Re: [Puppet Users] New Resource Type for bareos
Hi Thomas,
I got a hiera group of linux boxes. All of these should have the bareos
client and should backup a standard fileset for instance /var/log.
Okay, the backup client array on the master module would work, but if you
forget to add a backup client you got no backup. Now I'm dreaming from a
implementation through puppetdb like the nagios resource types.
Or a solution that all backup clients automaticly register at the server.
>From my point of view the automic configuration is preferable, because a
missing backup can have the same impact as missing monitoring.
May there are better solutions to handle it without puppetdb, I'm not sure.
Regards,
Björn
Am Dienstag, 26. Januar 2016 16:48:52 UTC+1 schrieb thbe:
>
> Hi Björn,
>
> depends on how you would like to implement the fully automatic
> configuration. I do this on the server side because backup is nothing that
> apply out of the box after provisioning to the client and server. Under
> normal circumstances I would like to add a client only to the backup if
> really needed. Therefore I used an array in my module to specify the client:
>
> https://github.com/thbe/puppet-bareos
>
> The module is still v0.1.0, so it’s not yet feature complete and not
> released on the forge but works the way I need it. I think I’ll release it
> on the forge sometime in Q1/2016 when missing features are implemented.
>
> Regards Thomas
>
> Am 21.01.2016 um 15:23 schrieb Björn <in...@bb-it.biz >:
>
> Hello,
>
> I try to make the bareos puppet module ready for puppetdb and fully
> automatic configuration.
>
> When I understand correctly, I'll need a resource type to export it and
> bring the client configuration on the bareos server finally.
>
> $ cat bareos/lib/puppet/type/bareos_client.rb
> Puppet::Type.newtype(:bareos_client) do
> desc 'TEST'
> ensurable
> newparam(:name, :isnamevar => true) do
> desc "The name of the client."
> end
> end
>
> $ tail bareos/manifests/client.pp
> mode=> '0644',
> owner => 'bareos',
> group => 'bareos',
> }
>
> @@bareos_client{ $::hostname:
> }
>
> Bareos_client <<| |>>
> }
>
> I get this error when I make a puppet run on the client:
> Error: /Stage[main]/Bareos::Client/Bareos_client[PC3256CO]: Could not
> evaluate: No ability to determine if bareos_client exists
> /usr/lib/ruby/site_ruby/1.8/puppet/property/ensure.rb:85:in `retrieve'
> /usr/lib/ruby/site_ruby/1.8/puppet/type.rb:1048:in `retrieve'
> /usr/lib/ruby/site_ruby/1.8/puppet/type.rb:1076:in `retrieve_resource'
> /usr/lib/ruby/site_ruby/1.8/puppet/transaction/resource_harness.rb:236:in
> `from_resource'
> /usr/lib/ruby/site_ruby/1.8/puppet/transaction/resource_harness.rb:19:in `
> evaluate'
> /usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:204:in `apply'
> /usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:217:in `eval_resource'
> /usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:147:in `call'
> /usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:147:in `evaluate'
> /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:335:in `thinmark'
> /usr/lib/ruby/1.8/benchmark.rb:308:in `realtime'
> /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:334:in `thinmark'
> /usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:147:in `evaluate'
> /usr/lib/ruby/site_ruby/1.8/puppet/graph/relationship_graph.rb:118:in `
> traverse'
> /usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:138:in `evaluate'
> /usr/lib/ruby/site_ruby/1.8/puppet/resource/catalog.rb:169:in `apply'
> /usr/lib/ruby/site_ruby/1.8/puppet/util/log.rb:149:in `with_destination'
> /usr/lib/ruby/site_ruby/1.8/puppet/transaction/report.rb:112:in
> `as_logging_destination'
> /usr/lib/ruby/site_ruby/1.8/puppet/resource/catalog.rb:168:in `apply'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:120:in `apply_catalog'
> /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:161:in `benchmark'
> /usr/lib/ruby/1.8/benchmark.rb:308:in `realtime'
> /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:160:in `benchmark'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:119:in `apply_catalog'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:227:in `run_internal'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:134:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/context.rb:64:in `override'
> /usr/lib/ruby/site_ruby/1.8/puppet.rb:246:in `override'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:133:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:47:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent/locker.rb:20:in `lock'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:47:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:117:in `with_client'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:44:in `run'
>
[Puppet Users] New Resource Type for bareos
Hello,
I try to make the bareos puppet module ready for puppetdb and fully
automatic configuration.
When I understand correctly, I'll need a resource type to export it and
bring the client configuration on the bareos server finally.
$ cat bareos/lib/puppet/type/bareos_client.rb
Puppet::Type.newtype(:bareos_client) do
desc 'TEST'
ensurable
newparam(:name, :isnamevar => true) do
desc "The name of the client."
end
end
$ tail bareos/manifests/client.pp
mode=> '0644',
owner => 'bareos',
group => 'bareos',
}
@@bareos_client{ $::hostname:
}
Bareos_client <<| |>>
}
I get this error when I make a puppet run on the client:
Error: /Stage[main]/Bareos::Client/Bareos_client[PC3256CO]: Could not
evaluate: No ability to determine if bareos_client exists
/usr/lib/ruby/site_ruby/1.8/puppet/property/ensure.rb:85:in `retrieve'
/usr/lib/ruby/site_ruby/1.8/puppet/type.rb:1048:in `retrieve'
/usr/lib/ruby/site_ruby/1.8/puppet/type.rb:1076:in `retrieve_resource'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction/resource_harness.rb:236:in
`from_resource'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction/resource_harness.rb:19:in `
evaluate'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:204:in `apply'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:217:in `eval_resource'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:147:in `call'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:147:in `evaluate'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:335:in `thinmark'
/usr/lib/ruby/1.8/benchmark.rb:308:in `realtime'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:334:in `thinmark'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:147:in `evaluate'
/usr/lib/ruby/site_ruby/1.8/puppet/graph/relationship_graph.rb:118:in `
traverse'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:138:in `evaluate'
/usr/lib/ruby/site_ruby/1.8/puppet/resource/catalog.rb:169:in `apply'
/usr/lib/ruby/site_ruby/1.8/puppet/util/log.rb:149:in `with_destination'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction/report.rb:112:in
`as_logging_destination'
/usr/lib/ruby/site_ruby/1.8/puppet/resource/catalog.rb:168:in `apply'
/usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:120:in `apply_catalog'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:161:in `benchmark'
/usr/lib/ruby/1.8/benchmark.rb:308:in `realtime'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:160:in `benchmark'
/usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:119:in `apply_catalog'
/usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:227:in `run_internal'
/usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:134:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/context.rb:64:in `override'
/usr/lib/ruby/site_ruby/1.8/puppet.rb:246:in `override'
/usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:133:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:47:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/agent/locker.rb:20:in `lock'
/usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:47:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:117:in `with_client'
/usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:44:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:82:in `run_in_fork'
/usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:43:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:179:in `call'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:179:in `controlled_run'
/usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:41:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:361:in `onetime'
/usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:327:in `run_command'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:381:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:507:in `plugin_hook'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:381:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:496:in `exit_on_fail'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:381:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:146:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:92:in `execute'
/usr/bin/puppet:8
Thanks in advance.
Regards,
Björn
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/11c87300-bd37-4e99-8f19-cb3b28212d6e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Puppet AIX duplicated loading of facts
Hello, I try to start with puppet under AIX and it themes that the facts are loading twice. puppet agent -t info: Retrieving plugin info: Loading facts in concat_basedir info: Loading facts in environment info: Loading facts in es_facts warning: Could not load fact file /opt/puppet/var/lib/facter/es_facts.rb: no such file to load -- json info: Loading facts in esx_version info: Loading facts in facter_dot_d info: Loading facts in last_run info: Loading facts in main_user info: Loading facts in os_maj_version info: Loading facts in pe_version info: Loading facts in printers info: Loading facts in puppet_vardir info: Loading facts in puppi_projects info: Loading facts in redis_version info: Loading facts in root_home info: Loading facts in system_role_type info: Loading facts in vmwaretools_version info: Loading facts in windows_common_appdata info: Loading facts in concat_basedir info: Loading facts in environment info: Loading facts in es_facts warning: Could not load fact file /opt/puppet/var/lib/facter/es_facts.rb: no such file to load -- json info: Loading facts in esx_version info: Loading facts in facter_dot_d info: Loading facts in last_run info: Loading facts in main_user info: Loading facts in os_maj_version info: Loading facts in pe_version info: Loading facts in printers info: Loading facts in puppet_vardir info: Loading facts in puppi_projects info: Loading facts in redis_version info: Loading facts in root_home info: Loading facts in system_role_type info: Loading facts in vmwaretools_version info: Loading facts in windows_common_appdata info: Caching catalog for server info: Applying configuration version '1449830416' notice: Finished catalog run in 2.12 seconds -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/00a02a45-f16e-4db8-a885-b838626692f4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] How can I trace "comparison of String with Array failed" error to actual values?
So I have to check every file in every module for variables and transform them to an array? :( Am Donnerstag, 30. Juli 2015 23:28:49 UTC+2 schrieb Stephan: > > IIRC I fixed this by consequently making all variables involved > arrays, even if they just had one member. > > On 30/07/2015, Björn <in...@bb-it.biz > wrote: > > Am Mittwoch, 10. September 2014 23:00:42 UTC+2 schrieb Felix.Frank: > >> > >> On 09/10/2014 12:46 PM, Stephan wrote: > >> > > >> > The other weird thing is I see this error only on AIX. On Linux it > >> > does exactly what I expect it to do. I'm using puppet 3.6.2 > >> > >> Can you perhaps try another (older) Ruby version on AIX? > >> > >> It's still weird, but this might narrow down the possible causes. > >> > > > > I got the same issue with puppet 4 against a centos machine and I don't > > know ho to determine the failing module. > > > > Debug: /Stage[main]/Sysupdates::Yum/File_line[set proxy for yum]: Adding > > autorequire relationship with File[yum.conf] > > Debug: /Stage[main]/Sysupdates::Yum/File_line[disable http caching for > yum]: > > > > Adding autorequire relationship with File[yum.conf] > > Debug: /Stage[main]/Yum/File[yum.conf]: Adding autorequire relationship > with > > > > User[root] > > Debug: /Stage[main]/Ntp/File[ntp.conf]: Adding autorequire relationship > with > > > > User[root] > > Debug: /Stage[main]/Rsyslog/File[/etc/rsyslog.d/ims.conf]: Adding > > autorequire relationship with User[root] > > Debug: /Stage[main]/Puppet_agent/File[/etc/default/puppet]: Adding > > autorequire relationship with User[root] > > Debug: /Stage[main]/Puppet_agent/File[/etc/puppet/puppet.conf]: Adding > > autorequire relationship with File[/etc/puppet] > > Debug: /Stage[main]/Puppet_agent/File[/etc/puppet/puppet.conf]: Adding > > autorequire relationship with User[root] > > Debug: /Stage[main]/Puppet_agent/File[/usr/local/bin/start_puppet]: > Adding > > autorequire relationship with User[root] > > Debug: /Stage[main]/Puppet_agent/Cron[start puppet if not started]: > Adding > > autorequire relationship with User[root] > > Debug: /Stage[main]/Puppet_agent/Cron[clean clientbucket]: Adding > > autorequire relationship with User[root] > > Debug: Storing state > > Debug: Stored state in 0.03 seconds > > Error: Failed to apply catalog: comparison of Array with String failed > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property/list.rb:38:in > > `sort' > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property/list.rb:38:in ` > > dearrayify' > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property/list.rb:48:in > > `should' > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/user.rb:401:in > > `block > > (2 levels) in ' > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type.rb:2053:in ` > > instance_eval' > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type.rb:2053:in > `block > > in autorelation' > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type.rb:1992:in > `block > > in eachautorequire' > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type.rb:1991:in > `each' > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type.rb:1991:in > > `eachautorequire' > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type.rb:2048:in > > `autorelation' > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type.rb:2078:in ` > > autorequire' > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:169:in > > > > > > `block (2 levels) in build_autorelation_dependencies' > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph. > > > rb:168:in `each' > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:168:in > > > > > > `block in build_autorelation_dependencies' > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:167:in > > > > > > `each' > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph. > > > rb:167:in `build_autorelation_dependencies' > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:25:in > > > > > > `populate_from' > > > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:202:in > > > >
Re: [Puppet Users] String substituion in puppet template
Okay, I got it now.
% if @ip_xforward != '' %
% if ip_xforward.is_a? Array -%
% ip_xforward.map do |value| -%
%= \t\tSetEnvIf
X-Forwarded-For ^( + value.gsub('.', '\.') + .*) AllowIP\n -%
% end -%
% else %
%= SetEnvIF X-Forwarded-For
^(#{ip_xforward}) AllowIP -%
% end -%
% end -%
So a array of ip address in the manifests results in
SetEnvIf X-Forwarded-For ^(13\.74\.8\.23.*) AllowIP
SetEnvIf X-Forwarded-For ^(5\.63\.23\.53.*) AllowIP
Thanks!
Regards,
Björn
Am Freitag, 22. Mai 2015 14:21:26 UTC+2 schrieb Henrik Lindberg:
On 2015-22-05 11:08, Gabriel Filion wrote:
On 20/05/15 09:04 AM, Björn wrote:
I tried it with regsubst, but without success:
|
%ip_xforward.each do|name|-%%=\t\tSetEnvIF X-Forwarded-For
^(regsubst(#{name}, '\.','\\.')) AllowIP\n%%end-%
|
maybe you need to call the function outside of the string. e.g.:
%= \t\tSetEnvIf X-Forwarded-For ^( + regsubst(name, '\.','\\.') + )
AllowIP\n%
Note that the each method returns the original LHS not the string. Also,
the substitution inside the string is not code that gets evaluation, you
need to interpolate it using #{} around the expression, or do a concat.
If you want to transform each, you should use the map function instead
of each - then the result is an array of each value returned from the
block.
Regards
- henrik
--
Visit my Blog Puppet on the Edge
http://puppet-on-the-edge.blogspot.se/
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/b32aa9ae-79a6-4480-9033-2ddcb981df63%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Changed at and Changed from in file header
Hello, is there any possibility to realize that? ## # # Managed by Puppet # # Author: %= @author % # Changed at: %= DateTime.now % # Module: %= @name % # Document: Unfortunately, of course puppet change the datetime every puppet run. I also like to figure out who change the file in the svn on the puppet master. Is there a way to save this information on the puppetmaster and write it on the client in a file. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/61497a75-9c26-4160-9946-bc586b01ccfc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] String substituion in puppet template
Am Freitag, 22. Mai 2015 11:09:15 UTC+2 schrieb Gabriel Filion:
On 20/05/15 09:04 AM, Björn wrote:
I tried it with regsubst, but without success:
|
%ip_xforward.each do|name|-%%=\t\tSetEnvIF X-Forwarded-For
^(regsubst(#{name}, '\.','\\.')) AllowIP\n%%end-%
|
maybe you need to call the function outside of the string. e.g.:
%= \t\tSetEnvIf X-Forwarded-For ^( + regsubst(name, '\.','\\.') + )
AllowIP\n%
--
Gabriel Filion
Probably. But somehow the puppet agent can't find the value for regsubst
% ip_xforward.each do |name| -%
%= \t\tSetEnvIf
X-Forwarded-For ^( + regsubst(#{name}, 'foo','bar') + ) AllowIP\n %
% end -%
Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
Failed to parse template apache/vhost-default.conf.erb:
Filepath: /usr/lib/ruby/site_ruby/1.8/puppet/parser/templatewrapper.rb
Line: 81
Detail: Could not find value for 'regsubst' at /etc/puppet/modules/apache/
templates/vhost-default.conf.erb:68
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/55b63a29-3e24-410a-9646-760e016e1007%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] String substituion in puppet template
Hello,
I try to customize my http vhost template and defined and array of ip
addresses in the manifests:
class apache::webservice(
$htdocs = $apache::param::htdocs,
$apacheuser = $apache::param::apacheuser,
$apachegroup = $apache::param::apachegroup,
$logdir = $apache::param::logdir,
) inherits apache::param{
$sitename = service.de
file{$logdir/$sitename:
ensure = directory,
}
apache::vhost {app $name:
template= 'apache/vhost-proxypass.conf.erb',
port= 80,
servername = $sitename,
modsec = ,
pptarget= 10.18.10.10,
ppproto = http,
ppport = 8080,
ppoptions = ,
ppexception = ,
logformat = combined_forwarded,
rewrite = webservice,
ip = [10.18.10.],
ip_xforward = [75.2.91.24, 94.5.52.252, ],
}
}
In my template I try to use the array ip_xforward to put those ip adresses
in a variable and allow them:
% if @rewrite != '' @ip != '' || @ip_xforward != '' %
Location /%= @rewrite %
% if @ip_xforward != '' %
% if ip.is_a? Array -%
% ip_xforward.each do |name| -%%=
\t\tSetEnvIF
X-Forwarded-For ^(#{name}) AllowIP\n %% end -%
% elsif @ip_xforward != '' -%
%= SetEnvIF X-Forwarded-For
^(#{ip_xforward}) AllowIP -%
% end -%
% end -%
Order deny,allow
Deny from all
Allow from env=AllowIP
% if @ip != '' %
% if ip.is_a? Array -%
% ip.each do |name| -%%= Allow from
#{name}\n %% end -%
% elsif @ip != '' -%
%= Allow from #{ip} -%
% end -%
% end -%
/Location
% end %
My problem is that I have to escape the dot's in the ip address because
it's a regex.
It should look like
SetEnvIF X-Forwarded-For ^(94\.20\.18\.9) AllowIP
But actually it look like this:
SetEnvIF X-Forwarded-For ^(94.20.18.9) AllowIP
I tried it with regsubst, but without success:
% ip_xforward.each do |name| -%%= \t\tSetEnvIF X-Forwarded-For
^(regsubst(#{name}, '\.','\\.')) AllowIP\n %% end -%
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/ba298552-d752-4db5-930a-7aa2515ffc39%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: ensure tomcat - duplicated definition
Unfortunataly I'm not able to establish the dependency:
define ensure_tomcats($tc_name, $tc_path, $version) {
include tomcat::download
download_tomcat{tomcat $version: version = $version;}
file{$tc_path:
ensure = present,
owner = $tc_name,
group = app,
recurse = true,
require = Exec[$tc_name install],
}
exec{$tc_name extract apache-tomcat-$version:
command = /bin/tar xfz
/usr/local/src/apache-tomcat-$version.tar.gz,
cwd = /usr/local/src,
creates = /usr/local/src/apache-tomcat-$version,
user= root,
require = File[download apache-tomcat-$version],
}
}
class tomcat{
class download {
define download_tomcat($version) {
file{download apache-tomcat-$version:
path = /usr/local/src/apache-tomcat-$version.tar.gz,
ensure = present,
owner = root,
group = app,
mode = 0755,
source = puppet:///modules/tomcat/apache-tomcat-$version.tar.gz,
}
}
}
file{'/app/para':
ensure = directory,
owner = root,
group = app,
mode= 0775,
recurse = true,
}
}
With this class puppet can't find the resource_type download_tomcat.
Am Donnerstag, 24. April 2014 09:51:13 UTC+2 schrieb William Leese:
Wouldn't it be easier to turn:
file{download apache-tomcat-$version ...}
into an Exec (curl/wget) with an unless parameter?
or more like your original design, but limited: turn define download
into a class that installs only a single version (maybe a separate class
per major version, and just pull in the latest minor of that major release)
and use the include in your defines to avoid dupl resource errors.
On Thursday, April 24, 2014 2:43:24 AM UTC+9, Björn Becker wrote:
Hello,
I fight with a tomcat module and try to ensure several tomcat instances:
node XY{
include tomcat
ensure_tomcats{
tomcat1:
tc_name = tomcat1,
tc_path = /app/tomcat1/tomcat,
version = 7.0.53;
tomcat2:
tc_name = tomcat2,
tc_path = /app/tomcat2/tomcat,
version = 7.0.53;
}
I guess that my module isn't best practice:
#cat tomcat/manifests/init.pp
define download($version=){
file{download apache-tomcat-$version:
path = /usr/local/src/apache-tomcat-$version.tar.gz,
ensure = present,
owner = $tc_name,
group = app,
mode = 0755,
source = puppet:///modules/tomcat/apache-tomcat-$version.tar.gz,
}
}
define ensure_tomcats($tc_name, $tc_path, $version) {
download{receive $tc_name $version:
version = $version,
}
file{$tc_path:
ensure = present,
owner = $tc_name,
group = app,
recurse = true,
require = Exec[$tc_name install],
}
exec{$tc_name extract apache-tomcat-$version:
command = /bin/tar xfz
/usr/local/src/apache-tomcat-$version.tar.gz,
cwd = /usr/local/src,
creates = /usr/local/src/apache-tomcat-$version,
user= root,
require = File[download apache-tomcat-$version],
}
exec{$tc_name install:
command = /bin/cp -r /usr/local/src/apache-tomcat-$version
$tc_path,
cwd = /usr/local/src,
creates = $tc_path,
user= root,
require = [ Exec[$tc_name extract apache-tomcat-$version], ],
}
file{$tc_path/webapps/examples:
ensure = absent,
force = true,
require = Exec[$tc_name install],
}
file{$tc_path/webapps/docs:
ensure = absent,
force = true,
require = Exec[$tc_name install],
}
file{/app/para/$tc_name.para:
ensure = present,
owner = root,
group = app,
mode = 0644,
source = [ puppet:///modules/tomcat/$tc_name.para.$::hostname,
puppet:///modules/tomcat/$tc_name.para ],
}
user{$tc_name:
ensure = present,
home = $tc_path,
managehome = true,
groups = app,
}
file{tomcat-users $tc_name:
ensure = file,
path = ${tc_path}/conf/tomcat-users.xml,
owner = $tc_name,
group = app,
source = [
puppet:///modules/tomcat/$::hostname.tomcat-users.xml,
puppet:///modules/tomcat/tomcat-users.xml,
],
require = Exec[$tc_name install],
}
file{server.xml $tc_name:
ensure = file,
path = ${tc_path}/conf/server.xml,
owner = $tc_name,
group = app,
source = [
puppet:///modules/tomcat/$::hostname.$tc_name.server.xml,
puppet:///modules/tomcat/$tc_name.server.xml,
puppet:///modules/tomcat/server.xml,
],
notify = Service[$tc_name],
require = Exec[$tc_name install],
}
file{manager web.xml $tc_name:
ensure = file,
path = ${tc_path}/webapps/manager/WEB-INF/web.xml,
owner = $tc_name
[Puppet Users] ensure tomcat - duplicated definition
Hello,
I fight with a tomcat module and try to ensure several tomcat instances:
node XY{
include tomcat
ensure_tomcats{
tomcat1:
tc_name = tomcat1,
tc_path = /app/tomcat1/tomcat,
version = 7.0.53;
tomcat2:
tc_name = tomcat2,
tc_path = /app/tomcat2/tomcat,
version = 7.0.53;
}
I guess that my module isn't best practice:
#cat tomcat/manifests/init.pp
define download($version=){
file{download apache-tomcat-$version:
path = /usr/local/src/apache-tomcat-$version.tar.gz,
ensure = present,
owner = $tc_name,
group = app,
mode = 0755,
source = puppet:///modules/tomcat/apache-tomcat-$version.tar.gz,
}
}
define ensure_tomcats($tc_name, $tc_path, $version) {
download{receive $tc_name $version:
version = $version,
}
file{$tc_path:
ensure = present,
owner = $tc_name,
group = app,
recurse = true,
require = Exec[$tc_name install],
}
exec{$tc_name extract apache-tomcat-$version:
command = /bin/tar xfz
/usr/local/src/apache-tomcat-$version.tar.gz,
cwd = /usr/local/src,
creates = /usr/local/src/apache-tomcat-$version,
user= root,
require = File[download apache-tomcat-$version],
}
exec{$tc_name install:
command = /bin/cp -r /usr/local/src/apache-tomcat-$version
$tc_path,
cwd = /usr/local/src,
creates = $tc_path,
user= root,
require = [ Exec[$tc_name extract apache-tomcat-$version], ],
}
file{$tc_path/webapps/examples:
ensure = absent,
force = true,
require = Exec[$tc_name install],
}
file{$tc_path/webapps/docs:
ensure = absent,
force = true,
require = Exec[$tc_name install],
}
file{/app/para/$tc_name.para:
ensure = present,
owner = root,
group = app,
mode = 0644,
source = [ puppet:///modules/tomcat/$tc_name.para.$::hostname,
puppet:///modules/tomcat/$tc_name.para ],
}
user{$tc_name:
ensure = present,
home = $tc_path,
managehome = true,
groups = app,
}
file{tomcat-users $tc_name:
ensure = file,
path = ${tc_path}/conf/tomcat-users.xml,
owner = $tc_name,
group = app,
source = [
puppet:///modules/tomcat/$::hostname.tomcat-users.xml,
puppet:///modules/tomcat/tomcat-users.xml,
],
require = Exec[$tc_name install],
}
file{server.xml $tc_name:
ensure = file,
path = ${tc_path}/conf/server.xml,
owner = $tc_name,
group = app,
source = [
puppet:///modules/tomcat/$::hostname.$tc_name.server.xml,
puppet:///modules/tomcat/$tc_name.server.xml,
puppet:///modules/tomcat/server.xml,
],
notify = Service[$tc_name],
require = Exec[$tc_name install],
}
file{manager web.xml $tc_name:
ensure = file,
path = ${tc_path}/webapps/manager/WEB-INF/web.xml,
owner = $tc_name,
group = app,
source = [
puppet:///modules/tomcat/$::hostname.$tc_name.manager.web.xml,
puppet:///modules/tomcat/$::hostname.manager.web.xml,
puppet:///modules/tomcat/manager.web.xml,
],
notify = Service[$tc_name],
require = Exec[$tc_name install],
}
file{setenv.sh $tc_name:
ensure = file,
path = ${tc_path}/bin/setenv.sh,
owner = $tc_name,
group = app,
mode = 0750,
source = [
puppet:///modules/tomcat/$::hostname.$tc_name.setenv.sh,
puppet:///modules/tomcat/$::hostname.setenv.sh,
puppet:///modules/tomcat/setenv.sh,
],
require = Exec[$tc_name install],
}
file {/etc/init.d/$tc_name:
content = template('tomcat/tomcat_init.erb'),
owner = root,
group = root,
mode= 0755,
}
service{$tc_name:
ensure = running,
enable = true,
hasrestart = true,
require= [ File[$tc_path], File[setenv.sh $tc_name],
File[manager web.xml $tc_name], File[server.xml $tc_name],
File[/etc/init.d/$tc_name], ],
}
}
class tomcat{
file{'/app/proc/tomcat':
ensure = present,
owner = root,
group = app,
mode = 0750,
source = puppet:///modules/tomcat/tomcat,
}
}
My problem is that if there're two tomcat instances with the same version
the module try to download the apache-tomcat tarball every time.
Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
Duplicate declaration: File[download apache-tomcat-7.0.53] is already
declared in file /etc/puppet/modules/tomcat/manifests/init.pp:9; cannot
redeclare at /etc/puppet/modules/tomcat/manifests/init.pp:9 on node YX
Thanks in advance
Björn
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group
[Puppet Users] nodejs - Running make returns 2 instead of 0
Hello,
I try to build nodejs, unfortunately by running of make via puppet it
returns 2 somehow.
When I run make manually it returns 0 as expected.
puppet agent -t
info: Retrieving plugin
info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
info: Loading facts in /var/lib/puppet/lib/facter/vmwaretools_version.rb
info: Loading facts in /var/lib/puppet/lib/facter/pper_installed.rb
info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
info: Loading facts in /var/lib/puppet/lib/facter/os_maj_version.rb
info: Loading facts in /var/lib/puppet/lib/facter/environment.rb
info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb
info: Caching catalog for pc
info: Applying configuration version '1389785537'
notice: /Stage[main]/Development-pc::Nodejs/Exec[git checkout]/returns:
executed successfully
err: /Stage[main]/Development-pc::Nodejs/Exec[make nodejs]/returns: change
from notrun to 0 failed: /usr/bin/make returned 2 instead of one of [0] at
/etc/puppet/modules/development-pc/manifests/nodejs.pp:39
notice: /Stage[main]/Development-pc::Nodejs/Exec[make install nodejs]:
Dependency Exec[make nodejs] has failures: true
warning: /Stage[main]/Development-pc::Nodejs/Exec[make install nodejs]:
Skipping because of failed dependencies
notice: /Stage[main]/Development-pc::Nodejs/Exec[npm install grunt-cli]:
Dependency Exec[make nodejs] has failures: true
warning: /Stage[main]/Development-pc::Nodejs/Exec[npm install grunt-cli]:
Skipping because of failed dependencies
notice: Finished catalog run in 4.76 seconds
This is my exec:
exec {'make nodejs':
command = /usr/bin/make,
creates = /usr/local/src/node/out/Release/node,
cwd = /usr/local/src/node,
path= [/usr/bin, /usr/sbin],
require = Exec['configure nodejs'],
}
Do you got any idea?
Thanks!
Björn
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/8918fcca-4402-4c03-8148-0222e6735c89%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] nodejs - Running make returns 2 instead of 0
Ohhh, you made my day. That shows the problem.
We need /bin in PATH for uname.
Thanks a lot!
Björn
Am Mittwoch, 15. Januar 2014 14:39:54 UTC+1 schrieb Ken Barber:
This is my exec:
exec {'make nodejs':
command = /usr/bin/make,
creates = /usr/local/src/node/out/Release/node,
cwd = /usr/local/src/node,
path= [/usr/bin, /usr/sbin],
require = Exec['configure nodejs'],
}
Do you got any idea?
Try adding the parameter logoutput = on_failure to the 'exec' and
re-run puppet. It should drop the output of the make command to the
log so you can see any errors that might have been occurring.
http://docs.puppetlabs.com/references/latest/type.html#exec-attribute-logoutput
ken.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/94f5-911f-48ed-9174-bbbaca1a7715%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] onlyif return code
Hello Mike,
thanks a lot, file_line works great! I not remember why I don't use
file_line for such things.
Björn
On Thursday, October 3, 2013 2:35:46 AM UTC+2, Mike Delaney wrote:
On Wed, Oct 2, 2013 at 4:15 AM, Björn bbecke...@googlemail.comjavascript:
wrote:
exec{'ensure password policy for pci':
cwd = '/bin/',
command = /bin/sed -i 's/^password.*cracklib.so.*/password
requisite pam_cracklib.so retry=3 minlen=8 difok=5
dcredit=-1 lcredit=-1 ucredit=-1 ocredit=-1/g' $pam_password,
path= /usr/bin:/usr/sbin:/bin,
onlyif = grep '^password.*cracklib.so.*' $pam_password,
require = Package[$cracklib],
}
exec{'ensure password policy for pci when nothing is present':
cwd = '/bin/',
command = echo 'passwordrequisite
pam_cracklib.so retry=3 minlen=8 difok=5 dcredit=-1 lcredit=-1 ucredit=-1
ocredit=-1' $pam_password,
path= /usr/bin:/usr/sbin:/bin,
onlyif = grep -vq '^password.*cracklib.so.*' $pam_password,
require = Package[$cracklib],
}
}
My problem are the exec commands.
With the first exec I try to change an existing line with sed.
With the second exec I try to add the rule if no line with
password.*cracklib is existing.
Unfortunately, this exec run when the return code of onlyif is 0. I don't
know a command which return 0 when the line isn't available and return 1
when the line is available.
May be I'm thinking to complicated? Do you have another solution?
Off the top of my head, I can't think of a way to invert grep's exit
status like you want (at least not a way
that will work in an onlyif), however the use of two execs to modify a
file is probably not the ideal solution.
Indeed, once the cracklib entry is present in the file, that first exec
will fire every time puppet runs, which
is probably not what you want either.
If you don't want to manage the entire file, you could use either the
native augeas type or the file_line
type from the stdlib module to accomplish what you want (file_line is
probably easier):
file_line { 'ensure password policy for pci':
path= $pam_password,
match = '^password.*cracklib\.so',
line = 'passwordrequisite
pam_cracklib.so retry=3 minlen=8 difok=5 dcredit=-1 lcredit=-1
ucredit=-1 ocredit=-1'
}
-Mike
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: onlyif return code
Unless was also a good hint! But my sed solution was running every time
puppet agent run. So I use file_line now.
Thanks!
On Wednesday, October 2, 2013 1:15:53 PM UTC+2, Björn wrote:
Hello,
I try to ensure our password policies using /etc/login.defs and PAM
cracklib.
class pci_policy::password(
$cracklib = $pci_policy::params::cracklib,
$pam_password = $pci_policy::params::pam_password,
) inherits pci_policy::params {
package{$cracklib:
ensure = installed,
}
file{'/etc/login.defs':
ensure = present,
owner = root,
group = root,
mode= 0644,
source =
puppet:///modules/pci_policy/login.defs.$::operatingsystem,
require = Package[$cracklib],
}
exec{'ensure password policy for pci':
cwd = '/bin/',
command = /bin/sed -i 's/^password.*cracklib.so.*/password
requisite pam_cracklib.so retry=3 minlen=8 difok=5
dcredit=-1 lcredit=-1 ucredit=-1 ocredit=-1/g' $pam_password,
path= /usr/bin:/usr/sbin:/bin,
onlyif = grep '^password.*cracklib.so.*' $pam_password,
require = Package[$cracklib],
}
exec{'ensure password policy for pci when nothing is present':
cwd = '/bin/',
command = echo 'passwordrequisite
pam_cracklib.so retry=3 minlen=8 difok=5 dcredit=-1 lcredit=-1 ucredit=-1
ocredit=-1' $pam_password,
path= /usr/bin:/usr/sbin:/bin,
onlyif = grep -vq '^password.*cracklib.so.*' $pam_password,
require = Package[$cracklib],
}
}
My problem are the exec commands.
With the first exec I try to change an existing line with sed.
With the second exec I try to add the rule if no line with
password.*cracklib is existing.
Unfortunately, this exec run when the return code of onlyif is 0. I don't
know a command which return 0 when the line isn't available and return 1
when the line is available.
May be I'm thinking to complicated? Do you have another solution?
Thanks a lot!
Björn
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] onlyif return code
Hello,
I try to ensure our password policies using /etc/login.defs and PAM
cracklib.
class pci_policy::password(
$cracklib = $pci_policy::params::cracklib,
$pam_password = $pci_policy::params::pam_password,
) inherits pci_policy::params {
package{$cracklib:
ensure = installed,
}
file{'/etc/login.defs':
ensure = present,
owner = root,
group = root,
mode= 0644,
source = puppet:///modules/pci_policy/login.defs.$::operatingsystem,
require = Package[$cracklib],
}
exec{'ensure password policy for pci':
cwd = '/bin/',
command = /bin/sed -i 's/^password.*cracklib.so.*/password
requisite pam_cracklib.so retry=3 minlen=8 difok=5
dcredit=-1 lcredit=-1 ucredit=-1 ocredit=-1/g' $pam_password,
path= /usr/bin:/usr/sbin:/bin,
onlyif = grep '^password.*cracklib.so.*' $pam_password,
require = Package[$cracklib],
}
exec{'ensure password policy for pci when nothing is present':
cwd = '/bin/',
command = echo 'passwordrequisite
pam_cracklib.so retry=3 minlen=8 difok=5 dcredit=-1 lcredit=-1 ucredit=-1
ocredit=-1' $pam_password,
path= /usr/bin:/usr/sbin:/bin,
onlyif = grep -vq '^password.*cracklib.so.*' $pam_password,
require = Package[$cracklib],
}
}
My problem are the exec commands.
With the first exec I try to change an existing line with sed.
With the second exec I try to add the rule if no line with
password.*cracklib is existing.
Unfortunately, this exec run when the return code of onlyif is 0. I don't
know a command which return 0 when the line isn't available and return 1
when the line is available.
May be I'm thinking to complicated? Do you have another solution?
Thanks a lot!
Björn
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] ossec integration
Hello,
I recently found this great sample in the wiki to integrate ossec.
http://projects.puppetlabs.com/projects/1/wiki/OSSEC-HIDS_Patterns
Once you installed openssl-devel on your ossec server while installation,
the ossec-authd is compilied too and you are able to add clients to ossec
server remotely.
Therefore I changed the sample of ossec intergrated with these lines:
exec { client.keys:
command = /var/ossec/bin/agent-auth -m 10.1.2.3 -A $::fqdn -D
/var/ossec/,
creates = /var/ossec/etc/client.keys,
}
In addition the service ossec object isn't working for me, because the
init-script status return always 0. I'm new at puppet and would like to ask
if I did fine:
service { ossec:
enable = true,
ensure = running,
hasrestart = true,
hasstatus = true,
status = '/etc/init.d/ossec | grep ossec-agentd is
running',
}
Thanks!
Björn
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
