From 4ac2ce21c3bf124a836e76c015ec8304c9c30c38 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Fri, 13 Oct 2023 15:11:25 +0200 Subject: [PATCH 01/17] addcode --- files/eggsample.conf | 0 manifests/init.pp | 20 ++++++++++++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) create mode 100644 files/eggsample.conf diff --git a/files/eggsample.conf b/files/eggsample.conf new file mode 100644 index 0000000..e69de29 diff --git a/manifests/init.pp b/manifests/init.pp index 2d01301..1a83497 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -28,9 +28,21 @@ # class egg ( ) { - ::server_firewall::rules_file { '30-permit_http_https.rules': - content => epp("${module_name}/permit_http_https.rules.epp", { - module_name => $module_name, - }), + include egg::nginx + include egg::postgres + include egg::nodejs + + server_firewall::address_set { 'liu_vpn': + addresses => [ + '10.243.0.0/16', + ], + } + + firewalld_rich_rule { 'allow ssh via vpn': + action => 'accept', + service => 'ssh', + source => { 'ipset' => 'liu_vpn_v4', }, + family => 'ipv4', + zone => 'liu', } } -- GitLab From c75613e6a9503d89dcdfb5be81e57ebec87ec838 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Fri, 13 Oct 2023 15:13:16 +0200 Subject: [PATCH 02/17] pdkupdate --- .gitignore | 2 +- .gitlab-ci.yml | 4 + .pdkignore | 8 +- .rubocop.yml | 216 ++++++++++++++++++++++++++++++++++++++++-- Gemfile | 45 ++++----- Rakefile | 9 +- manifests/nginx.pp | 30 ++++++ manifests/nodejs.pp | 13 +++ manifests/postgres.pp | 6 ++ metadata.json | 4 +- spec/spec_helper.rb | 4 +- 11 files changed, 297 insertions(+), 44 deletions(-) create mode 100644 manifests/nginx.pp create mode 100644 manifests/nodejs.pp create mode 100644 manifests/postgres.pp diff --git a/.gitignore b/.gitignore index a996532..c817477 100644 --- a/.gitignore +++ b/.gitignore @@ -16,7 +16,7 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ /convert_report.txt diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d49a282..97ebb8b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -2,3 +2,7 @@ include: - project: 'puppet-infra/shared-ci-piplines' file: '/puppet-module-pipeline.yaml' + - local: .local-ci.yml + rules: + - exists: + - .local-ci.yml diff --git a/.pdkignore b/.pdkignore index f962996..2cf6497 100644 --- a/.pdkignore +++ b/.pdkignore @@ -16,7 +16,7 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ /convert_report.txt @@ -29,20 +29,16 @@ *~ \#*\# .\#* -/appveyor.yml -/.editorconfig /.fixtures.yml /Gemfile /.gitattributes /.gitignore -/.gitlab-ci.yml /.pdkignore /.puppet-lint.rc /Rakefile /rakelib/ /.rspec -/.rubocop.yml -/.travis.yml +/..yml /.yardopts /spec/ /.vscode/ diff --git a/.rubocop.yml b/.rubocop.yml index 31e8248..5be1f9f 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -4,7 +4,7 @@ require: - rubocop-rspec AllCops: DisplayCopNames: true - TargetRubyVersion: '2.5' + TargetRubyVersion: '2.6' Include: - "**/*.rb" Exclude: @@ -111,8 +111,14 @@ Style/MethodCalledOnDoEndBlock: Enabled: true Style/StringMethods: Enabled: true +Bundler/GemFilename: + Enabled: false Bundler/InsecureProtocolSource: Enabled: false +Capybara/CurrentPathExpectation: + Enabled: false +Capybara/VisibilityMatcher: + Enabled: false Gemspec/DuplicatedAssignment: Enabled: false Gemspec/OrderedDependencies: @@ -287,11 +293,9 @@ Performance/UriDefaultParser: Enabled: false RSpec/Be: Enabled: false -RSpec/Capybara/CurrentPathExpectation: - Enabled: false RSpec/Capybara/FeatureMethods: Enabled: false -RSpec/Capybara/VisibilityMatcher: +RSpec/ContainExactly: Enabled: false