diff options
| author | Jesse Luehrs <doy@tozt.net> | 2018-11-13 01:36:48 -0500 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2018-11-13 01:36:48 -0500 |
| commit | 4152be7e1de0797a2a8d4116a2165a2ba7bbecd4 (patch) | |
| tree | 49c8b2b590c447e21ae71e48eaa4da8a1cfb15e8 /modules/base | |
| parent | c3659899860d8519deec2c1f8993e4262e5f7f6c (diff) | |
| download | puppet-tozt-4152be7e1de0797a2a8d4116a2165a2ba7bbecd4.tar.gz puppet-tozt-4152be7e1de0797a2a8d4116a2165a2ba7bbecd4.zip | |
factor out configuration common to all of my machines
Diffstat (limited to 'modules/base')
| -rw-r--r-- | modules/base/files/hosts | 6 | ||||
| -rw-r--r-- | modules/base/files/puppet-tozt | 6 | ||||
| -rw-r--r-- | modules/base/manifests/bootstrap.pp | 14 | ||||
| -rw-r--r-- | modules/base/manifests/init.pp | 14 | ||||
| -rw-r--r-- | modules/base/manifests/makepkg.pp | 7 | ||||
| -rw-r--r-- | modules/base/manifests/operatingsystem.pp | 20 | ||||
| -rw-r--r-- | modules/base/manifests/services.pp | 5 | ||||
| -rw-r--r-- | modules/base/manifests/tools.pp | 20 | ||||
| -rw-r--r-- | modules/base/manifests/user.pp | 136 | ||||
| -rw-r--r-- | modules/base/manifests/users.pp | 13 |
10 files changed, 241 insertions, 0 deletions
diff --git a/modules/base/files/hosts b/modules/base/files/hosts new file mode 100644 index 0000000..40a877c --- /dev/null +++ b/modules/base/files/hosts @@ -0,0 +1,6 @@ +127.0.0.1 localhost +127.0.1.1 tozt.localdomain tozt + +10.19.49.101 hush.algo +10.19.49.103 phone.algo +10.19.49.104 tozt.algo diff --git a/modules/base/files/puppet-tozt b/modules/base/files/puppet-tozt new file mode 100644 index 0000000..6d06998 --- /dev/null +++ b/modules/base/files/puppet-tozt @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +set -eu +set -o pipefail + +(cd /usr/local/share/puppet-tozt && sudo git pull) +sudo puppet apply --show_diff --modulepath=/usr/local/share/puppet-tozt/modules /usr/local/share/puppet-tozt/manifests diff --git a/modules/base/manifests/bootstrap.pp b/modules/base/manifests/bootstrap.pp new file mode 100644 index 0000000..c0593a3 --- /dev/null +++ b/modules/base/manifests/bootstrap.pp @@ -0,0 +1,14 @@ +class bootstrap { + package { + [ + "puppet", + "rsync", + ]: + ensure => installed, + } + + file { '/usr/local/bin/puppet-tozt': + source => 'puppet:///modules/base/puppet-tozt', + mode => '0755'; + } +} diff --git a/modules/base/manifests/init.pp b/modules/base/manifests/init.pp new file mode 100644 index 0000000..c9e477d --- /dev/null +++ b/modules/base/manifests/init.pp @@ -0,0 +1,14 @@ +class base($default_user, $persistent_data) { + contain base::bootstrap + contain base::operatingsystem + contain base::services + contain base::tools + + class { 'base::users': + default_user => $default_user, + persistent_data => $persistent_data; + } + class { 'base::makepkg': + default_user => $default_user; + } +} diff --git a/modules/base/manifests/makepkg.pp b/modules/base/manifests/makepkg.pp new file mode 100644 index 0000000..0d725a2 --- /dev/null +++ b/modules/base/manifests/makepkg.pp @@ -0,0 +1,7 @@ +class base::makepkg($default_user) { + Package::Makepkg { + build_user => $default_user, + } + + Base::User[$default_user] -> Package::Makepkg<| build_user == $default_user |> +} diff --git a/modules/base/manifests/operatingsystem.pp b/modules/base/manifests/operatingsystem.pp new file mode 100644 index 0000000..cc18994 --- /dev/null +++ b/modules/base/manifests/operatingsystem.pp @@ -0,0 +1,20 @@ +class operatingsystem { + file { + "/etc/locale.gen": + content => "en_US.UTF-8 UTF-8\n", + notify => Exec["regen locale data"]; + "/etc/locale.conf": + content => "LANG=en_US.UTF-8\n", + require => [ + File["/etc/locale.gen"], + Exec["regen locale data"], + ]; + "/etc/hosts": + source => "puppet:///modules/base/hosts"; + } + + exec { "regen locale data": + command => "/usr/bin/locale-gen", + refreshonly => true; + } +} diff --git a/modules/base/manifests/services.pp b/modules/base/manifests/services.pp new file mode 100644 index 0000000..46e8f38 --- /dev/null +++ b/modules/base/manifests/services.pp @@ -0,0 +1,5 @@ +class base::services { + include fail2ban + include locate + include ntp +} diff --git a/modules/base/manifests/tools.pp b/modules/base/manifests/tools.pp new file mode 100644 index 0000000..053ebd2 --- /dev/null +++ b/modules/base/manifests/tools.pp @@ -0,0 +1,20 @@ +class base::tools { + include mail::sender + include yaourt + + package { + [ + "bc", + "exa", + "fzf", + "htop", + "lsof", + "mutt", + "ncdu", + "strace", + "the_silver_searcher", + "tmux", + ]: + ensure => 'installed'; + } +} diff --git a/modules/base/manifests/user.pp b/modules/base/manifests/user.pp new file mode 100644 index 0000000..b1bd792 --- /dev/null +++ b/modules/base/manifests/user.pp @@ -0,0 +1,136 @@ +define base::user( + $pwhash, + $user=$name, + $group=$user, + $home=undef, + $extra_groups=[], + $homedir_mode='0700', + $shell='/usr/bin/zsh', + $persistent_data=undef, +) { + $_home = $home ? { + undef => $user ? { + 'root' => '/root', + default => "/home/$user", + }, + default => $home, + } + + include tozt::persistent + + group { $group: + ensure => present; + } + + user { $user: + ensure => 'present', + gid => $group, + groups => $extra_groups, + home => $_home, + shell => $shell, + password => $pwhash, + require => Group[$group]; + } + + file { + $_home: + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + "${_home}/coding": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + File[$_home], + ]; + } + + if $persistent_data == undef { + file { + "${_home}/.cargo": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + "${_home}/.rustup": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + } + } + else { + file { + "$persistent_data/cargo/${user}": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + "$persistent_data/rustup/${user}": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + "${_home}/.cargo": + ensure => link, + target => "$persistent_data/cargo/${user}", + owner => $user, + group => $group, + require => [ + User[$user], + Group[$group], + File["${_home}"], + ]; + "${_home}/.rustup": + ensure => link, + target => "$persistent_data/rustup/${user}", + owner => $user, + group => $group, + require => [ + User[$user], + Group[$group], + File["${_home}"], + ]; + } + } + + rust::user { $user: + } + conf::user { $user: + } + + if $user != 'root' { + sudo::user { $user: + } + } + + if $shell == '/usr/bin/zsh' { + include zsh + Class['zsh'] -> User[$user] + } +} diff --git a/modules/base/manifests/users.pp b/modules/base/manifests/users.pp new file mode 100644 index 0000000..4725959 --- /dev/null +++ b/modules/base/manifests/users.pp @@ -0,0 +1,13 @@ +class base::users($default_user, $persistent_data) { + base::user { 'root': + pwhash => secret::value('passwd/root'), + persistent_data => $persistent_data; + } + + base::user { $default_user: + pwhash => secret::value("passwd/$default_user"), + extra_groups => ['wheel'], + homedir_mode => '0701', + persistent_data => $persistent_data; + } +} |