Re: [Puppet Users] Re: Basic question

2016-08-03 Thread Warron French 

Thanks Russell.


On 7/21/2016 8:27 AM, Russell Anderson wrote:
You could probably use a combination of "file {}" to place the tarball 
on the target node, and "exec {}" to unpack it and set permissions, 
using the "creates" parameter.


https://docs.puppet.com/puppet/latest/reference/type.html#exec-attribute-creates

On Wednesday, July 20, 2016 at 8:11:22 PM UTC-4, Warron French wrote:

Is it possible to extract a tarball using the puppet module, and
then set the permission of all the directory after that?

Would one select a provider and then provide the tarball filename
as the argument somehow?

\\Warron French from mobile

--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to puppet-users+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e6c19767-b543-4eb4-a328-fd3c85036ab1%40googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.


--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3ad4e737-904c-c5f6-f09b-6a9af6afcd55%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Basic question

2016-07-21 Thread Russell Anderson 
You could probably use a combination of "file {}" to place the tarball on 
the target node, and "exec {}" to unpack it and set permissions, using the 
"creates" parameter.

https://docs.puppet.com/puppet/latest/reference/type.html#exec-attribute-creates

On Wednesday, July 20, 2016 at 8:11:22 PM UTC-4, Warron French wrote:
>
> Is it possible to extract a tarball using the puppet module, and then set 
> the permission of all the directory after that?
>
> Would one select a provider and then provide the tarball filename as the 
> argument somehow?
>
> \\Warron French from mobile
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e6c19767-b543-4eb4-a328-fd3c85036ab1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: basic question about hiera

2015-07-10 Thread Toky 
This is exactly what I meant, just use explicit hiera calls that will pull 
from the yaml file that contains all the values.

In hiera data:
/somewhere/inyour/hierarchy/
devies.yaml
---
ipcam::location1::ipaddress: 10.0.0.1
ipcam::location2::ipaddress: 10.1.0.1
...
---EOF---

Then on multiple profiles/manifests you can retrieve the data with:

$ipcam1_address = hiera('ipcam::location1::ipaddress')


You can use the call above from multiple places to pull your data. At this 
point you would have 1 data file with all your devices data and a way to 
call that data from multple profiles if needed. There might be better ways 
to do this but that is how I do it on my ENV.

-Miguel



On Wednesday, July 8, 2015 at 9:39:10 AM UTC-4, Albert Shih wrote:
>
> Hi, 
>
> Very basic question about hiera file. 
>
> I've 
>
>   hieradata/my_host.yaml 
>
> I like at the end of my_host.yaml make something like 
>
>   include my_host_add.yaml 
>
> is it possible ? 
>
> The reason is some data is automatically extract from a database, those 
> data is specific to that host. And because this file is pretty big I don't 
> known if it's a good idea to use hierachy to include in every host 
> (knowing 
> I've no way to use those data outside to my_host) 
>
> Regards. 
>
> JAS 
>
> -- 
> Albert SHIH 
> DIO bâtiment 15 
> Observatoire de Paris 
> 5 Place Jules Janssen 
> 92195 Meudon Cedex 
> France 
> Téléphone : +33 1 45 07 76 26/+33 6 86 69 95 71 
> xmpp: j...@obspm.fr  
> Heure local/Local time: 
> mer 8 jul 2015 15:31:36 CEST 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/003b545c-bc48-42e1-bcc9-e5450dd9280a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: basic question about hiera

2015-07-10 Thread Toky 
This is exactly what I meant, just use explicit hiera calls that will pull 
from the yaml file that contains all the values.

In hiera data:
/somewhere/inyour/hierarchy/devies.yaml
---
ipcam::location1::ipaddress: 10.0.0.1
ipcam::location2::ipaddress: 10.1.0.1
...
---EOF---

Then on multiple profiles/manifests you can retrieve the data with:

$ipcam1_address = hiera('ipcam::location1::ipaddress')


You can use the call above from multiple places to pull your data. At this 
point you would have 1 data file with all your devices data and a way to 
call that data from multple profiles if needed. There might be better ways 
to do this but that is how I do it on my ENV.

