1 class base_configuration (
8 unless empty($device) {
9 class { 'grub_install':
16 unless empty($code_path) {
17 class { 'cron_puppet':
18 code_path => $code_path,
26 service { "systemd-networkd":
30 service { "systemd-resolved":
35 file { "/etc/localtime":
37 target => "../usr/share/zoneinfo/Europe/Paris"
41 command => "/usr/bin/systemd-firstboot --locale=fr_FR.UTF-8",
42 creates => "/etc/locale.conf",
45 unless empty($hostname) {
46 exec { "set_hostname":
47 command => "/usr/bin/systemd-firstboot --hostname=$hostname",
48 creates => "/etc/hostname",
52 file { "/etc/vconsole.conf":
54 target => "/dev/null",
57 user { "${username}:${userid}":
63 notify => Exec["remove_password"]
66 exec { "remove_password":
67 command => "/usr/bin/chage -d 0 $username && /usr/bin/passwd -d $username",
71 ssh_authorized_key { $username:
72 name => "immae@immae.eu",
75 key => "AAAAB3NzaC1yc2EAAAADAQABAAABAQDi5PgLBwMRyRwzJPnSgUyRAuB9AAxMijsw1pR/t/wmxQne1O5fIPOleHx+D8dyZbwm+XkzlcJpgT0Qy3qC9J8BPhshJvO/tA/8CI/oS/FE0uWsyACH1DMO2dk4gRRZGSE9IuzDMRPlnfZ3n0tdsPzzv3GH4It/oPIgsvkTowKztGLQ7Xmjr5BxzAhXcIQymqA0U3XWHSdWvnSRDaOFG0PDoVMS85IdwlviVKLnV5Sstb4NC/P28LFfgvW8DO/XrOqujgDomqTmR41dK/AyrGGOb2cQUMO4l8Oa+74aOyKaB61rr/rJkr+wCbEttkTvgFa6zZygSk3edfiWE2rgn4+v"
79 config_file_replace => false,
80 # Missing in the sudo package, should no be mandatory
86 content => "%wheel ALL=(ALL) ALL"
89 class { 'ssh::server':
90 storeconfigs_enabled => false,
93 'X11Forwarding' => 'yes',
95 'ChallengeResponseAuthentication' => 'no',
96 'Subsystem' => 'sftp /usr/lib/openssh/sftp-server',
100 ensure_packages('ruby-shadow')
105 file { '/etc/modprobe.d/pcspkr_no_autoload.conf':
107 path => "/etc/modprobe.d/pcspkr_no_autoload.conf",
108 source => 'puppet:///modules/base_configuration/pcspkr_no_autoload.conf',
114 file { '/etc/systemd/system/getty@tty1.service.d/':
115 ensure => "directory",
116 path => "/etc/systemd/system/getty@tty1.service.d/",
122 file { '/etc/systemd/system/getty@tty1.service.d/noclear.conf':
124 path => "/etc/systemd/system/getty@tty1.service.d/noclear.conf",
125 source => 'puppet:///modules/base_configuration/getty_conf_override.conf',
132 file { '/etc/systemd/network/en-dhcp.network':
134 path => "/etc/systemd/network/en-dhcp.network",
135 source => 'puppet:///modules/base_configuration/en-dhcp.network',
141 file { '/etc/pacman.d/mirrorlist':
143 path => "/etc/pacman.d/mirrorlist",
144 source => 'puppet:///modules/base_configuration/mirrorlist',
155 pacman::repo { 'multilib':
157 include => '/etc/pacman.d/mirrorlist'
160 class { '::logrotate':
161 manage_cron_daily => false,
163 rotate_every => 'week',
167 olddir => '/var/log/old',
168 tabooext => "+ .pacorig .pacnew .pacsave",
172 logrotate::rule { 'wtmp':
173 path => '/var/log/wtmp',
174 rotate_every => 'month',
176 create_mode => '0664',
177 create_owner => 'root',
178 create_group => 'utmp',
182 logrotate::rule { 'btmp':
183 path => '/var/log/btmp',
185 rotate_every => 'month',
187 create_mode => '0600',
188 create_owner => 'root',
189 create_group => 'utmp',
193 ensure_packages(["whois"], { 'install_options' => '--asdeps' })
195 logtarget => 'SYSLOG',
198 fail2ban::jail { 'sshd':
199 backend => 'systemd',