diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 0000000..08c6abf --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,4 @@ +{ + "name": "VoxBox", + "image": "ghcr.io/voxpupuli/voxbox:latest" +} diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..ecb10a8 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,15 @@ +# editorconfig.org + +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +root = true + +[*] +charset = utf-8 +end_of_line = lf +indent_size = 2 +tab_width = 2 +indent_style = space +insert_final_newline = true +trim_trailing_whitespace = true diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100644 index 0000000..593e7aa --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,26 @@ + + +## Affected Puppet, Ruby, OS and module versions/distributions + +- Puppet: +- Ruby: +- Distribution: +- Module version: + +## How to reproduce (e.g Puppet code you use) + +## What are you seeing + +## What behaviour did you expect instead + +## Output log + +## Any additional information you'd like to impart diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..342807b --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,20 @@ + +#### Pull Request (PR) description + + +#### This Pull Request (PR) fixes the following issues + diff --git a/.github/labeler.yml b/.github/labeler.yml new file mode 100644 index 0000000..f2d08d6 --- /dev/null +++ b/.github/labeler.yml @@ -0,0 +1,6 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +skip-changelog: + - head-branch: ['^release-*', 'release'] diff --git a/.github/release.yml b/.github/release.yml new file mode 100644 index 0000000..f5b5d7a --- /dev/null +++ b/.github/release.yml @@ -0,0 +1,42 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +# https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes + +changelog: + exclude: + labels: + - duplicate + - invalid + - modulesync + - question + - skip-changelog + - wont-fix + - wontfix + + categories: + - title: Breaking Changes 🛠 + labels: + - backwards-incompatible + + - title: New Features 🎉 + labels: + - enhancement + + - title: Bug Fixes 🐛 + labels: + - bug + + - title: Documentation Updates 📚 + labels: + - documentation + - docs + + - title: Dependency Updates ⬆️ + labels: + - dependencies + + - title: Other Changes + labels: + - "*" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..9680f3d --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,25 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +name: CI + +# yamllint disable-line rule:truthy +on: + pull_request: {} + push: + branches: + - main + - master + +concurrency: + group: ${{ github.ref_name }} + cancel-in-progress: true + +permissions: + contents: read + +jobs: + puppet: + name: Puppet + uses: voxpupuli/gha-puppet/.github/workflows/basic.yml@v4 diff --git a/.github/workflows/create_tag.yml b/.github/workflows/create_tag.yml new file mode 100644 index 0000000..27bffb5 --- /dev/null +++ b/.github/workflows/create_tag.yml @@ -0,0 +1,22 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +name: Create Git tag + +on: + workflow_dispatch: + +permissions: {} + +jobs: + create_tag: + uses: 'voxpupuli/gha-puppet/.github/workflows/create_tag.yml@v4' + with: + allowed_owner: 'ULHPC' + git_name: 'ulhpc-bot' + git_email: '282622861+ULHPC-bot@users.noreply.github.com' + secrets: + # Configure secrets here: + # https://docs.github.com/en/actions/security-guides/encrypted-secrets + ssh_private_key: ${{ secrets.PCCI_SSH_PRIVATE_KEY }} diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml new file mode 100644 index 0000000..eacd0b3 --- /dev/null +++ b/.github/workflows/labeler.yml @@ -0,0 +1,22 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +name: "Pull Request Labeler" + +# yamllint disable-line rule:truthy +on: + pull_request_target: {} + +permissions: + contents: read + pull-requests: write + +jobs: + labeler: + permissions: + contents: read + pull-requests: write + runs-on: ubuntu-latest + steps: + - uses: actions/labeler@v5 diff --git a/.github/workflows/prepare_release.yml b/.github/workflows/prepare_release.yml new file mode 100644 index 0000000..3932ce4 --- /dev/null +++ b/.github/workflows/prepare_release.yml @@ -0,0 +1,30 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +name: 'Prepare Release' + +on: + workflow_dispatch: + inputs: + version: + description: 'Module version to be released. Must be a valid semver string without leading v. (1.2.3)' + required: false + +permissions: + contents: write + pull-requests: write + +jobs: + release_prep: + uses: 'voxpupuli/gha-puppet/.github/workflows/prepare_release.yml@v4' + with: + version: ${{ github.event.inputs.version }} + allowed_owner: 'ULHPC' + git_name: 'ulphc-bot' + git_email: '282622861+ULHPC-bot@users.noreply.github.com' + secrets: + # Configure secrets here: + # https://docs.github.com/en/actions/security-guides/encrypted-secrets + github_pat: '${{ secrets.PCCI_PAT_RELEASE_PREP }}' + ssh_private_key: '${{ secrets.PCCI_SSH_PRIVATE_KEY }}' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..6f7b711 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,28 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +name: Release + +# yamllint disable-line rule:truthy +on: + push: + tags: + # https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#onpushbranchestagsbranches-ignoretags-ignore + # https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#filter-pattern-cheat-sheet + - 'v[0-9]+.[0-9]+.[0-9]+' + +permissions: + contents: write + +jobs: + release: + name: Release + uses: voxpupuli/gha-puppet/.github/workflows/release.yml@v4 + with: + allowed_owner: 'ULHPC' + secrets: + # Configure secrets here: + # https://docs.github.com/en/actions/security-guides/encrypted-secrets + username: ${{ secrets.PUPPET_FORGE_USERNAME }} + api_key: ${{ secrets.PUPPET_FORGE_API_KEY }} diff --git a/.gitignore b/.gitignore index bdfa39c..adea1b0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,25 @@ -.DS_Store -.vagrant -/.bundle/* -.falkor* -/pkg/* +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +/pkg/ +/Gemfile.lock +/Gemfile.local +/vendor/ +/.vendor/ +/spec/fixtures/manifests/ +/spec/fixtures/modules/ +/.vagrant/ +/.bundle/ +/.ruby-version +/coverage/ +/log/ +/.idea/ +/.dependencies/ +/.librarian/ +/Puppetfile.lock +*.iml +.*.sw? +/.yardoc/ +/Guardfile +bolt-debug.log +.rerun.json diff --git a/.msync.yml b/.msync.yml new file mode 100644 index 0000000..bfb9bee --- /dev/null +++ b/.msync.yml @@ -0,0 +1,5 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +modulesync_config_version: '10.8.0' diff --git a/.overcommit.yml b/.overcommit.yml new file mode 100644 index 0000000..4ed994c --- /dev/null +++ b/.overcommit.yml @@ -0,0 +1,67 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ +# +# Hooks are only enabled if you take action. +# +# To enable the hooks run: +# +# ``` +# bundle exec overcommit --install +# # ensure .overcommit.yml does not harm to you and then +# bundle exec overcommit --sign +# ``` +# +# (it will manage the .git/hooks directory): +# +# Examples howto skip a test for a commit or push: +# +# ``` +# SKIP=RuboCop git commit +# SKIP=PuppetLint git commit +# SKIP=RakeTask git push +# ``` +# +# Don't invoke overcommit at all: +# +# ``` +# OVERCOMMIT_DISABLE=1 git commit +# ``` +# +# Read more about overcommit: https://github.com/brigade/overcommit +# +# To manage this config yourself in your module add +# +# ``` +# .overcommit.yml: +# unmanaged: true +# ``` +# +# to your modules .sync.yml config +--- +PreCommit: + RuboCop: + enabled: true + description: 'Runs rubocop on modified files only' + command: ['bundle', 'exec', 'rubocop'] + RakeTarget: + enabled: true + description: 'Runs lint on modified files only' + targets: + - 'lint' + command: ['bundle', 'exec', 'rake'] + YamlSyntax: + enabled: true + JsonSyntax: + enabled: true + TrailingWhitespace: + enabled: true + +PrePush: + RakeTarget: + enabled: true + description: 'Run rake targets' + targets: + - 'validate' + - 'test' + - 'rubocop' + command: ['bundle', 'exec', 'rake'] diff --git a/.pmtignore b/.pmtignore index 3843c63..a9d37aa 100644 --- a/.pmtignore +++ b/.pmtignore @@ -1,2 +1,39 @@ -docs/ -site/ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +/docs/ +/pkg/ +/Gemfile +/Gemfile.lock +/Gemfile.local +/vendor/ +/.vendor/ +/spec/ +/Rakefile +/.vagrant/ +/.bundle/ +/.ruby-version +/coverage/ +/log/ +/.idea/ +/.dependencies/ +/.github/ +/.librarian/ +/Puppetfile.lock +/Puppetfile +*.iml +/.editorconfig +/.fixtures.yml +/.gitignore +/.msync.yml +/.overcommit.yml +/.pmtignore +/.rspec +/.rspec_parallel +/.rubocop.yml +/.sync.yml +.*.sw? +/.yardoc/ +/.yardopts +/Dockerfile +/HISTORY.md diff --git a/.puppet-lint.rc b/.puppet-lint.rc new file mode 100644 index 0000000..05d28a2 --- /dev/null +++ b/.puppet-lint.rc @@ -0,0 +1,6 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +--fail-on-warnings +--no-parameter_documentation-check +--no-parameter_types-check diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..53ac189 --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,6 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +inherit_gem: + voxpupuli-test: rubocop.yml diff --git a/.ruby-gemset b/.ruby-gemset deleted file mode 100644 index 17cb753..0000000 --- a/.ruby-gemset +++ /dev/null @@ -1 +0,0 @@ -puppet diff --git a/.ruby-version b/.ruby-version deleted file mode 100644 index 351227f..0000000 --- a/.ruby-version +++ /dev/null @@ -1 +0,0 @@ -3.2.4 diff --git a/Gemfile b/Gemfile index 1878b3f..1283982 100644 --- a/Gemfile +++ b/Gemfile @@ -1,38 +1,28 @@ -# A sample Gemfile -source "https://rubygems.org" +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ -gem 'falkorlib', git: 'https://github.com/Falkor/falkorlib.git', ref: 'ed25efb' - -gem 'puppet-syntax', '< 6.0.0' +source ENV['GEM_SOURCE'] || 'https://rubygems.org' group :test do - gem "rake" - gem "puppet", ENV['PUPPET_GEM_VERSION'] || '~> 7' - gem "pdk" - gem "rspec", '< 3.2.0' - gem "rspec-puppet" - gem "puppetlabs_spec_helper" - gem "metadata-json-lint" - gem "rspec-puppet-facts" - gem 'rubocop', '~> 0.51' - gem 'simplecov', '>= 0.11.0' - gem 'simplecov-console' - - #gem 'puppet-lint', '>= 0.3.2' - gem "puppet-lint-absolute_classname-check" - gem "puppet-lint-leading_zero-check" - gem "puppet-lint-trailing_comma-check" - gem "puppet-lint-version_comparison-check" - gem "puppet-lint-classes_and_types_beginning_with_digits-check" - gem "puppet-lint-unquoted_string-check" - gem 'puppet-lint-resource_reference_syntax' - gem 'semantic_puppet' - - gem 'json_pure', '<= 2.0.1' if RUBY_VERSION < '2.0.0' + gem 'voxpupuli-test', '~> 14.0', :require => false + gem 'puppet_metadata', '~> 6.1', :require => false +end + +group :development do + gem 'guard-rake', :require => false + gem 'overcommit', '>= 0.39.1', :require => false end group :system_tests do - gem "beaker", '~> 6.1.0' - gem "beaker-rspec" - gem "beaker-puppet_install_helper" + gem 'voxpupuli-acceptance', '~> 4.4', :require => false +end + +group :release do + gem 'voxpupuli-release', '~> 5.3', :require => false end + +gem 'rake', :require => false + +gem 'openvox', ENV.fetch('OPENVOX_GEM_VERSION', [">= 7", "< 9"]), :require => false, :groups => [:test] + +# vim: syntax=ruby diff --git a/Gemfile.lock b/Gemfile.lock deleted file mode 100644 index 379dfbf..0000000 --- a/Gemfile.lock +++ /dev/null @@ -1,325 +0,0 @@ -GIT - remote: https://github.com/Falkor/falkorlib.git - revision: ed25efbf2d98685bf2fc9d61d0ff2f14ef8e7cc8 - ref: ed25efb - specs: - falkorlib (0.9.1) - activesupport (~> 6.1, >= 6.1.7.5) - artii (~> 2.1, >= 2.1.2) - awesome_print (~> 1.9, >= 1.9.2) - configatron (~> 3.0) - deep_merge (~> 1.0) - diffy (~> 3.4, >= 3.4.2) - facter (~> 4.6.1) - git_remote_branch (~> 0) - json (~> 2.6, >= 2.6.3) - license-generator (~> 0) - logger (~> 1.6) - minigit (~> 0) - rake (~> 13.1) - term-ansicolor (> 1.3) - thor (~> 1.3) - -GEM - remote: https://rubygems.org/ - specs: - activesupport (6.1.7.10) - concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (>= 1.6, < 2) - minitest (>= 5.1) - tzinfo (~> 2.0) - zeitwerk (~> 2.3) - addressable (2.8.7) - public_suffix (>= 2.0.2, < 7.0) - ansi (1.5.0) - artii (2.1.2) - ast (2.4.3) - awesome_print (1.9.2) - base64 (0.3.0) - bcrypt_pbkdf (1.1.1) - beaker (6.1.0) - bcrypt_pbkdf (>= 1.0, < 2.0) - beaker-hostgenerator (~> 2.0) - ed25519 (>= 1.2, < 2.0) - hocon (~> 1.0) - in-parallel (>= 0.1, < 2.0) - inifile (~> 3.0) - minitar (~> 0.6) - minitest (~> 5.4) - net-scp (>= 1.2, < 5.0) - net-ssh (~> 7.1) - rexml (~> 3.2, >= 3.2.5) - rsync (~> 1.0.9) - stringify-hash (~> 0.0) - thor (>= 1.0.1, < 2.0) - beaker-hostgenerator (2.24.0) - deep_merge (~> 1.0) - beaker-puppet_install_helper (0.9.4) - beaker (>= 2.0) - beaker-rspec (8.3.0) - beaker (>= 4.0, < 7) - rspec (~> 3.0) - serverspec (~> 2) - specinfra (~> 2) - bigdecimal (3.2.2) - childprocess (5.1.0) - logger (~> 1.5) - concurrent-ruby (1.3.5) - configatron (3.2.0) - cri (2.15.12) - deep_merge (1.2.2) - diff-lcs (1.6.2) - diffy (3.4.4) - docile (1.4.1) - ed25519 (1.4.0) - facter (4.6.1) - hocon (~> 1.3) - thor (>= 1.0.1, < 2.0) - facterdb (3.9.0) - jgrep (~> 1.5, >= 1.5.4) - faraday (2.13.4) - faraday-net_http (>= 2.0, < 3.5) - json - logger - faraday-follow_redirects (0.3.0) - faraday (>= 1, < 3) - faraday-net_http (3.4.1) - net-http (>= 0.5.0) - fast_gettext (2.4.0) - prime - ffi (1.17.2-x86_64-linux-gnu) - forwardable (1.3.3) - git_remote_branch (0.3.8) - hiera (3.12.0) - hitimes (2.0.0) - hocon (1.4.0) - i18n (1.14.7) - concurrent-ruby (~> 1.0) - in-parallel (1.0.1) - inifile (3.0.0) - jgrep (1.5.4) - json (2.13.2) - json-schema (5.2.1) - addressable (~> 2.8) - bigdecimal (~> 3.1) - license-generator (0.4.1) - thor - locale (2.1.4) - logger (1.7.0) - metadata-json-lint (4.2.1) - json-schema (>= 2.8, < 6.0) - semantic_puppet (~> 1.0) - spdx-licenses (~> 1.0) - minigit (0.0.4) - minitar (0.12.1) - minitest (5.25.5) - mocha (2.7.1) - ruby2_keywords (>= 0.0.5) - multi_json (1.17.0) - net-http (0.6.0) - uri - net-scp (4.1.0) - net-ssh (>= 2.6.5, < 8.0.0) - net-ssh (7.3.0) - net-telnet (0.2.0) - parallel (1.27.0) - parser (3.3.9.0) - ast (~> 2.4.1) - racc - pastel (0.8.0) - tty-color (~> 0.5) - pathspec (1.1.3) - pdk (3.4.0) - bundler (>= 2.1.0, < 3.0.0) - childprocess (~> 5.0) - cri (~> 2.15.11) - deep_merge (~> 1.2.2) - diff-lcs (>= 1.5.0) - ffi (>= 1.15.5, < 2.0.0) - hitimes (= 2.0.0) - json-schema (~> 5.0) - minitar (~> 0.8) - pathspec (~> 1.1) - puppet-modulebuilder (~> 1.0) - puppet_forge (~> 5.0) - tty-prompt (~> 0.23) - tty-spinner (~> 0.9) - tty-which (~> 0.5) - prime (0.1.4) - forwardable - singleton - prism (1.4.0) - public_suffix (6.0.2) - puppet (7.34.0) - concurrent-ruby (~> 1.0) - deep_merge (~> 1.0) - facter (> 2.0.1, < 5) - fast_gettext (>= 1.1, < 3) - hiera (>= 3.2.1, < 4) - locale (~> 2.1) - multi_json (~> 1.10) - puppet-resource_api (~> 1.5) - scanf (~> 1.0) - semantic_puppet (~> 1.0) - puppet-lint (2.5.2) - puppet-lint-absolute_classname-check (3.1.0) - puppet-lint (>= 1.0, < 4) - puppet-lint-classes_and_types_beginning_with_digits-check (1.0.0) - puppet-lint (>= 1.0, < 3.0) - puppet-lint-leading_zero-check (1.1.0) - puppet-lint (>= 1.0, < 4.0) - puppet-lint-resource_reference_syntax (1.2.0) - puppet-lint (>= 1.0, < 4) - puppet-lint-trailing_comma-check (1.0.0) - puppet-lint (>= 1.0, < 4) - puppet-lint-unquoted_string-check (2.2.0) - puppet-lint (>= 2.1, < 4) - puppet-lint-version_comparison-check (1.1.0) - puppet-lint (>= 1.0, < 4) - puppet-modulebuilder (1.1.0) - minitar (~> 0.9) - pathspec (>= 0.2.1, < 3.0.0) - puppet-resource_api (1.9.0) - hocon (>= 1.0) - puppet-syntax (5.0.0) - puppet (>= 7, < 9) - rake (~> 13.1) - puppet_forge (5.0.4) - faraday (~> 2.0) - faraday-follow_redirects (~> 0.3.0) - minitar (< 1.0.0) - semantic_puppet (~> 1.0) - puppetlabs_spec_helper (1.1.1) - mocha - puppet-lint - puppet-syntax - rake - rspec-puppet - racc (1.8.1) - rainbow (3.1.1) - rake (13.3.0) - regexp_parser (2.11.0) - rexml (3.4.2) - rspec (3.1.0) - rspec-core (~> 3.1.0) - rspec-expectations (~> 3.1.0) - rspec-mocks (~> 3.1.0) - rspec-core (3.1.7) - rspec-support (~> 3.1.0) - rspec-expectations (3.1.2) - diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.1.0) - rspec-its (1.3.1) - rspec-core (>= 3.0.0) - rspec-expectations (>= 3.0.0) - rspec-mocks (3.1.3) - rspec-support (~> 3.1.0) - rspec-puppet (5.0.0) - rspec (~> 3.0) - rspec-puppet-facts (5.4.0) - deep_merge (~> 1.2) - facter (< 5) - facterdb (~> 3.1) - rspec-support (3.1.2) - rsync (1.0.9) - rubocop (0.93.1) - parallel (~> 1.10) - parser (>= 2.7.1.5) - rainbow (>= 2.2.2, < 4.0) - regexp_parser (>= 1.8) - rexml - rubocop-ast (>= 0.6.0) - ruby-progressbar (~> 1.7) - unicode-display_width (>= 1.4.0, < 2.0) - rubocop-ast (1.46.0) - parser (>= 3.3.7.2) - prism (~> 1.4) - ruby-progressbar (1.13.0) - ruby2_keywords (0.0.5) - scanf (1.0.0) - semantic_puppet (1.1.1) - serverspec (2.43.0) - multi_json - rspec (~> 3.0) - rspec-its - specinfra (~> 2.72) - sfl (2.3) - simplecov (0.22.0) - docile (~> 1.1) - simplecov-html (~> 0.11) - simplecov_json_formatter (~> 0.1) - simplecov-console (0.9.4) - ansi - simplecov - terminal-table - simplecov-html (0.13.2) - simplecov_json_formatter (0.1.4) - singleton (0.3.0) - spdx-licenses (1.3.0) - specinfra (2.94.1) - base64 - net-scp - net-ssh (>= 2.7) - net-telnet - sfl - stringify-hash (0.0.2) - sync (0.5.0) - term-ansicolor (1.11.2) - tins (~> 1.0) - terminal-table (4.0.0) - unicode-display_width (>= 1.1.1, < 4) - thor (1.4.0) - tins (1.39.1) - bigdecimal - sync - tty-color (0.6.0) - tty-cursor (0.7.1) - tty-prompt (0.23.1) - pastel (~> 0.8) - tty-reader (~> 0.8) - tty-reader (0.9.0) - tty-cursor (~> 0.7) - tty-screen (~> 0.8) - wisper (~> 2.0) - tty-screen (0.8.2) - tty-spinner (0.9.3) - tty-cursor (~> 0.7) - tty-which (0.5.0) - tzinfo (2.0.6) - concurrent-ruby (~> 1.0) - unicode-display_width (1.8.0) - uri (1.0.4) - wisper (2.0.1) - zeitwerk (2.7.3) - -PLATFORMS - x86_64-linux - -DEPENDENCIES - beaker (~> 6.1.0) - beaker-puppet_install_helper - beaker-rspec - falkorlib! - metadata-json-lint - pdk - puppet (~> 7) - puppet-lint-absolute_classname-check - puppet-lint-classes_and_types_beginning_with_digits-check - puppet-lint-leading_zero-check - puppet-lint-resource_reference_syntax - puppet-lint-trailing_comma-check - puppet-lint-unquoted_string-check - puppet-lint-version_comparison-check - puppet-syntax (< 6.0.0) - puppetlabs_spec_helper - rake - rspec (< 3.2.0) - rspec-puppet - rspec-puppet-facts - rubocop (~> 0.51) - semantic_puppet - simplecov (>= 0.11.0) - simplecov-console - -BUNDLED WITH - 2.4.19 diff --git a/LICENSE b/LICENSE index fffe642..f288702 100644 --- a/LICENSE +++ b/LICENSE @@ -1,18 +1,7 @@ -Copyright (C) 2016 S., Varrette,, H., Cartiaux,, V., Plugaru,, S., Diehl, aka., UL, HPC, Management, Team - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 - Copyright (C) 2007 Free Software Foundation, Inc. + Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. @@ -627,4 +616,59 @@ above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a -copy of the Program in return for a fee. \ No newline at end of file +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/README.md b/README.md index 23fa64d..11f05b4 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,3 @@ --*- mode: markdown; mode: visual-line; -*- - # Bind Puppet Module [![Puppet Forge](http://img.shields.io/puppetforge/v/ULHPC/bind.svg)](https://forge.puppetlabs.com/ULHPC/bind) @@ -8,7 +6,7 @@ Configure and manage bind - Copyright (c) 2018 UL HPC Team + Copyright (c) 2026 UL HPC Team | [Project Page](https://github.com/ULHPC/puppet-bind) | [Sources](https://github.com/ULHPC/puppet-bind) | [Issues](https://github.com/ULHPC/puppet-bind/issues) | @@ -33,9 +31,6 @@ This module implements the following elements: All these components are configured through a set of variables you will find in [`manifests/params.pp`](manifests/params.pp). -_Note_: the various operations that can be conducted from this repository are piloted from a [`Rakefile`](https://github.com/ruby/rake) and assumes you have a running [Ruby](https://www.ruby-lang.org/en/) installation. -See `docs/contributing.md` for more details on the steps you shall follow to have this `Rakefile` working properly. - ## Dependencies See [`metadata.json`](metadata.json). In particular, this module depends on @@ -56,10 +51,10 @@ It accepts the following parameters: Use it as follows: - include ' bind' - -See also [`tests/init.pp`](tests/init.pp) - + class { 'bind': + ensure => 'present', + forwarders => [ '10.28.0.5' ] + } ### Definition `bind::resolver` @@ -72,12 +67,11 @@ This definition accepts the following parameters: Example: - bind::resolver { 'toto': - ensure => 'present', + bind::resolver { 'uni.lux': + nameservers => '10.28.0.5', + order => 10 } -See also [`tests/resolver.pp`](tests/resolver.pp) - ### Definition `bind::zone` The definition `bind::zone` provides ... @@ -89,13 +83,11 @@ This definition accepts the following parameters: Example: - bind::zone { 'toto': - ensure => 'present', + bind::zone { 'gaia-cluster.uni.lux': + source => "puppet:///private/gaia-cluster/db.gaia-cluster.uni.lux", + add_to_resolver => true } -See also [`tests/zone.pp`](tests/zone.pp) - - ## Librarian-Puppet / R10K Setup You can of course configure the bind module in your `Puppetfile` to make it available with [Librarian puppet](http://librarian-puppet.com/) or @@ -108,26 +100,17 @@ or, if you prefer to work on the git version: mod "ULHPC/bind", :git => 'https://github.com/ULHPC/puppet-bind', - :ref => 'production' - -## Issues / Feature request + :ref => 'main' -You can submit bug / issues / feature request using the [ULHPC/bind Puppet Module Tracker](https://github.com/ULHPC/puppet-bind/issues). -## Developments / Contributing to the code +## Developments / Issues / Contributing to the code -If you want to contribute to the code, you shall be aware of the way this module is organized. -These elements are detailed on [`docs/contributing.md`](contributing/index.md). +This Puppet Module has been implemented in the context of the [UL HPC](http://hpc.uni.lu) Platform of the [University of Luxembourg](http://www.uni.lu). +It relies on [Vox Pupuli modulesync](https://github.com/voxpupuli/modulesync) for its organization. +You can submit bugs / issues / feature requests using the [ULHPC/bind Puppet Module Tracker](https://github.com/ULHPC/puppet-bind/issues). You are more than welcome to contribute to its development by [sending a pull request](https://help.github.com/articles/using-pull-requests). -## Puppet modules tests within a Vagrant box - -The best way to test this module in a non-intrusive way is to rely on [Vagrant](http://www.vagrantup.com/). -The `Vagrantfile` at the root of the repository pilot the provisioning various vagrant boxes available on [Vagrant cloud](https://atlas.hashicorp.com/boxes/search?utf8=%E2%9C%93&sort=&provider=virtualbox&q=svarrette) you can use to test this module. - -See [`docs/vagrant.md`](vagrant.md) for more details. - ## Licence This project and the sources proposed within this repository are released under the terms of the [GPL-3.0](LICENCE) licence. diff --git a/Rakefile b/Rakefile index 6cc925b..22ce4bb 100644 --- a/Rakefile +++ b/Rakefile @@ -1,64 +1,36 @@ -############################################################################## -# Rakefile - Configuration file for rake (http://rake.rubyforge.org/) -# Time-stamp: -# -# Copyright (c) 2017 UL HPC Team -# ____ _ __ _ _ -# | _ \ __ _| | _____ / _(_) | ___ -# | |_) / _` | |/ / _ \ |_| | |/ _ \ -# | _ < (_| | < __/ _| | | __/ -# |_| \_\__,_|_|\_\___|_| |_|_|\___| -# -# Use 'rake -T' to list the available actions -# -# Resources: -# * http://www.stuartellis.eu/articles/rake/ -# -# See also https://github.com/garethr/puppet-module-skeleton -############################################################################## -require 'falkorlib' -#require 'puppetlabs_spec_helper/rake_tasks' +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ -## placeholder for custom configuration of FalkorLib.config.* -## See https://github.com/Falkor/falkorlib - -# Adapt the versioning aspects -FalkorLib.config.versioning do |c| - c[:type] = 'puppet_module' +begin + require 'voxpupuli/test/rake' +rescue LoadError + # only available if gem group test is installed end -# Adapt the Git flow aspects -FalkorLib.config.gitflow do |c| - c[:branches] = { - :master => 'production', - :develop => 'devel' - } +begin + require 'voxpupuli/acceptance/rake' +rescue LoadError + # only available if gem group acceptance is installed end -require 'falkorlib/tasks/git' -require 'falkorlib/tasks/puppet' - -Rake::Task['puppet:module:build'].clear +begin + require 'voxpupuli/release/rake_tasks' +rescue LoadError + # only available if gem group releases is installed +else + GCGConfig.user = 'ULHPC' + GCGConfig.project = 'puppet-bind' +end -namespace :puppet do - namespace :module do - ########### puppet:module:build ########### - desc "Build the puppet module to publish it on the Puppet Forge" - task :build do |t| - info(t.comment).to_s - run %( pdk build --force) - if File.exist?('metadata.json') - metadata = JSON.parse( IO.read( 'metadata.json' ) ) - name = metadata["name"] - version = metadata["version"] - run %( gunzip pkg/#{name}-#{version}.tar.gz) - run %( tar --numeric-owner -rvf pkg/#{name}-#{version}.tar --transform='s,^,#{name}-#{version}/,' metadata.json) - run %( gzip pkg/#{name}-#{version}.tar) - end - end # task build +desc "Run main 'test' task and report merged results to coveralls" +task test_with_coveralls: [:test] do + if Dir.exist?(File.expand_path('../lib', __FILE__)) + require 'coveralls/rake/task' + Coveralls::RakeTask.new + Rake::Task['coveralls:push'].invoke + else + puts 'Skipping reporting to coveralls. Module has no lib dir' end end -############################################################################## -#TOP_SRCDIR = File.expand_path(File.join(File.dirname(__FILE__), ".")) - +# vim: syntax=ruby diff --git a/Vagrantfile b/Vagrantfile deleted file mode 100644 index 0981c9b..0000000 --- a/Vagrantfile +++ /dev/null @@ -1,140 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : -# Time-stamp: -########################################################################################### -# __ __ _ __ _ _ -# \ \ / /_ _ __ _ _ __ __ _ _ __ | |_ / _(_) | ___ -# \ \ / / _` |/ _` | '__/ _` | '_ \| __| |_| | |/ _ \ -# \ V / (_| | (_| | | | (_| | | | | |_| _| | | __/ -# \_/ \__,_|\__, |_| \__,_|_| |_|\__|_| |_|_|\___| -# |___/ -########################################################################################### -require 'yaml' -require 'ipaddr' -require 'deep_merge' - -# Vagrantfile API/syntax version. Don't touch unless you know what you're doing! -VAGRANTFILE_API_VERSION = "2" -TOP_SRCDIR = File.expand_path File.dirname(__FILE__) -TOP_VAGRANT_TESTDIR = File.join(TOP_SRCDIR, 'tests', 'vagrant') -config_file = File.join(TOP_VAGRANT_TESTDIR, 'config.yaml') - -###### Expected Vagrant plugins detection ###### -# For more information on the below plugins: -# - https://github.com/oscar-stack/vagrant-hosts -# - https://github.com/dotless-de/vagrant-vbguest -# - https://github.com/emyl/vagrant-triggers -# - https://github.com/fgrehm/vagrant-cachier -# Terminal-table is a nice ruby gem for automatically print tables with nice layout -### -[ 'vagrant-hosts', 'vagrant-vbguest', 'vagrant-triggers', 'vagrant-cachier', 'terminal-table' ].each do |plugin| - abort "Install the '#{plugin}' plugin with 'vagrant plugin install #{plugin}'" unless Vagrant.has_plugin?("#{plugin}") -end -require 'terminal-table' - -### Default settings ### -DEFAULT_SETTINGS = { - :defaults => { - :os => :centos7, - :ram => 512, - :vcpus => 4, - :vbguest_auto_update => true, - }, - # Default domain settings - :network => { - :domain => 'vagrant.dev', - :range => '10.10.1.0/24', - :ip_offset => 10, - }, - # Default Boxes - :boxes => { - :centos7 => 'centos/7', - :debian8 => 'debian/contrib-jessie64', - :ubuntu14 => 'ubuntu/trusty64' - }, - :vms => { - 'default' => { } - }, -} - -# List of default provisioning scripts -DEFAULT_PROVISIONING_SCRIPTS = [ - "tests/vagrant/bootstrap.sh", - "tests/vagrant/puppet_modules_setup.rb" -] - -# Load the settings (eventually overwritten using values from the yaml file 'config.yaml') -settings = DEFAULT_SETTINGS.clone -if File.exist?(config_file) - config = YAML::load_file config_file - settings.deep_merge!( config ) if config -end -abort "Undefined settings" if settings.nil? - - -############################################################ -Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| - defaults = settings[:defaults] - network = settings[:network] - - ### Common configs shared by all VMs ### - # Cache plugin -- Supports local cache, so you don't wast bandwitdh - # vagrant plugin install vagrant-cachier # see https://github.com/fgrehm/vagrant-cachier - config.cache.auto_detect = true if Vagrant.has_plugin?("vagrant-cachier") - - # check if VirtualBox Guest Additions are up to date - if Vagrant.has_plugin?("vagrant-vbguest") - # set auto_update to false, if you do NOT want to check the correct - # additions version when booting these boxes - config.vbguest.auto_update = defaults[:vbguest_auto_update] - end - - # Shell provisioner, to setup minimal conditions for Puppet provisioning - DEFAULT_PROVISIONING_SCRIPTS.each do |script| - config.vm.provision "shell", path: "#{script}", keep_color: true - end - config.vm.synced_folder ".", "/vagrant", type: "virtualbox" - - # network settings - ipaddr = IPAddr.new network[:range] - ip_range = ipaddr.to_range.to_a - - # cosmetics for the post-up message - __table = { - :title => "Puppet Testing infrastructure deployed on Vagrant", - :headings => [ 'Name', 'Hostname', 'OS', 'vCPU/RAM', 'Description', 'IP' ], - :rows => [], - } - #__________________________________ - settings[:vms].each do |name, node| - boxname = defaults[:os].to_s.downcase.gsub(/([^\d]+)(\d+)/, '\\1-\\2') - name = boxname if name == 'default' - hostname = node[:hostname] ? node[:hostname] : name - domain = network[:domain] - fqdn = "#{hostname}.#{domain}" - os = node[:os] ? node[:os].to_sym : defaults[:os].to_sym - ram = node[:ram] ? node[:ram] : defaults[:ram] - vcpus = node[:vcpus] ? node[:vcpus] : defaults[:vcpus] - desc = node[:desc] ? node[:desc] : 'n/a' - - abort "Non-existing box OS '#{os}' for the VM '#{name}'" if settings[:boxes][os.to_sym].nil? - abort "Empty IP address range" if ip_range.empty? - ip = ip_range[ network[:ip_offset].to_i ].to_s - - config.vm.define "#{name}" do |c| - c.vm.box = settings[:boxes][os.to_sym] - c.vm.hostname = "#{fqdn}" - c.vm.network :private_network, :ip => ip - c.vm.provision :hosts, :sync_hosts => true - c.vm.provider "virtualbox" do |v| - v.customize [ 'modifyvm', :id, '--name', hostname, '--memory', ram.to_s ] - v.customize [ 'modifyvm', :id, '--cpus', vcpus.to_s ] if vcpus.to_i > 1 - end - __table[:rows] << [ name, fqdn, os.to_sym, "#{vcpus}/#{ram}", desc, ip] - end - end - - config.trigger.after :up do - puts Terminal::Table.new __table - end -end diff --git a/docs/contacts.md b/docs/contacts.md deleted file mode 100644 index d4aa363..0000000 --- a/docs/contacts.md +++ /dev/null @@ -1,5 +0,0 @@ -This Puppet Module has been implemented in the context of the [UL HPC](http://hpc.uni.lu) Platform of the [University of Luxembourg](http://www.uni.lu). -More precisely, the [UL HPC Team](https://hpc.uni.lu/about/team.html#system-administrators) took care of the development for this module. - -You can submit bug / issues / feature request using the [ULHPC/bind Puppet Module Tracker](https://github.com/ULHPC/puppet-bind/issues). -Alternatively, you can contact them on the following email address: `hpc-sysadmins@uni.lu` diff --git a/docs/contributing/index.md b/docs/contributing/index.md deleted file mode 100644 index 5bbcaf5..0000000 --- a/docs/contributing/index.md +++ /dev/null @@ -1,14 +0,0 @@ -This project is released under the terms of the [Gpl-3.0 Licence](LICENSE). -So you are more than welcome to contribute to its development as follows: - -1. Fork it -2. Create your feature branch (`rake git:feature:start[]`) -3. Commit your changes (`git commit -am 'Added some feature'`) -4. Push to the branch (`git flow feature publish `) -5. Create new Pull Request - -This assumes that you have understood the [directory tree structure](layout.md) of this Puppet module. - -There is also a number of pre-requisite programs / framework you shall install to be able to correctly contribute to this Puppet module. This is detailed in the [Repository Setup and Developments](setup.md) page. - -Finally, you shall be aware of the way the [semantic versioning](versioning.md) procedure of this Puppet module are handled. diff --git a/docs/contributing/layout.md b/docs/contributing/layout.md deleted file mode 100644 index 94fabfc..0000000 --- a/docs/contributing/layout.md +++ /dev/null @@ -1,32 +0,0 @@ -The directory hosting the implementation of this puppet module is organized as follows: - -``` -.gitignore # Git ignore file -.ruby-{version,gemset} # [RVM](https://rvm.io/) configuration -.vagrant_init.rb # Vagrant provisionner to test this module -├── Gemfile[.lock] # [Bundler](http://bundler.io/) configuration -├── LICENSE # Licence file -├── README.md # This file -├── Rakefile # Definition of the [rake](https://github.com/jimweirich/rake) tasks -├── Vagrantfile # Pilot Vagrant to test this module -├── docs/ # [Read the Docs](readthedocs.org) main directory -├── files/ # (eventually) Contains static files, which managed nodes can download -├── lib/ # (eventually) Custom facts/type/provider definitions -├── manifests/ -│   ├── init.pp # Main manifests file which defines the sudo class -│   ├── common/ -│   │   ├── debian.pp # Specific Debian setup for the main class -│   │   └── redhat.pp # Specific Redhat setup for the main class -│   ├── common.pp # Common class setup for all OS -│   ├── ... # Implementation of the other bind::* classes / definitions -│   └── params.pp # Class parameters -├── metadata.json # Puppet module configuration file -- See http://tinyurl.com/puppet-metadata-json -├── mkdocs.yml # [Read the Docs](readthedocs.org) configuration -├── pkg/ # Hold build packages to be published on the [Puppet forge](https://forge.puppetlabs.com/ULHPC/bind) -├── spec/ # (eventually) [Rspec](https://www.relishapp.com/rspec/) tests -├── templates/ # (eventually) Module ERB template files -└── tests/ # Tests cases for the module usage -``` - -Globally, this module follows the [official PuppetLabs guidelines for the predictable directory tree structure of Puppet modules](http://docs.puppetlabs.com/puppet/latest/reference/modules_fundamentals.html#module-layout). - diff --git a/docs/contributing/setup.md b/docs/contributing/setup.md deleted file mode 100644 index 1a2a1b4..0000000 --- a/docs/contributing/setup.md +++ /dev/null @@ -1,52 +0,0 @@ -There is a number of pre-requisite programs / framework you shall install to be able to correctly contribute to this Puppet module. - -### Git Branching Model - -The Git branching model for this repository follows the guidelines of [gitflow](http://nvie.com/posts/a-successful-git-branching-model/). -In particular, the central repository holds two main branches with an infinite lifetime: - -* `production`: the branch holding tags of the successive releases of this tutorial -* `devel`: the main branch where the sources are in a state with the latest delivered development changes for the next release. This is the *default* branch you get when you clone the repository, and the one on which developments will take places. - -You should therefore install [git-flow](https://github.com/nvie/gitflow), and probably also its associated [bash completion](https://github.com/bobthecow/git-flow-completion). - -### Ruby, [RVM](https://rvm.io/) and [Bundler](http://bundler.io/) - -The various operations that can be conducted from this repository are piloted -from a `Rakefile` and assumes you have a running Ruby installation. - -The bootstrapping of your repository is based on [RVM](https://rvm.io/), **thus -ensure this tools are installed on your system** -- see -[installation notes](https://rvm.io/rvm/install). - -The ruby stuff part of this repository corresponds to the following files: - -* `.ruby-{version,gemset}`: [RVM](https://rvm.io/) configuration, use the name of the - project as [gemset](https://rvm.io/gemsets) name -* `Gemfile[.lock]`: used by `[bundle](http://bundler.io/)` - -### Repository Setup - -Then, to make your local copy of the repository ready to use the [git-flow](https://github.com/nvie/gitflow) workflow and the local [RVM](https://rvm.io/) setup, you have to run the following commands once you cloned it for the first time: - - $> gem install bundler # assuming it is not yet available - $> bundle install - $> rake -T # To list the available tasks - $> rake setup - -You probably wants to activate the bash-completion for rake tasks. -I personnaly use the one provided [here](https://github.com/ai/rake-completion) - -Also, some of the tasks are hidden. Run `rake -T -A` to list all of them. - -### RSpec tests - -A set of unitary tests are defined to validate the different function of my library using [Rspec](http://rspec.info/) - -You can run these tests by issuing: - - $> rake rspec # NOT YET IMPLEMENTED - -By conventions, you will find all the currently implemented tests in the `spec/` directory, in files having the `_spec.rb` suffix. This is expected from the `rspec` task of the `Rakefile`. - -**Important** Kindly stick to this convention, and feature tests for all definitions/classes/modules you might want to add. diff --git a/docs/contributing/versioning.md b/docs/contributing/versioning.md deleted file mode 100644 index b5d893c..0000000 --- a/docs/contributing/versioning.md +++ /dev/null @@ -1,30 +0,0 @@ -The operation consisting of releasing a new version of this repository is -automated by a set of tasks within the `Rakefile`. - -In this context, a version number have the following format: - - .. - -where: - -* `< major >` corresponds to the major version number -* `< minor >` corresponds to the minor version number -* `< patch >` corresponds to the patching version number - -Example: `1.2.0` - -The current version number is stored in the file `metadata.json`. -For more information on the version, run: - - $> rake version:info - -If a new version number such be bumped, you simply have to run: - - $> rake version:bump:{major,minor,patch} - -This will start the release process for you using `git-flow`. -Then, to make the release effective, just run: - - $> rake version:release - -This will finalize the release using `git-flow`, create the appropriate tag and merge all things the way they should be. diff --git a/docs/index.md b/docs/index.md deleted file mode 100644 index a6b27b7..0000000 --- a/docs/index.md +++ /dev/null @@ -1,30 +0,0 @@ --*- mode: markdown; mode: visual-line; -*- - -# ULHPC/bind Puppet Module - -[![Puppet Forge](http://img.shields.io/puppetforge/v/ULHPC/bind.svg)](https://forge.puppetlabs.com/ULHPC/bind) -[![License](http://img.shields.io/:license-GPL3.0-blue.svg)](LICENSE) -![Supported Platforms](http://img.shields.io/badge/platform-debian|redhat|centos-lightgrey.svg) -[![Documentation Status](https://readthedocs.org/projects/ulhpc-puppet-bind/badge/?version=latest)](https://readthedocs.org/projects/ulhpc-puppet-bind/?badge=latest) -[![By ULHPC](https://img.shields.io/badge/by-ULHPC-blue.svg)](http://hpc.uni.lu) - - Copyright (c) 2018 UL HPC Team - -| [Project Page](https://github.com/ULHPC/puppet-bind) | [Documentation](http://ulhpc-puppet-bind.readthedocs.org/en/latest/) | [Issues](https://github.com/ULHPC/puppet-bind/issues) | - - ------------ -The [ULHPC/bind](https://github.com/ULHPC/puppet-bind) puppet module has been designed to configure and manage bind - -This is the main page of the documentation for this Puppet module, which is hosted and managed by [Read the Docs](http://ulhpc-bind.readthedocs.org/en/latest/). -It proposes to detail the following elements: - -* An [Overview](overview.md) of the module is proposed, describing the puppet classes and/or definitions it implements. - - you might also wish to check the `tests/` directory for sample test cases -* How to [test this module with Vagrant](vagrant.md) -* How to [contribute](contributing/index.md) to this puppet module development. In particular, we detail: - - the [directory tree structure](contributing/layout.md) - - the steps to follow to [setup this repository](contributing/setup.md) - - information as regard the [semantic versioning](contributing/versioning.md) of this Puppet module. - - Apart form the directory layout, we will cover various configuration aspects ([git-flow](https://github.com/nvie/gitflow), [RVM](https://rvm.io/), [Bundler](http://bundler.io/) etc.) -* Details on the [Read the Docs](http://ulhpc-puppet-bind.readthedocs.org/en/latest/) management. diff --git a/docs/overview.md b/docs/overview.md deleted file mode 120000 index 32d46ee..0000000 --- a/docs/overview.md +++ /dev/null @@ -1 +0,0 @@ -../README.md \ No newline at end of file diff --git a/docs/rtfd.md b/docs/rtfd.md deleted file mode 100644 index dc9e961..0000000 --- a/docs/rtfd.md +++ /dev/null @@ -1,9 +0,0 @@ -The documentation for this puppet module is handled by [Read the Docs](https://readthedocs.org/), a web service dedicated to documentation management for the open source community. - -* [Reference documentation](https://docs.readthedocs.org/en/latest/) - -You might wish to generate locally the docs: - -* Install [`mkdocs`](http://www.mkdocs.org/#installation) -* Preview your documentation from the project root by running `mkdocs serve` and visite with your favorite browser the URL `http://localhost:8000` -* build the full documentation locally by running `mkdocs build` diff --git a/docs/vagrant.md b/docs/vagrant.md deleted file mode 100644 index c36b9ed..0000000 --- a/docs/vagrant.md +++ /dev/null @@ -1,79 +0,0 @@ --*- mode: markdown; mode: visual-line; -*- - -# Bind Puppet Module Tests with Vagrant - -The best way to test this module in a non-intrusive way is to rely on [Vagrant](http://www.vagrantup.com/). -[Vagrant](http://vagrantup.com/) uses [Oracle's VirtualBox](http://www.virtualbox.org/) -to build configurable, lightweight, and portable virtual machines dynamically. - -* [Reference installation notes](http://docs.vagrantup.com/v2/installation/) -- assuming you have installed [Oracle's VirtualBox](http://www.virtualbox.org/) -* [installation notes on Mac OS](http://sourabhbajaj.com/mac-setup/Vagrant/README.html) using [Homebrew](http://brew.sh/) and [Cask](http://sourabhbajaj.com/mac-setup/Homebrew/Cask.html) - -The `Vagrantfile` at the root of the repository pilot the provisioning a vagrant boxes. -It can run any OS you set in `tests/vagrant/config.yaml` as follows: - -```yaml -:vms: - 'default': - :os: :debian8 -``` - -You can list the available vagrant box as follows: - -```bash -$> vagrant status -Current machine states: - -centos-7 running (virtualbox) - -The VM is running. To stop this VM, you can run `vagrant halt` to -shut it down forcefully, or you can run `vagrant suspend` to simply -suspend the virtual machine. In either case, to restart it again, -simply run `vagrant up`. -``` - -You can boot the VM and provision it (using the scripts under `tests/vagrant/`) by running: - -```bash -$> vagrant up -``` - -Then you can ssh into the machine afterwards: - -```bash -$> vagrant ssh -``` - -When you run `vagrant up ` to boot the VM, the provisioning scripts are responsible for: - -| Script | Description | -|---------------------------|-------------------------------------------------| -| `bootstrap.sh` | Install puppet 4 and defaults packages and gems | -| `puppet_modules_setup.rb` | pre-install the necessary puppet modules | - -More precisely, the `tests/vagrant/puppet_modules_setup.rb` script. -This script is responsible for two main tasks: - -1. pre-install the puppet modules listed as dependencies in `metadata.json` -2. make the appropriate symbolic link in the puppet module directory (to `/vagrant`) to ensure you can directly make changes and correct your own module transparently within the box. - -So you can test the manifests of the `tests/` directory within the VM: - - $> vagrant ssh [] - [...] - (vagrant)$> sudo puppet apply -t /vagrant/tests/init.pp - -From now on, you can test (with --noop) the other manifests. - -Run `vagrant halt` (or `vagrant destroy`) to stop (or kill) the VM once you've finished to play with it. - -_Note_: The `Vagrantfile` at the root of this repository might evolve over the time with new boxes. To automatically get the last version available: - -1. Upgrade the [`falkorlib`](https://rubygems.org/gems/falkorlib) gem - - $> bundle update falkorlib - $> git commit -s -m "Upgrade falkorlib to the latest version" Gemfile.lock - -2. update the `Vagrantfile` to the last version by issuing: - - $> rake templates:upgrade:vagrant diff --git a/manifests/common.pp b/manifests/common.pp index 5484a87..28daae7 100644 --- a/manifests/common.pp +++ b/manifests/common.pp @@ -10,125 +10,116 @@ # # Note: respect the Naming standard provided here[http://projects.puppetlabs.com/projects/puppet/wiki/Module_Standards] class bind::common { - - # Load the variables used in this module. Check the bind-params.pp file - require bind::params - - package { 'bind': - ensure => $bind::ensure, - name => $bind::params::packagename, - } - package { $bind::params::utils_packages: - ensure => $bind::ensure, + # Load the variables used in this module. Check the bind-params.pp file + require bind::params + + package { 'bind': + ensure => $bind::ensure, + name => $bind::params::packagename, + } + package { $bind::params::utils_packages: + ensure => $bind::ensure, + } + + if ($bind::ensure == 'present') { + if ($facts['os']['selinux']['enabled'] == true) { + selinux::boolean { 'named_write_master_zones': } } + # Release the BIND service + service { 'bind': + ensure => running, + name => $bind::params::servicename, + enable => true, + hasrestart => $bind::params::hasrestart, + pattern => $bind::params::processname, + hasstatus => $bind::params::hasstatus, + require => Package['bind'], + } - if ($bind::ensure == 'present') { - - if ($facts['os']['selinux']['enabled'] == true) { - selinux::boolean { 'named_write_master_zones': } - } - - - # Release the BIND service - service { 'bind': - ensure => running, - name => $bind::params::servicename, - enable => true, - hasrestart => $bind::params::hasrestart, - pattern => $bind::params::processname, - hasstatus => $bind::params::hasstatus, - require => Package['bind'], - } - - # Now populate the configuration directory with the default files - file { $bind::params::configdir: - ensure => 'directory', - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configdir_mode, - } - - # Custom zones directory - file { "${bind::params::configdir}/zones": - ensure => 'directory', - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configdir_mode, - require => File[$bind::params::configdir], - } - - # Adapt the named.conf file - file { $bind::params::configfile: - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_conf_t', - content => template('bind/named.conf.erb'), - require => File[$bind::params::configdir], - notify => Service['bind'], - } - # Adapt the named.conf.options files - file { $bind::params::optionsfile: - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_conf_t', - content => template('bind/named.conf.options.erb'), - require => File[$bind::params::configdir], - notify => Service['bind'], - } - - # Prepare the local zone file - concat { $bind::params::localconfigfile: - warn => true, - owner => $bind::params::configfile_owner, - group => $bind::params::configfile_group, - mode => $bind::params::configfile_mode, - seltype => 'named_conf_t', - require => File[$bind::params::configdir], - notify => Service['bind'], - } + # Now populate the configuration directory with the default files + file { $bind::params::configdir: + ensure => 'directory', + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configdir_mode, + } - # Header of the file - concat::fragment { 'named.conf.local_header': - target => $bind::params::localconfigfile, - source => 'puppet:///modules/bind/01-named.conf.local_header', - order => '01', - } + # Custom zones directory + file { "${bind::params::configdir}/zones": + ensure => 'directory', + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configdir_mode, + require => File[$bind::params::configdir], + } + # Adapt the named.conf file + file { $bind::params::configfile: + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_conf_t', + content => template('bind/named.conf.erb'), + require => File[$bind::params::configdir], + notify => Service['bind'], + } + # Adapt the named.conf.options files + file { $bind::params::optionsfile: + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_conf_t', + content => template('bind/named.conf.options.erb'), + require => File[$bind::params::configdir], + notify => Service['bind'], + } - # Footer of the file - concat::fragment { 'named.conf.local_footer': - target => $bind::params::localconfigfile, - content => template('bind/99-named.conf.local_footer.erb'), - order => 99, - } + # Prepare the local zone file + concat { $bind::params::localconfigfile: + warn => true, + owner => $bind::params::configfile_owner, + group => $bind::params::configfile_group, + mode => $bind::params::configfile_mode, + seltype => 'named_conf_t', + require => File[$bind::params::configdir], + notify => Service['bind'], + } + # Header of the file + concat::fragment { 'named.conf.local_header': + target => $bind::params::localconfigfile, + source => 'puppet:///modules/bind/01-named.conf.local_header', + order => '01', + } + # Footer of the file + concat::fragment { 'named.conf.local_footer': + target => $bind::params::localconfigfile, + content => template('bind/99-named.conf.local_footer.erb'), + order => 99, + } } + else { + exec { 'rm -f /etc/bind': + path => '/usr/bin:/usr/sbin:/bin', + onlyif => 'test -h /etc/bind', } - else { - exec { 'rm -f /etc/bind': - path => '/usr/bin:/usr/sbin:/bin', - onlyif => 'test -h /etc/bind', - } - exec {"rm -rf ${bind::params::configdir}": - path => '/usr/bin:/usr/sbin:/bin', - onlyif => "test -d ${bind::params::configdir}", - } - exec { 'mv /etc/resolv.conf.old /etc/resolv.conf': - path => '/usr/bin:/usr/sbin:/bin', - onlyif => 'test -f /etc/resolv.conf.old', - } + exec { "rm -rf ${bind::params::configdir}": + path => '/usr/bin:/usr/sbin:/bin', + onlyif => "test -d ${bind::params::configdir}", } - - if ($bind::params::support_rsyslog == true) { - # Adapt syslog configuration - rsyslog::component::custom_config { 'bind-chroot': - content => template('bind/rsyslog.conf.erb'), - } + exec { 'mv /etc/resolv.conf.old /etc/resolv.conf': + path => '/usr/bin:/usr/sbin:/bin', + onlyif => 'test -f /etc/resolv.conf.old', } + } + if ($bind::params::support_rsyslog == true) { + # Adapt syslog configuration + rsyslog::component::custom_config { 'bind-chroot': + content => template('bind/rsyslog.conf.erb'), + } + } } diff --git a/manifests/common/debian.pp b/manifests/common/debian.pp index aa70f14..17a5640 100644 --- a/manifests/common/debian.pp +++ b/manifests/common/debian.pp @@ -8,204 +8,203 @@ # # Specialization class for Debian systems class bind::common::debian inherits bind::common { + # copy the bind.keys + exec { "cp /etc/bind.old/bind.keys ${bind::params::configdir}/": + path => '/usr/bin:/usr/sbin:/bin', + user => $bind::params::user, + group => $bind::params::group, + onlyif => 'test -f /etc/bind.old/bind.keys', + unless => "test -f ${bind::params::configdir}/bind.keys", + require => Exec['mv /etc/bind /etc/bind.old'], + } + + # Create the default zones files + file { "${bind::params::configdir}/db.0": + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_zone_t', + source => 'puppet:///modules/bind/default-zones/db.0', + require => File[$bind::params::configdir], + notify => Service['bind'], + } + file { "${bind::params::configdir}/db.127": + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_zone_t', + source => 'puppet:///modules/bind/default-zones/db.127', + require => File[$bind::params::configdir], + notify => Service['bind'], + } + file { "${bind::params::configdir}/db.255": + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_zone_t', + source => 'puppet:///modules/bind/default-zones/db.255', + require => File[$bind::params::configdir], + notify => Service['bind'], + } + file { "${bind::params::configdir}/db.empty": + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_zone_t', + source => 'puppet:///modules/bind/default-zones/db.empty', + require => File[$bind::params::configdir], + notify => Service['bind'], + } + file { "${bind::params::configdir}/db.local": + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_zone_t', + source => 'puppet:///modules/bind/default-zones/db.local', + require => File[$bind::params::configdir], + notify => Service['bind'], + } + file { "${bind::params::configdir}/db.root": + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_zone_t', + source => 'puppet:///modules/bind/default-zones/db.root', + require => File[$bind::params::configdir], + notify => Service['bind'], + } + file { "${bind::params::configdir}/zones.rfc1918": + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_conf_t', + content => template('bind/zones.rfc1918.erb'), + require => File[$bind::params::configdir], + notify => Service['bind'], + } + + # Adapt the named.conf.default_zones file + file { $bind::params::default_zones_file: + ensure => $bind::ensure, + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_conf_t', + content => template('bind/named.conf.default-zones.erb'), + require => File[$bind::params::configdir], + notify => Service['bind'], + } + + if ($bind::ensure == 'present') { + # Create the chroot + exec { "Creates ${bind::params::chrootdir}": + command => "mkdir -p ${bind::params::chrootdir}", + path => '/usr/bin:/usr/sbin:/bin', + creates => $bind::params::chrootdir, + require => Package['bind'], + } - # copy the bind.keys - exec { "cp /etc/bind.old/bind.keys ${bind::params::configdir}/": - path => '/usr/bin:/usr/sbin:/bin', - user => $bind::params::user, - group => $bind::params::group, - onlyif => 'test -f /etc/bind.old/bind.keys', - unless => "test -f ${bind::params::configdir}/bind.keys", - require => Exec['mv /etc/bind /etc/bind.old'], + exec { 'Populate chroot directory': + cwd => $bind::params::chrootdir, + command => 'mkdir -p etc/bind dev var/cache/bind var/run/bind/run', + path => '/usr/bin:/usr/sbin:/bin', + creates => "${bind::params::chrootdir}/etc/bind", + require => Exec["Creates ${bind::params::chrootdir}"], } - # Create the default zones files - file { "${bind::params::configdir}/db.0": - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_zone_t', - source => 'puppet:///modules/bind/default-zones/db.0', - require => File[$bind::params::configdir], - notify => Service['bind'], + exec { "create ${bind::params::chrootdir}/dev/null": + command => "mknod ${bind::params::chrootdir}/dev/null c 1 3 && chmod 666 ${bind::params::chrootdir}/dev/null", + path => '/usr/bin:/usr/sbin:/bin', + creates => "${bind::params::chrootdir}/dev/null", + require => Exec['Populate chroot directory'], } - file { "${bind::params::configdir}/db.127": - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_zone_t', - source => 'puppet:///modules/bind/default-zones/db.127', - require => File[$bind::params::configdir], - notify => Service['bind'], + + exec { "create ${bind::params::chrootdir}/dev/random": + command => "mknod ${bind::params::chrootdir}/dev/random c 1 8 && chmod 666 ${bind::params::chrootdir}/dev/random", + path => '/usr/bin:/usr/sbin:/bin', + creates => "${bind::params::chrootdir}/dev/random", + require => Exec['Populate chroot directory'], } - file { "${bind::params::configdir}/db.255": - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_zone_t', - source => 'puppet:///modules/bind/default-zones/db.255', - require => File[$bind::params::configdir], - notify => Service['bind'], + + exec { "Set ownership of ${bind::params::chrootdir}": + command => "chown -R ${bind::params::user}:${bind::params::group} ${bind::params::chrootdir}", + path => '/usr/bin:/usr/sbin:/bin', + refreshonly => true, + require => [ + Exec["Creates ${bind::params::chrootdir}"], + Exec['Populate chroot directory'], + Exec["create ${bind::params::chrootdir}/dev/null"], + Exec["create ${bind::params::chrootdir}/dev/random"], + ], + } -> File[$bind::params::configdir] + + # Adapt the init.d configuration script to run bind and make it use the + # chroot directory + augeas { "${bind::params::initconfigfile}/OPTIONS": + context => "/files/${bind::params::initconfigfile}", + changes => "set OPTIONS '\"-u ${bind::params::user} -t ${bind::params::chrootdir} -c ${bind::params::configfile}\"'", + onlyif => "get OPTIONS != '\"-u ${bind::params::user} -t ${bind::params::chrootdir} -c ${bind::params::configfile}\"'", + require => Exec['Populate chroot directory'], + notify => Service['bind'], } - file { "${bind::params::configdir}/db.empty": - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_zone_t', - source => 'puppet:///modules/bind/default-zones/db.empty', - require => File[$bind::params::configdir], - notify => Service['bind'], + + exec { 'mv /etc/bind /etc/bind.old': + path => '/usr/bin:/usr/sbin:/bin', + unless => 'test -d /etc/bind.old \\&& test \\! -d /etc/bind', + require => File[$bind::params::configdir], } - file { "${bind::params::configdir}/db.local": - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_zone_t', - source => 'puppet:///modules/bind/default-zones/db.local', - require => File[$bind::params::configdir], - notify => Service['bind'], + file { '/etc/bind': + ensure => 'link', + target => $bind::params::configdir, + require => Exec['mv /etc/bind /etc/bind.old'], } - file { "${bind::params::configdir}/db.root": - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_zone_t', - source => 'puppet:///modules/bind/default-zones/db.root', - require => File[$bind::params::configdir], - notify => Service['bind'], + # copy the rndc.key + exec { "cp /etc/bind.old/rndc.key ${bind::params::configdir}/": + path => '/usr/bin:/usr/sbin:/bin', + user => $bind::params::user, + group => $bind::params::group, + onlyif => 'test -f /etc/bind.old/rndc.key', + unless => "test -f ${bind::params::configdir}/rndc.key", + require => Exec['mv /etc/bind /etc/bind.old'], } - file { "${bind::params::configdir}/zones.rfc1918": - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_conf_t', - content => template('bind/zones.rfc1918.erb'), - require => File[$bind::params::configdir], - notify => Service['bind'], + } + else { + exec { 'mv /etc/bind.old /etc/bind': + path => '/usr/bin:/usr/sbin:/bin', + onlyif => 'test -d /etc/bind.old', + require => Exec['rm -f /etc/bind'], } - # Adapt the named.conf.default_zones file - file { $bind::params::default_zones_file: - ensure => $bind::ensure, - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_conf_t', - content => template('bind/named.conf.default-zones.erb'), - require => File[$bind::params::configdir], - notify => Service['bind'], + exec { "rm -rf ${bind::params::chrootdir}": + path => '/usr/bin:/usr/sbin:/bin', + onlyif => "test -d ${bind::params::chrootdir}", } - - - if ($bind::ensure == 'present') { - - # Create the chroot - exec { "Creates ${bind::params::chrootdir}": - command => "mkdir -p ${bind::params::chrootdir}", - path => '/usr/bin:/usr/sbin:/bin', - require => Package['bind'], - } - - exec { 'Populate chroot directory': - cwd => $bind::params::chrootdir, - command => 'mkdir -p etc/bind dev var/cache/bind var/run/bind/run', - path => '/usr/bin:/usr/sbin:/bin', - require => Exec["Creates ${bind::params::chrootdir}"], - } - - exec { "create ${bind::params::chrootdir}/dev/null": - command => "mknod ${bind::params::chrootdir}/dev/null c 1 3 && chmod 666 ${bind::params::chrootdir}/dev/null", - path => '/usr/bin:/usr/sbin:/bin', - creates => "${bind::params::chrootdir}/dev/null", - require => Exec['Populate chroot directory'], - } - - exec { "create ${bind::params::chrootdir}/dev/random": - command => "mknod ${bind::params::chrootdir}/dev/random c 1 8 && chmod 666 ${bind::params::chrootdir}/dev/random", - path => '/usr/bin:/usr/sbin:/bin', - creates => "${bind::params::chrootdir}/dev/random", - require => Exec['Populate chroot directory'], - } - - exec { "Set ownership of ${bind::params::chrootdir}": - command => "chown -R ${bind::params::user}:${bind::params::group} ${bind::params::chrootdir}", - path => '/usr/bin:/usr/sbin:/bin', - require => [ - Exec["create ${bind::params::chrootdir}/dev/null"], - Exec["create ${bind::params::chrootdir}/dev/random"] - ], - } -> File[$bind::params::configdir] - - - # Adapt the init.d configuration script to run bind and make it use the - # chroot directory - augeas { "${bind::params::initconfigfile}/OPTIONS": - context => "/files/${bind::params::initconfigfile}", - changes => "set OPTIONS '\"-u ${bind::params::user} -t ${bind::params::chrootdir} -c ${bind::params::configfile}\"'", - onlyif => "get OPTIONS != '\"-u ${bind::params::user} -t ${bind::params::chrootdir} -c ${bind::params::configfile}\"'", - require => Exec['Populate chroot directory'], - notify => Service['bind'], - } - - exec { 'mv /etc/bind /etc/bind.old': - path => '/usr/bin:/usr/sbin:/bin', - unless => 'test -d /etc/bind.old \\&& test \\! -d /etc/bind', - require => File[$bind::params::configdir], - } - file { '/etc/bind': - ensure => 'link', - target => $bind::params::configdir, - require => Exec['mv /etc/bind /etc/bind.old'], - } - # copy the rndc.key - exec { "cp /etc/bind.old/rndc.key ${bind::params::configdir}/": - path => '/usr/bin:/usr/sbin:/bin', - user => $bind::params::user, - group => $bind::params::group, - onlyif => 'test -f /etc/bind.old/rndc.key', - unless => "test -f ${bind::params::configdir}/rndc.key", - require => Exec['mv /etc/bind /etc/bind.old'], - } + } + + # Import libssl in chrootdir + if ($bind::ensure == 'present' and $facts['os']['distro']['codename'] == 'wheezy') { + exec { "Create ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu": + command => "mkdir -p ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu", + path => '/usr/bin:/usr/sbin:/bin', + unless => "test -d ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu", + require => Exec['Populate chroot directory'], } - else { - exec { 'mv /etc/bind.old /etc/bind': - path => '/usr/bin:/usr/sbin:/bin', - onlyif => 'test -d /etc/bind.old', - require => Exec['rm -f /etc/bind'], - } - - exec {"rm -rf ${bind::params::chrootdir}": - path => '/usr/bin:/usr/sbin:/bin', - onlyif => "test -d ${bind::params::chrootdir}", - } + exec { "Import libssl in ${bind::params::chrootdir}": + command => "cp -R /usr/lib/x86_64-linux-gnu/openssl-1.0.0 ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu/", + path => '/usr/bin:/usr/sbin:/bin', + unless => "test -d ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu/openssl-1.0.0", + require => Exec["Create ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu"], } - # Import libssl in chrootdir - if ($bind::ensure == 'present' and $facts['os']['distro']['codename'] == 'wheezy') { - - exec { "Create ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu": - command => "mkdir -p ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu", - path => '/usr/bin:/usr/sbin:/bin', - unless => "test -d ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu", - require => Exec['Populate chroot directory'], - } - exec { "Import libssl in ${bind::params::chrootdir}": - command => "cp -R /usr/lib/x86_64-linux-gnu/openssl-1.0.0 ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu/", - path => '/usr/bin:/usr/sbin:/bin', - unless => "test -d ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu/openssl-1.0.0", - require => Exec["Create ${bind::params::chrootdir}/usr/lib/x86_64-linux-gnu"], - } - - Service['bind'] { - require => [ Package['bind'], Exec["Import libssl in ${bind::params::chrootdir}"] ] - } + Service['bind'] { + require => [Package['bind'], Exec["Import libssl in ${bind::params::chrootdir}"]] } - + } } diff --git a/manifests/common/redhat.pp b/manifests/common/redhat.pp index 1d36ed3..63cb46a 100644 --- a/manifests/common/redhat.pp +++ b/manifests/common/redhat.pp @@ -7,4 +7,4 @@ # = Class: bind::common::redhat # # Specialization class for Redhat systems -class bind::common::redhat inherits bind::common { } +class bind::common::redhat inherits bind::common {} diff --git a/manifests/init.pp b/manifests/init.pp index 7b47df7..975a4f1 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -39,25 +39,24 @@ # # [Remember: No empty lines between comments and class definition] # -class bind( - $ensure = $bind::params::ensure, - $forwarders = $bind::params::forwarders, - $allow_query = $bind::params::allow_query, - $dnssec = $bind::params::dnssec +class bind ( + $ensure = $bind::params::ensure, + $forwarders = $bind::params::forwarders, + $allow_query = $bind::params::allow_query, + $dnssec = $bind::params::dnssec ) -inherits bind::params -{ - info ("Configuring bind (aka DNS server) with ensure = ${ensure}") +inherits bind::params { + info ("Configuring bind (aka DNS server) with ensure = ${ensure}") - if ! ($ensure in [ 'present', 'absent' ]) { - fail("bind 'ensure' parameter must be set to either 'absent' or 'present'") - } + if ! ($ensure in ['present', 'absent']) { + fail("bind 'ensure' parameter must be set to either 'absent' or 'present'") + } - case $facts['os']['name'] { - 'debian', 'ubuntu': { include bind::common::debian } - 'redhat', 'fedora', 'centos', 'rocky': { include bind::common::redhat } - default: { - fail("Module ${module_name} is not supported on ${facts['os']['name']}") - } + case $facts['os']['name'] { + 'debian', 'ubuntu': { include bind::common::debian } + 'redhat', 'fedora', 'centos', 'rocky': { include bind::common::redhat } + default: { + fail("Module ${module_name} is not supported on ${facts['os']['name']}") } + } } diff --git a/manifests/params.pp b/manifests/params.pp index 51ed6cf..076baf6 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -23,145 +23,143 @@ # [Remember: No empty lines between comments and class definition] # class bind::params { - - ######## DEFAULTS FOR VARIABLES USERS CAN SET ########################## - # (Here are set the defaults, provide your custom variables externally) - # (The default used is in the line with '') - ########################################### - - # ensure the presence (or absence) of bind - $ensure = 'present' - - # The Protocol used. Used by monitor and firewall class. Default is 'tcp' - $protocol = 'tcp' - # The port number. Used by monitor and firewall class. The default is 22. - $port = 53 - - # Define global forwarders. Can be an array - $forwarders = [ '10.21.0.5' ] - - # clients authorized for querying the server; can be an array - $allow_query = '' - - # enable or disable dnssec, disabled by default - $dnssec = false - - #### MODULE INTERNAL VARIABLES ######### - # (Modify to adapt to unsupported OSes) - ####################################### - if ($facts['os']['family'] == 'RedHat' and Integer($facts['os']['release']['major']) <= 7) { - $support_rsyslog = false - } else { - $support_rsyslog = true - } - - # Packages to install - $packagename = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => 'bind9', - /(?i-mx:centos|redhat|rocky|fedora)/ => 'bind-chroot', - default => 'bind', - } - $utils_packages = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => [ 'nslint' ], - default => [], - } - - # The User running bind - $user = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => 'bind', - default => 'named', - } - $group = $user - - # Bind (aka DNS) service - $servicename = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => 'bind9', - /(?i-mx:centos|redhat|rocky|fedora)/ => 'named-chroot', - default => 'named' - } - # used for pattern in a service ressource - $processname = $facts['os']['name'] ? { - default => 'named', - } - $hasstatus = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => false, - /(?i-mx:centos|fedora|redhat|rocky)/ => true, - default => true, - } - $hasrestart = $facts['os']['name'] ? { - default => true, - } - - # Chroot dir - $chrootdir = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => '/var/chroot/bind', - /(?i-mx:centos|fedora|redhat|rocky)/ => '/var/named/chroot', - default => '/var/chroot/bind' - } - - # Configuration directory - $configdir = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => "${chrootdir}/etc/bind", - /(?i-mx:centos|fedora|redhat|rocky)/ => '/etc/named', - default => '/etc/bind' - } - $configdir_mode = $facts['os']['name'] ? { - default => '0755', - } - - # Bind main configuration file - $configfile = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => "${chrootdir}/etc/bind/named.conf", - /(?i-mx:centos|fedora|redhat|rocky)/ => '/etc/named.conf', - default => '/etc/bind/named.conf' - } - $configfile_mode = $facts['os']['name'] ? { - default => '0644', - } - - $configfile_owner = $facts['os']['name'] ? { - default => $user, - } - - $configfile_group = $facts['os']['name'] ? { - default => $group, - } - - # named.conf.local - $localconfigfile = $facts['os']['name'] ? { - default => "${configdir}/named.conf.local" - } - # named.conf.default_zones - $default_zones_file = $facts['os']['name'] ? { - default => "${configdir}/named.conf.default-zones" - } - # named.conf.options - $optionsfile = $facts['os']['name'] ? { - default => "${configdir}/named.conf.options" - } - - #init.d default config file - $initconfigfile = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => '/etc/default/bind9', - default => '/etc/sysconfig/named', - } - - # Base directory for Bind - $basedir = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => '/var/cache/bind', - default => '/var/named', - } - - # PID file - $pidfile = $facts['os']['name'] ? { - /(?i-mx:ubuntu|debian)/ => '/var/run/bind/named.pid', - /(?i-mx:centos|fedora|redhat|rocky)/ => '/run/named/named.pid', - default => '/var/run/named.pid', - } - - # Log dir (log file will be ${logdir}/bind.log - $logdir = $facts['os']['name'] ? { - default => '/var/log', - } - + ######## DEFAULTS FOR VARIABLES USERS CAN SET ########################## + # (Here are set the defaults, provide your custom variables externally) + # (The default used is in the line with '') + ########################################### + + # ensure the presence (or absence) of bind + $ensure = 'present' + + # The Protocol used. Used by monitor and firewall class. Default is 'tcp' + $protocol = 'tcp' + # The port number. Used by monitor and firewall class. The default is 22. + $port = 53 + + # Define global forwarders. Can be an array + $forwarders = ['10.21.0.5'] + + # clients authorized for querying the server; can be an array + $allow_query = '' + + # enable or disable dnssec, disabled by default + $dnssec = false + + #### MODULE INTERNAL VARIABLES ######### + # (Modify to adapt to unsupported OSes) + ####################################### + if ($facts['os']['family'] == 'RedHat' and Integer($facts['os']['release']['major']) <= 7) { + $support_rsyslog = false + } else { + $support_rsyslog = true + } + + # Packages to install + $packagename = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => 'bind9', + /(?i-mx:centos|redhat|rocky|fedora)/ => 'bind-chroot', + default => 'bind', + } + $utils_packages = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => ['nslint'], + default => [], + } + + # The User running bind + $user = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => 'bind', + default => 'named', + } + $group = $user + + # Bind (aka DNS) service + $servicename = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => 'bind9', + /(?i-mx:centos|redhat|rocky|fedora)/ => 'named-chroot', + default => 'named' + } + # used for pattern in a service ressource + $processname = $facts['os']['name'] ? { + default => 'named', + } + $hasstatus = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => false, + /(?i-mx:centos|fedora|redhat|rocky)/ => true, + default => true, + } + $hasrestart = $facts['os']['name'] ? { + default => true, + } + + # Chroot dir + $chrootdir = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => '/var/chroot/bind', + /(?i-mx:centos|fedora|redhat|rocky)/ => '/var/named/chroot', + default => '/var/chroot/bind' + } + + # Configuration directory + $configdir = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => "${chrootdir}/etc/bind", + /(?i-mx:centos|fedora|redhat|rocky)/ => '/etc/named', + default => '/etc/bind' + } + $configdir_mode = $facts['os']['name'] ? { + default => '0755', + } + + # Bind main configuration file + $configfile = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => "${chrootdir}/etc/bind/named.conf", + /(?i-mx:centos|fedora|redhat|rocky)/ => '/etc/named.conf', + default => '/etc/bind/named.conf' + } + $configfile_mode = $facts['os']['name'] ? { + default => '0644', + } + + $configfile_owner = $facts['os']['name'] ? { + default => $user, + } + + $configfile_group = $facts['os']['name'] ? { + default => $group, + } + + # named.conf.local + $localconfigfile = $facts['os']['name'] ? { + default => "${configdir}/named.conf.local" + } + # named.conf.default_zones + $default_zones_file = $facts['os']['name'] ? { + default => "${configdir}/named.conf.default-zones" + } + # named.conf.options + $optionsfile = $facts['os']['name'] ? { + default => "${configdir}/named.conf.options" + } + + #init.d default config file + $initconfigfile = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => '/etc/default/bind9', + default => '/etc/sysconfig/named', + } + + # Base directory for Bind + $basedir = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => '/var/cache/bind', + default => '/var/named', + } + + # PID file + $pidfile = $facts['os']['name'] ? { + /(?i-mx:ubuntu|debian)/ => '/var/run/bind/named.pid', + /(?i-mx:centos|fedora|redhat|rocky)/ => '/run/named/named.pid', + default => '/var/run/named.pid', + } + + # Log dir (log file will be ${logdir}/bind.log + $logdir = $facts['os']['name'] ? { + default => '/var/log', + } } diff --git a/manifests/resolver.pp b/manifests/resolver.pp index f5cdbf1..6809d5a 100644 --- a/manifests/resolver.pp +++ b/manifests/resolver.pp @@ -53,46 +53,42 @@ # # [Remember: No empty lines between comments and class definition] # -define bind::resolver( - $nameserver = '', - $order = '10', - $ensure = 'present' -) -{ - include bind::params +define bind::resolver ( + $nameserver = '', + $order = '10', + $ensure = 'present' +) { + include bind::params - # $name is provided by define invocation - # guid of this entry - $domain_name = $name + # $name is provided by define invocation + # guid of this entry + $domain_name = $name - # First checks - if (! defined( Concat['/etc/resolv.conf'] ) ) { - # backup resolv.conf - exec { 'cp /etc/resolv.conf /etc/resolv.conf.old': - path => '/usr/bin:/usr/sbin:/bin', - unless => 'test -f /etc/resolv.conf.old', - notify => Concat['/etc/resolv.conf'], - } - - include concat::setup - concat { '/etc/resolv.conf': - warn => true, - owner => 'root', - group => 'root', - mode => '0644', - } - } - - # Check the 'ensure' parameter - if ! ($ensure in [ 'present', 'absent' ]) { - fail("bind::resolver 'ensure' parameter must be set to either 'absent' or 'present'") + # First checks + if (! defined( Concat['/etc/resolv.conf']) ) { + # backup resolv.conf + exec { 'cp /etc/resolv.conf /etc/resolv.conf.old': + path => '/usr/bin:/usr/sbin:/bin', + unless => 'test -f /etc/resolv.conf.old', + notify => Concat['/etc/resolv.conf'], } - concat::fragment { "/etc/resolv.conf_${domain_name}": - target => '/etc/resolv.conf', - content => template('bind/resolv.conf.part.erb'), - order => $order, + include concat::setup + concat { '/etc/resolv.conf': + warn => true, + owner => 'root', + group => 'root', + mode => '0644', } + } + # Check the 'ensure' parameter + if ! ($ensure in ['present', 'absent']) { + fail("bind::resolver 'ensure' parameter must be set to either 'absent' or 'present'") + } -} + concat::fragment { "/etc/resolv.conf_${domain_name}": + target => '/etc/resolv.conf', + content => template('bind/resolv.conf.part.erb'), + order => $order, +} } diff --git a/manifests/zone.pp b/manifests/zone.pp index 50a50e0..25a3c3b 100644 --- a/manifests/zone.pp +++ b/manifests/zone.pp @@ -94,143 +94,140 @@ # # [Remember: No empty lines between comments and class definition] # -define bind::zone( - $ensure = $bind::ensure, - $content = '', - $source = '', - $zone_type = 'master', - $masters = [], - $slaves = [], - $forwarders = [], - $reverse_rr = false, - $add_to_resolver = false -) -{ - include bind::params +define bind::zone ( + $ensure = $bind::ensure, + $content = '', + $source = '', + $zone_type = 'master', + $masters = [], + $slaves = [], + $forwarders = [], + $reverse_rr = false, + $add_to_resolver = false +) { + include bind::params - # $name is provided by define invocation - # guid of this entry - if (! $reverse_rr ) { - # Classical mode: you define the Ressources Records (RR) for the regular - # name resolution i.e. from hostname to IP - $zonename = $name - $zonefile = "${zonename}.db" - $priority = 40 - } - else { - # Reverse name resolution i.e. from IPs to hostname - $reverse_ip = inline_template("<%= @name.split('.').reverse.join('.') %>") - $zonename = "${reverse_ip}.in-addr.arpa" - $zonefile = "reverse-${reverse_ip}.db" - $priority = 60 - } + # $name is provided by define invocation + # guid of this entry + if (! $reverse_rr ) { + # Classical mode: you define the Ressources Records (RR) for the regular + # name resolution i.e. from hostname to IP + $zonename = $name + $zonefile = "${zonename}.db" + $priority = 40 + } + else { + # Reverse name resolution i.e. from IPs to hostname + $reverse_ip = inline_template("<%= @name.split('.').reverse.join('.') %>") + $zonename = "${reverse_ip}.in-addr.arpa" + $zonefile = "reverse-${reverse_ip}.db" + $priority = 60 + } - # First checks - # Ensure the class bind has been instanciated - if (! defined( Class['bind'] ) ) { - fail("The class 'bind' is not instancied") - } + # First checks + # Ensure the class bind has been instanciated + if (! defined( Class['bind']) ) { + fail("The class 'bind' is not instancied") + } - # Check the 'ensure' parameter - if ! ($ensure in [ 'present', 'absent' ]) { - fail("bind::zone 'ensure' parameter must be set to either 'absent' or 'present'") - } + # Check the 'ensure' parameter + if ! ($ensure in ['present', 'absent']) { + fail("bind::zone 'ensure' parameter must be set to either 'absent' or 'present'") + } - if ($bind::ensure != $ensure) { - if ($bind::ensure == 'present') { - warning(" bind::ensure (value '${bind::ensure}') differs from the ensure parameter ('${ensure}'): the zone '${zonename} won't be added'") - } - else { - fail("Cannot add the zone '${zonename}' as bind::ensure is NOT set to present") - } - } - - # Check the type parameter - if ! ($zone_type in [ 'master', 'slave', 'forward' ]) { - fail("bind::zone 'zone_type' parameter must be set to either 'master', 'slave' or 'forward'") + if ($bind::ensure != $ensure) { + if ($bind::ensure == 'present') { + warning(" bind::ensure (value '${bind::ensure}') differs from the ensure parameter ('${ensure}'): the zone '${zonename} won't be added'") } - if ($zone_type in [ 'forward' ]) { - fail("The BIND zone type ${zone_type} is not yet implemented") + else { + fail("Cannot add the zone '${zonename}' as bind::ensure is NOT set to present") } + } - if ( - ($zone_type == 'slave' and - ($masters == [] or $slaves != [] )) - or - ($zone_type == 'master' and - $masters != []) - ) - { - fail("Inconsistent use of zone_type (${zone_type}), slaves (${slaves}) and masters (${masters}) parameters") - } + # Check the type parameter + if ! ($zone_type in ['master', 'slave', 'forward']) { + fail("bind::zone 'zone_type' parameter must be set to either 'master', 'slave' or 'forward'") + } + if ($zone_type in ['forward']) { + fail("The BIND zone type ${zone_type} is not yet implemented") + } + + if ( + ($zone_type == 'slave' and + ($masters == [] or $slaves != [])) + or + ($zone_type == 'master' and + $masters != []) + ) { + fail("Inconsistent use of zone_type (${zone_type}), slaves (${slaves}) and masters (${masters}) parameters") + } - # if content is passed, use that, else if source is passed use that - case $content { + # if content is passed, use that, else if source is passed use that + case $content { + '': { + case $source { '': { - case $source { - '': { - crit('No content nor source have been specified') - } - default: { - $real_source = $source - $real_content = undef - } - } + crit('No content nor source have been specified') } default: { - $real_content = $content - $real_source = undef + $real_source = $source + $real_content = undef } + } } - - # check - if ($reverse_rr) and ($add_to_resolver) { - fail("${name}: Cannot have a reverse zone set to be added to /etc/resolv.conf") + default: { + $real_content = $content + $real_source = undef } + } - # Let's go - info("Manage the custom bind zone ${zonename} of type ${zone_type} (with ensure = ${ensure})") + # check + if ($reverse_rr) and ($add_to_resolver) { + fail("${name}: Cannot have a reverse zone set to be added to /etc/resolv.conf") + } - if ($bind::ensure == 'present') { - if ($zone_type == 'slave' and $facts['os']['name'] in [ 'CentOS', 'RedHat', 'Rocky' ]) { - $zone_file_path = "slaves/${zonefile}" - } else { - $zone_file_path = "${bind::params::configdir}/zones/${zonefile}" - } + # Let's go + info("Manage the custom bind zone ${zonename} of type ${zone_type} (with ensure = ${ensure})") - concat::fragment { "configure bind zone ${zonename}": - target => $bind::params::localconfigfile, - content => template('bind/custom_zone.erb'), - order => $priority, - } + if ($bind::ensure == 'present') { + if ($zone_type == 'slave' and $facts['os']['name'] in ['CentOS', 'RedHat', 'Rocky']) { + $zone_file_path = "slaves/${zonefile}" + } else { + $zone_file_path = "${bind::params::configdir}/zones/${zonefile}" + } - if ($zone_type == 'master') { - file { $zone_file_path: - owner => $bind::params::user, - group => $bind::params::group, - mode => $bind::params::configfile_mode, - seltype => 'named_zone_t', - notify => Service['bind'], - } - if $real_content { - File[$zone_file_path] { - content => $real_content - } - } elsif $real_source { - File[$zone_file_path] { - source => $real_source - } - } - } + concat::fragment { "configure bind zone ${zonename}": + target => $bind::params::localconfigfile, + content => template('bind/custom_zone.erb'), + order => $priority, + } - if ($add_to_resolver) { - bind::resolver { $zonename: - ensure => $ensure, - nameserver => '127.0.0.1', - order => '01', - notify => Service['bind'], - } + if ($zone_type == 'master') { + file { $zone_file_path: + owner => $bind::params::user, + group => $bind::params::group, + mode => $bind::params::configfile_mode, + seltype => 'named_zone_t', + notify => Service['bind'], + } + if $real_content { + File[$zone_file_path] { + content => $real_content } + } elsif $real_source { + File[$zone_file_path] { + source => $real_source + } + } + } + if ($add_to_resolver) { + bind::resolver { $zonename: + ensure => $ensure, + nameserver => '127.0.0.1', + order => '01', + notify => Service['bind'], + } } + } } diff --git a/metadata.json b/metadata.json index 04bb995..0b8acca 100644 --- a/metadata.json +++ b/metadata.json @@ -2,15 +2,11 @@ "name": "ULHPC-bind", "version": "0.3.4", "author": "UL HPC Team", - "mail": "hpc-sysadmins@uni.lu", "summary": "Configure and manage bind", - "description": "Configure and manage bind", "license": "GPL-3.0", "source": "https://github.com/ULHPC/puppet-bind", - "docs_project": "ulhpc-puppet-bind", "project_page": "https://github.com/ULHPC/puppet-bind", "issues_url": "https://github.com/ULHPC/puppet-bind/issues", - "forge_url": "https://forge.puppetlabs.com/ULHPC/bind", "dependencies": [ { "name": "puppetlabs-stdlib", @@ -42,13 +38,15 @@ "operatingsystemrelease": [ "7", "8", - "9" + "9", + "10" ] }, { "operatingsystem": "Rocky", "operatingsystemrelease": [ - "9" + "9", + "10" ] }, { @@ -58,18 +56,13 @@ ] } ], + "requirements": [ + { + "name": "puppet", + "version_requirement": ">= 8.0.0 < 9.0.0" + } + ], "tags": [ "bind" - ], - "classes": [ - "bind", - "bind::common", - "bind::common::debian", - "bind::common::redhat", - "bind::params" - ], - "definitions": [ - "bind::resolver", - "bind::zone" ] } diff --git a/mkdocs.yml b/mkdocs.yml deleted file mode 100644 index 6e24767..0000000 --- a/mkdocs.yml +++ /dev/null @@ -1,12 +0,0 @@ -site_name: ULHPC/bind Puppet Module -pages: -- ['index.md', 'Home'] -- ['overview.md', 'Overview'] -- ['vagrant.md', 'Tests with Vagrant'] -- ['contributing/index.md', 'Contributing', 'Overview'] -- ['contributing/layout.md', 'Contributing', 'Directory Layout'] -- ['contributing/setup.md', 'Contributing', 'Repository Setup and Developments'] -- ['contributing/versioning.md', 'Contributing', 'Module Versioning'] -- ['rtfd.md', 'Documentation', 'RTFD'] -- ['contacts.md', 'Contacts'] -theme: readthedocs diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 0000000..58c9b66 --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +# puppetlabs_spec_helper will set up coverage if the env variable is set. +# We want to do this if lib exists and it hasn't been explicitly set. +ENV['COVERAGE'] ||= 'yes' if Dir.exist?(File.expand_path('../lib', __dir__)) + +require 'voxpupuli/test/spec_helper' + +RSpec.configure do |c| + c.facterdb_string_keys = false +end + +add_mocked_facts! + +if File.exist?(File.join(__dir__, 'default_module_facts.yml')) + facts = YAML.safe_load(File.read(File.join(__dir__, 'default_module_facts.yml'))) + facts&.each do |name, value| + add_custom_fact name.to_sym, value + end +end +Dir['./spec/support/spec/**/*.rb'].sort.each { |f| require f } diff --git a/tests/init.pp b/tests/init.pp deleted file mode 100644 index f254a7a..0000000 --- a/tests/init.pp +++ /dev/null @@ -1,20 +0,0 @@ -# The baseline for module testing used by Puppet Labs is that each manifest -# should have a corresponding test manifest that declares that class or defined -# type. -# -# Tests are then run by using puppet apply --noop (to check for compilation -# errors and view a log of events) or by fully applying the test in a virtual -# environment (to compare the resulting system state to the desired state). -# -# Learn more about module testing here: -# http://docs.puppetlabs.com/guides/tests_smoke.html -# -# -# -# You can execute this manifest as follows in your vagrant box: -# -# sudo puppet apply -t /vagrant/tests/init.pp -# -node default { - include bind -} diff --git a/tests/params.pp b/tests/params.pp deleted file mode 100644 index f17de94..0000000 --- a/tests/params.pp +++ /dev/null @@ -1,50 +0,0 @@ -# File:: params.pp -# Author:: S. Varrette, H. Cartiaux, V. Plugaru, S. Diehl aka. UL HPC Management Team (hpc-sysadmins@uni.lu) -# Copyright:: Copyright (c) 2016 S. Varrette, H. Cartiaux, V. Plugaru, S. Diehl aka. UL HPC Management Team -# License:: Gpl-3.0 -# -# ------------------------------------------------------------------------------ -# You need the 'future' parser to be able to execute this manifest (that's -# required for the each loop below). -# -# Thus execute this manifest in your vagrant box as follows: -# -# sudo puppet apply -t --parser future /vagrant/tests/params.pp -# -# - -include 'bind::params' - -$names = ['ensure', 'protocol', 'port', 'forwarders', 'allow_query', 'packagename', 'utils_packages', 'user', 'group', 'servicename', 'processname', 'hasstatus', 'hasrestart', 'chrootdir', 'configdir', 'configdir_mode', 'configfile', 'configfile_mode', 'configfile_owner', 'configfile_group', 'localconfigfile', 'optionsfile', 'initconfigfile', 'basedir', 'pidfile', 'logdir'] - -notice("bind::params::ensure = ${bind::params::ensure}") -notice("bind::params::protocol = ${bind::params::protocol}") -notice("bind::params::port = ${bind::params::port}") -notice("bind::params::forwarders = ${bind::params::forwarders}") -notice("bind::params::allow_query = ${bind::params::allow_query}") -notice("bind::params::packagename = ${bind::params::packagename}") -notice("bind::params::utils_packages = ${bind::params::utils_packages}") -notice("bind::params::user = ${bind::params::user}") -notice("bind::params::group = ${bind::params::group}") -notice("bind::params::servicename = ${bind::params::servicename}") -notice("bind::params::processname = ${bind::params::processname}") -notice("bind::params::hasstatus = ${bind::params::hasstatus}") -notice("bind::params::hasrestart = ${bind::params::hasrestart}") -notice("bind::params::chrootdir = ${bind::params::chrootdir}") -notice("bind::params::configdir = ${bind::params::configdir}") -notice("bind::params::configdir_mode = ${bind::params::configdir_mode}") -notice("bind::params::configfile = ${bind::params::configfile}") -notice("bind::params::configfile_mode = ${bind::params::configfile_mode}") -notice("bind::params::configfile_owner = ${bind::params::configfile_owner}") -notice("bind::params::configfile_group = ${bind::params::configfile_group}") -notice("bind::params::localconfigfile = ${bind::params::localconfigfile}") -notice("bind::params::optionsfile = ${bind::params::optionsfile}") -notice("bind::params::initconfigfile = ${bind::params::initconfigfile}") -notice("bind::params::basedir = ${bind::params::basedir}") -notice("bind::params::pidfile = ${bind::params::pidfile}") -notice("bind::params::logdir = ${bind::params::logdir}") - -#each($names) |$v| { -# $var = "bind::params::${v}" -# notice("${var} = ", inline_template('<%= scope.lookupvar(@var) %>')) -#} diff --git a/tests/vagrant/bootstrap.sh b/tests/vagrant/bootstrap.sh deleted file mode 100644 index 3e391b0..0000000 --- a/tests/vagrant/bootstrap.sh +++ /dev/null @@ -1,229 +0,0 @@ -#!/usr/bin/env bash -# Time-stamp: -########################################################################################### -# __ __ _ ____ _ _ -# \ \ / /_ _ __ _ _ __ __ _ _ __ | |_ | __ ) ___ ___ | |_ ___| |_ _ __ __ _ _ __ -# \ \ / / _` |/ _` | '__/ _` | '_ \| __| | _ \ / _ \ / _ \| __/ __| __| '__/ _` | '_ \ -# \ V / (_| | (_| | | | (_| | | | | |_ | |_) | (_) | (_) | |_\__ \ |_| | | (_| | |_) | -# \_/ \__,_|\__, |_| \__,_|_| |_|\__| |____/ \___/ \___/ \__|___/\__|_| \__,_| .__/ -# |___/ |_| -# Copyright (c) 2017 UL HPC Team -########################################################################################### -# ULHPC (prefered) way to see a Vagrant box configured. -# - -SETCOLOR_NORMAL=$(tput sgr0) -SETCOLOR_TITLE=$(tput setaf 6) -SETCOLOR_SUBTITLE=$(tput setaf 14) -SETCOLOR_RED=$(tput setaf 1) -SETCOLOR_BOLD=$(tput setaf 15) - -### Local variables -STARTDIR="$(pwd)" -SCRIPTFILENAME=$(basename $0) -SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" - -MOTD="/etc/motd" -DOTFILES_DIR='/etc/dotfiles.d' -DOTFILES_URL='https://github.com/ULHPC/dotfiles.git' -SUPPORT_MAIL='hpc-sysadmins@uni.lu' -EXTRA_PACKAGES= - -# List of default packages to install -COMMON_DEFAULT_PACKAGES="ruby wget figlet git screen bash-completion rsync vim" - -GEMS="librarian-puppet falkorlib" - -###### -# Print information in the following form: '[$2] $1' ($2=INFO if not submitted) -# usage: info text [title] -## -info () { - echo - echo "${SETCOLOR_BOLD}###${SETCOLOR_NORMAL} ${SETCOLOR_TITLE}${1}${SETCOLOR_NORMAL} ${SETCOLOR_BOLD}###${SETCOLOR_NORMAL}" -} -error() { - echo - echo "${SETCOLOR_RED}*** ERROR *** $*${SETCOLOR_NORMAL}" - exit 1 -} - -print_usage() { - cat </dev/null - - info "Installing default packages" - yum install -y epel-release - yum install -y ${COMMON_DEFAULT_PACKAGES} ruby-devel bind-utils ${EXTRA_PACKAGES} >/dev/null - - info "Uninstalling (eventually) existing Puppet installation" - yum erase -y puppet puppetlabs-release >/dev/null - - info "Adding repo for Puppet 4" - rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-pc1-el-$1.noarch.rpm - - sleep 1 - info "Installing Puppet and its dependencies" - yum install -y puppet-agent >/dev/null -} - -setup_apt() { - case $1 in - 3*) codename=cumulus ;; - 6) codename=squeeze ;; - 7) codename=wheezy ;; - 8) codename=jessie ;; - 9) codename=stretch ;; - 12.04) codename=precise ;; - 14.04) codename=trusty ;; - 16.04) codename=xenial ;; - *) echo "Release not supported" ;; - esac - - info "Adding repo for Puppet 4" - wget -q "http://apt.puppetlabs.com/puppetlabs-release-pc1-${codename}.deb" >/dev/null - dpkg -i "puppetlabs-release-pc1-${codename}.deb" >/dev/null - - info "Running apt-get update" - apt-get update >/dev/null 2>&1 - - info "Installing default packages" - apt-get install -y ${COMMON_DEFAULT_PACKAGES} git-core rubygems ${EXTRA_PACKAGES} >/dev/null - - info "Installing Puppet and its dependencies" - apt-get install puppet-agent -y >/dev/null - apt-get install apt-transport-https -y >/dev/null -} - -setup_linux() { - ARCH=$(uname -m | sed 's/x86_//;s/i[3-6]86/32/') - if [ -f /etc/redhat-release ]; then - OS=$(cat /etc/redhat-release | cut -d ' ' -f 1) - majver=$(cat /etc/redhat-release | sed 's/[A-Za-z]*//g' | sed 's/ //g' | cut -d '.' -f 1) - elif [ -f /etc/SuSE-release ]; then - OS=sles - majver=$(cat /etc/SuSE-release | grep VERSION | cut -d '=' -f 2 | tr -d '[:space:]') - elif [ -f /etc/os-release ]; then - . /etc/os-release - OS=$ID - majver=$VERSION_ID - elif [ -f /etc/debian_version ]; then - OS=Debian - majver=$(cat /etc/debian_version | cut -d '.' -f 1) - elif [ -f /etc/lsb-release ]; then - . /etc/lsb-release - OS=$DISTRIB_ID - majver=$DISTRIB_RELEASE - elif [ -f /etc/os-release ]; then - . /etc/os-release - OS=$ID - majver=$VERSION_ID - else - OS=$(uname -s) - majver=$(uname -r) - fi - distro=$(echo $OS | tr '[:upper:]' '[:lower:]') - info "Detected Linux distro: ${distro} version ${majver} on arch ${ARCH}" - case "$distro" in - debian|ubuntu) setup_apt $majver ;; - redhat|fedora|centos|scientific|amazon) setup_redhat $majver ;; - *) echo "Not supported distro: $distro"; exit 1;; - esac - -} - -setup_dotfiles () { - if [ ! -d "${DOTFILES_DIR}" ]; then - info "cloning ULHPC/dotfiles repository in '/etc/dotfiles.d" - git clone ${DOTFILES_URL} ${DOTFILES_DIR} - fi - # Correct __git_ps1 - local src_git_prompt="/usr/share/git-core/contrib/completion/git-prompt.sh" - local dst_git_prompt="/etc/profile.d/git-prompt.sh" - if [ -f "${src_git_prompt}" ]; then - info "installing git-prompt to define __git_ps1" - [ ! -e "${dst_git_prompt}" ] && ln -s ${src_git_prompt} ${dst_git_prompt} - fi - local dotfile_install_cmd="${DOTFILES_DIR}/install.sh --offline --force -d ${DOTFILES_DIR} --bash --screen" - if [ -d "${DOTFILES_DIR}" ]; then - info "installing dotfiles for 'root' user" - ${dotfile_install_cmd} - info "installing dotfiles for 'vagrant' user" - sudo -u vagrant ${dotfile_install_cmd} - fi -} - -setup_motd() { - local motd=/etc/motd - local has_figlet=$(which figlet 2>/dev/null) - info "setup ${motd}" - cat < ${motd} -================================================================================ - Welcome to the Vagrant box $(hostname) -================================================================================ -EOF - if [ -n "${has_figlet}" ]; then - cat <> ${motd} -$(${has_figlet} -w 80 -c "$(hostname -s)") -EOF - fi - cat <> ${motd} -================================================================================ - Hostname.... $(hostname -f) - OS.......... $(facter os.name) $(facter os.release.full) - Support..... ${SUPPORT_MAIL} - Docs........ Vagrant: http://docs.vagrantup.com/v2/ -================================================================================ -EOF -} - -setup_gems() { - sudo gem install --no-ri --no-rdoc ${GEMS} -} - -###################################################################################### -[ $UID -gt 0 ] && error "You must be root to execute this script (current uid: $UID)" - - -# Parse the command-line options -while [ $# -ge 1 ]; do - case $1 in - -h | --help) print_usage; exit 0;; - -V | --version) print_version; exit 0;; - -n | --name) shift; NAME=$1;; - -t | --title) shift; TITLE=$1;; - -st| --subtitle) shift; SUBTITLE=$1;; - -d | --desc) shift; DESC=$1;; - -s | --support) shift; SUPPORT_MAIL=$1;; - -x | --extras) shift; EXTRA_PACKAGES=$1;; - esac - shift -done - -# Let's go -case "$OSTYPE" in - linux*) setup_linux ;; - *) echo "unknown: $OSTYPE"; exit 1;; -esac - -[ -f /usr/bin/puppet ] || ln -s /opt/puppetlabs/puppet/bin/puppet /usr/bin/puppet -[ -f /usr/bin/facter ] || ln -s /opt/puppetlabs/puppet/bin/facter /usr/bin/facter - -setup_dotfiles -setup_motd -setup_gems diff --git a/tests/vagrant/config.yaml b/tests/vagrant/config.yaml deleted file mode 100644 index 665b392..0000000 --- a/tests/vagrant/config.yaml +++ /dev/null @@ -1,51 +0,0 @@ -# -*- mode: yaml; -*- -# Time-stamp: -################################################################################ -# Complementary configuration for Vagrant -# You can overwrite here the default settings defined in ../../Vagrantfile and -# define additional VMs (agents) to deploy upon vagrant up (in addition to the -# puppet master 'master') - -#___________________________________________ -# Complete / re-define the default boxes below -# Format: -# :: / # see https://vagrantcloud.com -# :boxes: -# :windows2012: 'opentable/win-2012r2-standard-amd64-nocm' -# :freebsd12: 'freebsd/FreeBSD-12.0-RELEASE' -# :centos7: 'centos/7', -# :debian8: 'debian/contrib-jessie64', -# :ubuntu14: 'ubuntu/trusty64' - -#_________________ -# Default settings -# :defaults: -# :os: :centos7 # Default OS from the above box definition -# :ram: 512 # Default RAM -# :vcpus: 1 # Default number of virtual CPUs -# :vbguest_auto_update: 1 # check/update box guest additions - -#____________________ -# Network settings -# :network: -# :domain: 'vagrant.dev' # network domain to use -# :range: '10.10.1.0/24' # IP range to use -# :ip_offset: 10 -# # client / VMs defined below will start on xx.xx.xx. - -#___________________________________________________________ -# VMs / Vagrant boxes to define apart from the puppet master -# Format: -# : -# :hostname: -# :desc: -# :os: -# :ram: -# :vcpus: -# :role: -# :roles: -# - -# - -# :vms: -# 'default': -# :os: :debian8 diff --git a/tests/vagrant/puppet_modules_setup.rb b/tests/vagrant/puppet_modules_setup.rb deleted file mode 100644 index ff4be0e..0000000 --- a/tests/vagrant/puppet_modules_setup.rb +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/env ruby -########################################################################## -# puppet_module_setup.rb -# @author Sebastien Varrette -# Time-stamp: -# -# @description Prepare the Vagrant box to test this Puppet module -# -# Copyright (c) 2014-2017 Sebastien Varrette -# . http://varrette.gforge.uni.lu -############################################################################## - -require 'json' -require 'yaml' -require 'falkorlib' - -include FalkorLib::Common - -# Load metadata -basedir = File.directory?('/vagrant') ? '/vagrant' : Dir.pwd -jsonfile = File.join( basedir, 'metadata.json') -puppetdir = '/etc/puppetlabs' - -error "Unable to find the metadata.json" unless File.exists?(jsonfile) - -metadata = JSON.parse( IO.read( jsonfile ) ) -name = metadata["name"].gsub(/^[^\/-]+[\/-]/,'') -modulepath=`puppet config print modulepath`.chomp -moduledir=modulepath.split(':').first - - -run %{ cd #{moduledir}/.. && librarian-puppet clean && rm Puppetfile* } -run %{ ln -s /vagrant/metadata.json #{moduledir}/../ } -run %{ cd #{moduledir}/.. && librarian-puppet install --verbose } - - -# metadata["dependencies"].each do |dep| -# lib = dep["name"] -# shortname = lib.gsub(/^.*[\/-]/,'') -# action = File.directory?("#{moduledir}/#{shortname}") ? 'upgrade --force' : 'install' -# run %{ puppet module #{action} #{lib} } -# end - -puts "Module path: #{modulepath}" -puts "Moduledir: #{moduledir}" - -info "set symlink to the '#{basedir}' module for local developments" -run %{ ln -s #{basedir} #{moduledir}/#{name} } unless File.exists?("#{moduledir}/#{name}") - -# Use of 'hiera.yaml' version 3 is deprecated. It should be converted to version 5 -hiera = '/etc/puppetlabs/puppet/hiera.yaml' - - - - -# Prepare hiera -# unless File.exists?('/etc/puppet/hiera.yaml') -# run %{ ln -s /etc/hiera.yaml /etc/puppet/hiera.yaml } if File.exists?("/etc/hiera.yaml") -# end -# # # hieracfg = YAML::load_file('/etc/hiera.yaml') -# # # [ '/vagrant/tests/hiera' ].each do |d| -# # # hieracfg[:datadir] = [] if hieracfg[:datadir].nil? -# # # hieracfg[:datadir] << d #if File.directory?('#{d}') -# # # end -# # # hieracfg[:hierarchy] = [] if hieracfg[:hierarchy].nil? -# # # hieracfg[:hierarchy] << 'common' unless hieracfg[:hierarchy].include?('common') -# hieracfg = { -# :backends => [ 'yaml' ], -# :hierarchy => [ 'defaults', 'common' ], -# :yaml => { -# :datadir => '/vagrant/tests/hiera', -# } -# } -# FalkorLib::Common.store_config('/etc/hiera.yaml', hieracfg, {:no_interaction => true})