+# == Class: debian-org
+#
+# Stuff common to all debian.org servers
+#
class debian-org {
if getfromhash($site::nodeinfo, 'hoster', 'mirror-debian') {
$mirror = getfromhash($site::nodeinfo, 'hoster', 'mirror-debian')
'klogd',
'sysklogd',
'rsyslog',
+ 'os-prober',
+ 'apt-listchanges',
]:
ensure => purged,
}
ensure => installed,
tag => extra_repo,
}
+ file { '/etc/ssh/ssh_known_hosts':
+ ensure => present,
+ replace => false,
+ mode => '0644',
+ source => 'puppet:///modules/debian-org/basic-ssh_known_hosts'
+ }
package { [
'apt-utils',
ensure => installed,
}
- if $::lsbmajdistrelease >= 7 {
+ if $::lsbmajdistrelease == 7 {
package { 'libfilesystem-ruby1.9.1':
ensure => installed,
}
+ } elsif $::lsbmajdistrelease >= 8 {
+ package { 'ruby-filesystem':
+ ensure => installed,
+ }
}
munin::check { [
require => Package['molly-guard'],
}
+ file { '/etc/apt/trusted-keys.d':
+ ensure => absent,
+ force => true,
+ }
+
+ file { '/etc/apt/trusted.gpg':
+ mode => '0600',
+ content => "",
+ }
+
site::aptrepo { 'security':
url => 'http://security.debian.org/',
suite => "${::lsbdistcodename}/updates",
components => ['main','contrib','non-free']
}
+ if $::lsbmajdistrelease < 7 {
+ site::aptrepo { 'debian-lts':
+ url => $mirror,
+ suite => "${::lsbdistcodename}-lts",
+ components => ['main','contrib','non-free']
+ }
+ } else {
+ site::aptrepo { 'debian-lts':
+ ensure => absent,
+ }
+ }
site::aptrepo { 'backports.debian.org':
url => $mirror_backports,
suite => "${::lsbdistcodename}-backports",
components => ['main','contrib','non-free']
}
- site::aptrepo { 'backports.org':
- ensure => absent,
- keyid => '16BA136C',
- key => 'puppet:///modules/debian-org/backports.org.asc',
- }
site::aptrepo { 'volatile':
url => $mirror,
components => ['main','contrib','non-free']
}
- if $::hostname in [ball, corelli, eysler, lucatelli, mayer, mayr, rem] {
+ #if ($::hostname in [ball, corelli, eysler, lucatelli, mayer, mayr, pettersson]) or
+ # ($::hoster and ($::hoster in [bytemark, man-da, brown])) {
+ # site::aptrepo { 'proposed-updates':
+ # url => $mirror,
+ # suite => "${::lsbdistcodename}-proposed-updates",
+ # components => ['main','contrib','non-free']
+ # }
+ #} else {
site::aptrepo { 'proposed-updates':
- url => $mirror,
- suite => "${::lsbdistcodename}-proposed-updates",
- components => ['main','contrib','non-free']
+ ensure => absent,
}
- }
+ #}
site::aptrepo { 'debian.org':
ensure => absent,
site::aptrepo { 'db.debian.org':
url => 'http://db.debian.org/debian-admin',
- suite => 'lenny',
+ suite => 'debian-all',
+ components => 'main',
+ key => 'puppet:///modules/debian-org/db.debian.org.gpg',
+ }
+ site::aptrepo { 'db.debian.org-suite':
+ url => 'http://db.debian.org/debian-admin',
+ suite => $::lsbdistcodename,
components => 'main',
- key => 'puppet:///modules/debian-org/db.debian.org.asc',
}
augeas { 'inittab_replicate':
changes => [
'set ud/runlevels 2345',
'set ud/action respawn',
- "set ud/process /usr/bin/ud-replicated",
+ 'set ud/process "/usr/bin/ud-replicated -d"',
],
- notify => Exec['init q'],
+ notify => Exec['init q'],
}
if getfromhash($site::nodeinfo, 'hoster', 'mirror-debian') {
file { '/etc/apt/preferences':
source => 'puppet:///modules/debian-org/apt.preferences',
}
- file { '/etc/apt/trusted-keys.d/':
- ensure => directory,
- purge => true,
- }
file { '/etc/apt/apt.conf.d/local-compression':
source => 'puppet:///modules/debian-org/apt.conf.d/local-compression',
}
file { '/etc/default/puppet':
source => 'puppet:///modules/debian-org/puppet.default',
}
+ file { '/etc/systemd/system':
+ ensure => directory,
+ recurse => true,
+ }
+ file { '/etc/systemd/system/puppet.service':
+ ensure => 'link',
+ target => '/dev/null',
+ notify => Exec['systemctl daemon-reload'],
+ }
+
file { '/etc/cron.d/dsa-puppet-stuff':
source => 'puppet:///modules/debian-org/dsa-puppet-stuff.cron',
require => Package['debian.org'],
file { '/etc/rc.local':
mode => '0755',
source => 'puppet:///modules/debian-org/rc.local',
- notify => Exec['rc.local start'],
+ notify => Exec['service rc.local start'],
}
file { '/etc/dsa':
ensure => directory,
path => '/usr/bin:/usr/sbin:/bin:/sbin',
refreshonly => true
}
- exec { 'puppetmaster restart':
- path => '/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin',
+ exec { 'service puppetmaster restart':
refreshonly => true
}
- exec { 'rc.local start':
- path => '/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin',
+ exec { 'service rc.local start':
refreshonly => true
}
exec { 'init q':
refreshonly => true
}
+ exec { 'systemctl daemon-reload':
+ refreshonly => true,
+ onlyif => "test -x /bin/systemctl"
+ }
+
tidy { '/var/lib/puppet/clientbucket/':
age => '2w',
recurse => 9,
matches => [ 'paths', 'contents' ],
schedule => weekly
}
+
+ file { '/root/.bashrc':
+ source => 'puppet:///modules/debian-org/root-dotfiles/bashrc',
+ }
+ file { '/root/.profile':
+ source => 'puppet:///modules/debian-org/root-dotfiles/profile',
+ }
+ file { '/root/.screenrc':
+ source => 'puppet:///modules/debian-org/root-dotfiles/screenrc',
+ }
+ file { '/root/.vimrc':
+ source => 'puppet:///modules/debian-org/root-dotfiles/vimrc',
+ }
}