diff --git a/README b/README index 45b0106..58db1c1 100644 --- a/README +++ b/README @@ -8,7 +8,7 @@ To use this module, follow these directions: repository placed under a directory called "common" 2. Add the following line to manifests/site.pp: - + import "modules.pp" 3. Add the following line to manifests/modules.pp: diff --git a/manifests/classes/lsb_release.pp b/manifests/classes/lsb_release.pp index 5745072..8058be7 100644 --- a/manifests/classes/lsb_release.pp +++ b/manifests/classes/lsb_release.pp @@ -6,12 +6,12 @@ # Changelog: # 2007-08-26: micah reported, that lsb_release can report -# nonsensical values for lsbdistcodename; assert_lsbdistcodename now -# recognises "n/a" and acts accordingly +# nonsensical values for lsbdistcodename; assert_lsbdistcodename now +# recognises "n/a" and acts accordingly # This lightweight class only asserts that $lsbdistcodename is set. # If the assertion fails, an error is printed on the server -# +# # To fail individual resources on a missing lsbdistcodename, require # Exec[assert_lsbdistcodename] on the specific resource # @@ -19,31 +19,48 @@ # manifest, before a bootstrapping class has enabled all the necessary goodies. class assert_lsbdistcodename { - case $lsbdistcodename { - '': { - err("Please install lsb_release or set facter_lsbdistcodename in the environment of $fqdn") - exec { "false # assert_lsbdistcodename": alias => assert_lsbdistcodename, loglevel => err } - } - 'n/a': { - case $operatingsystem { - "Debian": { - err("lsb_release was unable to report your distcodename; This seems to indicate a broken apt/sources.list on $fqdn") - } - default: { - err("lsb_release was unable to report your distcodename; please set facter_lsbdistcodename in the environment of $fqdn") - } - } - exec { "false # assert_lsbdistcodename": alias => assert_lsbdistcodename, loglevel => err } - } - default: { - exec { "true # assert_lsbdistcodename": alias => assert_lsbdistcodename, loglevel => debug } - exec { "true # require_lsbdistcodename": alias => require_lsbdistcodename, loglevel => debug } - } - } + case $::lsbdistcodename { + '': { + err("Please install lsb_release or set facter_lsbdistcodename in the environment of ${::fqdn}") + exec { + 'false # assert_lsbdistcodename': + alias => assert_lsbdistcodename, + loglevel => err + } + } + 'n/a': { + case $::operatingsystem { + 'Debian': { + err("lsb_release was unable to report your distcodename; This seems to indicate a broken apt/sources.list on ${::fqdn}") + } + default: { + err("lsb_release was unable to report your distcodename; please set facter_lsbdistcodename in the environment of ${::fqdn}") + } + } + exec { + 'false # assert_lsbdistcodename': + alias => assert_lsbdistcodename, + loglevel => err + } + } + default: { + exec { + 'true # assert_lsbdistcodename': + alias => assert_lsbdistcodename, + loglevel => debug + } + exec { 'true # require_lsbdistcodename': + alias => require_lsbdistcodename, + loglevel => debug } + } + } } # To fail the complete compilation on a missing $lsbdistcodename, include this class class require_lsbdistcodename inherits assert_lsbdistcodename { - exec { "false # require_lsbdistcodename": require => Exec[require_lsbdistcodename], loglevel => err } + exec { + 'false # require_lsbdistcodename': + require => Exec[require_lsbdistcodename], + loglevel => err } } diff --git a/manifests/defines/append_if_no_such_line.pp b/manifests/defines/append_if_no_such_line.pp index 6ccf9f9..f36f075 100644 --- a/manifests/defines/append_if_no_such_line.pp +++ b/manifests/defines/append_if_no_such_line.pp @@ -4,11 +4,11 @@ # least named according to a proper resource model. # define append_if_no_such_line($file, $line) { - line { - $name: - ensure => present, - file => $file, - line => $line; - } + line { + [$name]: + ensure => present, + file => $file, + line => $line; + } } diff --git a/manifests/defines/concatenated_file.pp b/manifests/defines/concatenated_file.pp index c0d0c5f..4e7f8ab 100644 --- a/manifests/defines/concatenated_file.pp +++ b/manifests/defines/concatenated_file.pp @@ -4,7 +4,7 @@ # Copyright (C) 2007 David Schmitt # See LICENSE for the full license granted to you. -module_dir { "common/cf": } +module_dir { 'common/cf': } # TODO: # * create the directory in _part too @@ -24,77 +24,87 @@ # # Depend on File[$name] to change if and only if its contents change. Notify # Exec["concat_${name}"] if you want to force an update. -# +# # Usage: # concatenated_file { "/etc/some.conf": -# dir => "/etc/some.conf.d", +# dir => "/etc/some.conf.d", # } define concatenated_file ( - # where the snippets are located - $dir = '', - # a file with content to prepend - $header = '', - # a file with content to append - $footer = '', - # default permissions for the target file - $mode = 0644, $owner = root, $group = 0 - ) + # where the snippets are located + $dir = '', + # a file with content to prepend + $header = '', + # a file with content to append + $footer = '', + # default permissions for the target file + $mode = 0644, $owner = root, $group = 0 +) { - $dir_real = $dir ? { '' => "${name}.d", default => $dir } + $dir_real = $dir ? { '' => "${name}.d", default => $dir } - $tmp_file_name = regsubst($dir_real, '/', '_', 'G') - $tmp_file = "${module_dir_path}/${tmp_file_name}" + $tmp_file_name = regsubst($dir_real, '/', '_', 'G') + $tmp_file = "${::module_dir_path}/${tmp_file_name}" - if defined(File[$dir_real]) { - debug("${dir_real} already defined") - } else { - file { - $dir_real: - source => "puppet:///modules/common/empty", - checksum => mtime, - ignore => '.ignore', - recurse => true, purge => true, force => true, - mode => $mode, owner => $owner, group => $group, - notify => Exec["concat_${name}"]; - } - } + if defined(File[$dir_real]) { + debug("${dir_real} already defined") + } else { + file { + $dir_real: + source => 'puppet:///modules/common/empty', + checksum => mtime, + ignore => '.ignore', + recurse => true, + purge => true, + force => true, + mode => $mode, + owner => $owner, + group => $group, + notify => Exec["concat_${name}"]; + } + } - file { - $tmp_file: - ensure => present, checksum => md5, - mode => $mode, owner => $owner, group => $group; - # decouple the actual file from the generation process by using a - # temporary file and puppet's source mechanism. This ensures that events - # for notify/subscribe will only be generated when there is an actual - # change. - $name: - ensure => present, checksum => md5, - source => $tmp_file, - mode => $mode, owner => $owner, group => $group, - require => File[$tmp_file]; - } + file { + $tmp_file: + ensure => present, + checksum => md5, + mode => $mode, + owner => $owner, + group => $group; + # decouple the actual file from the generation process by using a + # temporary file and puppet's source mechanism. This ensures that events + # for notify/subscribe will only be generated when there is an actual + # change. + $name: + ensure => present, + checksum => md5, + source => $tmp_file, + mode => $mode, + owner => $owner, + group => $group, + require => File[$tmp_file]; + } - # if there is a header or footer file, add it - $additional_cmd = $header ? { - '' => $footer ? { - '' => '', - default => "| cat - '${footer}' " - }, - default => $footer ? { - '' => "| cat '${header}' - ", - default => "| cat '${header}' - '${footer}' " - } - } + # if there is a header or footer file, add it + $additional_cmd = $header ? { + '' => $footer ? { + '' => '', + default => "| cat - '${footer}' " + }, + default => $footer ? { + '' => "| cat '${header}' - ", + default => "| cat '${header}' - '${footer}' " + } + } - # use >| to force clobbering the target file - exec { "concat_${name}": - command => "/usr/bin/find ${dir_real} -maxdepth 1 -type f ! -name '*puppettmp' -print0 | sort -z | xargs -0 cat ${additional_cmd} >| ${tmp_file}", - subscribe => [ File[$dir_real] ], - before => File[$tmp_file], - alias => [ "concat_${dir_real}"], - loglevel => info - } + # use >| to force clobbering the target file + exec { "concat_${name}": + command => "/usr/bin/find ${dir_real} -maxdepth 1 -type f ! -name '*puppettmp' -print0 | sort -z | xargs -0 cat ${additional_cmd} >| ${tmp_file}", + subscribe => [ File[$dir_real] ], + before => File[$tmp_file], + alias => [ "concat_${dir_real}"], + loglevel => info + } } @@ -102,16 +112,19 @@ # Add a snippet called $name to the concatenated_file at $dir. # The file can be referenced as File["cf_part_${name}"] define concatenated_file_part ( - $dir, $content = '', $ensure = present, - $mode = 0644, $owner = root, $group = 0 - ) + $dir, $content = '', $ensure = present, + $mode = 0644, $owner = root, $group = 0 +) { - file { "${dir}/${name}": - ensure => $ensure, content => $content, - mode => $mode, owner => $owner, group => $group, - alias => "cf_part_${name}", - notify => Exec["concat_${dir}"], - } + file { "${dir}/${name}": + ensure => $ensure, + content => $content, + mode => $mode, + owner => $owner, + group => $group, + alias => "cf_part_${name}", + notify => Exec["concat_${dir}"], + } } diff --git a/manifests/defines/config_file.pp b/manifests/defines/config_file.pp index 59208ac..87dbb3a 100644 --- a/manifests/defines/config_file.pp +++ b/manifests/defines/config_file.pp @@ -3,58 +3,61 @@ # See LICENSE for the full license granted to you. # A simple wrapper to give all configuration files common defaults. -# +# # Usage: # config_file { filename: -# content => "....\n", +# content => "....\n", # } # -# Examples: +# Examples: # # To create the file /etc/vservers/${vs_name}/context with specific # content: # # config_file { -# "/etc/vservers/${vs_name}/context": -# content => "${context}\n", -# notify => Exec["vs_restart_${vs_name}"], -# require => Exec["vs_create_${vs_name}"]; +# "/etc/vservers/${vs_name}/context": +# content => "${context}\n", +# notify => Exec["vs_restart_${vs_name}"], +# require => Exec["vs_create_${vs_name}"]; # } # # To create the file /etc/apache2/sites-available/munin-stats with the # content pulled from a template: # # config_file { -# "/etc/apache2/sites-available/munin-stats": -# content => template("apache/munin-stats"), -# require => Package["apache2"], -# notify => Exec["reload-apache2"]; +# "/etc/apache2/sites-available/munin-stats": +# content => template("apache/munin-stats"), +# require => Package["apache2"], +# notify => Exec["reload-apache2"]; # } define config_file ( - $content = '', - $source = '', - $ensure = 'present') -{ - file { $name: - ensure => $ensure, - # keep old versions on the server - backup => server, - # default permissions for config files - mode => 0644, owner => root, group => 0, - # really detect changes to this file - checksum => md5, - } + $content = '', + $source = '', + $ensure = 'present') + { + file { + [$name]: + ensure => $ensure, + # keep old versions on the server + backup => server, + # default permissions for config files + mode => '0644', + owner => root, + group => 0, + # really detect changes to this file + checksum => md5, + } + + case $source { + '': { } + default: { File[$name] { source => $source } } + } - case $source { - '': { } - default: { File[$name] { source => $source } } - } + case $content { + '': { } + default: { File[$name] { content => $content } } + } - case $content { - '': { } - default: { File[$name] { content => $content } } - } - -} + } diff --git a/manifests/defines/line.pp b/manifests/defines/line.pp index be5ec31..f105315 100644 --- a/manifests/defines/line.pp +++ b/manifests/defines/line.pp @@ -6,7 +6,7 @@ # be very brittle, since even small changes can throw this off. # # If the line is not present yet, it will be appended to the file. -# +# # The name of the define is not used. Just keep it (globally) unique and # descriptive. # @@ -15,10 +15,10 @@ # # Usage: # line { -# description: -# file => "filename", -# line => "content", -# ensure => {absent,*present*} +# description: +# file => "filename", +# line => "content", +# ensure => {absent,*present*} # } # # Example: @@ -27,31 +27,31 @@ # service for a restart # # line { -# allow_munin_host: -# file => "/etc/munin/munin-node.conf", -# line => "allow ^$munin_host$", -# ensure => present, -# notify => Service[munin-node], -# require => Package[munin-node]; +# allow_munin_host: +# file => "/etc/munin/munin-node.conf", +# line => "allow ^$munin_host$", +# ensure => present, +# notify => Service[munin-node], +# require => Package[munin-node]; # } define line( - $file, - $line, - $ensure = 'present' + $file, + $line, + $ensure = 'present' ) { - case $ensure { - default : { err ( "unknown ensure value '${ensure}'" ) } - present: { - exec { "echo '${line}' >> '${file}'": - unless => "grep -qFx '${line}' '${file}'" - } - } - absent: { - exec { "perl -ni -e 'print if \$_ ne \"${line}\n\";' '${file}'": - onlyif => "grep -qFx '${line}' '${file}'" - } - } - } + case $ensure { + default : { err ( "unknown ensure value '${ensure}'" ) } + present: { + exec { "echo '${line}' >> '${file}'": + unless => "grep -qFx '${line}' '${file}'" + } + } + absent: { + exec { "perl -ni -e 'print if \$_ ne \"${line}\n\";' '${file}'": + onlyif => "grep -qFx '${line}' '${file}'" + } + } + } } diff --git a/manifests/defines/module_dir.pp b/manifests/defines/module_dir.pp index bce3c9e..fa872f7 100644 --- a/manifests/defines/module_dir.pp +++ b/manifests/defines/module_dir.pp @@ -12,32 +12,36 @@ # store. According to the FHS, this should go to /var/lib. Since this is a part # of puppet, the full path is /var/lib/puppet/modules/${name}. Every module # should # prefix its module_dirs with its name. -# +# # By default, the module_dir is loaded from "puppet:///${name}/module_dir". If # that doesn't exist an empty directory is taken as source. The directory is # purged so that modules do not have to worry about removing cruft. -# +# # Usage: # module_dir { ["common", "common/dir1", "common/dir2" ]: } define module_dir ( - $mode = 0644, - $owner = root, - $group = 0 - ) + $mode = 0644, + $owner = root, + $group = 0 +) { - $dir = "${module_dir_path}/${name}" - if defined(File[$dir]) { - debug("${dir} already defined") - } else { - file { - $dir: - source => [ "puppet:///modules/${name}/module_dir", "puppet:///modules/common/empty"], - checksum => md5, - # ignore the placeholder - ignore => '\.ignore', - recurse => true, purge => true, force => true, - mode => $mode, owner => $owner, group => $group; - } - } + $dir = "${::module_dir_path}/${name}" + if defined(File[$dir]) { + debug("${dir} already defined") + } else { + file { + [$dir]: + source => [ "puppet:///modules/${name}/module_dir", 'puppet:///modules/common/empty'], + checksum => md5, + # ignore the placeholder + ignore => '\.ignore', + recurse => true, + purge => true, + force => true, + mode => $mode, + owner => $owner, + group => $group; + } + } } diff --git a/manifests/defines/module_file.pp b/manifests/defines/module_file.pp index 9074589..769f96a 100644 --- a/manifests/defines/module_file.pp +++ b/manifests/defines/module_file.pp @@ -8,17 +8,19 @@ # # Usage: # module_file { -# "module/file": -# source => "puppet://..", +# "module/file": +# source => "puppet://..", # } define module_file ( - $source, - $mode = 0644, $owner = root, $group = 0 - ) + $source, + $mode = 0644, $owner = root, $group = 0 +) { - file { - "${module_dir_path}/${name}": - source => $source, - mode => $mode, owner => $owner, group => $group; - } + file { + "${::module_dir_path}/${name}": + source => $source, + mode => $mode, + owner => $owner, + group => $group; + } } diff --git a/manifests/defines/replace.pp b/manifests/defines/replace.pp index c9a98bd..7e85ace 100644 --- a/manifests/defines/replace.pp +++ b/manifests/defines/replace.pp @@ -10,13 +10,13 @@ # This define uses perl regular expressions. # # Use this only for very trivial stuff. Usually replacing the whole file is a -# more stable solution with less maintenance headaches afterwards. -# +# more stable solution with less maintenance headaches afterwards. +# # Usage: # -# replace { description: -# file => "filename", -# pattern => "regexp", +# replace { description: +# file => "filename", +# pattern => "regexp", # replacement => "replacement" # # Example: @@ -24,18 +24,18 @@ # with a new port, but only disturbing the file when needed: # # replace { -# set_munin_node_port: -# file => "/etc/munin/munin-node.conf", -# pattern => "^port (?!$port)[0-9]*", -# replacement => "port $port" -# } +# set_munin_node_port: +# file => "/etc/munin/munin-node.conf", +# pattern => "^port (?!$port)[0-9]*", +# replacement => "port $port" +# } define replace($file, $pattern, $replacement) { - $pattern_no_slashes = regsubst($pattern, '/', '\\/', 'G', 'U') - $replacement_no_slashes = regsubst($replacement, '/', '\\/', 'G', 'U') + $pattern_no_slashes = regsubst($pattern, '/', '\\/', 'G', 'U') + $replacement_no_slashes = regsubst($replacement, '/', '\\/', 'G', 'U') - exec { "replace_${pattern}_${file}": - command => "/usr/bin/perl -pi -e 's/${pattern_no_slashes}/${replacement_no_slashes}/' '${file}'", - onlyif => "/usr/bin/perl -ne 'BEGIN { \$ret = 1; } \$ret = 0 if /${pattern_no_slashes}/ && ! /\\Q${replacement_no_slashes}\\E/; END { exit \$ret; }' '${file}'", - alias => "exec_$name", - } + exec { "replace_${pattern}_${file}": + command => "/usr/bin/perl -pi -e 's/${pattern_no_slashes}/${replacement_no_slashes}/' '${file}'", + onlyif => "/usr/bin/perl -ne 'BEGIN { \$ret = 1; } \$ret = 0 if /${pattern_no_slashes}/ && ! /\\Q${replacement_no_slashes}\\E/; END { exit \$ret; }' '${file}'", + alias => "exec_${name}", + } } diff --git a/manifests/init.pp b/manifests/init.pp index 0564b76..e75f875 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,29 +1,33 @@ # common/manifests/init.pp - Define common infrastructure for modules # Copyright (C) 2007 David Schmitt # See LICENSE for the full license granted to you. - -import "defines/*.pp" -import "classes/*.pp" - +# +import 'defines/*.pp' +import 'classes/*.pp' +# class common { - module_dir { [ 'common' ]: } + module_dir { [ 'common' ]: } - file { - # Module programmers can use /var/lib/puppet/modules/$modulename to save - # module-local data, e.g. for constructing config files. See module_dir - # for details - "/var/lib/puppet/modules": - ensure => directory, - source => "puppet:///modules/common/modules", - ignore => ".ignore", - recurse => true, purge => true, force => true, - mode => 0755, owner => root, group => 0; - } + file { + # Module programmers can use /var/lib/puppet/modules/$modulename to save + # module-local data, e.g. for constructing config files. See module_dir + # for details + '/var/lib/puppet/modules': + ensure => directory, + source => 'puppet:///modules/common/modules', + ignore => '.ignore', + recurse => true, + purge => true, + force => true, + mode => '0755', + owner => root, + group => 0; + } } include common # common packages -class pkg::openssl { package { openssl: ensure => installed } } -class pkg::rsync { package { rsync: ensure => installed } } +class pkg::openssl { package { 'openssl': ensure => installed } } +class pkg::rsync { package { 'rsync': ensure => installed } }