From 3d7cd8a44e05a46960d30e6e150e5a8a47cabc66 Mon Sep 17 00:00:00 2001
From: Nils Olof Paulsson <nils.olof.paulsson@liu.se>
Date: Mon, 20 May 2024 16:43:32 +0200
Subject: [PATCH 01/28] gotofirehelld
---
manifests/firewall.pp | 44 +++++++++++++++++++++++---
templates/55-permit-skadereg.rules.erb | 16 ----------
2 files changed, 40 insertions(+), 20 deletions(-)
delete mode 100644 templates/55-permit-skadereg.rules.erb
diff --git a/manifests/firewall.pp b/manifests/firewall.pp
index a7f914c..a46181b 100644
--- a/manifests/firewall.pp
+++ b/manifests/firewall.pp
@@ -1,8 +1,44 @@
# Class for skadereg firewall
class aim_control::firewall {
- ::server_firewall::constricto_chain { 'skadereg': }
- ::server_firewall::rules_file { '55-permit-skadereg.rules':
- content => template("${module_name}/55-permit-skadereg.rules.erb"),
- require => ::Server_firewall::Constricto_chain['skadereg'],
+ firewalld_rich_rule { 'Allow 33060 from liu ipv4':
+ ensure => present,
+ zone => 'liu',
+ source => { 'ipset' => 'liu-nets_v4' },
+ port => { 'port' => 33060, 'protocol' => 'tcp' },
+ action => 'accept',
+ }
+ firewalld_rich_rule { 'Allow 33060 from liu ipv6':
+ ensure => present,
+ zone => 'liu',
+ source => { 'ipset' => 'liu-nets_v6' },
+ port => { 'port' => 33060, 'protocol' => 'tcp' },
+ action => 'accept',
+ }
+ firewalld_rich_rule { 'Allow ssh from liu 10.243.0.0/16':
+ ensure => present,
+ zone => 'liu',
+ source => '10.243.0.0/16',
+ service => 'ssh',
+ action => 'accept',
+ }
+ firewalld_service { 'Allow https from liu Zone':
+ ensure => present,
+ zone => 'liu',
+ service => 'https',
+ }
+ firewalld_service { 'Allow http from liu Zone':
+ ensure => present,
+ zone => 'liu',
+ service => 'http',
+ }
+ firewalld_service { 'Allow https from public Zone':
+ ensure => present,
+ zone => 'public',
+ service => 'https',
+ }
+ firewalld_service { 'Allow http from public Zone':
+ ensure => present,
+ zone => 'public',
+ service => 'http',
}
}
diff --git a/templates/55-permit-skadereg.rules.erb b/templates/55-permit-skadereg.rules.erb
deleted file mode 100644
index d09bad5..0000000
--- a/templates/55-permit-skadereg.rules.erb
+++ /dev/null
@@ -1,16 +0,0 @@
-require services
-
-policy skadereg chain skadereg is
- accept service:http
- accept service:https
-end policy
-
-append rule INPUT -j skadereg
-append rule INPUT -s class:liu-nets -p tcp --dport 33060:33060 -j ACCEPT
-
-
-# <%# Put installed file in view mode when opened with Emacs: -%>
-# <%= "Nota bene: Puppet managed file, all local changes will be reverted." %>
-# <%= "Local" %> <%= "variables:" %>
-# mode: view
-# <%= "End:" %>
--
GitLab
From db40b95161ce4d4bb9ea3679e467ff0797a5ce0c Mon Sep 17 00:00:00 2001
From: Nils Olof Paulsson <nils.olof.paulsson@liu.se>
Date: Mon, 20 May 2024 16:46:07 +0200
Subject: [PATCH 02/28] pdkupdate
---
.rubocop.yml | 7 +
.vscode/extensions.json | 1 +
Gemfile | 25 +-
Rakefile | 79 ------
manifests/update_report.txt | 493 ------------------------------------
metadata.json | 4 +-
spec/spec_helper.rb | 5 +-
7 files changed, 25 insertions(+), 589 deletions(-)
delete mode 100644 manifests/update_report.txt
diff --git a/.rubocop.yml b/.rubocop.yml
index 5be1f9f..21b82b9 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -3,6 +3,7 @@ require:
- rubocop-performance
- rubocop-rspec
AllCops:
+ NewCops: enable
DisplayCopNames: true
TargetRubyVersion: '2.6'
Include:
@@ -527,6 +528,8 @@ Lint/DuplicateBranch:
Enabled: false
Lint/DuplicateMagicComment:
Enabled: false
+Lint/DuplicateMatchPattern:
+ Enabled: false
Lint/DuplicateRegexpCharacterClassElement:
Enabled: false
Lint/EmptyBlock:
@@ -643,6 +646,8 @@ Style/ComparableClamp:
Enabled: false
Style/ConcatArrayLiterals:
Enabled: false
+Style/DataInheritance:
+ Enabled: false
Style/DirEmpty:
Enabled: false
Style/DocumentDynamicEvalDefinition:
@@ -711,6 +716,8 @@ Style/RedundantHeredocDelimiterQuotes:
Enabled: false
Style/RedundantInitialize:
Enabled: false
+Style/RedundantLineContinuation:
+ Enabled: false
Style/RedundantSelfAssignmentBranch:
Enabled: false
Style/RedundantStringEscape:
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
index a5f6a2b..902e5f8 100644
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -5,5 +5,6 @@
"ms-vscode.powershell",
"EditorConfig.EditorConfig",
"glenbuktenica.unicode-substitutions"
+ "Shopify.ruby-lsp"
]
}
diff --git a/Gemfile b/Gemfile
index ca0e773..7a9ef2e 100644
--- a/Gemfile
+++ b/Gemfile
@@ -20,30 +20,29 @@ group :development do
gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "deep_merge", '~> 1.0', require: false
gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false
gem "facterdb", '~> 1.18', require: false
- gem "metadata-json-lint", '~> 3.0', require: false
- gem "puppetlabs_spec_helper", '~> 6.0', require: false
- gem "rspec-puppet-facts", '~> 2.0', require: false
- gem "codecov", '~> 0.2', require: false
+ gem "metadata-json-lint", '~> 4.0', require: false
+ gem "rspec-puppet-facts", '~> 3.0', require: false
gem "dependency_checker", '~> 1.0.0', require: false
gem "parallel_tests", '= 3.12.1', require: false
gem "pry", '~> 0.10', require: false
- gem "simplecov-console", '~> 0.5', require: false
+ gem "simplecov-console", '~> 0.9', require: false
gem "puppet-debugger", '~> 1.0', require: false
- gem "rubocop", '= 1.48.1', require: false
+ gem "rubocop", '~> 1.50.0', require: false
gem "rubocop-performance", '= 1.16.0', require: false
gem "rubocop-rspec", '= 2.19.0', require: false
- gem "puppet-strings", '~> 4.0', require: false
gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw]
end
-group :system_tests do
- gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw]
- gem "serverspec", '~> 2.41', require: false
-end
-group :release_prep do
+group :development, :release_prep do
gem "puppet-strings", '~> 4.0', require: false
- gem "puppetlabs_spec_helper", '~> 6.0', require: false
+ gem "puppetlabs_spec_helper", '~> 7.0', require: false
+end
+group :system_tests do
+ gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw]
+ gem "CFPropertyList", '< 3.0.7', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "serverspec", '~> 2.41', require: false
end
puppet_version = ENV['PUPPET_GEM_VERSION']
diff --git a/Rakefile b/Rakefile
index 74415a9..77590fe 100644
--- a/Rakefile
+++ b/Rakefile
@@ -4,85 +4,6 @@ require 'bundler'
require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus'
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-syntax/tasks/puppet-syntax'
-require 'github_changelog_generator/task' if Gem.loaded_specs.key? 'github_changelog_generator'
require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings'
-def changelog_user
- return unless Rake.application.top_level_tasks.include? "changelog"
- returnVal = nil || JSON.load(File.read('metadata.json'))['author']
- raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil?
- puts "GitHubChangelogGenerator user:#{returnVal}"
- returnVal
-end
-
-def changelog_project
- return unless Rake.application.top_level_tasks.include? "changelog"
-
- returnVal = nil
- returnVal ||= begin
- metadata_source = JSON.load(File.read('metadata.json'))['source']
- metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z})
-
- metadata_source_match && metadata_source_match[1]
- end
-
- raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil?
