opendev/system-config
Code Issues Proposed changes

style edits to puppet config files

Browse Source 
Change-Id: I4f7314bcb1cb58f94ff7a78aebe27ec4591fc11c
Reviewed-on: https://review.openstack.org/14187
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
This commit is contained in:
Matthew Wagoner 2012-10-08 19:52:17 -04:00 committed by Jenkins
parent 71e96df67f
commit 21dff1ba3d
7 changed files with 81 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
modules/iptables/manifests/init.pp
View File

@ -1,12 +1,12 @@
#http://projects.puppetlabs.com/projects/1/wiki/Module_Iptables_Patterns #http://projects.puppetlabs.com/projects/1/wiki/Module_Iptables_Patterns
class iptables($rules='', $public_tcp_ports=[], $public_udp_ports=[]) { class iptables($rules='', $public_tcp_ports=[], $public_udp_ports=[]) {
package { package { 'iptables-persistent':
"iptables-persistent": ensure => present; ensure => present,
} }
service { "iptables-persistent": service { 'iptables-persistent':
require => Package["iptables-persistent"], require => Package['iptables-persistent'],
# Because there is no running process for this service, the normal status # Because there is no running process for this service, the normal status
# checks fail. Because puppet then thinks the service has been manually # checks fail. Because puppet then thinks the service has been manually
@ -14,7 +14,7 @@ class iptables($rules='', $public_tcp_ports=[], $public_udp_ports=[]) {
# into thinking the service is *always* running (which in a way it is, as # into thinking the service is *always* running (which in a way it is, as
# iptables is part of the kernel.) # iptables is part of the kernel.)
hasstatus => true, hasstatus => true,
status => "true", status => true,
# Under Debian, the "restart" parameter does not reload the rules, so tell # Under Debian, the "restart" parameter does not reload the rules, so tell
# Puppet to fall back to stop/start, which does work. # Puppet to fall back to stop/start, which does work.
@ -22,32 +22,29 @@ class iptables($rules='', $public_tcp_ports=[], $public_udp_ports=[]) {
} }
file { "/etc/iptables": file { '/etc/iptables':
ensure => directory ensure => directory,
} }
file { file { '/etc/iptables/rules':
"/etc/iptables/rules": owner => 'root',
owner => "root", group => 'root',
group => "root", mode => '0640',
mode => 640,
content => template('iptables/rules.erb'), content => template('iptables/rules.erb'),
require => [Package["iptables-persistent"], File["/etc/iptables"]], require => [Package['iptables-persistent'], File['/etc/iptables']],
# When this file is updated, make sure the rules get reloaded. # When this file is updated, make sure the rules get reloaded.
notify => Service["iptables-persistent"], notify => Service['iptables-persistent'],
;
} }
file { file { '/etc/iptables/rules.v4':
"/etc/iptables/rules.v4":
owner => "root",
group => "root",
mode => 640,
ensure => link, ensure => link,
target => "/etc/iptables/rules", owner => 'root',
require => File["/etc/iptables/rules"], group => 'root',
notify => Service["iptables-persistent"] mode => '0640',
target => '/etc/iptables/rules',
require => File['/etc/iptables/rules'],
notify => Service['iptables-persistent'],
} }
} }

12
modules/logrotate/manifests/file.pp
View File

@ -1,4 +1,4 @@
define logrotate::file($log, define logrotate::file( $log,
$options, $options,
$ensure=present, $ensure=present,
$prerotate='undef', $prerotate='undef',
@ -12,11 +12,11 @@ define logrotate::file($log,
include logrotate include logrotate
file { "/etc/logrotate.d/${name}": file { "/etc/logrotate.d/${name}":
owner => root,
group => root,
mode => 644,
ensure => $ensure, ensure => $ensure,
content => template("logrotate/config.erb"), owner => 'root',
require => File["/etc/logrotate.d"], group => 'root',
mode => '0644',
content => template('logrotate/config.erb'),
require => File['/etc/logrotate.d'],
} }
} }

13
modules/logrotate/manifests/init.pp
View File

@ -1,16 +1,15 @@
# Adapted from http://projects.puppetlabs.com/projects/1/wiki/Logrotate_Patterns # Adapted from http://projects.puppetlabs.com/projects/1/wiki/Logrotate_Patterns
class logrotate { class logrotate {
package { 'logrotate':
package { "logrotate":
ensure => present, ensure => present,
} }
file { "/etc/logrotate.d": file { '/etc/logrotate.d':
ensure => directory, ensure => directory,
owner => root, owner => 'root',
group => root, group => 'root',
mode => 755, mode => '0755',
require => Package["logrotate"], require => Package['logrotate'],
} }
} }

4
modules/remove_nginx/manifests/init.pp
View File

@ -2,10 +2,10 @@ class remove_nginx {
package { 'nginx': package { 'nginx':
ensure => absent, ensure => absent,
} }
file { "/etc/nginx/sites-available/default": file { '/etc/nginx/sites-available/default':
ensure => absent, ensure => absent,
} }
service { 'nginx': service { 'nginx':
ensure => stopped ensure => stopped,
} }
} }

22
modules/ssh/manifests/init.pp
View File

@ -1,19 +1,19 @@
class ssh { class ssh {
package { openssh-server: ensure => present } package { 'openssh-server':
service { ssh: ensure => present,
}
service { 'ssh':
ensure => running, ensure => running,
hasrestart => true, hasrestart => true,
subscribe => File["/etc/ssh/sshd_config"], subscribe => File['/etc/ssh/sshd_config'],
} }
file { "/etc/ssh/sshd_config": file { '/etc/ssh/sshd_config':
ensure => present,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => 444, mode => '0444',
ensure => 'present', source => [ "puppet:///modules/ssh/sshd_config.${::operatingsystem}",
source => [ 'puppet:///modules/ssh/sshd_config' ],
"puppet:///modules/ssh/sshd_config.$operatingsystem", replace => true,
"puppet:///modules/ssh/sshd_config"
],
replace => 'true',
} }
} }

12
modules/sudoers/manifests/init.pp
View File

@ -1,17 +1,17 @@
class sudoers { class sudoers {
group { 'sudo': group { 'sudo':
ensure => 'present' ensure => present,
} }
group { 'admin': group { 'admin':
ensure => 'present' ensure => present,
} }
file { '/etc/sudoers': file { '/etc/sudoers':
ensure => present,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => 440, mode => '0440',
ensure => 'present', source => 'puppet:///modules/sudoers/sudoers',
source => "puppet:///modules/sudoers/sudoers", replace => true,
replace => 'true',
} }
} }

21
modules/unattended_upgrades/manifests/init.pp
View File

@ -1,28 +1,27 @@
class unattended_upgrades($ensure = present) { class unattended_upgrades($ensure = present) {
package { 'unattended-upgrades': package { 'unattended-upgrades':
ensure => $ensure; ensure => $ensure,
} }
package { 'mailutils': package { 'mailutils':
ensure => $ensure; ensure => $ensure,
} }
file { '/etc/apt/apt.conf.d/10periodic': file { '/etc/apt/apt.conf.d/10periodic':
ensure => $ensure,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => 444, mode => '0444',
ensure => $ensure, source => 'puppet:///modules/unattended_upgrades/10periodic',
source => "puppet:///modules/unattended_upgrades/10periodic", replace => true,
replace => 'true',
} }
file { '/etc/apt/apt.conf.d/50unattended-upgrades': file { '/etc/apt/apt.conf.d/50unattended-upgrades':
ensure => $ensure,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => 444, mode => '0444',
ensure => $ensure, source => 'puppet:///modules/unattended_upgrades/50unattended-upgrades',
source => "puppet:///modules/unattended_upgrades/50unattended-upgrades", replace => true,
replace => 'true',
} }
} }