diff options
| author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-03-13 11:17:34 +0100 |
|---|---|---|
| committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-03-13 11:17:34 +0100 |
| commit | 96d61e22a20255c2b437eb3a3b81f9b44a1814de (patch) | |
| tree | 2fd1df3a6c0c34b87499b2606e0cd45faf5e6861 | |
| parent | 70c37c94e226a708fd0407a4b3742c83972967a7 (diff) | |
| parent | a869ea173f9a1e45f63336ad9d640bf94e5039e3 (diff) | |
| download | Puppet-96d61e22a20255c2b437eb3a3b81f9b44a1814de.tar.gz Puppet-96d61e22a20255c2b437eb3a3b81f9b44a1814de.tar.zst Puppet-96d61e22a20255c2b437eb3a3b81f9b44a1814de.zip | |
Merge branch 'fstabs' into dev
Add fstab, and reorganize hiera environments to avoid duplicates
14 files changed, 71 insertions, 79 deletions
diff --git a/environments/integration/data/common.yaml b/environments/global/common.yaml index 78cce6b..5b21dca 100644 --- a/environments/integration/data/common.yaml +++ b/environments/global/common.yaml | |||
| @@ -1,4 +1,12 @@ | |||
| 1 | --- | 1 | --- |
| 2 | lookup_options: | ||
| 3 | base_installation::mounts: | ||
| 4 | merge: unique | ||
| 5 | classes: | ||
| 6 | merge: deep | ||
| 7 | base_installation::system_users: | ||
| 8 | merge: unique | ||
| 9 | |||
| 2 | classes: | 10 | classes: |
| 3 | stdlib: ~ | 11 | stdlib: ~ |
| 4 | 12 | ||
| @@ -7,6 +15,10 @@ base_installation::ldap_dn: "cn=%{facts.ec2_metadata.hostname},ou=hosts,dc=immae | |||
| 7 | base_installation::ldap_cn: "%{facts.ec2_metadata.hostname}" | 15 | base_installation::ldap_cn: "%{facts.ec2_metadata.hostname}" |
| 8 | base_installation::ldap_server: "ldap.immae.eu" | 16 | base_installation::ldap_server: "ldap.immae.eu" |
| 9 | base_installation::ldap_uri: "ldaps://ldap.immae.eu" | 17 | base_installation::ldap_uri: "ldaps://ldap.immae.eu" |
| 18 | # FIXME: get all mounts without needing that hack? | ||
| 19 | base_installation::mounts: | ||
| 20 | - "%{facts.ldapvar.self.vars.mounts.0}" | ||
| 21 | - "%{facts.ldapvar.self.vars.mounts.1}" | ||
| 10 | base_installation::puppet_conf_path: "/etc/puppetlabs/puppet" | 22 | base_installation::puppet_conf_path: "/etc/puppetlabs/puppet" |
| 11 | base_installation::puppet_code_path: "/etc/puppetlabs/code" | 23 | base_installation::puppet_code_path: "/etc/puppetlabs/code" |
| 12 | base_installation::puppet_pass_seed: "/etc/puppetlabs/puppet/password_seed" | 24 | base_installation::puppet_pass_seed: "/etc/puppetlabs/puppet/password_seed" |
diff --git a/environments/global/roles/cryptoportfolio.yaml b/environments/global/roles/cryptoportfolio.yaml new file mode 100644 index 0000000..3d36e71 --- /dev/null +++ b/environments/global/roles/cryptoportfolio.yaml | |||
| @@ -0,0 +1,4 @@ | |||
| 1 | --- | ||
| 2 | classes: | ||
| 3 | role::cryptoportfolio: ~ | ||
| 4 | cryptoportfolio::slack_webhook: "%{ldapvar.self.vars.cf_slack_webhook.0}" | ||