-
- puts "GitHubChangelogGenerator project:#{returnVal}"
- returnVal
-end
-
-def changelog_future_release
- return unless Rake.application.top_level_tasks.include? "changelog"
- returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version']
- raise "unable to find the future_release (version) in metadata.json" if returnVal.nil?
- puts "GitHubChangelogGenerator future_release:#{returnVal}"
- returnVal
-end
-
PuppetLint.configuration.send('disable_relative')
-
-
-if Gem.loaded_specs.key? 'github_changelog_generator'
- GitHubChangelogGenerator::RakeTask.new :changelog do |config|
- raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?
- config.user = "#{changelog_user}"
- config.project = "#{changelog_project}"
- config.future_release = "#{changelog_future_release}"
- config.exclude_labels = ['maintenance']
- config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)."
- config.add_pr_wo_labels = true
- config.issues = false
- config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB"
- config.configure_sections = {
- "Changed" => {
- "prefix" => "### Changed",
- "labels" => ["backwards-incompatible"],
- },
- "Added" => {
- "prefix" => "### Added",
- "labels" => ["enhancement", "feature"],
- },
- "Fixed" => {
- "prefix" => "### Fixed",
- "labels" => ["bug", "documentation", "bugfix"],
- },
- }
- end
-else
- desc 'Generate a Changelog from GitHub'
- task :changelog do
- raise <<EOM
-The changelog tasks depends on recent features of the github_changelog_generator gem.
-Please manually add it to your .sync.yml for now, and run `pdk update`:
----
-Gemfile:
- optional:
- ':development':
- - gem: 'github_changelog_generator'
- version: '~> 1.15'
- condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')"
-EOM
- end
-end
-
diff --git a/manifests/update_report.txt b/manifests/update_report.txt
deleted file mode 100644
index e37d83a..0000000
--- a/manifests/update_report.txt
+++ /dev/null
@@ -1,493 +0,0 @@
-/* Report generated by PDK at 2024-05-07 18:00:36 +0200 */
-
-
---- /home/nilpa76/user-repos/aim_control/metadata.json 2024-05-07 17:52:04.429712285 +0200
-+++ /home/nilpa76/user-repos/aim_control/metadata.json.pdknew 2024-05-07 18:00:36.727243586 +0200
-@@ -61,8 +61,8 @@
- "version_requirement": ">= 6.21.0 < 8.0.0"
- }
- ],
-- "pdk-version": "2.5.0",
-+ "pdk-version": "3.0.1",
- "template-url": "https://gitlab.it.liu.se/puppet-infra/pdk-templates.git#liu",
-- "template-ref": "heads/liu-0-g3298fb5"
-+ "template-ref": "heads/liu-0-g522eb00"
- }
-
-
---- /home/nilpa76/user-repos/aim_control/.gitignore 2024-05-07 17:52:04.429712285 +0200
-+++ /home/nilpa76/user-repos/aim_control/.gitignore.pdknew 2024-05-07 18:00:36.727697003 +0200
-@@ -16,7 +16,7 @@
- /log/
- /pkg/
- /spec/fixtures/manifests/
--/spec/fixtures/modules/
-+/spec/fixtures/modules/*
- /tmp/
- /vendor/
- /convert_report.txt
-
-
---- /home/nilpa76/user-repos/aim_control/.gitlab-ci.yml 2024-05-07 17:52:04.429712285 +0200
-+++ /home/nilpa76/user-repos/aim_control/.gitlab-ci.yml.pdknew 2024-05-07 18:00:36.727808772 +0200
-@@ -2,4 +2,8 @@
- include:
- - project: 'puppet-infra/shared-ci-piplines'
- file: '/puppet-module-pipeline.yaml'
-+ - local: .local-ci.yml
-+ rules:
-+ - exists:
-+ - .local-ci.yml
-
-
---- /home/nilpa76/user-repos/aim_control/.pdkignore 2024-05-07 17:52:04.429712285 +0200
-+++ /home/nilpa76/user-repos/aim_control/.pdkignore.pdknew 2024-05-07 18:00:36.728378355 +0200
-@@ -16,7 +16,7 @@
- /log/
- /pkg/
- /spec/fixtures/manifests/
--/spec/fixtures/modules/
-+/spec/fixtures/modules/*
- /tmp/
- /vendor/
- /convert_report.txt
-@@ -29,20 +29,17 @@
- *~
- \#*\#
- .\#*
--/appveyor.yml
--/.editorconfig
- /.fixtures.yml
- /Gemfile
- /.gitattributes
-+/.github/
- /.gitignore
--/.gitlab-ci.yml
- /.pdkignore
- /.puppet-lint.rc
- /Rakefile
- /rakelib/
- /.rspec
--/.rubocop.yml
--/.travis.yml
-+/..yml
- /.yardopts
- /spec/
- /.vscode/
-
-
---- /home/nilpa76/user-repos/aim_control/.rubocop.yml 2024-05-07 17:52:04.429712285 +0200
-+++ /home/nilpa76/user-repos/aim_control/.rubocop.yml.pdknew 2024-05-07 18:00:36.760334245 +0200
-@@ -4,7 +4,7 @@
- - rubocop-rspec
- AllCops:
- DisplayCopNames: true
-- TargetRubyVersion: '2.5'
-+ TargetRubyVersion: '2.6'
- Include:
- - "**/*.rb"
- Exclude:
-@@ -111,8 +111,14 @@
- Enabled: true
- Style/StringMethods:
- Enabled: true
-+Bundler/GemFilename:
-+ Enabled: false
- Bundler/InsecureProtocolSource:
- Enabled: false
-+Capybara/CurrentPathExpectation:
-+ Enabled: false
-+Capybara/VisibilityMatcher:
-+ Enabled: false
- Gemspec/DuplicatedAssignment:
- Enabled: false
- Gemspec/OrderedDependencies:
-@@ -287,11 +293,9 @@
- Enabled: false
- RSpec/Be:
- Enabled: false
--RSpec/Capybara/CurrentPathExpectation:
-- Enabled: false
- RSpec/Capybara/FeatureMethods:
- Enabled: false
--RSpec/Capybara/VisibilityMatcher:
-+RSpec/ContainExactly:
- Enabled: false
- RSpec/ContextMethod:
- Enabled: false
-@@ -331,6 +335,8 @@
- Enabled: false
- RSpec/LetBeforeExamples:
- Enabled: false
-+RSpec/MatchArray:
-+ Enabled: false
- RSpec/MissingExampleGroupArgument:
- Enabled: false
- RSpec/MultipleExpectations:
-@@ -373,8 +379,6 @@
- Enabled: false
- Style/AccessorGrouping:
- Enabled: false
--Style/AsciiComments:
-- Enabled: false
- Style/BisectedAttrAccessor:
- Enabled: false
- Style/CaseLikeIf:
-@@ -485,35 +489,235 @@
- Enabled: false
- Style/UnpackFirst:
- Enabled: false
-+Capybara/MatchStyle:
-+ Enabled: false
-+Capybara/NegationMatcher:
-+ Enabled: false
-+Capybara/SpecificActions:
-+ Enabled: false
-+Capybara/SpecificFinders:
-+ Enabled: false
-+Capybara/SpecificMatcher:
-+ Enabled: false
-+Gemspec/DeprecatedAttributeAssignment:
-+ Enabled: false
-+Gemspec/DevelopmentDependencies:
-+ Enabled: false
-+Gemspec/RequireMFA:
-+ Enabled: false
-+Layout/LineContinuationLeadingSpace:
-+ Enabled: false
-+Layout/LineContinuationSpacing:
-+ Enabled: false
-+Layout/LineEndStringConcatenationIndentation:
-+ Enabled: false
-+Layout/SpaceBeforeBrackets:
-+ Enabled: false
-+Lint/AmbiguousAssignment:
-+ Enabled: false
-+Lint/AmbiguousOperatorPrecedence:
-+ Enabled: false
-+Lint/AmbiguousRange:
-+ Enabled: false
-+Lint/ConstantOverwrittenInRescue:
-+ Enabled: false
-+Lint/DeprecatedConstants:
-+ Enabled: false
- Lint/DuplicateBranch:
- Enabled: false
-+Lint/DuplicateMagicComment:
-+ Enabled: false
- Lint/DuplicateRegexpCharacterClassElement:
- Enabled: false
- Lint/EmptyBlock:
- Enabled: false
- Lint/EmptyClass:
- Enabled: false
-+Lint/EmptyInPattern:
-+ Enabled: false
-+Lint/IncompatibleIoSelectWithFiberScheduler:
-+ Enabled: false
-+Lint/LambdaWithoutLiteralBlock:
-+ Enabled: false
- Lint/NoReturnInBeginEndBlocks:
- Enabled: false
-+Lint/NonAtomicFileOperation:
-+ Enabled: false
-+Lint/NumberedParameterAssignment:
-+ Enabled: false
-+Lint/OrAssignmentToConstant:
-+ Enabled: false
-+Lint/RedundantDirGlobSort:
-+ Enabled: false
-+Lint/RefinementImportMethods:
-+ Enabled: false
-+Lint/RequireRangeParentheses:
-+ Enabled: false
-+Lint/RequireRelativeSelfPath:
-+ Enabled: false
-+Lint/SymbolConversion:
-+ Enabled: false
- Lint/ToEnumArguments:
