1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
| class hg_punch::library {
firewall {'101 puppet library access':
proto => 'tcp',
dport => '80',
action => 'accept',
}
package { 'git':
ensure => present,
}
vcsrepo { "puppet-library":
path => '/var/www/puppet-library/',
ensure => present,
owner => 'root',
group => 'root',
provider => git,
source => 'https://github.com/Moliholy/puppet-library.git',
revision => 'master',
require => Package['git'],
}
package { 'nfs-utils':
ensure => present,
}
package { 'bundler':
ensure => present,
provider => gem,
}
package { [ "ruby", "ruby-devel", "gcc", "make" ]:
ensure => present,
}
exec { 'bundler update':
command => "bundler update && bundler",
cwd => '/var/www/puppet-library',
path => ["/usr/bin", "/bin", "/usr/sbin"],
require => [ Package['ruby'], Package['ruby-devel'],
Package['gcc'], Package['make'],
Package['bundler'], Vcsrepo['puppet-library'] ]
}
package { 'mod_passenger':
ensure => present,
}
file { "/etc/httpd/conf.d/puppetlibrary.conf":
owner => root,
group => root,
mode => 0644,
content => template('hg_punch/puppetlibrary.conf.erb'),
require => Package['mod_passenger'],
selinux_ignore_defaults => true,
}
file { "/var/www/puppet-library/config.ru":
owner => root,
group => root,
mode => 0644,
content => template('hg_punch/config.ru.erb'),
require => Vcsrepo['puppet-library'],
}
file { [ '/var/www/puppet-library/public', '/var/www/puppet-library/tmp' ]:
ensure => directory,
owner => root,
group => root,
mode => 755,
require => Vcsrepo['puppet-library'],
}
# Disable SELinux
package { "augeas":
ensure => present,
}
augeas {'disable_selinux':
context => '/files/etc/sysconfig/selinux',
changes => 'set SELINUX disabled',
lens => 'shellvars.lns',
incl => '/etc/sysconfig/selinux'
} ~>
exec {'sudo disable_selinux':
command => '/bin/echo 0 > /selinux/enforce',
refreshonly => true,
}
service { "httpd":
enable => true,
ensure => running,
hasrestart => true,
require => [ Exec['bundler update'],
File['/etc/httpd/conf.d/puppetlibrary.conf'],
File['/var/www/puppet-library/public'],
File['/var/www/puppet-library/tmp'],
Vcsrepo['puppet-library'],
Package['mod_passenger'] ],
}
}
|