Puppet script for provisioning my FreeBSD desktop workstation.
First, you need to get the latest source code by cloning the git repository with this command.
git clone https://github.com/lognoz/puppet-freebsd-workstation.git
Finally, change to the directory that was just created.
cd puppet-freebsd-workstation
You must be run as root and have an internet connection. You can install the dependencies with this command line:
make dependencies
git
Distributed source code management tool
puppet7
Configuration management framework written in Ruby
puppet-archive
Compressed archive file download and extraction with native types/providers for Windows and Unix
puppet-nodejs
Install Node.js package and npm package provider.
puppet-php
Generic PHP module that supports many platforms
puppetlabs-apache
Installs, configures, and manages Apache virtual hosts, web services, and modules.
puppetlabs-mysql
Installs, configures, and manages the MySQL service.
puppetlabs-stdlib
Standard library of resources for Puppet modules.
puppetlabs-vcsrepo
Puppet module providing a type to manage repositories from various version control systems
rehan-wget
Install, manage and configure wget and retrieve files using it
saz-sudo
Manage sudo configuration via Puppet
saz-timezone
Manage timezone settings via Puppet
Create your own site.pp at base path:
touch site.pp
You can read example.pp located to base path to help building your own site node.
Add to your file the user that will lead your workstation:
class { 'workstation':
username => 'john',
owner_name => 'John Doe',
owner_email => 'developer@john-doe.org',
timezone => 'America/New_York',
password => 'default'
}Finally, apply your site file by executing this command. Be carful this will replace directory
located at /usr/local/etc/puppet/modules/workstation/.
make
- workstation
- workstation::alsamixer
- workstation::bash::alias
- workstation::bash::bin
- workstation::bash::init
- workstation::bash::rc
- workstation::doas
- workstation::fonts
- workstation::gnu
- workstation::graphic
- workstation::keyboard
- workstation::language
- workstation::multimedia::firefox
- workstation::multimedia::graphic
- workstation::multimedia::torrent
- workstation::multimedia::wget
- workstation::multimedia::youtube_dl
- workstation::optimization
- workstation::package
- workstation::powerd
- workstation::programming::hacking
- workstation::programming::latex
- workstation::programming::lisp::clisp
- workstation::programming::python
- workstation::programming::virtualisation
- workstation::programming::www::apache
- workstation::programming::www::mysql
- workstation::programming::www::npm
- workstation::programming::www::php
- workstation::security
- workstation::sudo
- workstation::system
- workstation::tor
- workstation::user::directories
- workstation::user::emacs
- workstation::user::git
- workstation::user::vim
- workstation::x11::conf
- workstation::x11::dwm
- workstation::x11::xorg
This class sets root and user for FreeBSD systems. Make sure to load
this file before any workstation subclasses.
Show detail
username — Type: string — Default: undef
String used to create user and its home directory.
password — Type: string — Default: undef
String used as user and root password.
timezone — Type: string — Default: undef
String used as timezone reference.
owner_name — Type: string — Default: undef
String used as computer owner name.
owner_email — Type: string — Default: undef
String used as computer owner email.
shell — Type: string|undef — Default: undef
String used as command processor path. If you use zsh on FreeBSD,
you will send /usr/bin/zsh. By default, this class will install
and use bash if $shell is undefined.
root — Type: string — Default: /usr/local/etc/puppet/modules/workstation/
The reference on where the workstation module is located.
class { 'workstation':
username => 'lognoz',
owner_name => 'Marc-Antoine Loignon',
owner_email => 'developer@lognoz.org',
timezone => 'America/New_York',
password => $password
}This class initialize alsamixer package. This program is a graphical
mixer program for the Advanced Linux Sound Architecture that is used
to configure sound settings and adjust the volume.
This module manages bash aliases configurations.
Show detail
content — Type: string|array — Default: $title
Content of configuration to append.
Class workstation
workstation::bash::alias { [
'ls="ls -F"',
'll="ls -lah"',
'emacs="emacs --maximized"'
]: }This module manages bash executable.
Show detail
content — Type: string — Default: undef
Script content in file.