diff --git a/environments/production/data/types/s1-2.yaml b/environments/global/types/s1-2.yaml index 496b741..496b741 100644 --- a/environments/production/data/types/s1-2.yaml +++ b/environments/global/types/s1-2.yaml | |||
diff --git a/environments/integration/data/types/vps-ovhssd-1.yaml b/environments/global/types/vps-ovhssd-1.yaml index 73f7a45..73f7a45 100644 --- a/environments/integration/data/types/vps-ovhssd-1.yaml +++ b/environments/global/types/vps-ovhssd-1.yaml | |||
diff --git a/environments/hiera.yaml b/environments/hiera.yaml new file mode 100644 index 0000000..5a9a6d6 --- /dev/null +++ b/environments/hiera.yaml | |||
| @@ -0,0 +1,32 @@ | |||
| 1 | --- | ||
| 2 | version: 5 | ||
| 3 | |||
| 4 | defaults: | ||
| 5 | datadir: . | ||
| 6 | data_hash: yaml_data | ||
| 7 | |||
| 8 | hierarchy: | ||
| 9 | - name: "Initialization variables" | ||
| 10 | path: "/root/puppet_variables.json" | ||
| 11 | |||
| 12 | - name: "Per-role environment data" | ||
| 13 | mapped_paths: [ldapvar.self.vars.roles, role, "roles/%{role}.yaml"] | ||
| 14 | |||
| 15 | - name: "Per-role global data" | ||
| 16 | mapped_paths: [ldapvar.self.vars.roles, role, "roles/%{role}.yaml"] | ||
| 17 | datadir: ../global | ||
| 18 | |||
| 19 | - name: "Per-type environment data" | ||
| 20 | path: "types/%{facts.ec2_metadata.instance-type}.yaml" | ||
| 21 | |||
| 22 | - name: "Per-type global data" | ||
| 23 | path: "types/%{facts.ec2_metadata.instance-type}.yaml" | ||
| 24 | datadir: ../global | ||
| 25 | |||
| 26 | - name: "Common environment data" | ||
| 27 | path: "common.yaml" | ||
| 28 | |||
| 29 | - name: "Common global data" | ||
| 30 | path: "common.yaml" | ||
| 31 | datadir: ../global | ||
| 32 | |||
diff --git a/environments/integration/hiera.yaml b/environments/integration/hiera.yaml index a63fc92..91d9bbf 100644..120000 --- a/environments/integration/hiera.yaml +++ b/environments/integration/hiera.yaml | |||
| @@ -1,19 +1 @@ | |||
| 1 | --- | ../hiera.yaml \ No newline at end of file | |
| 2 | version: 5 | ||
| 3 | |||
| 4 | defaults: | ||
| 5 | datadir: data | ||
| 6 | data_hash: yaml_data | ||
| 7 | |||
| 8 | hierarchy: | ||
| 9 | - name: "Initialization variables" | ||
| 10 | path: "/root/puppet_variables.json" | ||
| 11 | |||
| 12 | - name: "Per-role data" | ||
| 13 | mapped_paths: [ldapvar.self.vars.roles, role, "roles/%{role}.yaml"] | ||
| 14 | |||
| 15 | - name: "Per-type data" | ||
| 16 | path: "types/%{facts.ec2_metadata.instance-type}.yaml" | ||
| 17 | |||
| 18 | - name: "Common data" | ||
| 19 | path: "common.yaml" | ||
diff --git a/environments/integration/data/roles/cryptoportfolio.yaml b/environments/integration/roles/cryptoportfolio.yaml index 4630738..9825bce 100644 --- a/environments/integration/data/roles/cryptoportfolio.yaml +++ b/environments/integration/roles/cryptoportfolio.yaml | |||
| @@ -1,8 +1,5 @@ | |||
| 1 | --- | 1 | --- |
| 2 | classes: | ||
| 3 | role::cryptoportfolio: ~ | ||
