Permalink
Browse files

Initial Commit..

  • Loading branch information...
0 parents commit a86793bab381ca10fba32cfb2de137e6d3bc7608 @kiall committed Sep 23, 2011
Showing with 3,847 additions and 0 deletions.
  1. +1 −0 .gitignore
  2. +94 −0 auth.conf
  3. +1 −0 autosign.conf
  4. +10 −0 etckeeper-commit-post
  5. +10 −0 etckeeper-commit-pre
  6. +30 −0 files/etc/profile
  7. +16 −0 fileserver.conf
  8. +35 −0 manifests/custom.pp
  9. +40 −0 manifests/nagios.pp
  10. +31 −0 manifests/nodes.pp
  11. +138 −0 manifests/role.pp
  12. +4 −0 manifests/role/ci.pp
  13. +3 −0 manifests/role/monitor.pp
  14. +4 −0 manifests/role/mysql.pp
  15. +30 −0 manifests/role/puppet.pp
  16. +4 −0 manifests/role/web.pp
  17. +26 −0 manifests/site.pp
  18. +6 −0 manifests/website.pp
  19. +11 −0 manifests/website/ci.pp
  20. +30 −0 manifests/website/dev.pp
  21. +49 −0 manifests/website/forum.pp
  22. +17 −0 manifests/website/www.pp
  23. +31 −0 modules/common/manifests/init.pp
  24. +25 −0 modules/database/lib/puppet/type/database.rb
  25. 0 modules/database/manifests/init.pp
  26. +32 −0 modules/jenkins/manifests/init.pp
  27. +47 −0 modules/mysql/lib/puppet/provider/database/mysql.rb
  28. +9 −0 modules/mysql/manifests/client.pp
  29. +6 −0 modules/mysql/manifests/init.pp
  30. +32 −0 modules/mysql/manifests/server.pp
  31. +3 −0 modules/mysql/templates/preseed.erb
  32. +367 −0 modules/nagios/files/etc/nagios3/cgi.cfg
  33. +50 −0 modules/nagios/files/etc/nagios3/commands.cfg
  34. +1,325 −0 modules/nagios/files/etc/nagios3/nagios.cfg
  35. +31 −0 modules/nagios/files/etc/nagios3/resource.cfg
  36. +46 −0 modules/nagios/files/etc/nagios3/templates.cfg
  37. +6 −0 modules/nagios/manifests/init.pp
  38. +155 −0 modules/nagios/manifests/server.pp
  39. +14 −0 modules/nagios/manifests/server/purge.pp
  40. +41 −0 modules/nginx/manifests/init.pp
  41. +22 −0 modules/nginx/manifests/site.pp
  42. +16 −0 modules/nginx/manifests/ssl.pp
  43. +1 −0 modules/nginx/manifests/template.pp
  44. +53 −0 modules/nginx/manifests/template/kohana.pp
  45. +11 −0 modules/nginx/manifests/template/nagios.pp
  46. +38 −0 modules/nginx/manifests/template/proxy.pp
  47. +72 −0 modules/nginx/manifests/template/rails.pp
  48. +38 −0 modules/nginx/manifests/template/redirect.pp
  49. +53 −0 modules/nginx/manifests/template/vanilla.pp
  50. +39 −0 modules/nginx/manifests/user.pp
  51. +57 −0 modules/nginx/templates/nginx.conf.erb
  52. +38 −0 modules/nginx/templates/template/kohana.conf.erb
  53. +49 −0 modules/nginx/templates/template/nagios.conf.erb
  54. +35 −0 modules/nginx/templates/template/proxy.conf.erb
  55. +33 −0 modules/nginx/templates/template/rails.conf.erb
  56. +13 −0 modules/nginx/templates/template/redirect.conf.erb
  57. +32 −0 modules/nginx/templates/template/vanilla.conf.erb
  58. +65 −0 modules/php/manifests/fpm.pp
  59. +10 −0 modules/php/manifests/init.pp
  60. +72 −0 modules/php/templates/main.conf.erb
  61. +171 −0 modules/php/templates/pool.conf.erb
  62. +14 −0 modules/ruby/manifests/init.pp
  63. +49 −0 modules/ruby/manifests/thin.pp
  64. +13 −0 modules/ruby/templates/thin.yml.erb
  65. +7 −0 nbproject/project.properties
  66. +15 −0 nbproject/project.xml
  67. +21 −0 puppet.conf
@@ -0,0 +1 @@
+/nbproject/private/
@@ -0,0 +1,94 @@
+# This is an example auth.conf file, it mimics the puppetmasterd defaults
+#
+# The ACL are checked in order of appearance in this file.
