fluxo.info/puppet-git.git git + +[puppet/modules/hotglue] +checkout = git clone git://git.fluxo.info/puppet-hotglue.git hotglue + +[puppet/modules/hydra] +checkout = git clone git://git.fluxo.info/puppet-hydra.git hydra + - [puppet/modules/icecast] - checkout = git clone git://git.fluxo.info/puppet-icecast.git icecast - +[puppet/modules/ikiwiki] +checkout = git clone git://git.fluxo.info/puppet-ikiwiki.git ikiwiki + +[puppet/modules/inetd] +checkout = git clone git://git.fluxo.info/puppet-inetd.git inetd + +[puppet/modules/infinoted] +checkout = git clone git://git.fluxo.info/puppet-infinoted.git infinoted + +[puppet/modules/inifile] +checkout = git clone git://git.fluxo.info/puppet-inifile.git inifile + +[puppet/modules/lighttpd] +checkout = git clone git://git.fluxo.info/puppet-lighttpd.git lighttpd + +[puppet/modules/lsb] +checkout = git clone git://git.fluxo.info/puppet-lsb.git lsb + +[puppet/modules/mail] +checkout = git clone git://git.fluxo.info/puppet-mail.git mail + +[puppet/modules/minidlna] +checkout = git clone git://git.fluxo.info/puppet-minidlna.git minidlna + +[puppet/modules/moin] +checkout = git clone git://git.fluxo.info/puppet-moin.git moin + +[puppet/modules/monkeysphere] +checkout = git clone git://git.fluxo.info/puppet-monkeysphere.git monkeysphere + +[puppet/modules/motion] +checkout = git clone git://git.fluxo.info/puppet-motion.git motion + +[puppet/modules/mpd] +checkout = git clone git://git.fluxo.info/puppet-mpd.git mpd + +[puppet/modules/mumble] +checkout = git clone git://git.fluxo.info/puppet-mumble.git mumble + - [puppet/modules/munin] - checkout = git clone git://git.fluxo.info/puppet-munin.git munin - +[puppet/modules/mysql] +checkout = git clone git://git.fluxo.info/puppet-mysql.git mysql + - [puppet/modules/nagios] - checkout = git clone git://git.fluxo.info/puppet-nagios.git nagios - +[puppet/modules/nfs] +checkout = git clone git://git.fluxo.info/puppet-nfs.git nfs + +[puppet/modules/nginx] +checkout = git clone git://git.fluxo.info/puppet-nginx.git nginx + +[puppet/modules/nodo] +checkout = git clone git://git.fluxo.info/puppet-nodo.git nodo + +[puppet/modules/ntp] +checkout = git clone git://git.fluxo.info/puppet-ntp.git ntp + +[puppet/modules/onion] +checkout = git clone git://git.fluxo.info/puppet-onion.git onion + - [puppet/modules/pear] - checkout = git clone git://git.fluxo.info/puppet-pear.git pear - +[puppet/modules/php] +checkout = git clone git://git.fluxo.info/puppet-php.git php + +[puppet/modules/pmwiki] +checkout = git clone git://git.fluxo.info/puppet-pmwiki.git pmwiki + +[puppet/modules/postfix] +checkout = git clone git://git.fluxo.info/puppet-postfix.git postfix + +[puppet/modules/puppet] +checkout = git clone git://git.fluxo.info/puppet-puppet.git puppet + +[puppet/modules/pureftpd] +checkout = git clone git://git.fluxo.info/puppet-pureftpd.git pureftpd + +[puppet/modules/pyroscope] +checkout = git clone git://git.fluxo.info/puppet-pyroscope.git pyroscope + +[puppet/modules/qwebirc] +checkout = git clone git://git.fluxo.info/puppet-qwebirc.git qwebirc + +[puppet/modules/reprepro] +checkout = git clone git://git.fluxo.info/puppet-reprepro.git reprepro + +[puppet/modules/resolvconf] +checkout = git clone git://git.fluxo.info/puppet-resolvconf.git resolvconf + +[puppet/modules/rng-tools] +checkout = git clone git://git.fluxo.info/puppet-rng-tools.git rng-tools + +[puppet/modules/rsync] +checkout = git clone git://git.fluxo.info/puppet-rsync.git rsync + +[puppet/modules/runit] +checkout = git clone git://git.fluxo.info/puppet-runit.git runit + +[puppet/modules/samba] +checkout = git clone git://git.fluxo.info/puppet-samba.git samba + +[puppet/modules/schroot] +checkout = git clone git://git.fluxo.info/puppet-schroot.git schroot + +[puppet/modules/shorewall] +checkout = git clone git://git.fluxo.info/puppet-shorewall.git shorewall + - [puppet/modules/smartmonster] - checkout = git clone git://git.fluxo.info/puppet-smartmonster.git smartmonster - +[puppet/modules/smartmontools] +checkout = git clone git://git.fluxo.info/puppet-smartmontools.git smartmontools + +[puppet/modules/sshd] +checkout = git clone git://git.fluxo.info/puppet-sshd.git sshd + +[puppet/modules/ssl] +checkout = git clone git://git.fluxo.info/puppet-ssl.git ssl + +[puppet/modules/stdlib] +checkout = git clone git://git.fluxo.info/puppet-stdlib.git stdlib + +[puppet/modules/supervisor] +checkout = git clone git://git.fluxo.info/puppet-supervisor.git supervisor + +[puppet/modules/supybot] +checkout = git clone git://git.fluxo.info/puppet-supybot.git supybot + +[puppet/modules/syslog-ng] +checkout = git clone git://git.fluxo.info/puppet-syslog-ng.git syslog-ng + +[puppet/modules/tftp] +checkout = git clone git://git.fluxo.info/puppet-tftp.git tftp + +[puppet/modules/tor] +checkout = git clone git://git.fluxo.info/puppet-tor.git tor + +[puppet/modules/trac] +checkout = git clone git://git.fluxo.info/puppet-trac.git trac + +[puppet/modules/tunnel] +checkout = git clone git://git.fluxo.info/puppet-tunnel.git tunnel + +[puppet/modules/user] +checkout = git clone git://git.fluxo.info/puppet-user.git user + +[puppet/modules/vcsrepo] +checkout = git clone git://git.fluxo.info/puppet-vcsrepo.git vcsrepo + +[puppet/modules/viewvc] +checkout = git clone git://git.fluxo.info/puppet-viewvc.git viewvc + +[puppet/modules/virtual] +checkout = git clone git://git.fluxo.info/puppet-virtual.git virtual + +[puppet/modules/websites] +checkout = git clone git://git.fluxo.info/puppet-websites.git websites + +[puppet/modules/websvn] +checkout = git clone git://git.fluxo.info/puppet-websvn.git websvn + +[puppet/modules/wordpress] +checkout = git clone git://git.fluxo.info/puppet-wordpress.git wordpress diff --cc puppet/Makefile index 97c4a58,0000000..d13a878 mode 100644,000000..100644 --- a/puppet/Makefile +++ b/puppet/Makefile @@@ -1,67 -1,0 +1,63 @@@ +# +# Puppet Boostrap Makefile by Silvio Rhatto (rhatto at riseup.net). +# +# This Makefile is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 3 of the License, or any later version. +# +# This Makefile is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS +# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along with +# this program; if not, write to the Free Software Foundation, Inc., 59 Temple +# Place - Suite 330, Boston, MA 02111-1307, USA +# + +CWD = $(shell pwd) +REPO = git://git.fluxo.info/puppet-bootstrap.git +PUPPET = FACTER_BOOTSTRAP_PATH="$(CWD)" puppet apply --confdir="$(CWD)" --modulepath=modules + +all: deps remote modules config + +deps: + bin/dependencies + +modules: + mr up + +submodules: + bin/submodules + +subtrees: + bin/subtrees + +symlinks: + bin/symlinks $(MODULES) + +remote: + git remote add bootstrap $(REPO) + +hiera/boostrap.yaml: + $(EDITOR) hiera/bootstrap.yaml + +puppet.conf: + mkdir -p $(HOME)/.puppet + $(PUPPET) manifests/bootstrap/configurator.pp + +config: hiera/boostrap.yaml puppet.conf + @true + +apply: + $(PUPPET) manifests/bootstrap/$(stage).pp + +clean: + rm -f auth.conf fileserver.conf puppet.conf + rm -f manifests/classes/users.pp + rm -rf ssl + rm -rf modules + git checkout modules + - post_update: - git config receive.denyCurrentBranch ignore - cd .git/hooks && ln -sf ../../bin/post-update - +post_receive: + git config receive.denyCurrentBranch ignore + cd .git/hooks && ln -sf ../../bin/post-receive diff --cc puppet/README.md index bb5375d,0000000..29687e7 mode 100644,000000..100644 --- a/puppet/README.md +++ b/puppet/README.md @@@ -1,38 -1,0 +1,44 @@@ +Puppet Boostrap Module +====================== + +This is a multi-purpose but very specific puppet module which can be used: + +* As the base repository for a puppet infrastructure. +* As a standalone provisioner for boxes, with Vagrant support. +* It can be optionally used together with the Hydra Suite from https://git.fluxo.info/hydra.git + +Setting up a new puppet repository +---------------------------------- + +You'll basically use the `bootstrap` repository as your `puppet` repository: + + git clone git://git.fluxo.info/puppet-bootstrap.git puppet + cd puppet && git tag -v # check integrity + make deps # install dependencies + make submodules # add all needed puppet module as as git submodules + make config # basic configuration + +Using as a standalone provisioner +--------------------------------- + +This will be a `Vagrant` example: + + cd your-project + git clone git://git.fluxo.info/puppet-bootstrap.git puppet # use submodule or subtree as you please + ln -s puppet/Vagrantfile # or copy if you want to customize + ( cd puppet && make modules ) # need the mr binary to download the submodules + vagrant up web # with no arguments, all defined VMs are started + +Using subtrees or symlinks for modules +-------------------------------------- + +You might use `make subtrees` instead of `make submodules`. Also, if you already have +all the modules in a different subtree, use + + make symlinks MODULES=/path/to/puppet/modules ++ ++Recommended puppet modules ++-------------------------- ++ ++This repository plays well with other puppet modules hosted at https://git.fluxo.info, some of them ++based on https://gitlab.com/shared-puppet-modules-group. diff --cc puppet/Vagrantfile index 3ee05e6,0000000..b5cd7f6 mode 100644,000000..100644 --- a/puppet/Vagrantfile +++ b/puppet/Vagrantfile @@@ -1,29 -1,0 +1,29 @@@ +# Vagrantfile API/syntax version. Don't touch unless you know what you're doing! +VAGRANTFILE_API_VERSION = "2" + +Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| + # Every Vagrant virtual environment requires a box to build off of. + config.vm.box = "jessie" + + # Hostname - config.vm.hostname = "puppet-bootstrap.example.org" ++ config.vm.hostname = "box.example.org" + + # Shell provisioner to setup basic environment. + config.vm.provision :shell, :inline => "/vagrant/puppet/bin/provision" + + # Enable provisioning with Puppet stand alone. + config.vm.provision :puppet do |puppet| + puppet.manifest_file = "bootstrap/vagrant.pp" + puppet.manifests_path = "puppet/manifests" + puppet.module_path = "puppet/modules" + puppet.hiera_config_path = "puppet/hiera.yaml" + puppet.temp_dir = "/etc/puppet" + puppet.working_directory = "/etc/puppet" + end + + # Share hiera configuration. - config.vm.synced_folder "puppet/hiera", "/etc/puppet/hiera" ++ config.vm.synced_folder "puppet/config", "/etc/puppet/config" + + # Forwarded ports + #config.vm.network "forwarded_port", guest: 80, host: 8081 +end diff --cc puppet/config/common.yaml index 0000000,29fb400..29fb400 mode 000000,100644..100644 --- a/puppet/config/common.yaml +++ b/puppet/config/common.yaml diff --cc puppet/config/node/box.example.org.yaml index 0000000,304d915..304d915 mode 000000,100644..100644 --- a/puppet/config/node/box.example.org.yaml +++ b/puppet/config/node/box.example.org.yaml diff --cc puppet/files/patches/wheezy/collected-resources.md index 0000000,b2ce77d..b2ce77d mode 000000,100644..100644 --- a/puppet/files/patches/wheezy/collected-resources.md +++ b/puppet/files/patches/wheezy/collected-resources.md diff --cc puppet/kvmxfile index 0000000,0000000..1f494bd new file mode 100644 --- /dev/null +++ b/puppet/kvmxfile @@@ -1,0 -1,0 +1,89 @@@ ++# ++# Sample kvmx file - https://kvmx.fluxo.info ++# ++ ++# Which base box you should use. Leave unconfigured to use kvmx-create instead. ++#basebox="stretch" ++ ++# First user name ++user="vagrant" ++ ++# First user password ++password="vagrant" ++ ++# Set this is you want to be able to share folders between host and guest. ++shared_folder="." ++shared_folder_mountpoint="/vagrant" ++ ++# Folder to sync during provisioning in the format "/host/folder /guest/folder". ++provision_rsync="puppet /etc/puppet" ++ ++# Options for provision_rsync ++provision_rsync_opts="--exclude=.git --exclude=keys --exclude=config/secrets" ++ ++# Absolute path for a provision script located inside the guest. ++provision_command="/etc/puppet/bin/provision && /etc/puppet/bin/deploy" ++ ++# Graphics ++# See https://wiki.archlinux.org/index.php/QEMU#Graphics ++#graphics="-vga std -nographic -vnc :$GUEST_DISPLAY" ++graphics="-vga qxl" ++ ++# VNC Client ++#vnc_client="xtightvncviewer" ++#vnc_client="xvnc4viewer" ++#vnc_client="xvncviewer" ++vnc_client="virt-viewer" ++ ++# Set this if you want to automatically attach an spice client when the machine ++# boots. ++run_spice_client="0" ++ ++# Set additional hostfwd mappings ++#port_mapping="hostfwd=tcp:127.0.0.1:8080-:80,hostfwd=tcp:127.0.0.1:8443-:443" ++ ++# Where the guest image is stored ++#image="$HOME/.local/share/kvmx/$VM/box.img" ++ ++# Image size ++size="10G" ++ ++# Image format: raw or qcow2 ++format="qcow2" ++ ++# Bootstrap method: custom or vmdeboostrap ++method="custom" ++ ++# Hostname ++hostname="puppet" ++ ++# Domain ++domain="example.org" ++ ++# System arch ++arch="amd64" ++ ++# Box distribution when bootstraping a new image ++version="stretch" ++ ++# Debian mirror ++mirror="http://http.debian.net/debian/" ++ ++# Enables remote administration using SSH. With this configuration enabled, ++# kvmx will be able to administer a running virtual machine using SSH access ++# inside the virtual machine. ++ssh_support="y" ++ ++# Use a custom, per-virtual-machine generated SSH keypair. If you disable this ++# configuration but still want guest administration using SSH, the default ++# insecure keypair will be used. ++# ++# Please note that this setting won't take effect if you're using a basebox. ++# In that case the basebox keypair will be used if it exists, otherwise kvmx ++# fallsback to the default insecure keypair. ++# ++# This setting is used during virtual machine bootstrapping by kvmx-create. ++ssh_custom="y" ++ ++# Bootloader (used only during bootstrapping by kvmx-create). ++bootloader="grub"