diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index db16f01c..154f8565 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -1,4 +1,8 @@ -# Describe your issue +# Your tp request + +Application to manage (new or to fix): +Operating System(s) to support: +Installation Method(s): ## Labels @@ -7,10 +11,3 @@ Please use the following labels: * **tinydata request** for any request for new or updated tinydata for an application * **questions** for any error you find, doubt or clarification request -## Context - -Please provide any info useful for troubleshooting, like: - -1. Output of `facter -p` on the failing node (at least the OS related facts) -2. Version of Puppet and of the module -3. The relevant Puppet code and eventually Hiera data diff --git a/.rspec b/.rspec index 16f9cdb0..5f164763 100644 --- a/.rspec +++ b/.rspec @@ -1,2 +1,2 @@ --color ---format documentation +--format progress diff --git a/data/apm-server/osfamily/RedHat9.yaml b/data/apm-server/osfamily/RedHat9.yaml index e73b9caa..d12b337f 100644 --- a/data/apm-server/osfamily/RedHat9.yaml +++ b/data/apm-server/osfamily/RedHat9.yaml @@ -1,11 +1,11 @@ --- -# Workaround for GPG-KEY in SHA1 https://github.com/elastic/elasticsearch/issues/85876 +# Workaround for GPG-KEY in SHA1 https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9 apm-server::settings: exec_prerequisites: allow_sha1: command: '/usr/bin/update-crypto-policies --set DEFAULT:SHA1' - unless: 'rpm -qi apm-server' + unless: 'dnf info apm-server' exec_postinstall: disallow_sha1: command: '/usr/bin/update-crypto-policies --set DEFAULT' - unless: 'rpm -qi apm-server' + onlyif: '/usr/bin/update-crypto-policies --show | grep SHA1' diff --git a/data/auditbeat/osfamily/RedHat9.yaml b/data/auditbeat/osfamily/RedHat9.yaml index 1560e4f7..26191d31 100644 --- a/data/auditbeat/osfamily/RedHat9.yaml +++ b/data/auditbeat/osfamily/RedHat9.yaml @@ -1,11 +1,11 @@ --- -# Workaround for GPG-KEY in SHA1 https://github.com/elastic/elasticsearch/issues/85876 +# Workaround for GPG-KEY in SHA1 https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9 auditbeat::settings: exec_prerequisites: allow_sha1: command: '/usr/bin/update-crypto-policies --set DEFAULT:SHA1' - unless: 'rpm -qi auditbeat' + unless: 'dnf info auditbeat' exec_postinstall: disallow_sha1: command: '/usr/bin/update-crypto-policies --set DEFAULT' - unless: 'rpm -qi auditbeat' + onlyif: '/usr/bin/update-crypto-policies --show | grep SHA1' diff --git a/data/blender/default.yaml b/data/blender/default.yaml new file mode 100644 index 00000000..51e47a8f --- /dev/null +++ b/data/blender/default.yaml @@ -0,0 +1,72 @@ +--- +blender::settings: + tp_prerequisites: {} + + urls: + website: 'https://blender.org' + support: 'https://www.blender.org/support/' + documentation: 'https://www.blender.org/get-involved/documentation/' + source: 'https://github.com/blender/blender' + description: 'Blender is the free and open source 3D creation suite' + + # Configured: +package -source -release +image + install_method: 'release' + + packages: + main: + name: blender + ensure: present + source: ~ + install_options: [] + params: {} + providers: + chocolatey: + name: blender + scoop: + name: blender + winget: + name: BlenderFoundation.Blender + + files: + config: + path: /usr/share/blender/$MAJVERSION/ + format: 'inifile_with_stanzas' + + dirs: + home: + path: '/usr/share/blender/qON/' + + user_files: + config: + path: '$HOME/.config/blender/$MAJVERSION/' + + user_dirs: + config: + path: '$HOME/.config/blender/$MAJVERSION/' + + info_commands: + list: 'blender list' + debug_commands: + debug: 'blender debug' + test_commands: + status: 'blender status' + version_command: 'blender version' + help_command: 'blender help' + run_commands: + start: + command: 'blender start' + release: + latest_version: '3.4.1' + latest_version_major: '3.4' + destination: /usr/share/blender + base_url: 'https://mirrors.dotsrc.org/blender/release/Blender$MAJVERSION/' + # Official base url has a intermediate page. A specific mirrot is used instead. + # base_url: 'https://www.blender.org/download/release/Blender$MAJVERSION/blender-$VERSION-$OS-$ARCH' + file_name: 'blender-$VERSION-$OS-x64.tar.xz' + extracted_dir: 'blender-$VERSION-$OS-x64' + file_format: xz + extract_dir: '/usr/share/blender' + setup: + enable: true + links: + '/usr/local/bin/blender': '/usr/share/blender/blender-$VERSION-$OS-x64/blender' diff --git a/data/blender/hiera.yaml b/data/blender/hiera.yaml new file mode 100644 index 00000000..b2a2fa6a --- /dev/null +++ b/data/blender/hiera.yaml @@ -0,0 +1,15 @@ +--- +:hierarchy: + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}" + - "%{title}/%{repo}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/osfamily/%{osfamily}" + - "%{title}/%{repo}/default" + - "%{title}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/operatingsystem/%{operatingsystem}" + - "%{title}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/osfamily/%{osfamily}" + - "%{title}/default" + - "default/%{operatingsystem}%{operatingsystemmajrelease}" + - "default/%{operatingsystem}" + - default diff --git a/data/blender/osfamily/Darwin.yaml b/data/blender/osfamily/Darwin.yaml new file mode 100644 index 00000000..0d94cd8f --- /dev/null +++ b/data/blender/osfamily/Darwin.yaml @@ -0,0 +1,8 @@ +--- +blender::settings: + brew_package_name: 'blender' + package_provider: 'appdmg' + + packages: + main: + source: 'https://ftp.nluug.nl/pub/graphics/blender/release/Blender$MAJVERSION/blender-$VERSION-macos-$ARCH.dmg' diff --git a/data/blender/osfamily/Debian.yaml b/data/blender/osfamily/Debian.yaml new file mode 100644 index 00000000..0436a448 --- /dev/null +++ b/data/blender/osfamily/Debian.yaml @@ -0,0 +1,3 @@ +--- +blender::settings: {} + diff --git a/data/blender/osfamily/windows.yaml b/data/blender/osfamily/windows.yaml new file mode 100644 index 00000000..cb0137d9 --- /dev/null +++ b/data/blender/osfamily/windows.yaml @@ -0,0 +1,4 @@ +--- +blender::settings: + package_provider: 'windows' + package_source: 'https://www.blender.org/download/release/Blender$MAJVERSION/blender-$VERSION-windows-x64.msi' diff --git a/data/crowdsec_repo/upstream/default.yaml b/data/crowdsec_repo/upstream/default.yaml index 774c6221..61ef3b1e 100644 --- a/data/crowdsec_repo/upstream/default.yaml +++ b/data/crowdsec_repo/upstream/default.yaml @@ -1,6 +1,6 @@ --- crowdsec_repo::settings: - key_url: https://packagecloud.io/crowdsec/crowdsec/gpgkey + key_url: https://packagecloud.io/crowdsec/crowdsec/gpgkey https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-B78D1222C9AD2D5D.pub.gpg https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-EDE2C695EC9A5A5C.pub.gpg https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-C822EDD6B39954A1.pub.gpg https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-FED78314A2468CCF.pub.gpg key: '6A89 E3C2 303A 901A 8899 71D3 376E D532 6E93 CD0C' apt_repos: 'main' repo_filename: crowdsec_crowdsec diff --git a/data/default.yaml b/data/default.yaml index 226a0e37..ca1ab56d 100644 --- a/data/default.yaml +++ b/data/default.yaml @@ -9,19 +9,12 @@ default::settings: config_file_mode: '0644' config_dir_owner: 'root' config_dir_group: 'root' - config_dir_mode: '0755' + config_dir_mode: '0644' config_dir_purge: false - config_dir_recurse: true + config_dir_recurse: false install_method: 'package' packages: - main: - ensure: present - source: ~ - install_options: [] - params: {} - providers: {} - manage: true devel: name: '$TITLE-devel' ensure: present @@ -35,14 +28,6 @@ default::settings: ensure: present manage: false - services: - main: - process_user: root - process_group: root - ensure: running - enable: true - params: {} - files: config: owner: 'root' diff --git a/data/default/Debian.yaml b/data/default/Debian.yaml index e9f3554c..cd9cdc24 100755 --- a/data/default/Debian.yaml +++ b/data/default/Debian.yaml @@ -7,6 +7,5 @@ default::settings: repos: default: package_provider: dpkg - image: dockerfile_prerequisites: 'RUN apt-get update && apt-get install -y --force-yes --no-install-recommends wget' \ No newline at end of file diff --git a/data/default/Devuan4.yaml b/data/default/Devuan4.yaml index 164acb26..5d4daed8 100644 --- a/data/default/Devuan4.yaml +++ b/data/default/Devuan4.yaml @@ -8,7 +8,3 @@ default::settings: default: apt: release: 'chimaera' - - services: - main: - provider: 'sysvinit' diff --git a/data/fail2ban/osfamily/RedHat.yaml b/data/fail2ban/osfamily/RedHat.yaml new file mode 100644 index 00000000..c6062fc8 --- /dev/null +++ b/data/fail2ban/osfamily/RedHat.yaml @@ -0,0 +1,4 @@ +--- +fail2ban::settings: + tp_prerequisites: + - epel diff --git a/data/golang/default.yaml b/data/golang/default.yaml new file mode 100644 index 00000000..ed6792e9 --- /dev/null +++ b/data/golang/default.yaml @@ -0,0 +1,87 @@ +--- +golang::settings: + tp_prerequisites: {} + + urls: + website: 'https://go.dev' + issues: 'https://github.com/golang/go/issues' + documentation: 'https://go.dev/doc/' + source: 'https://github.com/golang/go' + description: 'The Go programming language' + + # Configured: +package -source -file +image + install_method: 'package' + + packages: + main: + name: golang + ensure: present + source: ~ + install_options: [] + params: {} + providers: + chocolatey: + name: golang + scoop: + name: go + winget: + name: ~ + snap: + name: go + brew: + name: go + + info_commands: + list: 'go list' + debug_commands: + debug: 'go debug' + test_commands: + status: 'go status' + version_command: 'go version' + help_command: 'go help' + run_commands: + start: + command: 'golang start' + + image: + name: 'golang' + + build: + prerequisites: + tp::install: + - build-essential + execs: + - name: configure + command: './configure' + - name: build + command: 'make' + - name: setup + command: 'make install' + setup: + enable: true + files: + golang: + path: '/usr/local/bin/golang' + mode: '0755' + systemd_options: {} + resources: {} + manage_service: false + manage_user: false + + release: + latest_version: ~ + prerequisites: {} + latest_url: ~ + base_url: 'https://go.dev/dl/go$VERSION.$OS-$ARCH.tar.gz' + file_name: 'go$VERSION.$OS-$ARCH..tar.gz' + extracted_dir: 'go$VERSION.$OS-$ARCH.tar.gz' + file_format: tar.gz + setup: + enable: true + files: + golang: + path: '/usr/local/bin/golang' + mode: '0755' + resources: {} + manage_service: false + manage_user: false diff --git a/data/golang/hiera.yaml b/data/golang/hiera.yaml new file mode 100644 index 00000000..b2a2fa6a --- /dev/null +++ b/data/golang/hiera.yaml @@ -0,0 +1,15 @@ +--- +:hierarchy: + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}" + - "%{title}/%{repo}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/osfamily/%{osfamily}" + - "%{title}/%{repo}/default" + - "%{title}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/operatingsystem/%{operatingsystem}" + - "%{title}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/osfamily/%{osfamily}" + - "%{title}/default" + - "default/%{operatingsystem}%{operatingsystemmajrelease}" + - "default/%{operatingsystem}" + - default diff --git a/data/golang/osfamily/Darwin.yaml b/data/golang/osfamily/Darwin.yaml new file mode 100644 index 00000000..7e96c2ca --- /dev/null +++ b/data/golang/osfamily/Darwin.yaml @@ -0,0 +1,5 @@ +--- +golang::settings: + + release: + https://go.dev/dl/go1.20.darwin-arm64.pkg \ No newline at end of file diff --git a/data/golang/osfamily/Debian.yaml b/data/golang/osfamily/Debian.yaml new file mode 100644 index 00000000..620a6a05 --- /dev/null +++ b/data/golang/osfamily/Debian.yaml @@ -0,0 +1,6 @@ +--- +golang::settings: + + files: + init: + path: '/etc/default/golang' \ No newline at end of file diff --git a/data/golang/osfamily/RedHat.yaml b/data/golang/osfamily/RedHat.yaml new file mode 100644 index 00000000..5292c963 --- /dev/null +++ b/data/golang/osfamily/RedHat.yaml @@ -0,0 +1,3 @@ +--- +golang::settings: + dockerfile_prerequisites: 'RUN yum install -y wget which' diff --git a/data/golang/osfamily/windows.yaml b/data/golang/osfamily/windows.yaml new file mode 100644 index 00000000..39ceff9c --- /dev/null +++ b/data/golang/osfamily/windows.yaml @@ -0,0 +1,14 @@ +--- +golang::settings: + + # If exe or msi package is available for direct download: + package_provider: 'windows' + package_source: 'https://go.dev/dl/go$VERSION.$OS-$ARCH.msi' + + user_files: + config: + path: '%APPDATA%\golang\golang.conf' + + user_dirs: + config: + path: '%APPDATA%\golang' \ No newline at end of file diff --git a/data/icinga2/default.yaml b/data/icinga2/default.yaml old mode 100644 new mode 100755 index d212dd9a..b6f1ccb7 --- a/data/icinga2/default.yaml +++ b/data/icinga2/default.yaml @@ -1,16 +1,42 @@ --- icinga2::settings: - package_name: 'icinga2' - service_name: 'icinga2' - config_file_path: '/etc/icinga2/icinga2.conf' - config_dir_path: '/etc/icinga2' - conf_dir_path: '/etc/icinga2/conf.d' - features_dir_path: '/etc/icinga2/features-enabled' - pid_file_path: '/var/run/icinga2/icinga2.pid' + package_name: icinga2 + service_name: icinga2 + config_file_path: "/etc/icinga2/icinga2.conf" + config_dir_path: "/etc/icinga2" + conf_dir_path: "/etc/icinga2/conf.d" + features_dir_path: "/etc/icinga2/features-enabled" + pid_file_path: "/var/run/icinga2/icinga2.pid" log_file_path: - - '/var/log/icinga2/icinga2.log' - - '/var/log/icinga2/error.log' - log_dir_path: '/var/log/icinga2' - process_name: 'icinga2' - process_user: 'icinga' - process_group: 'icinga' + - "/var/log/icinga2/icinga2.log" + - "/var/log/icinga2/error.log" + log_dir_path: "/var/log/icinga2" + process_name: icinga2 + process_user: icinga + process_group: icinga + packages: + main: + name: icinga2 + services: + icinga2: + process_name: icinga2 + process_user: icinga + process_group: icinga + files: + config: + path: "/etc/icinga2/icinga2.conf" + log: + path: *1 + user_files: + config: + path: "$HOME/.icinga2/icinga2.conf" + dirs: + config: + path: "/etc/icinga2" + conf: + path: "/etc/icinga2/conf.d" + log: + path: "/var/log/icinga2" + user_dirs: + config: + path: "$HOME/.icinga2" diff --git a/data/icinga_repo/default.yaml b/data/icinga_repo/default.yaml new file mode 100644 index 00000000..2c331962 --- /dev/null +++ b/data/icinga_repo/default.yaml @@ -0,0 +1,4 @@ +--- +icinga_repo::settings: + upstream_repo: true + git_source: https://github.com/Icinga/icinga2 \ No newline at end of file diff --git a/data/icinga_repo/hiera.yaml b/data/icinga_repo/hiera.yaml new file mode 100644 index 00000000..1ee1f61c --- /dev/null +++ b/data/icinga_repo/hiera.yaml @@ -0,0 +1,13 @@ +--- +:hierarchy: + - "%{title}/%{repo}/osfamily/%{osfamily}" + - "%{title}/%{repo}/default" + - "%{title}/upstream/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/upstream/operatingsystem/%{operatingsystem}" + - "%{title}/upstream/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/upstream/osfamily/%{osfamily}" + - "%{title}/upstream/default" + - "%{title}/osfamily/%{osfamily}" + - "%{title}/default" + - "default/%{operatingsystem}" + - default diff --git a/data/icinga_repo/upstream/default.yaml b/data/icinga_repo/upstream/default.yaml new file mode 100644 index 00000000..5f80a5a0 --- /dev/null +++ b/data/icinga_repo/upstream/default.yaml @@ -0,0 +1,5 @@ +--- +icinga_repo::settings: + repo_filename: icinga + repo_description: 'Icinga repository' + key_url: https://packages.icinga.com/icinga.key \ No newline at end of file diff --git a/data/icinga_repo/upstream/operatingsystem/Ubuntu.ya b/data/icinga_repo/upstream/operatingsystem/Ubuntu.ya new file mode 100644 index 00000000..c53f05c3 --- /dev/null +++ b/data/icinga_repo/upstream/operatingsystem/Ubuntu.ya @@ -0,0 +1,4 @@ +--- +icinga_repo::settings: + repo_url: 'https://packages.icinga.com/ubuntu' + diff --git a/data/icinga_repo/upstream/osfamily/Debian.yaml b/data/icinga_repo/upstream/osfamily/Debian.yaml new file mode 100644 index 00000000..998cd3a9 --- /dev/null +++ b/data/icinga_repo/upstream/osfamily/Debian.yaml @@ -0,0 +1,5 @@ +--- +icinga_repo::settings: + repo_url: 'https://packages.icinga.com/debian' + apt_repos: 'main' + apt_release: 'stable' diff --git a/data/icinga_repo/upstream/osfamily/RedHat.yaml b/data/icinga_repo/upstream/osfamily/RedHat.yaml new file mode 100644 index 00000000..e5729aca --- /dev/null +++ b/data/icinga_repo/upstream/osfamily/RedHat.yaml @@ -0,0 +1,4 @@ +--- +icinga_repo::settings: + repo_file_url: 'https://packages.icinga.com/centos/ICINGA-release.repo' + diff --git a/data/mgmt/default.yaml b/data/mgmt/default.yaml new file mode 100644 index 00000000..7df6ec7a --- /dev/null +++ b/data/mgmt/default.yaml @@ -0,0 +1,118 @@ +--- +mgmt::settings: + tp_prerequisites: {} + + urls: + website: 'https://github.com/purpleidea/mgmt' + issues: 'https://github.com/purpleidea/mgmt/issues' + documentation: 'https://github.com/purpleidea/mgmt/blob/master/docs/documentation.md' + source: 'https://github.com/purpleidea/mgmt' + description: 'Mgmt is a real-time automation tool.' + + # Configured: -package -source +release -image + install_method: 'release' + + packages: + main: + name: mgmt + + services: + mgmt: + process_name: mgmt + process_extra_name: ~ + process_user: root + process_group: root + nodaemon_args: '-D' + ensure: running + enable: true + pidfile: /run/mgmt.pid + params: {} + + + files: + config: + path: '/etc/mgmt/mgmt.conf' + init: + path: '/etc/sysconfig/mgmt.conf' + format: 'inifile' + systemd: + path: '/etc/systemd/system/mgmt.service' + format: 'inifile_with_stanzas' + + dirs: + config: + path: '/etc/mgmt' + conf: + path: '/etc/mgmt/conf.d' + log: + path: /var/log/mgmt + home: + path: /var/lib/mgmt + + user_files: + config: + path: '$HOME/.mgmt/mgmt.conf' + + user_dirs: + config: + path: '$HOME/.mgmt' + + ports: + main: + port: 42 + protocol: tcp + ssl: + port: 4432 + protocol: tcp + + info_commands: + list: 'mgmt list' + debug_commands: + debug: 'mgmt debug' + test_commands: + status: 'mgmt status' + version_command: 'mgmt version' + help_command: 'mgmt help' + run_commands: + start: + command: 'mgmt start' + + build: + prerequisites: + tp::install: + - golang + execs: + - name: build + command: 'make' + setup: + enable: true + files: + mgmt: + path: '/usr/local/bin/mgmt' + mode: '0755' + systemd_options: {} + resources: {} + manage_service: false + manage_user: false + + release: + latest_version: '0.0.21-1' + prerequisites: {} + latest_url: ~ + base_url: 'https://github.com/purpleidea/mgmt/releases' + file_name: 'mgmt-$VERSION.$OS-$ARCH.tar.gz' + extracted_dir: 'mgmt-$VERSION.$OS-$ARCH' + file_format: tar.gz + setup: + enable: true + files: + mgmt: + path: '/usr/local/bin/mgmt' + mode: '0755' + systemd_options: + Service: + ExecStart: '/usr/local/bin/mgmt run empty' + EnvironmentFile: ~ + resources: {} + manage_service: false + manage_user: false diff --git a/data/mgmt/hiera.yaml b/data/mgmt/hiera.yaml new file mode 100644 index 00000000..b2a2fa6a --- /dev/null +++ b/data/mgmt/hiera.yaml @@ -0,0 +1,15 @@ +--- +:hierarchy: + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}" + - "%{title}/%{repo}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/osfamily/%{osfamily}" + - "%{title}/%{repo}/default" + - "%{title}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/operatingsystem/%{operatingsystem}" + - "%{title}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/osfamily/%{osfamily}" + - "%{title}/default" + - "default/%{operatingsystem}%{operatingsystemmajrelease}" + - "default/%{operatingsystem}" + - default diff --git a/data/mgmt/osfamily/Darwin.yaml b/data/mgmt/osfamily/Darwin.yaml new file mode 100644 index 00000000..041afadc --- /dev/null +++ b/data/mgmt/osfamily/Darwin.yaml @@ -0,0 +1,11 @@ +--- +mgmt::settings: + brew_package_name: 'mgmt' + + user_files: + config: + path: '$HOME/Library/Application\ Support/mgmt/mgmt.conf' + + user_dirs: + config: + path: '$HOME/Library/Application\ Support/mgmt/mgmt.conf' \ No newline at end of file diff --git a/data/mgmt/osfamily/Debian.yaml b/data/mgmt/osfamily/Debian.yaml new file mode 100644 index 00000000..6542483e --- /dev/null +++ b/data/mgmt/osfamily/Debian.yaml @@ -0,0 +1,6 @@ +--- +mgmt::settings: + + files: + init: + path: '/etc/default/mgmt' \ No newline at end of file diff --git a/data/mgmt/osfamily/RedHat.yaml b/data/mgmt/osfamily/RedHat.yaml new file mode 100644 index 00000000..38eac048 --- /dev/null +++ b/data/mgmt/osfamily/RedHat.yaml @@ -0,0 +1,3 @@ +--- +mgmt::settings: + dockerfile_prerequisites: 'RUN yum install -y wget which' diff --git a/data/mgmt/osfamily/windows.yaml b/data/mgmt/osfamily/windows.yaml new file mode 100644 index 00000000..63713036 --- /dev/null +++ b/data/mgmt/osfamily/windows.yaml @@ -0,0 +1,14 @@ +--- +mgmt::settings: + + # If exe or msi package is available for direct download: + package_provider: 'windows' + package_source: 'https://github.com/mgmt/mgmt/releases/download/v$VERSION/mgmt_$VERSION_$OS_$ARCH.msi' + + user_files: + config: + path: '%APPDATA%\mgmt\mgmt.conf' + + user_dirs: + config: + path: '%APPDATA%\mgmt' \ No newline at end of file diff --git a/data/microsoft_repo/upstream/default.yaml b/data/microsoft_repo/upstream/default.yaml index cab3a474..791c8afe 100644 --- a/data/microsoft_repo/upstream/default.yaml +++ b/data/microsoft_repo/upstream/default.yaml @@ -1,4 +1,4 @@ --- microsoft_repo::settings: - repo_filename: packages-microsoft-prod + repo_filename: microsoft-prod repo_package_name: packages-microsoft-prod \ No newline at end of file diff --git a/data/nats-server/default.yaml b/data/nats-server/default.yaml index 4530a941..14ddd710 100644 --- a/data/nats-server/default.yaml +++ b/data/nats-server/default.yaml @@ -12,7 +12,7 @@ nats-server::settings: config_dir_path: '/etc/nats' # tp 4 settings - install_method: 'file' + install_method: 'release' description: 'NATS is an open-source, high-performance, cloud native messaging system.' docker_image: 'nats' docker_args: '' @@ -58,7 +58,7 @@ nats-server::settings: - name: build command: 'GO111MODULE=on go get github.com/nats-io/nats-server/v2' - releases: + release: latest_version: '2.9.11' prerequisites: {} base_url: 'https://github.com/nats-io/nats-server/releases/download/v$VERSION' diff --git a/data/nix/default.yaml b/data/nix/default.yaml new file mode 100644 index 00000000..44bd213d --- /dev/null +++ b/data/nix/default.yaml @@ -0,0 +1,91 @@ +--- +nix::settings: + tp_prerequisites: {} + exec_prerequisites: + install: + command: 'wget -O /tmp/nix_install https://nixos.org/nix/install ; sh /tmp/nix_install --daemon --yes' + creates: '/nix' + provider: posix + environment: ['HOME=/root'] + + urls: + website: 'https://nixos.org' + issues: 'https://github.com/nixos/nix/issues' + documentation: 'https://nixos.org/learn.html' + source: 'https://github.com/nixos/nix' + description: 'The purely functional package manager' + + # Configured: +package -source -file +image + install_method: 'package' + + packages: {} + manage_package: false + + services: + nix-daemon: + process_name: nix + process_extra_name: ~ + process_user: root + process_group: root + nodaemon_args: '-D' + pidfile: /run/nix.pid + params: {} + + files: + config: + path: '/etc/nix/nix.conf' + init: + path: '/etc/sysconfig/nix-daemon.conf' + format: 'inifile' + systemd: + path: '/etc/systemd/system/nix-daemon.service' + format: 'inifile_with_stanzas' + + dirs: + config: + path: '/etc/nix' + metadata: + path: /nix/var/nix + log: + path: /nix/var/log + store: + path: /nix + + user_files: + config: + path: '$HOME/.config/nix/nix.conf' + + user_dirs: + config: + path: '$HOME/.config/nix' + + info_commands: + list_profile: 'nix profile list' + list_store: 'nix store ls' + debug_commands: + debug: 'nix store verify' + test_commands: + status: 'nix status' + version_command: 'nix --version' + help_command: 'nix --help' + + image: + name: 'nixos/nix' + systemd_options: {} + + release: + latest_version: 2.13.2 + latest_url: ~ + base_url: 'https://releases.nixos.org/nix/nix-$VERSION/nix-$VERSION-$OS.tar.xz' + file_name: 'nix-$VERSION-$OS.tar.xz' + extracted_dir: 'nix-$VERSION-$OS' + file_format: xz + + setupa: + enable: true + resources: + exec: + install_nix: + command: 'curl -L https://nixos.org/nix/install --daemon | bash' + creates: '/nix' + provider: shell \ No newline at end of file diff --git a/data/nix/hiera.yaml b/data/nix/hiera.yaml new file mode 100644 index 00000000..b2a2fa6a --- /dev/null +++ b/data/nix/hiera.yaml @@ -0,0 +1,15 @@ +--- +:hierarchy: + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}" + - "%{title}/%{repo}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/osfamily/%{osfamily}" + - "%{title}/%{repo}/default" + - "%{title}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/operatingsystem/%{operatingsystem}" + - "%{title}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/osfamily/%{osfamily}" + - "%{title}/default" + - "default/%{operatingsystem}%{operatingsystemmajrelease}" + - "default/%{operatingsystem}" + - default diff --git a/data/nuclei/default.yaml b/data/nuclei/default.yaml index f5f77628..76b600c2 100644 --- a/data/nuclei/default.yaml +++ b/data/nuclei/default.yaml @@ -10,7 +10,7 @@ nuclei::settings: config_dir_path: '$HOME/.config/nuclei' # tp 4 settings - install_method: 'file' + install_method: 'release' description: 'Fast and customizable vulnerability scanner based on simple YAML based DSL.' docker_image: 'projectdiscovery/nuclei' docker_args: '' @@ -76,7 +76,7 @@ nuclei::settings: - name: build command: 'go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest' - releases: + release: latest_version: '2.8.6' prerequisites: {} base_url: 'https://github.com/projectdiscovery/nuclei/releases/download/v$VERSION' diff --git a/data/nuclei/osfamily/windows.yaml b/data/nuclei/osfamily/windows.yaml index 9e89609f..57ff8111 100644 --- a/data/nuclei/osfamily/windows.yaml +++ b/data/nuclei/osfamily/windows.yaml @@ -1,3 +1,3 @@ --- nuclei::settings: - install_method: 'file' + install_method: 'release' diff --git a/data/prometheus/default.yaml b/data/prometheus/default.yaml index fef0ee28..8e10b076 100644 --- a/data/prometheus/default.yaml +++ b/data/prometheus/default.yaml @@ -17,15 +17,11 @@ prometheus::settings: # validate_cmd: 'prometheus validate' pid_file_path: '' init_file_path: '/etc/sysconfig/prometheus.conf' - log_file_path: - - '/var/log/prometheus/prometheus.log' - - '/var/log/prometheus/prometheus-node-exporter.log' config_dir_path: '/etc/prometheus' - log_dir_path: '/var/log/prometheus' # tp 4 settings - install_method: 'file' + install_method: 'release' description: 'The Prometheus monitoring system and time series database' website: 'https://prometheus.io/' issues: 'https://github.com/prometheus/prometheus/issues' @@ -93,7 +89,7 @@ prometheus::settings: restart: command: 'prometheus restart' - releases: + release: latest_version: '2.41.0' prerequisites: {} base_url: 'https://github.com/prometheus/prometheus/releases/download/v$VERSION' @@ -101,13 +97,17 @@ prometheus::settings: extracted_dir: 'prometheus-$VERSION.$OS-$ARCH' file_format: 'tar.gz' checksum_url: 'https://github.com/prometheus/prometheus/releases/download/$VERSION/sha256sums.txt' + setup: + enable: true + manage_service: true + manage_user: true image: name: 'prom/prometheus' systemd_options: {} setup: - enable: true + enable: false files: prometheus: path: '/usr/local/bin/prometheus' @@ -125,6 +125,9 @@ prometheus::settings: /var/log/prometheus: ensure: directory owner: prometheus + /var/lib/prometheus: + ensure: directory + owner: prometheus exec: prometheus_init_config: command: 'touch /etc/sysconfig/prometheus.conf' @@ -132,8 +135,7 @@ prometheus::settings: systemd_options: Service: ExecStart: '/usr/local/bin/prometheus --config.file /etc/prometheus/prometheus.yml' - manage_service: true - manage_user: true + WorkingDirectory: '/var/lib/prometheus' build: enable: false diff --git a/data/prometheus/osfamily/RedHat.yaml b/data/prometheus/osfamily/RedHat.yaml index 728c3e07..a4a99454 100644 --- a/data/prometheus/osfamily/RedHat.yaml +++ b/data/prometheus/osfamily/RedHat.yaml @@ -1,4 +1,4 @@ --- prometheus::settings: dockerfile_prerequisites: 'RUN yum install -y wget which' - install_method: 'file' + install_method: 'release' diff --git a/data/reference/default.yaml b/data/reference/default.yaml index a09643fb..a9af6a33 100644 --- a/data/reference/default.yaml +++ b/data/reference/default.yaml @@ -92,7 +92,7 @@ reference::settings: # which automatically replaces the following variables in the string: # $OS with downcase($facts['kernel']) # $ARCH with $facts['os']['architecture'] (with some mapping to match GitHub default names of archs) - # $VERSION with the version of the package (if set via $ensure, $version or in $settings.releases.latest_version) + # $VERSION with the version of the package (if set via $ensure, $version or in $settings.release.latest_version) # For example, this could be: # package_source: 'https://github.com/reference/reference/releases/download/v$VERSION/reference_$VERSION_$OS_$ARCH.msi' # This works only with Puppet providers that accept a source argument @@ -458,9 +458,12 @@ reference::settings: # The init system to use for the app. (Set in default settings, usually no need to override) init_system: ~ + # The service provider to use + service_provider: ~ + + # Services to manage services: - main: - name: reference + reference: process_name: reference process_extra_name: ~ process_user: root @@ -773,7 +776,7 @@ reference::settings: manage_service: true manage_user: false - # The default setup settings. They are merged with settings.releases.setup and settings.source.setup + # The default setup settings. They are merged with settings.$install_method.setup setup: # If to enable the setup, which involves doing the configurations as defined in the other settings enable: false diff --git a/data/reference/hiera.yaml b/data/reference/hiera.yaml index fcd4bfdc..77ac7154 100644 --- a/data/reference/hiera.yaml +++ b/data/reference/hiera.yaml @@ -1,7 +1,7 @@ -# This file defines the hierathy to follow when looking for tinydata settings -# Note that even if it's called like a normal Hiera 3 configuration files +# This file defines the hierarchy to follow when looking for tinydata settings +# Note that even if it looks like a normal Hiera 3 configuration files # and has a similar logic it's NOT a Hiera configuration and is not used by Hiera -# This file is actually used by the tp_slookuo function and has the following +# This file is actually used by the tp_lookup function and has the following # limitation: # Variables interpolation is done ONLY for the following variables: # - Fact $::operatingsystemmajrelease diff --git a/data/sample/default.yaml b/data/sample/default.yaml index 1db1fe8c..0f3cfc7b 100644 --- a/data/sample/default.yaml +++ b/data/sample/default.yaml @@ -2,31 +2,48 @@ sample::settings: tp_prerequisites: {} - upstream_repo: false - package_name: 'sample' - service_name: 'sample' - process_name: 'sample' - process_user: 'root' - process_group: 'root' - config_file_path: '/etc/sample/sample.conf' - config_file_format: yaml - # validate_cmd: 'sample validate' - pid_file_path: '/run/sample.pid' - init_file_path: '/etc/sysconfig/sample.conf' - log_file_path: - - '/var/log/sample/sample.log' - config_dir_path: '/etc/sample' - log_dir_path: - - '/var/log/sample' + urls: + website: 'https://sample.com' + issues: 'https://github.com/sample/sample/issues' + documentation: 'https://sample.com/documentation' + source: 'https://github.com/sample/sample' + description: 'sample description' - # tp 4 settings + # Configured: +package -source -file +image install_method: 'package' - description: 'sample description' - docker_image: 'sample/sample' - docker_args: '' - website: 'https://sample.com' - issues: 'https://github.com/sample/sample/issues' - git_source: 'https://github.com/sample/sample' + + packages: + main: + name: sample + ensure: present + source: ~ + install_options: [] + params: {} + providers: + chocolatey: + name: ~ + scoop: + name: ~ + winget: + name: ~ + # Examples of other packages + client: + name: sample-client + server: + name: sample-server + + services: + sample: + process_name: sample + process_extra_name: ~ + process_user: root + process_group: root + nodaemon_args: '-D' + ensure: running + enable: true + pidfile: /run/sample.pid + params: {} + files: config: @@ -64,29 +81,23 @@ sample::settings: port: 4432 protocol: tcp - commandsTOCONF: - info: - list: 'sample list' - debug: - debug: 'sample debug' - test: - status: 'sample status' - version: 'sample --version' - run: - start: - command: 'sample start' - arguments: - - 'instance': - default: '' - description: 'Instance to start' - options: - config_file: - default: 'sample.conf' - value: String - description: 'Config file to use' - restart: - command: 'sample restart' + info_commands: + list: 'sample list' + debug_commands: + debug: 'sample debug' + test_commands: + status: 'sample status' + version_command: 'sample version' + help_command: 'sample help' + run_commands: + start: + command: 'sample start' + image: + name: 'sample/sample' + ports: + - 9090:9090 + systemd_options: {} build: prerequisites: @@ -99,8 +110,18 @@ sample::settings: command: 'make' - name: setup command: 'make install' + setup: + enable: true + files: + sample: + path: '/usr/local/bin/sample' + mode: '0755' + systemd_options: {} + resources: {} + manage_service: false + manage_user: false - releases: + release: latest_version: ~ prerequisites: {} latest_url: ~ @@ -108,18 +129,16 @@ sample::settings: file_name: 'sample-$VERSION.$OS-$ARCH.tar.gz' extracted_dir: 'sample-$VERSION.$OS-$ARCH' file_format: tar.gz - - setup: - enable: true - files: - sample: - path: '/usr/local/bin/sample' - mode: '0755' - systemd_options: - Service: - ExecStart: '/var/lib/tp/source/sample/sample -l 127.0.0.1' - EnvironmentFile: ~ - resources: {} - manage_service: true - manage_user: false - + setup: + enable: true + files: + sample: + path: '/usr/local/bin/sample' + mode: '0755' + systemd_options: + Service: + ExecStart: '/var/lib/tp/source/sample/sample -l 127.0.0.1' + EnvironmentFile: ~ + resources: {} + manage_service: false + manage_user: false diff --git a/data/sample/osfamily/Darwin.yaml b/data/sample/osfamily/Darwin.yaml index cd51e27e..73ba7d0a 100644 --- a/data/sample/osfamily/Darwin.yaml +++ b/data/sample/osfamily/Darwin.yaml @@ -1,8 +1,6 @@ --- sample::settings: brew_package_name: 'sample' - user_config_file_path: '$HOME/Library/Application\ Support/sample/sample.conf' - user_config_dir_path: '$HOME/Library/Application\ Support/sample/' user_files: config: diff --git a/data/sample/osfamily/Debian.yaml b/data/sample/osfamily/Debian.yaml index cda87d49..8c6299cf 100644 --- a/data/sample/osfamily/Debian.yaml +++ b/data/sample/osfamily/Debian.yaml @@ -1,6 +1,5 @@ --- sample::settings: - init_file_path: '/etc/default/sample' files: init: diff --git a/data/sample/osfamily/windows.yaml b/data/sample/osfamily/windows.yaml index 18eaff30..9098e8bf 100644 --- a/data/sample/osfamily/windows.yaml +++ b/data/sample/osfamily/windows.yaml @@ -1,14 +1,5 @@ --- sample::settings: - winget_package_name: 'sample.sample' - choco_package_name: 'sample' - package_name: 'sample' - config_file_path: 'C:\ProgramData\sample\sample\etc\sample.conf' - config_dir_path: 'C:\ProgramData\sample\sample\etc' - process_user: 'LocalSystem' - process_group: 'LocalSystem' - user_config_file_path: '%APPDATA%\sample\sample.conf' - user_config_dir_path: '%APPDATA%\sample' # If exe or msi package is available for direct download: package_provider: 'windows' diff --git a/data/sample/osfamily/windows11.yaml b/data/sample/osfamily/windows11.yaml deleted file mode 100644 index 0a50fef1..00000000 --- a/data/sample/osfamily/windows11.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -sample::settings: - package_name: 'sample.sample' diff --git a/data/sample/upstream/default.yaml b/data/sample/upstream/default.yaml deleted file mode 100644 index 998a7c92..00000000 --- a/data/sample/upstream/default.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -sample::settings: {} - -# tp_prerequisites: -# sample_repo: {} - diff --git a/data/snmp/default.yaml b/data/snmp/default.yaml index 0cdf07d2..ee9f03ce 100644 --- a/data/snmp/default.yaml +++ b/data/snmp/default.yaml @@ -1,3 +1,179 @@ --- snmp::settings: - package_name: 'snmp' + tp_prerequisites: {} + + package_name: 'snmpd' + service_name: 'snmpd' + config_file_path: '/etc/snmp/snmpd.conf' + config_file_mode: '0600' + config_dir_path: '/etc/snmp' + pid_file_path: '/var/run/snmpd.pid' + log_file_path: '/var/log/snmpd/snmpd.log' + log_dir_path: '/var/log/snmpd' + process_name: 'snmpd' + process_user: 'snmpd' + process_group: 'snmpd' + udp_port: '161' + + urls: + website: 'http://www.net-snmp.org/' + issues: 'https://github.com/net-snmp/net-snmp/issues' + documentation: 'https://snmpd.com/documentation' + source: 'https://github.com/net-snmp/net-snmp' + description: 'A SNMP application library, tools and daemon' + + # Configured: +package -source -file +image + install_method: 'package' + + packages: + main: + name: snmpd + ensure: present + source: ~ + install_options: [] + params: {} + providers: + chocolatey: + name: ~ + scoop: + name: ~ + winget: + name: ~ + snmptrapd: + name: snmptrapd + ensure: present + source: ~ + install_options: [] + params: {} + providers: + chocolatey: + name: ~ + scoop: + name: ~ + winget: + name: ~ + services: + snmpd: + process_name: snmpd + process_extra_name: ~ + process_user: root + process_group: root + nodaemon_args: '-D' + ensure: running + enable: true + pidfile: /var/run/snmpd.pid + params: {} + snmptrapd: + process_name: snmptrapd + process_extra_name: ~ + process_user: root + process_group: root + nodaemon_args: '-D' + ensure: stopped + enable: false + pidfile: /var/run/snmptrapd.pid + params: {} + + + files: + client: + path: '/etc/snmp/snmp.conf' + config: + path: '/etc/snmp/snmpd.conf' + mode: '0600' + init: + path: '/etc/sysconfig/snmpd' + format: 'inifile' + systemd: + path: '/etc/systemd/system/snmpd.service' + format: 'inifile_with_stanzas' + snmptrapd: + path: '/etc/snmp/snmptrapd.conf' + snmptrapd_init: + path: '/etc/sysconfig/snmptrapd' + format: 'inifile' + dirs: + config: + path: '/etc/snmp' + log: + path: /var/log/snmpd + home: + path: /var/lib/snmp + + user_files: + config: + path: '$HOME/.snmpd/snmpd.conf' + + user_dirs: + config: + path: '$HOME/.snmpd' + + ports: + main: + port: 42 + protocol: tcp + ssl: + port: 4432 + protocol: tcp + + info_commands: + list: 'snmpd list' + debug_commands: + debug: 'snmpd debug' + test_commands: + status: 'snmpd status' + version_command: 'snmpd version' + help_command: 'snmpd help' + run_commands: + start: + command: 'snmpd start' + + image: + name: 'snmpd/snmpd' + ports: + - 9090:9090 + systemd_options: {} + + build: + prerequisites: + tp::install: + - build-essential + execs: + - name: configure + command: './configure' + - name: build + command: 'make' + - name: setup + command: 'make install' + setup: + enable: true + files: + snmpd: + path: '/usr/local/bin/snmpd' + mode: '0755' + systemd_options: {} + resources: {} + manage_service: false + manage_user: false + + release: + latest_version: ~ + prerequisites: {} + latest_url: ~ + base_url: 'https://sourceforge.net/projects/net-snmp/files/net-snmp/$VERSION/' + file_name: 'net-snmp-$VERSION.tar.gz' + extracted_dir: 'net-snmp-$VERSION' + file_format: tar.gz + setup: + enable: true + files: + snmpd: + path: '/usr/local/bin/snmpd' + mode: '0755' + systemd_options: + Service: + ExecStart: '/var/lib/tp/source/snmpd/snmpd -l 127.0.0.1' + EnvironmentFile: ~ + resources: {} + manage_service: false + manage_user: false diff --git a/data/snmp/hiera.yaml b/data/snmp/hiera.yaml index 19fa9ae9..b2a2fa6a 100644 --- a/data/snmp/hiera.yaml +++ b/data/snmp/hiera.yaml @@ -1,6 +1,15 @@ --- :hierarchy: + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}" + - "%{title}/%{repo}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/osfamily/%{osfamily}" + - "%{title}/%{repo}/default" + - "%{title}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/operatingsystem/%{operatingsystem}" + - "%{title}/osfamily/%{osfamily}%{operatingsystemmajrelease}" - "%{title}/osfamily/%{osfamily}" - "%{title}/default" + - "default/%{operatingsystem}%{operatingsystemmajrelease}" - "default/%{operatingsystem}" - default diff --git a/data/snmp/osfamily/Darwin.yaml b/data/snmp/osfamily/Darwin.yaml new file mode 100644 index 00000000..fa4f159b --- /dev/null +++ b/data/snmp/osfamily/Darwin.yaml @@ -0,0 +1,11 @@ +--- +snmp::settings: + brew_package_name: 'snmp' + + user_files: + config: + path: '$HOME/Library/Application\ Support/snmp/snmp.conf' + + user_dirs: + config: + path: '$HOME/Library/Application\ Support/snmp/snmp.conf' \ No newline at end of file diff --git a/data/snmp/osfamily/Debian.yaml b/data/snmp/osfamily/Debian.yaml index 040a3ed9..e5c83a39 100644 --- a/data/snmp/osfamily/Debian.yaml +++ b/data/snmp/osfamily/Debian.yaml @@ -1,4 +1,24 @@ --- snmp::settings: - config_file_path: '/etc/snmp/snmp.conf' - config_dir_path: '/etc/snmp/' + config_dir_path: '/etc/snmp' + process_user: 'snmp' + process_group: 'snmp' + init_file_path: '/etc/default/snmpd' + + files: + client: + path: '/etc/snmp/snmp.conf' + config: + path: '/etc/snmp/snmpd.conf' + mode: '0600' + init: + path: '/etc/default/snmpd' + format: 'inifile' + systemd: + path: '/etc/systemd/system/snmpd.service' + format: 'inifile_with_stanzas' + snmptrapd: + path: '/etc/snmp/snmptrapd.conf' + snmptrapd_init: + path: '/etc/default/snmptrapd' + format: 'inifile' \ No newline at end of file diff --git a/data/snmpd/osfamily/OpenBSD.yaml b/data/snmp/osfamily/OpenBSD.yaml similarity index 88% rename from data/snmpd/osfamily/OpenBSD.yaml rename to data/snmp/osfamily/OpenBSD.yaml index 84614119..3de51418 100644 --- a/data/snmpd/osfamily/OpenBSD.yaml +++ b/data/snmp/osfamily/OpenBSD.yaml @@ -1,5 +1,5 @@ --- -snmpd::settings: +snmp::settings: package_name: 'net-snmp' service_name: 'netsnmpd' config_file_path: '/etc/snmp/snmpd.conf' diff --git a/data/snmp/osfamily/RedHat.yaml b/data/snmp/osfamily/RedHat.yaml index 233bdd0e..2292d374 100644 --- a/data/snmp/osfamily/RedHat.yaml +++ b/data/snmp/osfamily/RedHat.yaml @@ -1,3 +1,14 @@ --- snmp::settings: - package_name: 'net-snmp-utils' + package_name: 'net-snmp' + config_file_mode: '0600' + init_file_path: '/etc/sysconfig/snmpd' + + + packages: + main: + name: net-snmp + + files: + init: + path: '/etc/sysconfig/snmpd' \ No newline at end of file diff --git a/data/snmp/osfamily/Solaris.yaml b/data/snmp/osfamily/Solaris.yaml index 7ae7ff58..ad4aa0b0 100644 --- a/data/snmp/osfamily/Solaris.yaml +++ b/data/snmp/osfamily/Solaris.yaml @@ -1,3 +1,8 @@ --- snmp::settings: package_name: 'net-snmp' + service_name: 'net-snmp' + config_file_path: '/etc/net-snmp/snmp/snmpd.conf' + config_file_mode: '0444' + config_file_group: 'bin' + config_dir_path: '/etc/net-snmp/snmp' diff --git a/data/snmp/osfamily/Suse.yaml b/data/snmp/osfamily/Suse.yaml deleted file mode 100644 index 233bdd0e..00000000 --- a/data/snmp/osfamily/Suse.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -snmp::settings: - package_name: 'net-snmp-utils' diff --git a/data/snmp/osfamily/Ubuntu.yaml b/data/snmp/osfamily/Ubuntu.yaml deleted file mode 100644 index 040a3ed9..00000000 --- a/data/snmp/osfamily/Ubuntu.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -snmp::settings: - config_file_path: '/etc/snmp/snmp.conf' - config_dir_path: '/etc/snmp/' diff --git a/data/snmp/osfamily/windows.yaml b/data/snmp/osfamily/windows.yaml new file mode 100644 index 00000000..7670fdad --- /dev/null +++ b/data/snmp/osfamily/windows.yaml @@ -0,0 +1,14 @@ +--- +snmp::settings: + + # If exe or msi package is available for direct download: + package_provider: 'windows' + package_source: 'https://github.com/snmp/snmp/releases/download/v$VERSION/snmp_$VERSION_$OS_$ARCH.msi' + + user_files: + config: + path: '%APPDATA%\snmp\snmp.conf' + + user_dirs: + config: + path: '%APPDATA%\snmp' \ No newline at end of file diff --git a/data/snmpd/default.yaml b/data/snmpd/default.yaml deleted file mode 100644 index 2db5d3af..00000000 --- a/data/snmpd/default.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -snmpd::settings: - package_name: 'snmpd' - service_name: 'snmpd' - config_file_path: '/etc/snmp/snmpd.conf' - config_dir_path: '/etc/snmp' - pid_file_path: '/var/run/snmpd.pid' - log_file_path: '/var/log/snmpd/snmpd.log' - log_dir_path: '/var/log/snmpd' - process_name: 'snmpd' - process_user: 'snmpd' - process_group: 'snmpd' - udp_port: '161' diff --git a/data/snmpd/hiera.yaml b/data/snmpd/hiera.yaml deleted file mode 100644 index 19fa9ae9..00000000 --- a/data/snmpd/hiera.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -:hierarchy: - - "%{title}/osfamily/%{osfamily}" - - "%{title}/default" - - "default/%{operatingsystem}" - - default diff --git a/data/snmpd/osfamily/Debian.yaml b/data/snmpd/osfamily/Debian.yaml deleted file mode 100644 index b8d448b7..00000000 --- a/data/snmpd/osfamily/Debian.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -snmpd::settings: - config_file_mode: '0600' - config_dir_path: '/etc/snmp' - process_user: 'snmp' - process_group: 'snmp' - init_file_path: '/etc/default/snmpd' diff --git a/data/snmpd/osfamily/RedHat.yaml b/data/snmpd/osfamily/RedHat.yaml deleted file mode 100644 index 91258695..00000000 --- a/data/snmpd/osfamily/RedHat.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -snmpd::settings: - package_name: 'net-snmp' - config_file_mode: '0600' - init_file_path: '/etc/sysconfig/snmpd.options' diff --git a/data/snmpd/osfamily/Solaris.yaml b/data/snmpd/osfamily/Solaris.yaml deleted file mode 100644 index c4dfe4b8..00000000 --- a/data/snmpd/osfamily/Solaris.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -snmpd::settings: - package_name: 'net-snmp' - service_name: 'net-snmp' - config_file_path: '/etc/net-snmp/snmp/snmpd.conf' - config_file_mode: '0444' - config_file_group: 'bin' - config_dir_path: '/etc/net-snmp/snmp' diff --git a/data/snmpd/osfamily/Suse.yaml b/data/snmpd/osfamily/Suse.yaml deleted file mode 100644 index 2e4c73f5..00000000 --- a/data/snmpd/osfamily/Suse.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -snmpd::settings: - package_name: 'net-snmp' diff --git a/data/spiderfoot/default.yaml b/data/spiderfoot/default.yaml index c08404c6..19df682b 100644 --- a/data/spiderfoot/default.yaml +++ b/data/spiderfoot/default.yaml @@ -18,9 +18,6 @@ spiderfoot::settings: # tp 4 settings description: 'SpiderFoot automates OSINT so you can find what matters, faster.' - website: 'https://www.spiderfoot.net/' - issues: 'https://github.com/smicallef/spiderfoot/issues' - ports: main: port: 5001 @@ -37,7 +34,7 @@ spiderfoot::settings: install_method: 'source' - releases: + release: latest_version: '4.0' prerequisites: {} latest: {} @@ -46,12 +43,19 @@ spiderfoot::settings: extracted_dir: 'spiderfoot-$VERSION' file_format: 'zip' - setup: - enable: true - systemd_options: - Service: - ExecStart: '/var/lib/tp/source/spiderfoot/sf.py -l 0.0.0.0:5001' - EnvironmentFile: ~ - manage_service: true - manage_user: false - + source: + setup: + enable: true + systemd_options: + Service: + ExecStart: '/var/lib/tp/source/spiderfoot/sf.py -l 0.0.0.0:5001' + EnvironmentFile: ~ + WorkingDirectory: '/var/lib/tp/source/spiderfoot' + manage_service: true + manage_user: false + + urls: + website: https://www.spiderfoot.net/ + issues: https://github.com/smicallef/spiderfoot/issues + documentation: https://www.spiderfoot.net/documentation/ + source: https://github.com/smicallef/spiderfoot diff --git a/data/surfex/default.yaml b/data/surfex/default.yaml new file mode 100644 index 00000000..c125d612 --- /dev/null +++ b/data/surfex/default.yaml @@ -0,0 +1,46 @@ +--- +surfex::settings: + tp_prerequisites: {} + + urls: + website: 'http://www.umr-cnrm.fr/surfex/' + documentation: 'http://www.umr-cnrm.fr/surfex/' + source: 'https://github.com/surfex/surfex' + description: 'SURFEX (Surface Externalisée, in French) is a surface modelling platform' + + # Configured: -package -source +release -image + install_method: 'release' + + build: + enable: true + prerequisites: + tp::install: + - build-essential + execs: + - name: configure + command: 'cd src ; ./configure' + # TODO: Add source of generated model + - name: build + command: 'make' + - name: setup + command: 'make installmaster' + setup: + enable: true + systemd_options: {} + resources: {} + manage_service: false + manage_user: false + + release: + latest_version: 'v9_0_0' + prerequisites: {} + latest_url: ~ + base_url: 'https://www.umr-cnrm.fr/surfex/data/OPEN-SURFEX' + file_name: 'open_surfex_$VERSION.tar.gz' + extracted_dir: 'OPEN_SURFEX_V9' + file_format: tar.gz + setup: + enable: true + resources: {} + manage_service: false + manage_user: false diff --git a/data/surfex/hiera.yaml b/data/surfex/hiera.yaml new file mode 100644 index 00000000..b2a2fa6a --- /dev/null +++ b/data/surfex/hiera.yaml @@ -0,0 +1,15 @@ +--- +:hierarchy: + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/operatingsystem/%{operatingsystem}" + - "%{title}/%{repo}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/%{repo}/osfamily/%{osfamily}" + - "%{title}/%{repo}/default" + - "%{title}/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" + - "%{title}/operatingsystem/%{operatingsystem}" + - "%{title}/osfamily/%{osfamily}%{operatingsystemmajrelease}" + - "%{title}/osfamily/%{osfamily}" + - "%{title}/default" + - "default/%{operatingsystem}%{operatingsystemmajrelease}" + - "default/%{operatingsystem}" + - default diff --git a/data/sysdig/hiera.yaml b/data/sysdig/hiera.yaml index 1c820bbc..79a0789e 100644 --- a/data/sysdig/hiera.yaml +++ b/data/sysdig/hiera.yaml @@ -2,6 +2,7 @@ :hierarchy: - "%{title}/upstream/operatingsystem/%{operatingsystem}%{operatingsystemmajrelease}" - "%{title}/upstream/operatingsystem/%{operatingsystem}" + - "%{title}/upstream/osfamily/%{osfamily}%{operatingsystemmajrelease}" - "%{title}/upstream/osfamily/%{osfamily}" - "%{title}/upstream/default" - "%{title}/default" diff --git a/data/sysdig/upstream/osfamily/RedHat9.yaml b/data/sysdig/upstream/osfamily/RedHat9.yaml new file mode 100644 index 00000000..a21b479a --- /dev/null +++ b/data/sysdig/upstream/osfamily/RedHat9.yaml @@ -0,0 +1,11 @@ +--- +# Workaround for GPG-KEY in SHA1 https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9 +sysdig::settings: + exec_prerequisites: + allow_sha1: + command: '/usr/bin/update-crypto-policies --set DEFAULT:SHA1' + unless: 'dnf info sysdig' + exec_postinstall: + disallow_sha1: + command: '/usr/bin/update-crypto-policies --set DEFAULT' + onlyif: '/usr/bin/update-crypto-policies --show | grep SHA1' diff --git a/metadata.json b/metadata.json index 8cf892ef..6ca28493 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "example42-tinydata", - "version": "0.6.0", + "version": "0.7.0", "author": "Alessandro Franceschi", "summary": "Tiny Puppet Data", "license": "Apache-2.0", diff --git a/scripts/convert_v3_to_v4.rb b/scripts/convert_v3_to_v4.rb old mode 100644 new mode 100755 index 0ba6c620..6d6c54fb --- a/scripts/convert_v3_to_v4.rb +++ b/scripts/convert_v3_to_v4.rb @@ -1,3 +1,4 @@ +#!/opt/puppetlabs/puppet/bin/ruby require 'yaml' # This script converts a v3 config file to a v4 config file @@ -29,22 +30,22 @@ # Get the service name from the original config service_name = original_config[settings_key]['service_name'] -original_config[settings_key]["services"] = {"main" => {"name" => service_name}} if service_name +original_config[settings_key]["services"][service_name] if service_name # Get the process name from the original config process_name = original_config[settings_key]['process_name'] -original_config[settings_key]["services"]["main"]["process_name"] = process_name if process_name +original_config[settings_key]["services"][service_name]["process_name"] = process_name if process_name # Get the process_extra name from the original config process_extra_name = original_config[settings_key]['process_extra_name'] -original_config[settings_key]["services"]["main"]["process_extra_name"] = process_extra_name if process_extra_name +original_config[settings_key]["services"][service_name]["process_extra_name"] = process_extra_name if process_extra_name # Get the process user from the original config process_user = original_config[settings_key]['process_user'] -original_config[settings_key]["services"]["main"]["process_user"] = process_user if process_user +original_config[settings_key]["services"][service_name]["process_user"] = process_user if process_user # Get the process group from the original config process_group = original_config[settings_key]['process_group'] -original_config[settings_key]["services"]["main"]["process_group"] = process_user if process_group +original_config[settings_key]["services"][service_name]["process_group"] = process_user if process_group # Get the process nodaemon_args from the original config nodaemon_args = original_config[settings_key]['nodaemon_args'] -original_config[settings_key]["services"] = {"main" => {"nodaemon_args" => nodaemon_args}} if nodaemon_args +original_config[settings_key]["services"][service_name]["nodaemon_args"] = nodaemon_args if nodaemon_args # Get the config_file_path from the original config diff --git a/scripts/github_latest_version.py b/scripts/github_latest_version.py new file mode 100755 index 00000000..0eaee125 --- /dev/null +++ b/scripts/github_latest_version.py @@ -0,0 +1,21 @@ +#!/usr/bin/python3 +import requests +import sys + +# Get the repo name from the first argument +repo = sys.argv[1] + +# Get the data file from the second argument +file = sys.argv[2] + +# Get the latest release version from Github API +url = "https://github.com/" + repo + "/releases/latest" +r = requests.get(url) +version = r.url.split('/')[-1] + +# Open the file in append mode +with open(file, "a") as f: + # Append a new line character at the end of file + f.write("\n") + # Append the version name to the file + f.write(version) diff --git a/scripts/github_repos.txt b/scripts/github_repos.txt new file mode 100644 index 00000000..bd4c9156 --- /dev/null +++ b/scripts/github_repos.txt @@ -0,0 +1,34 @@ + +elastic/beats/tree/master/auditbeat' +hashicorp/boundary' +PowerShell/PowerShell.git' +prometheus/prometheus' +ceph/ceph' +Icinga/icinga2 +example42/hdm' +vdukhovni/postfix' +microsoft/PowerToys.git' +LibreOffice/core' +apache/activemq' +pypa/pip' +nats-io/nats-server' +puppetlabs/bolt' +tigeli/bind-utils' +hashicorp/vault.git +telegramdesktop/tdesktop.git' +obsproject/obs-studio.git' +apache/httpd' +ansible/ansible' +microsoft/vscode' +projectdiscovery/nuclei' +microsoft/SCXcore.git' +Sysinternals/SysinternalsEBPF.git' +telegramdesktop/tdesktop.git' +Sysinternals/SysmonForLinux' +Sysinternals/ProcDump-for-Linux' +microsoft/omi.git' +git/git' +hashicorp/vagrant.git +telegramdesktop/tdesktop.git' +smicallef/spiderfoot' +Azure/azure-cli