-Miguel

On Friday, July 10, 2015 at 9:34:11 AM UTC-4, jcbollinger wrote:
>
>
>
> On Friday, July 10, 2015 at 7:25:16 AM UTC-5, Albert Shih wrote:
>>
>> Le 09/07/2015 à 07:05:16-0700, jcbollinger a écrit 
>> > 
>> > 
>> > 
>> > No, at least not with HIera's built-in YAML back-end.  YAML has no 
>> facility 
>> > such as you describe, so to get it you would need to engage a YAML 
>> parser that 
>> > supported such a thing as an extension. 
>>
>> Ok thanks. 
>>
>> > 
>> > The hierarchy is the main tool available for combining data from 
>> multiple 
>> > sources.  If you don't want to use it for your purpose then you always 
>> have the 
>> > alternative of writing a custom Hiera back-end, or, for some purposes, 
>> an 
>> > altogether separate data lookup function. 
>> > 
>> > With that said, I'm not really following the nature of your problem.  
>> How would 
>> > the availability of an 'include' statement mitigate the data-size issue 
>> you are 
>> > concerned about? 
>> > 
>> Well, they are two not very important point : 
>>
>>   1/ If i put all data inside my 
>>
>> node.yaml 
>>
>> it's visualy hard to edit that file 
>>
>>
>>   2/ If I put (for example) 
>>
>>   asset.yaml 
>>
>> in all node using the hiearchy I feel that's not very clean. 
>>
>>
> If these data are pertinent only to a specific node, then no, you should 
> not put them in a file that provides data for multiple nodes.  I think I'd 
> characterize it a bit differently, though: the data appear to be pertinent 
> to only one operational role (monitoring server), regardless of what 
> machine is assigned that role.  If you happen to organize your manifests 
> around the roles and profiles pattern, then it would be natural to put the 
> monitoring data into a hierarchy level associated with the monitoring 
> server role.
>
> Alternatively, as long as you do not need to obtain the data via automatic 
> class parameter binding, you can leave them completely out of your regular 
> data hierarchy.  Instead, access them at need via one or more explicit 
> hiera() calls, identifying the file containing them as an "override" data 
> source via that function's third parameter.  Possibly the docs 
>  
> would be helpful, but the formatting seems to have been pretty badly borked.
>
>
> John
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/85d9d356-12d6-4316-8c2b-9ffcb87862ce%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: basic question about hiera

2015-07-10 Thread jcbollinger 


On Friday, July 10, 2015 at 7:25:16 AM UTC-5, Albert Shih wrote:
>
> Le 09/07/2015 à 07:05:16-0700, jcbollinger a écrit 
> > 
> > 
> > 
> > No, at least not with HIera's built-in YAML back-end.  YAML has no 
> facility 
> > such as you describe, so to get it you would need to engage a YAML 
> parser that 
> > supported such a thing as an extension. 
>
> Ok thanks. 
>
> > 
> > The hierarchy is the main tool available for combining data from 
> multiple 
> > sources.  If you don't want to use it for your purpose then you always 
> have the 
> > alternative of writing a custom Hiera back-end, or, for some purposes, 
> an 
> > altogether separate data lookup function. 
> > 
> > With that said, I'm not really following the nature of your problem.  
> How would 
> > the availability of an 'include' statement mitigate the data-size issue 
> you are 
> > concerned about? 
> > 
> Well, they are two not very important point : 
>
>   1/ If i put all data inside my 
>
> node.yaml 
>
> it's visualy hard to edit that file 
>
>
>   2/ If I put (for example) 
>
>   asset.yaml 
>
> in all node using the hiearchy I feel that's not very clean. 
>
>
If these data are pertinent only to a specific node, then no, you should 
not put them in a file that provides data for multiple nodes.  I think I'd 
characterize it a bit differently, though: the data appear to be pertinent 
to only one operational role (monitoring server), regardless of what 
machine is assigned that role.  If you happen to organize your manifests 
around the roles and profiles pattern, then it would be natural to put the 
monitoring data into a hierarchy level associated with the monitoring 
server role.

Alternatively, as long as you do not need to obtain the data via automatic 
class parameter binding, you can leave them completely out of your regular 
data hierarchy.  Instead, access them at need via one or more explicit 
hiera() calls, identifying the file containing them as an "override" data 
source via that function's third parameter.  Possibly the docs 
 would 
be helpful, but the formatting seems to have been pretty badly borked.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9cc3610f-95f1-4e8d-aac3-438aedc0aac7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: basic question about hiera

2015-07-10 Thread Albert Shih 
 Le 09/07/2015 à 07:05:16-0700, jcbollinger a écrit
>
>
>
> No, at least not with HIera's built-in YAML back-end.  YAML has no facility
> such as you describe, so to get it you would need to engage a YAML parser that
> supported such a thing as an extension.

Ok thanks.

>
> The hierarchy is the main tool available for combining data from multiple
> sources.  If you don't want to use it for your purpose then you always have 
> the
> alternative of writing a custom Hiera back-end, or, for some purposes, an
> altogether separate data lookup function.
>
> With that said, I'm not really following the nature of your problem.  How 
> would
> the availability of an 'include' statement mitigate the data-size issue you 
> are
> concerned about?
>
Well, they are two not very important point :

  1/ If i put all data inside my

node.yaml

it's visualy hard to edit that file


  2/ If I put (for example)

  asset.yaml

in all node using the hiearchy I feel that's not very clean.

I agree...it's not very important thing.

Regards.

--
Albert SHIH
DIO bâtiment 15
Observatoire de Paris
5 Place Jules Janssen
92195 Meudon Cedex

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/20150710122201.GB21009%40pcjas.obspm.fr.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: basic question about hiera

2015-07-10 Thread bert hajee 
Maybe this can help : https://forge.puppetlabs.com/hajee/connect

It is a replacement voor yaml in hiera. The connect language allows you to 
do an include statement. (See 
https://github.com/hajee/connect/blob/master/doc/nutshell.md#include-statement).
 
You can also import data from external resources. 
(See 
https://github.com/hajee/connect/blob/master/doc/nutshell.md#importing-data)

Hope this helps. If there are any questions, please let me now.

Bert

Op donderdag 9 juli 2015 22:24:31 UTC+2 schreef Albert Shih:
>
> Le 09/07/2015 à 10:55:50-0700, DJ a écrit 
> > i did not understand your requirement clearly, if you have puppet agent 
> running 
> > on all maachines then you can use facts to get hardware information and 
> use 
> > that in hieara hierarchy to differentiate things. 
>
> No puppet agent didn't work on the networking device (switch etc..) we got 
> ip-camera, ip-sensor etc... 
>
> That's exactly the pointI don't have the hability to run puppet agent 
> anywhere. 
>
> Regards. 
>
>
> -- 
> Albert SHIH 
> DIO bâtiment 15 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/c99f391d-c44b-44df-ad77-dfc5b977cc04%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: basic question about hiera

2015-07-09 Thread Albert Shih 
 Le 09/07/2015 à 10:55:50-0700, DJ a écrit
> i did not understand your requirement clearly, if you have puppet agent 
> running
> on all maachines then you can use facts to get hardware information and use
> that in hieara hierarchy to differentiate things.

No puppet agent didn't work on the networking device (switch etc..) we got
ip-camera, ip-sensor etc...

That's exactly the pointI don't have the hability to run puppet agent
anywhere.

Regards.


--
Albert SHIH
DIO bâtiment 15

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/20150709202102.GC13134%40pcjas.obspm.fr.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: basic question about hiera

2015-07-09 Thread DJ 
i did not understand your requirement clearly, if you have puppet agent 
running on all maachines then you can use facts to get hardware information 
and use that in hieara hierarchy to differentiate things.

Regards,
DJ

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/40f81644-2529-4448-8e0f-4a3b314a0b17%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: basic question about hiera

2015-07-09 Thread Albert Shih 
 Le 09/07/2015 à 07:37:04-0700, DJ a écrit
> are you saying those data is common for all hosts? then may be you can use
> common.yaml ?

