My Puppet skeleton profile
This might come in handy for someone using Puppet with the “roles and profiles” design pattern. Having this profile sitting idly by to provide the boilerplate for a new profile has let us be lazy in a good way.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
# lint:ignore:autoloader_layout class profile::skeleton::install { $packages = [ # 'packagename', ] package { $packages: ensure => 'installed', } } # Config! class profile::skeleton::config { include stdlib # Manage config files here. # Try to avoid using modified versions of config files as "files," instead creating them as an epp template # (which preserves the default values from the package) and sending modified vals as params. Refer to Puppet docs on google # drive for mroe info on this. # Remember that sensitive values are to be stored in hiera with eyaml! } # Service! class profile::skeleton::service { # Manage the relevant service. Make sure running, enabled, etc. $services = [ # 'servicename', ] service { $services: ensure => 'running', enable => true, } } # Logging! class profile::skeleton::logging { # Our code here was really site-specific so I left it out } # Monitoring class profile::skeleton::monitoring { include profile::nagios::client # YOU HAVE TO MONITOR YOUR SERVICE # FOR SERIOUS # If you're introducing a new command and/or plugin, nagios will need to know about them. # $services = { # "${::fqdn}_check_thing" => { # 'service_description' => 'TCP port bla bla', # 'check_command' => 'check_tcp!666!5!10', # 'use' => 'level3', # 'servicegroups' => 'skeleton', # }, # } # create_resources('@@nagios_service', $services, $profile::nagios::client::service_defaults) } # Firewall holes class profile::skeleton::firewall { $ports = [ # 666, # description ] # $ports.each |$thisport| { # firewall { "0401_skeleton_${thisport}": # proto => 'tcp', # action => 'accept', # dport => $thisport, # } # } } # lint:endignore |