diff options
| author | Jesse Luehrs <doy@tozt.net> | 2021-07-05 19:01:01 -0400 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2021-07-05 19:01:01 -0400 |
| commit | 0c7b84faf05e510dfc38f8f69b8a107d1ada8c80 (patch) | |
| tree | 438f704e6b043d1bcf251900f5a426af87f025c8 | |
| parent | 573a37010fac2c1ff893257be19a1f2842ce11e1 (diff) | |
| download | puppet-tozt-0c7b84faf05e510dfc38f8f69b8a107d1ada8c80.tar.gz puppet-tozt-0c7b84faf05e510dfc38f8f69b8a107d1ada8c80.zip | |
start building a new mail server
| -rw-r--r-- | bin/helpers/launch-mail2 | 34 | ||||
| -rwxr-xr-x | bin/launch | 18 | ||||
| -rw-r--r-- | manifests/mail2.pp | 13 | ||||
| -rw-r--r-- | modules/mail2/files/mirrorlist | 5 | ||||
| -rw-r--r-- | modules/mail2/manifests/backups.pp | 5 | ||||
| -rw-r--r-- | modules/mail2/manifests/monitoring.pp | 3 | ||||
| -rw-r--r-- | modules/mail2/manifests/operatingsystem.pp | 5 | ||||
| -rw-r--r-- | modules/mail2/manifests/persistent.pp | 27 |
8 files changed, 101 insertions, 9 deletions
diff --git a/bin/helpers/launch-mail2 b/bin/helpers/launch-mail2 new file mode 100644 index 0000000..38176d7 --- /dev/null +++ b/bin/helpers/launch-mail2 @@ -0,0 +1,34 @@ +#!/usr/bin/env bash +set -eu +set -o pipefail + +# shellcheck source=functions.sh +. "$(dirname "$0")/functions.sh" + +create_droplet mail2.tozt.net s-1vcpu-1gb 0812b69f-dde4-11eb-9b7e-0a58ac1465ad + +echo "Creating DNS entry for $ip..." +record_id=$( + doctl \ + -t "$(cat /mnt/digitalocean)" \ + compute domain records list \ + tozt.net \ + --format Name,Type,ID \ + --no-header | + grep '^smtp2 \+A ' | + awk '{print $3}' +) +doctl \ + -t "$(cat /mnt/digitalocean)" \ + compute domain records update \ + tozt.net \ + --record-id "$record_id" \ + --record-type A \ + --record-name smtp2 \ + --record-data "$ip" \ + --record-ttl 600 +echo "Done creating DNS entry" + +provision_droplet mail2 + +echo "Done" @@ -6,13 +6,13 @@ script_path="$(realpath "$(dirname "$0")")" secrets_bin="${script_path}/secrets" case "$1" in - base|tozt|algo|mail|partofme) - "$secrets_bin" open - trap '"$secrets_bin" close' EXIT - "$(dirname "$0")/helpers/launch-$1" - ;; - *) - echo "unknown host $1" >&2 - exit 1 - ;; +base | tozt | algo | mail | mail2 | partofme) + "$secrets_bin" open + trap '"$secrets_bin" close' EXIT + "$(dirname "$0")/helpers/launch-$1" + ;; +*) + echo "unknown host $1" >&2 + exit 1 + ;; esac diff --git a/manifests/mail2.pp b/manifests/mail2.pp new file mode 100644 index 0000000..a4e1129 --- /dev/null +++ b/manifests/mail2.pp @@ -0,0 +1,13 @@ +node 'mail2', 'mail2.localdomain' { + $persistent_data = '/media/persistent' + include mail2::persistent + Class['mail2::persistent'] -> Class['base'] + + include base + + include mail2::operatingsystem + Class['mail2::operatingsystem'] -> Package<| provider == "pacman" |> + + include mail2::backups + include mail2::monitoring +} diff --git a/modules/mail2/files/mirrorlist b/modules/mail2/files/mirrorlist new file mode 100644 index 0000000..d1c515d --- /dev/null +++ b/modules/mail2/files/mirrorlist @@ -0,0 +1,5 @@ +Server = https://arch.mirror.constant.com/$repo/os/$arch +Server = https://mirrors.sorengard.com/archlinux/$repo/os/$arch +Server = https://mirror.stephen304.com/archlinux/$repo/os/$arch +Server = https://mirror.wdc1.us.leaseweb.net/archlinux/$repo/os/$arch +Server = https://mirrors.rit.edu/archlinux/$repo/os/$arch diff --git a/modules/mail2/manifests/backups.pp b/modules/mail2/manifests/backups.pp new file mode 100644 index 0000000..5efe064 --- /dev/null +++ b/modules/mail2/manifests/backups.pp @@ -0,0 +1,5 @@ +class mail2::backups { + class { 'borgmatic': + extra_paths => ['/media/persistent']; + } +} diff --git a/modules/mail2/manifests/monitoring.pp b/modules/mail2/manifests/monitoring.pp new file mode 100644 index 0000000..c7c9a32 --- /dev/null +++ b/modules/mail2/manifests/monitoring.pp @@ -0,0 +1,3 @@ +class mail2::monitoring { + include tick::client::base_plugins +} diff --git a/modules/mail2/manifests/operatingsystem.pp b/modules/mail2/manifests/operatingsystem.pp new file mode 100644 index 0000000..3dad94f --- /dev/null +++ b/modules/mail2/manifests/operatingsystem.pp @@ -0,0 +1,5 @@ +class mail2::operatingsystem { + file { '/etc/pacman.d/mirrorlist': + source => 'puppet:///modules/mail2/mirrorlist'; + } +} diff --git a/modules/mail2/manifests/persistent.pp b/modules/mail2/manifests/persistent.pp new file mode 100644 index 0000000..6f5f3e7 --- /dev/null +++ b/modules/mail2/manifests/persistent.pp @@ -0,0 +1,27 @@ +class mail2::persistent { + file { + "/media": + ensure => directory; + "/media/persistent": + ensure => directory, + require => File["/media"]; + } + + $fstab_line = "/dev/disk/by-id/scsi-0DO_Volume_mail2-persistent /media/persistent ext4 rw,relatime 0 2" + exec { "populate fstab": + provider => shell, + command => "echo '${fstab_line}' >> /etc/fstab", + unless => "/usr/bin/grep -qF '${fstab_line}' /etc/fstab", + require => File["/media/persistent"]; + } + + exec { "mount /media/persistent": + provider => shell, + command => "/usr/bin/mount /media/persistent", + unless => "grep ' /media/persistent ' /proc/mounts", + require => [ + File["/media/persistent"], + Exec["populate fstab"], + ]; + } +} |