4 'debian-archive-debian-samhain-reports@master.debian.org',
5 'debian-admin@ftbfs.de',
31 'libfilesystem-ruby1.8',
39 if $::lsbmajdistrelease >= 7 {
40 package { 'libfilesystem-ruby1.9':
65 if getfromhash($site::nodeinfo, 'broken-rtc') {
66 package { 'fake-hwclock':
71 package { 'molly-guard':
74 file { '/etc/molly-guard/run.d/10-check-kvm':
76 source => 'puppet:///modules/debian-org/molly-guard/10-check-kvm',
77 require => Package['molly-guard'],
79 file { '/etc/molly-guard/run.d/15-acquire-reboot-lock':
81 source => 'puppet:///modules/debian-org/molly-guard/15-acquire-reboot-lock',
82 require => Package['molly-guard'],
85 site::aptrepo { 'security':
86 url => 'http://security.debian.org/',
87 suite => "${::lsbdistcodename}/updates",
88 components => ['main','contrib','non-free']
91 if $::lsbdistcodename != 'wheezy' {
92 site::aptrepo { 'backports.debian.org':
93 url => 'http://backports.debian.org/debian-backports/',
94 suite => "${::lsbdistcodename}-backports",
95 components => ['main','contrib','non-free']
98 if getfromhash($site::nodeinfo, 'hoster', 'mirror-debian') {
99 site::aptrepo { 'volatile':
100 url => getfromhash($site::nodeinfo, 'hoster', 'mirror-debian'),
101 suite => "${::lsbdistcodename}-updates",
102 components => ['main','contrib','non-free']
105 site::aptrepo { 'volatile':
106 url => 'http://ftp.debian.org/debian',
107 suite => "${::lsbdistcodename}-updates",
108 components => ['main','contrib','non-free']
112 site::aptrepo { 'backports.org':
115 key => 'puppet:///modules/debian-org/backports.org.asc',
118 site::aptrepo { 'debian.org':
122 site::aptrepo { 'db.debian.org':
123 url => 'http://db.debian.org/debian-admin',
125 components => 'main',
126 key => 'puppet:///modules/debian-org/db.debian.org.asc',
129 if getfromhash($site::nodeinfo, 'hoster', 'mirror-debian') {
130 site::aptrepo { 'debian':
131 url => getfromhash($site::nodeinfo, 'hoster', 'mirror-debian'),
132 suite => $::lsbdistcodename,
133 components => ['main','contrib','non-free']
137 file { '/etc/facter':
142 source => 'puppet:///files/empty/',
144 file { '/etc/facter/facts.d':
147 file { '/etc/facter/facts.d/debian_facts.yaml':
148 content => template('debian-org/debian_facts.yaml.erb')
150 file { '/etc/apt/preferences':
151 source => 'puppet:///modules/debian-org/apt.preferences',
153 file { '/etc/apt/trusted-keys.d/':
157 file { '/etc/apt/apt.conf.d/local-compression':
158 source => 'puppet:///modules/debian-org/apt.conf.d/local-compression',
160 file { '/etc/apt/apt.conf.d/local-recommends':
161 source => 'puppet:///modules/debian-org/apt.conf.d/local-recommends',
163 file { '/etc/apt/apt.conf.d/local-pdiffs':
164 source => 'puppet:///modules/debian-org/apt.conf.d/local-pdiffs',
166 file { '/etc/timezone':
167 source => 'puppet:///modules/debian-org/timezone',
168 notify => Exec['dpkg-reconfigure tzdata -pcritical -fnoninteractive'],
170 if $::hostname == handel {
171 include puppetmaster::db
172 $dbpassword = $puppetmaster::db::password
174 file { '/etc/puppet/puppet.conf':
175 content => template('debian-org/puppet.conf.erb'),
177 file { '/etc/default/puppet':
178 source => 'puppet:///modules/debian-org/puppet.default',
180 file { '/etc/cron.d/dsa-puppet-stuff':
181 source => 'puppet:///modules/debian-org/dsa-puppet-stuff.cron',
182 require => Package['debian.org'],
184 file { '/etc/ldap/ldap.conf':
185 require => Package['debian.org'],
186 source => 'puppet:///modules/debian-org/ldap.conf',
188 file { '/etc/pam.d/common-session':
189 require => Package['debian.org'],
190 content => template('debian-org/pam.common-session.erb'),
192 file { '/etc/pam.d/common-session-noninteractive':
193 require => Package['debian.org'],
194 content => template('debian-org/pam.common-session-noninteractive.erb'),
196 file { '/etc/rc.local':
198 source => 'puppet:///modules/debian-org/rc.local',
199 notify => Exec['rc.local start'],
205 file { '/etc/dsa/cron.ignore.dsa-puppet-stuff':
206 source => 'puppet:///modules/debian-org/dsa-puppet-stuff.cron.ignore',
207 require => Package['debian.org']
210 # set mmap_min_addr to 4096 to mitigate
211 # Linux NULL-pointer dereference exploits
212 site::sysctl { 'mmap_min_addr':
213 key => 'vm.mmap_min_addr',
216 site::alternative { 'editor':
217 linkto => '/usr/bin/vim.basic',
219 site::alternative { 'view':
220 linkto => '/usr/bin/vim.basic',
222 mailalias { 'samhain-reports':
224 recipient => $debianadmin,
225 require => Package['debian.org']
228 exec { 'apt-get update':
229 path => '/usr/bin:/usr/sbin:/bin:/sbin',
232 Exec['apt-get update']->Package<| |>
234 exec { 'dpkg-reconfigure tzdata -pcritical -fnoninteractive':
235 path => '/usr/bin:/usr/sbin:/bin:/sbin',
238 exec { 'puppetmaster restart':
239 path => '/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin',
242 exec { 'rc.local start':
243 path => '/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin',