From c227e3f885f0be59422788a3875e5f0e7de6aff2 Mon Sep 17 00:00:00 2001 From: Mark Heiges Date: Thu, 1 Sep 2016 21:55:56 -0400 Subject: [PATCH] init --- .gitignore | 10 +++ README.md | 10 +++ Vagrantfile | 80 +++++++++++++++++++ puppet/Puppetfile | 21 +++++ puppet/Puppetfile.lock | 55 +++++++++++++ .../environments/production/environment.conf | 0 .../production/hieradata/common.yaml | 19 +++++ .../hieradata/nodes/ci.jenkins.vm.yaml | 3 + .../hieradata/nodes/node1.jenkins.vm.yaml | 2 + .../environments/production/manifests/site.pp | 4 + puppet/hiera.yaml | 12 +++ puppet/src/README.md | 4 + .../src/profiles/files/ssl/apidb-ca-rsa.crt | 38 +++++++++ .../src/profiles/manifests/ebrc_ca_bundle.pp | 26 ++++++ .../profiles/manifests/ebrc_ca_keystore.pp | 40 ++++++++++ .../src/profiles/manifests/ebrc_java_stack.pp | 48 +++++++++++ puppet/src/profiles/manifests/ebrc_jenkins.pp | 44 ++++++++++ puppet/src/profiles/manifests/local_home.pp | 10 +++ puppet/src/profiles/metadata.json | 15 ++++ scratch/.gitignore | 5 ++ 20 files changed, 446 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 Vagrantfile create mode 100644 puppet/Puppetfile create mode 100644 puppet/Puppetfile.lock create mode 100644 puppet/environments/production/environment.conf create mode 100644 puppet/environments/production/hieradata/common.yaml create mode 100644 puppet/environments/production/hieradata/nodes/ci.jenkins.vm.yaml create mode 100644 puppet/environments/production/hieradata/nodes/node1.jenkins.vm.yaml create mode 100644 puppet/environments/production/manifests/site.pp create mode 100644 puppet/hiera.yaml create mode 100644 puppet/src/README.md create mode 100644 puppet/src/profiles/files/ssl/apidb-ca-rsa.crt create mode 100644 puppet/src/profiles/manifests/ebrc_ca_bundle.pp create mode 100644 puppet/src/profiles/manifests/ebrc_ca_keystore.pp create mode 100644 puppet/src/profiles/manifests/ebrc_java_stack.pp create mode 100644 puppet/src/profiles/manifests/ebrc_jenkins.pp create mode 100644 puppet/src/profiles/manifests/local_home.pp create mode 100644 puppet/src/profiles/metadata.json create mode 100644 scratch/.gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..480b074 --- /dev/null +++ b/.gitignore @@ -0,0 +1,10 @@ +.DS_Store +scratch/* +*.box +.vagrant +puppet/modules +puppet/**/hieradata/sensitive.yaml +puppet/.tmp +puppet/.librarian +nolibrarian +puppet/hiera.yaml.rpmsave diff --git a/README.md b/README.md new file mode 100644 index 0000000..7c42497 --- /dev/null +++ b/README.md @@ -0,0 +1,10 @@ + +Only the master Jenkins server is provisioned at this time. Provisioning +a separate worker node has not been implemented. Of course the master +server can also serve as a worker so this single node will be sufficient +for most use cases. + +Manual Puppet Run +======= + + sudo /opt/puppetlabs/bin/puppet apply --environment=production /etc/puppetlabs/code/environments/production/manifests/site.pp diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 0000000..d308023 --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,80 @@ +BOX = 'ebrc/centos-7-64-puppet' +BOX_URL = '' +TLD = 'jenkins.vm' + +JENKINS_HOSTS = { + :master => { + :vagrant_box => BOX, + :vagrant_box_url => BOX_URL, + :wf_hostname => 'ci.' + TLD, + :puppet_manifest => 'site.pp' + }, +# :node => { +# :vagrant_box => BOX, +# :vagrant_box_url => BOX_URL, +# :wf_hostname => 'node1.' + TLD, +# :puppet_manifest => 'site.pp' +# }, +} + +[ + { :name => 'vagrant-librarian-puppet', :version => '>= 0.9.2' }, +].each do |plugin| + if not Vagrant.has_plugin?