Initial import for puppet module

LICENSE

@@ -1,4 +1,5 @@
-Apache License
+
+                                 Apache License
                            Version 2.0, January 2004
                         http://www.apache.org/licenses/
 
@@ -178,7 +179,7 @@ Apache License
    APPENDIX: How to apply the Apache License to your work.
 
       To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "{}"
+      boilerplate notice, with the fields enclosed by brackets "[]"
       replaced with your own identifying information. (Don't include
       the brackets!)  The text should be enclosed in the appropriate
       comment syntax for the file format. We also recommend that a
@@ -186,7 +187,7 @@ Apache License
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright {yyyy} {name of copyright owner}
+   Copyright [yyyy] [name of copyright owner]
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
@@ -199,4 +200,3 @@ Apache License
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.
-

README.md

@@ -1,2 +1,5 @@
-# puppet-puppet
-Module to install puppet and setup config files
+# Generic Set proxy Module
+
+## Overview
+
+Module to install and configure puppet services.

Rakefile

@@ -0,0 +1,8 @@
+require 'rubygems'
+require 'puppetlabs_spec_helper/rake_tasks'
+require 'puppet-lint/tasks/puppet-lint'
+PuppetLint.configuration.fail_on_warnings = true
+PuppetLint.configuration.send('disable_80chars')
+PuppetLint.configuration.send('disable_autoloader_layout')
+PuppetLint.configuration.send('disable_class_inherits_from_params_class')
+PuppetLint.configuration.send('disable_class_parameter_defaults')

files/80retry

@@ -0,0 +1 @@
+APT::Acquire::Retries "20";

files/90no-translations

@@ -0,0 +1 @@
+Acquire::Languages "none";

files/centos-puppetlabs.repo

@@ -0,0 +1,7 @@
+[puppetlabs-products]
+name=Puppet Labs Products El 6 - $basearch
+baseurl=http://yum.puppetlabs.com/el/6/products/$basearch
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs
+enabled=1
+gpgcheck=1
+exclude=puppet-4* facter-3* puppetdb-3* puppetdb-terminus-3*

files/yum.conf

@@ -0,0 +1,27 @@
+[main]
+cachedir=/var/cache/yum/$basearch/$releasever
+keepcache=0
+debuglevel=2
+logfile=/var/log/yum.log
+exactarch=1
+obsoletes=1
+gpgcheck=1
+plugins=1
+installonly_limit=5
+bugtracker_url=http://bugs.centos.org/set_project.php?project_id=16&ref=http://bugs.centos.org/bug_report_page.php?category=yum
+distroverpkg=centos-release
+exclude=python-setuptools
+
+#  This is the default, if you make this bigger yum won't see if the metadata
+# is newer on the remote and so you'll "gain" the bandwidth of not having to
+# download the new metadata and "pay" for it by yum not having correct
+# information.
+#  It is esp. important, to have correct metadata, for distributions like
+# Fedora which don't keep old packages around. If you don't like this checking
+# interupting your command line usage, it's much better to have something
+# manually check the metadata once an hour (yum-updatesd will do this).
+# metadata_expire=90m
+
+# PUT YOUR REPOS HERE OR IN separate files named file.repo
+# in /etc/yum.repos.d
+

manifests/init.pp

@@ -0,0 +1,156 @@
+# Copyright 2015 Hewlett-Packard Development Company, L.P.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# == Class: simpleproxy
+#
+class puppet (
+  $pin_puppet            = '3.',
+  $enable_puppet         = false,
+  $http_proxy            = '',
+  $agent_http_proxy_host = '',
+  $agent_http_proxy_port = '',
+  $https_proxy           = '',
+  $certname              = $::fqdn,
+  $puppetmaster_server   = 'puppetmaster.openstack.org',
+  $puppet_ca_server      = '',
+  $ca_server             = '',
+  $dns_alt_names         = '',
+  $environment_path      = '/etc/puppet/environments',
+  $basemodule_path       = '/etc/puppet/modules',
+  $environment_timeout   = 0,
+  $store_configs         = true,
+  $store_backend         = 'puppetdb',
+  $reports               = 'store,puppetdb',
+  $agent_runinterval     = 600,
+) {
+
+  # pin facter and puppetdb according to puppet version
+  case $pin_puppet {
+    '2.7.': {
+      $pin_facter = '1.'
+      $pin_puppetdb = '1.'
+    }
+    /^3\./: {
+      $pin_facter = '2.'
+      $pin_puppetdb = '2.'
+    }
+    default: {
+      fail("Puppet version not supported")
+    }
+  }
+
+  # special hiera install for Fedora OS
+  if ($::operatingsystem == 'Fedora') {
+
+    package { 'hiera':
+      ensure   => latest,
+      provider => 'gem',
+    }
+
+    exec { 'symlink hiera modules' :
+      command     => 'ln -s /usr/local/share/gems/gems/hiera-puppet-* /etc/puppet/modules/',
+      path        => '/bin:/usr/bin',
+      subscribe   => Package['hiera'],
+      refreshonly => true,
+    }
+
+  }
+
+  # Which Puppet do I take?
+  # Take $pin_puppet and pin to that version
+  if ($::osfamily == 'Debian') {
+    apt::source { 'puppetlabs':
+      location   => 'http://apt.puppetlabs.com',
+      repos      => 'main',
+      key        => '4BD6EC30',
+      key_server => 'pgp.mit.edu',
+    }
+
+    file { '/etc/apt/apt.conf.d/80retry':
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0444',
+      source  => 'puppet:///modules/puppet/80retry',
+      replace => true,
+    }
+
+    file { '/etc/apt/apt.conf.d/90no-translations':
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0444',
+      source  => 'puppet:///modules/puppet/90no-translations',
+      replace => true,
+    }
+
+    file { '/etc/apt/preferences.d/00-puppet.pref':
+      ensure  => present,
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0444',
+      content => template('puppet/00-puppet.pref.erb'),
+      replace => true,
+    }
+
+    file { '/etc/default/puppet':
+      ensure  => present,
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0444',
+      content => template('puppet/puppet.default.erb'),
+      replace => true,
+    }
+
+  }
+
+  if ($::operatingsystem == 'CentOS') {
+    file { '/etc/yum.repos.d/puppetlabs.repo':
+      ensure  => present,
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0444',
+      source  => 'puppet:///modules/puppet/centos-puppetlabs.repo',
+      replace => true,
+    }
+    file { '/etc/yum.conf':
+      ensure  => present,
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0444',
+      source  => 'puppet:///modules/puppet/yum.conf',
+      replace => true,
+    }
+  }
+
+  file { '/etc/puppet/puppet.conf':
+    ensure  => present,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0444',
+    content => template('puppet/puppet.conf.erb'),
+    replace => true,
+  }
+
+  # start puppet depending on settings
+  if $enable_puppet != false {
+    service { 'puppet':
+      ensure => started,
+    }
+  }
+  else {
+    service { 'puppet':
+      ensure => stopped,
+    }
+ }
+}
+

