Syncing with starter content

This commit is contained in:
maju6406 2018-08-20 22:16:14 -07:00
parent 88c3984c97
commit 9bde731d14
41 changed files with 654 additions and 193 deletions

View File

@ -1,20 +1,15 @@
forge "http://forge.puppetlabs.com"
# Modules from the Puppet Forge # This is a Puppetfile, which describes a collection of Puppet modules.
# Versions should be updated to be the latest at the time you start # For format and syntax examples, see:
#mod "puppetlabs/inifile", '1.5.0' #
#mod "puppetlabs/stdlib", '4.11.0' # https://docs.puppet.com/pe/latest/cmgmt_puppetfile.html
#mod "puppetlabs/concat", '2.1.0' #
# In addition to the component modules listed here, the 'site' directory
# includes 'role' and 'profile' modules. The 'role' module contains
# Puppet classes that constitute a machine role or business function.
# Modules from Git forge "https://forgeapi.puppetlabs.com"
# Examples: https://github.com/puppetlabs/r10k/blob/master/doc/puppetfile.mkd#examples
#mod 'apache',
# :git => 'https://github.com/puppetlabs/puppetlabs-apache',
# :commit => '83401079053dca11d61945bd9beef9ecf7576cbf'
#mod 'apache',
# :git => 'https://github.com/puppetlabs/puppetlabs-apache',
# :branch => 'docs_experiment'
mod 'beersy-pe_code_manager_easy_setup', '2.0.0' mod 'beersy-pe_code_manager_easy_setup', '2.0.0'
mod 'tspy-code_deploy', '1.0.2' mod 'tspy-code_deploy', '1.0.2'
mod 'puppetlabs-exec', '0.2.0' mod 'puppetlabs-exec', '0.2.0'
@ -32,3 +27,34 @@ mod 'google-gcontainer', '0.2.0'
mod 'google-gpubsub', '0.1.0' mod 'google-gpubsub', '0.1.0'
mod 'google-glogging', '0.1.1' mod 'google-glogging', '0.1.1'
mod 'google-gspanner', '0.1.0' mod 'google-gspanner', '0.1.0'
# Forge Modules from Puppet
mod 'puppetlabs-apache', '1.10.0'
mod 'puppetlabs-chocolatey', '2.0.0'
mod 'puppetlabs-mysql', '3.10.0'
mod 'puppetlabs-stdlib', '4.12.0'
mod 'puppetlabs-concat', '2.2.0'
mod 'puppetlabs-powershell', '1.0.6'
mod 'puppetlabs-registry', '1.1.3'
mod 'puppetlabs-inifile', '1.6.0'
mod 'puppetlabs-puppetserver_gem', '0.2.0'
# Forge Community Modules
mod 'crayfishx-firewalld', '3.1.4'
mod 'puppet-iis', '2.0.2'
mod 'puppet-staging', '2.0.1'
mod 'puppet-windows_firewall', '1.0.3'
mod 'puppet-windowsfeature', '2.0.0'
mod 'puppet/hiera', '2.1.2'
mod 'reidmv-unzip', '0.1.2'
mod 'stahnma-epel', '1.3.0'
mod 'herculesteam-augeasproviders_core', '2.1.3'
mod 'herculesteam-augeasproviders_ssh', '2.5.0'
mod 'liamjbennett-win_facts', '0.0.2'
# Module Content from git
mod 'autosign_example',
:git => 'https://github.com/puppetlabs/puppet-vro-autosign_example'

114
README.md
View File

@ -1,96 +1,28 @@
New test # Puppet Enterprise Starter Content Pack
Table of Contents ## Introduction
=================
* [Where Did All The Previous Code Go?](#where-did-all-the-previous-code-go) This repository provides "batteries-included" starter Puppet content. It shows you how Puppet code is organized to make self-service provisioning easy and can create 5 different machine types out of the box:
* [What You Get From This control\-repo](#what-you-get-from-this-control-repo) - Linux base server
* [Copy This Repo Into Your Own Git Server](#copy-this-repo-into-your-own-git-server) - Linux MySQL server
* [GitLab](#gitlab) - Linux web server
* [Stash](#stash) - Windows base server
* [GitHub](#github) - Windows web server
Created by [gh-md-toc](https://github.com/ekalinin/github-markdown-toc.go) ## Install Starter Content on your PE Master
# Where Did All The Previous Code Go? Installation with git
```
git clone https://github.com/puppetlabs/puppet-starter_content.git
cd puppet-starter_content
sudo bash scripts/nc_setup.sh
sudo /opt/puppetlabs/bin/puppet agent -t
```
Initially, the control-repo project began as a 'starter' template for anyone who wanted to get started with r10k. As time passed, and Code Manager was integrated into Puppet Enterprise, the scope of this project grew to include opinionated Puppet profiles to set up many Puppet Enterprise components. As the code increased, so did the complexity of the control-repo project. To reduce that complexity, as well as continuing to meet the needs of individuals who would like a more minimal template, this repository was stripped of anything other than the bare minimum files necessary to get started with a functioning Installation with curl
control-repo. ```
curl -sSL https://github.com/puppetlabs/puppet-starter_content/archive/production.tar.gz | tar -zx
All of the code that was previously in this repository still exists in separate repositories under the [Puppet Ramp Up Program namespace within Github](https://github.com/Puppet-RampUpProgram) and can be re-connected to an existing control-repo if that is required by adding the modules to the Puppetfile. Alternatively, if that previously opinionated control-repo is desired, [it still exists on Github under the Puppet Ramp Up Program namespace.](https://github.com/Puppet-RampUpProgram/control-repo) This control-repo project will remain a template for anyone who would like a minimal 'starter' template. cd puppet-starter_content-production
sudo bash scripts/nc_setup.sh
# What You Get From This control-repo sudo /opt/puppetlabs/bin/puppet agent -t
```
This repository is a template control-repo that can be used with r10k or Puppet Enterprise Code Manager.
The major points are:
- An environment.conf that correctly implements:
- A site directory for roles, profiles, and any custom modules for your organization.
- A config_version script.
- Provided config_version scripts to output the commit of code that your agent just applied.
- Basic example of roles/profiles code.
- Example hieradata directory with pre-created common.yaml and nodes directory.
- These match the default hierarchy that ships with PE.
## Copy This Repo Into Your Own Git Server
### GitLab
1. Install GitLab.
- https://about.gitlab.com/downloads/
2. After GitLab is installed you may sign if with the `root` user and password `5iveL!fe`.
3. Make a user for yourself.
4. Make an SSH key to link with your user. Youll want to do this on the machine you intend to edit code from (most likely not your Puppet master, but your local workstation or laptop).
- http://doc.gitlab.com/ce/ssh/README.html
- https://help.github.com/articles/generating-ssh-keys/
5. Create a group called `puppet` (this is case sensitive).
- http://doc.gitlab.com/ce/workflow/groups.html
6. Add your user to the `puppet` group as well.
7. Create a project called `control-repo`, and set the Namespace to be the `puppet` group.
8. Clone this control repository to your laptop/workstation:
- `git clone <repository url>`
- `cd control-repo`
9. Remove this repository as the origin remote:
- `git remote remove origin`
10. Add your internal repository as the origin remote:
- `git remote add origin <url of your gitlab repository>`
11. Push the production branch of the repository from your machine up to your git server
- `git push origin production`
### Stash
Coming soon!
### GitHub
1. Prepare your local git client to authenticate with GitHub.com or a local GitHub Enterprise instance.
- https://help.github.com/articles/generating-ssh-keys/
- https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account/
2. Create a repository called `control-repo` in your user account or organization. Ensure that "Initialize this repository with a README" is not selected.
- https://help.github.com/articles/creating-a-new-repository/
3. Make a note of your repository URL (HTTPS or SSH, depending on your security configuration).
4. Clone this control repository to your laptop/workstation:
- `git clone <repository url>`
- `cd control-repo`
5. Remove this repository as the origin remote:
- `git remote remove origin`
6. Add your internal repository as the origin remote:
- `git remote add origin <url of your github repository>`
7. Push the production branch of the repository from your machine up to your git server
- `git push origin production`

11
data/common.yaml Normal file
View File

@ -0,0 +1,11 @@
---
profile::sample_website::windows::webserver_port: 80
profile::sample_website::windows::doc_root: 'C:\inetpub\wwwroot\sample_website'
profile::sample_website::linux::webserver_port: 80
profile::sample_website::linux::doc_root: '/var/www/sample_website'
profile::sample_data::database_content: 'puppet:///modules/profile/sample_data.sql'
profile::sample_data::database_name: 'pe_sample_db'
website_source_dir: 'puppet:///modules/profile/sample_website'

View File

@ -1,2 +1 @@
modulepath = site:modules:$basemodulepath modulepath = modules:site:$basemodulepath
config_version = 'scripts/config_version.sh $environmentpath $environment'

View File

@ -2,7 +2,7 @@
version: 5 version: 5
defaults: defaults:
datadir: "hieradata" datadir: "data"
hierarchy: hierarchy:
- name: 'Yaml backend' - name: 'Yaml backend'

View File

@ -1,2 +1,11 @@
--- ---
message: "This node is using common data" profile::sample_website::windows::webserver_port: 80
profile::sample_website::windows::doc_root: 'C:\inetpub\wwwroot\sample_website'
profile::sample_website::linux::webserver_port: 80
profile::sample_website::linux::doc_root: '/var/www/sample_website'
profile::sample_data::database_content: 'puppet:///modules/profile/sample_data.sql'
profile::sample_data::database_name: 'pe_sample_db'
website_source_dir: 'puppet:///modules/profile/sample_website'

View File

@ -1 +0,0 @@
---

View File

@ -12,7 +12,7 @@
## Active Configurations ## ## Active Configurations ##
# Disable filebucket by default for all File resources: # Disable filebucket by default for all File resources:
#https://docs.puppet.com/pe/2015.3/release_notes.html#filebucket-resource-no-longer-created-by-default #http://docs.puppetlabs.com/pe/latest/release_notes.html#filebucket-resource-no-longer-created-by-default
File { backup => false } File { backup => false }
# DEFAULT NODE # DEFAULT NODE
@ -26,7 +26,7 @@ File { backup => false }
# specified in the console for that node. # specified in the console for that node.
node default { node default {
# This is where you can declare classes for all nodes. ##################
# Example: # Configure Puppet
# class { 'my_class': } ##################
} }

View File

@ -1,18 +0,0 @@
#!/opt/puppetlabs/puppet/bin/ruby
require 'json'
require 'socket'
environmentpath = ARGV[0]
environment = ARGV[1]
# Get the hostname of the Puppet master compiling the catalog.
compiling_master = Socket.gethostname
# Get the path to the Code Manager deployment info file.
r10k_deploy_file_path = File.join(environmentpath, environment, '.r10k-deploy.json')
# Get the first 12 characters of the commit ID out of the deployment file.
commit_id = JSON.parse(File.read(r10k_deploy_file_path))['signature'][0...11]
# Show the compiling master, environment name, and commit ID.
puts "#{compiling_master}-#{environment}-#{commit_id}"

View File

@ -1,24 +0,0 @@
#!/usr/bin/env ruby
begin
require 'rugged'
require 'socket'
rescue LoadError => e
t = Time.new
puts t.to_i
else
environmentpath = ARGV[0]
environment = ARGV[1]
# Get the hostname of the Puppet master compiling the catalog.
compiling_master = Socket.gethostname
# Get the path to the environment being compiled.
repo = Rugged::Repository.discover(File.join(environmentpath, environment))
head = repo.head
# First 12 characters of the sha1 hash of the newest commit.
commit_id = head.target_id[0...11]
# Show the compiling master, environment name, and commit ID.
puts "#{compiling_master}-#{environment}-#{commit_id}"
end

View File

@ -1,12 +0,0 @@
#!/bin/bash
if [ -e $1/$2/.r10k-deploy.json ]
then
/opt/puppetlabs/puppet/bin/ruby $1/$2/scripts/code_manager_config_version.rb $1 $2
elif [ -e /opt/puppetlabs/server/pe_version ]
then
/opt/puppetlabs/puppet/bin/ruby $1/$2/scripts/config_version.rb $1 $2
else
/usr/bin/git --version > /dev/null 2>&1 &&
/usr/bin/git --git-dir $1/$2/.git rev-parse HEAD ||
date +%s
fi

249
scripts/nc_setup.sh Executable file
View File

@ -0,0 +1,249 @@
#!/bin/bash
# This script automates the NC classification and environment group setup for many self-service provisioning workflows
# Run this as root on your master
# Note: this script does not randomize uuid for the classification group it creates, so it will create/replace the same group everytime instead of creating a new group
# This script assumes it is being run on a freshly installed master that is not using code manager.
#
# User configuration
#
echo Puppet Master Setup Script
echo --------------------------
echo This script expects to be run from puppet-starter_content directory. If run from a different directory, the script will fail.
echo This script also assumes it is being run on a freshly installed master that is not using code manager.
echo --------------------------
alternate_environment=dev
autosign_example_class=autosign_example
all_nodes_id='00000000-0000-4000-8000-000000000000'
roles_group_id='235a97b3-949b-48e0-8e8a-000000000666'
dev_env_group_id='235a97b3-949b-48e0-e8a-000000000888'
autosign_group_id='235a97b3-949b-48e0-8e8a-000000000999'
#
# Configuration we can detect
#
master_hostname=$(/opt/puppetlabs/bin/puppet config print certname)
key=$(/opt/puppetlabs/bin/puppet config print hostprivkey)
cert=$(/opt/puppetlabs/bin/puppet config print hostcert)
cacert=$(/opt/puppetlabs/bin/puppet config print localcacert)
#
# Do some error checking first before running the script
#
error_checking()
{
# Check to see if user running script has root privs
if (( $EUID != 0 )); then
echo "ERROR: This script should only be run by the root user or via sudo."
exit 1
fi
# Check to see if script is running from puppet-starter_content directory
if [[ $PWD != *"puppet-starter_content"* ]]
then
echo "ERROR: You must run 'bash scripts/nc_setup.sh' inside the 'puppet-starter_content' directory.";
exit 1
fi
# Check to see if script is being run on a puppet master
if [ ! -f /opt/puppetlabs/server/bin/puppetserver ]; then
echo "ERROR: This script should only be run on the Puppet master server."
exit 1
fi
#
# Check if code manager is being used
#
curl -s -X GET \ -H "Content-Type: application/json" \
--cert $cert \
--key $key \
--cacert $cacert \
"https://$master_hostname:4433/classifier-api/v1/groups" | grep -q code_manager_auto_configure
if [ $? -eq 0 ]; then
echo "ERROR: It appears that code manager is being used. This script cannot continue."
echo "Instead, use desired modules from the Puppetfile and use in your own control-repo's Puppetfile."
exit 1
fi
}
error_checking
#
# Determine the uuids for groups that are created during PE install but with randomly generated uuids
#
find_guid()
{
echo $(curl -s https://$master_hostname:4433/classifier-api/v1/groups --cert $cert --key $key --cacert $cacert | python -m json.tool |grep -C 2 "$1" | grep "id" | cut -d: -f2 | sed 's/[\", ]//g')
}
production_env_group_id=`find_guid "Production environment"`
echo "\"Production environment\" group uuid is $production_env_group_id"
agent_specified_env_group_id=`find_guid "Agent-specified environment"`
echo "\"Agent-specified environment\" group uuid is $agent_specified_env_group_id"
pemaster_group_id=`find_guid "PE Master"`
date_string=`date +%Y-%m-%d:%H:%M:%S`
echo "Backing up existing contents of /etc/puppetlabs/code to $date_string"
cp -R /etc/puppetlabs/code /etc/puppetlabs/code_backup_$date_string
#
# Copying starter content and create an alternate puppet environment in addition to production
#
echo 'Copying starter content repo into /etc/puppetlabs/code/environments'
mkdir -p /etc/puppetlabs/code/environments/$alternate_environment
rm -rf /etc/puppetlabs/code/environments/$alternate_environment/*
cp -R * /etc/puppetlabs/code/environments/$alternate_environment
r10k puppetfile install --moduledir /etc/puppetlabs/code/environments/$alternate_environment/modules --verbose
# Put a copy in production
echo "Duplicating $alternate_environment contents into production"
rm -rf /etc/puppetlabs/code/environments/production/
cp -R /etc/puppetlabs/code/environments/$alternate_environment /etc/puppetlabs/code/environments/production
#
# Tell the NC to refresh its cache so that the classes we just installed are available
#
echo "Refreshing NC class lists for production and $alternate_environment puppet environments"
curl -s -X POST -H "Content-Type: application/json" \
--key $key \
--cert $cert \
--cacert $cacert \
https://$master_hostname:4433/classifier-api/v1/update-classes?environment=production
[ "$?" = 0 ] && echo "Successful refresh of production environment."
curl -s -X POST -H "Content-Type: application/json" \
--key $key \
--cert $cert \
--cacert $cacert \
https://$master_hostname:4433/classifier-api/v1/update-classes?environment=$alternate_environment
[ "$?" = 0 ] && echo "Successful refresh of $alternate_environment environment."
#
# Create an "Autosign" classification group to set up autosign example
#
echo "Creating the Autosign group"
curl -s -X PUT -H 'Content-Type: application/json' \
--key $key \
--cert $cert \
--cacert $cacert \
-d '
{
"name": "Autosign",
"parent": "'$all_nodes_id'",
"rule":
[ "and",
[ "=",
[ "trusted", "certname" ],
"'$master_hostname'"
]
],
"classes": { "'$autosign_example_class'": {} }
}' \
https://$master_hostname:4433/classifier-api/v1/groups/$autosign_group_id | python -m json.tool
echo
#
# Add 64 bit Windows agent installer to pe_repo
#
echo "Adding 64 bit Windows agent installer to pe_repo in PE Master group"
curl -s -X POST -H 'Content-Type: application/json' \
--key $key \
--cert $cert \
--cacert $cacert \
-d '
{
"classes": { "pe_repo::platform::windows_x86_64": {} }
}' \
https://$master_hostname:4433/classifier-api/v1/groups/$pemaster_group_id | python -m json.tool
echo
#
# Create a "Roles" classification group so that the integration role groups are organized more cleanly
#
echo "Creating the Roles group"
curl -s -X PUT -H 'Content-Type: application/json' \
--key $key \
--cert $cert \
--cacert $cacert \
-d '
{
"name": "Roles",
"parent": "'$all_nodes_id'",
"classes": {}
}' \
https://$master_hostname:4433/classifier-api/v1/groups/$roles_group_id | python -m json.tool
echo
#
# Create an environment group for an alternative puppet environment, e.g. dev puppet environment
#
for file in /etc/puppetlabs/code/environments/$alternate_environment/site/role/manifests/*; do
basefilename=$(basename "$file")
role_class="role::${basefilename%.*}"
echo "Creating the \"$role_class\" classification group"
curl -s -X POST -H "Content-Type: application/json" \
--key $key \
--cert $cert \
--cacert $cacert \
-d '
{
"name": "'$role_class'",
"parent": "'$roles_group_id'",
"environment": "'$alternate_environment'",
"rule":
[ "and",
[ "=",
[ "trusted", "extensions", "pp_role" ],
"'$role_class'"
]
],
"classes": { "'$role_class'": {} }
}' \
https://$master_hostname:4433/classifier-api/v1/groups
done
echo
#
# Create alternate_environment environment group
#
echo "Creating the \"$alternate_environment\" environment group"
curl -s -X PUT -H "Content-Type: application/json" \
--key $key \
--cert $cert \
--cacert $cacert \
-d '
{
"name": "'$alternate_environment' environment",
"parent": "'$production_env_group_id'",
"environment_trumps": true,
"environment": "'$alternate_environment'",
"rule":
[ "and",
[ "=",
[ "trusted", "extensions", "pp_environment" ],
"'$alternate_environment'"
]
],
"classes": {}
}' \
https://$master_hostname:4433/classifier-api/v1/groups/$dev_env_group_id | python -m json.tool
#
# Update the "Agent-specified environment" group so that pp_environment=agent-specified works as expected
#
echo "Updating \"Agent-specified environment\" group to use pp_environment in its matching rules"
curl -s -X PUT -H "Content-type: application/json" \
--key $key \
--cert $cert \
--cacert $cacert \
-d '
{
"name": "Agent-specified environment",
"parent": "'$production_env_group_id'",
"environment_trumps": true,
"rule":
[ "and",
[ "=",
[ "trusted", "extensions", "pp_environment" ],
"agent-specified"
]
],
"environment": "agent-specified",
"classes": {}
}' \
https://$master_hostname:4433/classifier-api/v1/groups/$agent_specified_env_group_id | python -m json.tool
echo

View File

@ -0,0 +1,9 @@
DROP TABLE IF EXISTS `test_data`;
CREATE TABLE `test_data` (
`id` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
`first_name` text NOT NULL,
`last_name` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
INSERT INTO `test_data` (`id`, `first_name`, `last_name`) VALUES
(1, 'David', 'Bowie');

View File

@ -0,0 +1,23 @@
body {
margin-top: 200px;
margin-left: 60px;
width: 70%;
font-family: 'Helvetica', 'Arial', 'Sans-Serif';
background:black url(../img/logo.png) no-repeat left top;
}
a { text-decoration: none; color: #999; }
a:hover { text-decoration: underline; }
p, ul { font-size: 1.5em; line-height: 0.5em; color: #fff; }
h1, h2, h3, h4 { color: #ffad1a }
h1 { font-size: 2em; }
h2 { font-size: 1.7em; }
h3 { font-size: 1.5em; }
h4 { font-size: 1.3em; }
nav ul, footer ul { padding: 0px; list-style: none; font-weight: bold; }
nav ul li, footer ul li { display: inline; margin-right: 20px; }
footer { border-top: 1px solid #d5d5d5; font-size: .8em; }

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 32 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 8.1 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 18 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.8 KiB

View File

@ -0,0 +1,8 @@
# @summary This profile installs apache and turns off the default vhost
class profile::apache {
class { 'apache':
default_vhost => false,
}
}

View File

@ -1,5 +0,0 @@
class profile::base {
#the base profile should include component modules that will be on all nodes
}

View File

@ -1,3 +0,0 @@
class profile::example {
}

View File

@ -0,0 +1,20 @@
# @summary This profile installs IIS and turns off the default website
class profile::iis {
$iis_features = [
'Web-Server',
'Web-WebServer',
'Web-Http-Redirect',
'Web-Mgmt-Console',
'Web-Mgmt-Tools'
]
windowsfeature { $iis_features:
ensure => present,
}
iis::manage_site { 'Default Web Site':
ensure => absent,
}
}

View File

@ -0,0 +1,12 @@
# @summary This profile installs unzip and git as part of the Linux baseline
class profile::linux_baseline {
package { 'unzip':
ensure => installed,
}
package { 'git':
ensure => installed,
}
}

View File

@ -0,0 +1,8 @@
# @summary This profile installs mysql without default accounts
class profile::mysql {
class { 'mysql::server':
remove_default_accounts => true
}
}

View File

@ -0,0 +1,21 @@
# @summary This profile installs sample data into a mysql db
class profile::sample_data (
$database_content,
$database_name,
) {
include mysql::server
file { '/tmp/sample_data.sql':
ensure => file,
source => $database_content,
}
mysql::db { $database_name:
user => 'admin',
password => 'admin',
host => 'localhost',
grant => ['ALL'],
sql => '/tmp/sample_data.sql',
}
}

View File

@ -0,0 +1,9 @@
# @summary This profile installs a sample website
class profile::sample_website {
case $::kernel {
'windows': { include profile::sample_website::windows }
'Linux': { include profile::sample_website::linux }
}
}

View File

@ -0,0 +1,41 @@
#
class profile::sample_website::linux (
$doc_root,
$webserver_port,
) {
require profile::apache
include firewalld
# configure apache
apache::vhost { $::fqdn:
port => $webserver_port,
docroot => $doc_root,
require => File[$doc_root],
}
firewalld_port { 'Open port for web':
ensure => present,
zone => 'public',
port => $webserver_port,
protocol => 'tcp',
}
# deploy website
$website_source_dir = lookup('website_source_dir')
file { $website_source_dir:
ensure => directory,
owner => $::apache::user,
group => $::apache::group,
mode => '0755',
path => $doc_root,
source => $website_source_dir,
recurse => true,
}
file { "${doc_root}/index.html":
ensure => file,
content => epp('profile/index.html.epp'),
}
}

View File

@ -0,0 +1,53 @@
#
class profile::sample_website::windows (
$doc_root,
$webserver_port,
) {
require profile::iis
# configure iis
iis::manage_app_pool {'sample_website':
require => [
Windowsfeature[$iis_features],
Iis::Manage_site['Default Web Site'],
],
}
iis::manage_site { $::fqdn:
site_path => $doc_root,
port => $webserver_port,
ip_address => '*',
app_pool => 'sample_website',
require => [
Windowsfeature[$iis_features],
Iis::Manage_app_pool['sample_website']
],
}
windows_firewall::exception { 'IIS':
ensure => present,
direction => 'in',
action => 'Allow',
enabled => 'yes',
protocol => 'TCP',
local_port => "${webserver_port}",
display_name => 'HTTP Inbound',
description => 'Inbound rule for HTTP Server',
}
# deploy website
$website_source_dir = lookup('website_source_dir')
file { $website_source_dir:
ensure => directory,
path => $doc_root,
source => $website_source_dir,
recurse => true,
}
file { "${doc_root}/index.html":
ensure => file,
content => epp('profile/index.html.epp'),
}
}

View File

@ -0,0 +1,30 @@
# @summary This profile does some post agent install cleanup.
class profile::vro_provisioned {
# any operating system-specific state for vro-provisioned machines.
# it's common to change the Administrator user name on Windows, for example.
case $kernel {
'Linux': {
$agent_confdir = '/etc/puppetlabs/puppet'
}
'windows': {
$agent_confdir = 'C:/ProgramData/PuppetLabs/puppet/etc'
#exec { 'rename-Administrator':
# command => '$(Get-WMIObject Win32_UserAccount -Filter "Name=\'Administrator\'").Rename("puppet#adm1n")',
# unless => 'if (Get-WmiObject Win32_UserAccount -Filter "Name=\'Administrator\'") { exit 1 }',
# provider => powershell,
#}
}
default: {}
}
# ensure that the csr_attributes.yaml file containing the shared
# autosign secret is removed on the first puppet agent run.
file { "${agent_confdir}/csr_attributes.yaml":
ensure => absent,
backup => false,
}
}

View File

@ -0,0 +1,16 @@
# @summary This profile installs unzip and git as part of the Windows baseline
class profile::windows_baseline {
include chocolatey
package { 'unzip':
ensure => installed,
provider => chocolatey,
}
package { 'git':
ensure => installed,
provider => chocolatey,
}
}

View File

@ -0,0 +1,37 @@
<!DOCTYPE html>
<html>
<head>
<title>Sample Website</title>
<link rel="stylesheet" type="text/css" href="css/main.css">
<link rel="icon" type="image/x-icon" href="img/favicon.ico">
</head>
<body>
<div class="container">
<div class="blurb">
<% if $kernel == 'windows' { -%>
<img src="img/windows.png" height="128" width="128" />
<% } elsif $kernel == 'Linux' { -%>
<img src="img/tux.png" height="128" width="128" />
<% } elsif $kernel == 'Darwin' { -%>
<img src="img/apple.png" height="128" width="128" />
<% } -%>
<h1>System Info </h1>
<p>fqdn/certname:
<%= $trusted[certname] %>
</p>
<p>ip address:
<%= $networking[ip] %>
</p>
<p>total system memory:
<%= $memory[system][total] %>
</p>
<p>vm uuid:
<%= $trusted[extensions][pp_uuid] %>
</p>
</div>
</div>
</body>
</html>

View File

@ -1,7 +0,0 @@
class role::database_server {
#This role would be made of all the profiles that need to be included to make a database server work
#All roles should include the base profile
include profile::base
}

View File

@ -1,3 +0,0 @@
class role::example {
}

View File

@ -0,0 +1,4 @@
# @summary This role installs a baseline of packages on Linux machines
class role::linux_base {
include profile::linux_baseline
}

View File

@ -0,0 +1,6 @@
# @summary This role installs a mysql databse and sample data
class role::linux_mysql_database {
include profile::linux_baseline
include profile::mysql
include profile::sample_data
}

View File

@ -0,0 +1,7 @@
# @summary This role installs an apache webserver and sample content on port 80.
class role::linux_webserver {
include profile::linux_baseline
include profile::vro_provisioned
include profile::apache
include profile::sample_website
}

View File

@ -1,7 +0,0 @@
class role::webserver {
#This role would be made of all the profiles that need to be included to make a webserver work
#All roles should include the base profile
include profile::base
}

View File

@ -0,0 +1,4 @@
# @summary This role installs a baseline of packages on Windows machines
class role::windows_base {
include profile::windows_baseline
}

View File

@ -0,0 +1,7 @@
# @summary This role installs IIS and sample content on port 80.
class role::windows_webserver {
include profile::windows_baseline
include profile::vro_provisioned
include profile::iis
include profile::sample_website
}