(plugin[:name], plugin[:version]) + raise "#{plugin[:name]} #{plugin[:version]} is required. Please run `vagrant plugin install #{plugin[:name]}`" + end +end + +Vagrant.configure(2) do |config| + + JENKINS_HOSTS.each do |name,cfg| + config.vm.define name do |vm_config| + + vm_config.vm.provider 'virtualbox' do |v| + v.gui = false + end + + if Vagrant.has_plugin?('landrush') + vm_config.landrush.enabled = true + vm_config.landrush.tld = TLD + end + + vm_config.vm.box = cfg[:vagrant_box] if cfg[:vagrant_box] + vm_config.vm.box_url = cfg[:vagrant_box_url] if cfg[:vagrant_box_url] + vm_config.vm.hostname = cfg[:wf_hostname] if cfg[:wf_hostname] + + vm_config.vm.synced_folder 'puppet/', + '/etc/puppetlabs/code/', + owner: 'root', group: 'root' + + vm_config.ssh.forward_agent = true + vm_config.ssh.pty = true + + if ! File.exist?(File.dirname(__FILE__) + '/nolibrarian') + vm_config.librarian_puppet.puppetfile_dir = 'puppet' + vm_config.librarian_puppet.destructive = false + end + + if ( Vagrant.has_plugin?('landrush') and vm_config.landrush.enabled) + # The Puppet manifests includes a firewalld reload that clobbers + # the iptables dns nat rule added by Landrush. So save iptables + # for restoration after Puppet provisioning. + vm_config.vm.provision :shell, inline: '/sbin/iptables-save -t nat > /root/landrush.iptables' + end + vm_config.vm.provision :puppet do |puppet| + puppet.environment = 'production' + puppet.environment_path = 'puppet/environments' + puppet.manifests_path = 'puppet/environments/production/manifests' + puppet.manifest_file = cfg[:puppet_manifest] + puppet.hiera_config_path = 'puppet/hiera.yaml' + #puppet.options = ['--debug --trace --verbose'] + end + if ( Vagrant.has_plugin?('landrush') and vm_config.landrush.enabled) + vm_config.vm.provision :shell, inline: '/sbin/iptables-restore < /root/landrush.iptables' + end + + end + end + + +end diff --git a/puppet/Puppetfile b/puppet/Puppetfile new file mode 100644 index 0000000..4f3f083 --- /dev/null +++ b/puppet/Puppetfile @@ -0,0 +1,21 @@ +forge 'https://forgeapi.puppetlabs.com' + +mod 'crayfishx/firewalld' +mod 'jlambert121/trusted_ca' +mod 'puppet/archive' +mod 'puppetlabs/java_ks' +mod 'puppetlabs/stdlib' +mod 'stahnma/epel' + +mod 'ebrc/ebrc_yum_repo', + :git => 'git@github.com:EuPathDB/puppet-ebrc_yum_repo.git' + +mod 'ebrc/ebrc_java', + :git => 'git@github.com:EuPathDB/puppet-ebrc_java.git' + +mod 'ebrc/ebrc_jenkins', + :git => 'git@github.com:EuPathDB/puppet-ebrc_jenkins.git' + +mod 'local/profiles', + :path => './src/profiles' + :latest diff --git a/puppet/Puppetfile.lock b/puppet/Puppetfile.lock new file mode 100644 index 0000000..ae118d6 --- /dev/null +++ b/puppet/Puppetfile.lock @@ -0,0 +1,55 @@ +FORGE + remote: https://forgeapi.puppetlabs.com + specs: + crayfishx-firewalld (3.1.4) + puppetlabs-stdlib (< 5.0.0, >= 4.2.0) + jlambert121-trusted_ca (1.1.0) + puppetlabs-stdlib (< 5.0.0, >= 3.2.0) + puppet-archive (1.1.2) + puppetlabs-stdlib (< 5.0.0, >= 4.2.0) + puppetlabs-java_ks (1.4.1) + puppetlabs-stdlib (4.12.0) + stahnma-epel (1.2.2) + puppetlabs-stdlib (>= 3.0.0) + +GIT + remote: git@github.com:EuPathDB/puppet-ebrc_java.git + ref: master + sha: 5434fa8c13d2dc4987530b5d9e713f05b9d93841 + specs: + ebrc-ebrc_java (0.1.0) + +GIT + remote: git@github.com:EuPathDB/puppet-ebrc_jenkins.git + ref: master + sha: 133ce0f678faa7af1a3a2a743c67baba09adee20 + specs: + ebrc-ebrc_jenkins (0.0.1) + +GIT + remote: git@github.com:EuPathDB/puppet-ebrc_yum_repo.git + ref: master + sha: 2e75a0de6b7e4da022a1a4de7ee5306b5fcc0a4d + specs: + ebrc-ebrc_yum_repo (0.1.0) + puppetlabs-stdlib (>= 1.0.0) + +PATH + remote: ./src/profiles + specs: + local-profiles (0.0.0) + crayfishx-firewalld (>= 0) + ebrc-ebrc_jenkins (>= 0) + +DEPENDENCIES + crayfishx-firewalld (>= 0) + ebrc-ebrc_java (>= 0) + ebrc-ebrc_jenkins (>= 0) + ebrc-ebrc_yum_repo (>= 0) + jlambert121-trusted_ca (>= 0) + local-profiles (>= 0) + puppet-archive (>= 0) + puppetlabs-java_ks (>= 0) + puppetlabs-stdlib (>= 0) + stahnma-epel (>= 0) + diff --git a/puppet/environments/production/environment.conf b/puppet/environments/production/environment.conf new file mode 100644 index 0000000..e69de29 diff --git a/puppet/environments/production/hieradata/common.yaml b/puppet/environments/production/hieradata/common.yaml new file mode 100644 index 0000000..5fcc8c8 --- /dev/null +++ b/puppet/environments/production/hieradata/common.yaml @@ -0,0 +1,19 @@ +--- +ebrc_jenkins::user_home: /usr/local/home/jenkins +ebrc_jenkins::instances: + CI: + version: 1.638 + http_port: 9181 + jmx_port: 9120 + +ebrc_ca::cacert: apidb-ca-rsa.crt +ebrc_java::java_home: /usr/java/jdk1.8.0_92 +ebrc_java::packages: + - jdk1.8.0_92 +ebrc_java::java_home: /usr/java/jdk1.8.0_92 +ebrc_java::default_ver: /usr/java/jdk1.8.0_92 + +java_keystore_target: /etc/pki/tls/certs/cacerts +java_keystore_passwd: graeo5locza + +local_home: /usr/local/home diff --git a/puppet/environments/production/hieradata/nodes/ci.jenkins.vm.yaml b/puppet/environments/production/hieradata/nodes/ci.jenkins.vm.yaml new file mode 100644 index 0000000..17bfd1e --- /dev/null +++ b/puppet/environments/production/hieradata/nodes/ci.jenkins.vm.yaml @@ -0,0 +1,3 @@ +--- +roles: + - profiles::ebrc_jenkins diff --git a/puppet/environments/production/hieradata/nodes/node1.jenkins.vm.yaml b/puppet/environments/production/hieradata/nodes/node1.jenkins.vm.yaml new file mode 100644 index 0000000..d78069f --- /dev/null +++ b/puppet/environments/production/hieradata/nodes/node1.jenkins.vm.yaml @@ -0,0 +1,2 @@ +--- +roles: diff --git a/puppet/environments/production/manifests/site.pp b/puppet/environments/production/manifests/site.pp new file mode 100644 index 0000000..322cf1d --- /dev/null +++ b/puppet/environments/production/manifests/site.pp @@ -0,0 +1,4 @@ +node default { + hiera_include('roles') +} + diff --git a/puppet/hiera.yaml b/puppet/hiera.yaml new file mode 100644 index 0000000..66f46b4 --- /dev/null +++ b/puppet/hiera.yaml @@ -0,0 +1,12 @@ +--- +:backends: + - yaml + +:yaml: + :datadir: "%{settings::codedir}/environments/%{::environment}/hieradata" + +:hierarchy: + - "nodes/%{::fqdn}" + - "%{::domain}" + - sensitive + - common diff --git a/puppet/src/README.md b/puppet/src/README.md new file mode 100644 index 0000000..b986e12 --- /dev/null +++ b/puppet/src/README.md @@ -0,0 +1,4 @@ +This `src` directory contains Puppet modules only available in this +Vagrant project. Because Puppet librarian can clean out the `modules` +directory, we put local modules here, out of librarian's scope, and +reference them for in the Puppetfile for installation to `modules`. \ No newline at end of file diff --git a/puppet/src/profiles/files/ssl/apidb-ca-rsa.crt b/puppet/src/profiles/files/ssl/apidb-ca-rsa.crt new file mode 100644 index 0000000..5a0a980 --- /dev/null +++ b/puppet/src/profiles/files/ssl/apidb-ca-rsa.crt @@ -0,0 +1,38 @@ +-----BEGIN CERTIFICATE----- +MIIGujCCBKKgAwIBAgIJAJ88X2Ge/QNVMA0GCSqGSIb3DQEBBQUAMIGZMQswCQYD +VQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRUwEwYDVQQHEwxQaGlsYWRl +bHBoaWExLTArBgNVBAoTJEFwaURCIEJpb2luZm9ybWF0aWNzIFJlc291cmNlIENl +bnRlcjEOMAwGA1UEAxMFQXBpREIxHTAbBgkqhkiG9w0BCQEWDmhlbHBAYXBpZGIu +b3JnMB4XDTEyMDgzMTE5MTMyNFoXDTIyMDgyOTE5MTMyNFowgZkxCzAJBgNVBAYT +AlVTMRUwEwYDVQQIEwxQZW5uc3lsdmFuaWExFTATBgNVBAcTDFBoaWxhZGVscGhp +YTEtMCsGA1UEChMkQXBpREIgQmlvaW5mb3JtYXRpY3MgUmVzb3VyY2UgQ2VudGVy +MQ4wDAYDVQQDEwVBcGlEQjEdMBsGCSqGSIb3DQEJARYOaGVscEBhcGlkYi5vcmcw +ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDWjz2aYcFph78mYHXI92QG +RetOwW8Sp8bSaI3j3/MsG/+0zAesAub3qAldizZSnPGT62Ok9CwloKno8xl5k08D +tdK1PBy1KTcOhpVGDpGpQIWC5cZ3WmLkT9VciE25MSsmBsShqP7jmDy9tBAOQ5mJ +YeFxnnkiZfNMkeW+fMv/SUIutebUVMi+ZnRqj5DDlgLbcNUzH533SauYXTkehbyY +Awwx2BtPhjINWn4PFv11NGM8P5mri6+M0l8twCIUKFi9SoCjYAM0uOd3AS3EJxxK +M3QBYJVrykbqxHF/MaD3z/hbXCrhmIQm96ApnVnmxpc1DtkPKkkfhbnkDbOJqVfe +6IOHxxzRN1a1Igb12dR+nRAf6vZNCMZ1YFzC01rw1bkKlYrcaX+ZM1El1n1mgHtP +OrQZLeNzCCl0LACBAC1Ky4/2OdyAP7A3Hrlo4dT8rTC+5ZWn+vuhwZV6KMk7rElf +n1HpBvKwypSJqc5jHq7f9hTQyktWdg1rfvn+TPPfZHehKsYQrR1oEGJVynouvQMG +YrDnGTbg12xpMv+zWDpRsuTx6zpSwbS/S3/PnEndhQBx8eRrHbHkV/9zP1qPt7Xl +mX5XLQz+zJV801rx00Jadfta8SZBohV6uhhwFdBuc1z7+VOhKjKVG5EzfhINY4a/ +3CaoTF51sAHuLl6q67T9FQIDAQABo4IBATCB/jAdBgNVHQ4EFgQUasR0PhZJaGRx +tVXJleUI6PJXEvUwgc4GA1UdIwSBxjCBw4AUasR0PhZJaGRxtVXJleUI6PJXEvWh +gZ+kgZwwgZkxCzAJBgNVBAYTAlVTMRUwEwYDVQQIEwxQZW5uc3lsdmFuaWExFTAT +BgNVBAcTDFBoaWxhZGVscGhpYTEtMCsGA1UEChMkQXBpREIgQmlvaW5mb3JtYXRp +Y3MgUmVzb3VyY2UgQ2VudGVyMQ4wDAYDVQQDEwVBcGlEQjEdMBsGCSqGSIb3DQEJ +ARYOaGVscEBhcGlkYi5vcmeCCQCfPF9hnv0DVTAMBgNVHRMEBTADAQH/MA0GCSqG +SIb3DQEBBQUAA4ICAQAgiSwGDZvC9GVErm8m7DNdLU17lP8V1aUXMLbwAm2hwp6C +snUR3TzJ0MOPSPy67NIMYMWwkRKDILKUXOvfsnE295ZmqmTaUZk+Uv3DoU3xcaIw +LbAOhlIrgPvGQyWXUwAdGacBTrJM4dzQ+pAPnt9ZVu5X9+BYD7ic0H0WNimurjtk +4l+X+wxibJB8Mj3zMnkBRm3wNS1teeU3HRjByEX3HoHuxMYWhWX6tOosBIXiV/9c +12jVPseogPROziiMxqpkyDqUXWiZhzvL/MK0NGYGPlevAodvTWh4CG8Ld1ErFy07 +Sk6YVxBQhz5+HAyHQNLjySh8UeX4EdF9Y1Fpmmy7M2afV+YEjB0ahIGmYfUqt4rj +KbeRdmqobpzjQ7iH53xBS8JMUw1EOP4Evjsi7/62XqB4MgRQ9EM85T0W3zhiwFF2 +6h7BJ11ElhPjmTzzz12p/MBnnYmrMNwYKzDobfdlDoC4dAz1U5RDI1D7w8RyZbOk +5FOxGCS2/8Hk8vBL6/ZF5sTD3iqb7YDdEgvkrnAnPk3UAQ6FHPzp7tfC3IBQr7Jf +BmkZhG9oGg8WIkGPKxUqMJuoQAb5UB6GwE6nz2dCnAM62qUVLljs0XNWK1lgRpYy +JM0ZtsohoVcerth4vUVwrxATaSJ5N+9e9uitABWEOdkiT6l0Fv8aLrjv/ZkLCA== +-----END CERTIFICATE----- diff --git a/puppet/src/profiles/manifests/ebrc_ca_bundle.pp b/puppet/src/profiles/manifests/ebrc_ca_bundle.pp new file mode 100644 index 0000000..2b74788 --- /dev/null +++ b/puppet/src/profiles/manifests/ebrc_ca_bundle.pp @@ -0,0 +1,26 @@ +# install EuPathDB BRC's Certificate Authority to filesystem and add to +# system CA bundle using ca-certificates utilities. +# Hiera +# +# The following hiera data should be set for use by the underlying +# modules. Defaults are set in common.yaml +# - ebrc_ca::cacert - filename of certificate +class profiles::ebrc_ca_bundle { + + include ::trusted_ca + + $ca_name = hiera('ebrc_ca::cacert') + + trusted_ca::ca { $ca_name: + source => "puppet:///modules/profiles/ssl/${ca_name}", + } + + file { "/etc/pki/tls/certs/${ca_name}": + ensure => file, + source => "puppet:///modules/profiles/ssl/${ca_name}", + owner => 'root', + group => 'root', + mode => '0644', + } + +} diff --git a/puppet/src/profiles/manifests/ebrc_ca_keystore.pp b/puppet/src/profiles/manifests/ebrc_ca_keystore.pp new file mode 100644 index 0000000..7a69816 --- /dev/null +++ b/puppet/src/profiles/manifests/ebrc_ca_keystore.pp @@ -0,0 +1,40 @@ +# install EuPathDB BRC's Certificate Authority to java keystore. +# Leverages puppetlabs/java_ks +# +# Requirements +# - EuPathDB's CA must already be on the file system +# (see profile::ebrc_ca_bundle). +# - keytool command must be available (provided by modern Java packages) +# Hiera +# +# The following hiera data should be set for use by the underlying +# modules. Defaults are set in common.yaml +# - ebrc_ca::cacert - filename for certificate +# - ebrc_java::java_home - java base directory +# - java_keystore_target - path for keystore +# - java_keystore_passwd - password for keystore +class profiles::ebrc_ca_keystore { + + $alias = 'eupathdbinternalca' + $cacert = hiera('ebrc_ca::cacert') + $java_home = hiera('ebrc_java::java_home') + $java_ks_target = hiera('java_keystore_target') + $java_ks_passwd = hiera('java_keystore_passwd') + + if $::osfamily == 'redhat' { + $certdir = '/etc/pki/tls/certs' + } else { + fail("profiles::ebrc_ca_keystore: Unsupported osfamily: ${::osfamily}") + } + + java_ks { $alias: + ensure => latest, + path => ["${java_home}/bin", '/usr/bin'], + certificate => "${certdir}/${cacert}", + target => $java_ks_target, + password => $java_ks_passwd, + trustcacerts => true, + } + + +} \ No newline at end of file diff --git a/puppet/src/profiles/manifests/ebrc_java_stack.pp b/puppet/src/profiles/manifests/ebrc_java_stack.pp new file mode 100644 index 0000000..f0b6297 --- /dev/null +++ b/puppet/src/profiles/manifests/ebrc_java_stack.pp @@ -0,0 +1,48 @@ +# Full java deployment for EuPathDB BRC servers +# Includes +# - installing one or more Java packages from EuPathDB YUM repo +# - adds EuPathDB's certificate authority to cacerts keystore. +# +# Hiera +# +# The following hiera data should be set for use by the underlying +# modules. +# +# Used by ebrc_java +# ebrc_java::packages - an array of Java packages to install, e.g +# ebrc_java::packages: +# - jdk-1.7.0_80 +# - jdk-1.8.0_01 +# ebrc_java::java_home - the full path to $JAVA_HOME, e.g. +# ebrc_java::java_home: /usr/java/jdk1.7.0_80 +# +# Used by ::profiles::ebrc_ca_keystore +# java_keystore_target - the full path to the Java keystore file, e.g. +# java_keystore_target: /etc/pki/tls/certs/cacerts +# java_keystore_passwd - the keystore password +# java_keystore_passwd: graeo5locza +# +# Used by ::profiles::ebrc_ca_bundle +# ebrc_ca::cacert - the file name of EBRC's CA +# ebrc_ca::cacert: apidb-ca-rsa.crt +# +class profiles::ebrc_java_stack { + + include ::ebrc_yum_repo + include ::profiles::ebrc_ca_bundle + include ::profiles::ebrc_ca_keystore + + $java_home = hiera('ebrc_java::java_home') + $java_packages = hiera('ebrc_java::packages') + + class { '::ebrc_java': + packages => $java_packages, + java_home => $java_home, + } + + Class['::ebrc_yum_repo'] -> + Class['::ebrc_java'] -> + Class['::profiles::ebrc_ca_bundle'] -> + Class['::profiles::ebrc_ca_keystore'] + +} diff --git a/puppet/src/profiles/manifests/ebrc_jenkins.pp b/puppet/src/profiles/manifests/ebrc_jenkins.pp new file mode 100644 index 0000000..5853a2d --- /dev/null +++ b/puppet/src/profiles/manifests/ebrc_jenkins.pp @@ -0,0 +1,44 @@ +# manage requirements for Jenkins server instances +# for EuPathDB +class profiles::ebrc_jenkins { + + include ::profiles::ebrc_java_stack + include ::profiles::local_home + include ::ebrc_jenkins + + Class['::profiles::ebrc_java_stack'] -> + Class['::profiles::local_home'] -> + Class['::ebrc_jenkins'] + + firewalld::custom_service{ 'Allow jenkins in public zone': + short => 'jenkins', + port => [ + { + 'port' => 9191, + 'protocol' => 'tcp' + }, + { + 'port' => 9181, + 'protocol' => 'tcp' + }, + { + 'port' => 9130, + 'protocol' => 'tcp' + }, + { + 'port' => 9120, + 'protocol' => 'tcp' + }, + ], + before => Firewalld_service['Allow jenkins in public zone'], + } + + firewalld_service {'Allow jenkins in public zone': + ensure => 'present', + zone => 'public', + service => 'jenkins', + } + + + +} \ No newline at end of file diff --git a/puppet/src/profiles/manifests/local_home.pp b/puppet/src/profiles/manifests/local_home.pp new file mode 100644 index 0000000..08bcaa1 --- /dev/null +++ b/puppet/src/profiles/manifests/local_home.pp @@ -0,0 +1,10 @@ +# manage a home that is on a local filesystem +# as opposed to NFS +class profiles::local_home { + + $local_home = hiera('local_home') + + file{ [$local_home]: + ensure => directory, + } +} \ No newline at end of file diff --git a/puppet/src/profiles/metadata.json b/puppet/src/profiles/metadata.json new file mode 100644 index 0000000..1dc0951 --- /dev/null +++ b/puppet/src/profiles/metadata.json @@ -0,0 +1,15 @@ +{ + "name": "local/profiles", + "version": "0.0.0", + "author": "ebrc", + "summary": "Local profiles to install Jenkins master", + "license": "Apache-2.0", + "source": "", + "project_page": null, + "issues_url": null, + "dependencies": [ + {"name":"ebrc/ebrc_jenkins"}, + {"name":"crayfishx/firewalld"} + ] +} + diff --git a/scratch/.gitignore b/scratch/.gitignore new file mode 100644 index 0000000..7500bb7 --- /dev/null +++ b/scratch/.gitignore @@ -0,0 +1,5 @@ +.DS_Store +.vagrant + +!.gitignore +