diff options
| author | Fredrik Thulin <fredrik@thulin.net> | 2013-11-27 14:22:33 +0100 |
|---|---|---|
| committer | Fredrik Thulin <fredrik@thulin.net> | 2013-11-27 14:22:33 +0100 |
| commit | 60c413ad91ef734ec978ecf3ff658c17452b2282 (patch) | |
| tree | 439bb6b4a59cdb630219016827c7326904654d59 /global/overlay/etc/puppet/modules/sunet | |
| parent | 9a51c9e38a7556934d4be8eaa663ce4a0482a39b (diff) | |
Add some goodies from the eduid-ops repo.sunet-ops-2013-11-27-v09
Diffstat (limited to 'global/overlay/etc/puppet/modules/sunet')
3 files changed, 40 insertions, 0 deletions
diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/encrypted_swap.pp b/global/overlay/etc/puppet/modules/sunet/manifests/encrypted_swap.pp new file mode 100644 index 0000000..9956e00 --- /dev/null +++ b/global/overlay/etc/puppet/modules/sunet/manifests/encrypted_swap.pp @@ -0,0 +1,12 @@ +define sunet::encrypted_swap() { + + package { 'ecryptfs-utils': + ensure => 'installed' + } -> + + exec {'sunet_ecryptfs_setup_swap': + command => '/usr/bin/ecryptfs-setup-swap -f', + onlyif => 'grep swap /etc/fstab | grep -ve ^# -e cryptswap | grep -q swap', + } + +} diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/ethernet_bonding.pp b/global/overlay/etc/puppet/modules/sunet/manifests/ethernet_bonding.pp new file mode 100644 index 0000000..8ff7325 --- /dev/null +++ b/global/overlay/etc/puppet/modules/sunet/manifests/ethernet_bonding.pp @@ -0,0 +1,19 @@ +define sunet::ethernet_bonding() { + # Set up prerequisites for Ethernet LACP bonding of eth0 and eth1, + # for all physical hosts that are running Ubuntu. + # + # Bonding requires setup in /etc/network/interfaces as well. + # + if $::is_virtual == 'false' and $::operatingsystem == 'Ubuntu' { + if $::operatingsystemrelease <= '12.04' { + package {'ifenslave': ensure => 'present' } + } else { + package {'ifenslave-2.6': ensure => 'present' } + } + + file_line { 'load_module_at_boot': + path => '/etc/modules', + line => 'bonding', + } + } +} diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/server.pp b/global/overlay/etc/puppet/modules/sunet/manifests/server.pp new file mode 100644 index 0000000..9215c8f --- /dev/null +++ b/global/overlay/etc/puppet/modules/sunet/manifests/server.pp @@ -0,0 +1,9 @@ +define sunet::server() { + + # Set up encrypted swap + sunet::encrypted_swap { 'sunet_encrypted_swap': } + + # Add prerequisites for ethernet bonding, if physical server + sunet::ethernet_bonding { 'sunet_ethernet_bonding': } + +} |