Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
root
committed
Sep 28, 2009
0 parents
commit 9490bbd
Showing
324 changed files
with
14,893 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# Lab42 Puppet Infrastructure # | ||
# PROVIDED 'AS IS' | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
#!/bin/sh | ||
if [ -f /var/lib/aide/aide.db.gz ]; then | ||
/usr/sbin/aide --check | ||
else | ||
/usr/sbin/aide --init | ||
cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz | ||
|
||
TMPAIDE="/tmp/aide" | ||
date > $TMPAIDE | ||
hostname >> $TMPAIDE | ||
md5sum /etc/aide.conf >> $TMPAIDE | ||
md5sum /var/lib/aide/aide.db.new.gz >> $TMPAIDE | ||
md5sum /usr/sbin/aide >> $TMPAIDE | ||
|
||
if [ -x /usr/sbin/ssmtp ]; then | ||
cat $TMPAIDE | ssmtp root | ||
else | ||
cat $TMPAIDE | mail -s "AIDE MD5SUMS: `hostname` " root | ||
fi | ||
|
||
rm -f $TMPAIDE | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
class aide { | ||
|
||
package { aide: | ||
name => $operatingsystem ? { | ||
default => "aide", | ||
}, | ||
ensure => present, | ||
} | ||
|
||
file { | ||
"aide.conf": | ||
mode => 600, owner => root, group => root, | ||
require => Package["aide"], | ||
ensure => present, | ||
path => $operatingsystem ?{ | ||
default => "/etc/aide.conf", | ||
}, | ||
} | ||
|
||
file { | ||
"aide.sh": | ||
mode => 750, owner => root, group => root, | ||
require => File["aide.conf"], | ||
ensure => present, | ||
path => $operatingsystem ?{ | ||
default => "/etc/cron.daily/aide", | ||
}, | ||
source => "puppet://$server/aide/aide.sh", | ||
} | ||
|
||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# Lab42 Puppet Infrastructure # | ||
# PROVIDED 'AS IS' | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
class apache { | ||
|
||
package { apache: | ||
name => $operatingsystem ? { | ||
debian => "apache2", | ||
default => "httpd", | ||
}, | ||
ensure => present, | ||
} | ||
|
||
service { apache: | ||
name => $operatingsystem ? { | ||
debian => "apache2", | ||
default => "httpd", | ||
}, | ||
ensure => running, | ||
enable => true, | ||
pattern => $operatingsystem ? { | ||
debian => "/usr/sbin/apache2", | ||
default => "/usr/sbin/httpd", | ||
}, | ||
hasrestart => true, | ||
hasstatus => true, | ||
require => Package["apache"], | ||
subscribe => File["httpd.conf"], | ||
} | ||
|
||
file { | ||
"httpd.conf": | ||
mode => 644, owner => root, group => root, | ||
require => Package[apache], | ||
ensure => present, | ||
path => $operatingsystem ?{ | ||
default => "/etc/httpd/conf/httpd.conf", | ||
}, | ||
} | ||
} | ||
|
||
class apache::modsecurity inherits apache { | ||
|
||
package { mod_security: | ||
name => $operatingsystem ? { | ||
default => "mod_security", | ||
}, | ||
ensure => present, | ||
} | ||
} | ||
|
||
class apache::php { | ||
package { php: | ||
name => $operatingsystem ? { | ||
default => "php", | ||
}, | ||
ensure => present, | ||
} | ||
|
||
package { php-common: | ||
name => $operatingsystem ? { | ||
default => "php-common", | ||
}, | ||
ensure => present, | ||
} | ||
} | ||
|
||
define php::module { | ||
package { "php-${name}": | ||
name => $operatingsystem ? { | ||
default => "php-${name}", | ||
}, | ||
ensure => present, | ||
} | ||
} | ||
|
||
|
||
define php::pear { | ||
package { "php-pear-${name}": | ||
name => $operatingsystem ? { | ||
default => "php-pear-${name}", | ||
}, | ||
ensure => present, | ||
} | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
# Subclass for a managed application | ||
|
||
$apache_processname = $operatingsystem ?{ | ||
default => "httpd", | ||
}, | ||
|
||
$apache_port = "80" | ||
|
||
|
||
class apache::managed inherits apache { | ||
|
||
backup { | ||
"wwwdata": | ||
frequency => daily, | ||
path => $operatingsystem ?{ | ||
default => "/var/www/html", | ||
}, | ||
enabled => "yes", | ||
} | ||
|
||
monitor { | ||
"Port_$apache_port": | ||
type => "port", | ||
proto => "tcp", | ||
port => $apache_port, | ||
address => "localhost", | ||
enabled => "yes", | ||
} | ||
|
||
monitor { | ||
"Service_$apache_processname": | ||
type => "process", | ||
name => $apache_processname, | ||
enabled => "yes", | ||
} | ||
|
||
audit { | ||
"Service_$apache_processname": | ||
type => "process", | ||
name => $apache_processname, | ||
} | ||
|
||
docs { | ||
"Apache_Documentation": | ||
url => "http://httpd.apache.org", | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# Lab42 Puppet Infrastructure # | ||
# PROVIDED 'AS IS' | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
class audit { | ||
|
||
service { | ||
"auditd": | ||
enable => "true", | ||
ensure => "running", | ||
name => $operatingsystem ? { | ||
default => "auditd", | ||
}, | ||
} | ||
|
||
package { | ||
"audit": | ||
ensure => present, | ||
name => $operatingsystem ? { | ||
default => "audit", | ||
}, | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
define backup ( | ||
$path='', | ||
$frequency='') | ||
{ | ||
|
||
case $backup { | ||
no: { } , | ||
yes: { | ||
|
||
include synbak | ||
|
||
|
||
|
||
|
||
|
||
|
||
} | ||
default: { }, | ||
} | ||
} | ||
|
||
class backup::server { | ||
|
||
# Temporary default backup method | ||
$backup_method = "synbak" ; | ||
|
||
case $backup_method { | ||
synbak: { include backup::server::synbak } , | ||
rsync: { include backup::server::rsync } , | ||
backuppc: { include backup::server::backuppc } , | ||
} | ||
|
||
Backup_hosts <<||>> | ||
Backup_dirs <<||>> | ||
|
||
} | ||
|
||
class backup::server::synbak { | ||
|
||
include synbak | ||
|
||
file { | ||
"/etc/backup_synbak.conf": | ||
owner => "root", | ||
group => "root", | ||
mode => "644", | ||
source => "puppet://$server/project_coresis/synbak/backup_synbak.conf-$hostname", | ||
} | ||
|
||
|
||
|
||
synbak | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# Lab42 Puppet Infrastructure # | ||
# PROVIDED 'AS IS' | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
$TTL 86400 | ||
@ IN SOA localhost root ( | ||
42 ; serial (d. adams) | ||
3H ; refresh | ||
15M ; retry | ||
1W ; expiry | ||
1D ) ; minimum | ||
IN NS localhost | ||
localhost IN A 127.0.0.1 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
$TTL 86400 | ||
@ IN SOA @ root ( | ||
42 ; serial (d. adams) | ||
3H ; refresh | ||
15M ; retry | ||
1W ; expiry | ||
1D ) ; minimum | ||
|
||
IN NS @ | ||
IN A 127.0.0.1 | ||
IN AAAA ::1 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
; This file holds the information on root name servers needed to | ||
; initialize cache of Internet domain name servers | ||
; (e.g. reference this file in the "cache . <file>" | ||
; configuration file of BIND domain name servers). | ||
; | ||
; This file is made available by InterNIC | ||
; under anonymous FTP as | ||
; file /domain/named.cache | ||
; on server FTP.INTERNIC.NET | ||
; -OR- RS.INTERNIC.NET | ||
; | ||
; last update: Jan 29, 2004 | ||
; related version of root zone: 2004012900 | ||
; | ||
; | ||
; formerly NS.INTERNIC.NET | ||
; | ||
. 3600000 IN NS A.ROOT-SERVERS.NET. | ||
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 | ||
; | ||
; formerly NS1.ISI.EDU | ||
; | ||
. 3600000 NS B.ROOT-SERVERS.NET. | ||
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 | ||
; | ||
; formerly C.PSI.NET | ||
; | ||
. 3600000 NS C.ROOT-SERVERS.NET. | ||
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 | ||
; | ||
; formerly TERP.UMD.EDU | ||
; | ||
. 3600000 NS D.ROOT-SERVERS.NET. | ||
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 | ||
; | ||
; formerly NS.NASA.GOV | ||
; | ||
. 3600000 NS E.ROOT-SERVERS.NET. | ||
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 | ||
; | ||
; formerly NS.ISC.ORG | ||
; | ||
. 3600000 NS F.ROOT-SERVERS.NET. | ||
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 | ||
; | ||
; formerly NS.NIC.DDN.MIL | ||
; | ||
. 3600000 NS G.ROOT-SERVERS.NET. | ||
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 | ||
; | ||
; formerly AOS.ARL.ARMY.MIL | ||
; | ||
. 3600000 NS H.ROOT-SERVERS.NET. | ||
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 | ||
; | ||
; formerly NIC.NORDU.NET | ||
; | ||
. 3600000 NS I.ROOT-SERVERS.NET. | ||
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 | ||
; | ||
; operated by VeriSign, Inc. | ||
; | ||
. 3600000 NS J.ROOT-SERVERS.NET. | ||
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 | ||
; | ||
; operated by RIPE NCC | ||
; | ||
. 3600000 NS K.ROOT-SERVERS.NET. | ||
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 | ||
; | ||
; operated by ICANN | ||
; | ||
. 3600000 NS L.ROOT-SERVERS.NET. | ||
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12 | ||
; | ||
; operated by WIDE | ||
; | ||
. 3600000 NS M.ROOT-SERVERS.NET. | ||
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 | ||
; End of File |
Oops, something went wrong.