Port site.pp to Puppet 4.x, move into production environment folder.

1 files changed, 189 insertions, 0 deletions

diff --git a/code/environments/production/manifests/site.pp b/code/environments/production/manifests/site.pp
new file mode 100644
index 0000000..2488b47
--- /dev/null
+++ b/code/environments/production/manifests/site.pp
@@ -0,0 +1,189 @@
+#include apt
+
+class ssh_pubkeys_admins {
+	# Mike Gabriel, IT-Zukunft Schule
+	ssh_authorized_key { 'mike@minobo':
+		type => 'ssh-rsa',
+		key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDn2moKR4u3yJW+/hvwmhUDjiLBxiMPB+46YO9iEo8HXsdulpMi20hi2TTmWA0w3hog1IEnre6C7UGHcZG0HfPg+eROIuuXRcOfg3WP/IBV0KMF4DTa1KDoN/Nw7HMlhWxGxFrdbumAoj/s2ZaA/of1fpaPKOhunF8S9Ch60LYmgnR3tzJW/b0jS9fww8o/rMB3pZy2WSW0uUfpOIbDv+XHhNiC/iu8IgD+M5KkK+qbNZFPoTQkebc0RPRBcOrmEYroofFGg+7jPU++AEKJUKSaGjZRWzACuXiUzTo2F9fT09EMWU4oiYV9zRqjx6ctncwfEB4qOfoRUycfxBSJk7t7',
+		user => 'root',
+	}
+	# Marcel Sandow, IT-Zukunft Schule
+	ssh_authorized_key { 'marcel@Bigblue':
+		type => 'ssh-rsa',
+		key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQD3RPZTCJNjuV2vq8cO6AwPaVcjimg2DgRi2GitC/K4HzQuy0+RswVktyBACKpFogx254S1gjGoueYDfHq+T4hdoBussGln0MEsJKbEPEgWpGUZgurg3eWSAlzAWlhf9Goy5ZA362sOz3NsbY3DE+4CqxQWth+CctpGz1WzAvFy0K7oclfoncbOlftgEUukvKqJtSapxNAb+O+Ijjur/yaXKwk/dK7T+ZTPhZwChlxo50kLuiN8d3TYgFxc19LncJxq6s8BqQs70Z6m1CNHA07t6UD01Pto29TRNZfAnjuAP8FiO9Cu06cUnHrwlG2jgvr5hA0rLFYnVtgGaQX6RCsT',
+		user => 'root',
+	}
+	# Benjamin Schlüter, LOGO EDV-Systeme GmbH
+	ssh_authorized_key { 'benni@nbbenni':
+		type => 'ssh-rsa',
+		key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQCy2oN7DNtxUXsKUEOsQiUWW9fupzVJAuoaGe3OWxlcZN1je9EpObfHEn5HuYJFcBgHK6PSapPIOJ9QXbLsUYX5vhQwx9oBOg7W8He0kNscO23kjVOLJGaebGX5zNpf96RjZIy/Jhwlb73hCMqTTdp+D3/VDIm7q1UbMn2KOl9ldGwPJCxppeBeHdr89CED1RX/XAXt69qknrC1wm1NXp+UGz9FaG9YWJPNrFXBBvrGCt1oUrB8bXo/poo+doIuVmMqvN0e7lBDOzsRIiorDEk/cFc+ZOUBn4QOeY7J7keX6l2v3AxRXq6ErZrX+ooa83duRGXj2HkNWufmAi0CqzeXqGFIw+9S9vextn/zCp15G737cruJ50nX5jK38I9fnf3rfGveYdGuf3ta3Eihw1QiK/J4DQeTFKscsR4+P/iRcnsFO4/aVgDbOtCeKIaLK0fh9JWa/H2NVaLWvYv7beDoPtZ7I8TW+SsnO6mykmqUg679fcA/ZTIoAfLfK99UDiOhpye0EtWxGMiBBHn0V1RbERNjfHEVcBnlvcnPRIqkfwOEK5bASXpzzPvEuEGkFlHhtuXQ6WoWdA8zCq+lakNLYeq8CemU9Hd20JgILOidP4Yt9yNuusTP/EDg0AN9fggQe/rc1Raui/5/rVgkzqYFp8DMbgFAAcBTqsBCh1GVDQ==',
+		user => 'root',
+	}
+}
+
+class ssh_pubkeys_firedadmins {
+	# Lucian Anderwald, IT-Zukunft Schule
+	ssh_authorized_key { 'lucian@SATELLITE':
+		ensure => 'absent',
+		type => 'ssh-rsa',
+		key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQC71S/LYktwTalKjE6Sb7XlOyV1tr1O+codh4C3g9uVtjqytYj/Lx6hExxegwN2tiTAjb3skEKpdg7uRbmpEZBtyST/UrrJCB0l0KbjJelfh4MANuRF+H9CNAPwaxcLfCWeTFwmQW8mcSHE20ljY7kpJykEoihBVjK49k+kD+sphIG1o4BU8nQii0i5/U2HqHkPZHzCIjIprN9kTx/n/zMmCLwuIW58KJitG/ttBXPq+TMsN/zcUQm7/PL7UmIMlvUtKzApuM36PUyah7/rpOB5mIYrqFcDXSBUpFLT1CIvfH6ZR5umhnwiRXDsVfP8e0WB1JhOZV1LqOez8s7c4a6/',
+		user => 'root',
+	}
+	# Marius Rasch, IT-Zukunft Schule
+	ssh_authorized_key { 'marius@soledad':
+		ensure => 'absent',
+		type => 'ssh-rsa',
+		key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCuoOfxXovfHlODw7dDlfcLKHaD7fotGT5Kb/HADNQY+GMINKy9Zu71/qpjVZtrckLl92nS7ygCf7+KpyfihdJgKBIeacikD4Y8/slDA2AbBuTZsHOp9HEzopmE1DbJbjeFtnjv8usPx/zB0buEtXy7Fa+bMIu6gIDIK7pO83kqiI/uv1sDyyaElw50Hn8tvZg7OtVHuShxjRCZVDolqUKBDDrQ+lZQG24XeMrQ4cEZ9yLYNAeeLwqqiWqnQ0jrCf2JYI4V7Oo1tvjKJM8HiVFSjsPh8cEu5iLBi08fuKCR7p1efSTOsy06HeraZpWJw5MH+At7sy3qjuuJ0oftrg3n',
+		user => 'root',
+	}
+}
+
+#class ssh_pubkeys_backupserver {
+#	ssh_authorized_key { 'root@backup-01':
+#		type => 'ssh-rsa',
+#		key => '<UNKNOWN-PUB-KEY>',
+#		user => 'root',
+#	}
+#}
+
+class anacron_on_battery {
+    file_line { 'anacron-on-battery':
+	path  => '/etc/default/anacron',
+	line  => 'ANACRON_RUN_ON_BATTERY_POWER=yes',
+	match => '^ANACRON_RUN_ON_BATTERY_POWER\=.*$',
+    }
+}
+
+class login_manager {
+    package { 'lightdm':
+	ensure => 'installed',
