diff options
| author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-08-17 12:51:33 +0200 |
|---|---|---|
| committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-08-17 12:56:19 +0200 |
| commit | a7b985dd3cc4af68875733eb135335a31504f472 (patch) | |
| tree | e680ed9cfa68d7ad720eda1093df919c6d4e2f7b | |
| parent | 7dc85dc776e158e26202362f11a72d7491ef07c8 (diff) | |
| download | Puppet-a7b985dd3cc4af68875733eb135335a31504f472.tar.gz Puppet-a7b985dd3cc4af68875733eb135335a31504f472.tar.zst Puppet-a7b985dd3cc4af68875733eb135335a31504f472.zip | |
Add cat_files report to notify of important changes
| -rw-r--r-- | environments/global/common.yaml | 3 | ||||
| -rw-r--r-- | modules/base_installation/lib/puppet/reports/cat_files.rb | 17 | ||||
| -rw-r--r-- | modules/base_installation/manifests/init.pp | 33 | ||||
| -rw-r--r-- | modules/base_installation/manifests/params.pp | 33 | ||||
| -rw-r--r-- | modules/base_installation/manifests/puppet.pp | 28 | ||||
| -rw-r--r-- | modules/base_installation/templates/puppet/puppet.conf.erb | 2 |
6 files changed, 69 insertions, 47 deletions
diff --git a/environments/global/common.yaml b/environments/global/common.yaml index 3cc75fa..97bf196 100644 --- a/environments/global/common.yaml +++ b/environments/global/common.yaml | |||
| @@ -21,8 +21,8 @@ base_installation::ldap_dn: "cn=%{facts.ec2_metadata.hostname},ou=hosts,dc=immae | |||
| 21 | base_installation::ldap_cn: "%{facts.ec2_metadata.hostname}" | 21 | base_installation::ldap_cn: "%{facts.ec2_metadata.hostname}" |
| 22 | base_installation::ldap_server: "ldap.immae.eu" | 22 | base_installation::ldap_server: "ldap.immae.eu" |
| 23 | base_installation::ldap_uri: "ldaps://ldap.immae.eu" | 23 | base_installation::ldap_uri: "ldaps://ldap.immae.eu" |
| 24 | # FIXME: get all mounts without needing that hack? | ||
| 25 | base_installation::puppet_conf_path: "/etc/puppetlabs/puppet" | 24 | base_installation::puppet_conf_path: "/etc/puppetlabs/puppet" |
| 25 | base_installation::puppet_notifies_path: "/etc/puppetlabs/notifies" | ||
| 26 | base_installation::puppet_code_path: "/etc/puppetlabs/code" | 26 | base_installation::puppet_code_path: "/etc/puppetlabs/code" |
| 27 | base_installation::puppet_pass_seed: "/etc/puppetlabs/puppet/password_seed" | 27 | base_installation::puppet_pass_seed: "/etc/puppetlabs/puppet/password_seed" |
| 28 | base_installation::puppet_ssl_path: "/etc/puppetlabs/ssl" | 28 | base_installation::puppet_ssl_path: "/etc/puppetlabs/ssl" |
| @@ -30,6 +30,7 @@ base_installation::system_locales: ["fr_FR.UTF-8", "en_US.UTF-8"] | |||
| 30 | base_installation::system_timezone: "Europe/Paris" | 30 | base_installation::system_timezone: "Europe/Paris" |
| 31 | base_installation::system_users: [] # Fetched via ldap | 31 | base_installation::system_users: [] # Fetched via ldap |
| 32 | base_installation::notify_xmpp: {} | 32 | base_installation::notify_xmpp: {} |
| 33 | # FIXME: get all mounts without needing that hack? | ||
| 33 | profile::fstab::mounts: | 34 | profile::fstab::mounts: |
| 34 | - "%{facts.ldapvar.self.vars.mounts.0}" | 35 | - "%{facts.ldapvar.self.vars.mounts.0}" |
| 35 | - "%{facts.ldapvar.self.vars.mounts.1}" | 36 | - "%{facts.ldapvar.self.vars.mounts.1}" |
diff --git a/modules/base_installation/lib/puppet/reports/cat_files.rb b/modules/base_installation/lib/puppet/reports/cat_files.rb new file mode 100644 index 0000000..9d9c068 --- /dev/null +++ b/modules/base_installation/lib/puppet/reports/cat_files.rb | |||
