--- /dev/null
+# RDE Puppet Client config
+
+# This subclass defines the configuration for RDE Clients
+class rde::client {
+ # Remove any NIS groups
+ file_line { 'no_NIS_groups':
+ ensure => 'absent',
+ path => '/etc/passwd',
+ line => '# Remove +',
+ match => '^\+@.*',
+ multiple => 'true',
+ match_for_absence => 'true',
+ replace => 'false',
+ tag => 'nis',
+ }
+
+ file_line { 'all_users':
+ path => '/etc/passwd',
+ ensure => 'present',
+ line => '+',
+ tag => 'nis',
+ }
+}
--- /dev/null
+# RDE Puppet DNS config
+#
+# This subclass defines the configuration for DNS servers
+class rde::dns {
+ if ($hostname == 'rdeadm1') or ($hostname == 'rdeadm2') {
+ package { 'service/network/dns/bind': ensure => present, }
+
+ service { 'dns/server': ensure => 'running', }
+
+ file { '/var/named':
+ ensure => 'directory',
+ owner => 'root',
+ group => 'sys',
+ mode => '0755',
+ notify => Service['dns/server'],
+ }
+ }
+
+ if $hostname == 'rdeadm1' {
+ file { '/etc/named.conf':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/named.conf.slave',
+ notify => Service['dns/server'],
+ }
+ } elsif $hostname == 'rdeadm2' {
+ file { '/etc/named.conf':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/named.conf.master',
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/named.ca':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/named.ca',
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/gddsi.com':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/gddsi.com',
+ require => File["/var/named"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/gd-ms.us':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/gd-ms.us',
+ require => File["/var/named"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/localhost':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/localhost',
+ require => File["/var/named"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/localhost.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/localhost.in-addr.arpa',
+ require => File["/var/named"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/11.240.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/11.240.10.in-addr.arpa',
+ require => File["/var/namedb"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/12.100.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/12.100.10.in-addr.arpa',
+ require => File["/etc/namedb/master"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/12.240.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/12.240.10.in-addr.arpa',
+ require => File["/etc/namedb/master"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/13.100.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/13.100.10.in-addr.arpa',
+ require => File["/etc/namedb/master"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/14.100.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/14.100.10.in-addr.arpa',
+ require => File["/etc/namedb/master"],
+ notify => Service['dns/server'],
+ }
+ }
+}
--- /dev/null
+# RDE Puppet Client config
+
+# This subclass defines the configuration for RDE Clients
+class rde::client {
+ # Remove any NIS groups
+ file_line { 'no_NIS_groups':
+ ensure => 'absent',
+ path => '/etc/passwd',
+ line => '# Remove +',
+ match => '^\+@.*',
+ multiple => 'true',
+ match_for_absence => 'true',
+ replace => 'false',
+ tag => 'nis',
+ }
+
+ file_line { 'all_users':
+ path => '/etc/passwd',
+ ensure => 'present',
+ line => '+',
+ tag => 'nis',
+ }
+}
--- /dev/null
+# RDE Puppet DNS config
+#
+# This subclass defines the configuration for DNS servers
+class rde::dns {
+ if ($hostname == 'rdeadm1') or ($hostname == 'rdeadm2') {
+ package { 'service/network/dns/bind': ensure => present, }
+
+ service { 'dns/server': ensure => 'running', }
+
+ file { '/var/named':
+ ensure => 'directory',
+ owner => 'root',
+ group => 'sys',
+ mode => '0755',
+ notify => Service['dns/server'],
+ }
+ }
+
+ if $hostname == 'rdeadm1' {
+ file { '/etc/named.conf':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/named.conf.slave',
+ notify => Service['dns/server'],
+ }
+ } elsif $hostname == 'rdeadm2' {
+ file { '/etc/named.conf':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/named.conf.master',
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/named.ca':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/named.ca',
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/gddsi.com':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/gddsi.com',
+ require => File["/var/named"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/gd-ms.us':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/gd-ms.us',
+ require => File["/var/named"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/localhost':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/localhost',
+ require => File["/var/named"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/localhost.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/localhost.in-addr.arpa',
+ require => File["/var/named"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/11.240.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/11.240.10.in-addr.arpa',
+ require => File["/var/namedb"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/12.100.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/12.100.10.in-addr.arpa',
+ require => File["/etc/namedb/master"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/12.240.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/12.240.10.in-addr.arpa',
+ require => File["/etc/namedb/master"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/13.100.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/13.100.10.in-addr.arpa',
+ require => File["/etc/namedb/master"],
+ notify => Service['dns/server'],
+ }
+
+ file { '/var/named/14.100.10.in-addr.arpa':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ source => 'puppet:///modules/rde/14.100.10.in-addr.arpa',
+ require => File["/etc/namedb/master"],
+ notify => Service['dns/server'],
+ }
+ }
+}
--- /dev/null
+# RDE Puppet Base config
+#
+# This is the base class for all machines.
