Matanya has uploaded a new change for review. https://gerrit.wikimedia.org/r/98377
Change subject: toollabs: lint cleanup ...................................................................... toollabs: lint cleanup Change-Id: I748652a44071a98c74637c92f6b66f81213c5b9a --- M modules/toollabs/manifests/bastion.pp M modules/toollabs/manifests/execnode.pp M modules/toollabs/manifests/infrastructure.pp M modules/toollabs/manifests/init.pp M modules/toollabs/manifests/mailrelay.pp M modules/toollabs/manifests/master.pp M modules/toollabs/manifests/proxy.pp M modules/toollabs/manifests/redis.pp M modules/toollabs/manifests/tyrant.pp M modules/toollabs/manifests/webnode.pp M modules/toollabs/manifests/webserver.pp 11 files changed, 223 insertions(+), 228 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/77/98377/1 diff --git a/modules/toollabs/manifests/bastion.pp b/modules/toollabs/manifests/bastion.pp index 34b9a33..13f2f6f 100644 --- a/modules/toollabs/manifests/bastion.pp +++ b/modules/toollabs/manifests/bastion.pp @@ -15,41 +15,41 @@ include toollabs::exec_environ, toollabs::dev_environ - file { "/etc/ssh/ssh_config": + file { '/etc/ssh/ssh_config': ensure => file, - mode => "0444", - owner => "root", - group => "root", - source => "puppet:///modules/toollabs/submithost-ssh_config", + mode => '0444', + owner => 'root', + group => 'root', + source => 'puppet:///modules/toollabs/submithost-ssh_config', } class { 'gridengine::submit_host': gridmaster => $gridmaster, } - file { "/etc/update-motd.d/40-bastion-banner": + file { '/etc/update-motd.d/40-bastion-banner': ensure => file, - mode => "0755", - owner => "root", - group => "root", + mode => '0755', + owner => 'root', + group => 'root', source => "puppet:///modules/toollabs/40-${instanceproject}-bastion-banner", } - file { "$store/submithost-$fqdn": - ensure => file, - owner => 'root', - group => 'root', - mode => '0444', + file { "${store/submithost-$fqdn}": + ensure => file, + owner => 'root', + group => 'root', + mode => '0444', require => File[$store], - content => "$ipaddress\n", + content => "${ipaddress\n}", } - file { "/usr/bin/sql": + file { '/usr/bin/sql': ensure => file, - mode => "0755", - owner => "root", - group => "root", - source => "puppet:///modules/toollabs/sql", + mode => '0755', + owner => 'root', + group => 'root', + source => 'puppet:///modules/toollabs/sql', } # Display tips. @@ -57,30 +57,28 @@ ensure => present, } - file { "/etc/profile.d/motd-tips.sh": - ensure => file, - mode => "0555", - owner => "root", - group => "root", - source => "puppet:///modules/toollabs/motd-tips.sh", + file { '/etc/profile.d/motd-tips.sh': + ensure => file, + mode => '0555', + owner => 'root', + group => 'root', + source => 'puppet:///modules/toollabs/motd-tips.sh', require => Package['grep'], } - file { [ '/data/project/.system/tips.sh', - '/data/project/.system/bin/tips.sh', - '/data/project/.system/bin/tips2.sh' ]: + file { [ '/data/project/.system/tips.sh', '/data/project/.system/bin/tips.sh', '/data/project/.system/bin/tips2.sh' ]: ensure => absent, } - package { "misctools": + package { 'misctools': ensure => latest, } # Temporary hack to manage obsolete files in /usr/local/bin. # TODO: Remove when no longer needed. - file { "/usr/local/bin/become": + file { '/usr/local/bin/become': ensure => link, - target => "/usr/bin/become" + target => '/usr/bin/become', } # TODO: cron setup diff --git a/modules/toollabs/manifests/execnode.pp b/modules/toollabs/manifests/execnode.pp index 1e5c785..4152f3e 100644 --- a/modules/toollabs/manifests/execnode.pp +++ b/modules/toollabs/manifests/execnode.pp @@ -18,21 +18,21 @@ gridmaster => $gridmaster, } - file { "/etc/update-motd.d/40-exechost-banner": + file { '/etc/update-motd.d/40-exechost-banner': ensure => file, - mode => "0755", - owner => "root", - group => "root", + mode => '0755', + owner => 'root', + group => 'root', source => "puppet:///modules/toollabs/40-${instanceproject}-exechost-banner", } - file { "$store/execnode-$fqdn": - ensure => file, - owner => 'root', - group => 'root', - mode => '0444', + file { "${store/execnode-$fqdn}": + ensure => file, + owner => 'root', + group => 'root', + mode => '0444', require => File[$store], - content => "$ipaddress\n", + content => "${ipaddress\n}", } # Execution hosts have funky access requirements; they need to be ssh-able @@ -41,44 +41,44 @@ # We override /etc/ssh/shosts.equiv and /etc/security/access.conf # accordingly from information collected from the project store. - file { "/usr/local/sbin/project-make-shosts": + file { '/usr/local/sbin/project-make-shosts': ensure => file, - owner => 'root', - group => 'root', - mode => '0755', - source => "puppet:///modules/toollabs/project-make-shosts", + owner => 'root', + group => 'root', + mode => '0755', + source => 'puppet:///modules/toollabs/project-make-shosts', } - exec { "make-shosts": - command => "/usr/local/sbin/project-make-shosts >/etc/ssh/shosts.equiv~", + exec { 'make-shosts': + command => '/usr/local/sbin/project-make-shosts >/etc/ssh/shosts.equiv~', require => File['/usr/local/sbin/project-make-shosts', $store], } - file { "/etc/ssh/shosts.equiv": - ensure => file, - owner => 'root', - group => 'root', - mode => '0444', - source => "/etc/ssh/shosts.equiv~", + file { '/etc/ssh/shosts.equiv': + ensure => file, + owner => 'root', + group => 'root', + mode => '0444', + source => '/etc/ssh/shosts.equiv~', require => Exec['make-shosts'], } - file { "/usr/local/sbin/project-make-access": + file { '/usr/local/sbin/project-make-access': ensure => file, - owner => 'root', - group => 'root', - mode => '0755', - source => "puppet:///modules/toollabs/project-make-access", + owner => 'root', + group => 'root', + mode => '0755', + source => 'puppet:///modules/toollabs/project-make-access', } - exec { "make-access": - command => "/usr/local/sbin/project-make-access >/etc/security/access.conf~", + exec { 'make-access': + command => '/usr/local/sbin/project-make-access >/etc/security/access.conf~', require => File['/usr/local/sbin/project-make-access', $store], } File <| title == '/etc/security/access.conf' |> { content => undef, - source => "/etc/security/access.conf~", + source => '/etc/security/access.conf~', require => Exec['make-access'], } diff --git a/modules/toollabs/manifests/infrastructure.pp b/modules/toollabs/manifests/infrastructure.pp index 79d17bb..3f8af5e 100644 --- a/modules/toollabs/manifests/infrastructure.pp +++ b/modules/toollabs/manifests/infrastructure.pp @@ -14,11 +14,11 @@ # class toollabs::infrastructure { - file { "/etc/update-motd.d/40-infrastructure-banner": + file { '/etc/update-motd.d/40-infrastructure-banner': ensure => file, - mode => "0755", - owner => "root", - group => "root", + mode => '0755', + owner => 'root', + group => 'root', source => "puppet:///modules/toollabs/40-${instanceproject}-infrastructure-banner", } diff --git a/modules/toollabs/manifests/init.pp b/modules/toollabs/manifests/init.pp index b961a74..5ba6d1c 100644 --- a/modules/toollabs/manifests/init.pp +++ b/modules/toollabs/manifests/init.pp @@ -13,8 +13,8 @@ # class toollabs { - $store = "/data/project/.system/store" - $repo = "/data/project/.system/deb" + $store = '/data/project/.system/store' + $repo = '/data/project/.system/deb' # # The $store is an incredibly horrid workaround the fact that we cannot @@ -27,53 +27,53 @@ # file { $store: - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - require => Service["autofs"], + ensure => directory, + owner => 'root', + group => 'root', + mode => '0755', + require => Service['autofs'], } - file { "$store/hostkey-$fqdn": - ensure => file, - owner => 'root', - group => 'root', - mode => '0444', + file { "${store/hostkey-$fqdn}": + ensure => file, + owner => 'root', + group => 'root', + mode => '0444', require => File[$store], - content => "[$fqdn]:*,[$ipaddress]:* ssh-rsa $sshrsakey\n$fqdn ssh-rsa $sshrsakey\n", + content => "[${fqdn}]:*,[${ipaddress}]:* ssh-rsa ${sshrsakey}\n${fqdn} ssh-rsa ${sshrsakey}\n", } - exec { "make_known_hosts": - command => "/bin/cat $store/hostkey-* >/etc/ssh/ssh_known_hosts~", + exec { 'make_known_hosts': + command => '/bin/cat $store/hostkey-* >/etc/ssh/ssh_known_hosts~', require => File[$store], } - file { "/etc/ssh/ssh_known_hosts": - ensure => file, - require => Exec["make_known_hosts"], - source => "/etc/ssh/ssh_known_hosts~", - mode => "0444", - owner => "root", - group => "root", + file { '/etc/ssh/ssh_known_hosts': + ensure => file, + require => Exec['make_known_hosts'], + source => '/etc/ssh/ssh_known_hosts~', + mode => '0444', + owner => 'root', + group => 'root', } # this is a link to shared folder - file { "/shared": + file { '/shared': ensure => link, - target => "/data/project/.shared"; + target => '/data/project/.shared' } # Replaced by toollabs::bastion's /etc/profile.d/motd-tips.sh. - file { "/etc/profile.d/tips.sh": + file { '/etc/profile.d/tips.sh': ensure => absent, } - file { "/root/.bashrc": + file { '/root/.bashrc': ensure => file, - source => "puppet:///modules/toollabs/rootrc", - mode => "0750", - owner => "root", - group => "root", + source => 'puppet:///modules/toollabs/rootrc', + mode => '0750', + owner => 'root', + group => 'root', } @@ -82,47 +82,47 @@ # don't care that packages need updating, or that filesystems # will be checked, for instance) - file { "/etc/update-motd.d": - ensure => directory, - mode => "0755", - owner => "root", - group => "root", - force => true, + file { '/etc/update-motd.d': + ensure => directory, + mode => '0755', + owner => 'root', + group => 'root', + force => true, recurse => true, - purge => true, + purge => true, } # We keep a project-locat apt repo where we stuff packages we build # that are intended to be local to the project. By keeping it on the # shared storage, we have no need to set up a server to use it. - file { "/etc/apt/sources.list.d/local.list": - ensure => file, - content => "deb [ arch=amd64 trusted=yes ] file:$repo/ amd64/\ndeb [ arch=all trusted=yes ] file:$repo/ all/\n", - mode => "0444", - owner => "root", - group => "root", + file { '/etc/apt/sources.list.d/local.list': + ensure => file, + content => "deb [ arch=amd64 trusted=yes ] file:${repo}/ amd64/\ndeb [arch=all trusted=yes ] file:${repo}/ all/\n", + mode => '0444', + owner => 'root', + group => 'root', } # Trustworthy enough - file { "/etc/apt/sources.list.d/mariadb.list": - ensure => file, + file { '/etc/apt/sources.list.d/mariadb.list': + ensure => file, content => "deb http://ftp.osuosl.org/pub/mariadb/repo/5.5/ubuntu precise main\n", - mode => "0444", - owner => "root", - group => "root", + mode => '0444', + owner => 