| 4 | cryptoportfolio::front_version: v0.0.2-3-g6200f9a | 2 | cryptoportfolio::front_version: v0.0.2-3-g6200f9a |
| 5 | cryptoportfolio::front_sha256: 69d31251ecd4fcea46d93dfee0184b1171019a765b6744b84f6eec6b10e5818f | 3 | cryptoportfolio::front_sha256: 69d31251ecd4fcea46d93dfee0184b1171019a765b6744b84f6eec6b10e5818f |
| 6 | cryptoportfolio::bot_version: v0.5-8-g34eb08f | 4 | cryptoportfolio::bot_version: v0.5-8-g34eb08f |
| 7 | cryptoportfolio::bot_sha256: f5b99c4a1cc4db0228f757705a5a909aa301e42787bc5842f8ba442fec0d3fd1 | 5 | cryptoportfolio::bot_sha256: f5b99c4a1cc4db0228f757705a5a909aa301e42787bc5842f8ba442fec0d3fd1 |
| 8 | cryptoportfolio::slack_webhook: "%{ldapvar.self.vars.cf_slack_webhook.0}" | ||
diff --git a/environments/production/data/common.yaml b/environments/production/data/common.yaml deleted file mode 100644 index 78cce6b..0000000 --- a/environments/production/data/common.yaml +++ /dev/null | |||
| @@ -1,25 +0,0 @@ | |||
| 1 | --- | ||
| 2 | classes: | ||
| 3 | stdlib: ~ | ||
| 4 | |||
| 5 | base_installation::ldap_base: "dc=immae,dc=eu" | ||
| 6 | base_installation::ldap_dn: "cn=%{facts.ec2_metadata.hostname},ou=hosts,dc=immae,dc=eu" | ||
| 7 | base_installation::ldap_cn: "%{facts.ec2_metadata.hostname}" | ||
| 8 | base_installation::ldap_server: "ldap.immae.eu" | ||
| 9 | base_installation::ldap_uri: "ldaps://ldap.immae.eu" | ||
| 10 | base_installation::puppet_conf_path: "/etc/puppetlabs/puppet" | ||
| 11 | base_installation::puppet_code_path: "/etc/puppetlabs/code" | ||
| 12 | base_installation::puppet_pass_seed: "/etc/puppetlabs/puppet/password_seed" | ||
| 13 | base_installation::puppet_ssl_path: "/etc/puppetlabs/ssl" | ||
| 14 | base_installation::system_locales: ["fr_FR.UTF-8", "en_US.UTF-8"] | ||
| 15 | base_installation::system_timezone: "Europe/Paris" | ||
| 16 | base_installation::system_users: | ||
| 17 | - userid: 1000 | ||
| 18 | username: "immae" | ||
| 19 | groups: ["wheel"] | ||
| 20 | keys: | ||
| 21 | - host: "immae.eu" | ||
| 22 | key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDi5PgLBwMRyRwzJPnSgUyRAuB9AAxMijsw1pR/t/wmxQne1O5fIPOleHx+D8dyZbwm+XkzlcJpgT0Qy3qC9J8BPhshJvO/tA/8CI/oS/FE0uWsyACH1DMO2dk4gRRZGSE9IuzDMRPlnfZ3n0tdsPzzv3GH4It/oPIgsvkTowKztGLQ7Xmjr5BxzAhXcIQymqA0U3XWHSdWvnSRDaOFG0PDoVMS85IdwlviVKLnV5Sstb4NC/P28LFfgvW8DO/XrOqujgDomqTmR41dK/AyrGGOb2cQUMO4l8Oa+74aOyKaB61rr/rJkr+wCbEttkTvgFa6zZygSk3edfiWE2rgn4+v" | ||
| 23 | key_type: "ssh-rsa" | ||
| 24 | xmr_stak::mining_pool: "pool.minexmr.com:7777" | ||
| 25 | xmr_stak::wallet: "44CA8TxTFYbQqN2kLyk8AnB6Ghz4mcbGpYC2EyXW7A8H9QspvWnTjDn39XUZDPrFwPa5JNwt4TmAxcooPWv4SaJqL87Bcdo" | ||
diff --git a/environments/production/data/types/vps-ovhssd-1.yaml b/environments/production/data/types/vps-ovhssd-1.yaml deleted file mode 100644 index 73f7a45..0000000 --- a/environments/production/data/types/vps-ovhssd-1.yaml +++ /dev/null | |||
| @@ -1,10 +0,0 @@ | |||