+class rde {
+ package { 'nis':
+ ensure => 'present',
+ }
+
+ nis { 'domainname':
+ domainname => 'rde',
+ }
+
+ file { '/etc/defaultdomain':
+ path => '/etc/defaultdomain',
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ content => 'rde',
+ notify => Service['nis/client'],
+ }
+
+ service { 'nis/domain':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ notify => Service['nis/client'],
+ }
+
+ nsswitch { 'nsswitch':
+ alias => 'files nis',
+ automount => 'files nis',
+ default => 'files',
+ group => 'files nis',
+ host => 'files dns nis',
+ netgroup => 'files nis',
+ password => 'files nis',
+ notify => [Service['nis/client'], Service['autofs']],
+ }
+
+ service { 'nis/client':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ notify => Service['autofs'],
+ }
+
+ service { 'dns/client':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ }
+
+ dns { 'dns/client':
+ #nameserver => ['10.100.13.21', '10.100.13.22'],
+ nameserver => ['10.100.0.10', '10.100.0.30'],
+ domain => 'gddsi.com',
+ search => ['gddsi.com'],
+ notify => [Service['dns/client'], Service['autofs']],
+ }
+
+ package { 'ntp':
+ ensure => 'present',
+ }
+
+ file { 'ntp.conf':
+ path => '/etc/inet/ntp.conf',
+ owner => 'root',
+ group => 'sys',
+ mode => '0444',
+ source => 'puppet:///modules/rde/ntp.conf',
+ notify => Service['ntp']
+ }
+
+ service { 'ntp':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ }
+
+ service { 'rpc/bind': ensure => 'running', }
+
+ service { 'zones-proxy-client':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ }
+
+ # I'm not sure if this is needed on clients. It was needed for
+ # the NIS server and slave.
+ svccfg { 'binding':
+ fmri => 'svc:/network/rpc/bind',
+ property => 'config/local_only',
+ type => 'boolean',
+ value => 'false',
+ }
+
+ service { 'autofs':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ notify => Service['rpc/bind'],
+ }
+
+ service { 'sendmail':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ }
+
+ if ($hostname = 'rdeadm1') {
+ file_line { 'sendmail_relay':
+ ensure => 'present',
+ path => '/etc/mail/sendmail.cf',
+ line => 'DSsmtp-west.gd-ms.us.',
+ notify => Service['sendmail'],
+ }
+ } else {
+ file_line { 'sendmail_relay':
+ ensure => 'present',
+ path => '/etc/mail/sendmail.cf',
+ line => 'DSrdeadm1.gddsi.com',
+ notify => Service['sendmail'],
+ }
+ }
+
+ svccfg { 'sendmail':
+ fmri => 'svc:/network/smtp:sendmail',
+ property => 'config/local_only',
+ type => 'boolean',
+ value => 'false',
+ notify => Service['sendmail'],
+ }
+
+ file { '/etc/passwd':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ }
+
+ file { '/etc/group':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ }
+
+ file { '/etc/shadow':
+ owner => 'root',
+ group => 'sys',
+ mode => '0400',
+ }
+
+ host { 'rdeadm1':
+ ensure => 'present',
+ comment => 'NIS Master',
+ ip => '10.100.13.21',
+ }
+
+ host { 'rdeadm2':
+ ensure => 'present',
+ comment => 'NIS Slave',
+ ip => '10.100.13.22',
+ }
+
+ file { 'motd':
+ path => '/etc/motd',
+ owner => 'root',
+ group => 'sys',
+ mode => '0444',
+ source => 'puppet:///modules/rde/motd',
+ }
+
+ file { 'issue':
+ path => '/etc/issue',
+ owner => 'root',
+ group => 'sys',
+ mode => '0444',
+ source => 'puppet:///modules/rde/issue',
+ }
+
+ file { 'sudoers':
+ path => '/etc/sudoers.d/admins',
+ owner => 'root',
+ group => 'sys',
+ mode => '0444',
+ content => "+ccadms ALL=(ALL) ALL\np2282c ALL=(ALL) NOPASSWD:ALL\nhn06511 ALL=(ALL) NOPASSWD:ALL\n",
+ }
+
+ # Add "+" to /etc/group
+ file_line { 'groups':
+ path => '/etc/group',
+ ensure => 'present',
+ line => '+',
+ }
+
+ # Add "+" to /etc/shadow
+ file_line { 'shadow':
+ path => '/etc/shadow',
+ ensure => 'present',
+ line => '+',
+ }
+
+ # Everybody mounts these
+ file_line { 'vob_storage',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/rdevob1 - /rdevob1 nfs - yes -',
+ }
+ file_line { 'view_storage',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/rdeview1 - /rdeview1 nfs - yes -',
+ }
+
+ if ($hostname == 'rdevob1' || $hostname == 'rdevob2') {
+ file_line { 'transfer':
