1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
class base_installation::puppet (
$password_seed = $base_installation::puppet_pass_seed
) inherits base_installation {
File {
mode => "0600",
owner => "root",
group => "root",
}
exec { 'generate_password_seed':
command => "/usr/bin/openssl rand -base64 -out $password_seed 256",
creates => $password_seed,
environment => "RANDFILE=/dev/null",
}
### Until puppet fixes hist gettext-setup gem use
package { 'gem:gettext-setup':
name => "gettext-setup",
ensure => present,
provider => "gem",
install_options => "--no-user-install"
}
file { '/usr/lib/ruby/vendor_ruby/locales/':
ensure => link,
target => "/opt/puppetlabs/puppet/share/locale/",
}
###
file { '/usr/local/sbin/i_puppet_reset_and_apply':
mode => "0755",
ensure => present,
source => "puppet:///modules/base_installation/scripts/puppet_reset_and_apply"
}
file { '/usr/local/sbin/i_puppet_report_print':
mode => "0755",
ensure => present,
source => "puppet:///modules/base_installation/scripts/report_print.rb"
}
unless empty(find_file($password_seed)) {
$ldap_password = generate_password(24, $password_seed, "ldap")
$ssha_ldap_seed = generate_password(5, $password_seed, "ldap_seed")
package { 'gem:ruby-ldap':
name => "ruby-ldap",
ensure => present,
provider => "gem",
install_options => "--no-user-install"
}
file { $password_seed:
mode => "0600",
}
file { $base_installation::puppet_conf_path:
ensure => directory,
require => [Package["puppet"], Package["gem:ruby-ldap"]],
recurse => true,
purge => true,
force => true,
}
file { "$base_installation::puppet_conf_path/puppet.conf":
content => template("base_installation/puppet/puppet.conf.erb"),
require => File[$base_installation::puppet_conf_path],
}
$ips = lookup("ips") |$key| { {} }
file { "$base_installation::puppet_conf_path/host_ldap.info":
content => template("base_installation/puppet/host_ldap.info.erb"),
require => File[$base_installation::puppet_conf_path],
notify => Notify_refresh["notify-ldap-password"],
}
notify_refresh { "notify-ldap-password":
message => template("base_installation/puppet/host_ldap.info.erb"),
refreshonly => true
}
}
}
|