| 1 | --- | ||
| 2 | classes: | ||
| 3 | base_installation: | ||
| 4 | stage: "setup" | ||
| 5 | |||
| 6 | base_installation::system_hostname: "%{ldapvar.self.vars.host.0}" | ||
| 7 | base_installation::real_hostname: "%{facts.ec2_metadata.hostname}.ovh.net" | ||
| 8 | base_installation::grub_device: "/dev/sdb" | ||
| 9 | base_installation::ldap_cert_path: "/etc/ssl/certs/ca-certificates.crt" | ||
| 10 | ssl::try_letsencrypt_for_real_hostname: false | ||
diff --git a/environments/production/hiera.yaml b/environments/production/hiera.yaml index a63fc92..91d9bbf 100644..120000 --- a/environments/production/hiera.yaml +++ b/environments/production/hiera.yaml | |||
| @@ -1,19 +1 @@ | |||
| 1 | --- | ../hiera.yaml \ No newline at end of file | |
| 2 | version: 5 | ||
| 3 | |||
| 4 | defaults: | ||
| 5 | datadir: data | ||
| 6 | data_hash: yaml_data | ||
| 7 | |||
| 8 | hierarchy: | ||
| 9 | - name: "Initialization variables" | ||
| 10 | path: "/root/puppet_variables.json" | ||
| 11 | |||
| 12 | - name: "Per-role data" | ||
| 13 | mapped_paths: [ldapvar.self.vars.roles, role, "roles/%{role}.yaml"] | ||
| 14 | |||
| 15 | - name: "Per-type data" | ||
| 16 | path: "types/%{facts.ec2_metadata.instance-type}.yaml" | ||
| 17 | |||
| 18 | - name: "Common data" | ||
| 19 | path: "common.yaml" | ||
diff --git a/environments/production/data/roles/cryptoportfolio.yaml b/environments/production/roles/cryptoportfolio.yaml index 014df5a..c9328e1 100644 --- a/environments/production/data/roles/cryptoportfolio.yaml +++ b/environments/production/roles/cryptoportfolio.yaml | |||
| @@ -1,8 +1,5 @@ | |||
| 1 | --- | 1 | --- |
| 2 | classes: | ||
| 3 | role::cryptoportfolio: ~ | ||
| 4 | cryptoportfolio::front_version: v0.0.2-3-g6200f9a | 2 | cryptoportfolio::front_version: v0.0.2-3-g6200f9a |
| 5 | cryptoportfolio::front_sha256: 69d31251ecd4fcea46d93dfee0184b1171019a765b6744b84f6eec6b10e5818f | 3 | cryptoportfolio::front_sha256: 69d31251ecd4fcea46d93dfee0184b1171019a765b6744b84f6eec6b10e5818f |
| 6 | cryptoportfolio::bot_version: v0.5.1 | 4 | cryptoportfolio::bot_version: v0.5.1 |
| 7 | cryptoportfolio::bot_sha256: 733789711365b2397bd996689af616a6789207d26c71a31ad1af68620b267d54 | 5 | cryptoportfolio::bot_sha256: 733789711365b2397bd996689af616a6789207d26c71a31ad1af68620b267d54 |
| 8 | cryptoportfolio::slack_webhook: "%{ldapvar.self.vars.cf_slack_webhook.0}" | ||
diff --git a/modules/base_installation/manifests/fstab.pp b/modules/base_installation/manifests/fstab.pp new file mode 100644 index 0000000..f012e76 --- /dev/null +++ b/modules/base_installation/manifests/fstab.pp | |||
| @@ -0,0 +1,18 @@ | |||
| 1 | class base_installation::fstab ( | ||
| 2 | $mounts = $base_installation::mounts | ||
| 3 | ) inherits base_installation { | ||
| 4 | $mounts.each |$mount| { | ||
| 5 | unless empty($mount) { | ||
| 6 | $infos = split($mount, ';') | ||
| 7 | |||
| 8 | file { $infos[0]: | ||
