وصفات puppet master المستخدمة في معسكر 2013
اذهب إلى التنقل
اذهب إلى البحث
this document should be constantly updated ... , Check history for mile stones
/etc/puppet/manifests/site.pp
#class { 'apt':}
import "nodes"
import "templates"
import "sudo"
filebucket {
main: server => puppet
}
file {
'/tmp/squeak-vm_4.10.2.2614-1ubuntu2_amd64.deb':
ensure => file,
source => "puppet:///modules/adefcamps/squeak-vm_4.10.2.2614-1ubuntu2_amd64.deb",
# unless has to be an executed command :S ... a7a ...
#unless => package['squeak-vm_4.10.2.2614-1ubuntu2_amd64.deb']
}
package {
'squeak-vm_4.10.2.2614-1ubuntu2_amd64.deb':
ensure => present,
provider => dpkg,
source => '/tmp/squeak-vm_4.10.2.2614-1ubuntu2_amd64.deb',
require => file['/tmp/squeak-vm_4.10.2.2614-1ubuntu2_amd64.deb']
}
file {
'/tmp/qstopmotion-1.0.1-Linux.deb':
ensure => file,
source => "puppet:///modules/adefcamps/qstopmotion-1.0.1-Linux.deb"
}
package {
'gstreamer-tools':
ensure => present,
}
package {
'libqt4-core':
ensure => present,
}
package {
'libqt4-gui':
ensure => present,
}
package {
'qstopmotion':
provider => dpkg,
ensure => present,
source => '/tmp/qstopmotion-1.0.1-Linux.deb',
require => [package['gstreamer-tools'],package['libqt4-core'],package['libqt4-gui']]
}
package {
'traceroute':
ensure => present,
}
#exec {
# 'test-test':
# command => "echo test >> /tmp/test",
# path => "/bin"
#}
user {
'adefadmin':
}
user {
'root':
password => '$6$here_goes$someencryptedpassword.',
uid => 0,
comment => 'root',
}
# Caching packages requirement (fist thing to be done)
package {
'squid-deb-proxy-client':
ensure => installed
}
exec {
'apt-get update':
command => "/usr/bin/apt-get update",
subscribe => exec['add-sunab-kdenlive-release-ppa']
}
package {
'squid-deb-proxy':
ensure => purged
}
package {
'squid3':
ensure => purged
}
# START PUPPET REQUIREMENTS
package {
'augeas-tools':
ensure => installed
}
package {
'libaugeas-ruby':
ensure => installed
}
augeas {
'enable-puppet-listen':
context => "/files/etc/puppet/puppet.conf/main",
changes => "set listen true"
}
augeas {
"enable-puppet-agent":
context => "/files/etc/default/puppet",
changes => "set START yes"
}
file {
"/etc/puppet/auth.conf":
content => "path /run
auth yes
allow *
"
}
service {
"puppet":
ensure => running,
subscribe => file["/etc/puppet/auth.conf"]
}
# END PUPPET REQUIREMENTS
# START SESSION SETTINGS ; KEYBOARD LAYOUT
#augeas {
# 'gsettings-system-wide-ar-en-keyboard-layout':
# lens => "Xml.lns",
# incl => "/usr/share/glib-2.0/schemas/org.gnome.libgnomekbd.keyboard.gschema.xml",
# context => "/files/usr/share/glib-2.0/schemas/org.gnome.libgnomekbd.keyboard.gschema.xml",
# changes => "set schemalist/schema/key[2]/default ['ara','us']"
#}
# END SESSION SETTINGS
# START CENTEAL AUTH STUFF
#exec {
# 'add-and-enable-ldap-auth-and-ccreds':
# command => "wget http://arabdigitalexpression.org/adefwiki/images/b/ba/Adef-camps-script-1.txt -O /usr/local/bin/adef-camps-script-1; chmod 544 /usr/local/bin/adef-camps-script-1; /usr/local/bin/adef-camps-script-1",
# path => "/bin:/usr/bin",
# unless => "test -e /usr/local/bin/adef-camps-script-1",
#}
#file {
# '/usr/local/bin/adef-camps-script-1':
# ensure => present,
# source => 'puppet:///modules/adefcamps/adef-camps-script-1'
#}
augeas {
'enable-lightdm-manual-login':
context => "/files/etc/lightdm/lightdm.conf/SeatDefaults",
changes => ["set greeter-show-manual-login true","set allow-guest false"]
}
augeas {
'hide-adefadmin-from-lightdm':
context => "/files/etc/lightdm/users.conf/UserAccounts",
changes => "set hidden-users 'nobody nobody4 noaccess adefadmin'"
}
# setup of nfs access via automount/autofs
package {
'autofs':
ensure => installed
}