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/transfer - /transfer nfs - yes -',
+ }
+ file_line { 'rdevob2',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/rdevob2 - /rdevob2 nfs - yes -',
+ }
+ }
+
+ if ($hostname == 'rdevob1') {
+ file_line { 'export',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/export - /export nfs - yes -',
+ }
+ }
+
+ if ($hostname == 'rdevob1') {
+ file_line { 'rdeview2',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/rdeview2 - /rdeview2 nfs - yes -',
+ }
+ }
+
+ $std_packages = ['vim', 'gvim', 'tcsh', 'xauth', 'xclock', 'xterm', 'top', 'rdesktop', 'firefox', 'telnet', 'git', 'expect', 'make', 'gcc', 'motif', 'libxp']
+
+ package { $std_packages:
+ ensure => 'present',
+ }
+}
--- /dev/null
+# RDE Puppet Server config
+
+# This subclass defines the configuration for RDE Servers
+class rde::server {
+ # Remove any naked '+''s
+ file_line { 'all_users':
+ ensure => 'absent',
+ path => '/etc/passwd',
+ line => '# Remove +',
+ match => '^\+$',
+ match_for_absence => 'true',
+ replace => 'false',
+ tag => 'nis',
+ }
+
+ # Make sure only members of the ccadms netgroup can log in
+ file_line { 'server_users':
+ path => '/etc/passwd',
+ ensure => 'present',
+ line => '+@ccadms',
+ tag => 'nis',
+ }
+}
--- /dev/null
+# RDE Puppet Windows config
+
+# This subclass defines the configuration for RDE Windows machines
+class rde::windows {
+ tag 'cbc'
+
+ #$win_software_repo = '\\az251dp2ch2d\Software' # A software repo. Currently on the machine under test but can be on any share
+
+ # Install Cygwin
+ $cyg_setup = "$win_software_repo\\Cygwin-2.9-Win64\\setup-x86_64.exe"
+ $cyg_repo = "-L -l $win_software_repo\\Cygwin-2.9-Win64"
+ $cyg_categories = "-C Base"
+ $cyg_root = 'C:\Cygwin'
+ $cyg_install_to = "-R $cyg_root"
+ $cyg_pkgs = "-P openssh,cygrunsrv,bzip2,unzip,zip,gcc-core,gcc-G++,git,git-gui,make,vim,vim-common,perl,perl_base,perl-Term-ReadLine-Gnu,perl-Term-ReadKey,php,python2,python3,dos2unix,rlwrap,wget,xorg-server,xorg-server-common,xorg-x11-fonts-dpi100,xauth,xclock,xload,xterm,gnome-terminal,dbus-x11"
+
+ exec { 'Install Cygwin':
+ command => "$cyg_setup -q $cyg_repo $cyg_install_to $cyg_categories $cyg_pkgs",
+ creates => $cyg_root,
+ timeout => 600, # Cygwin takes some time to install
+ }
+
+ exec { 'Setup sshd':
+ path => "$cyg_root\\bin",
+ command => "bash /usr/bin/ssh-host-config2 -y -u cyg_server -w 'Ranroot!'",
+ creates => "$cyg_root/etc/sshd_config",
+ logoutput => 'on_failure',
+ }
+
+ windows::path { "$cyg_root\\bin": }
+
+ windows::unzip { "$win_software_repo\\ProcessExplorer.zip":
+ destination => 'C:\Windows\System32',
+ creates => 'C:\Windows\System32\Procexp.exe',
+ }
+
+ exec { 'Install Firefox':
+ command => "$win_software_repo\\FirefoxInstaller.exe -ms",
+ creates => 'C:\Program Files\Mozilla Firefox\firefox.exe',
+ }
+
+ exec { 'Install Adobe Reader':
+ command => "$win_software_repo\\AcroRdrDC1801120040_en_US.exe /sAll",
+ creates => 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe',
+ }
+}
--- /dev/null
+# RDE Puppet Windows Client config
+
+# This subclass defines the configuration for RDE Windows client machines
+class rde::windows::client {
+ # Not sure what additional software is needed for a Windows Server to be a Domain
+ # Controller (DC) nor what added software might make it more useful.
+}
--- /dev/null
+# RDE Puppet Windows Domain Controller config\r
+\r
+# This subclass defines the configuration for RDE Windows domain controller\r
+class rde::windows::domain_controller {\r
+ tag 'dc'\r
+\r
+ install => 'present',\r
+ installmanagementtools => true,\r
+ restart => true,\r
+ installflag => true,\r
+ configure => 'present',\r
+ configureflag => true,\r
+ domain => 'forest',\r
+ domainname => 'gddsi.com',\r
+ netbiosdomainname => 'rde',\r
+ domainlevel => '6',\r
+ forestlevel => '6',\r
+ databasepath => 'c:\windows\ntds',\r
+ logpath => 'c:\windows\ntds',\r
+ sysvolpath => 'c:\windows\sysvol',\r
+ installtype => 'domain',\r
+ dsrmpassword => '<domain password>',\r
+ installdns => 'yes',\r
+ localadminpassword => '<local password>',\r
+}
\ No newline at end of file
--- /dev/null
+# RDE Puppet Windows Server config
+
+# This subclass defines the configuration for RDE Windows server machines
+
+class rde::windows::server {
+
+}
\ No newline at end of file
--- /dev/null
+# RDE Puppet Windows Terminal config\r
+\r
+# This subclass defines the configuration for RDE Windows terminal server. Note that\r
+# this server will have a lot of development tools installed on it as RDE developers\r
+# use these machines to run Windows tools.\r
+#\r
+# Seems like there are a few ways to install Windows packages. One is just using exec.\r
+# The other is just to unzip a file. Finally there's .msi files. I think we can use\r
+# the package resource for .msi's and .exe's. Not as sure about being able to unsip\r
+# applications that are just delivered as a zip file. I need a Windows machine to test\r
+# things on.\r
+\r
+class rde::wints {\r
+ $win_software_repo = '\\az251dp2ch2d\Software' # A software repo. Currently on the machine under test but can be on any share\r
+ tag 'ts'\r
+\r
+ # ActivePerl: Installs OK\r
+ windows::unzip { "$win_software_repo\\ActivePerl-5.24.3.2404-MSWin32-x64-404865.zip":\r
+ destination => "C:\\",\r
+ creates => 'C:\Perl',\r
+ tag => ['activeperl'],\r
+ }\r
+\r
+ # PHP\r
+ file { 'C:\PHP':\r
+ ensure => 'directory',\r
+ tag => ['php'],\r
+ }\r
+\r
+ # PHP: Installs OK\r
+ windows::unzip { "$win_software_repo\\PHP-5.6.31\\php-5.6.31-Win32-VC11-x86.zip":\r
+ destination => "C:\\PHP",\r
+ creates => "C:\\PHP\\bin",\r
+ require => File['C:\PHP'],\r
+ tag => ['php'],\r
+ }\r
+\r
+ # Ghostscript: Installs OK\r
+ package { 'Ghostscript':\r
+ source => "$win_software_repo\\Ghostscript-9.0.9\\gs909w64.exe",\r
+ install_options => '/S /NCRC',\r
+ tag => ['ghostscript'],\r
+ }\r
+\r
+ # BeyondCompare: Installs OK\r
+ exec { 'Beyond Compare':\r
+ command => "$win_software_repo\\TPS1166_Beyond_Compare\\beycomp_081407.exe /verysilent /sp-",\r
+ tag => ['beyondcompare']\r
+ }\r
+\r
+ # SecureCRT: Installs OK\r
+ package { 'SecureCRT':\r
+ source => "$win_software_repo\\TPS1284_SecureCRT_v6.63\\scrt663-x64.exe",\r
+ install_options => '/s /v"/qn"',\r
+ tag => ['securecrt'],\r
+ }\r
+\r
+ # Apache Tomcat: Installs OK\r
+ windows::unzip { "$win_software_repo\\Apache-Tomcat-8.5.11\\apache-tomcat-8.5.11-windows-x64.zip":\r
+ destination => 'C:\Program Files',\r
+ creates => 'C:\Program Files\apache-tomcat-8.5.11',\r
+ tag => ['apachetomcat'],\r
+ }\r
+\r
+ # DeepBurner: Installs OK\r
+ package { 'DeepBurner':\r
+ source => "$win_software_repo\\DeepBurner-1.9\\DeepBurner1.exe",\r
+ install_options => '/s',\r
+ tag => ['deepburner'],\r
+ }\r
+\r
+ # GnuWin32: This "install" requires considerable hand configuration and also\r
+ # reaches out to the Internet to download packages. This will not fly behind\r
+ # a firewall and most of the functionality here is already provided in Cygwin.\r
+ # exec { 'GnuWin32':\r
+ # command => "$win_software_repo\\GnuWin32-0.6.21\\GetGnuWin32\\install.bat",\r
+ # creates => "???",\r
+ #}\r
+\r
+ # Notepad++: Installs OK\r
+ package { 'Notepad++':\r
+ source => "$win_software_repo\\Notepad++7.5.6\\npp.7.5.6.Installer.exe",\r
+ install_options => '/S',\r
+ tag => ['notepadplusplus'],\r
+ }\r
+\r
+ # Console2: Installs OK\r
+ windows::unzip { "$win_software_repo\\Console-2.00b148-Beta_64bit.zip":\r
+ destination => 'C:\Program Files',\r
+ creates => 'C:\Program Files\Console2',\r
+ tag => 'console2',\r
+ }\r
+\r
+ # JDK: Installs OK\r
+ package { 'JDK':\r
+ source => "$win_software_repo\\jdk-8u172-windows-x64.exe",\r
+ install_options => '/s',\r
+ tag => 'jdk',\r
+ }\r
+\r
+ # Eclipse: Installs OK\r
+ windows::unzip { "$win_software_repo\\Eclipse.zip":\r
+ destination => "C:\\",\r
+ creates => 'C:\Eclipse',\r
+ tag => ['eclipse'],\r
+ }\r
+\r
+ windows::shortcut { 'C:\Users\All Users\Desktop\Eclipse.lnk':\r
+ target => 'C:\Eclipse\Eclipse.exe',\r
+ description => 'Eclipse IDE',\r
+ tag => ['eclipse'],\r
+ }\r
+\r
+ # Microsoft SQL Server: I tried installing this but it was too old to run on\r
+ # 2012 R2\r
+ # exec { 'Microsoft SQL Server':\r
+ # command => "$win_software_repo\\Microsoft-SQL-Server-2005-SP3-Express-Edition\\SQLEXPR64-SP3.exe",\r
