Merge branch 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa...
authorMartin Zobel-Helas <zobel@debian.org>
Sat, 5 Feb 2011 13:25:48 +0000 (14:25 +0100)
committerMartin Zobel-Helas <zobel@debian.org>
Sat, 5 Feb 2011 13:25:48 +0000 (14:25 +0100)
* 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet:
  we no longer need --factsync
  only try to install cqparrayd in lenny
  make path explicit for new puppet
  more fallout from change to boolean
  two more
  this is now a boolean
  now bad path
  we seem to have missed a file
  third stab at plugins-in-modules style
  second stab at plugins-in-modules style
  first stab at plugins-in-modules style
  last few uses
  Always use a boolean

46 files changed:
facts/architecture.rb [deleted file]
facts/hosts.rb [deleted file]
facts/ipaddresses.rb [deleted file]
facts/mounts.rb [deleted file]
facts/mta.rb [deleted file]
facts/portforwarder.rb [deleted file]
facts/raidarray.rb [deleted file]
facts/servertype.rb [deleted file]
facts/services.rb [deleted file]
facts/software.rb [deleted file]
files/etc/puppet/lib/puppet/parser/functions/allnodeinfo.rb [deleted file]
files/etc/puppet/lib/puppet/parser/functions/extractnodeinfo.rb [deleted file]
files/etc/puppet/lib/puppet/parser/functions/ldapinfo.rb [deleted file]
files/etc/puppet/lib/puppet/parser/functions/nodeinfo.rb [deleted file]
files/etc/puppet/lib/puppet/parser/functions/whohosts.rb [deleted file]
files/etc/puppet/lib/puppet/parser/functions/yamlinfo.rb [deleted file]
manifests/site.pp
modules/debian-org/files/dsa-puppet-stuff.cron
modules/debian-org/files/puppet.conf
modules/debian-org/lib/facter/architecture.rb [new file with mode: 0644]
modules/debian-org/lib/facter/hosts.rb [new file with mode: 0644]
modules/debian-org/lib/facter/ipaddresses.rb [new file with mode: 0644]
modules/debian-org/lib/facter/mounts.rb [new file with mode: 0644]
modules/debian-org/lib/facter/mta.rb [new file with mode: 0644]
modules/debian-org/lib/facter/portforwarder.rb [new file with mode: 0644]
modules/debian-org/lib/facter/raidarray.rb [new file with mode: 0644]
modules/debian-org/lib/facter/servertype.rb [new file with mode: 0644]
modules/debian-org/lib/facter/services.rb [new file with mode: 0644]
modules/debian-org/lib/facter/software.rb [new file with mode: 0644]
modules/debian-org/manifests/init.pp
modules/debian-org/templates/etc/apt/sources.list.d/backports.org.list.erb
modules/debian-org/templates/etc/apt/sources.list.d/security.list.erb
modules/debian-org/templates/etc/apt/sources.list.d/volatile.list.erb
modules/exim/templates/eximconf.erb
modules/ferm/manifests/init.pp
modules/monit/templates/default.erb
modules/monit/templates/monitrc.erb
modules/ntp/manifests/init.pp
modules/puppetmaster/lib/puppet/parser/functions/allnodeinfo.rb [new file with mode: 0644]
modules/puppetmaster/lib/puppet/parser/functions/extractnodeinfo.rb [new file with mode: 0644]
modules/puppetmaster/lib/puppet/parser/functions/ldapinfo.rb [new file with mode: 0644]
modules/puppetmaster/lib/puppet/parser/functions/nodeinfo.rb [new file with mode: 0644]
modules/puppetmaster/lib/puppet/parser/functions/whohosts.rb [new file with mode: 0644]
modules/puppetmaster/lib/puppet/parser/functions/yamlinfo.rb [new file with mode: 0644]
modules/puppetmaster/manifests/init.pp [new file with mode: 0644]
modules/samhain/templates/samhainrc.erb

