aboutsummaryrefslogtreecommitdiff
path: root/modules/base_installation
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2018-03-03 22:24:19 +0100
committerIsmaël Bouya <ismael.bouya@normalesup.org>2018-03-04 12:32:55 +0100
commit85abd2fdbad83430df4824843764719064afb9b4 (patch)
tree767792a5691b3b253508a87362cde079a4a6f8fb /modules/base_installation
parenta77b768abb31be9e19563e130d763f163496477d (diff)
downloadPuppet-85abd2fdbad83430df4824843764719064afb9b4.tar.gz
Puppet-85abd2fdbad83430df4824843764719064afb9b4.tar.zst
Puppet-85abd2fdbad83430df4824843764719064afb9b4.zip
Fetch node informations from LDAP
environment, hostname
Diffstat (limited to 'modules/base_installation')
-rw-r--r--modules/base_installation/manifests/init.pp1
-rw-r--r--modules/base_installation/manifests/params.pp1
-rw-r--r--modules/base_installation/manifests/system_config.pp34
-rw-r--r--modules/base_installation/templates/puppet/host_ldap.info.erb4
-rw-r--r--modules/base_installation/templates/puppet/puppet.conf.erb4
5 files changed, 27 insertions, 17 deletions
diff --git a/modules/base_installation/manifests/init.pp b/modules/base_installation/manifests/init.pp
index f9fdcd4..998f8ff 100644
--- a/modules/base_installation/manifests/init.pp
+++ b/modules/base_installation/manifests/init.pp
@@ -10,6 +10,7 @@ class base_installation (
10 Optional[String] $puppet_conf_path = $base_installation::params::puppet_conf_path, 10 Optional[String] $puppet_conf_path = $base_installation::params::puppet_conf_path,
11 Optional[String] $puppet_pass_seed = $base_installation::params::puppet_pass_seed, 11 Optional[String] $puppet_pass_seed = $base_installation::params::puppet_pass_seed,
12 Optional[String] $puppet_ssl_path = $base_installation::params::puppet_ssl_path, 12 Optional[String] $puppet_ssl_path = $base_installation::params::puppet_ssl_path,
13 Optional[String] $real_hostname = $base_installation::params::real_hostname,
13 Optional[String] $system_hostname = $base_installation::params::system_hostname, 14 Optional[String] $system_hostname = $base_installation::params::system_hostname,
14 Optional[Array[String]] $system_locales = $base_installation::params::system_locales, 15 Optional[Array[String]] $system_locales = $base_installation::params::system_locales,
15 Optional[String] $system_timezone = $base_installation::params::system_timezone, 16 Optional[String] $system_timezone = $base_installation::params::system_timezone,
diff --git a/modules/base_installation/manifests/params.pp b/modules/base_installation/manifests/params.pp
index c03eb1e..5ade838 100644
--- a/modules/base_installation/manifests/params.pp
+++ b/modules/base_installation/manifests/params.pp
@@ -10,6 +10,7 @@ class base_installation::params {
10 $ldap_cert_path = "/etc/ssl/certs/ca-certificates.crt" 10 $ldap_cert_path = "/etc/ssl/certs/ca-certificates.crt"
11 $ldap_uri = "ldaps://ldap.example.com" 11 $ldap_uri = "ldaps://ldap.example.com"
12 $ldap_server = "ldap.example.com" 12 $ldap_server = "ldap.example.com"
13 $real_hostname = "example.com"
13 $system_hostname = "example.com" 14 $system_hostname = "example.com"
14 $system_locales = ["en_US.UTF-8"] 15 $system_locales = ["en_US.UTF-8"]
15 $system_timezone = "UTC" 16 $system_timezone = "UTC"
diff --git a/modules/base_installation/manifests/system_config.pp b/modules/base_installation/manifests/system_config.pp
index 25bfe0f..ccc5dcc 100644
--- a/modules/base_installation/manifests/system_config.pp
+++ b/modules/base_installation/manifests/system_config.pp
@@ -6,23 +6,27 @@ class base_installation::system_config inherits base_installation {
6 } 6 }
7 } 7 }
8 8
9 unless empty($base_installation::system_hostname) { 9 if empty($base_installation::system_hostname) {
10 file { '/etc/hostname': 10 $hostname = $base_installation::real_hostname
11 content => "$base_installation::system_hostname\n", 11 } else {
12 } 12 $hostname = $base_installation::system_hostname
13 }
13 14
14 exec { "set_hostname": 15 file { '/etc/hostname':
15 command => "/usr/bin/hostnamectl set-hostname $base_installation::system_hostname", 16 content => "$base_installation::system_hostname\n",
16 refreshonly => true, 17 }
17 subscribe => File["/etc/hostname"],
18 returns => [0, 1],
19 }
20 18
21 # TODO: find a way to ensure that /etc/hostname doesn't change 19 exec { "set_hostname":
22 # exec { "set_hostname_firstboot": 20 command => "/usr/bin/hostnamectl set-hostname $base_installation::system_hostname",
23 # command => "/usr/bin/systemd-firstboot --hostname=$base_installation::system_hostname", 21 refreshonly => true,
24 # creates => "/etc/hostname", 22 subscribe => File["/etc/hostname"],
25 # } 23 returns => [0, 1],
26 } 24 }
27 25
26 # TODO: find a way to ensure that /etc/hostname doesn't change
27 # exec { "set_hostname_firstboot":
28 # command => "/usr/bin/systemd-firstboot --hostname=$base_installation::system_hostname",
29 # creates => "/etc/hostname",
30 # }
31
28} 32}
diff --git a/modules/base_installation/templates/puppet/host_ldap.info.erb b/modules/base_installation/templates/puppet/host_ldap.info.erb
index 525739b..a71c6f3 100644
--- a/modules/base_installation/templates/puppet/host_ldap.info.erb
+++ b/modules/base_installation/templates/puppet/host_ldap.info.erb
@@ -2,7 +2,6 @@
2ldapadd -D "cn=root,<%= @ldap_base %>" -W << 'EOF' 2ldapadd -D "cn=root,<%= @ldap_base %>" -W << 'EOF'
3dn: <%= @ldap_dn %> 3dn: <%= @ldap_dn %>
4cn: <%= @ldap_cn %> 4cn: <%= @ldap_cn %>
5cn: <%= @system_hostname %>
6objectclass: device 5objectclass: device
7objectclass: top 6objectclass: top
8objectclass: simpleSecurityObject 7objectclass: simpleSecurityObject
@@ -12,6 +11,7 @@ objectclass: ipHost
12<% unless @ips["v4"].nil? -%>ipHostNumber: <%= @ips["v4"]["ipAddress"] %><%- end %> 11<% unless @ips["v4"].nil? -%>ipHostNumber: <%= @ips["v4"]["ipAddress"] %><%- end %>
13<% unless @ips["v6"].nil? -%>ipHostNumber: <%= @ips["v6"]["ipAddress"] %>/<%= @ips["v6"]["mask"] %><%- end %> 12<% unless @ips["v6"].nil? -%>ipHostNumber: <%= @ips["v6"]["ipAddress"] %>/<%= @ips["v6"]["mask"] %><%- end %>
14<%- end -%> 13<%- end -%>
14environment: <%= @environment %>
15userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> 15userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %>
16EOF 16EOF
17#### Or modify an existing entry: 17#### Or modify an existing entry:
@@ -20,6 +20,8 @@ dn: <%= @ldap_dn %>
20changetype: modify 20changetype: modify
21replace: userPassword 21replace: userPassword
22userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> 22userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %>
23replace: environment
24environment: <%= @environment %>
23<%- unless @ips.empty? -%> 25<%- unless @ips.empty? -%>
24- 26-
25delete: ipHostNumber 27delete: ipHostNumber
diff --git a/modules/base_installation/templates/puppet/puppet.conf.erb b/modules/base_installation/templates/puppet/puppet.conf.erb
index 3748039..24e67c8 100644
--- a/modules/base_installation/templates/puppet/puppet.conf.erb
+++ b/modules/base_installation/templates/puppet/puppet.conf.erb
@@ -1,8 +1,10 @@
1[main] 1[main]
2ssldir = <%= @puppet_ssl_path %> 2ssldir = <%= @puppet_ssl_path %>
3 3
4environment = <%= @environment %>
5
4node_terminus = ldap 6node_terminus = ldap
5certname = <%= @system_hostname %> 7certname = <%= @real_hostname %>
6ldapserver = <%= @ldap_server %> 8ldapserver = <%= @ldap_server %>
7ldaptls = true 9ldaptls = true
8ldapbase = <%= @ldap_base %> 10ldapbase = <%= @ldap_base %>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-25 07:03:56 +0000