projects / mirror / dsa-puppet.git / blob
? search:


9fed0247b39a9a82ade76f2309ec0a4a64089079
[mirror/dsa-puppet.git] / modules / puppetmaster / manifests / init.pp
1 class puppetmaster {
2
3         package { 'puppetmaster':
4                 ensure => installed,
5         }
6         file { '/etc/puppet/hiera.yaml':
7                 source => 'puppet:///modules/puppetmaster/hiera.yaml'
8         }
9         file { '/etc/puppet/puppetdb.conf':
10                 source => 'puppet:///modules/puppetmaster/puppetdb.conf'
11         }
12
13         ferm::rule { 'dsa-puppet':
14                 description     => 'Allow puppet access',
15                 domain          => '(ip ip6)',
16                 rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN)',
17         }
18
19         file { '/srv/puppet.debian.org/puppet-facts':
20                 ensure => directory
21         }
22         concat { '/srv/puppet.debian.org/puppet-facts/onionbalance-services.yaml':
23         }
24         Concat::Fragment <<| tag == "onionbalance-services.yaml" |>>
25
26         file { '/etc/cron.d/puppet-update-fastly-ips': ensure => absent, }
27         file { '/etc/cron.d/update-fastly-ips': ensure => absent, }
28         concat::fragment { 'puppet-crontab---fastly-ips':
29                 target => '/etc/cron.d/puppet-crontab',
30                 content  => @(EOF)
31                         @daily  root    /usr/local/bin/update-fastly-ips /srv/puppet.debian.org/puppet-facts/fastly_ranges.yaml
32                         | EOF
33         }
34         file { '/usr/local/bin/update-fastly-ips':
35                 source => 'puppet:///modules/puppetmaster/update-fastly-ips.sh',
36                 mode   => '0555',
37         }
38 }
Unnamed repository; edit this file 'description' to name the repository.