]> git.donarmstrong.com Git - dsa-puppet.git/blob - manifests/site.pp
projects / dsa-puppet.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
some more squeeze + wheezy fixups
[dsa-puppet.git] / manifests / site.pp
1 Package {
2     require => File["/etc/apt/apt.conf.d/local-recommends"]
3 }
4
5 File {
6     owner   => root,
7     group   => root,
8     mode    => 444,
9     ensure  => file,
10 }
11
12 Exec {
13     path => "/usr/bin:/usr/sbin:/bin:/sbin"
14 }
15
16 node default {
17     $localinfo = yamlinfo('*', "/etc/puppet/modules/debian-org/misc/local.yaml")
18     $nodeinfo  = nodeinfo($fqdn, "/etc/puppet/modules/debian-org/misc/local.yaml")
19     $allnodeinfo = allnodeinfo("sshRSAHostKey ipHostNumber", "purpose mXRecord physicalHost purpose")
20     notice( sprintf("hoster for %s is %s", $fqdn, getfromhash($nodeinfo, 'hoster', 'name') ) )
21
22     include munin-node
23     include syslog-ng
24     include sudo
25     include ssh
26     include debian-org
27     include monit
28     include apt-keys
29     include ntp
30     include ssl
31
32     include motd
33
34     case $hostname {
35         finzi,fano,fasch,field:    { include kfreebsd }
36     }
37
38     case $smartarraycontroller {
39         "true":    { include debian-proliant }
40     }
41     case $kvmdomain {
42         "true": {
43             case $debarchitecture {
44                 kfreebsd-amd64,kfreebsd-i386: {
45                 }
46                 default: {
47                     package { acpid: ensure => installed }
48                     case getfromhash($nodeinfo, 'squeeze') {
49                         true:  { package { acpi-support-base: ensure => installed } }
50                     }
51                 }
52             }
53         }
54     }
55     case $mptraid {
56         "true":    { include "raidmpt" }
57     }
58     case $productname {
59         "PowerEdge 2850": { include megactl }
60     }
61
62     case $mta {
63         "exim4":   {
64              case getfromhash($nodeinfo, 'heavy_exim') {
65                   true:  { include exim::mx }
66                   default: { include exim }
67              }
68         }
69     }
70
71     case getfromhash($nodeinfo, 'puppetmaster') {
72         true: { include puppetmaster }
73     }
74
75     case getfromhash($nodeinfo, 'muninmaster') {
76         true: { include munin-node::master }
77     }
78
79     case getfromhash($nodeinfo, 'nagiosmaster') {
80         true:    { include nagios::server }
81         default: { include nagios::client }
82     }
83
84     case $apache2 {
85          "true":  {
86               case getfromhash($nodeinfo, 'apache2_security_mirror') {
87                      true:    { include apache2::security_mirror }
88               }
89               case getfromhash($nodeinfo, 'apache2_www_mirror') {
90                      true:    { include apache2::www_mirror }
91               }
92               case getfromhash($nodeinfo, 'apache2_backports_mirror') {
93                      true:    { include apache2::backports_mirror }
94               }
95               case getfromhash($nodeinfo, 'apache2_ftp-upcoming_mirror') {
96                      true:    { include apache2::ftp-upcoming_mirror }
97               }
98               include apache2
99          }
100     }
101
102     case $rsyncd {
103          "true": { include rsyncd-log }
104     }
105
106
107     case getfromhash($nodeinfo, 'buildd') {
108          true:  {
109              include buildd
110          }
111     }
112
113     case $hostname {
114         klecker,ravel,senfl,orff,draghi,diamond: { include named::authoritative }
115         geo1,geo2,geo3:                          { include named::geodns }
116         liszt:                                   { include named::recursor }
117     }
118     case $hostname {
119         franck,master,lobos,samosa,spohr,widor:   { include unbound }
120     }
121     case getfromhash($nodeinfo, 'squeeze') {
122         true:  { include unbound }
123     }
124     case getfromhash($nodeinfo, 'wheezy') {
125         true:  { include unbound }
126     }
127     include resolv
128
129     case $kernel {
130         Linux: {
131             include ferm
132             include ferm::per-host
133             case $rsyncd {
134                 "true": { include ferm::rsync }
135             }
136         }
137     }
138
139     case $hostname {
140         beethoven,duarte,ravel,spohr,stabile: {
141             include nfs-server
142         }
143     }
144
145     case $brokenhosts {
146         "true":    { include hosts }
147     }
148     case $portforwarder_user_exists {
149         "true":    { include portforwarder }
150     }
151
152     include samhain
153
154     case $hostname {
155         byrd,schuetz,tchaikovsky,draghi,quantz,lamb,locke,rautavaara,rietz: {
156             include krb
157         }
158     }
159
160     case $hostname {
161         chopin,geo3,soler,wieck: {
162             include debian-radvd
163         }
164     }
165
166     case $kernel {
167         Linux: { include entropykey }
168     }
169
170 }
171
172 # vim:set et:
173 # vim:set sts=4 ts=4:
174 # vim:set shiftwidth=4:
Unnamed repository; edit this file 'description' to name the repository.