- Enabled: false
-+Lint/TripleQuotes:
-+ Enabled: false
- Lint/UnexpectedBlockArity:
- Enabled: false
- Lint/UnmodifiedReduceAccumulator:
- Enabled: false
-+Lint/UselessRescue:
-+ Enabled: false
-+Lint/UselessRuby2Keywords:
-+ Enabled: false
-+Metrics/CollectionLiteralLength:
-+ Enabled: false
-+Naming/BlockForwarding:
-+ Enabled: false
- Performance/CollectionLiteralInLoop:
- Enabled: false
-+Performance/ConcurrentMonotonicTime:
-+ Enabled: false
-+Performance/MapCompact:
-+ Enabled: false
-+Performance/RedundantEqualityComparisonBlock:
-+ Enabled: false
-+Performance/RedundantSplitRegexpArgument:
-+ Enabled: false
-+Performance/StringIdentifierArgument:
-+ Enabled: false
-+RSpec/BeEq:
-+ Enabled: false
-+RSpec/BeNil:
-+ Enabled: false
-+RSpec/ChangeByZero:
-+ Enabled: false
-+RSpec/ClassCheck:
-+ Enabled: false
-+RSpec/DuplicatedMetadata:
-+ Enabled: false
-+RSpec/ExcessiveDocstringSpacing:
-+ Enabled: false
-+RSpec/FactoryBot/ConsistentParenthesesStyle:
-+ Enabled: false
-+RSpec/FactoryBot/FactoryNameStyle:
-+ Enabled: false
-+RSpec/FactoryBot/SyntaxMethods:
-+ Enabled: false
-+RSpec/IdenticalEqualityAssertion:
-+ Enabled: false
-+RSpec/NoExpectationExample:
-+ Enabled: false
-+RSpec/PendingWithoutReason:
-+ Enabled: false
-+RSpec/Rails/AvoidSetupHook:
-+ Enabled: false
-+RSpec/Rails/HaveHttpStatus:
-+ Enabled: false
-+RSpec/Rails/InferredSpecType:
-+ Enabled: false
-+RSpec/Rails/MinitestAssertions:
-+ Enabled: false
-+RSpec/Rails/TravelAround:
-+ Enabled: false
-+RSpec/RedundantAround:
-+ Enabled: false
-+RSpec/SkipBlockInsideExample:
-+ Enabled: false
-+RSpec/SortMetadata:
-+ Enabled: false
-+RSpec/SubjectDeclaration:
-+ Enabled: false
-+RSpec/VerifiedDoubleReference:
-+ Enabled: false
-+Security/CompoundHash:
-+ Enabled: false
-+Security/IoMethods:
-+ Enabled: false
- Style/ArgumentsForwarding:
- Enabled: false
-+Style/ArrayIntersect:
-+ Enabled: false
- Style/CollectionCompact:
- Enabled: false
-+Style/ComparableClamp:
-+ Enabled: false
-+Style/ConcatArrayLiterals:
-+ Enabled: false
-+Style/DirEmpty:
-+ Enabled: false
- Style/DocumentDynamicEvalDefinition:
- Enabled: false
-+Style/EmptyHeredoc:
-+ Enabled: false
-+Style/EndlessMethod:
-+ Enabled: false
-+Style/EnvHome:
-+ Enabled: false
-+Style/FetchEnvVar:
-+ Enabled: false
-+Style/FileEmpty:
-+ Enabled: false
-+Style/FileRead:
-+ Enabled: false
-+Style/FileWrite:
-+ Enabled: false
-+Style/HashConversion:
-+ Enabled: false
-+Style/HashExcept:
-+ Enabled: false
-+Style/IfWithBooleanLiteralBranches:
-+ Enabled: false
-+Style/InPatternThen:
-+ Enabled: false
-+Style/MagicCommentFormat:
-+ Enabled: false
-+Style/MapCompactWithConditionalBlock:
-+ Enabled: false
-+Style/MapToHash:
-+ Enabled: false
-+Style/MapToSet:
-+ Enabled: false
-+Style/MinMaxComparison:
-+ Enabled: false
-+Style/MultilineInPatternThen:
-+ Enabled: false
- Style/NegatedIfElseCondition:
- Enabled: false
-+Style/NestedFileDirname:
-+ Enabled: false
- Style/NilLambda:
- Enabled: false
-+Style/NumberedParameters:
-+ Enabled: false
-+Style/NumberedParametersLimit:
-+ Enabled: false
-+Style/ObjectThen:
-+ Enabled: false
-+Style/OpenStructUse:
-+ Enabled: false
-+Style/OperatorMethodCall:
-+ Enabled: false
-+Style/QuotedSymbols:
-+ Enabled: false
- Style/RedundantArgument:
-+ Enabled: false
-+Style/RedundantConstantBase:
-+ Enabled: false
-+Style/RedundantDoubleSplatHashBraces:
-+ Enabled: false
-+Style/RedundantEach:
-+ Enabled: false
-+Style/RedundantHeredocDelimiterQuotes:
-+ Enabled: false
-+Style/RedundantInitialize:
-+ Enabled: false
-+Style/RedundantSelfAssignmentBranch:
-+ Enabled: false
-+Style/RedundantStringEscape:
-+ Enabled: false
-+Style/SelectByRegexp:
-+ Enabled: false
-+Style/StringChars:
- Enabled: false
- Style/SwapValues:
- Enabled: false
-
-
---- /home/nilpa76/user-repos/aim_control/Gemfile 2024-05-07 17:52:04.429712285 +0200
-+++ /home/nilpa76/user-repos/aim_control/Gemfile.pdknew 2024-05-07 18:00:36.761486068 +0200
-@@ -13,29 +13,37 @@
- end
- end
-
--ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
--minor_version = ruby_version_segments[0..1].join('.')
--
- group :development do
-- gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-- gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-- gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-- gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
-- gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
-- gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
-- gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
-- gem "voxpupuli-puppet-lint-plugins", '>= 3.0', require: false
-- gem "puppet-lint-absolute_classname-check", '>= 3.0.1', require: false
-- gem "puppet-lint-absolute_template_path", '>= 1.0.1', require: false
-- gem "puppet-lint-empty_trailing_lines", '>= 0.0.1', require: false
-- gem "puppet-lint-file_ensure-check", '>= 1.0.0', require: false
-- gem "puppet-lint-strict_indent-check", '>= 2.0.8', require: false
-- gem "puppet-lint-trailing_comma-check", '>= 0.4.3', require: false
-- gem "puppet-lint-unquoted_string-check", '>= 2.1.0', require: false
-+ gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-+ gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-+ gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-+ gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-+ gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-+ gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-+ gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false
-+ gem "facterdb", '~> 1.18', require: false
-+ gem "metadata-json-lint", '~> 3.0', require: false
-+ gem "puppetlabs_spec_helper", '~> 6.0', require: false
-+ gem "rspec-puppet-facts", '~> 2.0', require: false
-+ gem "codecov", '~> 0.2', require: false
-+ gem "dependency_checker", '~> 1.0.0', require: false
-+ gem "parallel_tests", '= 3.12.1', require: false
-+ gem "pry", '~> 0.10', require: false
-+ gem "simplecov-console", '~> 0.5', require: false
-+ gem "puppet-debugger", '~> 1.0', require: false
-+ gem "rubocop", '= 1.48.1', require: false
-+ gem "rubocop-performance", '= 1.16.0', require: false
-+ gem "rubocop-rspec", '= 2.19.0', require: false
-+ gem "puppet-strings", '~> 4.0', require: false
-+ gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw]
- end
- group :system_tests do
-- gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
-- gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
-+ gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw]
-+ gem "serverspec", '~> 2.41', require: false
-+end
-+group :release_prep do
-+ gem "puppet-strings", '~> 4.0', require: false
-+ gem "puppetlabs_spec_helper", '~> 6.0', require: false
- end
-
- puppet_version = ENV['PUPPET_GEM_VERSION']
-
-
---- /home/nilpa76/user-repos/aim_control/Rakefile 2024-05-07 17:52:04.429712285 +0200
-+++ /home/nilpa76/user-repos/aim_control/Rakefile.pdknew 2024-05-07 18:00:36.762031548 +0200
-@@ -1,12 +1,11 @@
- # frozen_string_literal: true
-
- require 'bundler'
--require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any?
-+require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus'
- require 'puppetlabs_spec_helper/rake_tasks'
- require 'puppet-syntax/tasks/puppet-syntax'
--require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any?
--require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any?
--require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any?
-+require 'github_changelog_generator/task' if Gem.loaded_specs.key? 'github_changelog_generator'
-+require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings'
-
- def changelog_user
- return unless Rake.application.top_level_tasks.include? "changelog"
-@@ -44,7 +43,7 @@
- PuppetLint.configuration.send('disable_relative')
-
-
--if Bundler.rubygems.find_name('github_changelog_generator').any?
-+if Gem.loaded_specs.key? 'github_changelog_generator'
- GitHubChangelogGenerator::RakeTask.new :changelog do |config|
- raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?
- config.user = "#{changelog_user}"
-
-
---- /home/nilpa76/user-repos/aim_control/spec/default_facts.yml 2024-05-07 17:52:04.429712285 +0200
-+++ /home/nilpa76/user-repos/aim_control/spec/default_facts.yml.pdknew 2024-05-07 18:00:36.762194646 +0200
-@@ -2,8 +2,9 @@
- #
- # Facts specified here will override the values provided by rspec-puppet-facts.
- ---
--ipaddress: "172.16.254.254"
--ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
-+networking:
-+ ip: "172.16.254.254"
-+ ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
-+ mac: "AA:AA:AA:AA:AA:AA"
- is_pe: false
--macaddress: "AA:AA:AA:AA:AA:AA"
-
-
---- /home/nilpa76/user-repos/aim_control/spec/spec_helper.rb 2024-05-07 17:52:04.429712285 +0200
-+++ /home/nilpa76/user-repos/aim_control/spec/spec_helper.rb.pdknew 2024-05-07 18:00:36.762465329 +0200
-@@ -28,8 +28,8 @@
- next unless File.exist?(f) && File.readable?(f) && File.size?(f)
-
- begin
-- default_facts.merge!(YAML.safe_load(File.read(f), [], [], true))
-- rescue => e
-+ default_facts.merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true))
-+ rescue StandardError => e
- RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
- end
- end
diff --git a/metadata.json b/metadata.json
index 353c674..fcabc24 100644
--- a/metadata.json
+++ b/metadata.json
@@ -61,7 +61,7 @@
"version_requirement": ">= 6.21.0 < 8.0.0"
}
],
- "pdk-version": "3.0.1",
+ "pdk-version": "3.2.0",
"template-url": "https://gitlab.it.liu.se/puppet-infra/pdk-templates.git#liu",
- "template-ref": "heads/liu-0-g522eb00"
+ "template-ref": "heads/liu-0-g4d4e981"
}
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 3f9a6c7..85b88af 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -28,7 +28,8 @@ default_fact_files.each do |f|
next unless File.exist?(f) && File.readable?(f) && File.size?(f)
begin
- default_facts.merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true))
+ require 'deep_merge'
+ default_facts.deep_merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true))
rescue StandardError => e
RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
end
@@ -36,7 +37,7 @@ end
# read default_facts and merge them over what is provided by facterdb
default_facts.each do |fact, value|
- add_custom_fact fact, value
+ add_custom_fact fact, value, merge_facts: true
end
RSpec.configure do |c|
--
GitLab
From 5917ad9bad463c79d531c4c3699c881017c362cc Mon Sep 17 00:00:00 2001
From: Nils Olof Paulsson <nils.olof.paulsson@liu.se>
Date: Wed, 22 May 2024 09:47:53 +0200
Subject: [PATCH 03/28] fixfamily
---
manifests/firewall.pp | 2 ++
1 file changed, 2 insertions(+)
diff --git a/manifests/firewall.pp b/manifests/firewall.pp
index a46181b..b71080a 100644
--- a/manifests/firewall.pp
+++ b/manifests/firewall.pp
@@ -5,6 +5,7 @@ class aim_control::firewall {
zone => 'liu',
source => { 'ipset' => 'liu-nets_v4' },
port => { 'port' => 33060, 'protocol' => 'tcp' },
+ family => 'ipv4',
action => 'accept',
}
firewalld_rich_rule { 'Allow 33060 from liu ipv6':
@@ -12,6 +13,7 @@ class aim_control::firewall {
zone => 'liu',
source => { 'ipset' => 'liu-nets_v6' },
port => { 'port' => 33060, 'protocol' => 'tcp' },
+ family => 'ipv6',
action => 'accept',
}
firewalld_rich_rule { 'Allow ssh from liu 10.243.0.0/16':
--
GitLab
From ef08f945dca6df6bf1377438d2e4846bbf841502 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Tue, 4 Jun 2024 20:49:50 +0200
Subject: [PATCH 04/28] Uncommented apache and php configs
---
manifests/init.pp | 38 +++++++++++++++++++-------------------
1 file changed, 19 insertions(+), 19 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index b0499e8..9b709a2 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -71,27 +71,27 @@ class aim_control (
}
include aim_control::firewall
- #include apache
+ include apache
include liurepo::remi
- # class { 'apache::mod::php':
- # package_name => 'php74',
- # php_version => '7',
- # }
- # include apache::mod::rewrite
-
- # package {
- # 'php74-php-pdo':
- # ensure => installed;
- # 'php74-php-mbstring':
- # ensure => installed;
- # 'php74-php-mysqlnd':
- # ensure => installed;
- # 'php74-php-common':
- # ensure => installed;
- # 'php74-php':
- # ensure => installed;
- # }
+ class { 'apache::mod::php':
+ package_name => 'php74',
+ php_version => '7',
+ }
+ include apache::mod::rewrite
+
+ package {
+ 'php74-php-pdo':
+ ensure => installed;
+ 'php74-php-mbstring':
+ ensure => installed;
+ 'php74-php-mysqlnd':
+ ensure => installed;
+ 'php74-php-common':
+ ensure => installed;
+ 'php74-php':
+ ensure => installed;
+ }
# file { '/etc/httpd/modules/libphp7.so':
# ensure => link,
--
GitLab
From da62b3a286a5d264fe82efc81a73e3cb18d78ea7 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Fri, 7 Jun 2024 14:38:19 +0200
Subject: [PATCH 05/28] Added own definition for remi
---
manifests/init.pp | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 9b709a2..f3d5f2d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -71,8 +71,27 @@ class aim_control (
}
include aim_control::firewall
+
+ class aim_control::remi {
+ # Ensure the Remi release package is installed
+ package { 'remi-release':
+ ensure => installed,
+ provider => 'rpm',
+ source => 'https://rpms.remirepo.net/enterprise/remi-release-9.rpm',
+ before => Exec['enable remi-php74'],
+ }
+
+ # Enable PHP 7.4 module
+ exec { 'enable remi-php74':
+ command => 'dnf module enable php:remi-7.4 -y',
+ path => ['/bin', '/usr/bin'],
+ refreshonly => true,
+ require => Package['remi-release'],
+ }
+ }
+
include apache
- include liurepo::remi
+ include aim_control::remi
class { 'apache::mod::php':
package_name => 'php74',
--
GitLab
From 7a590d757fa1bde58a6c0de28b45c673104677e7 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Fri, 7 Jun 2024 14:55:46 +0200
Subject: [PATCH 06/28] Moved remirepo class
---
manifests/init.pp | 21 +--------------------
manifests/remirepo.pp | 17 +++++++++++++++++
2 files changed, 18 insertions(+), 20 deletions(-)
create mode 100644 manifests/remirepo.pp
diff --git a/manifests/init.pp b/manifests/init.pp
index f3d5f2d..6175738 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -71,27 +71,8 @@ class aim_control (
}
include aim_control::firewall
-
- class aim_control::remi {
- # Ensure the Remi release package is installed
- package { 'remi-release':
- ensure => installed,
- provider => 'rpm',
- source => 'https://rpms.remirepo.net/enterprise/remi-release-9.rpm',
- before => Exec['enable remi-php74'],
- }
-
- # Enable PHP 7.4 module
- exec { 'enable remi-php74':
- command => 'dnf module enable php:remi-7.4 -y',
- path => ['/bin', '/usr/bin'],
- refreshonly => true,
- require => Package['remi-release'],
- }
- }
-
include apache
- include aim_control::remi
+ include aim_control::remirepo
class { 'apache::mod::php':
package_name => 'php74',
diff --git a/manifests/remirepo.pp b/manifests/remirepo.pp
new file mode 100644
index 0000000..edfd545
--- /dev/null
+++ b/manifests/remirepo.pp
@@ -0,0 +1,17 @@
+class aim_control::remirepo {
+ # Ensure the Remi release package is installed
+ package { 'remi-release':
+ ensure => installed,
+ provider => 'rpm',
+ source => 'https://rpms.remirepo.net/enterprise/remi-release-9.rpm',
+ before => Exec['enable remi-php74'],
+ }
+
+ # Enable PHP 7.4 module
+ exec { 'enable remi-php74':
+ command => 'dnf module enable php:remi-7.4 -y',
+ path => ['/bin', '/usr/bin'],
+ refreshonly => true,
+ require => Package['remi-release'],
+ }
+ }
--
GitLab
From 2a9f5178c162e000ed83f7bec83edef961b6ce89 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Fri, 7 Jun 2024 15:11:33 +0200
Subject: [PATCH 07/28] Adding epel-release
---
manifests/remirepo.pp | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/manifests/remirepo.pp b/manifests/remirepo.pp
index edfd545..f3b6d95 100644
--- a/manifests/remirepo.pp
+++ b/manifests/remirepo.pp
@@ -1,4 +1,10 @@
class aim_control::remirepo {
+ package { 'epel-release':
+ ensure => installed,
+ provider => 'dnf',
+ before => Package['remi-release'],
+ }
+
# Ensure the Remi release package is installed
package { 'remi-release':
ensure => installed,
--
GitLab
From f331560d6a2ae2d7a258a9fceff612b4927d2287 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Fri, 7 Jun 2024 15:30:29 +0200
Subject: [PATCH 08/28] Took back liurepo::remi
---
manifests/init.pp | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 6175738..7dd072b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -72,7 +72,14 @@ class aim_control (
include aim_control::firewall
include apache
- include aim_control::remirepo
+ include liurepo::remi
+
+ exec { 'enable remi-php74':
+ command => 'dnf module enable php:remi-7.4 -y',
+ path => ['/bin', '/usr/bin'],
+ unless => 'dnf module list php:remi-7.4 | grep -q "[e]"',
+ require => Class['liurepo::remi'],
+ }
class { 'apache::mod::php':
package_name => 'php74',
--
GitLab
From 61f54d5f10f0bcf94012dc1fef4e170c139f4a6f Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Fri, 7 Jun 2024 15:44:13 +0200
Subject: [PATCH 09/28] Uncommented more in init
---
manifests/init.pp | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 7dd072b..6e6585a 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -100,11 +100,11 @@ class aim_control (
ensure => installed;
}
- # file { '/etc/httpd/modules/libphp7.so':
- # ensure => link,
- # target => '/opt/remi/php74/root/usr/lib64/httpd/modules/libphp7.so',
- # before => Service['httpd'],
- # }
+ file { '/etc/httpd/modules/libphp7.so':
+ ensure => link,
+ target => '/opt/remi/php74/root/usr/lib64/httpd/modules/libphp7.so',
+ before => Service['httpd'],
+ }
include profiles::letsencrypt
--
GitLab
From f9cf5e4aedc6967a9618828d1b0fb1f989e43532 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Fri, 7 Jun 2024 17:20:00 +0200
Subject: [PATCH 10/28] Uncommenting mysql
---
manifests/init.pp | 64 +++++++++++++++++++++++------------------------
1 file changed, 32 insertions(+), 32 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 6e6585a..02301a9 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -187,38 +187,38 @@ class aim_control (
# command => 'php /var/www/skadereg/artisan schedule:run &> /dev/null',
# }
- # $db_name = 'homestead'
-
- # class { 'mysql::server':
- # root_password => $mysql_password,
- # databases => {
- # $db_name => {
- # ensure => present,
- # charset => 'utf8',
- # },
- # },
- # users => {
- # "${skadereg_ro_user}@%" => {
- # ensure => present,
- # password_hash => mysql_password($skadereg_ro_password),
- # },
- # },
- # grants => {
- # 'root@%/*.*' => {
- # ensure => present,
- # options => ['GRANT'],
- # privileges => ['ALL'],
- # table => '*.*',
- # user => 'root@%',
- # },
- # },
- # override_options => {
- # mysqld => {
- # 'bind-address' => '0.0.0.0',
- # port => 33060,
- # },
- # },
- # }
+ $db_name = 'homestead'
+
+ class { 'mysql::server':
+ root_password => $mysql_password,
+ databases => {
+ $db_name => {
+ ensure => present,
+ charset => 'utf8',
+ },
+ },
+ users => {
+ "${skadereg_ro_user}@%" => {
+ ensure => present,
+ password_hash => mysql_password($skadereg_ro_password),
+ },
+ },
+ grants => {
+ 'root@%/*.*' => {
+ ensure => present,
+ options => ['GRANT'],
+ privileges => ['ALL'],
+ table => '*.*',
+ user => 'root@%',
+ },
+ },
+ override_options => {
+ mysqld => {
+ 'bind-address' => '0.0.0.0',
+ port => 33060,
+ },
+ },
+ }
# ['entries', 'guardian_confirmations', 'users'].each |String $table| {
# mysql_grant { "${skadereg_ro_user}@%/${db_name}.${table}":
--
GitLab
From a3e39699080fecb02840d8607dcdef0d61e531b3 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Fri, 7 Jun 2024 17:38:20 +0200
Subject: [PATCH 11/28] Update mysql config
---
manifests/init.pp | 70 +++++++++++++++++++++++++++--------------------
1 file changed, 41 insertions(+), 29 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 02301a9..33f6f4d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -189,36 +189,48 @@ class aim_control (
$db_name = 'homestead'
- class { 'mysql::server':
- root_password => $mysql_password,
- databases => {
- $db_name => {
- ensure => present,
- charset => 'utf8',
- },
- },
- users => {
- "${skadereg_ro_user}@%" => {
- ensure => present,
- password_hash => mysql_password($skadereg_ro_password),
- },
- },
- grants => {
- 'root@%/*.*' => {
- ensure => present,
- options => ['GRANT'],
- privileges => ['ALL'],
- table => '*.*',
- user => 'root@%',
- },
- },
- override_options => {
- mysqld => {
- 'bind-address' => '0.0.0.0',
- port => 33060,
- },
- },
+class { 'mysql::server':
+ root_password => $mysql_password,
+ override_options => {
+ 'mysqld' => {
+ 'bind-address' => '0.0.0.0',
+ 'port' => 33060,
+ }
}
+}
+
+mysql::db { $db_name:
+ user => $skadereg_ro_user,
+ password => $skadereg_ro_password,
+ host => '%',
+ charset => 'utf8',
+}
+
+mysql_user { 'root@%':
+ ensure => 'present',
+ password_hash => mysql_password($mysql_password),
+}
+
+mysql_grant { 'root@%/*.*':
+ ensure => 'present',
+ options => ['GRANT'],
+ privileges => ['ALL'],
+ table => '*.*',
+ user => 'root@%',
+}
+
+mysql_user { "${skadereg_ro_user}@%":
+ ensure => 'present',
+ password_hash => mysql_password($skadereg_ro_password),
+}
+
+mysql_grant { "${skadereg_ro_user}@%/${db_name}.*":
+ ensure => 'present',
+ privileges => ['SELECT'],
+ table => "${db_name}.*",
+ user => "${skadereg_ro_user}@%",
+}
+
# ['entries', 'guardian_confirmations', 'users'].each |String $table| {
# mysql_grant { "${skadereg_ro_user}@%/${db_name}.${table}":
--
GitLab
From 13ae94d8452902e2181a82dab6c9e6310b59fdd9 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Fri, 7 Jun 2024 17:56:56 +0200
Subject: [PATCH 12/28] Fixing error
---
manifests/init.pp | 1 -
1 file changed, 1 deletion(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 33f6f4d..fdcabda 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -231,7 +231,6 @@ mysql_grant { "${skadereg_ro_user}@%/${db_name}.*":
user => "${skadereg_ro_user}@%",
}
-
# ['entries', 'guardian_confirmations', 'users'].each |String $table| {
# mysql_grant { "${skadereg_ro_user}@%/${db_name}.${table}":
# ensure => present,
--
GitLab
From 1570f655a47467e67c6fff7bcd521419e673c4d9 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Sat, 8 Jun 2024 17:34:13 +0200
Subject: [PATCH 13/28] Trying again with mysql
---
manifests/init.pp | 75 ++++++++++++++++++++++-------------------------
1 file changed, 35 insertions(+), 40 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index fdcabda..a623bac 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -189,47 +189,42 @@ class aim_control (
$db_name = 'homestead'
-class { 'mysql::server':
- root_password => $mysql_password,
- override_options => {
- 'mysqld' => {
- 'bind-address' => '0.0.0.0',
- 'port' => 33060,
- }
+ class { 'mysql::server':
+ root_password => $mysql_password,
+ databases => {
+ $db_name => {
+ ensure => 'present',
+ charset => 'utf8',
+ },
+ },
+ users => {
+ "${skadereg_ro_user}@%" => {
+ ensure => 'present',
+ password_hash => mysql_password($skadereg_ro_password),
+ },
+ },
+ grants => {
+ "${skadereg_ro_user}@%/${db_name}.*" => {
+ ensure => 'present',
+ privileges => ['SELECT'],
+ table => "${db_name}.*",
+ user => "${skadereg_ro_user}@%",
+ },
+ 'root@%' => {
+ ensure => 'present',
+ options => ['GRANT'],
+ privileges => ['ALL'],
+ table => '*.*',
+ user => 'root@%',
+ },
+ },
+ override_options => {
+ mysqld => {
+ 'bind-address' => '0.0.0.0',
+ port => 33060,
+ },
+ },
}
-}
-
-mysql::db { $db_name:
- user => $skadereg_ro_user,
- password => $skadereg_ro_password,
- host => '%',
- charset => 'utf8',
-}
-
-mysql_user { 'root@%':
- ensure => 'present',
- password_hash => mysql_password($mysql_password),
-}
-
-mysql_grant { 'root@%/*.*':
- ensure => 'present',
- options => ['GRANT'],
- privileges => ['ALL'],
- table => '*.*',
- user => 'root@%',
-}
-
-mysql_user { "${skadereg_ro_user}@%":
- ensure => 'present',
- password_hash => mysql_password($skadereg_ro_password),
-}
-
-mysql_grant { "${skadereg_ro_user}@%/${db_name}.*":
- ensure => 'present',
- privileges => ['SELECT'],
- table => "${db_name}.*",
- user => "${skadereg_ro_user}@%",
-}
# ['entries', 'guardian_confirmations', 'users'].each |String $table| {
# mysql_grant { "${skadereg_ro_user}@%/${db_name}.${table}":
--
GitLab
From d749cd933d620132c6e4287b28dc4173fb2d6149 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Sat, 8 Jun 2024 20:03:05 +0200
Subject: [PATCH 14/28] Testing new config for mysql
---
manifests/init.pp | 69 +++++++++++++++++++++++++++--------------------
1 file changed, 40 insertions(+), 29 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index a623bac..8b82866 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -191,39 +191,50 @@ class aim_control (
class { 'mysql::server':
root_password => $mysql_password,
- databases => {
- $db_name => {
- ensure => 'present',
- charset => 'utf8',
- },
- },
- users => {
- "${skadereg_ro_user}@%" => {
- ensure => 'present',
- password_hash => mysql_password($skadereg_ro_password),
- },
- },
- grants => {
- "${skadereg_ro_user}@%/${db_name}.*" => {
- ensure => 'present',
- privileges => ['SELECT'],
- table => "${db_name}.*",
- user => "${skadereg_ro_user}@%",
- },
- 'root@%' => {
- ensure => 'present',
- options => ['GRANT'],
- privileges => ['ALL'],
- table => '*.*',
- user => 'root@%',
- },
- },
override_options => {
- mysqld => {
+ 'mysqld' => {
'bind-address' => '0.0.0.0',
- port => 33060,
+ 'port' => 33060,
+ 'socket' => '/var/lib/mysql/mysql.sock', # Add socket path explicitly if needed
},
},
+ restart => true, # Ensure server restarts to apply configuration changes
+ }
+
+ # Create the database with the necessary charset
+ mysql::db { $db_name:
+ user => $skadereg_ro_user,
+ password => $skadereg_ro_password,
+ host => '%',
+ charset => 'utf8',
+ grant => ['SELECT'],
+ }
+
+ # Create the root user with full privileges
+ mysql_user { 'root@%':
+ ensure => 'present',
+ password_hash => mysql_password($mysql_password),
+ }
+
+ mysql_grant { 'root@%/*.*':
+ ensure => 'present',
+ options => ['GRANT'],
+ privileges => ['ALL'],
+ table => '*.*',
+ user => 'root@%',
+ }
+
+ # Create the read-only user with select privileges on the database
+ mysql_user { "${skadereg_ro_user}@%":
+ ensure => 'present',
+ password_hash => mysql_password($skadereg_ro_password),
+ }
+
+ mysql_grant { "${skadereg_ro_user}@%/${db_name}.*":
+ ensure => 'present',
+ privileges => ['SELECT'],
+ table => "${db_name}.*",
+ user => "${skadereg_ro_user}@%",
}
# ['entries', 'guardian_confirmations', 'users'].each |String $table| {
--
GitLab
From b47c0273d23a8fa7af5b47d480645c7dbbe6b56a Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Wed, 12 Jun 2024 14:45:22 +0200
Subject: [PATCH 15/28] Trying to remove duplicate error
---
manifests/init.pp | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 8b82866..a0293c9 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -224,7 +224,8 @@ class aim_control (
user => 'root@%',
}
- # Create the read-only user with select privileges on the database
+# Check to avoid duplication errors
+ if ! defined(Mysql_user["${skadereg_ro_user}@%"]) {
mysql_user { "${skadereg_ro_user}@%":
ensure => 'present',
password_hash => mysql_password($skadereg_ro_password),
@@ -236,6 +237,7 @@ class aim_control (
table => "${db_name}.*",
user => "${skadereg_ro_user}@%",
}
+}
# ['entries', 'guardian_confirmations', 'users'].each |String $table| {
# mysql_grant { "${skadereg_ro_user}@%/${db_name}.${table}":
--
GitLab
From b4a6cbaaf5616e335317be5543973592fa8551e1 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Wed, 12 Jun 2024 17:38:02 +0200
Subject: [PATCH 16/28] Trying to remove duplicate error again
---
manifests/init.pp | 15 ---------------
1 file changed, 15 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index a0293c9..39c8220 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -224,21 +224,6 @@ class aim_control (
user => 'root@%',
}
-# Check to avoid duplication errors
- if ! defined(Mysql_user["${skadereg_ro_user}@%"]) {
- mysql_user { "${skadereg_ro_user}@%":
- ensure => 'present',
- password_hash => mysql_password($skadereg_ro_password),
- }
-
- mysql_grant { "${skadereg_ro_user}@%/${db_name}.*":
- ensure => 'present',
- privileges => ['SELECT'],
- table => "${db_name}.*",
- user => "${skadereg_ro_user}@%",
- }
-}
-
# ['entries', 'guardian_confirmations', 'users'].each |String $table| {
# mysql_grant { "${skadereg_ro_user}@%/${db_name}.${table}":
# ensure => present,
--
GitLab
From 06a7e6c8bae021eb92a1277dca79277860d1b446 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Wed, 12 Jun 2024 19:15:51 +0200
