Add base configuration

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2016-08-09 16:05:26 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2016-08-09 17:58:53 +0200
commit: f860f6d2b475fa611af2b6a66ee1c774757b77f4 (patch)
tree: 50f68b7e404f8f00fcde9975d61158f18770e704
parent: fa935f639002f0333cadb34efaa4129842bca084 (diff)
download: Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.tar.gz
Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.tar.zst
Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.zip
10 files changed, 72 insertions, 18 deletions
diff --git a/.gitmodules b/.gitmodules
index 6792f86..b4b4ba5 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -4,3 +4,18 @@
 [submodule "modules/reboot"]
        path = modules/reboot
        url = https://github.com/puppetlabs/puppetlabs-reboot.git
+[submodule "modules/systemd"]
+        path = modules/systemd
+        url = https://github.com/jkroepke/puppet-systemd.git
+[submodule "modules/inifile"]
+        path = modules/inifile
+        url = https://github.com/puppetlabs/puppetlabs-inifile.git
+[submodule "modules/sudo"]
+        path = modules/sudo
+        url = https://github.com/saz/puppet-sudo.git
+[submodule "modules/ssh"]
+        path = modules/ssh
+        url = https://github.com/saz/puppet-ssh.git
+[submodule "modules/puppetlabs_concat"]
+        path = modules/concat
+        url = https://github.com/puppetlabs/puppetlabs-concat.git
diff --git a/hiera.yaml b/hiera.yaml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/hiera.yaml
diff --git a/manifests/install_ovh.pp b/manifests/install_ovh.pp
index 48c3eff..41a9ad2 100644
--- a/manifests/install_ovh.pp
+++ b/manifests/install_ovh.pp
@@ -5,6 +5,9 @@ node default {
    class { 'base_packages': }
    class { 'locales': }
    class { 'cron_puppet': }
+    class { 'base_configuration':
+      hostname => 'new.immae.eu'
+    }
    reboot { 'after_run':
      apply => 'finished'
diff --git a/modules/base_configuration/manifests/init.pp b/modules/base_configuration/manifests/init.pp
new file mode 100644
index 0000000..4c6ca1e
--- /dev/null
+++ b/modules/base_configuration/manifests/init.pp
@@ -0,0 +1,52 @@
+class base_configuration (
+  $hostname = undef,
+  $username = "immae",
+  $userid   = 1000
+) {
+  unless empty($hostname) {
+    class { 'systemd::hostname':
+      hostname => $hostname
+    }
+  }
+  user { "${username}:${userid}":
+    name       => $username,
+    uid        => $userid,
+    ensure     => "present",
+    groups     => "wheel",
+    managehome => true,
+    notify     => Exec["remove_password"]
+  }
+  exec { "remove_password":
+    command     => "/usr/bin/chage -d 0 $username && /usr/bin/passwd -d $username",
+    refreshonly => true
+  }
+  ssh_authorized_key { $username:
+    name => "immae@immae.eu",
+    user => $username,
+    type => "ssh-rsa",
+    key  => "AAAAB3NzaC1yc2EAAAADAQABAAABAQDi5PgLBwMRyRwzJPnSgUyRAuB9AAxMijsw1pR/t/wmxQne1O5fIPOleHx+D8dyZbwm+XkzlcJpgT0Qy3qC9J8BPhshJvO/tA/8CI/oS/FE0uWsyACH1DMO2dk4gRRZGSE9IuzDMRPlnfZ3n0tdsPzzv3GH4It/oPIgsvkTowKztGLQ7Xmjr5BxzAhXcIQymqA0U3XWHSdWvnSRDaOFG0PDoVMS85IdwlviVKLnV5Sstb4NC/P28LFfgvW8DO/XrOqujgDomqTmR41dK/AyrGGOb2cQUMO4l8Oa+74aOyKaB61rr/rJkr+wCbEttkTvgFa6zZygSk3edfiWE2rgn4+v"
+  }
+  class { 'sudo':
+    config_file_replace => false
+  }
+  sudo::conf { 'wheel':
+    priority => 10,
+    content  => "%wheel ALL=(ALL) ALL"
+  }
+  class { 'ssh::server':
+     storeconfigs_enabled => false,
+     options => {
+        'AcceptEnv'                       => undef,
+        'X11Forwarding'                   => 'yes',
+        'PrintMotd'                       => 'no',
+        'ChallengeResponseAuthentication' => 'no',
+        'Subsystem'                       => 'sftp /usr/lib/openssh/sftp-server',
+     }
+  }
+}
diff --git a/modules/base_packages/manifests/init.pp b/modules/base_packages/manifests/init.pp
index a935d1b..269ca58 100644
--- a/modules/base_packages/manifests/init.pp
+++ b/modules/base_packages/manifests/init.pp
@@ -1,24 +1,8 @@
 class base_packages {
    # Preinstalled
-    package { 'base':
+    ensure_packages(['base', 'openssh', 'grub', 'sudo'])
-      ensure => 'latest',
-    }
-    package { 'openssh':
-      ensure => 'latest',
-    }
-    package { 'grub':
-      ensure => 'latest',
-    }
-    package { 'sudo':
-      ensure => 'latest',
-    }
    # Puppet dependencies
-    package { 'git':
+    ensure_packages(['git', 'puppet'])
-      ensure => 'latest',
-    }
-    package { 'puppet':
-      ensure => 'latest',
-    }
 }
diff --git a/modules/concat b/modules/concat
new file mode 160000
+Subproject bdf92329db427b7e202cf762091985ea6b64b3c
diff --git a/modules/inifile b/modules/inifile
new file mode 160000
+Subproject 3099468f61d0f0c7465c61279376a7e68cef035
diff --git a/modules/ssh b/modules/ssh
new file mode 160000
+Subproject d0c77c06b7d9e03c9c30f564605e07535ee8f5c
diff --git a/modules/sudo b/modules/sudo
new file mode 160000
+Subproject 6dad85360bf119368a2fe396da2e22c81e01f4d
diff --git a/modules/systemd b/modules/systemd
new file mode 160000
+Subproject b0a93b8c4fa18f1f2c477c5348e9bccd3bdebd6
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2016-08-09 16:05:26 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2016-08-09 17:58:53 +0200
commit	f860f6d2b475fa611af2b6a66ee1c774757b77f4 (patch)
tree	50f68b7e404f8f00fcde9975d61158f18770e704
parent	fa935f639002f0333cadb34efaa4129842bca084 (diff)
download	Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.tar.gz Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.tar.zst Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.zip