diff --git a/facts/architecture.rb b/facts/architecture.rb
deleted file mode 100644 (file)
index 894c82c..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-Facter.add(:architecture) do
-    confine :kernel => 'GNU/kFreeBSD'
-    setcode do
-        model = Facter.value(:hardwaremodel)
-        case model
-        when 'x86_64': "amd64" 
-        when /(i[3456]86|pentium)/: "i386"
-        else
-            model
-        end
-    end
-end
-
-Facter.add(:debarchitecture) do
-    setcode do
-        %x{/usr/bin/dpkg --print-architecture}.chomp
-    end
-end
-
diff --git a/facts/hosts.rb b/facts/hosts.rb
deleted file mode 100644 (file)
index b55c43b..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-Facter.add("brokenhosts") do
-       brokenhosts = "true"
-       if FileTest.exist?("/etc/hosts")
-               IO.foreach("/etc/hosts") do |x|
-                       x.split.each do |y|
-                               if y == Facter.value("fqdn")
-                                       brokenhosts = "false"
-                                       break
-                               end
-                       end
-               end
-       end
-       setcode do
-               brokenhosts == "true"
-       end
-end
-
-
diff --git a/facts/ipaddresses.rb b/facts/ipaddresses.rb
deleted file mode 100644 (file)
index 05e3e90..0000000
+++ /dev/null
@@ -1,66 +0,0 @@
-Facter.add("v4ips") do
-        confine :kernel => :linux
-        addrs = []
-        if FileTest.exist?("/bin/ip")
-                %x{ip addr list}.each do |line|
-                        next unless line =~ /\s+inet/
-                        next if line =~ /scope (link|host)/
-                        if line =~ /\s+inet\s+(\S+)\/\d{1,2} .*/
-                                addrs << $1
-                        end
-                end
-        end
-        ret = addrs.join(",")
-        if ret.empty?
-          ret = 'no'
-        end
-        setcode do
-          ret
-        end
-end
-
-Facter.add("v4ips") do
-       confine :kernel => 'GNU/kFreeBSD'
-       setcode do
-               addrs = []
-               output = %x{/sbin/ifconfig}
-
-               output.split(/^\S/).each { |str|
-                       if str =~ /inet ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/
-                               tmp = $1
-                               unless tmp =~ /127\./
-                                       addrs << tmp
-                                       break
-                               end
-                       end
-               }
-
-               ret = addrs.join(",")
-               if ret.empty?
-                       ret = 'no'
-               end
-               ret
-       end
-end
-
-Facter.add("v6ips") do
-        confine :kernel => :linux
-        addrs = []
-        if FileTest.exist?("/bin/ip")
-                %x{ip addr list}.each do |line|
-                        next unless line =~ /\s+inet/
-                        next if line =~ /scope (link|host)/
-                        if line =~ /\s+inet6\s+(\S+)\/\d{1,3} .*/
-                                addrs << $1
-                        end
-                end
-        end
-        ret = addrs.join(",")
-        if ret.empty?
-          ret = 'no'
-        end
-        setcode do
-          ret
-        end
-end
-
diff --git a/facts/mounts.rb b/facts/mounts.rb
deleted file mode 100644 (file)
index 2a075cc..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-begin
-  require 'filesystem'
-
-       Facter.add("mounts") do
-               ignorefs = ["NFS", "nfs", "nfs4", "nfsd", "afs", "binfmt_misc", "proc", "smbfs", 
-                           "autofs", "iso9660", "ncpfs", "coda", "devpts", "ftpfs", "devfs", 
-                           "mfs", "shfs", "sysfs", "cifs", "lustre_lite", "tmpfs", "usbfs", "udf",
-                           "fusectl", "fuse.snapshotfs", "rpc_pipefs"]
-               mountpoints = []
-               FileSystem.mounts.each do |m|
-                       if ((not ignorefs.include?(m.fstype)) && (m.options !~ /bind/))
-                               mountpoints << m.mount
-                       end
-               end
-               setcode do
-                       mountpoints.join(',')
-               end
-       end
-
-rescue Exception => e
-end
diff --git a/facts/mta.rb b/facts/mta.rb
deleted file mode 100644 (file)
index 98ed433..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-Facter.add("mta") do
-       setcode do
-               mta = "exim4"
-               if FileTest.exist?("/usr/sbin/postfix")
-                       mta = "postfix"
-               end
-               mta
-       end
-end
-
-Facter.add("exim_ssl_certs") do
-       setcode do
-               FileTest.exist?("/etc/exim4/ssl/") &&
-               FileTest.exist?("/etc/exim4/ssl/ca.crl") &&
-               FileTest.exist?("/etc/exim4/ssl/thishost.crt") &&
-               FileTest.exist?("/etc/exim4/ssl/ca.crt") &&
-               FileTest.exist?("/etc/exim4/ssl/thishost.key")
-       end
-end
diff --git a/facts/portforwarder.rb b/facts/portforwarder.rb
deleted file mode 100644 (file)
index fe3cebd..0000000
+++ /dev/null
@@ -1,32 +0,0 @@
-begin
-    require 'etc'
-
-    Facter.add("portforwarder_key") do
-        setcode do
-            key = nil
-            keyfile = '/home/portforwarder/.ssh/id_rsa.pub'
-            if FileTest.exist?(keyfile)
-                key = File.open(keyfile).read.chomp
-            end
-            key
-        end
-    end
-
-    Facter.add("portforwarder_user_exists") do
-        setcode do
-            result = false
-            begin
-                if Etc.getpwnam('portforwarder')
-                    result = true
-                end
-            rescue ArgumentError
-            end
-            result
-        end
-    end
-
-rescue Exception => e
-end
-# vim:set et:
-# vim:set ts=4:
-# vim:set shiftwidth=4:
diff --git a/facts/raidarray.rb b/facts/raidarray.rb
deleted file mode 100644 (file)
index 997bf14..0000000
+++ /dev/null
@@ -1,53 +0,0 @@
-Facter.add("smartarraycontroller") do
-       confine :kernel => :linux
-       setcode do
-               FileTest.exist?("/dev/cciss/")
-       end
-end
-
-Facter.add("ThreeWarecontroller") do
-       confine :kernel => :linux
-       setcode do
-               is3w = "false"
-               if FileTest.exist?("/proc/scsi/scsi")
-                       IO.foreach("/proc/scsi/scsi") { |x|
-                               is3w = "true" if x =~ /Vendor: 3ware/
-                       }
-               end
-               is3w == "true"
-       end
-end
-
-Facter.add("megaraid") do
-       confine :kernel => :linux
-       setcode do
-               FileTest.exist?("/dev/megadev0")
-       end
-end
-
-Facter.add("mptraid") do
-       setcode do
-               FileTest.exist?("/dev/mptctl") or FileTest.exist?("/dev/mpt0") or FileTest.exist?("/proc/mpt/summary")
-       end
-end
-
-Facter.add("aacraid") do
-       confine :kernel => :linux
-       setcode do
-               FileTest.exist?("/dev/aac0")
-       end
-end
-
-Facter.add("swraid") do
-       confine :kernel => :linux
-       setcode do
-                swraid = "false"
-               if FileTest.exist?("/proc/mdstat") && FileTest.exist?("/sbin/mdadm")
-                        IO.foreach("/proc/mdstat") { |x|
-                                swraid = "true" if x =~ /md[0-9]+ : active/
-                        }
-                end
-                swraid == "true"
-       end
-end
-
diff --git a/facts/servertype.rb b/facts/servertype.rb
deleted file mode 100644 (file)
index fa2f35e..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-Facter.add("kvmdomain") do
-       setcode do
-               if File.new('/proc/cpuinfo').read().index('QEMU Virtual CPU')
-                       result = true
-               else
-                       result = false
-               end
-       end
-end
diff --git a/facts/services.rb b/facts/services.rb
deleted file mode 100644 (file)
index 4e84174..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-["bugs","qa"].each do |service|
-       Facter.add(service + "_host") do
-                confine :kernel => :linux
-               service_name = "#{service}." + Facter.domain
-               active = false
-
-               setcode do
-                       if FileTest.exist?("/usr/bin/dig")
-                               %x{/usr/bin/dig +short -t a #{service_name}}.chomp.each do |service_ip|
-                                       Facter.interfaces.split(',').each do |my_interface|
-                                               my_ip = Facter.value("ipaddress_" + my_interface)
-                                               if my_ip == service_ip
-                                                       active = "true"
-                                               end
-                                       end
-                               end
-                       end
-                       active
-               end
-       end
-end
diff --git a/facts/software.rb b/facts/software.rb
deleted file mode 100644 (file)
index 3a0fefc..0000000
+++ /dev/null
@@ -1,79 +0,0 @@
-Facter.add("apache2") do
-       setcode do