+ # #creates => "???",\r
+ #}\r
+\r
+ # Microsoft Visual Studio: Thought this was working. Turns out it doesn't work.\r
+ # Works by hand though :-(\r
+ exec { 'Microsoft Visual Studio':\r
+ command => "$win_software_repo\\TPS0004_Visual_studio_Pro_2010\\Setup\Setup.exe /q /full",\r
+ creates => 'C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\devenv.exe',\r
+ tag => ['visualstudio'],\r
+ timeout => 600, # Visual Studio takes some time to install\r
+ }\r
+\r
+ exec { 'Console Emulator':\r
+ command => "$win_software_repo\\ConEmu-150813\\ConEmuSetup.150813g.exe /p:x64 /qr",\r
+ creates => 'C:\Program Files\ConEmu',\r
+ tag => ['conemu'],\r
+ }\r
+\r
+ # Putty: Installs OK\r
+ exec { 'Putty':\r
+ command => "$win_software_repo\\TPS1288_PuTTY\\putty-0.63-installer.exe /verysilent /sp-",\r
+ tag => ['putty'],\r
+ }\r
+\r
+ # Python 2.7.13: Installs OK\r
+ package { 'Python 2.7.13':\r
+ source => "$win_software_repo\\Python-2.7.13\\Windows\\python-2.7.13.amd64.msi",\r
+ install_options => '/qn',\r
+ tag => ['python2713'],\r
+ }\r
+\r
+ # Pythong 3.6.4: Installs OK\r
+ exec { 'Python 3.6.4':\r
+ command => "$win_software_repo\\Python-3.6.4\\python-3.6.4-amd64.exe /quiet InstallAllUsers=1 PrependPath=1",\r
+ tag => ['python364'],\r
+ }\r
+\r
+ # TeraTerm: Installs OK\r
+ package { 'TeraTerm':\r
+ source => "$win_software_repo\\TeraTerm-4.7.3\\teraterm-4.73.exe",\r
+ install_options => '/verysilent',\r
+ tag => ['teraterm'],\r
+ }\r
+\r
+ # VIM 7.3: Installs OK\r
+ windows::unzip { "$win_software_repo\\VIM-7.3\\MSDOS\\vim73w32.zip":\r
+ destination => 'C:\Program Files',\r
+ creates => 'C:\Program Files\vim',\r
+ tag => ['vim'],\r
+ }\r
+\r
+ # VNC: Installs OK\r
+ package { 'VNC':\r
+ source => "$win_software_repo\\VNC-Open-4.1.3\\vnc-4_1_3-x86_win32.exe",\r
+ install_options => '/verysilent',\r
+ tag => ['vnc'],\r
+ }\r
+\r
+ # Microsoft Office: Installs OK\r
+ exec { 'Microsoft Office':\r
+ command => "$win_software_repo\\TPS1293_Office_Standard\\setup.exe /config Standard.WW\config.xml",\r
+ tag => ['office'],\r
+ }\r
+\r
+ # Microsoft Visio: Installs OK\r
+ exec { 'Microsoft Visio':\r
+ command => "$win_software_repo\\TPS0003_Visio_Standard\\x86\\setup.exe /config Visio.WW\config.xml",\r
+ timeout => 600, # Microsoft Visio takes some time to install\r
+ tag => ['visio'],\r
+ }\r
+}\r
--- /dev/null
+# RDE Puppet Base config
+#
+# This is the base class for all machines.
+class rde {
+ package { 'nis':
+ ensure => 'present',
+ }
+
+ nis { 'domainname':
+ domainname => 'rde',
+ }
+
+ file { '/etc/defaultdomain':
+ path => '/etc/defaultdomain',
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ content => 'rde',
+ notify => Service['nis/client'],
+ }
+
+ service { 'nis/domain':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ notify => Service['nis/client'],
+ }
+
+ nsswitch { 'nsswitch':
+ alias => 'files nis',
+ automount => 'files nis',
+ default => 'files',
+ group => 'files nis',
+ host => 'files dns nis',
+ netgroup => 'files nis',
+ password => 'files nis',
+ notify => [Service['nis/client'], Service['autofs']],
+ }
+
+ service { 'nis/client':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ notify => Service['autofs'],
+ }
+
+ service { 'dns/client':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ }
+
+ dns { 'dns/client':
+ #nameserver => ['10.100.13.21', '10.100.13.22'],
+ nameserver => ['10.100.0.10', '10.100.0.30'],
+ domain => 'gddsi.com',
+ search => ['gddsi.com'],
+ notify => [Service['dns/client'], Service['autofs']],
+ }
+
+ package { 'ntp':
+ ensure => 'present',
+ }
+
+ file { 'ntp.conf':
+ path => '/etc/inet/ntp.conf',
+ owner => 'root',
+ group => 'sys',
+ mode => '0444',
+ source => 'puppet:///modules/rde/ntp.conf',
+ notify => Service['ntp']
+ }
+
+ service { 'ntp':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ }
+
+ service { 'rpc/bind': ensure => 'running', }
+
+ service { 'zones-proxy-client':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ }
+
+ # I'm not sure if this is needed on clients. It was needed for
+ # the NIS server and slave.
