diff options
author | Linus Nordberg <linus@nordu.net> | 2017-07-28 16:30:41 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordu.net> | 2017-07-28 16:30:41 +0200 |
commit | 02d31e08862e42dc2fa46f16eb4e3e5e15fc05ff (patch) | |
tree | 8b519b9cf93742f837af3961117a8ba0ba8856e8 | |
parent | b7a6f1cd5bcb8448f3978edadfdeb9f99732db5a (diff) |
Update global/overlay/etc/puppet/ from nunoc-ops.ct-ops-2017-07-28-v06
-rw-r--r-- | global/overlay/etc/puppet/cosmos-modules.conf | 57 | ||||
-rwxr-xr-x | global/overlay/etc/puppet/cosmos_config_version | 11 | ||||
-rw-r--r-- | global/overlay/etc/puppet/facter/cosmos.rb | 22 | ||||
-rw-r--r-- | global/overlay/etc/puppet/puppet.conf | 6 |
4 files changed, 60 insertions, 36 deletions
diff --git a/global/overlay/etc/puppet/cosmos-modules.conf b/global/overlay/etc/puppet/cosmos-modules.conf index 991a570..981d765 100644 --- a/global/overlay/etc/puppet/cosmos-modules.conf +++ b/global/overlay/etc/puppet/cosmos-modules.conf @@ -1,36 +1,23 @@ +# name source (puppetlabs fq name or git url) upgrade (yes/no) # -# name source (puppetlabs fq name or git url) upgrade (yes/no) tag-pattern -# -# NOTE that Git packages MUST be tagged with signatures by someone -# in the Cosmos trust list. That is why all the URLs point to forked -# versions in the SUNET github organization. -# -concat https://github.com/SUNET/puppetlabs-concat.git yes sunet-* -stdlib https://github.com/SUNET/puppetlabs-stdlib.git yes sunet-* -cosmos https://github.com/SUNET/puppet-cosmos.git yes sunet-* -ufw https://github.com/SUNET/puppet-module-ufw.git yes sunet_dev-* -apt https://github.com/SUNET/puppetlabs-apt.git yes sunet_dev-* -vcsrepo https://github.com/SUNET/puppetlabs-vcsrepo.git yes sunet-* -xinetd https://github.com/SUNET/puppetlabs-xinetd.git yes sunet-* -hiera-gpg https://github.com/SUNET/hiera-gpg.git yes sunet-* -# -# Alternate sources you might or might not want to use: -#concat puppetlabs/concat no -#stdlib puppetlabs/stdlib no -#ufw attachmentgenie/ufw no -#apt puppetlabs/apt no -#vcsrepo puppetlabs/vcsrepo no -#xinetd puppetlabs/xinetd no -#cosmos https://github.com/SUNET/puppet-cosmos.git yes -#python https://github.com/SUNET/puppet-python.git yes sunet-* -#erlang https://github.com/SUNET/garethr-erlang.git yes sunet-* -#rabbitmq https://github.com/SUNET/puppetlabs-rabbitmq.git yes sunet_dev-* -#pound https://github.com/SUNET/puppet-pound.git yes sunet_dev-* -#augeas https://github.com/SUNET/puppet-augeas.git yes sunet-* -#bastion https://github.com/SUNET/puppet-bastion.git yes sunet-* -#postgresql https://github.com/SUNET/puppetlabs-postgresql.git yes sunet_dev-* -#munin https://github.com/SUNET/ssm-munin.git yes sunet-* -#nagios https://github.com/SUNET/puppet-nagios.git yes sunet-* -#staging https://github.com/SUNET/puppet-staging.git yes sunet-* -#apparmor https://github.com/SUNET/puppet-apparmor.git yes sunet-* -#docker https://github.com/SUNET/garethr-docker.git yes sunet_dev-* +concat git://github.com/SUNET/puppetlabs-concat.git yes sunet_dev-* +stdlib git://github.com/SUNET/puppetlabs-stdlib.git yes sunet-* +cosmos git://github.com/SUNET/puppet-cosmos.git yes sunet-* +ufw git://github.com/SUNET/puppet-module-ufw.git yes sunet-* +apt git://github.com/SUNET/puppetlabs-apt.git yes sunet-* +vcsrepo git://github.com/SUNET/puppetlabs-vcsrepo.git yes sunet-* +xinetd git://github.com/SUNET/puppetlabs-xinetd.git yes sunet-* +python git://github.com/SUNET/puppet-python.git yes sunet-* +hiera-gpg git://github.com/SUNET/hiera-gpg.git yes sunet-* +pound git://github.com/SUNET/puppet-pound.git yes sunet-* +augeas git://github.com/SUNET/puppet-augeas.git yes sunet-* +bastion git://github.com/SUNET/puppet-bastion.git yes sunet-* +pyff git://github.com/samlbits/puppet-pyff.git yes puppet-pyff-* +dhcp git://github.com/SUNET/puppetlabs-dhcp.git yes sunet_dev-* +varnish git://github.com/samlbits/puppet-varnish.git yes puppet-varnish-* +apparmor https://github.com/SUNET/puppet-apparmor.git yes sunet-* +docker git://github.com/SUNET/garethr-docker.git yes sunet-* +network git://github.com/SUNET/attachmentgenie-network.git yes sunet-* +sunet git://github.com/SUNET/puppet-sunet.git yes sunet-* +sysctl git://github.com/SUNET/puppet-sysctl.git yes sunet-* +nagioscfg git://github.com/SUNET/puppet-nagioscfg.git yes sunet-* diff --git a/global/overlay/etc/puppet/cosmos_config_version b/global/overlay/etc/puppet/cosmos_config_version new file mode 100755 index 0000000..57786fd --- /dev/null +++ b/global/overlay/etc/puppet/cosmos_config_version @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +set -a +COSMOS_CONF_DIR="/etc/cosmos" +. /etc/cosmos/cosmos.conf +COSMOS_VERBOSE="yes" +set +a + +/etc/cosmos/update.d/25verify-git 2>/dev/null | grep ^"tag " | head -1 | cut -b 5- diff --git a/global/overlay/etc/puppet/facter/cosmos.rb b/global/overlay/etc/puppet/facter/cosmos.rb new file mode 100644 index 0000000..d810082 --- /dev/null +++ b/global/overlay/etc/puppet/facter/cosmos.rb @@ -0,0 +1,22 @@ +# +# Extract local Cosmos configuration +# +require 'facter' +Facter.add(:cosmos_repo) do + setcode do + Facter::Util::Resolution.exec("sh -c '. /etc/cosmos/cosmos.conf && echo $COSMOS_REPO'") + end +end + +Facter.add(:cosmos_tag_pattern) do + setcode do + Facter::Util::Resolution.exec("sh -c '. /etc/cosmos/cosmos.conf && echo $COSMOS_UPDATE_VERIFY_GIT_TAG_PATTERN'") + end +end + +Facter.add(:cosmos_repo_origin_url) do + setcode do + Facter::Util::Resolution.exec("sh -c '. /etc/cosmos/cosmos.conf && cd $COSMOS_REPO && git remote show -n origin | grep \"Fetch URL\" | awk \"{print \\$NF }\"'") + end +end + diff --git a/global/overlay/etc/puppet/puppet.conf b/global/overlay/etc/puppet/puppet.conf index 1f834e8..cc9e736 100644 --- a/global/overlay/etc/puppet/puppet.conf +++ b/global/overlay/etc/puppet/puppet.conf @@ -3,10 +3,14 @@ logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet -factpath=$vardir/lib/facter +# factpath is supposed to be colon-delimeted, but that does not appear to work +# (tested with 'strace -f facter --puppet something' - does not split on colon in Puppet 3.4.2). +factpath=/etc/puppet/facter node_terminus = exec external_nodes = /etc/puppet/cosmos_enc.py basemodulepath = /etc/puppet/modules:/etc/puppet/cosmos-modules:/usr/share/puppet/modules +parser = future +disable_warnings = deprecations [master] # These are needed when the puppetmaster is run by passenger |