| 9 | ensure => directory, | ||
| 10 | } -> | ||
| 11 | mount { $infos[0]: | ||
| 12 | ensure => mounted, | ||
| 13 | device => "UUID=${infos[1]}", | ||
| 14 | fstype => $infos[2] | ||
| 15 | } | ||
| 16 | } | ||
| 17 | } | ||
| 18 | } | ||
diff --git a/modules/base_installation/manifests/init.pp b/modules/base_installation/manifests/init.pp index 998f8ff..cb1cdda 100644 --- a/modules/base_installation/manifests/init.pp +++ b/modules/base_installation/manifests/init.pp | |||
| @@ -6,6 +6,7 @@ class base_installation ( | |||
| 6 | Optional[String] $ldap_dn = $base_installation::params::ldap_dn, | 6 | Optional[String] $ldap_dn = $base_installation::params::ldap_dn, |
| 7 | Optional[String] $ldap_server = $base_installation::params::ldap_server, | 7 | Optional[String] $ldap_server = $base_installation::params::ldap_server, |
| 8 | Optional[String] $ldap_uri = $base_installation::params::ldap_uri, | 8 | Optional[String] $ldap_uri = $base_installation::params::ldap_uri, |
| 9 | Optional[Array[String]] $mounts = $base_installation::params::mounts, | ||
| 9 | Optional[String] $puppet_code_path = $base_installation::params::puppet_code_path, | 10 | Optional[String] $puppet_code_path = $base_installation::params::puppet_code_path, |
| 10 | Optional[String] $puppet_conf_path = $base_installation::params::puppet_conf_path, | 11 | Optional[String] $puppet_conf_path = $base_installation::params::puppet_conf_path, |
| 11 | Optional[String] $puppet_pass_seed = $base_installation::params::puppet_pass_seed, | 12 | Optional[String] $puppet_pass_seed = $base_installation::params::puppet_pass_seed, |
| @@ -30,4 +31,5 @@ class base_installation ( | |||
| 30 | contain ::base_installation::users | 31 | contain ::base_installation::users |
| 31 | contain ::base_installation::package_managers | 32 | contain ::base_installation::package_managers |
| 32 | contain ::base_installation::puppet | 33 | contain ::base_installation::puppet |
| 34 | contain ::base_installation::fstab | ||
| 33 | } | 35 | } |
diff --git a/modules/base_installation/manifests/params.pp b/modules/base_installation/manifests/params.pp index 5ade838..2a9fe6a 100644 --- a/modules/base_installation/manifests/params.pp +++ b/modules/base_installation/manifests/params.pp | |||
| @@ -10,6 +10,7 @@ class base_installation::params { | |||
| 10 | $ldap_cert_path = "/etc/ssl/certs/ca-certificates.crt" | 10 | $ldap_cert_path = "/etc/ssl/certs/ca-certificates.crt" |
| 11 | $ldap_uri = "ldaps://ldap.example.com" | 11 | $ldap_uri = "ldaps://ldap.example.com" |
| 12 | $ldap_server = "ldap.example.com" | 12 | $ldap_server = "ldap.example.com" |
| 13 | $mounts = [] | ||
| 13 | $real_hostname = "example.com" | 14 | $real_hostname = "example.com" |
| 14 | $system_hostname = "example.com" | 15 | $system_hostname = "example.com" |
| 15 | $system_locales = ["en_US.UTF-8"] | 16 | $system_locales = ["en_US.UTF-8"] |