Initial commit with previous code

2022-10-11 10:19:08 +03:00 · 2022-10-11 10:19:08 +03:00 · dbfa3d96fe
commit dbfa3d96fe
8 changed files with 243 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -0,0 +1,6 @@
+---
+puppet_version: 6
+puppet_server: pm.example.com
+puppet_server_port: 8140
+puppet_runinterval: 30m
+run_puppet: no
--- a/files/default_puppet
+++ b/files/default_puppet
@ -0,0 +1,2 @@
+# You may specify parameters to the puppet client here
+#PUPPET_EXTRA_OPTS=--waitforcert=500
--- a/files/puppet.service
+++ b/files/puppet.service
@ -0,0 +1,25 @@
+#
+# Local settings can be configured without being overwritten by package upgrades, for example
+# if you want to increase puppet open-files-limit to 10000,
+# you need to increase systemd's LimitNOFILE setting, so create a file named
+# "/etc/systemd/system/puppet.service.d/limits.conf" containing:
+# [Service]
+# LimitNOFILE=10000
+# You can confirm it worked by running systemctl daemon-reload
+# then running systemctl show puppet | grep LimitNOFILE
+#
+[Unit]
+Description=Puppet agent
+Wants=basic.target
+After=basic.target network.target
+
+[Service]
+EnvironmentFile=-/etc/sysconfig/puppetagent
+EnvironmentFile=-/etc/sysconfig/puppet
+EnvironmentFile=-/etc/default/puppet
+ExecStart=/usr/local/bin/puppet agent $PUPPET_EXTRA_OPTS --no-daemonize
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -0,0 +1,3 @@
+---
+- name: Reload Systemd daemon
+  shell: systemctl daemon-reload
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@ -0,0 +1,100 @@
+---
+- name: Obtain path to puppet binary using which
+  shell: which puppet | true
+  register: which_puppet
+
+- name: Show which_puppet
+  debug:
+    msg: "{{ which_puppet }}"
+
+- name: Obtain path to puppet binary using whereis
+  shell: "whereis puppet | awk 'BEGIN {FS=\": \"} {print($2)}'"
+  register: which_puppet
+  when: which_puppet.stdout == ""
+
+- name: Set fact for puppet path
+  set_fact:
+    puppet_cmd: "{{ which_puppet.stdout }}"
+  when: which_puppet.stdout != ""
+
+- name: Obtain puppet configuration directory
+  shell: "{{ puppet_cmd }} config print confdir"
+  register: current_puppet_confdir
+
+- name: Ensure puppet server is configured in main section
+  ini_file:
+    path: "{{ current_puppet_confdir.stdout }}/puppet.conf"
+    section: main
+    option: server
+    value: "{{ puppet_server }}"
+    backup: yes
+    create: yes
+    mode: 0644
+
+- name: Ensure puppet server is configured in master section
+  ini_file:
+    path: "{{ current_puppet_confdir.stdout }}/puppet.conf"
+    section: master
+    option: server
+    value: "{{ puppet_server }}"
+    backup: yes
+    create: yes
+    mode: 0644
+
+- name: Ensure puppet port is configured in main section
+  ini_file:
+    path: "{{ current_puppet_confdir.stdout }}/puppet.conf"
+    section: main
+    option: serverport
+    value: "{{ puppet_server_port }}"
+    backup: yes
+    create: yes
+    mode: 0644
+
+- name: Ensure puppet port is configured in master section
+  ini_file:
+    path: "{{ current_puppet_confdir.stdout }}/puppet.conf"
+    section: master
+    option: port
+    value: "{{ puppet_server_port }}"
+    backup: yes
+    create: yes
+    mode: 0644
+
+- name: Ensure puppet run interval is configured in main section
+  ini_file:
+    path: "{{ current_puppet_confdir.stdout }}/puppet.conf"
+    section: main
+    option: runinterval
+    value: "{{ puppet_runinterval }}"
+    backup: yes
+    create: yes
+    mode: 0644
+
+- name: Ensure puppet run interval is configured in master section
+  ini_file:
+    path: "{{ current_puppet_confdir.stdout }}/puppet.conf"
+    section: master
+    option: runinterval
+    value: "{{ puppet_runinterval }}"
+    backup: yes
+    create: yes
+    mode: 0644
+
+- name: Run puppet for the first time
+  shell: "{{ puppet_cmd }} agent -t"
+  when: run_puppet
+
+- name: Ensure puppet agent service is enabled and started
+  service:
+    name: puppet
+    enabled: yes
+    state: started
+  when: "'WSL' not in ansible_facts['kernel']"
+
+- name: Ensure puppet agent cron exists (WSL only)
+  cron:
+    name: puppet agent
+    job: puppet agent -t
+    minute: '30'
+  when: "'WSL' in ansible_facts['kernel']"
--- a/tasks/install_arm.yml
+++ b/tasks/install_arm.yml
@ -0,0 +1,80 @@
+---
+- name: Ensure Ruby packages are installed
+  package:
+    name:
+      - ruby-full
+      - ruby-augeas
+      #- libaugeas0
+      - libaugeas-dev
+      #- augeas-tools
+
+- name: Ensure Puppet agent gem is installed
+  gem:
+    name: puppet
+    version: "<7"
+    norc: true
+    user_install: false
+    state: present
+
+- name: Ensure Pathspec gem is installed
+  gem:
+    name: pathspec
+    version: "0.2.1"
+    user_install: false
+    state: present
+
+- name: Ensure other gems are installed
+  gem:
+    name: "{{ item }}"
+    user_install: false
+  loop:
+    - augeas
+    - ruby-augeas
+    - rspec-puppet-augeas
+    - puppet-lint-concatenated_template_files-check
+
+- name: Ensure puppet group exists
+  group:
+    name: puppet
+
+- name: Ensure puppet user exists
+  user:
+    name: puppet
+    group: puppet
+
+- name: Ensure puppet folder exists
+  file:
+    path: /etc/puppetlabs/puppet/
+    state: directory
+    owner: puppet
+    group: puppet
+
+- name: Ensure puppet server is configured
+  ini_file:
+    path: /etc/puppetlabs/puppet/puppet.conf
+    owner: puppet
+    group: puppet
+    section: main
+    option: server
+    value: "{{ puppet_server }}"
+    create: yes
+
+- name: Ensure default puppet exists
+  copy:
+    src: files/default_puppet
+    dest: /etc/default/puppet
+
+- name: Ensure puppet agent service unit file exists
+  copy:
+    src: files/puppet.service
+    dest: /etc/systemd/system/puppet.service
+  notify: Reload Systemd daemon
+
+#mkdir -p /etc/puppetlabs/code/environments/production/modules/
+#mkdir -p /etc/puppetlabs/code/environments/production/manifests/
+
+- name: Ensure puppet agent service is enabled and running
+  systemd:
+    name: puppet
+    enabled: yes
+    state: started
--- a/tasks/install_x86_64.yml
+++ b/tasks/install_x86_64.yml
@ -0,0 +1,16 @@
+---
+- name: Ensure Puppet repository is installed
+  apt:
+    deb: "https://apt.puppetlabs.com/puppet{{ puppet_version }}-release-{{ ansible_distribution_release }}.deb"
+  when: ansible_distribution_release != "hirsute" and ansible_distribution_release != "jammy"
+
+- name: Ensure Puppet repository is installed
+  apt:
+    deb: "https://apt.puppetlabs.com/puppet{{ puppet_version }}-release-focal.deb"
+  when: ansible_distribution_release == "hirsute" or ansible_distribution_release == "jammy"
+
+- name: Ensure puppet-agent is installed
+  package:
+    name:
+      - puppet-agent
+    update_cache: yes
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,11 @@
+---
+- name: Ensure installation in x86 64bits systems
+  include_tasks: install_x86_64.yml
+  when: ansible_facts['architecture'] == "x86_64"
+
+- name: Ensure installation in ARM device
+  include_tasks: install_arm.yml
+  when: ansible_facts['architecture'] | regex_search("^arm")
+
+- name: Ensure configuration
+  include_tasks: configure.yml