Wellno

I've a puppet master who « manage » almost every my server. But I still get
lots of « thing » not manage by puppet, thing like networking hardware.

As you guest I can run puppet agent on a hp Procurve.

So because my monitoring server is under the control of puppet I would like
to use puppet to configure the nagios to monitor those hardware.

The list of those hardware is inside some csv file, I can extract a list of
all my Procurve. But I don't known where to put this file.

If I put the content inside common.yaml that « sucks » because those
information has no relation with all node.

If I put the content inside

  my_miniroting_server.yaml

I don't known how to do it because this file is edited by hand. Of
course I can make some very dirty but well...

> Hi,
>
> Very basic question about hiera file.
>
> I've
>
>   hieradata/my_host.yaml
>
> I like at the end of my_host.yaml make something like
>
>   include my_host_add.yaml
>
> is it possible ?
>
> The reason is some data is automatically extract from a database, those
> data is specific to that host. And because this file is pretty big I don't
> known if it's a good idea to use hierachy to include in every host 
> (knowing
> I've no way to use those data outside to my_host)
>
Regards.

JAS

--
Albert SHIH
DIO bâtiment 15
Observatoire de Paris
5 Place Jules Janssen
92195 Meudon Cedex
France
Téléphone : +33 1 45 07 76 26/+33 6 86 69 95 71
xmpp: j...@obspm.fr
Heure local/Local time:
jeu 9 jul 2015 16:43:49 CEST

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/20150709145034.GA10224%40pcjas.obspm.fr.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: basic question about hiera

2015-07-09 Thread DJ 
are you saying those data is common for all hosts? then may be you can use 
common.yaml ?

On Wednesday, 8 July 2015 19:09:10 UTC+5:30, Albert Shih wrote:
>
> Hi, 
>
> Very basic question about hiera file. 
>
> I've 
>
>   hieradata/my_host.yaml 
>
> I like at the end of my_host.yaml make something like 
>
>   include my_host_add.yaml 
>
> is it possible ? 
>
> The reason is some data is automatically extract from a database, those 
> data is specific to that host. And because this file is pretty big I don't 
> known if it's a good idea to use hierachy to include in every host 
> (knowing 
> I've no way to use those data outside to my_host) 
>
> Regards. 
>
> JAS 
>
> -- 
> Albert SHIH 
> DIO bâtiment 15 
> Observatoire de Paris 
> 5 Place Jules Janssen 
> 92195 Meudon Cedex 
> France 
> Téléphone : +33 1 45 07 76 26/+33 6 86 69 95 71 
> xmpp: j...@obspm.fr  
> Heure local/Local time: 
> mer 8 jul 2015 15:31:36 CEST 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/d0fcb746-ab10-4438-a17c-1e5af648a1cf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: basic question about hiera

2015-07-09 Thread jcbollinger 


On Wednesday, July 8, 2015 at 8:39:10 AM UTC-5, Albert Shih wrote:
>
> Hi, 
>
> Very basic question about hiera file. 
>
> I've 
>
>   hieradata/my_host.yaml 
>
> I like at the end of my_host.yaml make something like 
>
>   include my_host_add.yaml 
>
> is it possible ? 
>


No, at least not with HIera's built-in YAML back-end.  YAML has no facility 
such as you describe, so to get it you would need to engage a YAML parser 
that supported such a thing as an extension.



> The reason is some data is automatically extract from a database, those 
> data is specific to that host. And because this file is pretty big I don't 
> known if it's a good idea to use hierachy to include in every host 
> (knowing 
> I've no way to use those data outside to my_host) 
>
>
The hierarchy is the main tool available for combining data from multiple 
sources.  If you don't want to use it for your purpose then you always have 
the alternative of writing a custom Hiera back-end, or, for some purposes, 
an altogether separate data lookup function.

With that said, I'm not really following the nature of your problem.  How 
would the availability of an 'include' statement mitigate the data-size 
issue you are concerned about?


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a07998cf-efd5-4d78-a705-cb225d8f585c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: basic question about hiera

2015-07-09 Thread Toky 
You could use the data in my_host.yaml from multiple profiles/roles as long 
as you fullyqualify the data source. But to answer your hiera question, I 
do not think you can "include" another yaml file.