package {
'nfs-common':
ensure => installed
}
#file {
# "/etc/auto.adefcamps":
# ensure => file,
# content => "SAN -fstype=nfs 10.0.0.16:/export/SAN"
#}
file {
"/adefcamps":
ensure => directory
}
exec {
'add-adefcamps-automount':
command => "echo '/adefcamps /etc/auto.adefcamps --ghost' | tee -a /etc/auto.master",
path => "/bin/:/usr/bin/",
unless => "grep adefcamps /etc/auto.master"
}
service {
'autofs-service':
name => "autofs",
enable => true,
ensure => running,
require => [package['autofs'],file['/adefcamps']]
}
# END OF AUTOMOUNT SETUP
# START OF AUTOHOME
#package {
# 'autodir':
# ensure => installed,
# #before => service['autodir-service']
#}
#augeas {
# 'configure-autohome-service':
# context => "/files/etc/default/autodir",
# changes => ["set AUTOHOME_HOME /users",'set RUN_AUTOHOME "yes"']
#}
file {
'/users':
ensure => directory;
}
#service {
# 'autodir-service':
# name => "autodir",
# enable => true,
# ensure => running,
# require => [package['autodir'],file['/users']],
# subscribe => augeas['configure-autohome-service']
#}
# END OF AUTOHOME
# START OF IT TRACK SOFTWARE
package {
'scratch':
ensure => installed
}
exec {
'install-processing':
environment => "http_proxy=http://10.0.0.6:8000",
path => "/usr/bin:/bin:",
command => "wget http://download.processing.org/processing-2.0.2-linux64.tgz -O /tmp/processing-2.0.2-linux64.tgz; tar xzf /tmp/processing-2.0.2-linux64.tgz -C /tmp ; mv /tmp/processing-2.0.2/* /usr/local/bin/",
unless => "test -e /usr/local/bin/processing"
}
file {
'processing-deskotp':
ensure => file,
path => "/usr/share/applications/processing.desktop",
source => "puppet:///modules/adefcamps/processing.desktop"
}
# END OF IT TRACK SOFTWARE
# START OF VIDEO SOFTWARE
# START KDENLIVE INSTALL
exec {
'add-sunab-kdenlive-release-ppa':
command => "apt-add-repository -y ppa:sunab/kdenlive-release",
path => "/usr/bin",
unless => "test -e /etc/apt/sources.list.d/sunab-kdenlive-release-raring.list"
}
package {
'kdenlive':
ensure => '0.9.6-0ubuntu0~sunab~raring1',
require => [exec['add-sunab-kdenlive-release-ppa'],exec['apt-get update']]
}
package {
'x264':
ensure => installed
}
package {
'libx264-123':
ensure => installed
}
package {
'libavcodec-extra-53':
ensure => installed
}
#exec {
# 'add-lmms-repo':
# command => "apt-add-repository ppa:dns/sound",
# path => "/usr/bin"
#}
# END KDENLIVE INSTALL
package {
'hydrogen':
ensure => installed
}
package {
'flashplugin-installer':
ensure => installed
}
package {
'pitivi':
ensure => installed
}
package {
'audacity':
ensure => installed
}
file {
'/usr/local/bin/audacity':
ensure => file,
content => "#!/bin/bash
LANGUAGE='en'
/usr/bin/audacity
",
mode => 755
}
package {
'lmms':
ensure => installed
}
package {
'mixxx':
ensure => installed
}
package {
'ardour':
ensure => installed
}
package {
'jack':
ensure => installed
}
package {
'vocproc':
ensure => installed
}
package {
'gimp':
ensure => installed
}
package {
'inkscape':
ensure => installed
}
package {
'pencil':
ensure => installed
}
package {
'stopmotion':
ensure => installed
}
package {
'rosegarden':
ensure => installed
}
package {
'blender':
ensure => installed
}
package {
'winff':
ensure => installed
}
package {
'ubuntu-restricted-extras':
ensure => installed
}
package {
'vlc':
ensure => installed
}
package {
'soundconverter':
ensure => installed
}
package {
'synfigstudio':
ensure => installed
}
package {
'fonts-arabeyes':
ensure => installed
}
package {
'fonts-hosny-amiri':
ensure => installed
}
package {
'fonts-hosny-thabit':
ensure => installed
}
package {
'k3b':
ensure => installed
}
package {
'openshot':
ensure => installed
}
# other useful tools:
package {
'comix':
ensure => installed