Class workstation
workstation::bash::bin { 'torrent':
content => template('workstation/bin/torrent.erb')
}This class install bash and some useful configurations.
Show detail
files — Type: array — Default: []
List of files related to bash that need to be created.
Class workstation
include workstation::bash::initThis module manages bashrc configurations.
Show detail
content — Type: string|array — Default: $title
Content of configuration to append.
Class workstation
workstation::bash::rc {
'alias ls="ls -F"':
}This class sets doas package. This program allows a regular user to
run commands as another user (usually root).
This class install system fonts.
This class install GNU utils and libraries like gmake, ripgrep,
gls, gcc, etc.
This class add graphics support to make FreeBSD usable as a desktop.
It only supports Intel HD and NVIDIA graphics cards.
Show detail
hardware — Type: string — Default: undef
String used to install the right graphic card.
It expected to recives intel or nvidia.
Class workstation
class { 'workstation::graphic':
hardware => 'nvidia'
}This class sets keyboard in xorg. For each input device (keyboard,
mouse, etc.) it need an InputClass section.
Show detail
keyboard — Type: string — Default: undef
String used as kbd layout.
remap_caps — Type: boolean — Default: true
Boolean on if caps lock is replaced by escape.
Class workstation::x11::xorg
class { 'workstation::keyboard':
keyboard => 'us,ca'
}This class help to manage multiple languages keyboard and language
tool program.
Show detail
aspell — Type: string — Default: undef
Array of languages to install via Freebsd ports. Make sure
to have the right package name before to call this class.
directory — Type: string — Default: ~/.share
The location on where to install Language Tool package.
Class workstation
class { 'workstation::language':
aspell => ['en','fr']
}This class initialize Firefox package. This program, also known as
Mozilla Firefox, is a free and open-source web browser developed by
the Mozilla Foundation and its subsidiary, the Mozilla Corporation.
Show detail
extensions — Type: array — Default: []
List of extensions that you want to install in Firefox.
Class workstation
class { 'workstation::multimedia::firefox':
extensions => [
'3679754/ublock_origin-1.31.0-an+fx.xpi',
'3679479/https_everywhere-2020.11.17-an+fx.xpi',
'3690660/user_agent_switcher-1.4.1-an+fx.xpi',
'3672658/decentraleyes-2.0.15-an+fx.xpi',
'3682334/clearurls-1.20.0-an+fx.xpi',
'3691752/noscript_security_suite-11.1.6-an+fx.xpi',
'3724574/grammatik_und_rechtschreibprufung_languagetool-3.3.4-fx.xpi'
]
}This class install Gimp, Blender, VLC and others useful
graphic tools.
This class initialize transmission package. This program is a lightweight,
command-line BitTorrent client with scripting capabilities.
Show detail
destination — Type: string — Default: download
String used as destination directory for torrent file.
source — Type: string — Default: download
String used as source directory for torrent file.
Class workstation
class { 'workstation::multimedia::torrent':
destination => 'download/torrent',
source => 'download/browser'
}This initialize wget package. This computer program that retrieves
content from web servers.
Show detail
directory — Type: string — Default: download
String used as download directory for torrent file.
Class workstation
class { 'workstation::multimedia::wget':
directory => 'download/wget'
}This class initialize youtube-dl package. This program is an
open-source download manager for video and audio from YouTube and
over 1000 other video hosting websites.
Show detail
directory — Type: string — Default: video
String used as download directory for torrent file.
Class workstation
class { 'workstation::multimedia::youtube_dl':
directory => 'video/youtube'
}This class install some programs and change system configurations to
make FreeBSD usable as a desktop station.
This class sets FreeBSD package configurations.
Show detail
prefer_yes — Type: boolean — Default: true
Boolean used to make yes option the default operations
for dialog. Most pkg operations offer a yes/no
question, showing the default as a capital letter.
Being conservative, pkg normally defaults to no.
autoclean — Type: boolean — Default: true
Boolean used to automatically clean out the content of
pkg cache after each non dry-run call to pkg install
or pkg upgrade.