+    }
+    package { 'arctica-greeter':
+	ensure => 'installed',
+    }
+}
+
+class itzks_systems_common {
+	package { 'itzks-systems-common':
+		ensure => 'latest',
+	}
+}
+
+class itzks_systems_workstation {
+	package { 'itzks-systems-workstation':
+		ensure => 'latest',
+	}
+}
+
+class itzks_systems_mainserver {
+	package { 'itzks-systems-mainserver':
+		ensure => 'latest',
+	}
+}
+
+class itzks_systems_terminalserver {
+	package { 'itzks-systems-terminalserver':
+		ensure => 'latest',
+	}
+}
+
+class fsautoresizetab {
+	file { '/etc/fsautoresizetab':
+		ensure => 'present',
+		path => '/etc/fsautoresizetab',
+		replace => 'no',
+		source => '/usr/share/debian-edu-config/fsautoresizetab',
+        }
+}
+
+class fsautoresizetab_change_usr {
+	file_line { 'usr':
+		path => '/etc/fsautoresizetab',
+		line => '/usr                     10% 18g 5%',
+		match => '^/usr\ .*',
+                require => File["/etc/fsautoresizetab"],
+	}
+}
+
+node "tjener.intern" {
+
+	class { 'ssh_pubkeys_admins': }
+	class { 'ssh_pubkeys_firedadmins': }
+	class { 'ssh_pubkeys_backupserver': }
+	class { 'itzks_systems_common': }
+
+	class { 'itzks_systems_mainserver': }
+	class { 'itzks_systems_terminalserver': }
+}
+# NOT PRESENT node "filter.intern" inherits "all_servers" {}
+# NOT PRESENT node "opsiserver.intern" inherits "all_servers" {}
+# NOT PRESENT node "displayserver.intern" inherits "all_servers" {}
+# NOT PRESENT node "contentserver.intern" inherits "all_servers" {}
+# NOT PRESENT node "devserver.intern" inherits "all_servers" {}
+# NOT PRESENT node "bibserv.intern" inherits "all_servers" {
+
+# Workstations
+node /workstation-.*\.intern$/ {
+
+	class { 'ssh_pubkeys_admins': }
+	class { 'ssh_pubkeys_firedadmins': }
+	class { 'login_manager': }
+	class { 'itzks_systems_common': }
+        class { 'itzks_systems_workstation': }
+
+#        # settings appropriate for workstation hosts
+#        class { 'apt::unattended_upgrades':
+#                origins => [
+#                        'o=Debian,n=${distro_codename}',
+#                        'o=Debian,n=${distro_codename}-updates',
+#                        'o=Debian,n=${distro_codename},l=Debian-Security',
+#                        'o=IT-Zukunft Schule,n=${distro_codename},l=IT-Zukunft Schule',
+#                ],
+#                update => "1",
+#                download => "1",
+#                upgrade => "1",
+#                autoclean => "7",
+#                auto_fix => true,
+#                minimal_steps => true,
+#                install_on_shutdown => false,
+#                remove_unused => true,
+#                auto_reboot => false,
+#                download_delta => "1",
+#        }
+
+	class { 'fsautoresizetab': }
+	class { 'fsautoresizetab_change_usr': }
+}
+
+# Notebooks
+node /notebook-.*\.intern$/ {
+
+	class { 'ssh_pubkeys_admins': }
+	class { 'ssh_pubkeys_firedadmins': }
+	class { 'login_manager': }
+	class { 'itzks_systems_common': }
+        class { 'itzks_systems_workstation': }
+
+#        # settings appropriate for workstation hosts
+#        class { 'apt::unattended_upgrades':
+#                origins => [
+#                        'o=Debian,n=${distro_codename}',
+#                        'o=Debian,n=${distro_codename}-updates',
+#                        'o=Debian,n=${distro_codename},l=Debian-Security',
+#                        'o=IT-Zukunft Schule,n=${distro_codename},l=IT-Zukunft Schule',
+#                ],
+#                update => "1",
+#                download => "1",
+#                upgrade => "1",
+#                autoclean => "7",
+#                auto_fix => true,
+#                minimal_steps => true,
+#                install_on_shutdown => false,
+#                remove_unused => true,
+#                auto_reboot => false,
+#                download_delta => "1",
+#        }
+
+	class { 'fsautoresizetab': }
+	class { 'fsautoresizetab_change_usr': }
+}