| @@ -0,0 +1,17 @@ | |||
| 1 | require 'puppet' | ||
| 2 | |||
| 3 | Puppet::Reports.register_report(:cat_files) do | ||
| 4 | FOLLOWED_RESOURCES = [ | ||
| 5 | "File[/etc/puppetlabs/notifies/host_ldap.info]", | ||
| 6 | ] | ||
| 7 | |||
| 8 | def process | ||
| 9 | self.resource_statuses.each do |name, status| | ||
| 10 | if FOLLOWED_RESOURCES.include?(status.resource) && status.events.any? { |e| e.status == "success" } | ||
| 11 | puts File.open(status.title, "r").read() | ||
| 12 | end | ||
| 13 | end | ||
| 14 | end | ||
| 15 | |||
| 16 | end | ||
| 17 | |||
diff --git a/modules/base_installation/manifests/init.pp b/modules/base_installation/manifests/init.pp index d8abcaf..a1b5ca8 100644 --- a/modules/base_installation/manifests/init.pp +++ b/modules/base_installation/manifests/init.pp | |||
| @@ -1,20 +1,21 @@ | |||
| 1 | class base_installation ( | 1 | class base_installation ( |
| 2 | Optional[String] $grub_device = $base_installation::params::grub_device, | 2 | Optional[String] $grub_device = $base_installation::params::grub_device, |
| 3 | Optional[String] $ldap_base = $base_installation::params::ldap_base, | 3 | Optional[String] $ldap_base = $base_installation::params::ldap_base, |
| 4 | Optional[String] $ldap_cert_path = $base_installation::params::ldap_cert_path, | 4 | Optional[String] $ldap_cert_path = $base_installation::params::ldap_cert_path, |
| 5 | Optional[String] $ldap_cn = $base_installation::params::ldap_cn, | 5 | Optional[String] $ldap_cn = $base_installation::params::ldap_cn, |
| 6 | Optional[String] $ldap_dn = $base_installation::params::ldap_dn, | 6 | Optional[String] $ldap_dn = $base_installation::params::ldap_dn, |
| 7 | Optional[String] $ldap_server = $base_installation::params::ldap_server, | 7 | Optional[String] $ldap_server = $base_installation::params::ldap_server, |
| 8 | Optional[String] $ldap_uri = $base_installation::params::ldap_uri, | 8 | Optional[String] $ldap_uri = $base_installation::params::ldap_uri, |
| 9 | Optional[String] $puppet_code_path = $base_installation::params::puppet_code_path, | 9 | Optional[String] $puppet_code_path = $base_installation::params::puppet_code_path, |
| 10 | Optional[String] $puppet_conf_path = $base_installation::params::puppet_conf_path, | 10 | Optional[String] $puppet_conf_path = $base_installation::params::puppet_conf_path, |
| 11 | Optional[String] $puppet_pass_seed = $base_installation::params::puppet_pass_seed, | 11 | Optional[String] $puppet_notifies_path = $base_installation::params::puppet_notifies_path, |
| 12 | Optional[String] $puppet_ssl_path = $base_installation::params::puppet_ssl_path, | 12 | Optional[String] $puppet_pass_seed = $base_installation::params::puppet_pass_seed, |
| 13 | Optional[String] $real_hostname = $base_installation::params::real_hostname, | 13 | Optional[String] $puppet_ssl_path = $base_installation::params::puppet_ssl_path, |
| 14 | Optional[String] $system_hostname = $base_installation::params::system_hostname, | 14 | Optional[String] $real_hostname = $base_installation::params::real_hostname, |
| 15 | Optional[Array[String]] $system_locales = $base_installation::params::system_locales, | 15 | Optional[String] $system_hostname = $base_installation::params::system_hostname, |
| 16 | Optional[String] $system_timezone = $base_installation::params::system_timezone, | 16 | Optional[Array[String]] $system_locales = $base_installation::params::system_locales, |
