Skip to content
Snippets Groups Projects
Normal view Permalink
puppetclient.pp 2.29 KiB
Newer Older
Jonathan Lent's avatar
See NEWS; edits to facilitate Puppet 3 RHEL upgrades  
Jonathan Lent committed
1 
# install and configure the puppet client
Adam Lewenberg's avatar
master branch commit
Adam Lewenberg committed
2 3 4 5 
class base::puppetclient {
  file { '/etc/puppet':
    ensure => directory,
  }
Adam Lewenberg's avatar
puppetclient::dev point to Puppet 3 dev servers  
Adam Lewenberg committed
6
Adam Lewenberg's avatar
master branch commit
Adam Lewenberg committed
7 8 9 
  base::puppetclient::config { '/etc/puppet/puppet.conf':
    ensure => present,
  }
Adam Lewenberg's avatar
puppetclient::dev point to Puppet 3 dev servers  
Adam Lewenberg committed
10
Jonathan Lent's avatar
See NEWS; edits to facilitate Puppet 3 RHEL upgrades  
Jonathan Lent committed
11 12 13 14 15 16 17 18 19 20 21 22 23 
  # pin puppet and facter versions on RHELish systems
  if ($::osfamily == 'RedHat') {
    include base::yumtools::yum_puppet_lock
    package { 'puppet':
      ensure  => present,
      require => [ Base::Puppetclient::Config['/etc/puppet/puppet.conf'],
                  Class['base::yumtools::yum_puppet_lock'] ],
    }
  } else { # Debianish systems; pinning handled at repository level
      package { 'puppet':
        ensure  => present,
        require => Base::Puppetclient::Config['/etc/puppet/puppet.conf'],
      }
Adam Lewenberg's avatar
master branch commit
Adam Lewenberg committed
24 25 
  }
Adam Lewenberg's avatar
install ruby-json on wheezy puppetclient systems  
Adam Lewenberg committed
26 27 28 29 30 31 32 33 
  # It appears that on recently updated wheezy servers, 2.x clients need
  # the ruby-json package Puppet systems.
  if ($::lsbdistcodename == 'wheezy') {
    package { 'ruby-json':
      ensure  => present,
    }
  }
Russ Allbery's avatar
Default to the backported facter on wheezy  
Russ Allbery committed
34 35 36 
  # On squeeze systems, default to the backports version of Puppet.  On wheezy
  # systems, default to the backports version of facter for proper detection
  # of Xen systems.
Adam Lewenberg's avatar
master branch commit
Adam Lewenberg committed
37 38 39 40 41 
  if $::lsbdistcodename == 'squeeze' {
    file { '/etc/apt/preferences.d/puppet':
      source => 'puppet:///modules/base/puppetclient/etc/apt/preferences.d/puppet',
    }
  }
Russ Allbery's avatar
Default to the backported facter on wheezy  
Russ Allbery committed
42 43 44 45 46 
  if $::lsbdistcodename == 'wheezy' {
    file { '/etc/apt/preferences.d/facter':
      source => 'puppet:///modules/base/puppetclient/etc/apt/preferences.d/facter',
    }
  }
Adam Lewenberg's avatar
master branch commit
Adam Lewenberg committed
47 48 

  # Install an auth.conf as additional protection against a Puppet
Adam Lewenberg's avatar
parameter so vmguest class can choose to not install tripwire  
Adam Lewenberg committed
49 50 
  # vulnerability that could allow unauthenticated Puppet nodes to
  # manipulate its configuration.
Adam Lewenberg's avatar
master branch commit
Adam Lewenberg committed
51 
  file { '/etc/puppet/auth.conf':
Adam Lewenberg's avatar
add new ACL for auth.conf introduced in Puppet 3  
Adam Lewenberg committed
52 
    content => template('base/puppetclient/auth.conf.erb'),
Adam Lewenberg's avatar
master branch commit
Adam Lewenberg committed
53 54 55 56 57 58 59 60 61 62 63 
  }

  # filter-syslog rules for the Puppet client.
  file { '/etc/filter-syslog/puppet':
    source => 'puppet:///modules/base/puppetclient/etc/filter-syslog/puppet';
  }

  # Check for a puppetd process on an hourly basis.
  file { '/etc/cron.hourly/check-puppet':
    source => 'puppet:///modules/base/puppetclient/etc/cron.hourly/check-puppet';
  }
Jon C. Robertson's avatar
puppetclient: Added creation of /etc/facter/facts.d for external facts  
Jon C. Robertson committed
64 65 66 67 

  # Install a directory for external facts.  Used on both Debian and RHEL.
  file {
    '/etc/facter/':
Adam Lewenberg's avatar
install ruby-json on wheezy puppetclient systems  
Adam Lewenberg committed
68 69 
      ensure => directory,
      mode   => '0644';
Jon C. Robertson's avatar
puppetclient: Added creation of /etc/facter/facts.d for external facts  
Jon C. Robertson committed
70 
    '/etc/facter/facts.d':
Adam Lewenberg's avatar
install ruby-json on wheezy puppetclient systems  
Adam Lewenberg committed
71 72 
      ensure => directory,
      mode   => '0644';
Jon C. Robertson's avatar
puppetclient: Added creation of /etc/facter/facts.d for external facts  
Jon C. Robertson committed
73 
  }
Adam Lewenberg's avatar
master branch commit
Adam Lewenberg committed
74 75 76 
}