Differences

This shows you the differences between two versions of the page.

--- puppet [2017/03/28 14:19]
k2patel
+++ puppet [2017/03/28 14:47]
k2patel [Puppet hiera literal %]
@@ Line 1: / Line 1: @@
+====== Puppet (data center automation and configuration management framework) ======
+==== Puppet YUM Repository ====
+<code bash | /etc/yum.repos.d/puppet-el.repo>
+[Puppet_EL_Repo]
+name=Puppet Enterprise Linux
+baseurl=http://yum.puppetlabs.com/el/6/products/x86_64/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-Key-Puppet
+[Puppet_EL_dependancies]
+name=Puppet Enterprise Dependencies
+baseurl=http://yum.puppetlabs.com/el/6/dependencies/x86_64/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-Key-Puppet
+</code>
+=== Get key file using following command ===
+<code bash>
+wget -O /etc/pki/rpm-gpg/RPM-GPG-Key-Puppet "http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs"
+</code>
+==== Purgin Puppet report ====
+In order to purge report i use this line in my cron or logrotate.
+<code bash>
+cd /var/lib/puppet/reports && find . -type f -name \*.yaml -mtime +12 -print0 | xargs -0 -n50 /bin/rm -f
+</code>
+Which purges all log older then 12 days.
+==== Variables in node / site maniefest ====
+<code ruby>
+$testdomain = $domain
+$testsub = split($testdomain, '[.]')
+$dr = $testsub[1]
+</code>
+==== Checking Hiera Value ====
+**Trying to lookup vhostip value**
+Using puppet command
+<code bash>
+puppet apply --environment=test -e "notice(hiera(vhostip))"
+</code>
+Using hiera command
+<code bash>
+hiera -c /opt/puppet/hiera.yaml vhostip environment=test
+</code>
+==== checking syntax on template ====
+<code rbuy>
+erb -P -x -T '-' mytemplate.erb | ruby -c
+</code>
+==== Puppet hiera literal % ====
+Only supported in hiera 2+
+<code bash>
+        rewrites:
+            -
+                comment: 'Redirect non https domain to vhost'
+                rewrite_cond:
+                    - "%{literal('%')}{HTTPS} off"
+                rewrite_rule:
+                    - "(.*) https://%{literal('%')}{HTTP_HOST}%{literal('%')}{REQUEST_URI} [L,R=302]"
+</code>
+==== Puppet - Hiera - Apache - create resource example ====
+===== Value in Hiera with yaml backend =====
+<code yaml>
+vhosts:
+    test.k2patel.in:
+        servername: 'test.k2patel.in'
+        serveraliases:
+            - 'pingtest.k2patel.in'
+        docroot: '/var/www/vhosts/test.k2patel.in/html'
+        manage_docroot: false
+        port: 80
+        priority: 0
+        docroot_owner: 'web'
+        docroot_group: 'web'
+        access_log_file: 'test.k2patel.in-access.log'
+        default_vhost: true
+        ensure: 'present'
+        error_log_file: 'test.k2patel.in-error.log'
+        log_level: 'warn'
+        aliases:
+            -
+                scriptalias: '/cgi-bin'
+                path: '/var/www/vhosts/test.k2patel.in/cgi-bin'
+        rewrites:
+            -
+                comment: 'Redirect non https domain to vhost'
+                rewrite_cond:
+                    - "%{literal('%')}{HTTPS} off"
+                rewrite_rule:
+                    - "(.*) https://%{literal('%')}{HTTP_HOST}%{literal('%')}{REQUEST_URI} [L,R=302]"
+    test.k2patel.in_ssl:
+        servername: 'test.k2patel.in'
+        serveraliases:
+            - 'pingtest.k2patel.in'
+        docroot: '/var/www/vhosts/test.k2patel.in/html'
+        manage_docroot: false
+        port: 443
+        priority: 0
+        docroot_owner: 'web'
+        docroot_group: 'web'
+        access_log_file: 'test.k2patel.in_ssl-access.log'
+        default_vhost: true
+        ensure: 'present'
+        error_log_file: 'test.k2patel.in_ssl-error.log'
+        log_level: 'warn'
+        aliases:
+            -
+                alias: '/cgi-bin'
+                path: '/var/www/vhosts/test.k2patel.in/cgi-bin/'
+            -
+                alias: '/pingset'
+                path: '/data/pingset/'
+            -
+                alias: '/whileset'
+                path: '/milker/swingset/'
+        ssl: true
+        ssl_cert: '/etc/pki/tls/certs/k2patel.in.cert'
+        ssl_key: '/etc/pki/tls/private/k2patel.in.key'
+        ssl_ca: '/etc/pki/tls/certs/k2patel.in.ca'
+        ssl_certs_dir: '/etc/pki/tls/certs'
+        directories:
+            -
+                path: '/var/www/vhosts/test.k2patel.in/cgi-bin/'
+                options:
+                    - 'ExecCGI'
+                    - 'FollowSymlinks'
+                    - 'MultiViews'
+                require:
+                    - 'all granted'
+                addhandlers:
+                    -
+                        handler: 'cgi-script'
+                        extensions:
+                            - '.cgi'
+                            - '.pl'
+                            - '.p'
+                            - '.perl'
+                            - '.sh'
+                            - '.php'
+            -
+                path: '/var/www/vhosts/test.k2patel.in/html'
+                options:
+                    - '+Includes'
+                require:
+                    - 'all granted'
+                allow_override: 'All'
+                addhandlers:
+                    -
+                        handler: 'server-parsed'
+                        extensions:
+                            - '.shtml'
+                            - '.html'
+                custom_fragment: |
+                    XBitHack On
+                        AddType application/vnd.google-earth.kml+xml .kml
+            -
+                path: '/data/pingset/'
+                directoryindex: 'index.html index.cgi index.pl index.php'
+                override:
+                    - 'None'
+                options:
+                    - '+Indexes'
+                    - '-ExecCGI'
+                    - '-Includes'
+                    - '-FollowSymLinks'
+                require:
+                    - 'all granted'
+                allow_override: 'All'
+                custom_fragment: |
+                    IndexOptions FancyIndexing
+                        IndexIgnoreReset ON
+                        IndexIgnore .??* *~ *#
+                        SetHandler none
+                        aDDhANDLEr cgi-script .cgi .plg engine off
+                        RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo .html .htmls .txt .perl .sh .p .HTML .p .perl .shaDDhANDLEr cgi-script .cgi .pl .p .perl .sh
+            -
+                path: '/milker/swingset/'
+                directoryindex: 'index.html index.cgi index.pl index.php'
+                override:
+                    - 'None'
+                options:
+                    - '+Indexes'
+                    - '-ExecCGI'
+                    - '-Includes'
+                    - '-FollowSymLinks'
+                require:
+                    - 'all granted'
+                allow_override: 'All'
+                custom_fragment: |
+                    IndexOptions FancyIndexing
+                        IndexIgnoreReset ON
+                        IndexIgnore .??* *~ *#
+                        SetHandler none
+                        aDDhANDLEr cgi-script .cgi .plg engine off
+                        RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo .html .htmls .txt .perl .sh .p .HTML .p .perl .shaDDhANDLEr cgi-script .cgi .pl .p .perl .sh
+</code>
+===== Value in manifests =====
+<code ruby>
+$myApacheVhost = hiera('vhosts', {})
+class { 'apache':
+      default_mods        => false,
+      default_confd_files => false,
+      mpm_module          => 'prefork',
+      purge_configs       => true,
+      server_signature    => 'Off',
+      service_ensure      => 'running',
+      default_vhost       => false,
+      manage_user         => false,
+      manage_group        => false,
+      user                => 'web',
+      group               => 'web',
+      server_tokens       => 'prod',
+   }
+   class { '::apache::mod::deflate':
+     types => [ 'text/html text/plain text/xml', 'text/css', 'application/x-javascript application/javascript application/ecmascript', 'application/rss+xml', 'application/json', 'application/vnd.geo+json' ],
+        notes => {
+           'Input'  => 'instream',
+           'Output' => 'outstrem',
+           'Ratio'  => 'ratio',
+        },
+   }
+   class { '::apache::mod::php':
+      package_name => "php56u",
+      path         => "${::apache::params::lib_path}/libphp5.so"
+   }
+   class { '::apache::mod::ssl':
+       ssl_compression         => false,
+       ssl_cryptodevice        => 'builtin',
+       ssl_options             => [ 'StdEnvVars' ],
+       ssl_openssl_conf_cmd    => undef,
+       ssl_honorcipherorder    => 'On',
+       ssl_cipher              => 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS',
+       ssl_pass_phrase_dialog  => 'builtin',
+       ssl_random_seed_bytes   => '1024',
+       ssl_sessioncachetimeout => '300',
+       ssl_protocol            => [ 'all', '-SSLv3', '-SSLv2'],
+    }
+   class { '::apache::mod::negotiation':
+      force_language_priority => 'Prefer',
+      language_priority       => [ 'en', 'es', 'ca', 'cs', 'da', 'de', 'el', 'eo' ],
+   }
+   class { 'apache::mod::alias':
+      icons_options => 'None',
+   }
+   apache::mod { 'actions' : }
+   apache::mod { 'cgi' :}
+   apache::mod { 'headers' :}
+   apache::mod { 'include' :}
+   apache::mod { 'perl' :}
+   apache::mod { 'suphp' :}
+   apache::mod { 'mime_magic' :}
+   apache::mod { 'auth_basic' :}
+   apache::mod { 'setenvif' :}
+   apache::mod { 'autoindex' :}
+   apache::namevirtualhost { '80' :}
+   apache::namevirtualhost { '443' :}
+create_resources('apache::vhost', $myApacheVhost)
+</code>
+==== External Links ====
+[[ https://docs.puppet.com/puppet/latest/reference/lang_template.html#referencing-variables | Variable Referencing ]]
+[[ https://docs.puppet.com/puppet/latest/reference/function.html | Function Reference ]]
+[[ https://groups.google.com/group/puppet-users/browse_thread/thread/e56e0f678a134089 | Incremental Number ]]

Daily *Nix

User Tools

Site Tools

Differences

Page Tools