| 17 | Optional[Array[Hash]] $system_users = $base_installation::params::system_users, | 17 | Optional[String] $system_timezone = $base_installation::params::system_timezone, |
| 18 | Optional[Array[Hash]] $system_users = $base_installation::params::system_users, | ||
| 18 | ) inherits base_installation::params { | 19 | ) inherits base_installation::params { |
| 19 | contain ::base_installation::packages | 20 | contain ::base_installation::packages |
| 20 | contain ::base_installation::locales | 21 | contain ::base_installation::locales |
diff --git a/modules/base_installation/manifests/params.pp b/modules/base_installation/manifests/params.pp index 5ade838..f336b65 100644 --- a/modules/base_installation/manifests/params.pp +++ b/modules/base_installation/manifests/params.pp | |||
| @@ -1,20 +1,21 @@ | |||
| 1 | class base_installation::params { | 1 | class base_installation::params { |
| 2 | $puppet_code_path = "/etc/puppetlabs/code" | 2 | $puppet_code_path = "/etc/puppetlabs/code" |
| 3 | $puppet_conf_path = "/etc/puppetlabs/puppet" | 3 | $puppet_conf_path = "/etc/puppetlabs/puppet" |
| 4 | $puppet_pass_seed = "/etc/puppetlabs/puppet/password_seed" | 4 | $puppet_notifies_path = "/etc/puppetlabs/notifies" |
| 5 | $puppet_ssl_path = "/etc/puppetlabs/ssl" | 5 | $puppet_pass_seed = "/etc/puppetlabs/puppet/password_seed" |
| 6 | $grub_device = "/dev/sda" | 6 | $puppet_ssl_path = "/etc/puppetlabs/ssl" |
| 7 | $ldap_base = "dc=example,dc=com" | 7 | $grub_device = "/dev/sda" |
| 8 | $ldap_cn = "node" | 8 | $ldap_base = "dc=example,dc=com" |
| 9 | $ldap_dn = "cn=node,ou=hosts,dc=example,dc=com" | 9 | $ldap_cn = "node" |
| 10 | $ldap_cert_path = "/etc/ssl/certs/ca-certificates.crt" | 10 | $ldap_dn = "cn=node,ou=hosts,dc=example,dc=com" |
| 11 | $ldap_uri = "ldaps://ldap.example.com" | 11 | $ldap_cert_path = "/etc/ssl/certs/ca-certificates.crt" |
| 12 | $ldap_server = "ldap.example.com" | 12 | $ldap_uri = "ldaps://ldap.example.com" |
| 13 | $real_hostname = "example.com" | 13 | $ldap_server = "ldap.example.com" |
| 14 | $system_hostname = "example.com" | 14 | $real_hostname = "example.com" |
| 15 | $system_locales = ["en_US.UTF-8"] | 15 | $system_hostname = "example.com" |
| 16 | $system_timezone = "UTC" | 16 | $system_locales = ["en_US.UTF-8"] |
| 17 | $system_users = [ | 17 | $system_timezone = "UTC" |
| 18 | $system_users = [ | ||
| 18 | { | 19 | { |
| 19 | userid => 1000, | 20 | userid => 1000, |
| 20 | username => "example", | 21 | username => "example", |
diff --git a/modules/base_installation/manifests/puppet.pp b/modules/base_installation/manifests/puppet.pp index 10b3773..603a961 100644 --- a/modules/base_installation/manifests/puppet.pp +++ b/modules/base_installation/manifests/puppet.pp | |||
| @@ -103,45 +103,47 @@ class base_installation::puppet ( | |||
| 103 | } | 103 | } |
| 104 | } | 104 | } |
| 105 | 105 | ||
| 106 | if file("$base_installation::puppet_conf_path/host_ldap.info", "/dev/null") != "" and | 106 | if file("$base_installation::puppet_notifies_path/host_ldap.info", "/dev/null") != "" and |
| 107 | empty($facts["ldapvar"]) { | 107 | empty($facts["ldapvar"]) { |
| 108 | fail("LDAP was activated but facts are not available") | 108 | fail("LDAP was activated but facts are not available") |
| 109 | } | 109 | } |
| 110 | 110 | ||
| 111 | file { $base_installation::puppet_notifies_path: | ||
| 112 | ensure => directory, | ||
