Pattern Requests
Version 7 (James Turnbull, 07/06/2010 10:59 pm)
| 1 | 3 | James Turnbull | # Pattern Requests |
|---|---|---|---|
| 2 | 3 | James Turnbull | |
| 3 | 7 | James Turnbull | Create a list here of patterns you'd like to see, and those |
| 4 | 1 | Puppeteers who have time will try to come by and create them. |
|
| 5 | 1 | ||
| 6 | 1 | **Puppet** |
|
| 7 | 1 | ||
| 8 | 1 | - An 'editfile' type. I don't know why editing files isn't built |
|
| 9 | 1 | into Puppet, but it's an obvious short-coming, and everyone seems |
|
| 10 | 1 | to be asking for it. There's some scattered modules on the net |
|
| 11 | 1 | which attempt to solve this, but they're poorly documented, have |
|
| 12 | 1 | dependencies, and are not built-in. An 'editfile' "Type" could be |
|
| 13 | 1 | very elegant and probably be put into a single \*.rb file under |
|
| 14 | 1 | $RUBY\_LIB\_DIR/site\_ruby/1.8/puppet/type/editfile.rb. The |
|
| 15 | 1 | 'editfile' type \_should\_ extend the 'file' type, so configs can |
|
| 16 | 1 | remain compact. An example usage would be: |
|
| 17 | 1 | editfile { "cron.allow": |
|
| 18 | 1 | path => "/etc/cron.d/cron.allow", |
|
| 19 | 1 | owner => root, |
|
| 20 | 1 | group => sys, |
|
| 21 | 1 | mode => 600, |
|
| 22 | 1 | append_if_no_such_line => ["john_smith", "root", "sys"], |
|
| 23 | 1 | remove_line_if_matches => "evil_user", |
|
| 24 | 1 | comment_out_if_matches => ".*daemon", |
|
| 25 | 1 | } |
|
| 26 | 1 | ||
| 27 | 1 | ||
| 28 | 1 | Would this not be the most elegant solution!? |
|
| 29 | 1 | ||
| 30 | 4 | Patrick Mohr | |
| 31 | 4 | Patrick Mohr | |
| 32 | 4 | Patrick Mohr | First, an uncomment would be nice too, but there's a bigger problem. How are lines commented? Does it use ;, //, # or something else? There could be an attribute that's a string called comment_prefix. We could default it or guess the default, but I think that both of those could easily cause the user problems. I think forcing the user to explicitly choose it is best. |
| 33 | 4 | Patrick Mohr | Also, right now people do this with augeas and sed defines. It still seems useful when you don't need as much flexibility as sed gives, and for some reason augeas isn't practical. |
| 34 | 4 | Patrick Mohr | -Patrick |
| 35 | 4 | Patrick Mohr | |
| 36 | 1 | - some kind of ssh authorized\_keys management |
|
| 37 | 1 | ||
| 38 | 1 | See [[Authorized\_Keys\_Patterns|Recipes/Authorized\_keys]] for a |
|
| 39 | 1 | working solution. - windowsrefund |
|
| 40 | 1 | ||
| 41 | 1 | - bind zone files |
|
| 42 | 1 | - /etc/group membership management (different groups have |
|
| 43 | 1 | different users, in no particular order) (This is already possible |
|
| 44 | 1 | -- you use the groups attribute on individual users. --luke) |
|
| 45 | 1 | - automate the provisioning of Solaris Zones including the |
|
| 46 | 1 | installation/configuration of puppet so that additional software |
|
| 47 | 1 | can be automatically installed within that zone. |
|
| 48 | 1 | - automate the installation of firefox extensions - |
|
| 49 | 1 | unfortunately, most distributions don't package them. |
|
| 50 | 1 | - looks like xpi files are just zipped archives that can be |
|
| 51 | 1 | extracted into either a user's local directory or a system-wide |
|
| 52 | 1 | directory. In Ubuntu 7.10, that appears to be |
|
| 53 | 1 | /usr/lib/firefox/extensions. Candidate for facter? |
|
| 54 | 1 | - I don't think it is that easy. Firefox extensions have also to |
|
| 55 | 1 | be registered into extensions.ini and extensions.rdf files with |
|
| 56 | 1 | their appropriate manifests, so that Firefox knows where to look |
|
| 57 | 1 | for what. |
|
| 58 | 1 | - Debian has created some infrastructure for registering globally |
|
| 59 | 1 | installed extensions. Rather, probably worth another package |
|
| 60 | 1 | provider. |
|
| 61 | 1 | ||
| 62 | 1 | ||
| 63 | 1 | ||
| 64 | 1 | - Management for quota. |
|
| 65 | 1 | - Initially enabling quota for partitions |
|
| 66 | 1 | ||
| 67 | 1 | - Management of local NIS users. People who need this seem |
|
| 68 | 1 | largely to be rolling their own alternatives to the User type, but |
|
| 69 | 1 | the Right Way is probably a custom provider for the User type. |
|
| 70 | 1 | ||
| 71 | 1 | **Facter** |
|
| 72 | 1 | ||
| 73 | 1 | - firewall facts, e.g. network interfaces, ipaddresses, netmasks, |
|
| 74 | 1 | default gateway, routes, |
|
| 75 | 1 | - better freebsd facts. by default only the following are |
|
| 76 | 1 | available on freebsd: |
|
| 77 | 1 | ||
| 78 | 1 | domain |
|
| 79 | 1 | facterversion |
|
| 80 | 1 | fqdn |
|
| 81 | 1 | hardwaremodel |
|
| 82 | 1 | hostname |
|
| 83 | 1 | ipaddress |
|
| 84 | 1 | kernel |
|
| 85 | 1 | kernelrelease |
|
| 86 | 1 | operatingsystem |
|
| 87 | 1 | operatingsystemrelease |
|
| 88 | 1 | ps |
|
| 89 | 1 | puppetversion |
|
| 90 | 1 | rubysitedir |
|
| 91 | 1 | rubyversion |
|
| 92 | 1 | sshdsakey |
|
| 93 | 1 | sshrsakey |
|
| 94 | 1 | ||
| 95 | 1 | **Simple Complete Configuration** |
|
| 96 | 1 | ||
| 97 | 1 | The Current [[Complete Configuration]] is very complete, but very |
|
| 98 | 1 | complex. And as far as I can tell, very Debian dependent. It would |
|
| 99 | 1 | be great if there was a somewhat more simple complete configuration |
|
| 100 | 1 | example to see how things fit together for beginners like me. |
|
| 101 | 1 | ||
| 102 | 1 | Ideally there would be a very simple complete configuration that |
|
| 103 | 1 | does more than the current tutorials show (ie do something useful |
|
| 104 | 1 | like set up users or some service and not just show how to create a |
|
| 105 | 1 | file). Then a slightly more complex example that shows how to set |
|
| 106 | 1 | up mysql or apache. |
|
| 107 | 1 | ||
| 108 | 6 | James Turnbull | By Complete Configuration, I would be interested in seeing best |
| 109 | 1 | practices of how to organize the /etc/puppet tree with modules and |
|
| 110 | 1 | classes but not so complex that I can't get it to work without |
|
| 111 | 1 | understanding everything in puppet (like the current [[Complete |
|
| 112 | 1 | Configuration]] uses plugins which is very advanced and doesn't |
|
| 113 | 5 | Stella Aparicio | seem to work out of the box on my Fedora environment) |