Subject: [PATCH 17/28] Uncomment code for laravel repo
---
manifests/init.pp | 30 +++++++++++++++---------------
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 39c8220..7641b81 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -141,22 +141,22 @@ class aim_control (
# ],
# }
- # file { '/var/www/skadereg/':
- # ensure => directory,
- # owner => 'apache',
- # group => 'skadereg',
- # mode => '0770',
- # recurse => true,
- # }
+ file { '/var/www/skadereg/':
+ ensure => directory,
+ owner => 'apache',
+ group => 'skadereg',
+ mode => '0770',
+ recurse => true,
+ }
- # -> vcsrepo { '/var/www/skadereg':
- # ensure => latest,
- # before => File['/var/www/skadereg/public'],
- # provider => git,
- # source => 'git@gitlab.liu.se:aim-control/laravel.git',
- # user => 'apache',
- # group => 'skadereg',
- # }
+ -> vcsrepo { '/var/www/skadereg':
+ ensure => latest,
+ before => File['/var/www/skadereg/public'],
+ provider => git,
+ source => 'git@gitlab.liu.se:aim-control/laravel.git',
+ user => 'apache',
+ group => 'skadereg',
+ }
# -> file { '/var/www/skadereg/.env':
# ensure => file,
--
GitLab
From ce169e4c88c90918354383ebe5adee3aea2f20aa Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Wed, 12 Jun 2024 20:22:18 +0200
Subject: [PATCH 18/28] Fixing error for adding repo
---
manifests/init.pp | 1 -
1 file changed, 1 deletion(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 7641b81..fb654be 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -151,7 +151,6 @@ class aim_control (
-> vcsrepo { '/var/www/skadereg':
ensure => latest,
- before => File['/var/www/skadereg/public'],
provider => git,
source => 'git@gitlab.liu.se:aim-control/laravel.git',
user => 'apache',
--
GitLab
From bc2119a1791c13a9232497a2265a153e0792046d Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Thu, 13 Jun 2024 13:44:09 +0200
Subject: [PATCH 19/28] Uncommented apache vhost configs
---
manifests/init.pp | 63 +++++++++++++++++++++++++----------------------
1 file changed, 33 insertions(+), 30 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index fb654be..33f5f0b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -112,35 +112,6 @@ class aim_control (
$chain = fact("letsencrypt_certs.\"${fact('networking.fqdn')}\".files.chain")
$key = fact("letsencrypt_certs.\"${fact('networking.fqdn')}\".files.key")
- # apache::vhost { 'default:80':
- # servername => $facts['networking']['fqdn'],
- # default_vhost => true,
- # port => '80',
- # docroot => '/var/www/html',
- # redirect_status => 'permanent',
- # redirect_dest => "https://${facts['networking']['fqdn']}/",
- # }
-
- # apache::vhost { "${facts['networking']['fqdn']}:443":
- # servername => $facts['networking']['fqdn'],
- # port => '443',
- # ssl => true,
- # ssl_cert => $cert,
- # ssl_chain => $chain,
- # ssl_key => $key,
- # headers => ['Set Strict-Transport-Security "max-age=31536000"',],
- # docroot => '/var/www/skadereg/public',
- # docroot_owner => 'apache',
- # docroot_group => 'skadereg',
- # directories => [
- # {
- # path => '/var/www/skadereg/public',
- # allow_override => [ 'ALL' ],
- # directoryindex => 'index.php',
- # }
- # ],
- # }
-
file { '/var/www/skadereg/':
ensure => directory,
owner => 'apache',
@@ -149,12 +120,44 @@ class aim_control (
recurse => true,
}
- -> vcsrepo { '/var/www/skadereg':
+# TODO: Add setup for keys
+ vcsrepo { '/var/www/skadereg':
ensure => latest,
provider => git,
source => 'git@gitlab.liu.se:aim-control/laravel.git',
user => 'apache',
group => 'skadereg',
+ require => File['/var/www/skadereg/'], # Ensure directory is created first
+ }
+
+ apache::vhost { 'default:80':
+ servername => $facts['networking']['fqdn'],
+ default_vhost => true,
+ port => 80,
+ docroot => '/var/www/html',
+ redirect_status => 'permanent',
+ redirect_dest => "https://${facts['networking']['fqdn']}/",
+ }
+
+ apache::vhost { "${facts['networking']['fqdn']}:443":
+ servername => $facts['networking']['fqdn'],
+ port => 443,
+ ssl => true,
+ ssl_cert => $cert,
+ ssl_chain => $chain,
+ ssl_key => $key,
+ headers => ['Set Strict-Transport-Security "max-age=31536000"'],
+ docroot => '/var/www/skadereg/public',
+ docroot_owner => 'apache',
+ docroot_group => 'skadereg',
+ directories => [
+ {
+ path => '/var/www/skadereg/public',
+ allow_override => ['ALL'],
+ directoryindex => 'index.php',
+ }
+ ],
+ require => Vcsrepo['/var/www/skadereg'], # Ensure VCS repo is checked out first
}
# -> file { '/var/www/skadereg/.env':
--
GitLab
From d4f2e505661b0580cbfc1a142297aef553b2c353 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Thu, 13 Jun 2024 14:35:10 +0200
Subject: [PATCH 20/28] Uncomment .env config
---
manifests/init.pp | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 33f5f0b..682ee3a 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -160,13 +160,14 @@ class aim_control (
require => Vcsrepo['/var/www/skadereg'], # Ensure VCS repo is checked out first
}
- # -> file { '/var/www/skadereg/.env':
- # ensure => file,
- # owner => 'apache',
- # group => 'skadereg',
- # mode => '0660',
- # content => template("${module_name}/dotenv.erb"),
- # }
+ file { '/var/www/skadereg/.env':
+ ensure => file,
+ owner => 'apache',
+ group => 'skadereg',
+ mode => '0660',
+ content => template("${module_name}/dotenv.erb"),
+ require => Vcsrepo['/var/www/skadereg'], # Ensure VCS repo is checked out first
+ }
# exec { 'artisan migrate':
# command => 'php artisan migrate --force -n',
--
GitLab
From 52410647c366159eed5f8b8d4a1dc72048997040 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Thu, 13 Jun 2024 19:17:29 +0200
Subject: [PATCH 21/28] Uncommenting migration config
---
manifests/init.pp | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 682ee3a..ed882d8 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -169,15 +169,15 @@ class aim_control (
require => Vcsrepo['/var/www/skadereg'], # Ensure VCS repo is checked out first
}
- # exec { 'artisan migrate':
- # command => 'php artisan migrate --force -n',
- # cwd => '/var/www/skadereg',
- # path => [ '/opt/remi/php74/root/bin/' ],
- # refreshonly => true,
- # group => 'skadereg',
- # user => 'apache',
- # subscribe => [ Vcsrepo['/var/www/skadereg'], File[ '/var/www/skadereg' ], ],
- # }
+ exec { 'artisan migrate':
+ command => 'php artisan migrate --force -n',
+ cwd => '/var/www/skadereg',
+ path => ['/opt/remi/php74/root/bin/'],
+ refreshonly => true,
+ group => 'skadereg',
+ user => 'apache',
+ subscribe => [Vcsrepo['/var/www/skadereg'], File['/var/www/skadereg'],],
+ }
# cron { 'artisan schedule:run':
# minute => '*',
--
GitLab
From 1248a8e2c8ba6824c5f32b5834f33603be8b949b Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Thu, 13 Jun 2024 20:42:13 +0200
Subject: [PATCH 22/28] Uncommenting cron config
---
manifests/init.pp | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index ed882d8..867a8b1 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -179,16 +179,16 @@ class aim_control (
subscribe => [Vcsrepo['/var/www/skadereg'], File['/var/www/skadereg'],],
}
- # cron { 'artisan schedule:run':
- # minute => '*',
- # hour => '*',
