summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--hieradata/nodes/extmon.yaml1
-rw-r--r--sitemodules/profiles/manifests/base.pp47
-rw-r--r--sitemodules/roles/manifests/extmon.pp1
3 files changed, 32 insertions, 17 deletions
diff --git a/hieradata/nodes/extmon.yaml b/hieradata/nodes/extmon.yaml
index 9698831..b297d5b 100644
--- a/hieradata/nodes/extmon.yaml
+++ b/hieradata/nodes/extmon.yaml
@@ -3,6 +3,7 @@ classes:
- roles::extmon
profiles::base::admins:
- jandd
+profiles::base::is_external: true
profiles::icinga2_agent::pki_ticket: >
ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
DQYJKoZIhvcNAQEBBQAEggEAKkrkXNGDfVW85jlLRp7t1KsHr7fzVZUOiKgI
diff --git a/sitemodules/profiles/manifests/base.pp b/sitemodules/profiles/manifests/base.pp
index 2145c3f..1b29f41 100644
--- a/sitemodules/profiles/manifests/base.pp
+++ b/sitemodules/profiles/manifests/base.pp
@@ -17,6 +17,7 @@
# @param crl_job_enable whether to setup the hourly CRL update job
#
# @param crl_job_services which services to reload after the CRL update
+# @param is_external whether the node is outside of CAcert infrastructure
#
# Examples
# --------
@@ -34,7 +35,7 @@
# Copyright
# ---------
#
-# Copyright 2016-2018 Jan Dittberner
+# Copyright 2016-2019 Jan Dittberner
#
class profiles::base (
Array[String] $admins = [],
@@ -42,6 +43,7 @@ class profiles::base (
String $rootalias = "${trusted['certname']}-admin@cacert.org",
Boolean $crl_job_enable = false,
Array[String] $crl_job_services = [],
+ Boolean $is_external = false,
) {
# ensure admin users for this container
$admins.each |String $username| {
@@ -79,12 +81,14 @@ class profiles::base (
shell => '/usr/bin/zsh',
}
- file { '/etc/apt/apt.conf.d/03proxy':
- ensure => file,
- owner => 'root',
- group => 'root',
- mode => '0644',
- source => 'puppet:///modules/profiles/base/apt_proxy.conf',
+ unless $is_external {
+ file { '/etc/apt/apt.conf.d/03proxy':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ source => 'puppet:///modules/profiles/base/apt_proxy.conf',
+ }
}
file { '/etc/apt/apt.conf.d/10periodic':
ensure => file,
@@ -126,10 +130,17 @@ class profiles::base (
}
include apt
- apt::key { 'puppetlabs':
- id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
- server => 'pgp.mit.edu',
- options => 'http-proxy=http://proxyout:3128/',
+ if $is_external {
+ apt::key { 'puppetlabs':
+ id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
+ server => 'pgp.mit.edu',
+ }
+ } else {
+ apt::key { 'puppetlabs':
+ id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
+ server => 'pgp.mit.edu',
+ options => 'http-proxy=http://proxyout:3128/',
+ }
}
apt::source { "ftp.nl.debian.org-${::lsbdistcodename}":
location => 'http://ftp.nl.debian.org/debian',
@@ -162,12 +173,14 @@ class profiles::base (
ensure => absent,
}
- file { '/etc/resolv.conf':
- ensure => file,
- owner => 'root',
- group => 'root',
- mode => '0644',
- source => 'puppet:///modules/profiles/base/resolv.conf',
+ unless $is_external {
+ file { '/etc/resolv.conf':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ source => 'puppet:///modules/profiles/base/resolv.conf',
+ }
}
file { '/etc/update-motd.d/20-puppetinfo':
diff --git a/sitemodules/roles/manifests/extmon.pp b/sitemodules/roles/manifests/extmon.pp
index ccac506..f3cbfa8 100644
--- a/sitemodules/roles/manifests/extmon.pp
+++ b/sitemodules/roles/manifests/extmon.pp
@@ -21,6 +21,7 @@
# Copyright 2019 Jan Dittberner
#
class roles::extmon {
+ include profiles::base
include profiles::icinga2_agent
}