-Miguel


On Wednesday, July 8, 2015 at 9:39:10 AM UTC-4, Albert Shih wrote:
>
> Hi, 
>
> Very basic question about hiera file. 
>
> I've 
>
>   hieradata/my_host.yaml 
>
> I like at the end of my_host.yaml make something like 
>
>   include my_host_add.yaml 
>
> is it possible ? 
>
> The reason is some data is automatically extract from a database, those 
> data is specific to that host. And because this file is pretty big I don't 
> known if it's a good idea to use hierachy to include in every host 
> (knowing 
> I've no way to use those data outside to my_host) 
>
> Regards. 
>
> JAS 
>
> -- 
> Albert SHIH 
> DIO bâtiment 15 
> Observatoire de Paris 
> 5 Place Jules Janssen 
> 92195 Meudon Cedex 
> France 
> Téléphone : +33 1 45 07 76 26/+33 6 86 69 95 71 
> xmpp: j...@obspm.fr  
> Heure local/Local time: 
> mer 8 jul 2015 15:31:36 CEST 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f85478c0-c380-42de-8876-459f98e89c5f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: basic question

2009-06-25 Thread David Bishop 

Through the help of Don and Evan, I've figured this out.  My solution is
as follows:

nodes.pp:
import "modules"
import groups/*

node 'admin01.dev.example.com' {
$webserver = "role"
include admin
}

groups/admin.pp:

class admin {
include example
}

modules/examples/manifests/init.pp:

class example {
if $webserver{
$webserver = true
} else {
$webserver = false
}
file { "example_file":
path  => "/tmp/example.file",
owner => "root",
group => "root",
mode  => 644,
content => template("example.erb"),
}
}

templates/example.erb:
All machines get this text.
<% if webserver == true -%>
Then insert this text, too.
<% end -%>

Things to note: due to scoping rules, your node must *include*, not
inherit, the class that contains the module that has the template in it.
I.e., in my example, if admin01 inherited the dev class, this does not
work.  Presumably, somebody, I'll understand the scoping rules enough to
know why that is.  Today... is not that day.

Also, the $webserver variable *must* be set before "include"ing the
class that contains the template.  Otherwise, see previous paragraph.

And yes, you could set the $webserver variable to whatever you wish, but
setting it to "role" helps keep things clear in my configs.  And no, I
don't understand why the example class can see that the $webserver
variable exists, but the template can't unless I re-set it.  See
two-paragraphs up.

Finally, you can set $webserver at the "group" (class) level, in - say -
groups/admin.pp, as long as you follow the "set the variable first"
rule.  In this case, you would remove that line from the node
definition, and change admin.pp to the following:

class admin {
$webserver = "role"
include example
}

Hope that helps somebody else.

David Bishop

P.S. Keyword dump, to help searchers in the future hit this post:
tagging, special case, inheritance, override configuration, 
hierarchies, how do I make this stupid thing work? 

On Tue, Jun 23, 2009 at 01:56:44PM -0600, David Bishop wrote:
> I know I'm missing something very basic, but I've been beating my head
> on this for hours now without making progress.  I'm trying to 'tag'
> nodes with various values, to be pulled later in some home-grown
> modules.  For instance, I want to mark machines as being a webserver,
> and then in my yum repo module, I have a template that checks for
> webservers and adds a custom repo if true.  I'm very flexible in the 
> details - I don't care if it's a custom variable, a tag, a fact, 
> whatever.  The only thing I *don't* want to do is use inheritance and 
> groups to do this - any given machine will be tagged with various 
> different things, and trying to maintain groups would quickly become 
> unmanageable.  And unfortunately, this isn't something that can be
> discovered automatically using facter, at least as far as I can tell.
> 
> An example of a failed attempt would be (all files stripped down, but
> the meat is there):
> 
> nodes.pp:
> import "modules"
> import groups/*
> import roles/*
> 
> node 'admin01.dev.example.com' inherits admin { include webserver }
> 
> roles/webserver.pp:
> 
> class webserver {
>   $webserver = true
> }
> 
> templates/repo.erb:
> 
> The value of the variable is <%= $webserver::webserver %>.
> 
> 
> I also tried $::webserver (after moving it out of the class definition),
> $webserver, setting a tag in the class and then reading out the defined
> tags, and more.  But that should give you guys an idea of what I'm
> aiming to do.
> 
> Thanks for any pointers!
> 
> David