diff --git a/.gitmodules b/.gitmodules index 6792f86..b4b4ba5 100644 --- a/.gitmodules +++ b/.gitmodules
@@ -4,3 +4,18 @@
4	[submodule "modules/reboot"]	4	[submodule "modules/reboot"]
5	path = modules/reboot	5	path = modules/reboot
6	url = https://github.com/puppetlabs/puppetlabs-reboot.git	6	url = https://github.com/puppetlabs/puppetlabs-reboot.git
		7	[submodule "modules/systemd"]
		8	path = modules/systemd
		9	url = https://github.com/jkroepke/puppet-systemd.git
		10	[submodule "modules/inifile"]
		11	path = modules/inifile
		12	url = https://github.com/puppetlabs/puppetlabs-inifile.git
		13	[submodule "modules/sudo"]
		14	path = modules/sudo
		15	url = https://github.com/saz/puppet-sudo.git
		16	[submodule "modules/ssh"]
		17	path = modules/ssh
		18	url = https://github.com/saz/puppet-ssh.git
		19	[submodule "modules/puppetlabs_concat"]
		20	path = modules/concat
		21	url = https://github.com/puppetlabs/puppetlabs-concat.git


diff --git a/hiera.yaml b/hiera.yaml new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/hiera.yaml


diff --git a/manifests/install_ovh.pp b/manifests/install_ovh.pp index 48c3eff..41a9ad2 100644 --- a/manifests/install_ovh.pp +++ b/manifests/install_ovh.pp
@@ -5,6 +5,9 @@ node default {
5	class { 'base_packages': }	5	class { 'base_packages': }
6	class { 'locales': }	6	class { 'locales': }
7	class { 'cron_puppet': }	7	class { 'cron_puppet': }
		8	class { 'base_configuration':
		9	hostname => 'new.immae.eu'
		10	}
8		11
9	reboot { 'after_run':	12	reboot { 'after_run':
10	apply => 'finished'	13	apply => 'finished'


