1 define sysctl($key, $value, $ensure=present) {
2 file { "/etc/sysctl.d/$name.conf":
7 content => "$key = $value\n",
8 notify => Exec["procps restart"],
13 package { "userdir-ldap": ensure => installed;
14 "zsh": ensure => installed;
15 "cron": ensure => installed;
16 "apt-utils": ensure => installed;
17 "tcsh": ensure => installed;
18 "pdksh": ensure => installed;
19 "ksh": ensure => installed;
20 "csh": ensure => installed;
21 "ntp": ensure => installed;
22 "locales-all": ensure => installed;
23 "libpam-pwdfile": ensure => installed;
24 "vim": ensure => installed;
25 "gnupg": ensure => installed;
26 "bzip2": ensure => installed;
27 "less": ensure => installed;
28 "ed": ensure => installed;
29 "puppet": ensure => installed;
30 "mtr-tiny": ensure => installed;
31 "nload": ensure => installed;
32 "pciutils": ensure => installed;
33 "dnsutils": ensure => installed;
34 "bash-completion": ensure => installed;
35 "libfilesystem-ruby1.8": ensure => installed;
36 "syslog-ng": ensure => installed;
37 "sysklogd": ensure => purged;
38 "klogd": ensure => purged;
39 "rsyslog": ensure => purged;
42 "/etc/apt/preferences":
43 source => "puppet:///files/etc/apt/preferences";
44 "/etc/apt/sources.list.d/backports.org.list":
45 source => "puppet:///files/etc/apt/sources.list.d/backports.org.list",
46 notify => Exec["apt-get update"];
47 "/etc/apt/sources.list.d/debian.org.list":
48 source => "puppet:///files/etc/apt/sources.list.d/debian.org.list",
49 notify => Exec["apt-get update"];
50 "/etc/apt/sources.list.d/security.list":
51 source => "puppet:///files/etc/apt/sources.list.d/security.list",
52 notify => Exec["apt-get update"];
53 "/etc/apt/sources.list.d/volatile.list":
54 source => "puppet:///files/etc/apt/sources.list.d/volatile.list",
55 notify => Exec["apt-get update"];
56 "/etc/apt/apt.conf.d/local-recommends":
57 source => "puppet:///files/etc/apt/apt.conf.d/local-recommends";
58 "/etc/apt/apt.conf.d/local-pdiffs":
59 source => "puppet:///files/etc/apt/apt.conf.d/local-pdiffs";
61 source => "puppet:///files/etc/timezone",
62 notify => Exec["dpkg-reconfigure tzdata -pcritical -fnoninteractive"];
63 "/etc/puppet/puppet.conf":
64 source => "puppet:///files/etc/puppet/puppet.conf"
66 "/etc/default/puppet":
67 source => "puppet:///files/etc/default/puppet"
70 "/etc/syslog-ng/syslog-ng.conf":
71 source => "puppet:///files/etc/syslog-ng/syslog-ng.conf",
72 notify => Exec["syslog-ng reload"],
74 "/etc/logrotate.d/syslog-ng":
75 source => "puppet:///files/etc/logrotate.d/syslog-ng",
77 "/etc/cron.d/dsa-puppet-stuff":
78 source => "puppet:///files/etc/cron.d/dsa-puppet-stuff",
79 require => Package["cron"]
81 "/etc/ldap/ldap.conf":
82 source => "puppet:///files/etc/ldap/ldap.conf",
84 "/etc/pam.d/common-session":
85 source => "puppet:///files/etc/pam.d/common-session",
93 source => "puppet:///files/etc/puppet/lib",
95 notify => Exec["puppetmaster restart"];
101 # set mmap_min_addr to 4096 to mitigate
102 # Linux NULL-pointer dereference exploits
103 sysctl { "mmap_min_addr" :
104 key => "vm.mmap_min_addr",
108 exec { "syslog-ng reload":
109 path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
112 exec { "dpkg-reconfigure tzdata -pcritical -fnoninteractive":
113 path => "/usr/bin:/usr/sbin:/bin:/sbin",
116 exec { "apt-get update":
117 command => 'apt-get update',
118 path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
121 exec { "puppetmaster restart":
122 path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
125 exec { "procps restart":
126 path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
131 class debian-proliant inherits debian-org {
133 "hpacucli": ensure => installed;
134 "cpqarrayd": ensure => installed;
135 "arrayprobe": ensure => installed;
138 "/etc/apt/sources.list.d/debian.restricted.list":
139 source => "puppet:///files/etc/apt/sources.list.d/debian.restricted.list",
140 notify => Exec["apt-get update"];