X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fpuppetmaster%2Fmanifests%2Finit.pp;h=08b400f5172771d6613976aec6325ab8cdced427;hb=a02b7a339535bbe2769a4d111daa2eccdc11f28a;hp=b702a1580e9cd4c29587b24262241ce8a36f3001;hpb=e06b59cd9caf42918d3d1255b2ab3f7e209be0f9;p=mirror%2Fdsa-puppet.git

diff --git a/modules/puppetmaster/manifests/init.pp b/modules/puppetmaster/manifests/init.pp
index b702a1580..08b400f51 100644
--- a/modules/puppetmaster/manifests/init.pp
+++ b/modules/puppetmaster/manifests/init.pp
@@ -1,5 +1,40 @@
 class puppetmaster {
+
+	package { 'puppetmaster':
+		ensure => installed,
+	}
+	file { '/etc/puppet/hiera.yaml':
+		source => 'puppet:///modules/puppetmaster/hiera.yaml'
+	}
+	file { '/etc/puppet/puppetdb.conf':
+		source => 'puppet:///modules/puppetmaster/puppetdb.conf'
+	}
+
+	@ferm::rule { 'dsa-puppet':
+		description     => 'Allow puppet access',
+		rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V4)'
+	}
+	@ferm::rule { 'dsa-puppet-v6':
+		domain          => 'ip6',
+		description     => 'Allow puppet access',
+		rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V6)'
+	}
+
+	file { '/srv/puppet.debian.org/puppet-facts':
+		ensure => directory
+	}
+	concat { '/srv/puppet.debian.org/puppet-facts/onionbalance-services.yaml':
+	}
+	Concat::Fragment <<| tag == "onionbalance-services.yaml" |>>
+
+	file { '/etc/cron.d/puppet-update-fastly-ips':
+		source => 'puppet:///modules/puppetmaster/update-fastly-ips.cron'
+	}
+	file { '/etc/cron.d/update-fastly-ips':
+		ensure => absent,
+	}
+	file { '/usr/local/bin/update-fastly-ips':
+		source => 'puppet:///modules/puppetmaster/update-fastly-ips.sh',
+		mode   => '0555',
+	}
 }
-# vim:set et:
-# vim:set sts=4 ts=4:
-# vim:set shiftwidth=4: