commit dbfa3d96fed48cfb7f68361d44c8460c7ce6e2c2 Author: Antonio J. Delgado Date: Tue Oct 11 10:19:08 2022 +0300 Initial commit with previous code diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..9a5f111 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,6 @@ +--- +puppet_version: 6 +puppet_server: pm.example.com +puppet_server_port: 8140 +puppet_runinterval: 30m +run_puppet: no \ No newline at end of file diff --git a/files/default_puppet b/files/default_puppet new file mode 100644 index 0000000..1ad9f53 --- /dev/null +++ b/files/default_puppet @@ -0,0 +1,2 @@ +# You may specify parameters to the puppet client here +#PUPPET_EXTRA_OPTS=--waitforcert=500 \ No newline at end of file diff --git a/files/puppet.service b/files/puppet.service new file mode 100644 index 0000000..6b5d0b5 --- /dev/null +++ b/files/puppet.service @@ -0,0 +1,25 @@ +# +# Local settings can be configured without being overwritten by package upgrades, for example +# if you want to increase puppet open-files-limit to 10000, +# you need to increase systemd's LimitNOFILE setting, so create a file named +# "/etc/systemd/system/puppet.service.d/limits.conf" containing: +# [Service] +# LimitNOFILE=10000 +# You can confirm it worked by running systemctl daemon-reload +# then running systemctl show puppet | grep LimitNOFILE +# +[Unit] +Description=Puppet agent +Wants=basic.target +After=basic.target network.target + +[Service] +EnvironmentFile=-/etc/sysconfig/puppetagent +EnvironmentFile=-/etc/sysconfig/puppet +EnvironmentFile=-/etc/default/puppet +ExecStart=/usr/local/bin/puppet agent $PUPPET_EXTRA_OPTS --no-daemonize +ExecReload=/bin/kill -HUP $MAINPID +KillMode=process + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..57e8e0a --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: Reload Systemd daemon + shell: systemctl daemon-reload diff --git a/tasks/configure.yml b/tasks/configure.yml new file mode 100644 index 0000000..325a90c --- /dev/null +++ b/tasks/configure.yml @@ -0,0 +1,100 @@ +--- +- name: Obtain path to puppet binary using which + shell: which puppet | true + register: which_puppet + +- name: Show which_puppet + debug: + msg: "{{ which_puppet }}" + +- name: Obtain path to puppet binary using whereis + shell: "whereis puppet | awk 'BEGIN {FS=\": \"} {print($2)}'" + register: which_puppet + when: which_puppet.stdout == "" + +- name: Set fact for puppet path + set_fact: + puppet_cmd: "{{ which_puppet.stdout }}" + when: which_puppet.stdout != "" + +- name: Obtain puppet configuration directory + shell: "{{ puppet_cmd }} config print confdir" + register: current_puppet_confdir + +- name: Ensure puppet server is configured in main section + ini_file: + path: "{{ current_puppet_confdir.stdout }}/puppet.conf" + section: main + option: server + value: "{{ puppet_server }}" + backup: yes + create: yes + mode: 0644 + +- name: Ensure puppet server is configured in master section + ini_file: + path: "{{ current_puppet_confdir.stdout }}/puppet.conf" + section: master + option: server + value: "{{ puppet_server }}" + backup: yes + create: yes + mode: 0644 + +- name: Ensure puppet port is configured in main section + ini_file: + path: "{{ current_puppet_confdir.stdout }}/puppet.conf" + section: main + option: serverport + value: "{{ puppet_server_port }}" + backup: yes + create: yes + mode: 0644 + +- name: Ensure puppet port is configured in master section + ini_file: + path: "{{ current_puppet_confdir.stdout }}/puppet.conf" + section: master + option: port + value: "{{ puppet_server_port }}" + backup: yes + create: yes + mode: 0644 + +- name: Ensure puppet run interval is configured in main section + ini_file: + path: "{{ current_puppet_confdir.stdout }}/puppet.conf" + section: main + option: runinterval + value: "{{ puppet_runinterval }}" + backup: yes + create: yes + mode: 0644 + +- name: Ensure puppet run interval is configured in master section + ini_file: + path: "{{ current_puppet_confdir.stdout }}/puppet.conf" + section: master + option: runinterval + value: "{{ puppet_runinterval }}" + backup: yes + create: yes + mode: 0644 + +- name: Run puppet for the first time + shell: "{{ puppet_cmd }} agent -t" + when: run_puppet + +- name: Ensure puppet agent service is enabled and started + service: + name: puppet + enabled: yes + state: started + when: "'WSL' not in ansible_facts['kernel']" + +- name: Ensure puppet agent cron exists (WSL only) + cron: + name: puppet agent + job: puppet agent -t + minute: '30' + when: "'WSL' in ansible_facts['kernel']" diff --git a/tasks/install_arm.yml b/tasks/install_arm.yml new file mode 100644 index 0000000..ecdc389 --- /dev/null +++ b/tasks/install_arm.yml @@ -0,0 +1,80 @@ +--- +- name: Ensure Ruby packages are installed + package: + name: + - ruby-full + - ruby-augeas + #- libaugeas0 + - libaugeas-dev + #- augeas-tools + +- name: Ensure Puppet agent gem is installed + gem: + name: puppet + version: "<7" + norc: true + user_install: false + state: present + +- name: Ensure Pathspec gem is installed + gem: + name: pathspec + version: "0.2.1" + user_install: false + state: present + +- name: Ensure other gems are installed + gem: + name: "{{ item }}" + user_install: false + loop: + - augeas + - ruby-augeas + - rspec-puppet-augeas + - puppet-lint-concatenated_template_files-check + +- name: Ensure puppet group exists + group: + name: puppet + +- name: Ensure puppet user exists + user: + name: puppet + group: puppet + +- name: Ensure puppet folder exists + file: + path: /etc/puppetlabs/puppet/ + state: directory + owner: puppet + group: puppet + +- name: Ensure puppet server is configured + ini_file: + path: /etc/puppetlabs/puppet/puppet.conf + owner: puppet + group: puppet + section: main + option: server + value: "{{ puppet_server }}" + create: yes + +- name: Ensure default puppet exists + copy: + src: files/default_puppet + dest: /etc/default/puppet + +- name: Ensure puppet agent service unit file exists + copy: + src: files/puppet.service + dest: /etc/systemd/system/puppet.service + notify: Reload Systemd daemon + +#mkdir -p /etc/puppetlabs/code/environments/production/modules/ +#mkdir -p /etc/puppetlabs/code/environments/production/manifests/ + +- name: Ensure puppet agent service is enabled and running + systemd: + name: puppet + enabled: yes + state: started diff --git a/tasks/install_x86_64.yml b/tasks/install_x86_64.yml new file mode 100644 index 0000000..90b393a --- /dev/null +++ b/tasks/install_x86_64.yml @@ -0,0 +1,16 @@ +--- +- name: Ensure Puppet repository is installed + apt: + deb: "https://apt.puppetlabs.com/puppet{{ puppet_version }}-release-{{ ansible_distribution_release }}.deb" + when: ansible_distribution_release != "hirsute" and ansible_distribution_release != "jammy" + +- name: Ensure Puppet repository is installed + apt: + deb: "https://apt.puppetlabs.com/puppet{{ puppet_version }}-release-focal.deb" + when: ansible_distribution_release == "hirsute" or ansible_distribution_release == "jammy" + +- name: Ensure puppet-agent is installed + package: + name: + - puppet-agent + update_cache: yes diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..f2b28c7 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- name: Ensure installation in x86 64bits systems + include_tasks: install_x86_64.yml + when: ansible_facts['architecture'] == "x86_64" + +- name: Ensure installation in ARM device + include_tasks: install_arm.yml + when: ansible_facts['architecture'] | regex_search("^arm") + +- name: Ensure configuration + include_tasks: configure.yml