signature.asc
Description: Digital signature

[Puppet Users] Re: basic question

2009-06-23 Thread RijilV 
2009/6/23 David Bishop 

>
> roles/webserver.pp:
>
> class webserver {
>$webserver = true
> }
>
> templates/repo.erb:
>
> The value of the variable is <%= $webserver::webserver %>.
>
>
> I also tried $::webserver (after moving it out of the class definition),
> $webserver, setting a tag in the class and then reading out the defined
> tags, and more.  But that should give you guys an idea of what I'm
> aiming to do.
>
> Thanks for any pointers!
>
>

So there is actually a notion of tags in puppet, I don't know if you've
looked at it but there is a wiki page on it:

http://reductivelabs.com/trac/puppet/wiki/UsingTags

It should be noted that classes come with their own tags, so doing an
"include webserver" will give you the tag webserver, so in your yum class
you could just do:

if tagged(webserver) {
  
}

.r'

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: basic question about template conditionals

2009-02-11 Thread Eric Heydrick 

Here's how we generate access.conf. We define a type that adds and removes 
access.conf entries and use this type in the node that we need a 
particular group to be able to login to.

class pam { 

  $access = "/etc/security/access.conf"

  exec {"prep access.conf":
command => "echo - : ALL : ALL > $access",
unless  => "tail -n 1 $access | grep '^\\- : ALL : ALL'",
  }

  define accesslogin($origins = "ALL", $ensure = "present") { 
case $ensure {
  present: {
exec {"$ensure : $name : $origins":
  command => "sed -i '\$i+ : $name : $origins' ${pam::access}",
unless  => "grep '$perm : $name : $origins' ${pam::access}",
require => Exec["prep access.conf"],
}
  }
  default: {
exec {"$ensure : $name : $origins":
  command => "sed -i '/+ : $name : $origins/d' ${pam::access}",
  onlyif  => "grep '$perm : $name : $origins' ${pam::access}",
  require => Exec["prep access.conf"],
}
  }
}
  }

  # defaults
  accesslogin { ["root", "backup"]: ; }

}

node 'node1' { 
  include pam

  pam::accesslogin { "group1": }
}

node 'node2' { 
  include pam
 
  # let the apache user run cron jobs but not login
  pam::accesslogin { "apache": 
origins => "cron",
  }
}
  
-Eric

On Wed, 11 Feb 2009, Michael Conigliaro wrote:

> 
> Hello,
> 
> Sorry if this ends up getting posted twice.  I originally sent this
> about 3 hours ago, and I never saw it get posted, so I'm trying again.
> 
> I want to use Puppet to manage /etc/access.conf on our managed Linux
> servers.  The problem is that the servers on our network will be
> accessed by different groups of users, so I will need slightly different
> configurations for each server.  My first impression is that I probably
> don't want to create completely different access.conf files for each
> server, so I thought I might try using template conditionals for this.
> I'm just not sure if what I'm trying to do is possible, or if there's a
> better way.  I've pasted my basic idea below.  The part I'm not sure
> about is the "if $hostname in [server1, server2, server3]" part.  I
> didn't see anything in the documentation about checking if a value
> exists in an array, but I assume this is possible.  Any thoughts?
> 
> #
> # etc/access.conf controls access to this machine #
> 
> # User "root" can only log in locally and from trusted network subnets
> - : root : ALL EXCEPT LOCAL 192.168.0.0/16
> 
> # Tech support users can log in from all sources.
> + : @support : ALL
> 
> <% if $hostname in [server1, server2, server3] %> # group1 can log into
> this server
> + : @group1 : ALL
> <% end %>
> 
> <% if $hostname in [server4, server5, server6] %> # group2 can log into
> this server
> + : @group2 : ALL
> <% end %>
> 
> All other users should be denied to get access from all sources.
> - : ALL : ALL
> 
> --
> Michael Conigliaro
> Computer Analyst
> Fuss & O'Neill Technologies
> www.fandotech.com
>  
> 
> 
> > 
> 

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: basic question about template conditionals

2009-02-11 Thread Steven Nemetz 

I do a lot of this and usually use regular expression to handle it

A couple examples:

<% if hostname =~ /server[135]/ %>
<% if hostname =~ /dns1001|mail2002|web1003/ %>

Steven

-Original Message-
From: puppet-users@googlegroups.com
[mailto:puppet-us...@googlegroups.com] On Behalf Of Michael Conigliaro
Sent: Wednesday, February 11, 2009 7:58 AM
To: puppet-users@googlegroups.com
Subject: [Puppet Users] basic question about template conditionals

#
# etc/access.conf controls access to this machine
#

# User "root" can only log in locally and from trusted network subnets
- : root : ALL EXCEPT LOCAL 192.168.0.0/16

# Tech support users can log in from all sources.
+ : @support : ALL

<% if $hostname in [server1, server2, server3] %>
# group1 can log into this server
+ : @group1 : ALL
<% end %>

<% if $hostname in [server4, server5, server6] %>
# group2 can log into this server
+ : @group2 : ALL
<% end %>

All other users should be denied to get access from all sources.
- : ALL : ALL

--
Michael Conigliaro
Computer Analyst
Fuss & O'Neill Technologies
www.fandotech.com
 


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: basic question about template conditionals

2009-02-11 Thread James Turnbull 
Michael Conigliaro wrote:
> Hello,
> 
> Sorry if this ends up getting posted twice.  I originally sent this
> about 3 hours ago, and I never saw it get posted, so I'm trying again.

The list is moderated to new posters to stop spam.  I release emails 2-3
times a day as does Luke and Andrew.

Regards

James Turnbull

-- 
Author of:
* Pulling Strings with Puppet
(http://www.amazon.com/gp/product/1590599780/)
* Pro Nagios 2.0
(http://www.amazon.com/gp/product/1590596099/)
* Hardening Linux
(http://www.amazon.com/gp/product/159059/)



signature.asc
Description: OpenPGP digital signature

[Puppet Users] Re: basic question about template conditionals

2009-02-11 Thread Paul Lathrop 

Michael,

Templates are ERB, which uses pure ruby. I think what you are doing
should work in concept, thought I think your syntax is a bit off.

--Paul

On Wed, Feb 11, 2009 at 10:36 AM, Michael Conigliaro
 wrote:
>
> Hello,
>
> Sorry if this ends up getting posted twice.  I originally sent this
> about 3 hours ago, and I never saw it get posted, so I'm trying again.
>
> I want to use Puppet to manage /etc/access.conf on our managed Linux
> servers.  The problem is that the servers on our network will be
> accessed by different groups of users, so I will need slightly different
> configurations for each server.  My first impression is that I probably
> don't want to create completely different access.conf files for each
> server, so I thought I might try using template conditionals for this.
> I'm just not sure if what I'm trying to do is possible, or if there's a
> better way.  I've pasted my basic idea below.  The part I'm not sure
> about is the "if $hostname in [server1, server2, server3]" part.  I
> didn't see anything in the documentation about checking if a value
> exists in an array, but I assume this is possible.  Any thoughts?
>
> #
> # etc/access.conf controls access to this machine #
>
> # User "root" can only log in locally and from trusted network subnets
> - : root : ALL EXCEPT LOCAL 192.168.0.0/16
>
> # Tech support users can log in from all sources.
> + : @support : ALL
>
> <% if $hostname in [server1, server2, server3] %> # group1 can log into
> this server
> + : @group1 : ALL
> <% end %>
>
> <% if $hostname in [server4, server5, server6] %> # group2 can log into
> this server
> + : @group2 : ALL
> <% end %>
>
> All other users should be denied to get access from all sources.
> - : ALL : ALL
>
> --
> Michael Conigliaro
> Computer Analyst
> Fuss & O'Neill Technologies
> www.fandotech.com
>
>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---