'root', + group => 'root', } File <| title == '/etc/exim4/exim4.conf' |> { content => undef, - source => [ "$store/mail-relay", "puppet:///modules/toollabs/exim4-norelay.conf" ], - notify => Service['exim4'], + source => [ "${store}/mail-relay", 'puppet:///modules/toollabs/exim4-norelay.conf' ], + notify => Service['exim4'], } - file { "/var/mail": + file { '/var/mail': ensure => link, - force => true, - target => "$store/mail", + force => true, + target => "${store}/mail", } } diff --git a/modules/toollabs/manifests/mailrelay.pp b/modules/toollabs/manifests/mailrelay.pp index 81493e2..e52fe3d 100644 --- a/modules/toollabs/manifests/mailrelay.pp +++ b/modules/toollabs/manifests/mailrelay.pp @@ -13,45 +13,45 @@ class toollabs::mailrelay($maildomain) inherits toollabs { include toollabs::infrastructure - package { "procmail": + package { 'procmail': ensure => present, } - file { "$store/mail-relay": - ensure => file, - owner => 'root', - group => 'root', - mode => '0444', + file { "${store}/mail-relay": + ensure => file, + owner => 'root', + group => 'root', + mode => '0444', require => File[$store], - content => template("toollabs/mail-relay.erb"), + content => template('toollabs/mail-relay.erb'), } File <| title == '/etc/exim4/exim4.conf' |> { - source => undef, - content => template("toollabs/exim4.conf.erb"), - notify => Service['exim4'], + source => undef, + content => template('toollabs/exim4.conf.erb'), + notify => Service['exim4'], } File <| title == '/etc/default/exim4' |> { content => undef, - source => "puppet:///modules/toollabs/exim4.default.mailrelay", - notify => Service['exim4'], + source => 'puppet:///modules/toollabs/exim4.default.mailrelay', + notify => Service['exim4'], } # Enable Ganglia monitoring. file { '/usr/local/bin/collect_exim_stats_via_gmetric': - owner => 'root', - group => 'root', - mode => 0755, - source => 'puppet:///files/ganglia/collect_exim_stats_via_gmetric'; + owner => 'root', + group => 'root', + mode => '0755', + source => 'puppet:///files/ganglia/collect_exim_stats_via_gmetric', } cron { 'collect_exim_stats_via_gmetric': - user => 'root', + ensure => present, + user => 'root', command => '/usr/local/bin/collect_exim_stats_via_gmetric', require => File['/usr/local/bin/collect_exim_stats_via_gmetric'], - ensure => present; } } diff --git a/modules/toollabs/manifests/master.pp b/modules/toollabs/manifests/master.pp index 3779a1f..1c03efd 100644 --- a/modules/toollabs/manifests/master.pp +++ b/modules/toollabs/manifests/master.pp @@ -29,20 +29,20 @@ # file { $repo: - ensure => directory, - owner => 'local-admin', - group => 'local-admin', - mode => '0755', - require => Service["autofs"], + ensure => directory, + owner => 'local-admin', + group => 'local-admin', + mode => '0755', + require => Service['autofs'], } - file { "$repo/update-repo.sh": - ensure => file, - owner => 'local-admin', - group => 'local-admin', - mode => '0550', + file { "${repo/update-repo.sh}": + ensure => file, + owner => 'local-admin', + group => 'local-admin', + mode => '0550', require => File[$repo], - source => "puppet:///modules/toollabs/update-repo.sh", + source => 'puppet:///modules/toollabs/update-repo.sh', } } diff --git a/modules/toollabs/manifests/proxy.pp b/modules/toollabs/manifests/proxy.pp index f6b4c4b..1a35965 100644 --- a/modules/toollabs/manifests/proxy.pp +++ b/modules/toollabs/manifests/proxy.pp @@ -3,13 +3,10 @@ class toollabs::proxy inherits toollabs { include toollabs::infrastructure - $apaches = [ 'tools-webserver-01.pmtpa.wmflabs', - 