RSpec/ContextMethod: Enabled: false @@ -331,6 +335,8 @@ RSpec/LeakyConstantDeclaration: Enabled: false RSpec/LetBeforeExamples: Enabled: false +RSpec/MatchArray: + Enabled: false RSpec/MissingExampleGroupArgument: Enabled: false RSpec/MultipleExpectations: @@ -373,8 +379,6 @@ Style/AccessModifierDeclarations: Enabled: false Style/AccessorGrouping: Enabled: false -Style/AsciiComments: - Enabled: false Style/BisectedAttrAccessor: Enabled: false Style/CaseLikeIf: @@ -485,35 +489,235 @@ Style/TrailingMethodEndStatement: Enabled: false Style/UnpackFirst: Enabled: false +Capybara/MatchStyle: + Enabled: false +Capybara/NegationMatcher: + Enabled: false +Capybara/SpecificActions: + Enabled: false +Capybara/SpecificFinders: + Enabled: false +Capybara/SpecificMatcher: + Enabled: false +Gemspec/DeprecatedAttributeAssignment: + Enabled: false +Gemspec/DevelopmentDependencies: + Enabled: false +Gemspec/RequireMFA: + Enabled: false +Layout/LineContinuationLeadingSpace: + Enabled: false +Layout/LineContinuationSpacing: + Enabled: false +Layout/LineEndStringConcatenationIndentation: + Enabled: false +Layout/SpaceBeforeBrackets: + Enabled: false +Lint/AmbiguousAssignment: + Enabled: false +Lint/AmbiguousOperatorPrecedence: + Enabled: false +Lint/AmbiguousRange: + Enabled: false +Lint/ConstantOverwrittenInRescue: + Enabled: false +Lint/DeprecatedConstants: + Enabled: false Lint/DuplicateBranch: Enabled: false +Lint/DuplicateMagicComment: + Enabled: false Lint/DuplicateRegexpCharacterClassElement: Enabled: false Lint/EmptyBlock: Enabled: false Lint/EmptyClass: Enabled: false +Lint/EmptyInPattern: + Enabled: false +Lint/IncompatibleIoSelectWithFiberScheduler: + Enabled: false +Lint/LambdaWithoutLiteralBlock: + Enabled: false Lint/NoReturnInBeginEndBlocks: Enabled: false +Lint/NonAtomicFileOperation: + Enabled: false +Lint/NumberedParameterAssignment: + Enabled: false +Lint/OrAssignmentToConstant: + Enabled: false +Lint/RedundantDirGlobSort: + Enabled: false +Lint/RefinementImportMethods: + Enabled: false +Lint/RequireRangeParentheses: + Enabled: false +Lint/RequireRelativeSelfPath: + Enabled: false +Lint/SymbolConversion: + Enabled: false Lint/ToEnumArguments: Enabled: false +Lint/TripleQuotes: + Enabled: false Lint/UnexpectedBlockArity: Enabled: false Lint/UnmodifiedReduceAccumulator: Enabled: false +Lint/UselessRescue: + Enabled: false +Lint/UselessRuby2Keywords: + Enabled: false +Metrics/CollectionLiteralLength: + Enabled: false +Naming/BlockForwarding: + Enabled: false Performance/CollectionLiteralInLoop: Enabled: false +Performance/ConcurrentMonotonicTime: + Enabled: false +Performance/MapCompact: + Enabled: false +Performance/RedundantEqualityComparisonBlock: + Enabled: false +Performance/RedundantSplitRegexpArgument: + Enabled: false +Performance/StringIdentifierArgument: + Enabled: false +RSpec/BeEq: + Enabled: false +RSpec/BeNil: + Enabled: false +RSpec/ChangeByZero: + Enabled: false +RSpec/ClassCheck: + Enabled: false +RSpec/DuplicatedMetadata: + Enabled: false +RSpec/ExcessiveDocstringSpacing: + Enabled: false +RSpec/FactoryBot/ConsistentParenthesesStyle: + Enabled: false +RSpec/FactoryBot/FactoryNameStyle: + Enabled: false +RSpec/FactoryBot/SyntaxMethods: + Enabled: false +RSpec/IdenticalEqualityAssertion: + Enabled: false +RSpec/NoExpectationExample: + Enabled: false +RSpec/PendingWithoutReason: + Enabled: false +RSpec/Rails/AvoidSetupHook: + Enabled: false +RSpec/Rails/HaveHttpStatus: + Enabled: false +RSpec/Rails/InferredSpecType: + Enabled: false +RSpec/Rails/MinitestAssertions: + Enabled: false +RSpec/Rails/TravelAround: + Enabled: false +RSpec/RedundantAround: + Enabled: false +RSpec/SkipBlockInsideExample: + Enabled: false +RSpec/SortMetadata: + Enabled: false +RSpec/SubjectDeclaration: + Enabled: false +RSpec/VerifiedDoubleReference: + Enabled: false +Security/CompoundHash: + Enabled: false +Security/IoMethods: + Enabled: false Style/ArgumentsForwarding: Enabled: false +Style/ArrayIntersect: + Enabled: false Style/CollectionCompact: Enabled: false +Style/ComparableClamp: + Enabled: false +Style/ConcatArrayLiterals: + Enabled: false +Style/DirEmpty: + Enabled: false Style/DocumentDynamicEvalDefinition: Enabled: false +Style/EmptyHeredoc: + Enabled: false +Style/EndlessMethod: + Enabled: false +Style/EnvHome: + Enabled: false +Style/FetchEnvVar: + Enabled: false +Style/FileEmpty: + Enabled: false +Style/FileRead: + Enabled: false +Style/FileWrite: + Enabled: false +Style/HashConversion: + Enabled: false +Style/HashExcept: + Enabled: false +Style/IfWithBooleanLiteralBranches: + Enabled: false +Style/InPatternThen: + Enabled: false +Style/MagicCommentFormat: + Enabled: false +Style/MapCompactWithConditionalBlock: + Enabled: false +Style/MapToHash: + Enabled: false +Style/MapToSet: + Enabled: false +Style/MinMaxComparison: + Enabled: false +Style/MultilineInPatternThen: + Enabled: false Style/NegatedIfElseCondition: Enabled: false +Style/NestedFileDirname: + Enabled: false Style/NilLambda: Enabled: false +Style/NumberedParameters: + Enabled: false +Style/NumberedParametersLimit: + Enabled: false +Style/ObjectThen: + Enabled: false +Style/OpenStructUse: + Enabled: false +Style/OperatorMethodCall: + Enabled: false +Style/QuotedSymbols: + Enabled: false Style/RedundantArgument: Enabled: false +Style/RedundantConstantBase: + Enabled: false +Style/RedundantDoubleSplatHashBraces: + Enabled: false +Style/RedundantEach: + Enabled: false +Style/RedundantHeredocDelimiterQuotes: + Enabled: false +Style/RedundantInitialize: + Enabled: false +Style/RedundantSelfAssignmentBranch: + Enabled: false +Style/RedundantStringEscape: + Enabled: false +Style/SelectByRegexp: + Enabled: false +Style/StringChars: + Enabled: false Style/SwapValues: Enabled: false diff --git a/Gemfile b/Gemfile index 4eaa0c3..add1873 100644 --- a/Gemfile +++ b/Gemfile @@ -14,30 +14,31 @@ def location_for(place_or_version, fake_version = nil) end group :development do - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "voxpupuli-puppet-lint-plugins", '~> 4.0', require: false - gem "facterdb", '~> 1.18', require: false - gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0', require: false - gem "puppetlabs_spec_helper", '~> 5.0', require: false - gem "rspec-puppet-facts", '~> 2.0', require: false - gem "codecov", '~> 0.2', require: false - gem "dependency_checker", '~> 0.2', require: false - gem "parallel_tests", '= 3.12.1', require: false - gem "pry", '~> 0.10', require: false - gem "simplecov-console", '~> 0.5', require: false - gem "puppet-debugger", '~> 1.0', require: false - gem "rubocop", '= 1.6.1', require: false - gem "rubocop-performance", '= 1.9.1', require: false - gem "rubocop-rspec", '= 2.0.1', require: false - gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false + gem "facterdb", '~> 1.18', require: false + gem "metadata-json-lint", '~> 3.0', require: false + gem "puppetlabs_spec_helper", '~> 6.0', require: false + gem "rspec-puppet-facts", '~> 2.0', require: false + gem "codecov", '~> 0.2', require: false + gem "dependency_checker", '~> 1.0.0', require: false + gem "parallel_tests", '= 3.12.1', require: false + gem "pry", '~> 0.10', require: false + gem "simplecov-console", '~> 0.5', require: false + gem "puppet-debugger", '~> 1.0', require: false + gem "rubocop", '= 1.48.1', require: false + gem "rubocop-performance", '= 1.16.0', require: false + gem "rubocop-rspec", '= 2.19.0', require: false + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] end group :system_tests do - gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby, :x64_mingw] - gem "serverspec", '~> 2.41', require: false + gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] + gem "serverspec", '~> 2.41', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/Rakefile b/Rakefile index 0f8754e..74415a9 100644 --- a/Rakefile +++ b/Rakefile @@ -1,12 +1,11 @@ # frozen_string_literal: true require 'bundler' -require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? +require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus' require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? -require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? -require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? +require 'github_changelog_generator/task' if Gem.loaded_specs.key? 'github_changelog_generator' +require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' def changelog_user return unless Rake.application.top_level_tasks.include? "changelog" @@ -44,7 +43,7 @@ end PuppetLint.configuration.send('disable_relative') -if Bundler.rubygems.find_name('github_changelog_generator').any? +if Gem.loaded_specs.key? 'github_changelog_generator' GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? config.user = "#{changelog_user}" diff --git a/manifests/nginx.pp b/manifests/nginx.pp new file mode 100644 index 0000000..9e6866c --- /dev/null +++ b/manifests/nginx.pp @@ -0,0 +1,30 @@ +# intelligent comment here +class egg::nginx () { + $hostname = fact( 'networking.fqdn' ) + $hostalias = [] + package { 'nginx': + ensure => 'installed', + } + # inserf conf. files here + # file { '/etc/nginx/nginx.conf': + # ensure => 'file', + # source => "puppet:///modules/${module_name}/nginx.conf", + # notify => Service['nginx'], + # } + file { '/etc/nginx/conf.d/eggsample.conf': + ensure => 'present', + source => "puppet:///modules/${module_name}/eggsample.conf", + notify => Service['nginx'], + } + + # Housekeeping + service { 'nginx': + ensure => 'running', + enable => true, + } + firewalld_service { 'Allow http in the liu Zone': + ensure => present, + zone => 'liu', + service => 'http', + } + diff --git a/manifests/nodejs.pp b/manifests/nodejs.pp new file mode 100644 index 0000000..d065b2a --- /dev/null +++ b/manifests/nodejs.pp @@ -0,0 +1,13 @@ +# Intelligent cement +class egg::nodejs () { + package { 'nodejs': + ensure => 'installed', + } + exec { 'install pm2': + command => 'npm install pm2 -g', + path => ['/bin','/usr/bin'], + refreshonly => true, + unless => 'test -f /usr/bin/pm2', + require => Package['nodejs'], + } +} diff --git a/manifests/postgres.pp b/manifests/postgres.pp new file mode 100644 index 0000000..53b7da9 --- /dev/null +++ b/manifests/postgres.pp @@ -0,0 +1,6 @@ +# comment +class egg::postgres () { + package { ['postgres', 'postgresql-contrib'] : + ensure => 'installed', + } +} diff --git a/metadata.json b/metadata.json index ab83773..fddf1c3 100644 --- a/metadata.json +++ b/metadata.json @@ -64,7 +64,7 @@ "version_requirement": ">= 5.5.10 < 6.0.0" } ], - "pdk-version": "2.7.1", + "pdk-version": "3.0.0", "template-url": "https://gitlab.it.liu.se/puppet-infra/pdk-templates.git#liu", - "template-ref": "heads/liu-0-g6052ec1" + "template-ref": "heads/liu-0-g73ba36b" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index ee9e003..3f9a6c7 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -28,8 +28,8 @@ default_fact_files.each do |f| next unless File.exist?(f) && File.readable?(f) && File.size?(f) begin - default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) - rescue => e + default_facts.merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) + rescue StandardError => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end end -- GitLab From d3058944f77e4185318272c93f3b0998cedbb5d2 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Fri, 13 Oct 2023 15:14:46 +0200 Subject: [PATCH 03/17] typo --- manifests/nginx.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/nginx.pp b/manifests/nginx.pp index 9e6866c..713b99d 100644 --- a/manifests/nginx.pp +++ b/manifests/nginx.pp @@ -27,4 +27,4 @@ class egg::nginx () { zone => 'liu', service => 'http', } - +} -- GitLab From 02779078deb5690eae8835a9378850b9d86ce849 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Fri, 13 Oct 2023 15:17:10 +0200 Subject: [PATCH 04/17] typo --- manifests/nodejs.pp | 2 +- manifests/postgres.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/nodejs.pp b/manifests/nodejs.pp index d065b2a..4b2d271 100644 --- a/manifests/nodejs.pp +++ b/manifests/nodejs.pp @@ -1,6 +1,6 @@ # Intelligent cement class egg::nodejs () { - package { 'nodejs': + package { 'nodejs': ensure => 'installed', } exec { 'install pm2': diff --git a/manifests/postgres.pp b/manifests/postgres.pp index 53b7da9..9607715 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -1,6 +1,6 @@ # comment class egg::postgres () { - package { ['postgres', 'postgresql-contrib'] : + package { ['postgresql', 'postgresql-contrib']: ensure => 'installed', } } -- GitLab From b18595ee0afb140977fdc45fcb383be1e00c3871 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Fri, 13 Oct 2023 15:28:03 +0200 Subject: [PATCH 05/17] typo --- manifests/nginx.pp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/manifests/nginx.pp b/manifests/nginx.pp index 713b99d..a2b4568 100644 --- a/manifests/nginx.pp +++ b/manifests/nginx.pp @@ -12,9 +12,10 @@ class egg::nginx () { # notify => Service['nginx'], # } file { '/etc/nginx/conf.d/eggsample.conf': - ensure => 'present', - source => "puppet:///modules/${module_name}/eggsample.conf", - notify => Service['nginx'], + ensure => 'present', + source => "puppet:///modules/${module_name}/eggsample.conf", + notify => Service['nginx'], + require => Package['nginx'], } # Housekeeping -- GitLab From fd2110ceb77f3eb02dc8c6de1ec02b3fbb7bd685 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Fri, 13 Oct 2023 15:32:15 +0200 Subject: [PATCH 06/17] fix --- manifests/nodejs.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/nodejs.pp b/manifests/nodejs.pp index 4b2d271..258a269 100644 --- a/manifests/nodejs.pp +++ b/manifests/nodejs.pp @@ -2,11 +2,11 @@ class egg::nodejs () { package { 'nodejs': ensure => 'installed', + notify => Exec['install pm2'], } exec { 'install pm2': command => 'npm install pm2 -g', path => ['/bin','/usr/bin'], - refreshonly => true, unless => 'test -f /usr/bin/pm2', require => Package['nodejs'], } -- GitLab From 0212300f126c2ffd2184441f2404d8b7ac7d19a3 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Mon, 16 Oct 2023 10:28:12 +0200 Subject: [PATCH 07/17] addnet --- manifests/init.pp | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index 1a83497..f8d3bd0 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -45,4 +45,17 @@ class egg ( family => 'ipv4', zone => 'liu', } + server_firewall::address_set { 'liu_itn_vpn': + addresses => [ + '10.8.0.0/16', + ], + } + + firewalld_rich_rule { 'allow ssh via itn vpn': + action => 'accept', + service => 'ssh', + source => { 'ipset' => 'liu_itn_vpn_v4', }, + family => 'ipv4', + zone => 'liu', + } } -- GitLab From 734856eced077e3ad5724a3e9d6d3ba9ee83d01e Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Mon, 13 Nov 2023 10:30:40 +0100 Subject: [PATCH 08/17] addserverpackofpostgresGrr --- manifests/postgres.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index 9607715..8c9ba38 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -1,6 +1,6 @@ # comment class egg::postgres () { - package { ['postgresql', 'postgresql-contrib']: + package { ['postgresql', 'postgresql-server', 'postgresql-contrib']: ensure => 'installed', } } -- GitLab From a64550ad5ae576c751fd76620e2236c9d969eab6 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Mon, 13 Nov 2023 10:50:00 +0100 Subject: [PATCH 09/17] startpostgresaswell --- manifests/postgres.pp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index 8c9ba38..a4b3957 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -3,4 +3,7 @@ class egg::postgres () { package { ['postgresql', 'postgresql-server', 'postgresql-contrib']: ensure => 'installed', } + service { 'postgresql': + ensure => 'running', + enable => true, } -- GitLab From ed0c97bf839a2117594538e6ee19eaea66462d74 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Mon, 13 Nov 2023 10:51:18 +0100 Subject: [PATCH 10/17] typo --- manifests/postgres.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index a4b3957..dabf3f6 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -6,4 +6,5 @@ class egg::postgres () { service { 'postgresql': ensure => 'running', enable => true, + } } -- GitLab From 539b67e1f83281c5480354042629a9b80d8e01a4 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Mon, 13 Nov 2023 16:37:06 +0100 Subject: [PATCH 11/17] addDB --- manifests/postgres.pp | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index dabf3f6..d6985db 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -4,7 +4,14 @@ class egg::postgres () { ensure => 'installed', } service { 'postgresql': - ensure => 'running', - enable => true, + ensure => 'running', + enable => true, + require => Package['postgresql-server'], + } + postgresql::server::db { 'nta-digital_nodejs': + user => 'postgres', + encoding => 'UTF8', + locale => 'en_US.UTF-8', + require => Service['postgresql'], } } -- GitLab From be76ef6fbe8708f83f3268213b50ee769bd65c33 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Mon, 13 Nov 2023 16:43:06 +0100 Subject: [PATCH 12/17] norequireservice --- manifests/postgres.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index d6985db..264dcac 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -12,6 +12,5 @@ class egg::postgres () { user => 'postgres', encoding => 'UTF8', locale => 'en_US.UTF-8', - require => Service['postgresql'], } } -- GitLab From 132b663eb423fd34e34f41d87b5f80ca7b85ecd3 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Mon, 13 Nov 2023 16:49:47 +0100 Subject: [PATCH 13/17] dothisrightinstead --- manifests/postgres.pp | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index 264dcac..593c715 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -1,13 +1,10 @@ # comment class egg::postgres () { - package { ['postgresql', 'postgresql-server', 'postgresql-contrib']: + package { ['postgresql', 'postgresql-contrib']: ensure => 'installed', } - service { 'postgresql': - ensure => 'running', - enable => true, - require => Package['postgresql-server'], - } + class { 'postgresql::server': } + postgresql::server::db { 'nta-digital_nodejs': user => 'postgres', encoding => 'UTF8', -- GitLab From 9e7a92c2fcb689a8f73989e9b27173bfeac78405 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Mon, 13 Nov 2023 17:05:00 +0100 Subject: [PATCH 14/17] dumilde.... --- manifests/postgres.