diff options
-rw-r--r-- | hiera/data/common.yaml | 11 | ||||
-rw-r--r-- | hiera/data/node/mail.yaml | 4 | ||||
-rw-r--r-- | hiera/data/node/partofme.yaml | 7 | ||||
-rw-r--r-- | hiera/data/node/tozt.yaml | 5 | ||||
-rw-r--r-- | manifests/00global.pp | 11 | ||||
-rw-r--r-- | manifests/mail.pp | 13 | ||||
-rw-r--r-- | manifests/partofme.pp | 12 | ||||
-rw-r--r-- | manifests/tozt.pp | 14 | ||||
-rw-r--r-- | modules/metabase/manifests/init.pp | 7 |
9 files changed, 35 insertions, 49 deletions
diff --git a/hiera/data/common.yaml b/hiera/data/common.yaml index d9e1a25..fe19671 100644 --- a/hiera/data/common.yaml +++ b/hiera/data/common.yaml @@ -1,2 +1,11 @@ --- -{} +default_user: doy +vpn_ips: + hornet: '10.49.0.2' + mail: '10.49.0.3' + partofme: '10.49.0.4' + phone: '10.49.0.5' + tozt: '10.49.0.6' + +# when updating this value, also rm /opt/metabase/metabase.jar +metabase::version: 'v0.45.3'
\ No newline at end of file diff --git a/hiera/data/node/mail.yaml b/hiera/data/node/mail.yaml index d9e1a25..9267209 100644 --- a/hiera/data/node/mail.yaml +++ b/hiera/data/node/mail.yaml @@ -1,2 +1,4 @@ --- -{} +persistent_data: '/media/persistent' +base::extra_script: | + (cd /media/persistent && sudo docker-compose pull -q)
\ No newline at end of file diff --git a/hiera/data/node/partofme.yaml b/hiera/data/node/partofme.yaml index d9e1a25..fed4580 100644 --- a/hiera/data/node/partofme.yaml +++ b/hiera/data/node/partofme.yaml @@ -1,2 +1,7 @@ --- -{} +# we don't want to store anything system-related on the persistent disk, +# since we want it to be encrypted, and we can't really access it at boot +# time to type in a password +# persistent_data: +base::extra_script: | + (sudo podman pull docker.io/pihole/pihole) diff --git a/hiera/data/node/tozt.yaml b/hiera/data/node/tozt.yaml index d9e1a25..c03fa5b 100644 --- a/hiera/data/node/tozt.yaml +++ b/hiera/data/node/tozt.yaml @@ -1,2 +1,5 @@ --- -{} +persistent_data: '/media/persistent' +base::extra_script: | + (cd /home/doy/coding/metabase-utils && git pull) + (sudo podman pull docker.io/vaultwarden/server) diff --git a/manifests/00global.pp b/manifests/00global.pp index 078bdef..8a5342c 100644 --- a/manifests/00global.pp +++ b/manifests/00global.pp @@ -1,11 +1,6 @@ -$default_user = 'doy' -$vpn_ips = { - 'hornet' => '10.49.0.2', - 'mail' => '10.49.0.3', - 'partofme' => '10.49.0.4', - 'phone' => '10.49.0.5', - 'tozt' => '10.49.0.6', -} +$default_user = lookup('default_user') +$vpn_ips = lookup('vpn_ips') +$persistent_data = lookup('persistent_data') Package::Makepkg { build_user => $default_user, diff --git a/manifests/mail.pp b/manifests/mail.pp index 15063cf..24bcc1b 100644 --- a/manifests/mail.pp +++ b/manifests/mail.pp @@ -1,16 +1,9 @@ node 'mail', 'mail.localdomain' { - $persistent_data = '/media/persistent' - include mail::persistent - Class['mail::persistent'] -> Class['base'] - - class { 'base': - extra_script => " - (cd /media/persistent && sudo docker-compose pull -q) - "; - } - + include base include mail::operatingsystem + include mail::persistent Class['mail::operatingsystem'] -> Package<| provider == "pacman" |> + Class['mail::persistent'] -> Class['base'] include mail::backups include mail::mailu diff --git a/manifests/partofme.pp b/manifests/partofme.pp index e53d4ef..eff007c 100644 --- a/manifests/partofme.pp +++ b/manifests/partofme.pp @@ -1,15 +1,5 @@ node 'partofme', 'partofme.localdomain' { - # we don't want to store anything system-related on the persistent disk, - # since we want it to be encrypted, and we can't really access it at boot - # time to type in a password - $persistent_data = undef - - class { 'base': - extra_script => " - (sudo podman pull docker.io/pihole/pihole) - "; - } - + include base include partofme::operatingsystem Class['partofme::operatingsystem'] -> Package<| provider == "pacman" |> diff --git a/manifests/tozt.pp b/manifests/tozt.pp index 2aa1bc6..4c64046 100644 --- a/manifests/tozt.pp +++ b/manifests/tozt.pp @@ -1,17 +1,9 @@ node 'tozt', 'tozt.localdomain' { - $persistent_data = '/media/persistent' - include tozt::persistent - Class['tozt::persistent'] -> Class['base'] - - class { 'base': - extra_script => " - (cd /home/doy/coding/metabase-utils && git pull) - (sudo podman pull docker.io/vaultwarden/server) - "; - } - + include base include tozt::operatingsystem + include tozt::persistent Class['tozt::operatingsystem'] -> Package<| provider == "pacman" |> + Class['tozt::persistent'] -> Class['base'] include tozt::backups include tozt::bitwarden diff --git a/modules/metabase/manifests/init.pp b/modules/metabase/manifests/init.pp index 77440fb..ada984a 100644 --- a/modules/metabase/manifests/init.pp +++ b/modules/metabase/manifests/init.pp @@ -1,10 +1,7 @@ -class metabase { +class metabase($version) { include postgres include systemd - # when updating this value, also rm /opt/metabase/metabase.jar - $metabase_version = "v0.45.3" - # move back to jre-openjdk-headless once metabase supports java 15? package { "jre-openjdk-headless": ensure => installed; @@ -40,7 +37,7 @@ class metabase { exec { "download metabase": provider => shell, - command => "curl -LO http://downloads.metabase.com/${metabase_version}/metabase.jar", + command => "curl -LO http://downloads.metabase.com/${version}/metabase.jar", cwd => "/opt/metabase", creates => "/opt/metabase/metabase.jar", require => File["/opt/metabase"]; |