]> git.immae.eu Git - perso/Immae/Projets/Puppet.git/blobdiff - modules/base_configuration/manifests/init.pp
Refactor base installation module
[perso/Immae/Projets/Puppet.git] / modules / base_configuration / manifests / init.pp
diff --git a/modules/base_configuration/manifests/init.pp b/modules/base_configuration/manifests/init.pp
deleted file mode 100644 (file)
index 8b2ce4c..0000000
+++ /dev/null
@@ -1,209 +0,0 @@
-class base_configuration (
-  $hostname  = undef,
-  $username  = "immae",
-  $userid    = 1000,
-  $code_path = undef,
-  $device    = undef,
-) {
-  unless empty($device) {
-    class { 'grub_install':
-      device => $device,
-    }
-  }
-
-  class { 'locales': }
-
-  unless empty($code_path) {
-    class { 'cron_puppet':
-      code_path => $code_path,
-    }
-  }
-
-  service { "sshd":
-    #ensure => "running",
-    enable => true,
-  }
-  service { "systemd-networkd":
-    #ensure => "running",
-    enable => true,
-  }
-  service { "systemd-resolved":
-    #ensure => "running",
-    enable => true,
-  }
-
-  file { "/etc/localtime":
-    ensure => "link",
-    target => "../usr/share/zoneinfo/Europe/Paris"
-  }
-
-  exec { "set_locale":
-    command     => "/usr/bin/systemd-firstboot --locale=fr_FR.UTF-8",
-    creates     => "/etc/locale.conf",
-  }
-
-  unless empty($hostname) {
-    exec { "set_hostname":
-      command     => "/usr/bin/systemd-firstboot --hostname=$hostname",
-      creates     => "/etc/hostname",
-    }
-  }
-
-  file { "/etc/vconsole.conf":
-    ensure => "link",
-    target => "/dev/null",
-  }
-
-  user { "${username}:${userid}":
-    name       => $username,
-    uid        => $userid,
-    ensure     => "present",
-    groups     => "wheel",
-    managehome => true,
-    notify     => Exec["remove_password"]
-  }
-
-  exec { "remove_password":
-    command     => "/usr/bin/chage -d 0 $username && /usr/bin/passwd -d $username",
-    refreshonly => true
-  }
-
-  ssh_authorized_key { $username:
-    name => "immae@immae.eu",
-    user => $username,
-    type => "ssh-rsa",
-    key  => "AAAAB3NzaC1yc2EAAAADAQABAAABAQDi5PgLBwMRyRwzJPnSgUyRAuB9AAxMijsw1pR/t/wmxQne1O5fIPOleHx+D8dyZbwm+XkzlcJpgT0Qy3qC9J8BPhshJvO/tA/8CI/oS/FE0uWsyACH1DMO2dk4gRRZGSE9IuzDMRPlnfZ3n0tdsPzzv3GH4It/oPIgsvkTowKztGLQ7Xmjr5BxzAhXcIQymqA0U3XWHSdWvnSRDaOFG0PDoVMS85IdwlviVKLnV5Sstb4NC/P28LFfgvW8DO/XrOqujgDomqTmR41dK/AyrGGOb2cQUMO4l8Oa+74aOyKaB61rr/rJkr+wCbEttkTvgFa6zZygSk3edfiWE2rgn4+v"
-  }
-
-  class { 'sudo':
-    config_file_replace => false,
-    # Missing in the sudo package, should no be mandatory
-    package_ldap        => false
-  }
-
-  sudo::conf { 'wheel':
-    priority => 10,
-    content  => "%wheel ALL=(ALL) ALL"
-  }
-
-  class { 'ssh::server':
-     storeconfigs_enabled => false,
-     options => {
-        'AcceptEnv'                       => undef,
-        'X11Forwarding'                   => 'yes',
-        'PrintMotd'                       => 'no',
-        'ChallengeResponseAuthentication' => 'no',
-        'Subsystem'                       => 'sftp /usr/lib/openssh/sftp-server',
-     }
-  }
-
-  ensure_packages('ruby-shadow')
-  user { 'root':
-    password => '!'
-  }
-
-  file { '/etc/modprobe.d/pcspkr_no_autoload.conf':
-     ensure => "present",
-     path   => "/etc/modprobe.d/pcspkr_no_autoload.conf",
-     source => 'puppet:///modules/base_configuration/pcspkr_no_autoload.conf',
-     mode   => "0644",
-     owner  => "root",
-     group  => "root"
-  }
-
-  file { '/etc/systemd/system/getty@tty1.service.d/':
-    ensure => "directory",
-    path   => "/etc/systemd/system/getty@tty1.service.d/",
-    mode   => "0755",
-    owner  => "root",
-    group  => "root"
-  }
-
-  file { '/etc/systemd/system/getty@tty1.service.d/noclear.conf':
-     ensure  => "present",
-     path    => "/etc/systemd/system/getty@tty1.service.d/noclear.conf",
-     source  => 'puppet:///modules/base_configuration/getty_conf_override.conf',
-     recurse =>  true,
-     mode    => "0644",
-     owner   => "root",
-     group   => "root"
-  }
-
-  file { '/etc/systemd/network/en-dhcp.network':
-     ensure => "present",
-     path   => "/etc/systemd/network/en-dhcp.network",
-     source => 'puppet:///modules/base_configuration/en-dhcp.network',
-     mode   => "0644",
-     owner  => "root",
-     group  => "root"
-  }
-
-  file { '/etc/pacman.d/mirrorlist':
-     ensure  => "present",
-     path    => "/etc/pacman.d/mirrorlist",
-     source  => 'puppet:///modules/base_configuration/mirrorlist',
-     mode    => "0644",
-     owner   => "root",
-     group   => "root"
-  }
-
-  class { 'pacman':
-    color     => true,
-    usesyslog => true,
-  }
-
-  pacman::repo { 'multilib':
-    order   => 15,
-    include => '/etc/pacman.d/mirrorlist'
-  }
-
-  class { '::logrotate':
-    manage_cron_daily => false,
-    config => {
-      rotate_every => 'week',
-      rotate       => 4,
-      create       => true,
-      compress     => true,
-      olddir       => '/var/log/old',
-      tabooext     => "+ .pacorig .pacnew .pacsave",
-    }
-  }
-
-  logrotate::rule { 'wtmp':
-    path         => '/var/log/wtmp',
-    rotate_every => 'month',
-    create       => true,
-    create_mode  => '0664',
-    create_owner => 'root',
-    create_group => 'utmp',
-    rotate       => 1,
-    minsize      => '1M',
-  }
-  logrotate::rule { 'btmp':
-    path         => '/var/log/btmp',
-    missingok    => true,
-    rotate_every => 'month',
-    create       => true,
-    create_mode  => '0600',
-    create_owner => 'root',
-    create_group => 'utmp',
-    rotate       => 1,
-  }
-
-  ensure_packages(["whois"], { 'install_options' => '--asdeps' })
-  class { 'fail2ban':
-    logtarget => 'SYSLOG',
-    backend   => 'systemd'
-  }
-  fail2ban::jail { 'sshd':
-    backend  => 'systemd',
-    port     => 'ssh',
-    filter   => 'sshd',
-    maxretry => 10,
-    bantime  => 86400,
-    logpath  => '',
-    order    => 10
-  }
-
-  class { 'aur': }
-}