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index 593c715..55d0e97 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -6,7 +6,7 @@ class egg::postgres () { class { 'postgresql::server': } postgresql::server::db { 'nta-digital_nodejs': - user => 'postgres', + user => 'nilpa76', encoding => 'UTF8', locale => 'en_US.UTF-8', } -- GitLab From b74126559a99a275997470ed95282748a5a5788b Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Tue, 14 Nov 2023 13:16:19 +0100 Subject: [PATCH 15/17] addpg_hbarules --- manifests/postgres.pp | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index 55d0e97..51a1e4a 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -10,4 +10,27 @@ class egg::postgres () { encoding => 'UTF8', locale => 'en_US.UTF-8', } + + postgresql::server::pg_hba_rule { 'allow local access as postgres user': + type => 'local', + database => 'all', + user => 'postgres', + auth_method => 'ident', + } + + postgresql::server::pg_hba_rule { 'allow localhost access': + type => 'host', + database => 'all', + user => 'all', + address => '127.0.0.1/32', + auth_method => 'md5', + } + + postgresql::server::pg_hba_rule { 'allow ipv6 localhost access': + type => 'host', + database => 'all', + user => 'all', + address => '::1/128', + auth_method => 'md5', + } } -- GitLab From ee5325f9755ed1b932cf5193fdcf2c8d988cc04c Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Tue, 14 Nov 2023 14:06:04 +0100 Subject: [PATCH 16/17] fixpg_hbarules --- manifests/postgres.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index 51a1e4a..ff17885 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -15,7 +15,7 @@ class egg::postgres () { type => 'local', database => 'all', user => 'postgres', - auth_method => 'ident', + auth_method => 'trust', } postgresql::server::pg_hba_rule { 'allow localhost access': @@ -23,7 +23,7 @@ class egg::postgres () { database => 'all', user => 'all', address => '127.0.0.1/32', - auth_method => 'md5', + auth_method => 'trust', } postgresql::server::pg_hba_rule { 'allow ipv6 localhost access': @@ -31,6 +31,6 @@ class egg::postgres () { database => 'all', user => 'all', address => '::1/128', - auth_method => 'md5', + auth_method => 'trust', } } -- GitLab From 6f11c05b75919994af788c7b68ed229e3e813501 Mon Sep 17 00:00:00 2001 From: Nils Olof Paulsson <nils.olof.paulsson@liu.se> Date: Wed, 15 Nov 2023 11:31:46 +0100 Subject: [PATCH 17/17] allowallonlocalhost --- manifests/postgres.pp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/manifests/postgres.pp b/manifests/postgres.pp index ff17885..a2f0b74 100644 --- a/manifests/postgres.pp +++ b/manifests/postgres.pp @@ -3,7 +3,9 @@ class egg::postgres () { package { ['postgresql', 'postgresql-contrib']: ensure => 'installed', } - class { 'postgresql::server': } + class { 'postgresql::server': + pg_hba_conf_defaults => false, + } postgresql::server::db { 'nta-digital_nodejs': user => 'nilpa76', @@ -14,7 +16,7 @@ class egg::postgres () { postgresql::server::pg_hba_rule { 'allow local access as postgres user': type => 'local', database => 'all', - user => 'postgres', + user => 'all', auth_method => 'trust', } -- GitLab