metadata.json

@@ -0,0 +1,12 @@
+{
+  "name": "openstackci-puppet",
+  "version": "0.0.1",
+  "author": "OpenStack CI",
+  "summary": "Puppet module to install and configure Puppet",
+  "license": "Apache 2.0",
+  "source": "git://git.openstack.org/openstack-infra/puppet-puppet.git",
+  "project_page": "",
+  "issues_url": "",
+  "dependencies": [
+  ]
+}

templates/00-puppet.pref.erb

@@ -0,0 +1,11 @@
+Package: puppet puppet-common puppetmaster puppetmaster-common puppetmaster-passenger
+Pin: version <%= @pin_puppet %>*
+Pin-Priority: 501
+
+Package: puppetdb puppetdb-terminus
+Pin: version <%= @pin_puppetdb %>*
+Pin-Priority: 501
+
+Package: facter
+Pin: version <%= @pin_facter %>*
+Pin-Priority: 501

templates/puppet.conf.erb

@@ -0,0 +1,49 @@
+[main]
+logdir=/var/log/puppet
+vardir=/var/lib/puppet
+ssldir=/var/lib/puppet/ssl
+rundir=/var/run/puppet
+<% if @pin_puppet.to_f < 3 %>
+factpath=$vardir/lib/facter
+templatedir=$confdir/templates
+<% end %>
+
+<% if @puppet_ca_server -%>
+ca_server=<%= @puppet_ca_server %>
+<% end -%>
+
+<% if @dns_alt_names -%>
+dns_alt_names=<%= @dns_alt_names %>
+<% end -%>
+
+server=<%= @puppetmaster_server %>
+certname=<%= @certname %>
+pluginsync=true
+
+[master]
+# These are needed when the puppetmaster is run by passenger
+# and can safely be removed if webrick is used.
+ssl_client_header = SSL_CLIENT_S_DN
+ssl_client_verify_header = SSL_CLIENT_VERIFY
+
+environmentpath=<%= @environment_path %>
+environmenttimeout = <%= @environment_timeout %>
+
+reports=<%= @reports %>
+storeconfigs = <%= @store_configs %>
+storeconfigs_backend = <%= @store_backend %>
+basemodulepath = <%= @basemodule_path %>
+<% if @ca_server -%>
+ca=false
+ca_server = <%= @ca_server %>
+<% end -%>
+
+[agent]
+report=true
+splay = true
+runinterval = <%= @agent_runinterval %>
+
+<% if @agent_http_proxy_host -%>
+http_proxy_host=<%= @agent_http_proxy_host %>
+http_proxy_port=<%= @agent_http_proxy_port %>
+<% end %>

templates/puppet.default.erb

@@ -0,0 +1,16 @@
+# Defaults for puppet - sourced by /etc/init.d/puppet
+
+# Enable puppet agent service?
+# Setting this to "yes" allows the puppet agent service to run.
+# Setting this to "no" keeps the puppet agent service from running.
+START=<%- if @enable_puppet == true-%>YES<%-else-%>NO<%-end%>
+
+# Startup options
+DAEMON_OPTS=""
+
+<% if @http_proxy %>
+export http_proxy=<%= @http_proxy %>
+<% end %>
+<% if @https_proxy %>
+export https_proxy=<%= @https_proxy %>
+<% end %>