+#
+# Supported syntax:
+# This file supports two different syntax depending on how
+# you want to express the ACL.
+#
+# Path syntax (the one used below):
+# ---------------------------------
+# path /path/to/resource
+# [environment envlist]
+# [method methodlist]
+# [auth[enthicated] {yes|no|on|off|any}]
+# allow [host|ip|*]
+# deny [host|ip]
+#
+# The path is matched as a prefix. That is /file match at
+# the same time /file_metadat and /file_content.
+#
+# Regex syntax:
+# -------------
+# This one is differenciated from the path one by a '~'
+#
+# path ~ regex
+# [environment envlist]
+# [method methodlist]
+# [auth[enthicated] {yes|no|on|off|any}]
+# allow [host|ip|*]
+# deny [host|ip]
+#
+# The regex syntax is the same as ruby ones.
+#
+# Ex:
+# path ~ .pp$
+# will match every resource ending in .pp (manifests files for instance)
+#
+# path ~ ^/path/to/resource
+# is essentially equivalent to path /path/to/resource
+#
+# environment:: restrict an ACL to a specific set of environments
+# method:: restrict an ACL to a specific set of methods
+# auth:: restrict an ACL to an authenticated or unauthenticated request
+# the default when unspecified is to restrict the ACL to authenticated requests
+# (ie exactly as if auth yes was present).
+#
+
+### Authenticated ACL - those applies only when the client
+### has a valid certificate and is thus authenticated
+
+# allow nodes to retrieve their own catalog (ie their configuration)
+path ~ ^/catalog/([^/]+)$
+method find
+allow $1
+
+# allow all nodes to access the certificates services
+path /certificate_revocation_list/ca
+method find
+allow *
+
+# allow all nodes to store their reports
+path /report
+method save
+allow *
+
+# inconditionnally allow access to all files services
+# which means in practice that fileserver.conf will
+# still be used
+path /file
+allow *
+
+### Unauthenticated ACL, for clients for which the current master doesn't
+### have a valid certificate
+
+# allow access to the master CA
+path /certificate/ca
+auth no
+method find
+allow *
+
+path /certificate/
+auth no
+method find
+allow *
+
+path /certificate_request
+auth no
+method find, save
+allow *
+
+# this one is not stricly necessary, but it has the merit
+# to show the default policy which is deny everything else
+path /
+auth any
@@ -0,0 +1 @@
+*.kohanaframework.org
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+which etckeeper > /dev/null 2>&1 || exit 0
+
+etckeeper commit "committing changes in /etc after puppet catalog run"
+
+# Failure of etckeeper should not be fatal.
+exit 0
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+which etckeeper > /dev/null 2>&1 || exit 0
+
+etckeeper commit "saving uncommitted changes in /etc prior to puppet catalog run"
+
+# Failure of etckeeper should not be fatal.
+exit 0
@@ -0,0 +1,30 @@
+# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
+# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
+
+if [ -d /etc/profile.d ]; then
+ for i in /etc/profile.d/*.sh; do
+ if [ -r $i ]; then
+ . $i
+ fi
+ done
+ unset i
+fi
+
+if [ "$PS1" ]; then
+ if [ "$BASH" ]; then
+ PS1='\u@\h:\w\$ '
+ if [ -f /etc/bash.bashrc ]; then
+ . /etc/bash.bashrc
+ fi
+ else
+ if [ "`id -u`" -eq 0 ]; then
+ PS1='# '
+ else
+ PS1='$ '
+ fi
+ fi
+fi
+
+#umask 022
+umask 007
+export PATH=/var/lib/gems/1.8/bin:$PATH
@@ -0,0 +1,16 @@
+# This file consists of arbitrarily named sections/modules
+# defining where files are served from and to whom
+
+# Define a section 'files'
+# Adapt the allow/deny settings to your needs. Order
+# for allow/deny does not matter, allow always takes precedence
+# over deny
+[files]
+ path /etc/puppet/files
+ allow *.kohanaframework.org
+ allow 127.0.0.0/8
+
+[plugins]
+# allow *.example.com
+# deny *.evil.example.com
+# allow 192.168.0.0/24
@@ -0,0 +1,35 @@
+# "Extensions" to built in types
+class custom {
+ define user($ensure = 'present', $groups = []) {
+ user {
+ $name:
+ ensure => $ensure,
+ home => "/home/$name",
+ shell => "/bin/bash",
+ groups => $groups;
+ }
+
+ group {
+ $name:
+ ensure => $ensure,
+ require => User[$name]
+ }
+
+ $home_ensure = $ensure ? {
+ 'present' => directory,
+ default => $ensure
+ }
+
+ file {
+ "/home/${name}":
+ ensure => $home_ensure,
+ owner => $name,
+ group => $name,
+ mode => 770,
+ require => [
+ User[$name],
+ Group[$name]
+ ];
+ }
+ }
+}
@@ -0,0 +1,40 @@
+nagios_timeperiod {
+ "24x7":
+ ensure => present,
+ alias => "24 Hours A Day, 7 Days A Week",
+ sunday => "00:00-24:00",
+ monday => "00:00-24:00",
+ tuesday => "00:00-24:00",
+ wednesday => "00:00-24:00",
+ thursday => "00:00-24:00",
+ friday => "00:00-24:00",
+ saturday => "00:00-24:00",
+ target => "/etc/nagios3/conf.puppet.d/timeperiod.cfg",
+ require => File["/etc/nagios3/conf.puppet.d/timeperiod.cfg"],
+ notify => Service["nagios3"];
+}
+
+nagios_contactgroup {
+ "admins":
+ ensure => present,
+ alias => "Nagios Administrators",
+ members => "kiall",
+ target => "/etc/nagios3/conf.puppet.d/contactgroup.cfg",
+ require => File["/etc/nagios3/conf.puppet.d/contactgroup.cfg"],
+ notify => Service["nagios3"];
+}
+
+nagios_contact {
+ "kiall":
+ ensure => present,
+ email => "kiall.macinnes@kohanaframework.org",
+ service_notification_period => "24x7",
+ host_notification_period => "24x7",
+ service_notification_options => "w,u,c,r",
+ host_notification_options => "d,r",
+ service_notification_commands => "notify-service-by-email",
+ host_notification_commands => "notify-host-by-email",
+ target => "/etc/nagios3/conf.puppet.d/contact.cfg",
+ require => File["/etc/nagios3/conf.puppet.d/contact.cfg"],
+ notify => Service["nagios3"];
+}
@@ -0,0 +1,31 @@
+# Define Nodes
+node "puppet.kohanaframework.org" {
+ include role::puppet
+ include role::web
+ include role::mysql
+ #include role::ci
+ include role::monitor
+
+ include website::www
+ include website::forum
+ include website::dev
+ #include website::ci
+}
+
+node "vm01.kohanaframework.org" {
+ include role::web
+ include role::mysql
+
+ include website::www
+ include website::forum
+}
+
+node "vm02.kohanaframework.org" {
+ include role::ci
+}
+
+node "vm03.kohanaframework.org" {
+ include role::web
+
+ include website::dev
+}
Oops, something went wrong.

0 comments on commit a86793b

Please sign in to comment.