| 113 | require => [Package["puppet"], Package["gem:xmpp4r"], Package["gem:ruby-ldap"]], | ||
| 114 | recurse => true, | ||
| 115 | purge => true, | ||
| 116 | force => true, | ||
| 117 | } | ||
| 118 | |||
| 111 | $ips = lookup("ips", { 'default_value' => undef }) | 119 | $ips = lookup("ips", { 'default_value' => undef }) |
| 112 | concat { "$base_installation::puppet_conf_path/host_ldap.info": | 120 | concat { "$base_installation::puppet_notifies_path/host_ldap.info": |
| 113 | ensure => "present", | 121 | ensure => "present", |
| 114 | mode => "0600", | 122 | mode => "0600", |
| 115 | require => File[$base_installation::puppet_conf_path], | 123 | require => File[$base_installation::puppet_notifies_path], |
| 116 | notify => Notify_refresh["notify-ldap-password"], | ||
| 117 | ensure_newline => true, | 124 | ensure_newline => true, |
| 118 | } | 125 | } |
| 119 | 126 | ||
| 120 | concat::fragment { "host_ldap add top": | 127 | concat::fragment { "host_ldap add top": |
| 121 | target => "$base_installation::puppet_conf_path/host_ldap.info", | 128 | target => "$base_installation::puppet_notifies_path/host_ldap.info", |
| 122 | content => template("base_installation/puppet/host_ldap_add_top.info.erb"), | 129 | content => template("base_installation/puppet/host_ldap_add_top.info.erb"), |
| 123 | order => "00-01", | 130 | order => "00-01", |
| 124 | } | 131 | } |
| 125 | concat::fragment { "host_ldap add bottom": | 132 | concat::fragment { "host_ldap add bottom": |
| 126 | target => "$base_installation::puppet_conf_path/host_ldap.info", | 133 | target => "$base_installation::puppet_notifies_path/host_ldap.info", |
| 127 | content => "EOF", | 134 | content => "EOF", |
| 128 | order => "00-99", | 135 | order => "00-99", |
| 129 | } | 136 | } |
| 130 | 137 | ||
| 131 | concat::fragment { "host_ldap mod top": | 138 | concat::fragment { "host_ldap mod top": |
| 132 | target => "$base_installation::puppet_conf_path/host_ldap.info", | 139 | target => "$base_installation::puppet_notifies_path/host_ldap.info", |
| 133 | content => template("base_installation/puppet/host_ldap_mod_top.info.erb"), | 140 | content => template("base_installation/puppet/host_ldap_mod_top.info.erb"), |
| 134 | order => "01-01", | 141 | order => "01-01", |
| 135 | } | 142 | } |
| 136 | concat::fragment { "host_ldap mod bottom": | 143 | concat::fragment { "host_ldap mod bottom": |
| 137 | target => "$base_installation::puppet_conf_path/host_ldap.info", | 144 | target => "$base_installation::puppet_notifies_path/host_ldap.info", |
| 138 | content => "EOF", | 145 | content => "EOF", |
| 139 | order => "01-99", | 146 | order => "01-99", |
| 140 | } | 147 | } |
| 141 | |||
| 142 | notify_refresh { "notify-ldap-password": | ||
| 143 | message => template("base_installation/puppet/host_ldap.info.erb"), | ||
| 144 | refreshonly => true | ||
| 145 | } | ||
| 146 | } | 148 | } |
| 147 | } | 149 | } |
diff --git a/modules/base_installation/templates/puppet/puppet.conf.erb b/modules/base_installation/templates/puppet/puppet.conf.erb index da39468..38a0c1b 100644 --- a/modules/base_installation/templates/puppet/puppet.conf.erb +++ b/modules/base_installation/templates/puppet/puppet.conf.erb | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | [main] | 1 | [main] |
| 2 | <% | 2 | <% |
| 3 | reports = ["store"] | 3 | reports = ["store", "cat_files"] |
| 4 | if @xmpp.count > 0 | 4 | if @xmpp.count > 0 |
| 5 | reports << "xmpp" | 5 | reports << "xmpp" |
| 6 | end | 6 | end |