Andrew Bogott has uploaded a new change for review.
https://gerrit.wikimedia.org/r/190948
Change subject: On debian, ensure that idmapd is running on labs instances.
......................................................................
On debian, ensure that idmapd is running on labs instances.
(This is weirdly scattered in two places, begging for a refactor
of the base labs config.)
Bug T87309
Change-Id: Ia643948c738d0dd333674de6f047c9ab5e47654c
---
M manifests/role/labs.pp
A modules/base/files/labs/nfs-common.default
M modules/base/manifests/init.pp
3 files changed, 40 insertions(+), 3 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/48/190948/1
diff --git a/manifests/role/labs.pp b/manifests/role/labs.pp
index fae0d4b..37d3a70 100644
--- a/manifests/role/labs.pp
+++ b/manifests/role/labs.pp
@@ -120,9 +120,16 @@
notify => Service['ssh'],
}
- service { 'idmapd':
- ensure => running,
- subscribe => File['/etc/idmapd.conf'],
+ if os_version('debian >= jessie') {
+ service { 'nfs-common':
+ ensure => running,
+ subscribe => File['/etc/idmapd.conf'],
+ }
+ } else {
+ service { 'idmapd':
+ ensure => running,
+ subscribe => File['/etc/idmapd.conf'],
+ }
}
file { '/etc/idmapd.conf':
diff --git a/modules/base/files/labs/nfs-common.default
b/modules/base/files/labs/nfs-common.default
new file mode 100644
index 0000000..6887dba
--- /dev/null
+++ b/modules/base/files/labs/nfs-common.default
@@ -0,0 +1,19 @@
+# If you do not set values for the NEED_ options, they will be attempted
+# autodetected; this should be sufficient for most people. Valid alternatives
+# for the NEED_ options are "yes" and "no".
+
+# Do you want to start the statd daemon? It is not needed for NFSv4.
+NEED_STATD=
+
+# Options for rpc.statd.
+# Should rpc.statd listen on a specific port? This is especially useful
+# when you have a port-based firewall. To use a fixed port, set this
+# this variable to a statd argument like: "--port 4000 --outgoing-port 4001".
+# For more information, see rpc.statd(8) or
http://wiki.debian.org/SecuringNFS
+STATDOPTS=
+
+# Do you want to start the idmapd daemon? It is only needed for NFSv4.
+NEED_IDMAPD=yes
+
+# Do you want to start the gssd daemon? It is required for Kerberos mounts.
+NEED_GSSD=
diff --git a/modules/base/manifests/init.pp b/modules/base/manifests/init.pp
index a204d41..9e0de14 100644
--- a/modules/base/manifests/init.pp
+++ b/modules/base/manifests/init.pp
@@ -42,6 +42,17 @@
mode => '0444',
source => 'puppet:///modules/base/labs-acct.default',
}
+
+ if os_version('debian >= jessie') {
+ # Turn on idmapd by default
+ file { '/etc/default/nfs-common':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ source => 'puppet:///modules/base/labs/nfs-common.default',
+ }
+ }
} else {
$certname = undef
}
--
To view, visit https://gerrit.wikimedia.org/r/190948
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia643948c738d0dd333674de6f047c9ab5e47654c
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