-               FileTest.exist?("/usr/sbin/apache2")
-       end
-end
-Facter.add("clamd") do
-       setcode do
-               FileTest.exist?("/usr/sbin/clamd")
-       end
-end
-Facter.add("exim4") do
-       setcode do
-               FileTest.exist?("/usr/sbin/exim4")
-       end
-end
-Facter.add("postfix") do
-       setcode do
-               FileTest.exist?("/usr/sbin/postfix")
-       end
-end
-Facter.add("postgres81") do
-       setcode do
-               FileTest.exist?("/usr/lib/postgresql/8.1/bin/postgres")
-       end
-end
-Facter.add("postgres83") do
-       setcode do
-               FileTest.exist?("/usr/lib/postgresql/8.3/bin/postgres")
-       end
-end
-Facter.add("postgrey") do
-       setcode do
-               FileTest.exist?("/usr/sbin/postgrey")
-       end
-end
-Facter.add("greylistd") do
-       setcode do
-               FileTest.exist?("/usr/sbin/greylistd")
-       end
-end
-Facter.add("policydweight") do
-       setcode do
-               FileTest.exist?("/usr/sbin/policyd-weight")
-       end
-end
-Facter.add("vsftpd") do
-       setcode do
-               FileTest.exist?("/usr/sbin/vsftpd")
-       end
-end
-Facter.add("spamd") do
-       setcode do
-               FileTest.exist?("/usr/sbin/spamd")
-       end
-end
-Facter.add("php5") do
-       setcode do
-               FileTest.exist?("/usr/lib/apache2/modules/libphp5.so") or
-               FileTest.exist?("/usr/bin/php5") or
-               FileTest.exist?("/usr/bin/php5-cgi") or
-               FileTest.exist?("/usr/lib/cgi-bin/php5")
-       end
-end
-Facter.add("php5suhosin") do
-       setcode do
-               FileTest.exist?("/usr/lib/php5/20060613/suhosin.so") or
-               FileTest.exist?("/usr/lib/php5/20060613+lfs/suhosin.so")
-       end
-end
-Facter.add("syslogversion") do
-       setcode do
-               %x{dpkg-query -W -f='${Version}\n' syslog-ng | cut -b1}.chomp
-       end
-end
-Facter.add("rsyncd") do
-       setcode do
-               FileTest.exist?("/etc/rsyncd.conf")
-       end
-end
diff --git a/files/etc/puppet/lib/puppet/parser/functions/allnodeinfo.rb b/files/etc/puppet/lib/puppet/parser/functions/allnodeinfo.rb
deleted file mode 100644 (file)
index 47450d5..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-module Puppet::Parser::Functions
-  newfunction(:allnodeinfo, :type => :rvalue) do |attributes|
-    attributes.unshift('*')
-    return (function_ldapinfo(attributes))
-  end
-end
diff --git a/files/etc/puppet/lib/puppet/parser/functions/extractnodeinfo.rb b/files/etc/puppet/lib/puppet/parser/functions/extractnodeinfo.rb
deleted file mode 100644 (file)
index 19f0ca8..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-module Puppet::Parser::Functions
-  newfunction(:extractnodeinfo, :type => :rvalue) do |args|
-
-    nodeinfo = args.shift
-
-    ni = nodeinfo
-    keys_done = []
-
-    args.each do |key|
-      raise Puppet::ParseError, "nodeinfo is not a hash at #{keys_done.join('->')}" unless ni.kind_of?(Hash)
-      unless ni.has_key?(key)
-        ni = false
-        break
-      end
-      ni = ni[key]
-      keys_done << key
-    end
-    return ni
-  end
-end
-# vim:set et:
-# vim:set sts=2 ts=2:
-# vim:set shiftwidth=2:
diff --git a/files/etc/puppet/lib/puppet/parser/functions/ldapinfo.rb b/files/etc/puppet/lib/puppet/parser/functions/ldapinfo.rb
deleted file mode 100644 (file)
index 3a68722..0000000
+++ /dev/null
@@ -1,37 +0,0 @@
-module Puppet::Parser::Functions
-  newfunction(:ldapinfo, :type => :rvalue) do |attributes|
-
-    host = attributes.shift
-
-    unless attributes.include?("*") or attributes.include?('hostname')
-      attributes << 'hostname'
-    end
-
-    require 'ldap'
-    ldap = LDAP::SSLConn.new('db.debian.org', 636)
-
-    results = {}
-    filter = '(hostname=' + host + ')'
-    begin
-      ldap.search2('ou=hosts,dc=debian,dc=org', LDAP::LDAP_SCOPE_SUBTREE, filter, attrs=attributes, false, 0, 0, s_attr="hostname").each do |x|
-        # If a returned value doesn't have all the attributes we're searching for, skip
-        # We'll skip if the array is empty, but we also seem to get back a nil object for empty attributes sometimes
-        unless attributes.include?("*")
-          next if attributes.any?{ |a|  not x[a] or x[a].empty? }
-        end
-        results[x['hostname'][0]] = x
-      end
-    rescue LDAP::ResultError
-      raise Puppet::ParseError, "LDAP error"
-    rescue RuntimeError
-      raise Puppet::ParseError, "No data returned from search"
-    ensure
-      ldap.unbind
-    end
-    if host == '*'
-      return(results)
-    else
-      return(results[host])
-    end
-  end
-end
diff --git a/files/etc/puppet/lib/puppet/parser/functions/nodeinfo.rb b/files/etc/puppet/lib/puppet/parser/functions/nodeinfo.rb
deleted file mode 100644 (file)
index 2cdfab9..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-module Puppet::Parser::Functions
-  newfunction(:nodeinfo, :type => :rvalue) do |args|
-
-    host = args[0]
-    yamlfile = args[1]
-
-    require '/etc/puppet/lib/puppet/parser/functions/ldapinfo.rb'
-
-    results         = function_yamlinfo(host, yamlfile)
-    results['ldap'] = function_ldapinfo(host, '*')
-
-    results['misc'] = {}
-    fqdn = lookupvar('fqdn')
-    if fqdn and fqdn == host
-      v4ips = lookupvar('v4ips')
-      if v4ips
-        # find out if we are behind nat
-        v4addrs = v4ips.split(',')
-        intersection = v4addrs & results['ldap']['ipHostNumber']
-        results['misc']['natted'] = intersection.empty?
-      end
-    end
-
-    return(results)
-  end
-end
-
-# vim: set fdm=marker ts=2 sw=2 et:
diff --git a/files/etc/puppet/lib/puppet/parser/functions/whohosts.rb b/files/etc/puppet/lib/puppet/parser/functions/whohosts.rb
deleted file mode 100644 (file)
index c2bda8c..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-module Puppet::Parser::Functions
-  newfunction(:whohosts, :type => :rvalue) do |args|
-    require 'ipaddr'
-    require 'yaml'
-
-    nodeinfo = args[0]
-    yamlfile = args[1]
-    parser.watch_file(yamlfile)
-
-    $KCODE = 'utf-8'
-
-    ans = "unknown"
-    yaml = YAML.load_file(yamlfile)
-
-    if (nodeinfo['ldap'].has_key?('ipHostNumber'))
-      nodeinfo['ldap']['ipHostNumber'].each do |addr|
-        yaml.keys.each do |hoster|
-          yaml[hoster].each do |net|
-            if IPAddr.new(net).include?(addr)
-              ans = hoster
-            end
-          end
-        end
-      end
-    end
-    return ans
-  end
-end
diff --git a/files/etc/puppet/lib/puppet/parser/functions/yamlinfo.rb b/files/etc/puppet/lib/puppet/parser/functions/yamlinfo.rb
deleted file mode 100644 (file)
index 2cb1f46..0000000
+++ /dev/null
@@ -1,63 +0,0 @@
-module Puppet::Parser::Functions
-  newfunction(:yamlinfo, :type => :rvalue) do |args|
-
-    host = args[0]
-    yamlfile = args[1]
-    parser.watch_file(yamlfile)
-
-    def read_yaml(yaml, host)
-      results = {}
-
-      ['nameinfo', 'footer'].each do |detail|
-        if yaml.has_key?(detail)
-          if yaml[detail].has_key?(host)
-            results[detail] = yaml[detail][host]
-          end
-        end
-      end
-      
-      if yaml.has_key?('services')
-        yaml['services'].each_pair do |service, hostlist|
-          hostlist=[hostlist] unless hostlist.kind_of?(Array)
-          results[service] = hostlist.include?(host)
-        end
-      end
-
-      results['mail_port']      = ''
-      results['smarthost']      = ''
-      results['heavy_exim']     = ''
-      results['smarthost_port'] = 587
-      results['reservedaddrs']  = '0.0.0.0/8 : 127.0.0.0/8 : 10.0.0.0/8 : 169.254.0.0/16 : 172.16.0.0/12 : 192.0.0.0/17 : 192.168.0.0/16 : 224.0.0.0/4 : 240.0.0.0/5 : 248.0.0.0/5'
-    
-      if yaml['host_settings'].kind_of?(Hash)
-        yaml['host_settings'].each_pair do |property, values|
-          if values.kind_of?(Hash)
-            results[property] = values[host] if values.has_key?(host)
-          elsif values.kind_of?(Array)
-            results[property] = "true" if values.include?(host)
-          end
-        end
-      end
-      return(results)
-    end
-
-    require 'yaml'
-    $KCODE = 'utf-8'
-
-    yaml = YAML.load_file(yamlfile)
-    ret = {}
-
-    if host == '*'
-      Dir.entries('/var/lib/puppet/yaml/node/').each do |fname|
-        next unless fname =~ /(.*)\.yaml$/
-        host_name = $1
-        ret[host_name] = read_yaml(yaml, host_name)
-      end
-    else
-      ret = read_yaml(yaml, host)
-    end
-
-    return(ret)
-  end
-end
-
index 376bb39..363d0fc 100644 (file)
@@ -44,7 +44,7 @@ node default {
         "true": {
             package { acpid: ensure => installed }
             case extractnodeinfo($nodeinfo, 'squeeze') {
-                'true':  { package { acpi-support-base: ensure => installed } }
+                true:  { package { acpi-support-base: ensure => installed } }
             }
         }
     }
@@ -55,28 +55,32 @@ node default {
     case $mta {
         "exim4":   {
              case extractnodeinfo($nodeinfo, 'heavy_exim') {
-                  'true':  { include exim::mx }
+                  true:  { include exim::mx }
                   default: { include exim }
              }
         }
     }
 
+    case extractnodeinfo($nodeinfo, 'puppetmaster') {
+        true: { include puppetmaster }
+    }
+
     case extractnodeinfo($nodeinfo, 'muninmaster') {
-        "true": { include munin-node::master }
+        true: { include munin-node::master }
     }
 
     case extractnodeinfo($nodeinfo, 'nagiosmaster') {
-        "true":    { include nagios::server }
+        true:    { include nagios::server }
         default: { include nagios::client }
     }
 
     case $apache2 {
          "true":  {
               case extractnodeinfo($nodeinfo, 'apache2_security_mirror') {
-                     "true":    { include apache2::security_mirror }
+                     true:    { include apache2::security_mirror }
               }
               case extractnodeinfo($nodeinfo, 'apache2_www_mirror') {
-                     "true":    { include apache2::www_mirror }
+                     true:    { include apache2::www_mirror }
               }
               include apache2
          }
@@ -88,7 +92,7 @@ node default {
 
 
     case extractnodeinfo($nodeinfo, 'buildd') {
-         'true':  {
+         true:  {
              include buildd
          }
     }
index 5bbf6c4..555cdf5 100644 (file)
@@ -1,3 +1,3 @@
 SHELL=/bin/bash
 @hourly  root [ ! -d /var/cache/dsa ] || touch /var/cache/dsa/cron.alive
-34 */4 * * * root if [ -x /usr/sbin/puppetd ]; then sleep $(( $RANDOM \% 3600 )); if [ -x /usr/bin/timeout ]; then TO="timeout 3600"; else TO=""; fi; $TO /usr/sbin/puppetd --factsync -o --no-daemonize 2>&1 | grep -v 'v6: error fetching interface information: Device not found' ; fi
+34 */4 * * * root if [ -x /usr/sbin/puppetd ]; then sleep $(( $RANDOM \% 3600 )); if [ -x /usr/bin/timeout ]; then TO="timeout 3600"; else TO=""; fi; $TO /usr/sbin/puppetd -o --no-daemonize 2>&1 | grep -v 'v6: error fetching interface information: Device not found' ; fi
index a4c7ade..4770647 100644 (file)
@@ -9,13 +9,13 @@ vardir=/var/lib/puppet
 ssldir=/var/lib/puppet/ssl
 rundir=/var/run/puppet
 factpath=$vardir/facts
-pluginsync=false
+pluginsync=true
 # This is the default environment for all clients
 environment=production
 
 [puppetmasterd]
 templatedir=/etc/puppet/templates
-libdir=/etc/puppet/lib
+#libdir=/etc/puppet/lib
 environments = development,testing,production,staging
 
 [puppetd]
diff --git a/modules/debian-org/lib/facter/architecture.rb b/modules/debian-org/lib/facter/architecture.rb
new file mode 100644 (file)
index 0000000..894c82c
--- /dev/null
@@ -0,0 +1,19 @@
+Facter.add(:architecture) do
+    confine :kernel => 'GNU/kFreeBSD'
+    setcode do
+        model = Facter.value(:hardwaremodel)
+        case model
+        when 'x86_64': "amd64" 
+        when /(i[3456]86|pentium)/: "i386"
+        else
+            model
+        end
+    end
+end
+
+Facter.add(:debarchitecture) do
+    setcode do
+        %x{/usr/bin/dpkg --print-architecture}.chomp
+    end
+end
+
diff --git a/modules/debian-org/lib/facter/hosts.rb b/modules/debian-org/lib/facter/hosts.rb
new file mode 100644 (file)
index 0000000..b55c43b
--- /dev/null
@@ -0,0 +1,18 @@
+Facter.add("brokenhosts") do
+       brokenhosts = "true"
+       if FileTest.exist?("/etc/hosts")
+               IO.foreach("/etc/hosts") do |x|
+                       x.split.each do |y|
+                               if y == Facter.value("fqdn")
+                                       brokenhosts = "false"
+                                       break
+                               end
+                       end
+               end
+       end
+       setcode do
+               brokenhosts == "true"
+       end
+end
+
+
diff --git a/modules/debian-org/lib/facter/ipaddresses.rb b/modules/debian-org/lib/facter/ipaddresses.rb
new file mode 100644 (file)
index 0000000..05e3e90
--- /dev/null
@@ -0,0 +1,66 @@
+Facter.add("v4ips") do
+        confine :kernel => :linux
+        addrs = []
+        if FileTest.exist?("/bin/ip")
+                %x{ip addr list}.each do |line|
+                        next unless line =~ /\s+inet/
+                        next if line =~ /scope (link|host)/
+                        if line =~ /\s+inet\s+(\S+)\/\d{1,2} .*/
+                                addrs << $1
+                        end
+                end
+        end
+        ret = addrs.join(",")
+        if ret.empty?
+          ret = 'no'
+        end
+        setcode do
+          ret
+        end
+end
+
+Facter.add("v4ips") do
+       confine :kernel => 'GNU/kFreeBSD'
+       setcode do
+               addrs = []
+               output = %x{/sbin/ifconfig}
+
+               output.split(/^\S/).each { |str|
+                       if str =~ /inet ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/
+                               tmp = $1
+                               unless tmp =~ /127\./
+                                       addrs << tmp
+                                       break
+                               end
+                       end
+               }
+
+               ret = addrs.join(",")
+               if ret.empty?
+                       ret = 'no'
+               end
+               ret
+       end
+end
+
+Facter.add("v6ips") do
+        confine :kernel => :linux
+        addrs = []
+        if FileTest.exist?("/bin/ip")
+                %x{ip addr list}.each do |line|
+                        next unless line =~ /\s+inet/
+                        next if line =~ /scope (link|host)/
+                        if line =~ /\s+inet6\s+(\S+)\/\d{1,3} .*/
+                                addrs << $1
+                        end
+                end
+        end
+        ret = addrs.join(",")
+        if ret.empty?
+          ret = 'no'
+        end
+        setcode do
+          ret
+        end
+end
+
diff --git a/modules/debian-org/lib/facter/mounts.rb b/modules/debian-org/lib/facter/mounts.rb
new file mode 100644 (file)
index 0000000..2a075cc
--- /dev/null
@@ -0,0 +1,21 @@
+begin
+  require 'filesystem'
+
+       Facter.add("mounts") do
+               ignorefs = ["NFS", "nfs", "nfs4", "nfsd", "afs", "binfmt_misc", "proc", "smbfs", 
+                           "autofs", "iso9660", "ncpfs", "coda", "devpts", "ftpfs", "devfs", 
+                           "mfs", "shfs", "sysfs", "cifs", "lustre_lite", "tmpfs", "usbfs", "udf",
+                           "fusectl", "fuse.snapshotfs", "rpc_pipefs"]
+               mountpoints = []
+               FileSystem.mounts.each do |m|
+                       if ((not ignorefs.include?(m.fstype)) && (m.options !~ /bind/))
+                               mountpoints << m.mount
+                       end
+               end
+               setcode do
+                       mountpoints.join(',')
+               end
+       end
+
+rescue Exception => e
+end
diff --git a/modules/debian-org/lib/facter/mta.rb b/modules/debian-org/lib/facter/mta.rb
new file mode 100644 (file)
index 0000000..98ed433
--- /dev/null
@@ -0,0 +1,19 @@
+Facter.add("mta") do
+       setcode do
+               mta = "exim4"
+               if FileTest.exist?("/usr/sbin/postfix")
+                       mta = "postfix"
+               end
+               mta
+       end
+end
+
+Facter.add("exim_ssl_certs") do
+       setcode do
+               FileTest.exist?("/etc/exim4/ssl/") &&
+               FileTest.exist?("/etc/exim4/ssl/ca.crl") &&
+               FileTest.exist?("/etc/exim4/ssl/thishost.crt") &&
+               FileTest.exist?("/etc/exim4/ssl/ca.crt") &&
+               FileTest.exist?("/etc/exim4/ssl/thishost.key")
+       end
+end
diff --git a/modules/debian-org/lib/facter/portforwarder.rb b/modules/debian-org/lib/facter/portforwarder.rb
new file mode 100644 (file)
index 0000000..fe3cebd
--- /dev/null
@@ -0,0 +1,32 @@
+begin
+    require 'etc'
+
+    Facter.add("portforwarder_key") do
+        setcode do
+            key = nil
+            keyfile = '/home/portforwarder/.ssh/id_rsa.pub'
+            if FileTest.exist?(keyfile)
+                key = File.open(keyfile).read.chomp
+            end
+            key
+        end
+    end
+
+    Facter.add("portforwarder_user_exists") do
+        setcode do
+            result = false
+            begin
+                if Etc.getpwnam('portforwarder')
+                    result = true
+                end
+            rescue ArgumentError
+            end
+            result
+        end
+    end
+
+rescue Exception => e
+end
+# vim:set et:
+# vim:set ts=4:
+# vim:set shiftwidth=4:
diff --git a/modules/debian-org/lib/facter/raidarray.rb b/modules/debian-org/lib/facter/raidarray.rb
new file mode 100644 (file)
index 0000000..997bf14
--- /dev/null
@@ -0,0 +1,53 @@
+Facter.add("smartarraycontroller") do
+       confine :kernel => :linux
+       setcode do
+               FileTest.exist?("/dev/cciss/")
+       end
+end
+
+Facter.add("ThreeWarecontroller") do
+       confine :kernel => :linux
+       setcode do
+               is3w = "false"
+               if FileTest.exist?("/proc/scsi/scsi")
+                       IO.foreach("/proc/scsi/scsi") { |x|
+                               is3w = "true" if x =~ /Vendor: 3ware/
+                       }
+               end
+               is3w == "true"
+       end
+end
+
+Facter.add("megaraid") do
+       confine :kernel => :linux
+       setcode do
+               FileTest.exist?("/dev/megadev0")
+       end
+end
+
+Facter.add("mptraid") do
+       setcode do
+               FileTest.exist?("/dev/mptctl") or FileTest.exist?("/dev/mpt0") or FileTest.exist?("/proc/mpt/summary")
+       end
+end
+
+Facter.add("aacraid") do
+       confine :kernel => :linux
+       setcode do
+               FileTest.exist?("/dev/aac0")
+       end
+end
+
+Facter.add("swraid") do
+       confine :kernel => :linux
+       setcode do
+                swraid = "false"
+               if FileTest.exist?("/proc/mdstat") && FileTest.exist?("/sbin/mdadm")
+                        IO.foreach("/proc/mdstat") { |x|
+                                swraid = "true" if x =~ /md[0-9]+ : active/
+                        }
+                end
+                swraid == "true"
+       end
+end
+
diff --git a/modules/debian-org/lib/facter/servertype.rb b/modules/debian-org/lib/facter/servertype.rb
new file mode 100644 (file)
index 0000000..fa2f35e
--- /dev/null
@@ -0,0 +1,9 @@
+Facter.add("kvmdomain") do
+       setcode do
+               if File.new('/proc/cpuinfo').read().index('QEMU Virtual CPU')
+                       result = true
+               else
+                       result = false
+               end
+       end
+end
diff --git a/modules/debian-org/lib/facter/services.rb b/modules/debian-org/lib/facter/services.rb
new file mode 100644 (file)
index 0000000..4e84174
--- /dev/null
@@ -0,0 +1,21 @@
+["bugs","qa"].each do |service|
+       Facter.add(service + "_host") do
+                confine :kernel => :linux
+               service_name = "#{service}." + Facter.domain
+               active = false
+
+               setcode do
+                       if FileTest.exist?("/usr/bin/dig")
+                               %x{/usr/bin/dig +short -t a #{service_name}}.chomp.each do |service_ip|
+                                       Facter.interfaces.split(',').each do |my_interface|
+                                               my_ip = Facter.value("ipaddress_" + my_interface)
+                                               if my_ip == service_ip
+                                                       active = "true"
+                                               end
+                                       end
+                               end
+                       end
+                       active
+               end
+       end
+end
diff --git a/modules/debian-org/lib/facter/software.rb b/modules/debian-org/lib/facter/software.rb
new file mode 100644 (file)
index 0000000..3a0fefc
--- /dev/null
@@ -0,0 +1,79 @@
+Facter.add("apache2") do
+       setcode do
+               FileTest.exist?("/usr/sbin/apache2")
+       end
+end
+Facter.add("clamd") do
+       setcode do
+               FileTest.exist?("/usr/sbin/clamd")
+       end
+end
+Facter.add("exim4") do
+       setcode do
+               FileTest.exist?("/usr/sbin/exim4")
+       end
+end
+Facter.add("postfix") do
+       setcode do
+               FileTest.exist?("/usr/sbin/postfix")
+       end
+end
+Facter.add("postgres81") do
+       setcode do
+               FileTest.exist?("/usr/lib/postgresql/8.1/bin/postgres")
+       end
+end
+Facter.add("postgres83") do
+       setcode do
+               FileTest.exist?("/usr/lib/postgresql/8.3/bin/postgres")
+       end
+end
+Facter.add("postgrey") do
+       setcode do
+               FileTest.exist?("/usr/sbin/postgrey")
+       end
+end
+Facter.add("greylistd") do
+       setcode do
+               FileTest.exist?("/usr/sbin/greylistd")
+       end
+end
+Facter.add("policydweight") do
+       setcode do
+               FileTest.exist?("/usr/sbin/policyd-weight")
+       end
+end
+Facter.add("vsftpd") do
+       setcode do
+               FileTest.exist?("/usr/sbin/vsftpd")
+       end
+end
+Facter.add("spamd") do
+       setcode do
+               FileTest.exist?("/usr/sbin/spamd")
+       end
+end
+Facter.add("php5") do
+       setcode do
+               FileTest.exist?("/usr/lib/apache2/modules/libphp5.so") or
+               FileTest.exist?("/usr/bin/php5") or
+               FileTest.exist?("/usr/bin/php5-cgi") or
+               FileTest.exist?("/usr/lib/cgi-bin/php5")
+       end
+end
+Facter.add("php5suhosin") do
+       setcode do
+               FileTest.exist?("/usr/lib/php5/20060613/suhosin.so") or
+               FileTest.exist?("/usr/lib/php5/20060613+lfs/suhosin.so")
+       end
+end
+Facter.add("syslogversion") do
+       setcode do
+               %x{dpkg-query -W -f='${Version}\n' syslog-ng | cut -b1}.chomp
+       end
+end
+Facter.add("rsyncd") do
+       setcode do
+               FileTest.exist?("/etc/rsyncd.conf")
+       end
+end
index 262479a..123a0e8 100644 (file)
@@ -97,17 +97,6 @@ class debian-org {
             notify => Exec["rc.local start"],
             ;
     }
-    case $hostname {
-        handel: {
-            file {
-                "/etc/puppet/lib":
-                    ensure  => directory,
-                    source => "puppet:///files/etc/puppet/lib",
-                    recurse => true,
-                    notify  => Exec["puppetmaster restart"];
-             }
-         }
-    }
    
     # set mmap_min_addr to 4096 to mitigate
     # Linux NULL-pointer dereference exploits
@@ -148,9 +137,16 @@ class debian-proliant inherits debian-org {
     package {
         "hpacucli": ensure => installed;
         "hp-health": ensure => installed;
-        "cpqarrayd": ensure => installed;
         "arrayprobe": ensure => installed;
     }
+    case extractnodeinfo($nodeinfo, 'squeeze') {
+        true: {}
+        default: {
+            package {
+                "cpqarrayd": ensure => installed;
+            }
+        }
+    }
     case $debarchitecture {
         "amd64": {
             package { "lib32gcc1": ensure => installed; }
index 8f929ca..90589f2 100644 (file)
@@ -3,7 +3,7 @@
 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
 ##
 
-<% if nodeinfo.has_key?('squeeze') and not nodeinfo['squeeze'].empty? %>
+<% if nodeinfo.has_key?('squeeze') and nodeinfo['squeeze'] %>
 <% else %>
 deb    http://mirror.netcologne.de/debian-backports/   lenny-backports main contrib non-free
 <% end %>
index 523d1ec..05fdc5a 100644 (file)
@@ -3,7 +3,7 @@
 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
 ##
 
-<% if nodeinfo.has_key?('squeeze') and not nodeinfo['squeeze'].empty? %>
+<% if nodeinfo.has_key?('squeeze') and nodeinfo['squeeze'] %>
 deb     http://security.debian.org/             squeeze/updates    main contrib non-free
 <% else %>
 deb     http://security.debian.org/             lenny/updates    main contrib non-free
index 40dee86..7801d53 100644 (file)
@@ -3,7 +3,7 @@
 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
 ##
 
-<% if nodeinfo.has_key?('squeeze') and not nodeinfo['squeeze'].empty? %>
+<% if nodeinfo.has_key?('squeeze') and nodeinfo['squeeze'] %>
 <% else %>
 deb     http://volatile.debian.org/debian-volatile lenny/volatile   main contrib non-free
 <% end %>
index 332f73b..2667f60 100644 (file)
@@ -76,7 +76,7 @@
 #                    MAIN CONFIGURATION SETTINGS                     #
 ######################################################################
 
-<%- if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? -%>
+<%- if nodeinfo.has_key?('heavy_exim') and nodeinfo['heavy_exim'] -%>
 perl_startup = do '/etc/exim4/exim_surbl.pl'
 <%- end -%>
 
@@ -87,7 +87,7 @@ perl_startup = do '/etc/exim4/exim_surbl.pl'
 acl_smtp_helo = check_helo
 acl_smtp_rcpt = ${if ={$interface_port}{587} {check_submission}{check_recipient}}
 acl_smtp_data = check_message
-<%- if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? -%>
+<%- if nodeinfo.has_key?('heavy_exim') and nodeinfo['heavy_exim'] -%>
 acl_smtp_mime = acl_check_mime
 <%- end -%>
 acl_smtp_predata = acl_check_predata
@@ -169,7 +169,7 @@ timeout_frozen_after=14d
 message_size_limit = 100M
 message_logs = false
 smtp_accept_max_per_host = ${if match_ip {$sender_host_address}{+debianhosts}{0}{7}}
-<%- if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? -%>
+<%- if nodeinfo.has_key?('heavy_exim') and nodeinfo['heavy_exim'] -%>
 smtp_accept_max = 300
 smtp_accept_queue = 200
 smtp_accept_queue_per_connection = 50
@@ -188,7 +188,7 @@ check_spool_space  = 20M
 
 delay_warning =
 
-<%- if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? -%>
+<%- if nodeinfo.has_key?('heavy_exim') and nodeinfo['heavy_exim'] -%>
 message_body_visible = 5000
 queue_run_max = 50
 deliver_queue_load_max = 50
@@ -847,7 +847,7 @@ check_recipient:
 
   deny    message = relay not permitted
 
-<%- if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? -%>
+<%- if nodeinfo.has_key?('heavy_exim') and nodeinfo['heavy_exim'] -%>
 acl_check_mime:
 
  discard condition     = ${if <{$message_size}{256000}}
@@ -947,7 +947,7 @@ check_message:
           message         = X-malware detected: $malware_name
 
 <%- end -%>
-<%- if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? -%>
+<%- if nodeinfo.has_key?('heavy_exim') and nodeinfo['heavy_exim'] -%>
  discard condition     = ${if <{$message_size}{256000}}
          condition     = ${if eq {$acl_m_prf}{blackhole}}
          set acl_m_srb = ${perl{surblspamcheck}}
index 95da151..7ade513 100644 (file)
@@ -71,7 +71,7 @@ class ferm {
     }
 
     case extractnodeinfo($nodeinfo, 'buildd') {
-        'true': {
+        true: {
             file {
                 "/etc/ferm/conf.d/load_ftp_conntrack.conf":
                     source => "puppet:///modules/ferm/conntrack_ftp.conf",
index 10ce8b8..0e32b99 100644 (file)
@@ -11,7 +11,7 @@
 # You must set this variable to for monit to start
 startup=0
 
-<% if nodeinfo.has_key?('squeeze') and not nodeinfo['squeeze'].empty? %>
+<% if nodeinfo.has_key?('squeeze') and nodeinfo['squeeze'] %>
 <% else %>
 
 # To change the intervals which monit should run uncomment
index dc46f19..e640cbe 100644 (file)
@@ -21,7 +21,7 @@
 ## Start monit in the background (run as a daemon) and check services at 
 ## 2-minute intervals.
 #
-<% if nodeinfo.has_key?('squeeze') and not nodeinfo['squeeze'].empty? %>
+<% if nodeinfo.has_key?('squeeze') and nodeinfo['squeeze'] %>
 set daemon 300
 <% else %>
 <% end %>
index 730fbea..71c8633 100644 (file)
@@ -29,14 +29,14 @@ class ntp {
             ;
     }
     case extractnodeinfo($nodeinfo, 'timeserver') {
-        'true': { }
+        true: { }
         default: {
             file {
                 "/etc/default/ntp":
                     owner   => root,
                     group   => root,
                     mode    => 444,
-                    source  => [ "puppet:///ntp/etc-default-ntp" ],
+                    source  => [ "puppet:///modules/ntp/etc-default-ntp" ],
                     require => Package["ntp"],
                     notify  => Exec["ntp restart"],
                     ;
@@ -45,7 +45,7 @@ class ntp {
                     owner   => root,
                     group   => root,
                     mode    => 444,
-                    source  => [ "puppet:///ntp/ntpkey_iff_merikanto.pub" ],
+                    source  => [ "puppet:///modules/ntp/ntpkey_iff_merikanto.pub" ],
                     require => Package["ntp"],
                     notify  => Exec["ntp restart"],
                     ;
@@ -53,7 +53,7 @@ class ntp {
                     owner   => root,
                     group   => root,
                     mode    => 444,
-                    source  => [ "puppet:///ntp/ntpkey_iff_orff.pub" ],
+                    source  => [ "puppet:///modules/ntp/ntpkey_iff_orff.pub" ],
                     require => Package["ntp"],
                     notify  => Exec["ntp restart"],
                     ;
@@ -61,7 +61,7 @@ class ntp {
                     owner   => root,
                     group   => root,
                     mode    => 444,
-                    source  => [ "puppet:///ntp/ntpkey_iff_ravel.pub" ],
+                    source  => [ "puppet:///modules/ntp/ntpkey_iff_ravel.pub" ],
                     require => Package["ntp"],
                     notify  => Exec["ntp restart"],
                     ;
@@ -69,7 +69,7 @@ class ntp {
                     owner   => root,
                     group   => root,
                     mode    => 444,
-                    source  => [ "puppet:///ntp/ntpkey_iff_busoni.pub" ],
+                    source  => [ "puppet:///modules/ntp/ntpkey_iff_busoni.pub" ],
                     require => Package["ntp"],
                     notify  => Exec["ntp restart"],
                     ;
diff --git a/modules/puppetmaster/lib/puppet/parser/functions/allnodeinfo.rb b/modules/puppetmaster/lib/puppet/parser/functions/allnodeinfo.rb
new file mode 100644 (file)
index 0000000..47450d5
--- /dev/null
@@ -0,0 +1,6 @@
+module Puppet::Parser::Functions
+  newfunction(:allnodeinfo, :type => :rvalue) do |attributes|
+    attributes.unshift('*')
+    return (function_ldapinfo(attributes))
+  end
+end
diff --git a/modules/puppetmaster/lib/puppet/parser/functions/extractnodeinfo.rb b/modules/puppetmaster/lib/puppet/parser/functions/extractnodeinfo.rb
new file mode 100644 (file)
index 0000000..19f0ca8
--- /dev/null
@@ -0,0 +1,23 @@
+module Puppet::Parser::Functions
+  newfunction(:extractnodeinfo, :type => :rvalue) do |args|
+
+    nodeinfo = args.shift
+
+    ni = nodeinfo
+    keys_done = []
+
+    args.each do |key|
+      raise Puppet::ParseError, "nodeinfo is not a hash at #{keys_done.join('->')}" unless ni.kind_of?(Hash)
+      unless ni.has_key?(key)
+        ni = false
+        break
+      end
+      ni = ni[key]
+      keys_done << key
+    end
+    return ni
+  end
+end
+# vim:set et:
+# vim:set sts=2 ts=2:
+# vim:set shiftwidth=2:
diff --git a/modules/puppetmaster/lib/puppet/parser/functions/ldapinfo.rb b/modules/puppetmaster/lib/puppet/parser/functions/ldapinfo.rb
new file mode 100644 (file)
index 0000000..3a68722
--- /dev/null
@@ -0,0 +1,37 @@
+module Puppet::Parser::Functions
+  newfunction(:ldapinfo, :type => :rvalue) do |attributes|
+
+    host = attributes.shift
+
+    unless attributes.include?("*") or attributes.include?('hostname')
+      attributes << 'hostname'
+    end
+
+    require 'ldap'
+    ldap = LDAP::SSLConn.new('db.debian.org', 636)
+
+    results = {}
+    filter = '(hostname=' + host + ')'
+    begin
+      ldap.search2('ou=hosts,dc=debian,dc=org', LDAP::LDAP_SCOPE_SUBTREE, filter, attrs=attributes, false, 0, 0, s_attr="hostname").each do |x|
+        # If a returned value doesn't have all the attributes we're searching for, skip
+        # We'll skip if the array is empty, but we also seem to get back a nil object for empty attributes sometimes
+        unless attributes.include?("*")
+          next if attributes.any?{ |a|  not x[a] or x[a].empty? }
+        end
+        results[x['hostname'][0]] = x
+      end
+    rescue LDAP::ResultError
+      raise Puppet::ParseError, "LDAP error"
+    rescue RuntimeError
+      raise Puppet::ParseError, "No data returned from search"
+    ensure
+      ldap.unbind
+    end
+    if host == '*'
+      return(results)
+    else
+      return(results[host])
+    end
+  end
+end
diff --git a/modules/puppetmaster/lib/puppet/parser/functions/nodeinfo.rb b/modules/puppetmaster/lib/puppet/parser/functions/nodeinfo.rb
new file mode 100644 (file)
index 0000000..75e9c88
--- /dev/null
@@ -0,0 +1,28 @@
+module Puppet::Parser::Functions
+  newfunction(:nodeinfo, :type => :rvalue) do |args|
+
+    host = args[0]
+    yamlfile = args[1]
+
+    require '/var/lib/puppet/lib/puppet/parser/functions/ldapinfo.rb'
+
+    results         = function_yamlinfo(host, yamlfile)
+    results['ldap'] = function_ldapinfo(host, '*')
+
+    results['misc'] = {}
+    fqdn = lookupvar('fqdn')
+    if fqdn and fqdn == host
+      v4ips = lookupvar('v4ips')
+      if v4ips
+        # find out if we are behind nat
+        v4addrs = v4ips.split(',')
+        intersection = v4addrs & results['ldap']['ipHostNumber']
+        results['misc']['natted'] = intersection.empty?
+      end
+    end
+
+    return(results)
+  end
+end
+
+# vim: set fdm=marker ts=2 sw=2 et:
diff --git a/modules/puppetmaster/lib/puppet/parser/functions/whohosts.rb b/modules/puppetmaster/lib/puppet/parser/functions/whohosts.rb
new file mode 100644 (file)
index 0000000..c2bda8c
--- /dev/null
@@ -0,0 +1,28 @@
+module Puppet::Parser::Functions
+  newfunction(:whohosts, :type => :rvalue) do |args|
+    require 'ipaddr'
+    require 'yaml'
+
+    nodeinfo = args[0]
+    yamlfile = args[1]
+    parser.watch_file(yamlfile)
+
+    $KCODE = 'utf-8'
+
+    ans = "unknown"
+    yaml = YAML.load_file(yamlfile)
+
+    if (nodeinfo['ldap'].has_key?('ipHostNumber'))
+      nodeinfo['ldap']['ipHostNumber'].each do |addr|
+        yaml.keys.each do |hoster|
+          yaml[hoster].each do |net|
+            if IPAddr.new(net).include?(addr)
+              ans = hoster
+            end
+          end
+        end
+      end
+    end
+    return ans
+  end
+end
diff --git a/modules/puppetmaster/lib/puppet/parser/functions/yamlinfo.rb b/modules/puppetmaster/lib/puppet/parser/functions/yamlinfo.rb
new file mode 100644 (file)
index 0000000..4cc88f0
--- /dev/null
@@ -0,0 +1,63 @@
+module Puppet::Parser::Functions
+  newfunction(:yamlinfo, :type => :rvalue) do |args|
+
+    host = args[0]
+    yamlfile = args[1]
+    parser.watch_file(yamlfile)
+
+    def read_yaml(yaml, host)
+      results = {}
+
+      ['nameinfo', 'footer'].each do |detail|
+        if yaml.has_key?(detail)
+          if yaml[detail].has_key?(host)
+            results[detail] = yaml[detail][host]
+          end
+        end
+      end
+      
+      if yaml.has_key?('services')
+        yaml['services'].each_pair do |service, hostlist|
+          hostlist=[hostlist] unless hostlist.kind_of?(Array)
+          results[service] = hostlist.include?(host)
+        end
+      end
+
+      results['mail_port']      = ''
+      results['smarthost']      = ''
+      results['heavy_exim']     = ''
+      results['smarthost_port'] = 587
+      results['reservedaddrs']  = '0.0.0.0/8 : 127.0.0.0/8 : 10.0.0.0/8 : 169.254.0.0/16 : 172.16.0.0/12 : 192.0.0.0/17 : 192.168.0.0/16 : 224.0.0.0/4 : 240.0.0.0/5 : 248.0.0.0/5'
+    
+      if yaml['host_settings'].kind_of?(Hash)
+        yaml['host_settings'].each_pair do |property, values|
+          if values.kind_of?(Hash)
+            results[property] = values[host] if values.has_key?(host)
+          elsif values.kind_of?(Array)
+            results[property] = values.include?(host)
+          end
+        end
+      end
+      return(results)
+    end
+
+    require 'yaml'
+    $KCODE = 'utf-8'
+
+    yaml = YAML.load_file(yamlfile)
+    ret = {}
+
+    if host == '*'
+      Dir.entries('/var/lib/puppet/yaml/node/').each do |fname|
+        next unless fname =~ /(.*)\.yaml$/
+        host_name = $1
+        ret[host_name] = read_yaml(yaml, host_name)
+      end
+    else
+      ret = read_yaml(yaml, host)
+    end
+
+    return(ret)
+  end
+end
+
diff --git a/modules/puppetmaster/manifests/init.pp b/modules/puppetmaster/manifests/init.pp
new file mode 100644 (file)
index 0000000..b702a15
--- /dev/null
@@ -0,0 +1,5 @@
+class puppetmaster {
+}
+# vim:set et:
+# vim:set sts=4 ts=4:
+# vim:set shiftwidth=4:
index d248d11..52a932a 100644 (file)
@@ -263,7 +263,7 @@ file=/etc/ssh/ssh_config
 file=/etc/ssh/sshd_config
 <%=
 out=""
-if not nodeinfo['heavy_exim'].empty?
+if nodeinfo['heavy_exim']
   out = '
 file=/etc/exim4/surbl_whitelist.txt
 file=/etc/exim4/exim_surbl.pl
@@ -372,6 +372,7 @@ file=/etc/nagios3/puppetconf.d/auto-services.cfg
 file=/etc/nagios3/puppetconf.d/auto-dependencies.cfg
 file=/etc/nagios3/puppetconf.d/auto-hostextinfo.cfg
 file=/etc/nagios3/puppetconf.d/auto-serviceextinfo.cfg
+file=/etc/nagios3/puppetconf.d/auto-servicegroups.cfg
 <% end -%>
 <% if nodeinfo['muninmaster'] -%>
 file=/etc/munin/munin.conf