[Puppet Users] If else statement if file exists
I am trying to figure out a way to use a if statement to run multiple sets
of commands depending if one file exists, but I am unable to find any good
documented ways of doing this.
Basic rough layout of what i would like to achieve is this:
Any help on getting the correct syntax for the if statement would be
appreciated
if file /volumes/vol1 exists { *exec { generate_loopback_tor: command =>
"/sbin/losetup /dev/loop6 /volumes/tor", unless => "/sbin/losetup -a|
/bin/grep \"/volumes/tor\"", } *
*exec { generate_encrypt_tor:command => " /sbin/cryptsetup create tor
",unless => "/usr/bin/test -e /dev/mapper/tor", }exec {
generate_mount_tor: command => "/bin/mount /dev/mapper/tor /usr/local/tor",
unless => "/bin/mount | /bin/grep \"/usr/local/tor\"", } }* else { exec {
generate_empty_file_tor: command => "/bin/dd of=/volumes/tor bs=256M
count=0 seek=1", unless => "/usr/bin/test -e /volumes/tor", } exec {
generate_loopback_tor: command => "/sbin/losetup /dev/loop6 /volumes/tor",
unless => "/sbin/losetup -a| /bin/grep \"/volumes/tor\"", } exec {
generate_encrypt_tor: command => "/bin/echo \XX\" |
/sbin/cryptsetup create tor /dev/loop6 -", unless => "/usr/bin/test -e
/dev/mapper/tor", } exec { generate_zero_tor: command => "/bin/dd
if=/dev/zero of=/dev/mapper/tor count=512 bs=1024", unless => "/sbin/fdisk
-lu | /bin/grep \"/dev/mapper/tor\"", } exec { generate_mkfs_tor: command
=> "/sbin/mke2fs -j -O dir_index /dev/mapper/tor ", onlyif => "/sbin/parted
-l | /bin/grep \"Error: /dev/mapper/tor: unrecognised disk label\"", } exec
{ generate_mount_tor: command => "/bin/mount /dev/mapper/tor
/usr/local/tor", unless => "/bin/mount | /bin/grep \"/usr/local/tor\"", }
}
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/3b5fdfab-5d3b-4e84-baca-a87b97e74911%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: If else statement if file exists
The unless and onlyif that are part of the exec commands are safety checks
to make sure to not overwrite the volume.
I wanted to use the if else condition to determine between creating a new
volume vs unecrypting an existing one and mounting it.
On Monday, August 18, 2014 3:06:55 PM UTC-7, Ellison Marks wrote:
>
> There are some parameters to the exec type that you could use, such as
> creates, onlyif and unless. However, the pseudocode you have above has the
> execs in your initial if block being run every time puppet runs, it seems.
> Is that really what you want?
>
> On Monday, August 18, 2014 2:45:23 PM UTC-7, Eugene Sapozhnikov wrote:
>>
>>
>>
>> I am trying to figure out a way to use a if statement to run multiple
>> sets of commands depending if one file exists, but I am unable to find any
>> good documented ways of doing this.
>>
>> Basic rough layout of what i would like to achieve is this:
>>
>> Any help on getting the correct syntax for the if statement would be
>> appreciated
>>
>>
>>
>> if file /volumes/vol1 exists { *exec { generate_loopback_tor: command =>
>> "/sbin/losetup /dev/loop6 /volumes/tor", unless => "/sbin/losetup -a|
>> /bin/grep \"/volumes/tor\"", } *
>>
>> *exec { generate_encrypt_tor:command => " /sbin/cryptsetup create tor
>> ",unless => "/usr/bin/test -e /dev/mapper/tor", }exec {
>> generate_mount_tor: command => "/bin/mount /dev/mapper/tor /usr/local/tor",
>> unless => "/bin/mount | /bin/grep \"/usr/local/tor\"", } }* else { exec
>> { generate_empty_file_tor: command => "/bin/dd of=/volumes/tor bs=256M
>> count=0 seek=1", unless => "/usr/bin/test -e /volumes/tor", } exec {
>> generate_loopback_tor: command => "/sbin/losetup /dev/loop6 /volumes/tor",
>> unless => "/sbin/losetup -a| /bin/grep \"/volumes/tor\"", } exec {
>> generate_encrypt_tor: command => "/bin/echo \XX\" |
>> /sbin/cryptsetup create tor /dev/loop6 -", unless => "/usr/bin/test -e
>> /dev/mapper/tor", } exec { generate_zero_tor: command => "/bin/dd
>> if=/dev/zero of=/dev/mapper/tor count=512 bs=1024", unless => "/sbin/fdisk
>> -lu | /bin/grep \"/dev/mapper/tor\"", } exec { generate_mkfs_tor: command
>> => "/sbin/mke2fs -j -O dir_index /dev/mapper/tor ", onlyif => "/sbin/parted
>> -l | /bin/grep \"Error: /dev/mapper/tor: unrecognised disk label\"", } exec
>> { generate_mount_tor: command => "/bin/mount /dev/mapper/tor
>> /usr/local/tor", unless => "/bin/mount | /bin/grep \"/usr/local/tor\"", }
>>
>>
>> }
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/701cfd1e-d251-4408-b7d5-b3f8fc1d3fac%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: If else statement if file exists
I do want the first part of If to run every time if the file exists, as the
unless and onlyif that are part of the exec commands are safety checks to
make sure to not overwrite the volume.
I wanted to use the if else condition to determine between creating a new
volume vs unecrypting an existing one and mounting it
On Monday, August 18, 2014 3:06:55 PM UTC-7, Ellison Marks wrote:
>
> There are some parameters to the exec type that you could use, such as
> creates, onlyif and unless. However, the pseudocode you have above has the
> execs in your initial if block being run every time puppet runs, it seems.
> Is that really what you want?
>
> On Monday, August 18, 2014 2:45:23 PM UTC-7, Eugene Sapozhnikov wrote:
>>
>>
>>
>> I am trying to figure out a way to use a if statement to run multiple
>> sets of commands depending if one file exists, but I am unable to find any
>> good documented ways of doing this.
>>
>> Basic rough layout of what i would like to achieve is this:
>>
>> Any help on getting the correct syntax for the if statement would be
>> appreciated
>>
>>
>>
>> if file /volumes/vol1 exists { *exec { generate_loopback_tor: command =>
>> "/sbin/losetup /dev/loop6 /volumes/tor", unless => "/sbin/losetup -a|
>> /bin/grep \"/volumes/tor\"", } *
>>
>> *exec { generate_encrypt_tor:command => " /sbin/cryptsetup create tor
>> ",unless => "/usr/bin/test -e /dev/mapper/tor", }exec {
>> generate_mount_tor: command => "/bin/mount /dev/mapper/tor /usr/local/tor",
>> unless => "/bin/mount | /bin/grep \"/usr/local/tor\"", } }* else { exec
>> { generate_empty_file_tor: command => "/bin/dd of=/volumes/tor bs=256M
>> count=0 seek=1", unless => "/usr/bin/test -e /volumes/tor", } exec {
>> generate_loopback_tor: command => "/sbin/losetup /dev/loop6 /volumes/tor",
>> unless => "/sbin/losetup -a| /bin/grep \"/volumes/tor\"", } exec {
>> generate_encrypt_tor: command => "/bin/echo \XX\" |
>> /sbin/cryptsetup create tor /dev/loop6 -", unless => "/usr/bin/test -e
>> /dev/mapper/tor", } exec { generate_zero_tor: command => "/bin/dd
>> if=/dev/zero of=/dev/mapper/tor count=512 bs=1024", unless => "/sbin/fdisk
>> -lu | /bin/grep \"/dev/mapper/tor\"", } exec { generate_mkfs_tor: command
>> => "/sbin/mke2fs -j -O dir_index /dev/mapper/tor ", onlyif => "/sbin/parted
>> -l | /bin/grep \"Error: /dev/mapper/tor: unrecognised disk label\"", } exec
>> { generate_mount_tor: command => "/bin/mount /dev/mapper/tor
>> /usr/local/tor", unless => "/bin/mount | /bin/grep \"/usr/local/tor\"", }
>>
>>
>> }
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/268b8251-99f2-4219-a9ec-2762b095c941%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: If else statement if file exists
Basicly I am looking for the syntax to use as a conditional in the if
statement for a file exists check.
On Monday, August 18, 2014 2:45:23 PM UTC-7, Eugene Sapozhnikov wrote:
>
>
>
> I am trying to figure out a way to use a if statement to run multiple sets
> of commands depending if one file exists, but I am unable to find any good
> documented ways of doing this.
>
> Basic rough layout of what i would like to achieve is this:
>
> Any help on getting the correct syntax for the if statement would be
> appreciated
>
>
>
> if file /volumes/vol1 exists { *exec { generate_loopback_tor: command =>
> "/sbin/losetup /dev/loop6 /volumes/tor", unless => "/sbin/losetup -a|
> /bin/grep \"/volumes/tor\"", } *
>
> *exec { generate_encrypt_tor:command => " /sbin/cryptsetup create tor
> ",unless => "/usr/bin/test -e /dev/mapper/tor", }exec {
> generate_mount_tor: command => "/bin/mount /dev/mapper/tor /usr/local/tor",
> unless => "/bin/mount | /bin/grep \"/usr/local/tor\"", } }* else { exec {
> generate_empty_file_tor: command => "/bin/dd of=/volumes/tor bs=256M
> count=0 seek=1", unless => "/usr/bin/test -e /volumes/tor", } exec {
> generate_loopback_tor: command => "/sbin/losetup /dev/loop6 /volumes/tor",
> unless => "/sbin/losetup -a| /bin/grep \"/volumes/tor\"", } exec {
> generate_encrypt_tor: command => "/bin/echo \XX\" |
> /sbin/cryptsetup create tor /dev/loop6 -", unless => "/usr/bin/test -e
> /dev/mapper/tor", } exec { generate_zero_tor: command => "/bin/dd
> if=/dev/zero of=/dev/mapper/tor count=512 bs=1024", unless => "/sbin/fdisk
> -lu | /bin/grep \"/dev/mapper/tor\"", } exec { generate_mkfs_tor: command
> => "/sbin/mke2fs -j -O dir_index /dev/mapper/tor ", onlyif => "/sbin/parted
> -l | /bin/grep \"Error: /dev/mapper/tor: unrecognised disk label\"", } exec
> { generate_mount_tor: command => "/bin/mount /dev/mapper/tor
> /usr/local/tor", unless => "/bin/mount | /bin/grep \"/usr/local/tor\"", }
>
>
> }
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/c6c3d29f-2b80-4f8a-8547-258839c65f30%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: If else statement if file exists
Yeah sadly in this case the vol1 gets created as one part of the else
statement, so my goal is on the second run to determine if it exists to
just encrypt it and mount it instead of going through the whole build
procedure.
On Tuesday, August 19, 2014 9:10:26 AM UTC-7, Yanis Guenane wrote:
>
> If your file `/volumes/vol1` could be managed by Puppet somehow, you
> could use if defined(File['/volumes/vol1']) as a condition.
>
> Not sure if it is possible in your case,
>
> --
> Yanis Guenane
>
> On 08/19/2014 12:04 PM, Eugene Sapozhnikov wrote:
> > Basicly I am looking for the syntax to use as a conditional in the
> > if statement for a file exists check.
> >
> > On Monday, August 18, 2014 2:45:23 PM UTC-7, Eugene Sapozhnikov
> > wrote:
> >>
> >>
> >>
> >> I am trying to figure out a way to use a if statement to run
> >> multiple sets of commands depending if one file exists, but I am
> >> unable to find any good documented ways of doing this.
