style edits to puppet config files

Change-Id: I4f7314bcb1cb58f94ff7a78aebe27ec4591fc11c
Reviewed-on: https://review.openstack.org/14187
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
This commit is contained in:
Matthew Wagoner 2012-10-08 19:52:17 -04:00 committed by Jenkins
parent 71e96df67f
commit 21dff1ba3d
7 changed files with 81 additions and 86 deletions
modules
iptables/manifests
logrotate/manifests
remove_nginx/manifests
ssh/manifests
sudoers/manifests
unattended_upgrades/manifests

View File

@ -1,20 +1,20 @@
#http://projects.puppetlabs.com/projects/1/wiki/Module_Iptables_Patterns
class iptables($rules='', $public_tcp_ports=[], $public_udp_ports=[]) {
package {
"iptables-persistent": ensure => present;
package { 'iptables-persistent':
ensure => present,
}
service { "iptables-persistent":
require => Package["iptables-persistent"],
service { 'iptables-persistent':
require => Package['iptables-persistent'],
# Because there is no running process for this service, the normal status
# checks fail. Because puppet then thinks the service has been manually
# stopped, it won't restart it. This fake status command will trick puppet
# into thinking the service is *always* running (which in a way it is, as
# iptables is part of the kernel.)
hasstatus => true,
status => "true",
hasstatus => true,
status => true,
# Under Debian, the "restart" parameter does not reload the rules, so tell
# Puppet to fall back to stop/start, which does work.
@ -22,32 +22,29 @@ class iptables($rules='', $public_tcp_ports=[], $public_udp_ports=[]) {
}
file { "/etc/iptables":
ensure => directory
file { '/etc/iptables':
ensure => directory,
}
file {
"/etc/iptables/rules":
owner => "root",
group => "root",
mode => 640,
file { '/etc/iptables/rules':
owner => 'root',
group => 'root',
mode => '0640',
content => template('iptables/rules.erb'),
require => [Package["iptables-persistent"], File["/etc/iptables"]],
require => [Package['iptables-persistent'], File['/etc/iptables']],
# When this file is updated, make sure the rules get reloaded.
notify => Service["iptables-persistent"],
;
notify => Service['iptables-persistent'],
}
file {
"/etc/iptables/rules.v4":
owner => "root",
group => "root",
mode => 640,
ensure => link,
target => "/etc/iptables/rules",
require => File["/etc/iptables/rules"],
notify => Service["iptables-persistent"]
file { '/etc/iptables/rules.v4':
ensure => link,
owner => 'root',
group => 'root',
mode => '0640',
target => '/etc/iptables/rules',
require => File['/etc/iptables/rules'],
notify => Service['iptables-persistent'],
}
}

View File

@ -1,10 +1,10 @@
define logrotate::file($log,
$options,
$ensure=present,
$prerotate='undef',
$postrotate='undef',
$firstaction='undef',
$lastaction='undef') {
define logrotate::file( $log,
$options,
$ensure=present,
$prerotate='undef',
$postrotate='undef',
$firstaction='undef',
$lastaction='undef') {
# $options should be an array containing 1 or more logrotate
# directives (e.g. missingok, compress).
@ -12,11 +12,11 @@ define logrotate::file($log,
include logrotate
file { "/etc/logrotate.d/${name}":
owner => root,
group => root,
mode => 644,
ensure => $ensure,
content => template("logrotate/config.erb"),
require => File["/etc/logrotate.d"],
ensure => $ensure,
owner => 'root',
group => 'root',
mode => '0644',
content => template('logrotate/config.erb'),
require => File['/etc/logrotate.d'],
}
}

View File

@ -1,16 +1,15 @@
# Adapted from http://projects.puppetlabs.com/projects/1/wiki/Logrotate_Patterns
class logrotate {
package { "logrotate":
package { 'logrotate':
ensure => present,
}
file { "/etc/logrotate.d":
ensure => directory,
owner => root,
group => root,
mode => 755,
require => Package["logrotate"],
file { '/etc/logrotate.d':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
require => Package['logrotate'],
}
}

View File

@ -2,10 +2,10 @@ class remove_nginx {
package { 'nginx':
ensure => absent,
}
file { "/etc/nginx/sites-available/default":
file { '/etc/nginx/sites-available/default':
ensure => absent,
}
service { 'nginx':
ensure => stopped
ensure => stopped,
}
}

View File

@ -1,19 +1,19 @@
class ssh {
package { openssh-server: ensure => present }
service { ssh:
ensure => running,
hasrestart => true,
subscribe => File["/etc/ssh/sshd_config"],
package { 'openssh-server':
ensure => present,
}
file { "/etc/ssh/sshd_config":
owner => 'root',
group => 'root',
mode => 444,
ensure => 'present',
source => [
"puppet:///modules/ssh/sshd_config.$operatingsystem",
"puppet:///modules/ssh/sshd_config"
],
replace => 'true',
service { 'ssh':
ensure => running,
hasrestart => true,
subscribe => File['/etc/ssh/sshd_config'],
}
file { '/etc/ssh/sshd_config':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
source => [ "puppet:///modules/ssh/sshd_config.${::operatingsystem}",
'puppet:///modules/ssh/sshd_config' ],
replace => true,
}
}

View File

@ -1,17 +1,17 @@
class sudoers {
group { 'sudo':
ensure => 'present'
ensure => present,
}
group { 'admin':
ensure => 'present'
ensure => present,
}
file { '/etc/sudoers':
owner => 'root',
group => 'root',
mode => 440,
ensure => 'present',
source => "puppet:///modules/sudoers/sudoers",
replace => 'true',
ensure => present,
owner => 'root',
group => 'root',
mode => '0440',
source => 'puppet:///modules/sudoers/sudoers',
replace => true,
}
}

View File

@ -1,28 +1,27 @@
class unattended_upgrades($ensure = present) {
package { 'unattended-upgrades':
ensure => $ensure;
ensure => $ensure,
}
package { 'mailutils':
ensure => $ensure;
ensure => $ensure,
}
file { '/etc/apt/apt.conf.d/10periodic':
owner => 'root',
group => 'root',
mode => 444,
ensure => $ensure,
source => "puppet:///modules/unattended_upgrades/10periodic",
replace => 'true',
ensure => $ensure,
owner => 'root',
group => 'root',
mode => '0444',
source => 'puppet:///modules/unattended_upgrades/10periodic',
replace => true,
}
file { '/etc/apt/apt.conf.d/50unattended-upgrades':
owner => 'root',
group => 'root',
mode => 444,
ensure => $ensure,
source => "puppet:///modules/unattended_upgrades/50unattended-upgrades",
replace => 'true',
ensure => $ensure,
owner => 'root',
group => 'root',
mode => '0444',
source => 'puppet:///modules/unattended_upgrades/50unattended-upgrades',
replace => true,
}
}