system
Version information
This module has been deprecated by its author since Oct 17th 2017.
The reason given was: This module has been moved to the care of Vox Pupuli where it is now being maintained and updated.
The author has suggested puppet-system as its replacement.
Start using this module
Documentation
puppet-system
Manage Linux system resources and services from hiera configuration.
- crontabs: set user crontab entries
- execs: run idempotent external commands
- facts: set custom facts
- files: create/update files or directories
- groups: manage entries in /etc/group
- hosts: manage entries in /etc/hosts
- limits: manage entries in /etc/security/limits.conf
- mailaliases manage entries in /etc/aliases
- mounts: manage entries in /etc/fstab
- packages: manage system packages
- services: manage system services
- sshd: manage configuration in /etc/ssh/sshd_config including subsystems like sftp
- sysconfig: manage files under /etc/sysconfig: clock, i18n, keyboard, puppet-dashboard, puppet, puppetmaster, selinux
- sysctl: manage entries in /etc/sysctl.conf
- users: manage users in /etc/passwd and /etc/shadow
- yumgroups: manage system package groups
- yumrepos: manage yum repository files under /etc/yum.repos.d
Documentation
For default types (users, groups, mounts, yumrepos, packages, cron, exec) see the documentation at http://docs.puppetlabs.com/references/latest/type.html for the parameters that can be passed to each of the resources.
For augeasproviders types (sysctl, sshd) see http://forge.puppetlabs.com/domcleal/augeasproviders.
For limits see http://forge.puppetlabs.com/erwbgy/limits.
Usage
Include the system module in your puppet configuration:
include system
and add required hiera configuration.
crontabs
Set user crontab entries
Example configuration:
system::crontabs:
'root-logrotate':
command: '/usr/sbin/logrotate'
user: 'root'
hour: '2'
minute: '0'
Defaults:
- ensure: present
- user: root
execs
Run idempotent external commands
Example configuration:
system::execs:
'update-tomcat-deploy':
command: '/usr/bin/svn up'
cwd: '/apps/tomcat1/deploy'
user: 'tomcat1'
'create-deploy-dir':
command: '/bin/mkdir -p /apps/tomcat1/deploy'
unless: '/usr/bin/test -d /apps/tomcat1/deploy'
Note: The commands will be run on every Puppet run unless you specify 'onlyif', 'unless' or 'refreshonly' parameters.
facts
Set custom facts
Example configuration:
system::facts:
location:
value: 'London'
files
Create or update files or directories
Example 1 - create a mount point for an NFS mounted directory:
system::files:
/apps:
ensure: 'directory'
owner: 'root'
group: 'root'
mode: '0755'
Example 2 - create a file with the given content:
system::files:
/etc/motd:
ensure: 'present'
owner: 'root'
group: 'root'
mode: '0644'
content: "Authorised access only\nIf unauthorised log off now or face prosecution\n"
Note: Use double-quotes with content if it contains embedded newlines (\n) or tabs (\t). Normaly you will also want a terminating newline.
groups
Manage entries in /etc/group
Example configuration:
system::groups:
'keith':
ensure: 'present'
gid: '500'
'fred':
gid: '503'
Defaults:
- ensure: present
hosts
Manage entries in /etc/hosts
Example configuration:
system::hosts:
puppet:
ensure: 'present'
ip: '10.5.11.19'
host_aliases: [ 'puppet.local' ]
Defaults:
- ensure: present
See: http://docs.puppetlabs.com/references/latest/type.html#host
limits
Manage entries in /etc/security/limits.conf
Example configuration:
system::limits:
'*':
nofile:
soft: 1024
hard: 2048
'@weblogic':
nofile:
soft: 16384
hard: 16384
nproc:
soft: 2048
hard: 2048
No defaults.
mailaliases
Manage entries in /etc/aliases
Example configuration:
system::mailaliases:
postmaster:
recipient: 'root'
webmaster:
recipient: 'fred@domain.com'
No defaults.
See: http://docs.puppetlabs.com/references/latest/type.html#mailalias
mounts
Manage entries in /etc/fstab
Example configuration:
system::mounts:
'/home':
ensure: 'mounted'
device: '/dev/mapper/vg_x120-lv_home'
atboot: 'true'
fstype: 'ext4'
options: 'defaults'
Defaults:
- atboot: true
- ensure: mounted
Note: These resources are created last so any required users, groups or mount point directories have a chance to be created first.
packages
Manage system packages
Example configuration:
system::packages:
AdobeReader_enu:
ensure: '9.5.1-1'
ConsoleKit:
ensure: '0.4.5-2.fc17'
Defaults:
- ensure: installed
services
Manage system services
Example configuration:
system::services:
cups:
ensure: 'stopped'
enable: 'false'
sshd:
ensure: 'running'
enable: 'true'
ntpd:
ensure: 'running'
enable: 'true'
Defaults:
- ensure: running
Note:
- Do not specify any services that are managed by other Puppet modules (eg. ntpd or network) otherwise you may get conflicts
sshd
Manage settings in /etc/ssh/sshd.conf
Synchronize host keys file entries across all puppet-managed hosts.
Example configuration:
system::sshd:
AllowGroups:
value: [ 'sshusers', 'admin' ]
PermitRootLogin:
value: 'without-password'
condition: 'Host example.net'
system::sshd::subsystem:
sftp:
command: '/usr/libexec/openssh/sftp-server -u 0002'
system::sshd::sync_host_keys: 'true'
No defaults.
See:
- https://github.com/domcleal/augeasproviders/blob/master/lib/puppet/type/sshd_config.rb
- https://github.com/domcleal/augeasproviders/blob/master/lib/puppet/type/sshd_config_subsystem.rb
sysconfig
Manage settings in files under /etc/sysconfig
Example configuration:
system::sysconfig::clock:
timezone: 'Europe/London'
system::sysconfig::i18n:
# Run 'locale -a' to see possible lang values
lang: 'en_GB.utf8'
system::sysconfig::keyboard:
keytable: 'uk'
model: 'pc105'
layout: 'gb'
keyboardtype: 'pc'
system::sysconfig::puppet:
server: 'puppet.sbet'
system::sysconfig::selinux:
state: 'enforcing'
No defaults.
sysctl
Manage settings in /etc/sysctl.conf
Example configuration:
system::sysctl:
kernel.msgmnb:
value: '131072'
comment: 'Controls the default maximum size of a message queue'
kernel.msgmax:
value: '131072'
comment: ' Controls the maximum size of a message, in bytes'
No defaults.
See:
Note: Quote numeric values to avoid "can't convert Fixnum into String" errors
users
Manage users entries in /etc/passwd and /etc/shadow
Example configuration:
system::users:
'keith':
ensure: 'present'
comment: 'Keith Burdis'
gid: '500'
groups: ['wheel']
home: '/home/keith'
shell: '/bin/bash'
uid: '500'
'fred':
comment: 'Fred Bloggs'
uid: '503'
gid: '503'
home: '/home/fred'
managehome: true
Defaults:
- ensure: present
- shell: /bin/bash
yumgroups
Manage system package groups
Example configuration:
system::yumgroups:
'Base':
ensure: 'present'
'Console internet tools':
ensure: 'present'
'Perl Support':
ensure: 'present'
usecache: false
'Ruby Support':
ensure: 'present'
optional: true
usecache: false
Defaults:
- optional: false
- usecache: true
Note: Set 'usecache: false' if 'yum -C grouplist' does not work on your system and you are getting System::Yumgroup resources created on every Puppet run
yumrepos
Manage yum repository files under /etc/yum.repos.d
Example configuration:
system::yumrepos:
'puppetlabs-deps':
baseurl: 'http://yum.puppetlabs.com/fedora/f17/dependencies/$basearch'
descr: 'Puppet Labs Dependencies Fedora 17 - $basearch'
enabled: '1'
gpgcheck: '1'
gpgkey: 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs'
'puppetlabs-products':
baseurl: 'http://yum.puppetlabs.com/fedora/f17/products/$basearch'
descr: 'Puppet Labs Products Fedora 17 - $basearch'
enabled: '1'
gpgcheck: '1'
gpgkey: 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs'
Defaults:
- enabled: 1
- gpgcheck: 1
providers
The augeasproviders module can be an alternate provider for the host, mailalias and mounttab types.
Example configuration:
system::providers:
host: 'augeas'
mailalias: 'augeas'
mounttab: 'augeas'
Notes
-
When requiring packages in other modules wrap them in an "if !defined" check to avoid conflicts with system::packages - for example:
if ! defined(Package['bash']) { package { 'bash': ensure => installed } }
-
Put the system class first in the list of classes to include when using hiera_include. This avoids problems with conflicting package declarations - which shouldn't be a problem because system::packages is run in an earlier run stage but is.
-
As with many default types you can often specify a 'target' parameter to specify a different configuration filename to change.
Support
License: Apache License, Version 2.0
GitHub URL: https://github.com/erwbgy/puppet-system
0.5.3:
-
Added 'crontabs' to create user crontab entries
-
Added 'execs' to run idempotent external commands
0.5.2:
-
limits: Fixed examples to show changes due to multiple entry support
-
Actually fix the typo in mounts.pp preventing it from working!
-
mounts: Updated example to show an NFS share
-
example.yaml: Added files examples
-
sysctl: Added a note to quote numeric values to avoid "can't convert Fixnum into String" errors
-
yumgroups: added a usecache option for when 'yum -C grouplist' does not work
0.5.1:
-
Added 'files' to create directories and populate the content of files. The initial reason was to create mount points for NFS shares.
-
Fixed typo in mounts.pp preventing it from working.
-
Run 'mounts' in the last stage so that any required users, groups and mount points can be created first.
-
Require augeasproviders > 0.5.1 to get bug fix for problems running under 'puppet apply'.
-
Require limits > 0.3.1 as this allows more than one entry per user or group.
Dependencies
- erwbgy/limits (>= 0.3.1)
- domcleal/augeasproviders (>= 0.5.1)