> >>
> >> Basic rough layout of what i would like to achieve is this:
> >>
> >> Any help on getting the correct syntax for the if statement would
> >> be appreciated
> >>
> >>
> >>
> >> if file /volumes/vol1 exists { *exec { generate_loopback_tor:
> >> command => "/sbin/losetup /dev/loop6 /volumes/tor", unless =>
> >> "/sbin/losetup -a| /bin/grep \"/volumes/tor\"", } *
> >>
> >> *exec { generate_encrypt_tor:command => " /sbin/cryptsetup
> >> create tor ",unless => "/usr/bin/test -e /dev/mapper/tor",
> >> }exec { generate_mount_tor: command => "/bin/mount
> >> /dev/mapper/tor /usr/local/tor", unless => "/bin/mount |
> >> /bin/grep \"/usr/local/tor\"", } }* else { exec {
> >> generate_empty_file_tor: command => "/bin/dd of=/volumes/tor
> >> bs=256M count=0 seek=1", unless => "/usr/bin/test -e
> >> /volumes/tor", } exec { generate_loopback_tor: command =>
> >> "/sbin/losetup /dev/loop6 /volumes/tor", unless => "/sbin/losetup
> >> -a| /bin/grep \"/volumes/tor\"", } exec { generate_encrypt_tor:
> >> command => "/bin/echo \XX\" | /sbin/cryptsetup create tor
> >> /dev/loop6 -", unless => "/usr/bin/test -e /dev/mapper/tor", }
> >> exec { generate_zero_tor: command => "/bin/dd if=/dev/zero
> >> of=/dev/mapper/tor count=512 bs=1024", unless => "/sbin/fdisk -lu
> >> | /bin/grep \"/dev/mapper/tor\"", } exec { generate_mkfs_tor:
> >> command => "/sbin/mke2fs -j -O dir_index /dev/mapper/tor ",
> >> onlyif => "/sbin/parted -l | /bin/grep \"Error: /dev/mapper/tor:
> >> unrecognised disk label\"", } exec { generate_mount_tor: command
> >> => "/bin/mount /dev/mapper/tor /usr/local/tor", unless =>
> >> "/bin/mount | /bin/grep \"/usr/local/tor\"", }
> >>
> >>
> >> }
> >>
> >>
> >
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/92d21a45-52e4-497c-9992-301fc9e3b726%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: If else statement if file exists
Thanks for clearing it up. I ended up just using onlyif and unless in each exec statement. this allowed me to rcycle the same commands between the scenario of creating the volume and mounting and encrypting the volume and mounting it. Thanks On Wednesday, August 20, 2014 6:11:14 AM UTC-7, jcbollinger wrote: > > > > On Tuesday, August 19, 2014 11:10:26 AM UTC-5, Yanis Guenane wrote: >> >> If your file `/volumes/vol1` could be managed by Puppet somehow, you >> could use if defined(File['/volumes/vol1']) as a condition. >> >> Not sure if it is possible in your case, >> > > > Whether it's possible is irrelevant, because that's not *correct* in any > case. That use of the defined() function tests whether > File['/volumes/vol1'] is in the catalog -- and even then it tests only at a > particular instant during catalog compilation, ignoring any later addition > of such a resource to the catalog. AND it will return true if > File['/volumes/vol1'] has ensure => absent. None of that has anything to > do with whether said file/directory is actually present on the target > system at the start of the run, or at any random point in the middle of a > run. > > Do not use defined(). Ever. > > > John > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/9abcda62-bcc5-44b8-9b24-710afa056fdd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Encrypting /var/lib/puppet directory on clients
I have been given a project to secure our client hosts. One of the requirements was to setup an encrypted volume and mount it over /var/puppet/lib . the other requirement was to have the encryption key reside only on the puppet master. I have been able to use cryptsetup to have puppet configure and mount the encrypted volume successfully. But I am running into a roadblock when the client server reboots and the volume is unmounted. I can't use puppet to mount the volume as the puppet agent will not connect successfully without the /var/lib/puppet being mounted so it can use original SSl cert. Wanted to see if anyone here have tried any similar setups to what i am trying to achieve. Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a532006d-e3cd-4c1b-bd6f-91a388e68fb0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
