# just a wrapper around a bunch of defaults define remotefile(owner = root, group = root, mode, source, backup = false, recurse = false) { file { $name: mode => $mode, owner => $owner, group => $group, backup => $backup, source => "puppet://$server/dist/$source" } } class base { file { "/etc/motd": mode => 644, owner => root, owner => root; "/tmp/screens/.": mode => 0755, owner => root; "/var/spool/cron": mode => 755 } remotefile { "/usr/local/scripts": mode => 755, recurse => true, source => "code/scripts"; "/root": mode => 600, recurse => true, source => "home/root"; "/etc/issue": mode => 644, source => "config/common/issue" } # FIXME no tidy yet #tidy: # # Make sure the file repository doesn't fill up # # /var/cfng/outputs pattern=* age=0 # # Nothing needs to be in /tmp more than a day # #/tmp pattern=.* age=1 r=inf #/tmp pattern=* age=1 r=inf rmdirs=sub type=mtime # FIXME no disable yet #disable: # # CERT warning, security fix # # any:: # # /usr/lib/expreserve # FIXME most of this is superfluous, but not all #processes: # # "bootp" signal=kill # exclude=rpc.bootparamd # # "inetd" signal=hup # inform=false # # "sshd" restart "${cfbindir}/sshd" # useshell=false # inform=true # # "snmp" signal=kill # "powerd" signal=kill # "mibiisa" signal=kill } import "classes/*" import "os/*" import "packages/*" node all { include base case $operatingsystem { linux: { include $distro } default: { include $operatingsystem } } $server = "culain.madstop.com" } node culain inherits all { include webserver } node pixie inherits all { include mysqlserver include mysqlserver } node kirby inherits all { include webserver, nfsserver, ftpserver, nameserver include logserver, ldapserver, mailserver } # FIXME there is no scheduling mechanism right now #OnTheHour = ( Min00_05 Min05_10 Min10_15 Min15_20 Min20_25 ) # #All = ( Hr00.OnTheHour ) # #HalfHour = ( Min30_35 Min35_40 Min40_45 Min45_50 Min50_55 ) # #DayTime = ( Hr07 Hr08 Hr09 Hr10 Hr11 Hr12 Hr13 Hr14 Hr15 Hr16 Hr17 Hr18 ) # #CheckIntegrity = ( Hr06.OnTheHour )