Install OVH vps from scratch

12 files changed, 188 insertions, 24 deletions

diff --git a/modules/base_configuration/files/en-dhcp.network b/modules/base_configuration/files/en-dhcp.network
new file mode 100644
index 0000000..6eef0e9
--- /dev/null
+++ b/modules/base_configuration/files/en-dhcp.network
@@ -0,0 +1,8 @@
+[Match]
+Name=en*
+
+[Network]
+DHCP=yes
+
+[DHCP]
+UseMTU=true
diff --git a/modules/base_configuration/files/getty_conf_override.conf b/modules/base_configuration/files/getty_conf_override.conf
new file mode 100644
index 0000000..52671c7
--- /dev/null
+++ b/modules/base_configuration/files/getty_conf_override.conf
@@ -0,0 +1,2 @@
+[Service]
+TTYVTDisallocate=no
diff --git a/modules/base_configuration/files/pcspkr_no_autoload.conf b/modules/base_configuration/files/pcspkr_no_autoload.conf
new file mode 100644
index 0000000..b46792e
--- /dev/null
+++ b/modules/base_configuration/files/pcspkr_no_autoload.conf
@@ -0,0 +1 @@
+blacklist pcspkr
diff --git a/modules/base_configuration/manifests/init.pp b/modules/base_configuration/manifests/init.pp
index a46dd8b..8b2ce4c 100644
--- a/modules/base_configuration/manifests/init.pp
+++ b/modules/base_configuration/manifests/init.pp
@@ -1,27 +1,59 @@
 class base_configuration (
-  $hostname = undef,
-  $username = "immae",
-  $userid   = 1000
+  $hostname  = undef,
+  $username  = "immae",
+  $userid    = 1000,
+  $code_path = undef,
+  $device    = undef,
 ) {
+  unless empty($device) {
+    class { 'grub_install':
+      device => $device,
+    }
+  }
+
+  class { 'locales': }
+
+  unless empty($code_path) {
+    class { 'cron_puppet':
+      code_path => $code_path,
+    }
+  }
+
   service { "sshd":
-    ensure => "running",
+    #ensure => "running",
     enable => true,
   }
-  service { "systemd-networkd.socket":
-    ensure => "running",
+  service { "systemd-networkd":
+    #ensure => "running",
     enable => true,
   }
-  service { "systemd-networkd":
-    ensure => "running",
+  service { "systemd-resolved":
+    #ensure => "running",
     enable => true,
   }
 
+  file { "/etc/localtime":
+    ensure => "link",
+    target => "../usr/share/zoneinfo/Europe/Paris"
+  }
+
+  exec { "set_locale":
+    command     => "/usr/bin/systemd-firstboot --locale=fr_FR.UTF-8",
+    creates     => "/etc/locale.conf",
+  }
+
   unless empty($hostname) {
-    class { 'systemd::hostname':
-      hostname => $hostname
+    exec { "set_hostname":
+      command     => "/usr/bin/systemd-firstboot --hostname=$hostname",
+      creates     => "/etc/hostname",
     }
   }
 
+  file { "/etc/vconsole.conf":
+    ensure => "link",
+    target => "/dev/null",
+  }
+
   user { "${username}:${userid}":
     name       => $username,
     uid        => $userid,
@@ -70,6 +102,42 @@ class base_configuration (
     password => '!'
   }
 
+  file { '/etc/modprobe.d/pcspkr_no_autoload.conf':
+     ensure => "present",
+     path   => "/etc/modprobe.d/pcspkr_no_autoload.conf",
+     source => 'puppet:///modules/base_configuration/pcspkr_no_autoload.conf',
+     mode   => "0644",
+     owner  => "root",
+     group  => "root"
+  }
+
+  file { '/etc/systemd/system/getty@tty1.service.d/':
+    ensure => "directory",
+    path   => "/etc/systemd/system/getty@tty1.service.d/",
+    mode   => "0755",
+    owner  => "root",
+    group  => "root"
+  }
+
+  file { '/etc/systemd/system/getty@tty1.service.d/noclear.conf':
+     ensure  => "present",
+     path    => "/etc/systemd/system/getty@tty1.service.d/noclear.conf",
+     source  => 'puppet:///modules/base_configuration/getty_conf_override.conf',
+     recurse =>  true,
+     mode    => "0644",
+     owner   => "root",
+     group   => "root"
+  }
+
+  file { '/etc/systemd/network/en-dhcp.network':
+     ensure => "present",
+     path   => "/etc/systemd/network/en-dhcp.network",
+     source => 'puppet:///modules/base_configuration/en-dhcp.network',
+     mode   => "0644",
+     owner  => "root",
+     group  => "root"
+  }
+
   file { '/etc/pacman.d/mirrorlist':
      ensure  => "present",
      path    => "/etc/pacman.d/mirrorlist",
@@ -108,7 +176,7 @@ class base_configuration (
     create_mode  => '0664',
     create_owner => 'root',
     create_group => 'utmp',
-    rotate       => '1',
+    rotate       => 1,
     minsize      => '1M',
   }
   logrotate::rule { 'btmp':
@@ -119,7 +187,7 @@ class base_configuration (
     create_mode  => '0600',
     create_owner => 'root',
     create_group => 'utmp',
-    rotate       => '1',
+    rotate       => 1,
   }
 
   ensure_packages(["whois"], { 'install_options' => '--asdeps' })
@@ -136,4 +204,6 @@ class base_configuration (
     logpath  => '',
     order    => 10
   }
+
+  class { 'aur': }
 }
diff --git a/modules/base_packages/manifests/init.pp b/modules/base_packages/manifests/init.pp
index 269ca58..c4bbec9 100644
--- a/modules/base_packages/manifests/init.pp
+++ b/modules/base_packages/manifests/init.pp
@@ -1,6 +1,9 @@
 class base_packages {
     # Preinstalled
-    ensure_packages(['base', 'openssh', 'grub', 'sudo'])
+    ensure_packages(['base'])
+
+    # Critical packages
+    ensure_packages(['openssh', 'grub', 'sudo'])
 
     # Puppet dependencies
     ensure_packages(['git', 'puppet'])
diff --git a/modules/cron_puppet/files/post-merge b/modules/cron_puppet/files/post-merge
index 1ba08fb..ac5e3ff 100644
--- a/modules/cron_puppet/files/post-merge
+++ b/modules/cron_puppet/files/post-merge
@@ -1,7 +1,7 @@
-#!/bin/bash -e
+#!/bin/bash
 ## Run Puppet locally using puppet apply
 git submodule update --init
-/usr/bin/puppet apply --modulepath=/etc/puppetlabs/puppet/modules /etc/puppetlabs/puppet/manifests/site.pp
+/usr/bin/puppet apply `pwd`/manifests/site.pp
 
 ## Log status of the Puppet run
 if [ $? -eq 0 ]
diff --git a/modules/cron_puppet/manifests/init.pp b/modules/cron_puppet/manifests/init.pp
index 1756a06..c9d5a51 100644
--- a/modules/cron_puppet/manifests/init.pp
+++ b/modules/cron_puppet/manifests/init.pp
@@ -1,7 +1,9 @@
-class cron_puppet {
+class cron_puppet (
+  $code_path = "/etc/puppetlabs/code"
+) {
     file { 'post-hook':
         ensure  => file,
-        path    => '/etc/puppetlabs/puppet/.git/hooks/post-merge',
+        path    => "$code_path/.git/hooks/post-merge",
         source  => 'puppet:///modules/cron_puppet/post-merge',
         mode    => '0755',
         owner   => root,
@@ -12,7 +14,7 @@ class cron_puppet {
     }
     cron { 'puppet-apply':
         ensure  => present,
-        command => "cd /etc/puppetlabs/puppet ; /usr/bin/git pull",
+        command => "cd $code_path ; /usr/bin/git pull",
         user    => root,
         minute  => '*/30',
         require => File['post-hook'],
diff --git a/modules/etckeeper/manifests/run.pp b/modules/etckeeper/manifests/run.pp
index ddbb4e1..8ff4bbf 100644
--- a/modules/etckeeper/manifests/run.pp
+++ b/modules/etckeeper/manifests/run.pp
@@ -1,7 +1,10 @@
-define etckeeper::run ($stages = [Stage['main']], $refreshonly = true, $reason = 'puppet run') {
+define etckeeper::run (
+  $refreshonly = true,
+  $reason = 'puppet run'
+) {
+
   exec { "etckeeper::run::${name}":
     refreshonly => $refreshonly,
     command     => "/usr/bin/etckeeper commit '${reason}' || true",
-    subscribe   => $stages
   }
 }
diff --git a/modules/fail2ban b/modules/fail2ban
-Subproject c1495a2c2de075863775e4ad191e0f0407fc259
+Subproject c4f816ded7245641ab70d553dc27f635f07614f
diff --git a/modules/grub_install/files/config b/modules/grub_install/files/config
new file mode 100644
index 0000000..0a2ef57
--- /dev/null
+++ b/modules/grub_install/files/config
@@ -0,0 +1,47 @@
+GRUB_DEFAULT=0
+GRUB_TIMEOUT=5
+GRUB_DISTRIBUTOR="Arch"
+GRUB_CMDLINE_LINUX_DEFAULT="quiet"
+GRUB_CMDLINE_LINUX=" console=tty0 console=ttyS0,115200"
+
+# Preload both GPT and MBR modules so that they are not missed
+GRUB_PRELOAD_MODULES="part_gpt part_msdos"
+
+# Uncomment to enable Hidden Menu, and optionally hide the timeout count
+#GRUB_HIDDEN_TIMEOUT=5
+#GRUB_HIDDEN_TIMEOUT_QUIET=true
+
+# Uncomment to use basic console
+GRUB_TERMINAL_INPUT=console
+
+# Uncomment to disable graphical terminal
+#GRUB_TERMINAL_OUTPUT=console
+
+# The resolution used on graphical terminal
+# note that you can use only modes which your graphic card supports via VBE
+# you can see them in real GRUB with the command `vbeinfo'
+GRUB_GFXMODE=auto
+
+# Uncomment to allow the kernel use the same resolution used by grub
+GRUB_GFXPAYLOAD_LINUX=keep
+
+# Uncomment if you want GRUB to pass to the Linux kernel the old parameter 
+# format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx" 
+#GRUB_DISABLE_LINUX_UUID=true
+
+# Uncomment to disable generation of recovery mode menu entries
+GRUB_DISABLE_RECOVERY=true
+
+# Uncomment and set to the desired menu colors.  Used by normal and wallpaper 
+# modes only.  Entries specified as foreground/background.
+#GRUB_COLOR_NORMAL="light-blue/black"
+#GRUB_COLOR_HIGHLIGHT="light-cyan/blue"
+
+# Uncomment one of them for the gfx desired, a image background or a gfxtheme
+#GRUB_BACKGROUND="/path/to/wallpaper"
+#GRUB_THEME="/path/to/gfxtheme"
+
+# Uncomment to get a beep at GRUB start
+#GRUB_INIT_TUNE="480 440 1"
+
+#GRUB_SAVEDEFAULT="true"
diff --git a/modules/grub_install/manifests/init.pp b/modules/grub_install/manifests/init.pp
new file mode 100644
index 0000000..172cf4b
--- /dev/null
+++ b/modules/grub_install/manifests/init.pp
@@ -0,0 +1,32 @@
+class grub_install (
+  $device = undef
+) {
+  ensure_packages(['grub'])
+
+  # unless empty($device) {
+  #   exec { 'install GRUB':
+  #     command   => "/usr/bin/grub-install --target=i386-pc $device",
+  #     subscribe => Package["grub"],
+  #   }
+  # }
+
+  file_line { "/etc/default/grub#GRUB_CMDLINE_LINUX":
+    path  => "/etc/default/grub",
+    line  => 'GRUB_CMDLINE_LINUX=" console=tty0 console=ttyS0,115200"',
+    match => '^GRUB_CMDLINE_LINUX='
+  }
+  # file { "/etc/default/grub":
+  #   ensure => "present",
+  #   path   => "/etc/default/grub",
+  #   source => 'puppet:///modules/grub_install/config',
+  #   mode   => "0644",
+  #   owner  => "root",
+  #   group  => "root",
+  #   #  notify => [Exec["install GRUB"], Exec["update GRUB config"]]
+  # }
+
+  # exec { 'update GRUB config':
+  #   command     => "/usr/bin/grub-mkconfig -o /boot/grub/grub.cfg",
+  #   refreshonly => true
+  # }
+}
diff --git a/modules/locales/manifests/init.pp b/modules/locales/manifests/init.pp
index 982b48e..1923f26 100644
--- a/modules/locales/manifests/init.pp
+++ b/modules/locales/manifests/init.pp
@@ -9,8 +9,4 @@ class locales {
     subscribe   => File_line['/etc/locale.gen#fr_FR.UTF-8', '/etc/locale.gen#en_US.UTF-8'],
     refreshonly => true,
   }
-  exec { '/usr/bin/localectl set-locale LANG=fr_FR.UTF-8':
-    subscribe   => File_line['/etc/locale.gen#fr_FR.UTF-8'],
-    refreshonly => true,
-  }
 }