}
package {
'playonlinux':
ensure => installed
}
package {
'gcstar':
ensure => installed
}
package {
'desktop-webmail':
ensure => installed
}
#package {
# 'skype':
# ensure => installed
#}
#package {
# 'jitsi':
# ensure => installed
#}
package {
'guvcview':
ensure => installed
}
package {
'vnc4server':
ensure => installed
}
package {
'cowsay':
ensure => installed
}
package {
'filezilla':
ensure => installed
}
/etc/puppet/manifests/nodes.pp
node default {
include baseclass
}
node 'basenode' {
# include baseclass
include digitalinstallation
include arabic
include autodir::autodir-camps-default
include adefcamps::adefcampssetup
#include default
}
node 'lab3-pc8.adefcamps.org' inherits basenode {
}
#node default {
# include squid-deb-proxy-client
#include add-lmms-repo
# include autofs
#include autofs-service
#include /adefcamps
#include kdenlive
#include soundconverter
#include vlc
#include openshot
#include pitivi
#include audacity
#include lmms
#include mixxx
#include ardour
#include jack
#include vocproc
#include hydrogen
# include gimp
#include inkscape
#include pencil
#include stopmotion
#include rosegarden
##include blender
#include soundconverter
#include winff
#include hydrogen
#include ubuntu-restricted-extras
#include vlc
#include soundconverter
#include synfigstudio
#include fonts-arabeyes
#include fonts-hosny-amiri
#include fonts-hosni-thabit
#include k3b
#}
node 'cmpsrvlinpuppetmasterclient01v.adefcamps.org' {
include squid-deb-proxy-client
#include add-lmms-repo
include kdenlive
include soundconverter
include vlc
}
node 'labn-pcm.adefcamps.org' {
include squid-deb-proxy-client
#include add-lmms-repo
include kdenlive
include soundconverter
include vlc
include openshot
include pitivi
include audacity
include lmms
include mixxx
include ardour
include jack
include vocproc
include hydrogen
include gimp
include inkscape
include pencil
include stopmotion
include rosegarden
include blender
include soundconverter
include winff
include hydrogen
include ubuntu-restricted-extras
include vlc
include soundconverter
include synfigstudio
include fonts-arabeyes
include fonts-hosny-amiri
include fonts-hosni-thabit
include k3b
}
node 'lab1-pc1' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc2' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc3' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc4' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc5' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc6' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc7' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc8' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc9' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc10' inherits basenode {
include add-nfs-on-20
}
node 'lab1-pc11' inherits basenode {
include add-nfs-on-20
include digitalinstallation
}
node 'lab1-pc12' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc1' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc2' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc3' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc4' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc5' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc6' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc7' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc8' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc9' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc10' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc11' inherits basenode {
include add-nfs-on-20
}
node 'lab2-pc12' inherits basenode {
include add-nfs-on-20
}
node 'lab3-pc1' inherits basenode {
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc2' inherits basenode {
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc3' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc4' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc5' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc6' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc7' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc8' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc9' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc10' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc11' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
node 'lab3-pc12' inherits basenode {
include add-gnome-shell
include add-nfs-on-20
include digitalinstallation
}
=== /etc/puppetmanifests/templates.pp ==
class baseclass {
include adefcamps::adefcampssetup
include add-nfs-on-20
}
#node default {
# include baseclass
#}
class add-nfs-on-20 {
file {
'add-nfs-on-20-file':
path => "/etc/auto.adefcamps",
content => "SAN -fstype=nfs 10.0.0.20:/export/"
}
exec {
'restart-autofs':
path => "/bin",
command => "/etc/init.d/autofs restart",
subscribe => file['add-nfs-on-20-file'],
unless => 'grep 10.0.0.20 /etc/auto.adefcamps'
}
}
class add-gnome-shell {
package {
'gnome-shell':
ensure => present,
}
}
/etc/puppet/modules/arabic/
manifests/init.pp
class arabic {
package {
'language-pack-ar':
ensure=> present
}
package {
'language-pack-gnome-ar':
ensure=> present
}
package { 'language-pack-ar-base':
ensure=> present
}
package { 'language-pack-gnome-ar-base':
ensure=> present
}
file {
"/etc/default/locale":
ensure => present,
source => "puppet:///modules/arabic/locale"
}
}
files/locale
LANG="ar_EG.UTF-8" LANGUAGE="ar:en_US:en" LC_NUMERIC="en_US.UTF-8" LC_TIME="en_US.UTF-8" LC_MONETARY="en_US.UTF-8" LC_PAPER="en_US.UTF-8" LC_IDENTIFICATION="en_US.UTF-8" LC_NAME="en_US.UTF-8" LC_ADDRESS="en_US.UTF-8" LC_TELEPHONE="en_US.UTF-8" LC_MEASUREMENT="en_US.UTF-8"
/etc/puppet/modules/autodir/
Note: Seems using autodir is a not as clean as it seems, try looking at pam_mkhomedir
manifests/init.pp
class autodir {
}
class autodir::autodir-camps-default inherits autodir {
package {
'autodir':
ensure => installed,
require => file['/etc/default/autodir']
#before => service['autodir-service']
}
file {
'/etc/default/autodir':
ensure => file,
source => "puppet:///modules/autodir/autodir.dpkg-dist"
}
augeas {
'configure-autodir-service':
context => "/files/etc/default/autodir",
changes => ["set AUTOHOME_HOME /users",'set RUN_AUTOHOME "yes"'],
require => file['/etc/default/autodir'],
subscribe => augeas['configure-autodir-service']
}
service {
'autodir-service':
name => "autodir",
enable => true,
ensure => running,
require => [package['autodir'],file['/users'],augeas['configure-autodir-service']],
subscribe => augeas['configure-autodir-service']
}
}
files/autodir.dpkg-dist
# Defaults for autodir initscript sourced by /etc/init.d/autodir # installed at /etc/default/autodir by the maintainer scripts # Master system-wide autodir switches. The initscript # will not run one or both if they are not set to yes. RUN_AUTOHOME="yes" RUN_AUTOGROUP="no" # Where (virtual) home/group directories are supposed to be? # Visible to applications AUTOHOME_HOME=/users AUTOGROUP_HOME=/group # How long to wait in seconds # before it is assumed home directory # is inactive and unmounted. # # Servers like IMAP/POP access home directories every 10min # in most configurations -- client side default mail check duraion. # Therefore it is beter to make it 11min in this situation. # # If your site has different requirements, change according to that. AUTOHOME_TIMEOUT=660 # How long to wait in seconds # before it is assumed home directory # is inactive and unmounted. AUTOGROUP_TIMEOUT=300 # Authome module paths AUTOHOME_MODULE="/usr/lib/autodir/autohome.so" AUTOGROUP_MODULE="/usr/lib/autodir/autogroup.so" # realpath => path where real home directories should reside # level => Default value is ok for almost all sites. See Autodir-HOWTO. # skel => Location of skel files. absolute path is expected # noskel => Don not copy skel files to home directories AUTOHOME_OPTIONS="realpath=/autohome,level=2,skel=/etc/skel" # realpath => path where real group directories should reside. # level => Default value is ok for almost all sites. See Autodir-HOWTO. # nosetgid => Default is to setgid the group directory created. # nopriv => Default is to create group directory for every kind of group. # If your site has user private groups and you dont want # group directories created for these, use this option. AUTOGROUP_OPTIONS="realpath=/autogroup,level=2" # If you desire backup feature and you know what this feature is, then uncomment it! # Full path to program as well as arguments. # %x characters are replaced with appropriate values. # Following is just example. Do not use it as is! # See Autodir-HOWTO for further info. #AUTOHOME_BACKUP="'/bin/tar cf /tmp/%N.tar.gz %L'" #AUTOGROUP_BACKUP="'/bin/tar cf /tmp/%N.tar.gz %L'" # How long to wait after a home directory is unmounted # to start backup. Value expected in seconds and can not exceed one day. #AUTOHOME_BACKWAIT=600 #AUTOGROUP_BACKWAIT=600 # Backup priority. 1 to 40 inclusive. Smaller value means higher priority. #AUTOHOME_BACKPRI=30 #AUTOGROUP_BACKPRI=30 # Max backup program execusions not to exceed at any given time. #AUTOHOME_MAXBACK=150 #AUTOGROUP_MAXBACK=150
/etc/puppet/modules/adefcamps/
manifests/init.pp
class adefcamps{
}
class adefcamps::setupldapclient inherits adefcamps {
file {
"/tmp/adef-camps-script-2":
source => "puppet:///modules/adefcamps/adef-camps-script-2",
group => "root",
owner => "root",
mode => "0544"
}
# exec {
# "/usr/local/bin/adef-camps-script-2":
# command => "mv /tmp/adef-camps-script-2 /usr/local/bin/adef-camps-script-2 ; /usr/local/bin/adef-camps-script-2",
# path => "/usr/local/bin:/usr/bin:/bin",
# subscribe => file['/tmp/adef-camps-script-2'],
# unless => "test -e /usr/local/bin/adef-camps-script-2"
# }
file {
"/var/cache/debconf/ldap-auth-config.preseed":
source => 'puppet:///modules/adefcamps/ldap-auth-config'; # someplace with that output
}
package { 'ldap-auth-config':
ensure => 'present',
require => File["/var/cache/debconf/ldap-auth-config.preseed"],
responsefile => "/var/cache/debconf/ldap-auth-config.preseed"
}
package { 'auth-client-config':
ensure => 'present',
require => File["/var/cache/debconf/ldap-auth-config.preseed"],
responsefile => "/var/cache/debconf/ldap-auth-config.preseed"
}
package { 'ldap-auth-client':
ensure => 'present',
require => File["/var/cache/debconf/ldap-auth-config.preseed"],
responsefile => "/var/cache/debconf/ldap-auth-config.preseed"
}
package { 'libnss-ldap':
ensure => 'present',
require => File["/var/cache/debconf/ldap-auth-config.preseed"],
responsefile => "/var/cache/debconf/ldap-auth-config.preseed"
}
package { 'libpam-ldap':
ensure => 'present',
require => File["/var/cache/debconf/ldap-auth-config.preseed"],
responsefile => "/var/cache/debconf/ldap-auth-config.preseed"
}
package { 'nscd':
ensure => 'present',
}
package { 'nss-updatedb':
ensure => 'present',
}
package { 'libnss-db':
ensure => 'present',
}
package { 'libpam-ccreds':
ensure => 'present',
}
# Not sure we need this, if we use ccreds, this will revert to non-ccreds ... i guess ! ... i guess we need it because of the sequence of events !! (start ldap auth properly, then do the ccreds thing!
