Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit a86793b
Showing
67 changed files
with
3,847 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1 @@ | |||
/nbproject/private/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,94 @@ | |||
# This is an example auth.conf file, it mimics the puppetmasterd defaults | |||
# | |||
# The ACL are checked in order of appearance in this file. | |||
# | |||
# Supported syntax: | |||
# This file supports two different syntax depending on how | |||
# you want to express the ACL. | |||
# | |||
# Path syntax (the one used below): | |||
# --------------------------------- | |||
# path /path/to/resource | |||
# [environment envlist] | |||
# [method methodlist] | |||
# [auth[enthicated] {yes|no|on|off|any}] | |||
# allow [host|ip|*] | |||
# deny [host|ip] | |||
# | |||
# The path is matched as a prefix. That is /file match at | |||
# the same time /file_metadat and /file_content. | |||
# | |||
# Regex syntax: | |||
# ------------- | |||
# This one is differenciated from the path one by a '~' | |||
# | |||
# path ~ regex | |||
# [environment envlist] | |||
# [method methodlist] | |||
# [auth[enthicated] {yes|no|on|off|any}] | |||
# allow [host|ip|*] | |||
# deny [host|ip] | |||
# | |||
# The regex syntax is the same as ruby ones. | |||
# | |||
# Ex: | |||
# path ~ .pp$ | |||
# will match every resource ending in .pp (manifests files for instance) | |||
# | |||
# path ~ ^/path/to/resource | |||
# is essentially equivalent to path /path/to/resource | |||
# | |||
# environment:: restrict an ACL to a specific set of environments | |||
# method:: restrict an ACL to a specific set of methods | |||
# auth:: restrict an ACL to an authenticated or unauthenticated request | |||
# the default when unspecified is to restrict the ACL to authenticated requests | |||
# (ie exactly as if auth yes was present). | |||
# | |||
|
|||
### Authenticated ACL - those applies only when the client | |||
### has a valid certificate and is thus authenticated | |||
|
|||
# allow nodes to retrieve their own catalog (ie their configuration) | |||
path ~ ^/catalog/([^/]+)$ | |||
method find | |||
allow $1 | |||
|
|||
# allow all nodes to access the certificates services | |||
path /certificate_revocation_list/ca | |||
method find | |||
allow * | |||
|
|||
# allow all nodes to store their reports | |||
path /report | |||
method save | |||
allow * | |||
|
|||
# inconditionnally allow access to all files services | |||
# which means in practice that fileserver.conf will | |||
# still be used | |||
path /file | |||
allow * | |||
|
|||
### Unauthenticated ACL, for clients for which the current master doesn't | |||
### have a valid certificate | |||
|
|||
# allow access to the master CA | |||
path /certificate/ca | |||
auth no | |||
method find | |||
allow * | |||
|
|||
path /certificate/ | |||
auth no | |||
method find | |||
allow * | |||
|
|||
path /certificate_request | |||
auth no | |||
method find, save | |||
allow * | |||
|
|||
# this one is not stricly necessary, but it has the merit | |||
# to show the default policy which is deny everything else | |||
path / | |||
auth any |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1 @@ | |||
*.kohanaframework.org |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,10 @@ | |||
#!/bin/sh | |||
|
|||
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin | |||
|
|||
which etckeeper > /dev/null 2>&1 || exit 0 | |||
|
|||
etckeeper commit "committing changes in /etc after puppet catalog run" | |||
|
|||
# Failure of etckeeper should not be fatal. | |||
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,10 @@ | |||
#!/bin/sh | |||
|
|||
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin | |||
|
|||
which etckeeper > /dev/null 2>&1 || exit 0 | |||
|
|||
etckeeper commit "saving uncommitted changes in /etc prior to puppet catalog run" | |||
|
|||
# Failure of etckeeper should not be fatal. | |||
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,30 @@ | |||
# /etc/profile: system-wide .profile file for the Bourne shell (sh(1)) | |||
# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...). | |||
|
|||
if [ -d /etc/profile.d ]; then | |||
for i in /etc/profile.d/*.sh; do | |||
if [ -r $i ]; then | |||
. $i | |||
fi | |||
done | |||
unset i | |||
fi | |||
|
|||
if [ "$PS1" ]; then | |||
if [ "$BASH" ]; then | |||
PS1='\u@\h:\w\$ ' | |||
if [ -f /etc/bash.bashrc ]; then | |||
. /etc/bash.bashrc | |||
fi | |||
else | |||
if [ "`id -u`" -eq 0 ]; then | |||
PS1='# ' | |||
else | |||
PS1='$ ' | |||
fi | |||
fi | |||
fi | |||
|
|||
#umask 022 | |||
umask 007 | |||
export PATH=/var/lib/gems/1.8/bin:$PATH |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,16 @@ | |||
# This file consists of arbitrarily named sections/modules | |||
# defining where files are served from and to whom | |||
|
|||
# Define a section 'files' | |||
# Adapt the allow/deny settings to your needs. Order | |||
# for allow/deny does not matter, allow always takes precedence | |||
# over deny | |||
[files] | |||
path /etc/puppet/files | |||
allow *.kohanaframework.org | |||
allow 127.0.0.0/8 | |||
|
|||
[plugins] | |||
# allow *.example.com | |||
# deny *.evil.example.com | |||
# allow 192.168.0.0/24 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,35 @@ | |||
# "Extensions" to built in types | |||
class custom { | |||
define user($ensure = 'present', $groups = []) { | |||
user { | |||
$name: | |||
ensure => $ensure, | |||
home => "/home/$name", | |||
shell => "/bin/bash", | |||
groups => $groups; | |||
} | |||
|
|||
group { | |||
$name: | |||
ensure => $ensure, | |||
require => User[$name] | |||
} | |||
|
|||
$home_ensure = $ensure ? { | |||
'present' => directory, | |||
default => $ensure | |||
} | |||
|
|||
file { | |||
"/home/${name}": | |||
ensure => $home_ensure, | |||
owner => $name, | |||
group => $name, | |||
mode => 770, | |||
require => [ | |||
User[$name], | |||
Group[$name] | |||
]; | |||
} | |||
} | |||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,40 @@ | |||
nagios_timeperiod { | |||
"24x7": | |||
ensure => present, | |||
alias => "24 Hours A Day, 7 Days A Week", | |||
sunday => "00:00-24:00", | |||
monday => "00:00-24:00", | |||
tuesday => "00:00-24:00", | |||
wednesday => "00:00-24:00", | |||
thursday => "00:00-24:00", | |||
friday => "00:00-24:00", | |||
saturday => "00:00-24:00", | |||
target => "/etc/nagios3/conf.puppet.d/timeperiod.cfg", | |||
require => File["/etc/nagios3/conf.puppet.d/timeperiod.cfg"], | |||
notify => Service["nagios3"]; | |||
} | |||
|
|||
nagios_contactgroup { | |||
"admins": | |||
ensure => present, | |||
alias => "Nagios Administrators", | |||
members => "kiall", | |||
target => "/etc/nagios3/conf.puppet.d/contactgroup.cfg", | |||
require => File["/etc/nagios3/conf.puppet.d/contactgroup.cfg"], | |||
notify => Service["nagios3"]; | |||
} | |||
|
|||
nagios_contact { | |||
"kiall": | |||
ensure => present, | |||
email => "kiall.macinnes@kohanaframework.org", | |||
service_notification_period => "24x7", | |||
host_notification_period => "24x7", | |||
service_notification_options => "w,u,c,r", | |||
host_notification_options => "d,r", | |||
service_notification_commands => "notify-service-by-email", | |||
host_notification_commands => "notify-host-by-email", | |||
target => "/etc/nagios3/conf.puppet.d/contact.cfg", | |||
require => File["/etc/nagios3/conf.puppet.d/contact.cfg"], | |||
notify => Service["nagios3"]; | |||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,31 @@ | |||
# Define Nodes | |||
node "puppet.kohanaframework.org" { | |||
include role::puppet | |||
include role::web | |||
include role::mysql | |||
#include role::ci | |||
include role::monitor | |||
|
|||
include website::www | |||
include website::forum | |||
include website::dev | |||
#include website::ci | |||
} | |||
|
|||
node "vm01.kohanaframework.org" { | |||
include role::web | |||
include role::mysql | |||
|
|||
include website::www | |||
include website::forum | |||
} | |||
|
|||
node "vm02.kohanaframework.org" { | |||
include role::ci | |||
} | |||
|
|||
node "vm03.kohanaframework.org" { | |||
include role::web | |||
|
|||
include website::dev | |||
} |
Oops, something went wrong.