1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
|
# to not repeat the setting everywhere
Exec { path => "/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin/" }
# svn, big important server
node valstar {
# Location: IELO datacenter (marseille)
#
# TODO:
# - GIT server
# - setup youri
# - setup maintainers database (with web interface)
# - mirroring (Nanar)
#
include common::default_mageia_server
timezone::timezone { "Europe/Paris": }
include main_mirror
include openldap::master
include subversion::client
include subversion::server
include puppet::master
include ssh::auth
include ssh::auth::keymaster
include buildsystem::mainnode
include buildsystem::mgacreatehome
include buildsystem::sync20101
include buildsystem::release
include buildsystem::maintdb
include softwarekey::base
include access_classes::committers
include restrictshell::allow_git
include restrictshell::allow_svn
include restrictshell::allow_pkgsubmit
include restrictshell::allow_maintdb
# disabled the ldap key here instead of disabling for the
# whole module ( see r698 )
class { "openssh::ssh_keys_from_ldap":
symlink_users => ['schedbot', 'iurt']
}
include mirror::mdv2010spring
include repositories::subversion
include repositories::git
include websites::svn
subversion::snapshot { "/etc/puppet":
source => "svn://svn.mageia.org/svn/adm/puppet/"
}
}
# web apps
node alamut {
# Location: IELO datacenter (marseille)
#
# TODO:
# - Review board
# - nagios
# - api
# - mail server
# - mailing list server
# - wiki
# - pastebin
# - LDAP slave
#
include common::default_mageia_server_no_smtp
include postgresql::server
postgresql::tagged { "default": }
timezone::timezone { "Europe/Paris": }
include catdap
include mga-mirrors
include epoll
include transifex
include bugzilla
include sympa::server
include postfix::primary_smtp
# temporary, just the time the vm is running there
host { 'friteuse':
ip => '192.168.122.131',
host_aliases => [ "friteuse.$domain", "forums.$domain" ],
ensure => 'present',
}
# to create all phpbb database on alamut
phpbb::databases { $fqdn: }
apache::vhost_redirect_ssl { "forums.$domain": }
apache::vhost_redirect { "forum.$domain":
url => "https://forums.$domain/",
}
apache::vhost_redirect { "ssl_forum.$domain":
url => "https://forums.$domain/",
vhost => "forum.$domain",
use_ssl => true,
}
# connect to ssl so the proxy do not shoke if trying to
# enforce ssl ( note that this has not been tested, maybe this
# is uneeded )
apache::vhost_reverse_proxy { "ssl_forums.$domain":
url => "https://forums.$domain/",
vhost => "forums.$domain",
use_ssl => true,
}
include tld_redirections
include libvirtd::kvm
include lists
include dns::server
include repositories::svn_mirror
include viewvc
# disabled until fixed
#include repositories::git_mirror
include gitweb
include xymon::server
apache::vhost_simple { "xymon.$domain":
location => "/var/lib/xymon/www",
}
include youri-check::report
}
# buildnode
node jonund {
# Location: IELO datacenter (marseille)
#
include common::default_mageia_server
include buildsystem::buildnode
include buildsystem::iurt20101
timezone::timezone { "Europe/Paris": }
include shorewall
include shorewall::default_firewall
include testvm
}
node ecosse {
# Location: IELO datacenter (marseille)
#
include common::default_mageia_server
include buildsystem::buildnode
timezone::timezone { "Europe/Paris": }
}
# backup server
node fiona {
# Location: IELO datacenter (marseille)
#
# TODO:
# - buy the server
# - install the server in datacenter
# - install a backup system
include common::default_mageia_server
}
# gandi-vm
node krampouezh {
# Location: gandi VM
#
# TODO:
# - secondary MX
# - LDAP slave (for external traffic maybe)
#
#include common::default_mageia_server
include common::default_mageia_server_no_smtp
include postfix::secondary_smtp
include blog::base
include blog::db_backup
include mysql::server
include dns::server
timezone::timezone { "Europe/Paris": }
openldap::slave_instance { "1":
rid => 1,
}
# Other services running on this server :
# - meetbot
}
node champagne {
# Location: gandi VM
#
# TODO:
# - setup mageia.org web site
# - setup blog
# - setup planet
#
include common::default_mageia_server
timezone::timezone { "Europe/Paris": }
include blog::files-bots
include blog::files_backup
include planet
include websites::static
include websites::hugs
include websites::releases
include dashboard::base
include access_classes::web
include openssh::ssh_keys_from_ldap
}
node friteuse {
# Location: VM hosted by nfrance (toulouse)
#
# TODO:
# - setup forum
include common::default_mageia_server
timezone::timezone { "Europe/Paris": }
include forums
}
node rabbit {
# Location: Server offered by Dedibox (paris)
#
# - used to create isos ( and live, and so on )
#
include common::default_mageia_server
timezone::timezone { "Europe/Paris": }
include bcd::base
include bcd::web
include bcd::rsync
include draklive::base
include access_classes::iso_makers
include openssh::ssh_keys_from_ldap
include mirror::mageia
include mirror::newrelease
include releasekey::base
include youri-check::check
# for testing iso quickly
include libvirtd::kvm
libvirtd::group_access { "mga-iso_makers": }
# to ease the creation of test iso
$netinst_iso_path = "/var/lib/libvirt/netboot"
file { $netinst_iso_path:
ensure => directory,
}
libvirtd::storage { "netinst_iso":
path => $netinst_iso_path,
require => File[$netinst_iso_path],
}
include auto_installation::download
auto_installation::download::netboot_images { "mandriva":
path => $netinst_iso_path,
versions => ["2010.0","2010.1"],
archs => ['i586','x86_64'],
mirror_path => "ftp://ftp.free.fr/pub/Distributions_Linux/MandrivaLinux/official/%{version}/%{arch}/install/images/",
files => ['boot.iso'],
require => File[$netinst_iso_path],
}
# for testing pxe support of libvirt
libvirtd::network {"pxe_network":
network => "192.168.123.0/24",
tftp_root => $auto_installation::variables::pxe_dir,
bridge_name => "virbr1",
}
include auto_installation::pxe_menu
auto_installation::mandriva_installation_entry { "pxe_test":
version => "2010.1",
arch => "i586",
}
}
|