diff --git a/modules/base_configuration/manifests/init.pp b/modules/base_configuration/manifests/init.pp new file mode 100644 index 0000000..4c6ca1e --- /dev/null +++ b/modules/base_configuration/manifests/init.pp
@@ -0,0 +1,52 @@
		1	class base_configuration (
		2	$hostname = undef,
		3	$username = "immae",
		4	$userid = 1000
		5	) {
		6	unless empty($hostname) {
		7	class { 'systemd::hostname':
		8	hostname => $hostname
		9	}
		10	}
		11
		12	user { "${username}:${userid}":
		13	name => $username,
		14	uid => $userid,
		15	ensure => "present",
		16	groups => "wheel",
		17	managehome => true,
		18	notify => Exec["remove_password"]
		19	}
		20
		21	exec { "remove_password":
		22	command => "/usr/bin/chage -d 0 $username && /usr/bin/passwd -d $username",
		23	refreshonly => true
		24	}
		25
		26	ssh_authorized_key { $username:
		27	name => "immae@immae.eu",
		28	user => $username,
		29	type => "ssh-rsa",
		30	key => "AAAAB3NzaC1yc2EAAAADAQABAAABAQDi5PgLBwMRyRwzJPnSgUyRAuB9AAxMijsw1pR/t/wmxQne1O5fIPOleHx+D8dyZbwm+XkzlcJpgT0Qy3qC9J8BPhshJvO/tA/8CI/oS/FE0uWsyACH1DMO2dk4gRRZGSE9IuzDMRPlnfZ3n0tdsPzzv3GH4It/oPIgsvkTowKztGLQ7Xmjr5BxzAhXcIQymqA0U3XWHSdWvnSRDaOFG0PDoVMS85IdwlviVKLnV5Sstb4NC/P28LFfgvW8DO/XrOqujgDomqTmR41dK/AyrGGOb2cQUMO4l8Oa+74aOyKaB61rr/rJkr+wCbEttkTvgFa6zZygSk3edfiWE2rgn4+v"
		31	}
		32
		33	class { 'sudo':
		34	config_file_replace => false
		35	}
		36
		37	sudo::conf { 'wheel':
		38	priority => 10,
		39	content => "%wheel ALL=(ALL) ALL"
		40	}
		41
		42	class { 'ssh::server':
		43	storeconfigs_enabled => false,
		44	options => {
		45	'AcceptEnv' => undef,
		46	'X11Forwarding' => 'yes',
		47	'PrintMotd' => 'no',
		48	'ChallengeResponseAuthentication' => 'no',
		49	'Subsystem' => 'sftp /usr/lib/openssh/sftp-server',
		50	}
		51	}
		52	}


diff --git a/modules/base_packages/manifests/init.pp b/modules/base_packages/manifests/init.pp index a935d1b..269ca58 100644 --- a/modules/base_packages/manifests/init.pp +++ b/modules/base_packages/manifests/init.pp
@@ -1,24 +1,8 @@
1	class base_packages {	1	class base_packages {
2	# Preinstalled	2	# Preinstalled
3	package { 'base':	3	ensure_packages(['base', 'openssh', 'grub', 'sudo'])
4	ensure => 'latest',
5	}
6	package { 'openssh':
7	ensure => 'latest',
8	}
9	package { 'grub':
10	ensure => 'latest',
11	}
12	package { 'sudo':
13	ensure => 'latest',
14	}
15		4
16	# Puppet dependencies	5	# Puppet dependencies
17	package { 'git':	6	ensure_packages(['git', 'puppet'])
18	ensure => 'latest',
19	}
20	package { 'puppet':
21	ensure => 'latest',
22	}
23	}	7	}
24		8


diff --git a/modules/concat b/modules/concat new file mode 160000
			Subproject bdf92329db427b7e202cf762091985ea6b64b3c


diff --git a/modules/inifile b/modules/inifile new file mode 160000
			Subproject 3099468f61d0f0c7465c61279376a7e68cef035


diff --git a/modules/ssh b/modules/ssh new file mode 160000
			Subproject d0c77c06b7d9e03c9c30f564605e07535ee8f5c


diff --git a/modules/sudo b/modules/sudo new file mode 160000
			Subproject 6dad85360bf119368a2fe396da2e22c81e01f4d


diff --git a/modules/systemd b/modules/systemd new file mode 160000
			Subproject b0a93b8c4fa18f1f2c477c5348e9bccd3bdebd6