Various modifications.
[chaosvm.git] / modules / common / manifests / init.pp
1 class common {
2
3   # define admin contact mail address
4   
5   # aschiermeier@asl:~$ sudo cat /home/apt-dater/.ssh/authorized_keys
6   # ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp+P0huFZ8h5GjZhtN2ZzM78pc30u2ZVrbmjLoGq9vYXBk2/jCIEWqg+L63EWg2EZcDsbxuKaf4/CYYnB213FYjhlhi8kvt/Gt3GTOxpf1/vEx+VZWpafeTDiTlKzqDHuFMHe+pEMe/OwIuK561ubttUAk6raixgkjxk0WYQX8HWLrO+jyyXstPmqs6lvQ7TYQajC8HmHb5vQWWSNWdcoeybMY+iD7H6e+4oAINs3yVMJN7Lfso7CySN1eYlFfsKExWJ59U1CrUbOgGfz5K6ommtSUqtxl+DOfmXVO40lpQ8iuTZ3YFZPuVunkw5Ce185DfZhKCSQqr+k+gKy2UFnVw== noc.cash-zone.de
7   # aschiermeier@asl:~$ sudo cat /root/.ssh/authorized_keys
8   # no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from="5.231.239.2,::ffff:5.231.239.2" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAygsqWq5lKygdAqO+GZGRB3t2P5FeQO8a3FZHKCOTpiI8CTycDZpiQnc6a/IsTHP4YvqhX9Swofu9jFDlVQXAExvuKmOlg5HZWAlCPxwMRarwN4QJvOowx+zoK0GVh3X/uNzMwKaNtk4GWek64KaLNx3TmO/UNBJhz9MxsUYvzCTTwi7361Nytko3v9BoJOGYLBYwbnseHsu3oLOYThL+KK8gNFuEMuCTIYK5wipbMbtIcCAIlnNrZTFJz0/6fbEj2A59oCeV98JWWYjmoIDqGTR5RflkuTS1LQnd/NlD+vCJdzf81hIBCbYXsy7+wc1bWj9SJuc2Lt91Qaf1DbT9Lw== backuppc@backup01
9   
10 # apt-dater ALL=NOPASSWD: /usr/bin/apt-get
11
12   $packages = [ 'git-core',
13                 'puppet',
14                 'sudo',
15                 'screen',
16                 'rsync',
17                 'vim',
18                 'lsof',
19                 'pv',
20                 'tcpdump',
21                ]
22   
23   package { $packages:
24     ensure => installed,
25   }
26   
27   package { 'sudo':
28     ensure => installed,
29   }
30   
31   augeas { 'enable NOPASSWD for %sudo':
32     context => '/files/etc/sudoers/spec[2]/host_group/command/',
33     changes => [ 'set tag NOPASSWD' ],
34   }
35   
36   # Zeitabgleich
37   package { 'chrony':
38     ensure => installed,
39   }
40   
41   service { 'chrony':
42     ensure => running,
43     enable => true,
44     hasstatus  => false,
45     hasrestart => true,
46   }
47
48   # E-Mail via Smart Host
49   package { 'nullmailer':
50     ensure => installed,
51   }
52   
53   file { '/etc/nullmailer/adminaddr':
54     ensure => present,
55     content => "infra@ccc-ffm.de\n",
56     require => Package['nullmailer'],
57     notify => Service['nullmailer'],
58   }
59
60   file { '/etc/nullmailer/defaultdomain':
61     ensure => present,
62     content => "ccc-ffm.de\n",
63     require => Package['nullmailer'],
64     notify => Service['nullmailer'],
65   }
66
67   file { '/etc/nullmailer/remotes':
68     ensure => present,
69     content => "mx01.ccc-ffm.de\n",
70     require => Package['nullmailer'],
71     notify => Service['nullmailer'],
72   }
73
74   service { 'nullmailer':
75     ensure => running,
76     enable => true,
77     hasstatus  => true,
78     hasrestart => true,
79   }
80
81   # Software Updates
82   package { 'apt-dater':
83     ensure => installed,
84   }
85   
86   file { '/etc/sudoers.d/apt-dater-host':
87     ensure => present,
88     content => "# apt-dater may run aptitude as root\napt-dater ALL=NOPASSWD: /usr/bin/apt-get\n",
89     require => [ Package['nullmailer'], Package['sudo'] ],
90   }
91   
92   user { 'apt-dater':
93     ensure => $ensure,
94     comment => $comment,
95     gid => 'nogroup',
96     membership => inclusive,
97     home => "/home/apt-dater",
98     managehome => true,
99     shell => '/bin/bash',
100     system => true,
101     require => Package['nullmailer'],
102   }
103   
104   ssh_authorized_key { 'apt-dater noc.cash-zone.de':
105     ensure => present,
106     user => 'apt-dater',
107     type => 'ssh-rsa',
108     key => 'AAAAB3NzaC1yc2EAAAABIwAAAQEAp+P0huFZ8h5GjZhtN2ZzM78pc30u2ZVrbmjLoGq9vYXBk2/jCIEWqg+L63EWg2EZcDsbxuKaf4/CYYnB213FYjhlhi8kvt/Gt3GTOxpf1/vEx+VZWpafeTDiTlKzqDHuFMHe+pEMe/OwIuK561ubttUAk6raixgkjxk0WYQX8HWLrO+jyyXstPmqs6lvQ7TYQajC8HmHb5vQWWSNWdcoeybMY+iD7H6e+4oAINs3yVMJN7Lfso7CySN1eYlFfsKExWJ59U1CrUbOgGfz5K6ommtSUqtxl+DOfmXVO40lpQ8iuTZ3YFZPuVunkw5Ce185DfZhKCSQqr+k+gKy2UFnVw==',
109   }
110   
111   ssh_authorized_key { 'backuppc systemgemisch':
112     ensure => present,
113     user => 'root',
114     type => 'ssh-rsa',
115     options => [ 'no-port-forwarding',
116                  'no-X11-forwarding',
117                  'no-agent-forwarding',
118                  'from="5.231.239.2,::ffff:5.231.239.2"'
119                ],
120     key => 'AAAAB3NzaC1yc2EAAAABIwAAAQEAygsqWq5lKygdAqO+GZGRB3t2P5FeQO8a3FZHKCOTpiI8CTycDZpiQnc6a/IsTHP4YvqhX9Swofu9jFDlVQXAExvuKmOlg5HZWAlCPxwMRarwN4QJvOowx+zoK0GVh3X/uNzMwKaNtk4GWek64KaLNx3TmO/UNBJhz9MxsUYvzCTTwi7361Nytko3v9BoJOGYLBYwbnseHsu3oLOYThL+KK8gNFuEMuCTIYK5wipbMbtIcCAIlnNrZTFJz0/6fbEj2A59oCeV98JWWYjmoIDqGTR5RflkuTS1LQnd/NlD+vCJdzf81hIBCbYXsy7+wc1bWj9SJuc2Lt91Qaf1DbT9Lw==',
121   }
122   
123 #   user { 'install':
124 #     ensure => absent,
125 #   }
126
127 #   group { 'install':
128 #     ensure => absent,
129 #   }
130   
131   include common::users
132   
133 }