'tools-webserver-02.pmtpa.wmflabs', - 'tools-webserver-03.pmtpa.wmflabs' - ] + $apaches = [ 'tools-webserver-01.pmtpa.wmflabs', 'tools-webserver-02.pmtpa.wmflabs', 'tools-webserver-03.pmtpa.wmflabs' ] class { '::dynamicproxy': notfound_servers => $apaches, - luahandler => 'urlproxy.lua' + luahandler => 'urlproxy.lua' } } diff --git a/modules/toollabs/manifests/redis.pp b/modules/toollabs/manifests/redis.pp index 9c88499..5167bac 100644 --- a/modules/toollabs/manifests/redis.pp +++ b/modules/toollabs/manifests/redis.pp @@ -14,14 +14,14 @@ # Sample Usage: # class toollabs::redis ( - $maxmemory = "1GB" + $maxmemory = '1GB' ) inherits toollabs { include toollabs::infrastructure class { '::redis': - persist => "aof", - dir => "/var/lib/redis", - maxmemory => $maxmemory, + persist => 'aof', + dir => '"/var/lib/redis', + maxmemory => $maxmemory, # Disable the following commands, to try to limit people from # Trampling on each others' keys rename_commands => { @@ -36,7 +36,7 @@ "DEBUG" => "", "MONITOR" => "" }, - monitor => true + monitor => true } # Enable Ganglia monitoring. diff --git a/modules/toollabs/manifests/tyrant.pp b/modules/toollabs/manifests/tyrant.pp index f4be395..d4acc1b 100644 --- a/modules/toollabs/manifests/tyrant.pp +++ b/modules/toollabs/manifests/tyrant.pp @@ -17,13 +17,13 @@ gridmaster => $gridmaster, } - file { "$store/submithost-$fqdn": - ensure => file, - owner => 'root', - group => 'root', - mode => '0444', + file { "${store}/submithost-${fqdn}": + ensure => file, + owner => 'root', + group => 'root', + mode => '0444', require => File[$store], - content => "$ipaddress\n", + content => "${ipaddress\n}", } } diff --git a/modules/toollabs/manifests/webnode.pp b/modules/toollabs/manifests/webnode.pp index 29069de..58e3708 100644 --- a/modules/toollabs/manifests/webnode.pp +++ b/modules/toollabs/manifests/webnode.pp @@ -21,13 +21,13 @@ gridmaster => $gridmaster, } - file { "$store/execnode-$fqdn": - ensure => file, - owner => 'root', - group => 'root', - mode => '0444', + file { "${store}/execnode-${fqdn}": + ensure => file, + owner => 'root', + group => 'root', + mode => '0444', require => File[$store], - content => "$ipaddress\n", + content => "${ipaddress\n}", } # Execution hosts have funky access requirements; they need to be ssh-able @@ -36,88 +36,88 @@ # We override /etc/ssh/shosts.equiv and /etc/security/access.conf # accordingly from information collected from the project store. - file { "/usr/local/sbin/project-make-shosts": + file { '/usr/local/sbin/project-make-shosts': ensure => file, - owner => 'root', - group => 'root', - mode => '0755', - source => "puppet:///modules/toollabs/project-make-shosts", + owner => 'root', + group => 'root', + mode => '0755', + source => 'puppet:///modules/toollabs/project-make-shosts', } - exec { "make-shosts": - command => "/usr/local/sbin/project-make-shosts >/etc/ssh/shosts.equiv~", + exec { 'make-shosts': + command => '/usr/local/sbin/project-make-shosts >/etc/ssh/shosts.equiv~', require => File['/usr/local/sbin/project-make-shosts', $store], } - file { "/etc/ssh/shosts.equiv": - ensure => file, - owner => 'root', - group => 'root', - mode => '0444', - source => "/etc/ssh/shosts.equiv~", + file { '/etc/ssh/shosts.equiv': + ensure => file, + owner => 'root', + group => 'root', + mode => '0444', + source => '/etc/ssh/shosts.equiv~', require => Exec['make-shosts'], } - file { "/usr/local/sbin/project-make-access": + file { '/usr/local/sbin/project-make-access': ensure => file, - owner => 'root', - group => 'root', - mode => '0755', - source => "puppet:///modules/toollabs/project-make-access", + owner => 'root', + group => 'root', + mode => '0755', + source => 'puppet:///modules/toollabs/project-make-access', } - exec { "make-access": - command => "/usr/local/sbin/project-make-access >/etc/security/access.conf~", + exec { 'make-access': + command => '/usr/local/sbin/project-make-access >/etc/security/access.conf~', require => File['/usr/local/sbin/project-make-access', $store], } File <| title == '/etc/security/access.conf' |> { content => undef, - source => "/etc/security/access.conf~", + source => '/etc/security/access.conf~', require => Exec['make-access'], } package { 'lighttpd': ensure => present } package { 'apache2.2-common': ensure => absent } - file { "/usr/local/bin/tool-lighttpd": + file { '/usr/local/bin/tool-lighttpd': ensure => file, - owner => 'root', - group => 'root', - mode => '0555', - source => "puppet:///modules/toollabs/tool-lighttpd", + owner => 'root', + group => 'root', + mode => '0555', + source => 'puppet:///modules/toollabs/tool-lighttpd', } - file { "/usr/local/bin/lighttpd-starter": + file { '/usr/local/bin/lighttpd-starter': ensure => file, - owner => 'root', - group => 'root', - mode => '0555', - source => "puppet:///modules/toollabs/lighttpd-starter", + owner => 'root', + group => 'root', + mode => '0555', + source => 'puppet:///modules/toollabs/lighttpd-starter', } - file { "/usr/local/bin/portgrabber": + file { '/usr/local/bin/portgrabber': ensure => file, - owner => 'root', - group => 'root', - mode => '0555', - source => "puppet:///modules/toollabs/portgrabber", + owner => 'root', + group => 'root', + mode => '0555', + source => 'puppet:///modules/toollabs/portgrabber', } - file { "/usr/local/sbin/portgranter": + file { '/usr/local/sbin/portgranter': ensure => file, - owner => 'root', - group => 'root', - mode => '0555', - source => "puppet:///modules/toollabs/portgranter", + owner => 'root', + group => 'root', + mode => '0555', + source => 'puppet:///modules/toollabs/portgranter', } - file { "/etc/init/portgranter.conf": + file { '/etc/init/portgranter.conf': ensure => file, - owner => 'root', - group => 'root', - mode => '0444', - source => "puppet:///modules/toollabs/portgranter.conf", + owner => 'root', + group => 'root', + mode => '0444', + source => 'puppet:///modules/toollabs/portgranter.conf', } } diff --git a/modules/toollabs/manifests/webserver.pp b/modules/toollabs/manifests/webserver.pp index 015293a..7df50ac 100644 --- a/modules/toollabs/manifests/webserver.pp +++ b/modules/toollabs/manifests/webserver.pp @@ -25,21 +25,21 @@ ensure => present } - file { "$store/submithost-$fqdn": - ensure => file, - owner => 'root', - group => 'root', - mode => '0444', + file { "${store}/submithost-${fqdn}": + ensure => file, + owner => 'root', + group => 'root', + mode => '0444', require => File[$store], - content => "$ipaddress\n", + content => "${ipaddress\n}", } - file { "/etc/ssh/ssh_config": + file { '/etc/ssh/ssh_config': ensure => file, - mode => "0444", - owner => "root", - group => "root", - source => "puppet:///modules/toollabs/submithost-ssh_config", + mode => '0444', + owner => 'root', + group => 'root', + source => 'puppet:///modules/toollabs/submithost-ssh_config', } # TODO: Apache config -- To view, visit https://gerrit.wikimedia.org/r/98377 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I748652a44071a98c74637c92f6b66f81213c5b9a Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Matanya <mata...@foss.co.il> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits