Forge Home

coretx

A collection of parameterized classes for common resource management on Linux clients. Designed and tested for use with an ENC.

astoyanov

astoyanov

6,837 downloads

6,186 latest version

4.3 quality score

Version information

  • 1.0.4 (latest)
  • 1.0.3
  • 1.0.2
  • 1.0.1
  • 1.0.0 (deleted)
released Mar 27th 2017
This version is compatible with:
  • Puppet Enterprise 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.0.0 < 5.0.0
  • RHEL, CentOS, Debian, Ubuntu

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this declaration to your Puppetfile:

mod 'astoyanov-coretx', '1.0.4'
Learn more about managing modules with a Puppetfile

Add this module to a Bolt project:

bolt module add astoyanov-coretx
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install astoyanov-coretx --version 1.0.4

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

astoyanov/coretx — version 1.0.4 Mar 27th 2017

puppet-module-coretx

Description

A collection of parameterized classes for common resource management on Linux clients.

Designed and tested for use with an ENC.

Supported OS list: RHEL/CentOS/Debian/Ubuntu.

What does this module do?

Class coretx::identity - Manage user and group resources. User definition includes multiple SSH keys management via erb template.

Class coretx::cronjob - Manage user and system-wide Cron jobs. System crontab (/etc/crontab) is managed via erb template.

Class coretx::fsmounts - Manage file system mounts resources (/etc/fstab).

Class coretx::root - Manage the root super user account. Includes multiple SSH keys management via erb template (~/.ssh/authorized_keys).

Class coretx::hosts - Manage the hosts file (/etc/hosts) via erb template.

Class coretx::files - Manage file/folder resources.

Class coretx::yumrepos - Manage yum repositories on RedHat systems.

Class coretx::packages - Manage generic package resources states.

Class coretx::services - Manage generic service resource states.

Compatibility

This module supports Puppet v4 and above.

Tested on:

  • RedHat EL 5/6/7
  • Debian 6/7/8
  • Ubuntu 16

Installing the module

Usage

Class coretx::identity

Manage user account and group resources - This class will overwrite individual user $home/.ssh/authorized_keys files!

Resource documentation (user): https://docs.puppet.com/puppet/latest/types/user.html

Resource documentation (group): https://docs.puppet.com/puppet/latest/types/group.html

Parameters

users_hash

Hash parameter which can be used for multi user resource management via create_resources().

Resource documentation (user): https://docs.puppet.com/puppet/latest/types/user.html

  • Default: {}
  • Note: The 'managehome' key/value is required for each nested user hash you want to trigger use of the SSH keys template
  • Examples(YAML):

coretx::identity: users_hash: john: name: john ensure: present comment: Group admin groups:

  - sudo
  - nix-admins
  password: '$1$324dfdsg$WIrstQFASIpxo3yy4Xjg80'
sysadmin:
  name: sysadmin
  ensure: present
  home: '/home/sysadmin'
  managehome: true
  comment: System administrator
  password_max_age: 90
  password_min_age: 1
  expiry: '2020-12-30'
  groups:
  - sudo
  - nix-admins
  password: '$1$324dfdsg$WIrstQFASIpxo3yy4Xjg80'
  ssh_keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfzq9TjTKQvylLeTkuCf9pE== root@localhost
testuser2:
  name: testuser2
  ensure: present
  managehome: true
  home: '/var/home/testuser2'
  comment: This is a test user
  ssh_keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfzq9TjTKQvylLeTkuCf9pE95rc== testuser2@localhost
  - ecdsa-sha2-nistp256 BBBBB3NzaC1yc2EAAAADAQABAAABAQDfzq9TjTKQvylLeTkuCf9== testuser2@localhost

users_defaults

Hash parameter which can be used to provide some default key values for $users_hash create_resources().

  • Default: {}
  • Examples(YAML):

coretx::identity: users_defaults: managehome: true groups:

- staff
- nix-admins

groups_hash

Hash parameter which can be used for multi group resource management via create_resources().

Resource documentation (group): https://docs.puppet.com/puppet/latest/types/group.html

  • Default: {}
  • Examples(YAML):

coretx::identity: groups_hash: staff: name: staff ensure: present nix-admins: name: nix-admins ensure: present gid: 2001

home_dir_parents

Hash parameter which can be used for multi folder resource management via create_resources().

You can use this to create parent directories for home folders if needed.

Resource documentation (file): https://docs.puppet.com/puppet/latest/types/file.html

  • Default: {}
  • Note: No recursion when creating directories, have to specify in hashed order
  • Examples(YAML):

coretx::identity: home_dir_parents: /var/home: ensure: directory owner: root mode: '0774' /var/home/pub: ensure: directory owner: root mode: '0774'

Class coretx::cronjob

Manage user and system-wide Cron jobs (/etc/crontab) - This class will overwrite your system Crontab file!

Resource documentation (cron): https://docs.puppet.com/puppet/latest/types/cron.html

Parameters

user_cronjobs_hash

Hash parameter which can be used for multi user cron job resource management via create_resources().

Writes cron entries in individual user crontabs.

  • Default: {}
  • Note: Ommited time key/values ('minute', 'hour', etc) default to '*'. Ommited 'user' key/value defaults to 'root'
  • Examples(YAML):

coretx::cronjob: user_cronjobs_hash: testjob1: name: testjob1 hour: 12 minute: 0 user: root command: reboot testjob2: name: testjob2 hour: 0 minute: 15 weekday: 1 user: sysadmin command: 'bash /var/scripts/montly-report.sh'

crontab_jobs_hash

Hash parameter which can be used for system Crontab file (/etc/crontab) management via erb template.

If this parameter is supplied a hash input, the class will detect the client OS (RedHat/Debian/Ubuntu) and write out a default template (coretx/crontab_deb.erb or coretx/crontab_el.erb)

  • Default: {}
  • Note: Ommited time schedule keys ('minute', 'hour', etc) default to '*'. Ommited 'user' key defaults to 'root'
  • Examples(YAML):

coretx::cronjob: crontab_jobs_hash: testjob1: name: testjob1 hour: 12 minute: 0 user: root command: reboot testjob2: name: testjob2 hour: 0 minute: 15 weekday: 1 user: sysadmin command: 'bash /var/scripts/montly-report.sh'

override_crontab_template

String parameter which can be used to override what template to use, e.g when you are attempting to use this class on a client OS other than RedHat/Debian/Ubuntu.

You can also supply your own template, just need to copy it to the coretx/templates plugin folder.

  • Default: 'use_defaults'
  • Examples: 'coretx/crontab_deb.erb' , 'coretx/crontab_el.erb'

override_crontab_path

String parameter which can be used to override what PATH value to use on a provided template.

The class will detect and supply defaults for the client OS - RedHat/Debian/Ubuntu.

  • Default: 'use_defaults'
  • Example: '/usr/local/sbin:/usr/local/bin'

override_crontab_shell

String parameter which can be used to override what SHELL value to use on a provided template.

The class will detect and supply defaults for the client OS - RedHat/Debian/Ubuntu.

  • Default: 'use_defaults'
  • Example: '/bin/sh'

override_cron_service

String parameter which can be used to specify what CRON service name value is in use on the system for service ensure/enable states and refresh triggers.

The class will detect and supply defaults for the client OS - RedHat/Debian/Ubuntu.

  • Default: 'use_defaults'
  • Examples: 'cron' , 'crond'

crond_ensure

String parameter which can be used to specify the ensure state of the CRON service.

  • Default: 'running'
  • Examples: 'running' , 'stopped'

crond_enable

Boolean parameter which can be used to specify the enable state of the CRON service.

  • Default: true
  • Examples: true , false

Class coretx::fsmounts

Manage the filesystem mount states (/etc/fstab)

Resource documentation (mount): https://docs.puppet.com/puppet/latest/types/mount.html

Parameters

fsmounts_hash

Hash parameter which can be used to manage entries in (/etc/fstab) via create_resources().

  • Default: {}
  • Note: Some fs types require extra supporting packages installed on the system - e.g. nfs requires nfs-utils
  • Examples(YAML):

coretx::fsmounts: fsmounts_hash: /mnt/exports: name: /mnt/exports ensure: mounted device: 192.168.99.200:/data fstype: nfs remounts: true options: ro /mnt/remote: name: /mnt/remote ensure: mounted device: 192.168.100.200:/data fstype: nfs remounts: true options: rw

fsmounts_dir_hash

Hash parameter which can be used for mount directory management via create_resources().

You can use this to create the mount directories on the local system, if needed.

  • Default: {}
  • Note: No recursion when creating directories. Hash directory resources are created before $fsmounts_hash mount resources
  • Examples(YAML):

coretx::fsmounts: fsmounts_dir_hash: /mnt/exports: name: /mnt/exports ensure: directory /mnt/remote: name: /mnt/remote ensure: directory owner: root mode: '0775'

default_fsmounts_ensure

String parameter which can be used to specify the default 'ensure' key values in $fsmounts_hash

  • Default: 'mounted'
  • Examples: 'mounted' , 'unmounted' , 'present' , 'absent'

default_fsmounts_options

String parameter which can be used to specify the default 'options' key value.

You can specify multiple options in the same key as a single String, comma separated.

Check man pages for more details mount(8).

  • Default: 'defaults'
  • Examples: 'defaults' , 'rw' , 'ro' , 'suid' , 'dev' , 'exec' , 'auto' , 'nouser' , 'async' etc.

default_fsmounts_remounts

Boolean parameter which can be used too specify the default 'remounts' key value

  • Default: true
  • Examples: true , false

Class coretx::root

Manage the root superuser.

Resource documentation (user): https://docs.puppet.com/puppet/latest/types/user.html

Parameters

root_ssh_keys

Hash parameter which can be used to specify ssh keys in via provided erb template.

Overwrites the specified SSH keys file! (Default: /root/.ssh/authorized_keys)

  • Default: {}
  • Examples(YAML):

coretx::root: root_ssh_keys: Foreman Puppet-Master: ssh-keys:

  - ecdsa-sha2-nistp256 BBBBB3NzaC1yc2EAAAADAQABAAABAQDfzq9TjTKQvylLeTkuCf9+BDaQgHCyAUEehLxJW6AkDa== foreman@localhost
  - ssh-rsa zaC1yc2EAAAABJQAAAQEAqOk3yrDBjG9AGk2uGgQvE8nL7wEfZiLLo1CQ57m72a6B+U4A2qZ4Oz8d== foreman-proxy@localhost
John Smith:
  ssh-keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAqOk3yrDBjG9AGRmJVE4cpfcA/3lpjuZmZ4e0QRnRWPxQzhvC02U4+HpQ== jsmith@localhost
James Allen:
  ssh-keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAGV6yY5Tej1AiAV8Dvc7jmX92IxFZ5I1EdcY5l3YKcd7yJKvjBgW0kic== jallen@localhost

root_ssh_dir

String parameter which can be used to specify the ssh keys directory to create inside /root home directory.

  • Default: '.ssh'
  • Example: any qualified dir name as a string

root_ssh_keys_file

String parameter which can be used to specify the ssh keys file name to create inside /root/$root_ssh_dir directory.

  • Default: 'authorized_keys'
  • Examples: any qualified file name as a string

root_purge_ssh_keys

Boolean parameter which can be used to purge the SSH keys file contents for the root user.

  • Default: false
  • Note: Setting this key value to true will only have effect if $root_ssh_keys hash is empty
  • Examples: true , false

root_acc_expiry

Use this String parameter to specify the root account expiry date.

  • Default: undef
  • Example: '2020-12-30'

root_passwd_hash

String parameter which can be used to specify the root account password in encrypted hashed format.

You can generate a salted encrypted password with the following:

  • Default: undef
  • Example: '$1$324dfdsg$WIrstQFASIpxo3yy4Xjg80'

root_passwd_max_age

String parameter which can be used to specify the root account password max age parameter in days as integer.

  • Default: undef
  • Example: '90'

root_passwd_min_age

String parameter which can be used to specify the root account password min age parameter in days as integer.

  • Default: undef
  • Example: '1'

Class coretx::hosts

Manage the hosts file (/etc/hosts) via erb template - This class will overwrite your hosts file!

Based off module chrekh/puppet-hosts - origin project url: https://github.com/chrekh/puppet-hosts

This class makes use of a custom fact (coretx/lib/facter/list_addrs.rb)

Parameters

hosts_file_entries

A hash with additional host file entries to add. Entries in this hash override automatic host entries for IP's on local interfaces.

The content can be either comment => { ip => [ names ], ... } or just ip => [ names ].

  • Default: {}
  • Examples(YAML):

coretx::hosts: hosts_file_entries: Foreman: 192.168.99.250:

  - foreman-dev.lab.local
  - puppet
  - puppet.lab.local
Service nodes:
  192.168.99.251:
  - nfs-node1
  192.168.99.252:
  - nfs-node2

hosts_file

String parameter to specify the hosts file location.

  • Default: '/etc/hosts'

hosts_file_group

String parameter to specify the hosts file group owner.

  • Default: 'root'

lo_names4

List of names for localhost ip4 loopback.

  • Default: [ 'localhost.localdomain', 'localhost', 'localhost4.localdomain4', 'localhost4' ]

lo_names6

List of names for localhost ip6 loopback.

  • Default: [ 'localhost.localdomain', 'localhost', 'localhost6.localdomain6', 'localhost6' ]

primary_ipv4

List of IPv4 addresses. Empty list means no entry.

  • Default: [ IPv4 addresses derived from local fact (no loopback or multicast) ]

primary_ipv6

List of IPv6 addresses. Empty list means no entry.

  • Default: [ IPv6 addresses derived from local fact, defaults to linklocal if no global scope assigned to interface (no loopback or multicast) ]

primary_names

List of names for primary addresses.

  • Default: [ $::fqdn, $::hostname ]

one_primary_ipv4

If true, only use the first address from primary_ipv4

  • Default: true

one_primary_ipv6

If true, only use the first address from primary_ipv6

  • Default: true

Class coretx::files

Manage file resources on client systems

Resource documentation (file): https://docs.puppet.com/puppet/latest/types/file.html

Resource documentation (file_line): https://forge.puppet.com/puppetlabs/stdlib#file_line

Parameters

files_hash

Hash parameter which can be used for multi file/folder resource management via create_resources().

You can put your own custom source files inside the coretx/files plugin directory and include them via with a 'source' key/value.

  • Default: {}
  • Examples(YAML):

coretx::files: fileshash: clientbucket.rb: name: clientbucket.rb path: '/root/clientbucket.rb' source: puppet:///modules/coretx/clientbucket.rb my_test_script.sh: name: my_test_script.sh path: '/var/scripts/my_test_script.sh' content: 'mysqldump -usysadmin --password=mypass --single-transaction > /backup/mysqlbackup${date}.sql' owner: sysadmin mode: '0700'

file_line_hash

Hash parameter which can be used to supply arguments to the file_line() stdlib function via create_resources().

The file_line() function can be used to modify line content in files by using regex match/replace.

  • Default: {}
  • Examples(YAML):

coretx::files: file_line_hash: '/etc/newrelic/nrsysmond.cfg': path: '/etc/newrelic/nrsysmond.cfg' match: "^license_key=" line: license_key=77f3fds0ZcsdfSA12400lNMc

create_parent_dirs

Boolean parameter which controls whether the class should also create the parent directories in $files_hash.

If true, scan the $files_hash parameter supplied hash for all "path" key/values and run a "mkdir -p" against each value.

Ensures all parent directories are created recursively.

  • Default: false
  • Examples: true , false

default_files_ensure

String parameter used as default value for $files_hash 'ensure' keys.

Can be overridden by specifying the 'ensure' key for each individual nested hash in $files_hash.

  • Default: 'present'
  • Examples: 'present' , 'absent' , 'file' , 'directory' etc.

default_files_owner

String parameter which can be used for specifying the default 'owner' key value for all nested hashes in $files_hash.

  • Default: undef

default_files_group

String parameter which can be used for specifying the default 'group' key value for all nested hashes in $files_hash.

  • Default: undef

default_files_mode

String parameter which can be used for specifying the default 'mode' key value for all nested hashes in $files_hash.

  • Default: undef

Class coretx::yumrepos

Manage yum repository definitions for the RedHat family.

Resource documentation (yumrepo): https://docs.puppet.com/puppet/latest/types/yumrepo.html

Parameters

yumrepo_hash

Hash parameter which can be used to manage multiple yum repository resources via create_resources().

  • Default: {}
  • Examples(YAML):

coretx::yumrepos: yumrepo_hash: newrelic-repo: descr: Newrelic Yum repository baseurl: https://yum.newrelic.com/pub/newrelic/el5/x86_64/ puppet-pc1-el7: descr: Puppet Labs PC1 Repository el 7 baseurl: http://yum.puppetlabs.com/el/7/PC1/$basearch enabled: 1 gpgcheck: 0

default_yumrepo_enable

String parameter which can be used for specifying the default 'enable' key value for all nested hashes in $yumrepo_hash.

  • Default: 1

default_gpgcheck_enable

String parameter which can be used for specifying the default 'gpgcheck' key value for all nested hashes in $yumrepo_hash.

  • Default: 0

Class coretx::packages

Manage software package states.

Resource documentation (package): https://docs.puppet.com/puppet/latest/types/package.html

Parameters

packages_hash

Hash parameter which can be used to manage multiple package resources via create_resources().

  • Default: {}
  • Examples(YAML):

coretx::packages: packages_hash: nfs-utils: name: nfs-utils ensure: latest newrelic-sysmond: name: newrelic-sysmond ensure: purged

packages_hash_defaults

Hash parameter which can be used to specify default keys/values for $packages_hash input.

  • Default: {}
  • Examples(YAML):

coretx::packages: packages_hash_defaults: ensure: latest

Class coretx::services

Manage existing service states.

Resource documentation (service): https://docs.puppet.com/puppet/latest/types/service.html

Parameters

services_hash

Hash parameter which can be used to manage the state of multiple (existing) service resources via create_resources().

  • Default: {}
  • Examples(YAML):

coretx::services: services_hash: sshd: name: sshd enable: true ensure: running open-vm-tools: name: open-vm-tools enable: false ensure: stopped

default_service_ensure

String parameter which can be used for specifying the default 'ensure' key value for all nested hashes in $services_hash.

  • Default: running
  • Examples: stopped , running

default_service_enable

Boolean parameter which can be used for specifying the default 'enable' key value for all nested hashes in $services_hash.

  • Default: true
  • Examples: true , false