+ svccfg { 'binding':
+ fmri => 'svc:/network/rpc/bind',
+ property => 'config/local_only',
+ type => 'boolean',
+ value => 'false',
+ }
+
+ service { 'autofs':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ notify => Service['rpc/bind'],
+ }
+
+ service { 'sendmail':
+ ensure => 'running',
+ enable => 'true',
+ provider => 'smf',
+ }
+
+ if ($hostname = 'rdeadm1') {
+ file_line { 'sendmail_relay':
+ ensure => 'present',
+ path => '/etc/mail/sendmail.cf',
+ line => 'DSsmtp-west.gd-ms.us.',
+ notify => Service['sendmail'],
+ }
+ } else {
+ file_line { 'sendmail_relay':
+ ensure => 'present',
+ path => '/etc/mail/sendmail.cf',
+ line => 'DSrdeadm1.gddsi.com',
+ notify => Service['sendmail'],
+ }
+ }
+
+ svccfg { 'sendmail':
+ fmri => 'svc:/network/smtp:sendmail',
+ property => 'config/local_only',
+ type => 'boolean',
+ value => 'false',
+ notify => Service['sendmail'],
+ }
+
+ file { '/etc/passwd':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ }
+
+ file { '/etc/group':
+ owner => 'root',
+ group => 'sys',
+ mode => '0644',
+ }
+
+ file { '/etc/shadow':
+ owner => 'root',
+ group => 'sys',
+ mode => '0400',
+ }
+
+ host { 'rdeadm1':
+ ensure => 'present',
+ comment => 'NIS Master',
+ ip => '10.100.13.21',
+ }
+
+ host { 'rdeadm2':
+ ensure => 'present',
+ comment => 'NIS Slave',
+ ip => '10.100.13.22',
+ }
+
+ file { 'motd':
+ path => '/etc/motd',
+ owner => 'root',
+ group => 'sys',
+ mode => '0444',
+ source => 'puppet:///modules/rde/motd',
+ }
+
+ file { 'issue':
+ path => '/etc/issue',
+ owner => 'root',
+ group => 'sys',
+ mode => '0444',
+ source => 'puppet:///modules/rde/issue',
+ }
+
+ file { 'sudoers':
+ path => '/etc/sudoers.d/admins',
+ owner => 'root',
+ group => 'sys',
+ mode => '0444',
+ content => "+ccadms ALL=(ALL) ALL\np2282c ALL=(ALL) NOPASSWD:ALL\nhn06511 ALL=(ALL) NOPASSWD:ALL\n",
+ }
+
+ # Add "+" to /etc/group
+ file_line { 'groups':
+ path => '/etc/group',
+ ensure => 'present',
+ line => '+',
+ }
+
+ # Add "+" to /etc/shadow
+ file_line { 'shadow':
+ path => '/etc/shadow',
+ ensure => 'present',
+ line => '+',
+ }
+
+ # Everybody mounts these
+ file_line { 'vob_storage',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/rdevob1 - /rdevob1 nfs - yes -',
+ }
+ file_line { 'view_storage',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/rdeview1 - /rdeview1 nfs - yes -',
+ }
+
+ if ($hostname == 'rdevob1' || $hostname == 'rdevob2') {
+ file_line { 'transfer':
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/transfer - /transfer nfs - yes -',
+ }
+ file_line { 'rdevob2',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/rdevob2 - /rdevob2 nfs - yes -',
+ }
+ }
+
+ if ($hostname == 'rdevob1') {
+ file_line { 'export',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/export - /export nfs - yes -',
+ }
+ }
+
+ if ($hostname == 'rdevob1') {
+ file_line { 'rdeview2',
+ ensure => 'present',
+ path => '/etc/vfstab',
+ line => 'muosrdenas1:/rdeview2 - /rdeview2 nfs - yes -',
+ }
+ }
+
+ $std_packages = ['vim', 'gvim', 'tcsh', 'xauth', 'xclock', 'xterm', 'top', 'rdesktop', 'firefox', 'telnet', 'git', 'expect', 'make', 'gcc', 'motif', 'libxp']
+
+ package { $std_packages:
+ ensure => 'present',
+ }
+}
--- /dev/null
+# RDE Puppet Server config
+
+# This subclass defines the configuration for RDE Servers
+class rde::server {
+ # Remove any naked '+''s
+ file_line { 'all_users':
+ ensure => 'absent',
+ path => '/etc/passwd',
+ line => '# Remove +',
+ match => '^\+$',
+ match_for_absence => 'true',
+ replace => 'false',
+ tag => 'nis',
+ }
+
+ # Make sure only members of the ccadms netgroup can log in
+ file_line { 'server_users':
+ path => '/etc/passwd',
+ ensure => 'present',
+ line => '+@ccadms',
+ tag => 'nis',
+ }
+}
--- /dev/null
+# RDE Puppet Windows config
+
+# This subclass defines the configuration for RDE Windows machines
+class rde::windows {
+ tag 'cbc'
+
+ #$win_software_repo = '\\az251dp2ch2d\Software' # A software repo. Currently on the machine under test but can be on any share
+
+ # Install Cygwin
+ $cyg_setup = "$win_software_repo\\Cygwin-2.9-Win64\\setup-x86_64.exe"
+ $cyg_repo = "-L -l $win_software_repo\\Cygwin-2.9-Win64"
+ $cyg_categories = "-C Base"
+ $cyg_root = 'C:\Cygwin'
+ $cyg_install_to = "-R $cyg_root"
+ $cyg_pkgs = "-P openssh,cygrunsrv,bzip2,unzip,zip,gcc-core,gcc-G++,git,git-gui,make,vim,vim-common,perl,perl_base,perl-Term-ReadLine-Gnu,perl-Term-ReadKey,php,python2,python3,dos2unix,rlwrap,wget,xorg-server,xorg-server-common,xorg-x11-fonts-dpi100,xauth,xclock,xload,xterm,gnome-terminal,dbus-x11"
+
+ exec { 'Install Cygwin':
+ command => "$cyg_setup -q $cyg_repo $cyg_install_to $cyg_categories $cyg_pkgs",
+ creates => $cyg_root,
+ timeout => 600, # Cygwin takes some time to install
+ }
+
+ exec { 'Setup sshd':
+ path => "$cyg_root\\bin",
+ command => "bash /usr/bin/ssh-host-config2 -y -u cyg_server -w 'Ranroot!'",
+ creates => "$cyg_root/etc/sshd_config",
+ logoutput => 'on_failure',
+ }
+
+ windows::path { "$cyg_root\\bin": }
+
+ windows::unzip { "$win_software_repo\\ProcessExplorer.zip":
+ destination => 'C:\Windows\System32',
+ creates => 'C:\Windows\System32\Procexp.exe',
+ }
+
+ exec { 'Install Firefox':
+ command => "$win_software_repo\\FirefoxInstaller.exe -ms",
+ creates => 'C:\Program Files\Mozilla Firefox\firefox.exe',
+ }
+
+ exec { 'Install Adobe Reader':
+ command => "$win_software_repo\\AcroRdrDC1801120040_en_US.exe /sAll",
+ creates => 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe',
+ }
+}
--- /dev/null
+# RDE Puppet Windows Client config
+
+# This subclass defines the configuration for RDE Windows client machines
+class rde::windows::client {
+ # Not sure what additional software is needed for a Windows Server to be a Domain
+ # Controller (DC) nor what added software might make it more useful.
+}
--- /dev/null
+# RDE Puppet Windows Domain Controller config\r
+\r
+# This subclass defines the configuration for RDE Windows domain controller\r
+class rde::windows::domain_controller {\r
+ tag 'dc'\r
+\r
+ install => 'present',\r
+ installmanagementtools => true,\r
+ restart => true,\r
+ installflag => true,\r
+ configure => 'present',\r
+ configureflag => true,\r
+ domain => 'forest',\r
+ domainname => 'gddsi.com',\r
+ netbiosdomainname => 'rde',\r
+ domainlevel => '6',\r
+ forestlevel => '6',\r
+ databasepath => 'c:\windows\ntds',\r
+ logpath => 'c:\windows\ntds',\r
+ sysvolpath => 'c:\windows\sysvol',\r
+ installtype => 'domain',\r
+ dsrmpassword => '<domain password>',\r
+ installdns => 'yes',\r
+ localadminpassword => '<local password>',\r
+}
\ No newline at end of file
--- /dev/null
+# RDE Puppet Windows Server config
+
+# This subclass defines the configuration for RDE Windows server machines
+
+class rde::windows::server {
+
+}
\ No newline at end of file
--- /dev/null
+# RDE Puppet Windows Terminal config\r
+\r
+# This subclass defines the configuration for RDE Windows terminal server. Note that\r
+# this server will have a lot of development tools installed on it as RDE developers\r
+# use these machines to run Windows tools.\r
+#\r
+# Seems like there are a few ways to install Windows packages. One is just using exec.\r
+# The other is just to unzip a file. Finally there's .msi files. I think we can use\r
+# the package resource for .msi's and .exe's. Not as sure about being able to unsip\r
+# applications that are just delivered as a zip file. I need a Windows machine to test\r
+# things on.\r
+\r
+class rde::wints {\r
+ $win_software_repo = '\\az251dp2ch2d\Software' # A software repo. Currently on the machine under test but can be on any share\r
+ tag 'ts'\r
+\r
+ # ActivePerl: Installs OK\r
+ windows::unzip { "$win_software_repo\\ActivePerl-5.24.3.2404-MSWin32-x64-404865.zip":\r
+ destination => "C:\\",\r
+ creates => 'C:\Perl',\r
+ tag => ['activeperl'],\r
+ }\r
+\r
+ # PHP\r
+ file { 'C:\PHP':\r
+ ensure => 'directory',\r
+ tag => ['php'],\r
+ }\r
+\r
+ # PHP: Installs OK\r
+ windows::unzip { "$win_software_repo\\PHP-5.6.31\\php-5.6.31-Win32-VC11-x86.zip":\r
+ destination => "C:\\PHP",\r
+ creates => "C:\\PHP\\bin",\r
+ require => File['C:\PHP'],\r
+ tag => ['php'],\r
+ }\r
+\r
+ # Ghostscript: Installs OK\r
+ package { 'Ghostscript':\r
+ source => "$win_software_repo\\Ghostscript-9.0.9\\gs909w64.exe",\r
+ install_options => '/S /NCRC',\r
+ tag => ['ghostscript'],\r
+ }\r
+\r
+ # BeyondCompare: Installs OK\r
+ exec { 'Beyond Compare':\r
+ command => "$win_software_repo\\TPS1166_Beyond_Compare\\beycomp_081407.exe /verysilent /sp-",\r
+ tag => ['beyondcompare']\r
+ }\r
+\r
+ # SecureCRT: Installs OK\r
+ package { 'SecureCRT':\r
+ source => "$win_software_repo\\TPS1284_SecureCRT_v6.63\\scrt663-x64.exe",\r
+ install_options => '/s /v"/qn"',\r
+ tag => ['securecrt'],\r
+ }\r
+\r
+ # Apache Tomcat: Installs OK\r
+ windows::unzip { "$win_software_repo\\Apache-Tomcat-8.5.11\\apache-tomcat-8.5.11-windows-x64.zip":\r
+ destination => 'C:\Program Files',\r
+ creates => 'C:\Program Files\apache-tomcat-8.5.11',\r
+ tag => ['apachetomcat'],\r
+ }\r
+\r
+ # DeepBurner: Installs OK\r
+ package { 'DeepBurner':\r
+ source => "$win_software_repo\\DeepBurner-1.9\\DeepBurner1.exe",\r
+ install_options => '/s',\r
+ tag => ['deepburner'],\r
+ }\r
+\r
+ # GnuWin32: This "install" requires considerable hand configuration and also\r
+ # reaches out to the Internet to download packages. This will not fly behind\r
+ # a firewall and most of the functionality here is already provided in Cygwin.\r
+ # exec { 'GnuWin32':\r
+ # command => "$win_software_repo\\GnuWin32-0.6.21\\GetGnuWin32\\install.bat",\r
+ # creates => "???",\r
+ #}\r
+\r
+ # Notepad++: Installs OK\r
+ package { 'Notepad++':\r
+ source => "$win_software_repo\\Notepad++7.5.6\\npp.7.5.6.Installer.exe",\r
+ install_options => '/S',\r
+ tag => ['notepadplusplus'],\r
+ }\r
+\r
+ # Console2: Installs OK\r
+ windows::unzip { "$win_software_repo\\Console-2.00b148-Beta_64bit.zip":\r
+ destination => 'C:\Program Files',\r
+ creates => 'C:\Program Files\Console2',\r
+ tag => 'console2',\r
+ }\r
+\r
+ # JDK: Installs OK\r
+ package { 'JDK':\r
+ source => "$win_software_repo\\jdk-8u172-windows-x64.exe",\r
+ install_options => '/s',\r
+ tag => 'jdk',\r
+ }\r
+\r
+ # Eclipse: Installs OK\r
+ windows::unzip { "$win_software_repo\\Eclipse.zip":\r
+ destination => "C:\\",\r
+ creates => 'C:\Eclipse',\r
+ tag => ['eclipse'],\r
+ }\r
+\r
+ windows::shortcut { 'C:\Users\All Users\Desktop\Eclipse.lnk':\r
+ target => 'C:\Eclipse\Eclipse.exe',\r
+ description => 'Eclipse IDE',\r
+ tag => ['eclipse'],\r
+ }\r
+\r
+ # Microsoft SQL Server: I tried installing this but it was too old to run on\r
+ # 2012 R2\r
+ # exec { 'Microsoft SQL Server':\r
+ # command => "$win_software_repo\\Microsoft-SQL-Server-2005-SP3-Express-Edition\\SQLEXPR64-SP3.exe",\r
+ # #creates => "???",\r
+ #}\r
+\r
+ # Microsoft Visual Studio: Thought this was working. Turns out it doesn't work.\r
+ # Works by hand though :-(\r
+ exec { 'Microsoft Visual Studio':\r
+ command => "$win_software_repo\\TPS0004_Visual_studio_Pro_2010\\Setup\Setup.exe /q /full",\r
+ creates => 'C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\devenv.exe',\r
+ tag => ['visualstudio'],\r
+ timeout => 600, # Visual Studio takes some time to install\r
+ }\r
+\r
+ exec { 'Console Emulator':\r
+ command => "$win_software_repo\\ConEmu-150813\\ConEmuSetup.150813g.exe /p:x64 /qr",\r
+ creates => 'C:\Program Files\ConEmu',\r
+ tag => ['conemu'],\r
+ }\r
+\r
+ # Putty: Installs OK\r
+ exec { 'Putty':\r
+ command => "$win_software_repo\\TPS1288_PuTTY\\putty-0.63-installer.exe /verysilent /sp-",\r
+ tag => ['putty'],\r
+ }\r
+\r
+ # Python 2.7.13: Installs OK\r
+ package { 'Python 2.7.13':\r
+ source => "$win_software_repo\\Python-2.7.13\\Windows\\python-2.7.13.amd64.msi",\r
+ install_options => '/qn',\r
+ tag => ['python2713'],\r
+ }\r
+\r
+ # Pythong 3.6.4: Installs OK\r
+ exec { 'Python 3.6.4':\r
+ command => "$win_software_repo\\Python-3.6.4\\python-3.6.4-amd64.exe /quiet InstallAllUsers=1 PrependPath=1",\r
+ tag => ['python364'],\r
+ }\r
+\r
+ # TeraTerm: Installs OK\r
+ package { 'TeraTerm':\r
+ source => "$win_software_repo\\TeraTerm-4.7.3\\teraterm-4.73.exe",\r
+ install_options => '/verysilent',\r
+ tag => ['teraterm'],\r
+ }\r
+\r
+ # VIM 7.3: Installs OK\r
+ windows::unzip { "$win_software_repo\\VIM-7.3\\MSDOS\\vim73w32.zip":\r
+ destination => 'C:\Program Files',\r
+ creates => 'C:\Program Files\vim',\r
+ tag => ['vim'],\r
+ }\r
+\r
+ # VNC: Installs OK\r
+ package { 'VNC':\r
+ source => "$win_software_repo\\VNC-Open-4.1.3\\vnc-4_1_3-x86_win32.exe",\r
+ install_options => '/verysilent',\r
+ tag => ['vnc'],\r
+ }\r
+\r
+ # Microsoft Office: Installs OK\r
+ exec { 'Microsoft Office':\r
+ command => "$win_software_repo\\TPS1293_Office_Standard\\setup.exe /config Standard.WW\config.xml",\r
+ tag => ['office'],\r
+ }\r
+\r
+ # Microsoft Visio: Installs OK\r
+ exec { 'Microsoft Visio':\r
+ command => "$win_software_repo\\TPS0003_Visio_Standard\\x86\\setup.exe /config Visio.WW\config.xml",\r
+ timeout => 600, # Microsoft Visio takes some time to install\r
+ tag => ['visio'],\r
+ }\r
+}\r
projects / clearscm.git / commitdiff