include grub
include multipath
include popcon
+ include portforwarder
+ include postgres
+
if $::lsbdistcodename == squeeze {
include roles::udldap::client
} else {
include hosts
}
- if $::portforwarder_user_exists {
- include portforwarder
- }
-
if $::samhain {
include samhain
}
include debian_org::radvd
}
- if ($::postgres) {
- include postgres
- }
-
if $::spamd {
munin::check { 'spamassassin': }
}
include hardware::raid::megactl
}
- if $::mptraid {
- include hardware::raid::raidmpt
- }
-
+ include hardware::raid::raidmpt
}
# include hardware::raid::raidmpt
#
class hardware::raid::raidmpt {
+ if $::mptraid {
+ package { 'mpt-status':
+ ensure => installed
+ }
- package { 'mpt-status':
- ensure => installed
- }
+ file { '/etc/default/mpt-statusd':
+ content => "# This file is under puppet control\nRUN_DAEMON=no\n",
+ notify => Exec['mpt-statusd-stop'],
+ }
- file { '/etc/default/mpt-statusd':
- content => "# This file is under puppet control\nRUN_DAEMON=no\n",
- notify => Exec['mpt-statusd-stop'],
- }
+ exec { 'mpt-statusd-stop':
+ command => 'pidfile=/var/run/mpt-statusd.pid; ! [ -e "$pidfile" ] || /sbin/start-stop-daemon --oknodo --stop --signal TERM --quiet --pidfile "$pidfile"; rm -f "$pidfile"; pkill -INT -P 1 -u 0 -f "/usr/bin/daemon /etc/init.d/mpt-statusd check_mpt"',
+ refreshonly => true,
+ }
+ } else {
+ package { 'mpt-status':
+ ensure => purged,
+ }
- exec { 'mpt-statusd-stop':
- command => 'pidfile=/var/run/mpt-statusd.pid; ! [ -e "$pidfile" ] || /sbin/start-stop-daemon --oknodo --stop --signal TERM --quiet --pidfile "$pidfile"; rm -f "$pidfile"; pkill -INT -P 1 -u 0 -f "/usr/bin/daemon /etc/init.d/mpt-statusd check_mpt"',
- refreshonly => true,
+ file { '/etc/default/mpt-statusd':
+ ensure => absent,
+ }
}
}
# do not depend on xinetd, yet. it might uninstall other inetds
# for now this will have to be done manually
- if ! $::portforwarder_key {
- exec { 'create-portforwarder-key':
- command => '/bin/su - portforwarder -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
- onlyif => '/usr/bin/getent passwd portforwarder > /dev/null && ! [ -e /home/portforwarder/.ssh/id_rsa ]'
+ if $::portforwarder_user_exists {
+ if ! $::portforwarder_key {
+ exec { 'create-portforwarder-key':
+ command => '/bin/su - portforwarder -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
+ onlyif => '/usr/bin/getent passwd portforwarder > /dev/null && ! [ -e /home/portforwarder/.ssh/id_rsa ]'
+ }
}
- }
- file { '/etc/ssh/userkeys/portforwarder':
- content => template('portforwarder/authorized_keys.erb'),
- }
- file { '/etc/xinetd.d':
- ensure => directory,
- owner => root,
- group => root,
- mode => '0755',
- }
- file { '/etc/xinetd.d/dsa-portforwader':
- content => template('portforwarder/xinetd.erb'),
- notify => Exec['service xinetd reload']
- }
+ file { '/etc/ssh/userkeys/portforwarder':
+ content => template('portforwarder/authorized_keys.erb'),
+ }
+ file { '/etc/xinetd.d':
+ ensure => directory,
+ owner => root,
+ group => root,
+ mode => '0755',
+ }
+ file { '/etc/xinetd.d/dsa-portforwader':
+ content => template('portforwarder/xinetd.erb'),
+ notify => Exec['service xinetd reload']
+ }
- exec { 'service xinetd reload':
- refreshonly => true,
+ exec { 'service xinetd reload':
+ refreshonly => true,
+ }
+ } else {
+ file { [
+ '/etc/ssh/userkeys/portforwarder',
+ '/etc/xinetd.d/dsa-portforwader',
+ ]:
+ ensure => 'absent',
+ }
}
}
class postgres {
- munin::check { 'postgres_bgwriter': }
- munin::check { 'postgres_connections_db': }
+ $ensure = ($::postgres) ? {
+ true => 'ensure',
+ default => 'absent'
+ }
+
+ munin::check { 'postgres_bgwriter':
+ ensure => $ensure,
+ }
+ munin::check { 'postgres_connections_db':
+ ensure => $ensure,
+ }
munin::check { 'postgres_cache_ALL':
+ ensure => $ensure,
script => 'postgres_cache_'
}
munin::check { 'postgres_querylength_ALL':
+ ensure => $ensure,
script => 'postgres_querylength_'
}
munin::check { 'postgres_size_ALL':
+ ensure => $ensure,
script => 'postgres_size_'
}
file { '/etc/munin/plugin-conf.d/local-postgres':
+ ensure => $ensure,
source => 'puppet:///modules/postgres/plugin.conf',
}
}
Use common-debian-service-ssl debian.org
Use common-ssl-HSTS
</VirtualHost>
+# vim:set syn=apache: