|
/
Zope
/
gocept svn checkins
/
Archive
/
2008
/
2008-10
/
SVN: r6764 - in gocept.infrastructure/testing/puppet/modules: net_analyzer/templates sys_portage/files/portage
[
SVN: r6763 - zopeversions / Michael Howitz ... ]
[
SVN: r6767 - in gocept.infrastructure/testing/pupp... ]
SVN: r6764 - in gocept.infrastructure/testing/puppet/modules: net_analyzer/templates sys_portage/files/portage
Christian Kauhaus <kc(at)gocept.com> |
2008-10-06 10:35:16 |
[ FULL ]
|
Author: ckauhaus
Date: Mon Oct 6 10:35:15 2008
New Revision: 6764
Log:
temporary IP address fix
Removed:
gocept.infrastructure/testing/puppet/modules/sys_portage/files/portage/.keep_sys-apps_portage-0
Modified:
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/xinetd_nrpe.erb
Modified:
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/xinetd_nrpe.erb
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/xinetd_nrpe.erb (original)
+++
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/xinetd_nrpe.erb Mon
Oct 6 10:35:15 2008
(at)(at) -10,6 +10,7 (at)(at)
server_args = -c /etc/nagios/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
- only_from = 127.0.0.1 <%=
scope.lookupvar('location::nagios_server') %>
+ only_from = 195.62.106.0/25
}
-
+# FIXME: only_from IP address is currenyly dynamic and thus not stable
+# only_from = 127.0.0.1 <%=
scope.lookupvar('location::nagios_server') %>
|
SVN: r6765 - in gocept.infrastructure/testing/puppet/modules/app_admin: files manifests
Christian Kauhaus <kc(at)gocept.com> |
2008-10-06 11:13:42 |
[ FULL ]
|
Author: ckauhaus
Date: Mon Oct 6 11:13:41 2008
New Revision: 6765
Log:
puppet update script
Added:
gocept.infrastructure/testing/puppet/modules/app_admin/files/update-puppet
Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
Added:
gocept.infrastructure/testing/puppet/modules/app_admin/files/update-puppet
==============================================================================
--- (empty file)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/files/update-puppet Mon
Oct 6 11:13:41 2008
(at)(at) -0,0 +1,15 (at)(at)
+#!/bin/bash
+# Update all puppet direcories on the Puppetmaster from SVN.
+set -e
+
+HOME="/home/puppet"
+USER="puppet"
+
+for d in ${HOME}/{production,hotfix,testing,feature}; do
+ cmd="svn up --quiet $d"
+ if [[ `id -u` == 0 ]]; then
+ su -c "$cmd" $USER
+ else
+ $cmd
+ fi
+done
Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp (original)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp Mon
Oct 6 11:13:41 2008
(at)(at) -48,6 +48,9 (at)(at)
"/etc/conf.d/puppetmaster":
content => template("app_admin/conf.d_puppetmaster.erb");
"/var/lib/puppet/state":
- owner => "puppet"
+ owner => "puppet";
+ "/usr/local/bin/update-puppet":
+ source => "puppet:///app_admin/update-puppet",
+ mode => 0755
}
}
|
SVN: r6766 - in gocept.infrastructure/testing/puppet: manifests/classes modules/app_admin/files modules/app_admin/manifests
Christian Kauhaus <kc(at)gocept.com> |
2008-10-06 11:24:15 |
[ FULL ]
|
Author: ckauhaus
Date: Mon Oct 6 11:24:13 2008
New Revision: 6766
Log:
added tmpwatch
Added:
gocept.infrastructure/testing/puppet/modules/app_admin/files/puppet.cron
gocept.infrastructure/testing/puppet/modules/app_admin/files/tmpwatch.cron
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/tmpwatch.pp
Modified:
gocept.infrastructure/testing/puppet/manifests/classes/node_types.pp
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/init.pp
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
Modified: gocept.infrastructure/testing/puppet/manifests/classes/node_types.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/manifests/classes/node_types.pp (original)
+++ gocept.infrastructure/testing/puppet/manifests/classes/node_types.pp Mon
Oct 6 11:24:13 2008
(at)(at) -1,6 +1,7 (at)(at)
class generic_node {
include location
include app_admin::puppetclient
+ include app_admin::tmpwatch
include app_admin::sudo
include net_analyzer::nagios_client
include net_misc::sshd
Added: gocept.infrastructure/testing/puppet/modules/app_admin/files/puppet.cron
==============================================================================
--- (empty file)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/files/puppet.cron Mon
Oct 6 11:24:13 2008
(at)(at) -0,0 +1,4 (at)(at)
+#!/bin/bash
+# Daily maintenance tasks for all puppet clients
+set -e
+tmpwatch --dirmtime --all 14d /var/lib/puppet/{bucket,clientbucket}/
Added:
gocept.infrastructure/testing/puppet/modules/app_admin/files/tmpwatch.cron
==============================================================================
--- (empty file)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/files/tmpwatch.cron Mon
Oct 6 11:24:13 2008
(at)(at) -0,0 +1,48 (at)(at)
+#!/bin/sh
+# $Header: /var/cvsroot/gentoo-x86/app-admin/tmpwatch/files/tmpwatch.cron,v
1.4 2007/01/27 16:51:37 masterdriverz Exp $
+# vim: ft=sh
+
+# This cron script contains several (commented out) examples. You may use
+# them as is, by uncommenting them, or modify them to suit your needs. Read
+# tmpwatch(8) for more information on tmpwatch parameters.
+
+### Variables ###
+
+TMPWATCH="/usr/sbin/tmpwatch"
+PORTAGE_TMPDIR="$(portageq envvar PORTAGE_TMPDIR)/portage"
+PORTAGE_LOGDIR="$(portageq envvar PORT_LOGDIR)"
+DISTDIR="$(portageq distdir)"
+
+### EXAMPLES ###
+
+# NOTE: if you have noatime in /etc/fstab for any partitions you plan on
+# running tmpwatch on, you should obviously change any of the examples that
+# use atime (-u|--atime). Those that don't specify anything, default to
+# atime.
+
+# NOTE2: the time value is in HOURS!
+
+# Delete everything in /tmp that haven't been accessed in a week (>=168
hrs).
+#
+if [[ -d /tmp ]]; then
+ ${TMPWATCH} --atime 168 /tmp /var/tmp
+fi
+
+# Delete everything in PORTAGE_TMPDIR that hasn't been modified in 2 weeks.
+#
+if [[ -d ${PORTAGE_TMPDIR:-/var/tmp/portage} && -z $(/usr/bin/pgrep
emerge) ]]; then
+ ${TMPWATCH} --mtime --all 336 ${PORTAGE_TMPDIR:-/var/tmp/portage}
+fi
+
+# Delete everything in DISTDIR that hasn't been accessed in 6 months (going
+# by 30 day months)
+#
+if [[ -d ${DISTDIR:-/usr/portage/distfiles} ]]; then
+ ${TMPWATCH} --atime --fuser 4320 ${DISTDIR:-/usr/portage/distfiles}
+fi
+
+# Delete everything in PORTAGE_LOGDIR that hasn't been accessed in 4 weeks
+#
+if [[ -d ${PORTAGE_LOGDIR:-/var/log/portage} ]]; then
+ ${TMPWATCH} --atime 772 ${PORTAGE_LOGDIR:-/var/log/portage}
+fi
Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/init.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/init.pp (original)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/init.pp Mon
Oct 6 11:24:13 2008
(at)(at) -1,2 +1,3 (at)(at)
import "puppet.pp"
import "sudo.pp"
+import "tmpwatch.pp"
Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp (original)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp Mon
Oct 6 11:24:13 2008
(at)(at) -2,6 +2,7 (at)(at)
class app_admin::puppetclient {
include location
+ include tmpwatch
$puppet_root = "/home/puppet"
$cron_minute = fqdn_rand(30)
(at)(at) -26,7 +27,10 (at)(at)
content => template("app_admin/fileserver.conf.erb");
"/etc/cron.d/puppet":
content => template("app_admin/cron.d_puppet.erb"),
- mode => "0644"
+ mode => "0644";
+ "/etc/cron.daily/puppet":
+ source => "puppet:///app_admin/puppet.cron",
+ mode => 0755
}
net_analyzer::nrpe_service { "puppet_localconfig":
Added:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/tmpwatch.pp
==============================================================================
--- (empty file)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/tmpwatch.pp Mon
Oct 6 11:24:13 2008
(at)(at) -0,0 +1,13 (at)(at)
+# Configure tmpwatch to clean the usual directories on a regular basis
+
+class app_admin::tmpwatch {
+
+ package { "tmpwatch": }
+
+ file { "/etc/cron.daily/tmpwatch":
+ source => "puppet:///app_admin/tmpwatch.cron",
+ mode => 0755,
+ require => Package["tmpwatch"]
+ }
+
+}
|
SVN: r6769 - in gocept.infrastructure/testing/puppet/modules/app_admin: files manifests
Christian Kauhaus <kc(at)gocept.com> |
2008-10-06 14:00:21 |
[ FULL ]
|
Author: ckauhaus
Date: Mon Oct 6 14:00:18 2008
New Revision: 6769
Log:
automatic puppetmaster update
Added:
gocept.infrastructure/testing/puppet/modules/app_admin/files/puppetmaster.cron
Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
Added:
gocept.infrastructure/testing/puppet/modules/app_admin/files/puppetmaster.cron
==============================================================================
--- (empty file)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/files/puppetmaster.cron Mon
Oct 6 14:00:18 2008
(at)(at) -0,0 +1,4 (at)(at)
+#!/bin/sh
+# Keep puppetmaster files current
+set -e
+/usr/local/bin/update-puppet
Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp (original)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp Mon
Oct 6 14:00:18 2008
(at)(at) -57,6 +57,9 (at)(at)
owner => "puppet";
"/usr/local/bin/update-puppet":
source => "puppet:///app_admin/update-puppet",
+ mode => 0755;
+ "/etc/cron.hourly/puppetmaster":
+ source => "puppet:///app_admin/puppetmaster.cron",
mode => 0755
}
}
|
SVN: r6777 - in gocept.infrastructure/testing/puppet/modules/app_admin: files manifests templates
Christian Kauhaus <kc(at)gocept.com> |
2008-10-06 15:28:35 |
[ FULL ]
|
Author: ckauhaus
Date: Mon Oct 6 15:28:34 2008
New Revision: 6777
Log:
removed PUPPETMASTER_MANIFEST and --manifest from puppetmaster invocation
Added:
gocept.infrastructure/testing/puppet/modules/app_admin/files/init.d_puppetmaster
Removed:
gocept.infrastructure/testing/puppet/modules/app_admin/templates/conf.d_puppetmaster.erb
Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
Added:
gocept.infrastructure/testing/puppet/modules/app_admin/files/init.d_puppetmaster
==============================================================================
--- (empty file)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/files/init.d_puppetmaster Mon
Oct 6 15:28:34 2008
(at)(at) -0,0 +1,42 (at)(at)
+#!/sbin/runscript
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+ need net
+ before puppet
+ use dns logger
+}
+
+checkconfig() {
+ if [[ ! -d "${PUPPETMASTER_PID_DIR}" ]] ; then
+ eerror "Please make sure PUPPETMASTER_PID_DIR is defined and points to a
existing directory"
+ return 1
+ fi
+
+ return 0
+}
+
+start() {
+ checkconfig || return $?
+
+ local options=""
+ [[ -n "${PUPPETMASTER_LOG}" ]] && options="${options}
--logdest=${PUPPETMASTER_LOG}"
+ [[ -n "${PUPPETMASTER_EXTRA_OPTS}" ]] && options="${options}
${PUPPETMASTER_EXTRA_OPTS}"
+
+ ebegin "Starting puppetmaster"
+ start-stop-daemon --start --quiet --exec /usr/bin/puppetmasterd \
+ -- ${options}
+ eend $? "Failed to start puppetmaster"
+}
+
+stop() {
+ ebegin "Stopping puppetmaster"
+ start-stop-daemon --stop --quiet \
+ --pidfile ${PUPPETMASTER_PID_DIR}/puppetmasterd.pid
+ local ret=$?
+ eend ${ret} "Failed to stop puppetmaster"
+ rm -f ${PUPPETMASTER_PID_DIR}/puppetmasterd.pid
+ return ${ret}
+}
+
Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp (original)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp Mon
Oct 6 15:28:34 2008
(at)(at) -47,12 +47,13 (at)(at)
Service["puppetmaster"] {
ensure => true,
enable => true,
- subscribe +> File["/etc/conf.d/puppetmaster"]
+ subscribe +> File["/etc/init.d/puppetmaster"]
}
file {
- "/etc/conf.d/puppetmaster":
- content => template("app_admin/conf.d_puppetmaster.erb");
+ "/etc/init.d/puppetmaster":
+ source => "puppet:///app_admin/init.d_puppetmaster",
+ mode => 0755;
"/var/lib/puppet/state":
owner => "puppet";
"/usr/local/bin/update-puppet":
|
SVN: r6936 - gocept.infrastructure/testing/puppet/manifests/classes
Christian Kauhaus <kc(at)gocept.com> |
2008-10-28 14:24:39 |
[ FULL ]
|
Author: ckauhaus
Date: Tue Oct 28 14:24:38 2008
New Revision: 6936
Log:
Forgot FQDNs for time servers
Modified:
gocept.infrastructure/testing/puppet/manifests/classes/location.pp
Modified: gocept.infrastructure/testing/puppet/manifests/classes/location.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/manifests/classes/location.pp (original)
+++ gocept.infrastructure/testing/puppet/manifests/classes/location.pp Tue Oct
28 14:24:38 2008
(at)(at) -18,7 +18,7 (at)(at)
$puppetmaster = "stampy.rzl.gocept.net"
$ldap_server = "ldap.gocept.com"
$nameservers = "213.187.85.129 195.62.106.5"
- $ntp_servers = "smithers" # XXX: substitute through ntp_server class
+ $ntp_servers = "smithers.gocept.com" # XXX: substitute through ntp_server
class
include location
}
(at)(at) -33,7 +33,7 (at)(at)
$puppetmaster = "uter.whq.gocept.com"
$ldap_server = "ldap.whq.gocept.com"
$nameservers = "195.62.106.5 213.187.85.129"
- $ntp_servers = "uter marge grampa" # XXX: substitute through ntp_server
class
+ $ntp_servers = "uter.whq.gocept.com marge.whq.gocept.com
grampa.whq.gocept.com" # XXX: substitute through ntp_server class
include location
}
|
SVN: r6937 - gocept.infrastructure/testing/puppet/plugins/puppet/parser/functions
Christian Theune <ct(at)gocept.com> |
2008-10-28 19:02:19 |
[ FULL ]
|
Author: ctheune
Date: Tue Oct 28 19:02:18 2008
New Revision: 6937
Log:
Fix typo.
Modified:
gocept.infrastructure/testing/puppet/plugins/puppet/parser/functions/public_address.rb
Modified:
gocept.infrastructure/testing/puppet/plugins/puppet/parser/functions/public_address.rb
==============================================================================
---
gocept.infrastructure/testing/puppet/plugins/puppet/parser/functions/public_address.rb (original)
+++
gocept.infrastructure/testing/puppet/plugins/puppet/parser/functions/public_address.rb Tue
Oct 28 19:02:18 2008
(at)(at) -32,7 +32,7 (at)(at)
else return false
end
else
- raise "cannot determine IP address familiy for '#{addr}'"
+ raise "cannot determine IP address family for '#{addr}'"
end
end
end
|
SVN: r6939 - gocept.infrastructure/testing/puppet/modules/sys_apps/manifests
Christian Theune <ct(at)gocept.com> |
2008-10-28 20:41:39 |
[ FULL ]
|
Author: ctheune
Date: Tue Oct 28 20:41:38 2008
New Revision: 6939
Log:
Fix bug in baselayout: network_bridged needs to be addressed using the correct
namespace.
XXX Big warning: This was really hard to track down because $network_bridged
evaluated to something that was recognizes as true (within puppet syntax) and
as false (within erb) at the same time.
Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/baselayout.pp
Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/baselayout.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/baselayout.pp (original)
+++
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/baselayout.pp Tue
Oct 28 20:41:38 2008
(at)(at) -17,19 +17,19 (at)(at)
mac => $mac_srv,
ip4 => $ip4_srv,
ip6net => $ip6_srv,
- bridged => $network_bridged,
+ bridged => $machine::network_bridged,
extra_alias => "${machine::canonical_alias}";
"sto":
mac => $mac_sto,
ip4 => $ip4_sto,
ip6net => $ip6_sto,
- bridged => $network_bridged,
+ bridged => $machine::network_bridged,
mtu => 9000;
"fe":
mac => $mac_fe,
ip4 => $ip4_fe,
ip6net => $ip6_fe,
- bridged => $network_bridged
+ bridged => $machine::network_bridged
}
Host <<| |>>
|
SVN: r6940 - gocept.infrastructure/testing/puppet/modules/sys_apps/templates
Christian Theune <ct(at)gocept.com> |
2008-10-28 20:42:11 |
[ FULL ]
|
Author: ctheune
Date: Tue Oct 28 20:42:10 2008
New Revision: 6940
Log:
We need the routes in the VLAN tables and the default table so
inside-out-connections work.
Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb
Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb (original)
+++
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb Tue
Oct 28 20:42:10 2008
(at)(at) -25,7 +25,8 (at)(at)
<% if ip4 %>
config_<%= net_device %>=( "<%= ip4 %>" )
routes_<%= net_device %>=(
- "default via <%= default_gateway(ip4)%> tab <%= vlan %>" )
+ "default via <%= default_gateway(ip4)%> tab <%= vlan %>"
+ "default via <%= default_gateway(ip4)%>" )
rules_<%= net_device %>=( "from <%= ip4 %> lookup <%= vlan
%>" )
<% end -%>
|
SVN: r6941 - gocept.infrastructure/testing/puppet/modules/sys_apps/templates
Christian Theune <ct(at)gocept.com> |
2008-10-29 08:38:12 |
[ FULL ]
|
Author: ctheune
Date: Wed Oct 29 08:38:11 2008
New Revision: 6941
Log:
- IP4 seems to be a blank string if unconfigured.
- Add `null` config for interfaces that do not have an IP to avoid automatic
DHCP and the disturbing outcome of autoconf addresses
Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb
Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb (original)
+++
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb Wed
Oct 29 08:38:11 2008
(at)(at) -22,12 +22,14 (at)(at)
end
-%>
-<% if ip4 %>
+<% if not ip4.blank? %>
config_<%= net_device %>=( "<%= ip4 %>" )
routes_<%= net_device %>=(
"default via <%= default_gateway(ip4)%> tab <%= vlan %>"
"default via <%= default_gateway(ip4)%>" )
rules_<%= net_device %>=( "from <%= ip4 %> lookup <%= vlan
%>" )
+<% else %>
+config_<%= net_device %>=( "null" )
<% end -%>
<% if mtu %>
|
SVN: r6948 - in gocept.infrastructure/testing/puppet/modules/www_nginx: . manifests
Christian Theune <ct(at)gocept.com> |
2008-10-29 17:25:36 |
[ FULL ]
|
Author: ctheune
Date: Wed Oct 29 17:25:35 2008
New Revision: 6948
Log:
Clone apache config, start working on nginx
Added:
gocept.infrastructure/testing/puppet/modules/www_nginx/ (props changed)
- copied from r6945,
gocept.infrastructure/testing/puppet/modules/www_apache/
Modified:
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/init.pp
Modified:
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/init.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/www_apache/manifests/init.pp (original)
+++
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/init.pp Wed
Oct 29 17:25:35 2008
(at)(at) -1 +1 (at)(at)
-import "apache.pp"
+import "nginx.pp"
|
SVN: r6949 - in gocept.infrastructure/testing/puppet/modules/www_nginx: files files/apache files/apache/vhosts.d manifests
Christian Theune <ct(at)gocept.com> |
2008-10-29 17:45:41 |
[ FULL ]
|
Author: ctheune
Date: Wed Oct 29 17:45:40 2008
New Revision: 6949
Log:
provide class for managing nginx
Added:
gocept.infrastructure/testing/puppet/modules/www_nginx/files/apache/
gocept.infrastructure/testing/puppet/modules/www_nginx/files/apache/vhosts.d/
gocept.infrastructure/testing/puppet/modules/www_nginx/files/nginx.conf
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/nginx.pp
(contents, props changed)
- copied, changed from r6948,
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/apache.pp
Removed:
gocept.infrastructure/testing/puppet/modules/www_nginx/files/conf.d_apache2
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/apache.pp
Added: gocept.infrastructure/testing/puppet/modules/www_nginx/files/nginx.conf
==============================================================================
--- (empty file)
+++ gocept.infrastructure/testing/puppet/modules/www_nginx/files/nginx.conf Wed
Oct 29 17:45:40 2008
(at)(at) -0,0 +1,51 (at)(at)
+# This file is managed by puppet.
+
+user nginx nginx;
+worker_processes 1;
+
+error_log /var/log/nginx/error_log info;
+
+events {
+ worker_connections 8192;
+ use epoll;
+}
+
+http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ log_format main
+ '$remote_addr - $remote_user [$time_local] '
+ '"$request" $status $bytes_sent '
+ '"$http_referer" "$http_user_agent" '
+ '"$gzip_ratio"';
+
+ client_header_timeout 10m;
+ client_body_timeout 10m;
+ send_timeout 10m;
+
+ connection_pool_size 256;
+ client_header_buffer_size 1k;
+ large_client_header_buffers 4 2k;
+ request_pool_size 4k;
+
+ gzip on;
+ gzip_min_length 1100;
+ gzip_buffers 4 8k;
+ gzip_types text/plain;
+
+ output_buffers 1 32k;
+ postpone_output 1460;
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+
+ keepalive_timeout 75 20;
+
+ ignore_invalid_headers on;
+
+ index index.html;
+
+ include /etc/nginx/sites-enabled/*.conf;
+}
Copied:
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/nginx.pp (from
r6948,
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/apache.pp)
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/apache.pp (original)
+++
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/nginx.pp Wed
Oct 29 17:45:40 2008
(at)(at) -1,27 +1,23 (at)(at)
-class www_apache::apache {
- sys_portage::package { "apache": }
+class www_nginx::nginx {
+ sys_portage::package { "nginx": }
file {
- "/etc/conf.d/apache2":
- source => "puppet:///www_apache/conf.d_apache2";
- "/etc/apache2":
- source => "puppet:///www_apache/apache",
- recurse => true;
- ["/etc/apache2/ssl/server.crt", "/etc/apache2/ssl/server.key"]:
- # SSL keys must be managed manually
- mode => "0600"
+ "/etc/nginx/nginx.conf":
+ source => "puppet:///www_nginx/nginx.conf";
+ "/etc/nginx/sites-enabled":
+ ensure => "directory"
}
- service { "apache2":
+ service { "nginx":
ensure => true,
enable => true,
subscribe => [
- Package["apache"],
- File["/etc/conf.d/apache2"]]
+ Package["nginx"],
+ File["/etc/nginx/nginx.conf"]]
}
- net_analyzer::nrpe_service { "proc apache":
- command => "check_procs -w 5:10 -c 1:20 -C apache2 -u apache"
+ net_analyzer::nrpe_service { "proc nginx ":
+ command => "check_procs -w 1:5 -c 1:10 -C nginx -u nginx"
}
net_analyzer::direct_service { "HTTP /":
|
SVN: r6956 - gocept.infrastructure/testing/puppet/modules/www_nginx/manifests
Christian Theune <ct(at)gocept.com> |
2008-10-30 15:11:27 |
[ FULL ]
|
Author: ctheune
Date: Thu Oct 30 15:11:26 2008
New Revision: 6956
Log:
fix ordering by declaring dependencies
Modified:
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/nginx.pp
Modified:
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/nginx.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/nginx.pp (original)
+++
gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/nginx.pp Thu
Oct 30 15:11:26 2008
(at)(at) -3,9 +3,11 (at)(at)
file {
"/etc/nginx/nginx.conf":
- source => "puppet:///www_nginx/nginx.conf";
+ source => "puppet:///www_nginx/nginx.conf",
+ require => Package["nginx"];
"/etc/nginx/sites-enabled":
- ensure => "directory"
+ ensure => "directory",
+ require => Package["nginx"];
}
service { "nginx":
|
SVN: r6957 - in gocept.infrastructure/testing/puppet/modules/www_zope: . manifests
Christian Theune <ct(at)gocept.com> |
2008-10-30 15:12:18 |
[ FULL ]
|
Author: ctheune
Date: Thu Oct 30 15:12:17 2008
New Revision: 6957
Log:
add classes for managing zope installations
Added:
gocept.infrastructure/testing/puppet/modules/www_zope/
gocept.infrastructure/testing/puppet/modules/www_zope/manifests/
gocept.infrastructure/testing/puppet/modules/www_zope/manifests/init.pp
gocept.infrastructure/testing/puppet/modules/www_zope/manifests/zope.pp
Added: gocept.infrastructure/testing/puppet/modules/www_zope/manifests/init.pp
==============================================================================
--- (empty file)
+++ gocept.infrastructure/testing/puppet/modules/www_zope/manifests/init.pp Thu
Oct 30 15:12:17 2008
(at)(at) -0,0 +1 (at)(at)
+import "zope.pp"
Added: gocept.infrastructure/testing/puppet/modules/www_zope/manifests/zope.pp
==============================================================================
--- (empty file)
+++ gocept.infrastructure/testing/puppet/modules/www_zope/manifests/zope.pp Thu
Oct 30 15:12:17 2008
(at)(at) -0,0 +1,22 (at)(at)
+class www_zope::appserver {
+
+ # This is a really bloaty class that pulls all kind of stuff we generally
+ # need for running Zope applications.
+
+ sys_portage::package {
+ ["jpeg", "freetype"]:
+ }
+
+}
+
+
+class www_zope::dbserver {
+
+ # This is a really bloaty class that pulls all kind of stuff we generally
+ # need for running ZEO/database servers.
+
+ sys_portage::package {
+ ["jpeg", "freetype"]:
+ }
+
+}
|
SVN: r6958 - gocept.infrastructure/testing/puppet/manifests/users
Christian Theune <ct(at)gocept.com> |
2008-10-30 15:12:56 |
[ FULL ]
|
Author: ctheune
Date: Thu Oct 30 15:12:55 2008
New Revision: 6958
Log:
Remove `admin` defaults for *all* Users.
Modified:
gocept.infrastructure/testing/puppet/manifests/users/admins.pp
Modified: gocept.infrastructure/testing/puppet/manifests/users/admins.pp
==============================================================================
--- gocept.infrastructure/testing/puppet/manifests/users/admins.pp (original)
+++ gocept.infrastructure/testing/puppet/manifests/users/admins.pp Thu Oct 30
15:12:55 2008
(at)(at) -1,17 +1,19 (at)(at)
User {
gid => "users",
- groups => ["wheel"],
- tag => "admin"
}
(at)user { "ctheune":
comment => "Christian Theune",
home => "/home/ctheune",
uid => 1003,
+ groups => ["wheel"],
+ tag => "admin"
}
(at)user { "ckauhaus":
comment => "Christian Kauhaus",
home => "/home/ckauhaus",
uid => 1046,
+ groups => ["wheel"],
+ tag => "admin"
}
|
SVN: r6959 - gocept.infrastructure/testing/puppet/manifests/classes
Christian Theune <ct(at)gocept.com> |
2008-10-30 15:13:18 |
[ FULL ]
|
Author: ctheune
Date: Thu Oct 30 15:13:17 2008
New Revision: 6959
Log:
add roles for customer projects
Modified:
gocept.infrastructure/testing/puppet/manifests/classes/role.pp
Modified: gocept.infrastructure/testing/puppet/manifests/classes/role.pp
==============================================================================
--- gocept.infrastructure/testing/puppet/manifests/classes/role.pp (original)
+++ gocept.infrastructure/testing/puppet/manifests/classes/role.pp Thu Oct 30
15:13:17 2008
(at)(at) -41,7 +41,34 (at)(at)
include net_analyzer::nagios_server
}
+# Nodes for customer projects
+class role::customerproject inherits role::generic {
+ user {"service":
+ comment => "Project service user",
+ home => "/home/service",
+ uid => 900 # XXX
+ }
+
+ file {"/home/service":
+ ensure => "directory",
+ group => 100, # users
+ owner => "service",
+ mode => "755"
+ }
+
+ file {"/home/service/.ssh":
+ ensure => "directory",
+ group => 100, # users
+ owner => "service",
+ mode => "700"
+ }
+}
+
# node that acts as a frontend server
-class role::webgateway inherits role::generic {
+class role::webgateway inherits role::customerproject {
include www_nginx::nginx
}
+
+class role::appserver inherits role::customerproject {
+ include www_zope::appserver
+}
|
SVN: r6960 - in gocept.infrastructure/testing/puppet/modules/net_misc: manifests templates
Christian Theune <ct(at)gocept.com> |
2008-10-30 15:24:26 |
[ FULL ]
|
Author: ctheune
Date: Thu Oct 30 15:24:25 2008
New Revision: 6960
Log:
Added memcached configuration.
Added:
gocept.infrastructure/testing/puppet/modules/net_misc/manifests/memcached.pp
gocept.infrastructure/testing/puppet/modules/net_misc/templates/memcached.conf.erb
Modified:
gocept.infrastructure/testing/puppet/modules/net_misc/manifests/init.pp
Modified:
gocept.infrastructure/testing/puppet/modules/net_misc/manifests/init.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/net_misc/manifests/init.pp (original)
+++ gocept.infrastructure/testing/puppet/modules/net_misc/manifests/init.pp Thu
Oct 30 15:24:25 2008
(at)(at) -1,2 +1,3 (at)(at)
import "ssh.pp"
import "ntp.pp"
+import "memcached.pp"
Added:
gocept.infrastructure/testing/puppet/modules/net_misc/manifests/memcached.pp
==============================================================================
--- (empty file)
+++
gocept.infrastructure/testing/puppet/modules/net_misc/manifests/memcached.pp Thu
Oct 30 15:24:25 2008
(at)(at) -0,0 +1,23 (at)(at)
+
+class net_misc::memcached {
+
+ # memcached gets installed system-wide, listening on the vlan `srv`.
+
+ sys_portage::package { "memcached": }
+
+ file { "/etc/memcached.conf":
+ content => template("net_misc/memcached.conf.erb"),
+ require => Package["memcached"]
+ }
+
+ service { "memcached":
+ enable => true,
+ ensure => running,
+ require => Package["memcached"],
+ subscribe => Package["memcached"]
+ }
+
+ # XXX nagios service check
+ # XXX logrotate
+
+}
Added:
gocept.infrastructure/testing/puppet/modules/net_misc/templates/memcached.conf.erb
==============================================================================
--- (empty file)
+++
gocept.infrastructure/testing/puppet/modules/net_misc/templates/memcached.conf.erb Thu
Oct 30 15:24:25 2008
(at)(at) -0,0 +1,50 (at)(at)
+# Generated by puppet. Do not modify.
+#
+# memcached default config file
+# 2003 - Jay Bonci <jaybonci(at)debian.org>
+# This configuration file is read by the start-memcached script provided as
+# part of the Debian GNU/Linux distribution.
+
+# Run memcached as a daemon. This command is implied, and is not needed for
the
+# daemon to run. See the README.Debian that comes with this package for more
+# information.
+-d
+
+# Log memcached's output to /var/log/memcached
+logfile /var/log/memcached.log
+
+# Be verbose
+# -v
+
+# Be even more verbose (print client commands as well)
+# -vv
+
+# Start with a cap of 64 megs of memory. It's reasonable, and the daemon
default
+# Note that the daemon will grow to this size, but does not start out holding
this much
+# memory
+-m 64
+
+# Default connection port is 11211
+-p 11211
+
+# Run the daemon as root. The start-memcached will default to running as root
if no
+# -u command is present in this config file
+-u nobody
+
+# Specify which IP address to listen on. The default is to listen on all IP
addresses
+# This parameter is one of the only security measures that memcached has, so
make sure
+# it's listening on a firewalled interface.
+-l <%= ip4_srv %>
+
+# Limit the number of simultaneous incoming connections. The daemon default is
1024
+# -c 1024
+
+# Lock down all paged memory. Consult with the README and homepage before you
do this
+# -k
+
+# Return error when memory is exhausted (rather than removing items)
+# -M
+
+# Maximize core file limit
+# -r
+
|
SVN: r6961 - gocept.infrastructure/testing/puppet/manifests/classes
Christian Theune <ct(at)gocept.com> |
2008-10-30 15:24:48 |
[ FULL ]
|
Author: ctheune
Date: Thu Oct 30 15:24:47 2008
New Revision: 6961
Log:
added dbserver role which carries the memcached configuration
Modified:
gocept.infrastructure/testing/puppet/manifests/classes/role.pp
Modified: gocept.infrastructure/testing/puppet/manifests/classes/role.pp
==============================================================================
--- gocept.infrastructure/testing/puppet/manifests/classes/role.pp (original)
+++ gocept.infrastructure/testing/puppet/manifests/classes/role.pp Thu Oct 30
15:24:47 2008
(at)(at) -69,6 +69,10 (at)(at)
include www_nginx::nginx
}
+class role::dbserver inherits role::customerproject {
+ include net_misc::memcached
+}
+
class role::appserver inherits role::customerproject {
include www_zope::appserver
}
|
|