exec {
'auth-client-config_lac_ldap':
command => "auth-client-config -t nss -p lac_ldap",
path => "/usr/sbin",
require => package['ldap-auth-config']
}
exec {
'pam-auth-add-ldap':
command => 'pam-auth-update --package ldap',
environment =>"DEBIAN_FRONTEND=noninteractive",
path => '/usr/sbin',
require => package['ldap-auth-config']
}
exec {
'restart-nscd':
command => "/etc/init.d/nscd restart",
}
}
class adefcamps::setupldapclientwithccreds inherits adefcamps::setupldapclient {
file {
'/usr/share/pam-configs/ldap-with-ccreds':
ensure => 'file',
source => "puppet:///modules/adefcamps/ldap-with-ccreds"
}
exec {
'pam-auth-add-ldap-ccreds-remove-ldap':
command => 'pam-auth-update --package ldap-ccreds --package --remove ldap',
environment =>"DEBIAN_FRONTEND=noninteractive",
path => '/usr/sbin',
require => file['/usr/share/pam-configs/ldap-with-ccreds']
}
file {
'/etc/cron.daily/upd-local-nss-db':
ensure => 'file',
mode => "755",
source => "puppet:///modules/adefcamps/upd-local-nss-db"
}
exec {
'update-local-nss-db':
command => "/etc/cron.daily/upd-local-nss-db",
#require => [file['/etc/cron.daily/upd-local-nss-db'],exec['/usr/local/bin/adef-camps-script-2'],exec['pam-auth-add-ldap-ccreds-remove-ldap']]
require => [file['/etc/cron.daily/upd-local-nss-db'],exec['pam-auth-add-ldap-ccreds-remove-ldap']]
}
file {
'/etc/auth-client-config/profile.d/ldap-ccreds-auth-config':
ensure => "file",
mode => "644",
source => "puppet:///modules/adefcamps/ldap-ccreds-auth-config"
}
exec {
'auth-client-config_lac_ldap_ccreds':
command => "auth-client-config -t nss -p lac_ldap_ccreds",
path => "/usr/sbin"
}
augeas {
'ldap-ccreds-params':
context => "/files/etc/ldap.conf",
changes => ["set bind_timelimit 1","set bind_policy soft","set nss_reconnect_tries 1","set nss_reconnect_sleeptime 1","set nss_reconnect_maxsleeptime 3","set nss_reconnect_maxconntries 2"],
#requires => package[]
}
}
#class adefcamps::adefcampssetup inherits adefcamps::setupldapclient {
class adefcamps::adefcampssetup inherits adefcamps::setupldapclientwithccreds {
file {
"/tmp/adef-camps-script-1":
source => "puppet:///modules/adefcamps/adef-camps-script-1",
group => "root",
owner => "root",
mode => "0544"
}
file {
"/etc/profile":
source => "puppet:///modules/adefcamps/profile",
group => "root",
owner => "root",
mode => "0644"
}
#exec {
# "/usr/local/bin/adef-camps-script-1":
# command => "mv /tmp/adef-camps-script-1 /usr/local/bin/adef-camps-script-1 ; /usr/local/bin/adef-camps-script-1",
# path => "/usr/local/bin:/usr/bin:/bin",
# subscribe => file['/tmp/adef-camps-script-1'],
# #unless => "test -e /usr/local/bin/adef-camps-script-1"
#}
}
files/adef-camps-script-1
#!/bin/bash (cat <<EOF ldap-auth-config ldap-auth-config/bindpw password ldap-auth-config ldap-auth-config/rootbindpw password ldap-auth-config ldap-auth-config/binddn string cn=proxyuser,dc=example,dc=net libpam-runtime libpam-runtime/profiles multiselect unix, winbind, ldap, xdg-support, gnome-keyring, consolekit, capability ldap-auth-config ldap-auth-config/dbrootlogin boolean true ldap-auth-config ldap-auth-config/rootbinddn string cn=adefadmin,dc=adefcamps,dc=org ldap-auth-config ldap-auth-config/pam_password select md5 ldap-auth-config ldap-auth-config/move-to-debconf boolean true ldap-auth-config ldap-auth-config/ldapns/ldap-server string ldap://10.0.0.4 ldap-auth-config ldap-auth-config/ldapns/base-dn string dc=adefcamps,dc=org ldap-auth-config ldap-auth-config/override boolean true ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3 ldap-auth-config ldap-auth-config/dblogin boolean false EOF )| sudo debconf-set-selections sudo apt-get install auth-client-config ldap-auth-client ldap-auth-config #libnss-ldap libpam-ldap nscd #sudo apt-get install nss-updatedb libnss-db libpam-ccreds sudo auth-client-config -t nss -p lac_ldap sudo /etc/init.d/nscd restart sudo wget https://launchpadlibrarian.net/147602103/ldap-with-ccreds -O /usr/share/pam-configs/ldap-with-ccreds sudo pam-auth-update --package --remove ldap echo '#!/bin/sh' | sudo tee /etc/cron.daily/upd-local-nss-db echo '/usr/sbin/nss_updatedb ldap' | sudo tee -a /etc/cron.daily/upd-local-nss-db sudo chmod +x /etc/cron.daily/upd-local-nss-db /etc/cron.daily/upd-local-nss-db wget http://arabdigitalexpression.org/adefwiki/images/c/cf/Ldap-ccreds-auth-config.txt -O /etc/auth-client-config/profile.d/ldap-ccreds-auth-config sudo auth-client-config -t nss -p lac_ldap_ccreds
files/adef-camps-script-2
#!/bin/bash (cat <<EOF ldap-auth-config ldap-auth-config/bindpw password ldap-auth-config ldap-auth-config/rootbindpw password ldap-auth-config ldap-auth-config/binddn string cn=proxyuser,dc=example,dc=net ldap-auth-config ldap-auth-config/dbrootlogin boolean true ldap-auth-config ldap-auth-config/rootbinddn string cn=adefadmin,dc=adefcamps,dc=org ldap-auth-config ldap-auth-config/pam_password select md5 ldap-auth-config ldap-auth-config/move-to-debconf boolean true ldap-auth-config ldap-auth-config/ldapns/ldap-server string ldap://10.0.0.4 ldap-auth-config ldap-auth-config/ldapns/base-dn string dc=adefcamps,dc=org ldap-auth-config ldap-auth-config/override boolean true ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3 ldap-auth-config ldap-auth-config/dblogin boolean false EOF )| sudo debconf-set-selections sudo apt-get install auth-client-config ldap-auth-client ldap-auth-config #libnss-ldap libpam-ldap nscd #sudo apt-get install nss-updatedb libnss-db libpam-ccreds #sudo auth-client-config -t nss -p lac_ldap # #sudo /etc/init.d/nscd restart # #sudo wget https://launchpadlibrarian.net/147602103/ldap-with-ccreds -O /usr/share/pam-configs/ldap-with-ccreds # #sudo pam-auth-update --package --remove ldap # #echo '#!/bin/sh' | sudo tee /etc/cron.daily/upd-local-nss-db #echo '/usr/sbin/nss_updatedb ldap' | sudo tee -a /etc/cron.daily/upd-local-nss-db #sudo chmod +x /etc/cron.daily/upd-local-nss-db # #/etc/cron.daily/upd-local-nss-db # #wget http://arabdigitalexpression.org/adefwiki/images/c/cf/Ldap-ccreds-auth-config.txt -O /etc/auth-client-config/profile.d/ldap-ccreds-auth-config # #sudo auth-client-config -t nss -p lac_ldap_ccreds #
ldap-auth-config
YOU NEED TO CHANGE ldap-server string and rootbindpw password AT LEAST
ldap-auth-config ldap-auth-config/move-to-debconf boolean true ldap-auth-config ldap-auth-config/ldapns/ldap-server string ldap://server_ip_goes_here ldap-auth-config ldap-auth-config/ldapns/base-dn string dc=adefcamps,dc=org ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3 ldap-auth-config ldap-auth-config/dbrootlogin boolean true ldap-auth-config ldap-auth-config/dblogin boolean true ldap-auth-config ldap-auth-config/rootbinddn string cn=adefadmin,dc=adefcamps,dc=org ldap-auth-config ldap-auth-config/rootbindpw password PASSWORD_GOES_HERE ldap-auth-config ldap-auth-config/override boolean true ldap-auth-config ldap-auth-config/binddn string cn=proxyuser,dc=example,dc=net ldap-auth-config ldap-auth-config/bindpw password ldap-auth-config ldap-auth-config/pam_password select md5
ldap-ccreds-auth-config
# # Clients should be able to authenticate with this profile if following # Network Authentication in the Ubuntu Server guide. Please note that # these settings are not suitable for sometimes disconnected (eg laptop) # systems. The example is taken from LDAPClientAuthentication at: # https://help.ubuntu.com/community/LDAPClientAuthentication # [lac_ldap_ccreds] nss_passwd=passwd: files ldap[NOTFOUND=return] db nss_group=group: files ldap[NOTFOUND=return] db nss_shadow=shadow: files ldap nss_netgroup=netgroup: nis
ldap-with-ccreds
Name: LDAP Authentication that falls back to success if creds unavailable Default: yes Priority: 132 Conflicts: ldap Auth-Type: Primary Auth-Initial: [success=end default=ignore] pam_ldap.so Auth: [success=end default=ignore] pam_ldap.so use_first_pass Account-Type: Primary Account: [success=end authinfo_unavail=1 default=ignore] pam_ldap.so Password-Type: Primary Password-Initial: [success=end user_unknown=ignore default=die] pam_ldap.so Password: [success=end user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass Session-Type: Additional Session: optional pam_ldap.so
processing.desktop
[Desktop Entry] Name=Processing GenericName=Processing GenericName[ar]=بروسيسنج Comment=Processing programming language and development environment! Icon=/usr/local/bin/lib/icons/pde-512.png Exec=processing Terminal=false Type=Application Categories=Development;Software Development;Programming; MimeType=application/processing-project;
profile
#!/bin/sh
/usr/sbin/nss_updatedb ldap
adefadmin@cmpsrvlinpuppetmaster01v:/etc/puppet/modules/adefcamps/files$ ^C
adefadmin@cmpsrvlinpuppetmaster01v:/etc/puppet/modules/adefcamps/files$ cat profile
# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
if [ "$PS1" ]; then
if [ "$BASH" ] && [ "$BASH" != "/bin/sh" ]; then
# The file bash.bashrc already sets the default PS1.
# PS1='\h:\w\$ '
if [ -f /etc/bash.bashrc ]; then
. /etc/bash.bashrc
fi
else
if [ "`id -u`" -eq 0 ]; then
PS1='# '
else
PS1='$ '
fi
fi
fi
# The default umask is now handled by pam_umask.
# See pam_umask(8) and /etc/login.defs.
if [ -d /etc/profile.d ]; then
for i in /etc/profile.d/*.sh; do
if [ -r $i ]; then
. $i
fi
done
unset i
fi
ln -f -T -s /adefcamps/SAN/Share ~Share
ln -T -s /adefcamps/SAN/Users/$USER/Music ~/Music
ln -T -s /adefcamps/SAN/Users/$USER/Downloads ~/Downloads
ln -T -s /adefcamps/SAN/Users/$USER/Documents ~/Documents
ln -T -s /adefcamps/SAN/Users/$USER/Pictures ~/Pictures
ln -T -s /adefcamps/SAN/Users/$USER/Videos ~/Videos
mkdir ~/Local
ln -T -s ~/Local ~/محلي
ln -T -s ~/Downloads ~/التنزيلات
ln -T -s ~/Documents ~/مستندات
ln -T -s ~/Music ~/موسيقى
ln -T -s ~/Pictures ~/صور
ln -T -s ~/Videos ~/فيديو
upd-local-nss-db
#!/bin/sh /usr/sbin/nss_updatedb ldap