Class workstation
include workstation::packageThis class initialize powerd package. This program utility monitors
the system state and sets various power control options accordingly.
This class install most useful hacking tools.
This class initialize LaTeX programming language.
This class initialize Common Lisp programming language.
This class initialize Python programming language.
This class initialize virtualisation program like Vagrant,
Docker and Virtualbox.
Show detail
Class workstation
include workstation::programming:virtualisationThis class initialize Apache server.
This class initialize MySQL database server.
This class initialize npm package. This program is a package manager
for the JavaScript programming language.
Show detail
packages — Type: array — Default: undef
List of packages to be install globally.
Class workstation
include workstation::programming::www:npmThis class initialize PHP programming language.
This class install improve the system security.
This class initialize sudo package. This program is designed to
allow a sysadmin to give limited root privileges to users and log
root activity.
Show detail
Class workstation
I now use doas instead of sudo because a severe vulnerability was
found in Unix and Linux operating systems that allows an
unprivileged user to exploit this vulnerability using sudo, causing
a heap overflow to elevate privileges to root without
authentication, or even get listed in the sudoers
file. (CVE-2021-3156)
include workstation::sudoThis module manages system configurations.
Show detail
path — Type: string — Default: undef
String use as path location to add content.
content — Type: array — Default: undef
List of lines to add to the path location.
Class workstation
workstation::system { 'Optimize boot loader':
path => '/boot/loader.conf',
content => [
# Change boot time kernel tuning.
'kern.ipc.shmseg = 1024',
'kern.ipc.shmmni = 1024',
'kern.maxproc = 100000',
# Configuring asynchronous I/O.
'aio_load = "YES"',
# Enable thermal sensors.
'coretemp_load="YES"'
]
}This class initialize tor, a software for enabling anonymous
communication by directing Internet traffic.
This class manages custom directories and xdg-user-dirs, a tool to
help manage well known user directories like the desktop folder and
the music folder.
Show detail
desktop — Type: string — Default: /
The desktop user directory
document — Type: string — Default: /document
The document user directory
download — Type: string — Default: /download
The download user directory
music — Type: string — Default: /music
The music user directory
picture — Type: string — Default: /picture
The picture user directory
public — Type: string — Default: /public
The public user directory
template — Type: string — Default: /template
The template user directory
video — Type: string — Default: /video
The video user directory
directories — Type: array — Default: []
The list of directories that need to be created
Class workstation
class { 'workstation::user::directories':
download => '/download/browser',
directories => [
'/download',
'/document',
'/program',
'/video'
]
}This class initialize Emacs package. This program is a highly
customizable editor indeed, it has been customized to the point
where it is more like an operating system than an editor!
Show detail
source — Type: string — Default: undef
The git repository of Emacs configuration.
Class workstation
class { 'workstation::user::emacs':
source => 'https://github.com/lognoz/embla'
}This class initialize git package. This program is a distributed
version-control system for tracking changes in source code during
software development.
Show detail
username — Type: string — Default: undef
Content of git user name.
email — Type: string — Default: undef
Content of git user email.
url — Type: hash|undef — Default: undef
Hash of git url to be rewritten.
Class workstation
class { 'workstation::user::git':
username => 'Marc-Antoine Loignon',
email => 'developer@lognoz.org'
urls => {
'https://lognoz@github.com' => 'https://github.com',
}
}This class initialize Vim package. This program is a highly
configurable text editor built to make creating and changing any
kind of text very efficient.
Show detail
source — Type: string — Default: undef
The git repository of vim configuration.
Class workstation
class { 'workstation::user::vim':
source => 'https://github.com/lognoz/vimrc'
}This module manages Xorg configurations.
Show detail
content — Type: string|array — Default: $title
Content of configuration to append to xinitrc.
Class workstation
workstation::x11::conf {
'xmodmap ~/.Xmodmap':
}This module manages Dynamic Windows Manager installation.
This class sets xorg package. Xorg (commonly referred as simply X)
is the most popular display server among Linux and BSD users.
This module is only usable with FreeBSD 13.0.