- # monthday => '*',
- # month => '*',
- # weekday => '*',
- # user => 'apache',
- # environment => [ 'PATH=/opt/remi/php74/root/bin:/usr/bin:/bin', 'SHELL=/bin/bash' ],
- # command => 'php /var/www/skadereg/artisan schedule:run &> /dev/null',
- # }
+ cron { 'artisan schedule:run':
+ minute => '*',
+ hour => '*',
+ monthday => '*',
+ month => '*',
+ weekday => '*',
+ user => 'apache',
+ environment => ['PATH=/opt/remi/php74/root/bin:/usr/bin:/bin', 'SHELL=/bin/bash'],
+ command => 'php /var/www/skadereg/artisan schedule:run &> /dev/null',
+ }
$db_name = 'homestead'
--
GitLab
From 23b2ac372d5688c6ff9324c357b4c92e90699bab Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Thu, 13 Jun 2024 21:02:45 +0200
Subject: [PATCH 23/28] Uncommenting mysql backup config
---
manifests/init.pp | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 867a8b1..7d9e1b9 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -236,14 +236,14 @@ class aim_control (
# }
# }
- # class { 'mysql::server::backup':
- # backupuser => 'backupuser',
- # backuppassword => $mysql_backup_password,
- # backupdir => '/root/mysql_backups',
- # backupdirmode => '700',
- # backupdirowner => 'root',
- # backupdirgroup => 'root',
- # backuprotate => '7',
- # time => ['1','0'],
- # }
+ class { 'mysql::server::backup':
+ backupuser => 'backupuser',
+ backuppassword => $mysql_backup_password,
+ backupdir => '/root/mysql_backups',
+ backupdirmode => '700',
+ backupdirowner => 'root',
+ backupdirgroup => 'root',
+ backuprotate => '7',
+ time => ['1','0'],
+ }
}
--
GitLab
From 1cd01995d1e071e9a18310c102f5cc1e6f88f1fa Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Sat, 15 Jun 2024 12:39:54 +0200
Subject: [PATCH 24/28] Changing permissions for mysql directory
---
manifests/init.pp | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 7d9e1b9..3bc6c37 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -127,7 +127,7 @@ class aim_control (
source => 'git@gitlab.liu.se:aim-control/laravel.git',
user => 'apache',
group => 'skadereg',
- require => File['/var/www/skadereg/'], # Ensure directory is created first
+ require => File['/var/www/skadereg/'],
}
apache::vhost { 'default:80':
@@ -157,7 +157,7 @@ class aim_control (
directoryindex => 'index.php',
}
],
- require => Vcsrepo['/var/www/skadereg'], # Ensure VCS repo is checked out first
+ require => Vcsrepo['/var/www/skadereg'],
}
file { '/var/www/skadereg/.env':
@@ -166,7 +166,7 @@ class aim_control (
group => 'skadereg',
mode => '0660',
content => template("${module_name}/dotenv.erb"),
- require => Vcsrepo['/var/www/skadereg'], # Ensure VCS repo is checked out first
+ require => Vcsrepo['/var/www/skadereg'],
}
exec { 'artisan migrate':
@@ -198,13 +198,12 @@ class aim_control (
'mysqld' => {
'bind-address' => '0.0.0.0',
'port' => 33060,
- 'socket' => '/var/lib/mysql/mysql.sock', # Add socket path explicitly if needed
+ 'socket' => '/var/lib/mysql/mysql.sock',
},
},
- restart => true, # Ensure server restarts to apply configuration changes
+ restart => true,
}
- # Create the database with the necessary charset
mysql::db { $db_name:
user => $skadereg_ro_user,
password => $skadereg_ro_password,
@@ -213,7 +212,6 @@ class aim_control (
grant => ['SELECT'],
}
- # Create the root user with full privileges
mysql_user { 'root@%':
ensure => 'present',
password_hash => mysql_password($mysql_password),
@@ -246,4 +244,12 @@ class aim_control (
backuprotate => '7',
time => ['1','0'],
}
+
+ # Setting permissions for /var/lib/mysql to ensure it's accessible
+ file { '/var/lib/mysql':
+ ensure => 'directory',
+ owner => 'mysql',
+ group => 'mysql',
+ mode => '0755',
+ }
}
--
GitLab
From 4c653b16f9d19ad01055448226cbd609c0ea3ed6 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Sat, 15 Jun 2024 13:03:03 +0200
Subject: [PATCH 25/28] Reverting previous changes
---
manifests/init.pp | 8 --------
1 file changed, 8 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 3bc6c37..d5a1da3 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -244,12 +244,4 @@ class aim_control (
backuprotate => '7',
time => ['1','0'],
}
-
- # Setting permissions for /var/lib/mysql to ensure it's accessible
- file { '/var/lib/mysql':
- ensure => 'directory',
- owner => 'mysql',
- group => 'mysql',
- mode => '0755',
- }
}
--
GitLab
From 4dc14514e446ded3c81123eba378cef90f6791e6 Mon Sep 17 00:00:00 2001
From: saganorenkarlson <sagno626@student.liu.se>
Date: Sat, 15 Jun 2024 13:24:55 +0200
Subject: [PATCH 26/28] Changing permissions for mysql directory again
---
manifests/init.pp | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/manifests/init.pp b/manifests/init.pp
index d5a1da3..3fe2426 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -244,4 +244,13 @@ class aim_control (
backuprotate => '7',
time => ['1','0'],
}
+
+ # Ensure the MySQL directory is managed properly
+ file { '/var/lib/mysql':
+ ensure => 'directory',
+ owner => 'mysql',
+ group => 'mysql',
+ mode => '0755',
+ require => Class['mysql::server'], # Ensure MySQL is configured before setting permissions
+ }
}
--
GitLab
From 95177c662b0841802b6c2dc49f35a74163641ef2 Mon Sep 17 00:00:00 2001
From: Nils Olof Paulsson <nils.olof.paulsson@liu.se>
Date: Thu, 22 Aug 2024 12:49:41 +0200
Subject: [PATCH 27/28] addkajsaandhenrik
---
manifests/init.pp | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/manifests/init.pp b/manifests/init.pp
index 3fe2426..22f5aac 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -34,6 +34,14 @@ class aim_control (
String $skadereg_ro_user = 'skadereg_ro',
) {
users::liu_user {
+ 'kajjo92':
+ commonname => 'Kajsa Johansson',
+ shell => '/bin/bash',
+ sshkey => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQCx6W8aY6aX/dt+5aL5SpMbdbOOSOyFBRqwZj3P7C7LSHw1Pk26nFKedP+81KPoBqqy/EZn1n9Y6iu3qQY575CUcZ2Dzmtt/cffFSN6n2T7NBc3E+EOjSbk9jKt38zLKokOZdRJU984eTNe1VuKt7wQZJdrT8x7RJK6TxE7mYuVQd0WpZN+L38rwXLKopVJKbKmw7XL2xYWMcyGXGMoOrsaSqPMFYR+gGS0PMz3LvPrF+m6gd26eJMdkxefRh0uy2/2nt9zh12W8ErYqvpvvsF98Q3etEWxckWCmguod0FBJYg7QaPNxHyq962uv44tNfGrZuyRra778xx9l0DxNztG/wDJtM/Lc5MteRhUq5WJTGZTZQv5ih5rrgWbIO1o4dE68iLbWg4OXzersQcln8g8IuZHgkCFC+PlqURPGOOo1v4XLQ8MLvQMfphE5Z2f0oyecvZv4OQLXfKJAxfsNZmLmlC8y104ZKZMKo8OoFzNnDk46m4MPdE/0KiDeP6JyrWZdjpKg3raYFkA6atsnYQatH7XKvJ2PMmW745J+Ve2yTPBiuqOnp5Xua2TDf2iTkzZ6D0fMKqpQvp+VnYEMtZtX6PhozD55F73Ixil7i11adG6iW6tv9gpHcmv3GJ3Y4lITcZYK49AmAK3vCkkv8dzJNP+cZdSLnAtVEYrQHXVXw=='; # lint:ignore:140chars
+ 'henma06':
+ commonname => 'Henrik Hedevik',
+ shell => '/bin/bash',
+ sshkey => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQCljonO5Dv4DTs5tB+ecADaDrHBIXQh80KU26puuwe6XSs6HzwreAaMaDgB9nL1TD+naqwn/s2Yl51XrwC5fZAFeUyEDXSa6G3dLaMxpMDex5a/q/EteT/x8n0XKQpxaxPUHsa9aPGF8PUaLdLx3g+sehhRiAWICDX4RIZhHut7SvwSygIizdhV46yiTJAv4WGIIOeOEUbxtwwDYVgCv+By6Wl+IbhQE+HG0TtFGlRA6K3YGgJ6mIbGLSgO3P69jSTW7NIiHt4v4UiHH6XFGpFza9yqggTLtpxkukyLafSuebGBjJ8nCMkhvkP/zcjOdgCpJ/ZUmM9dQugvZaEE7PGaGJ7q5E1nkyUvC7XPRR7jnukrABlFFHLY2otngKTRX5sgbTmLrGmka47yV9eHfmYsI9C7ZkFc/fdm0TobGJfhwmuUIolBbL9rL0Jq85lQBKsOQzdSLRxlCvPxnzLTNGTyklovWlMmLFOgXYgtcQfeV+ByUvByxqMmD1RDlPgO9hkaQMWHw4PV8ZKOZ6jw0fG5+MP9EYpyw80dvP7KNNqKFFrrRC1W+c+R7jBckOjCfykXW8ssmW4y92nlU540Q2ErtvljnACImvHz2YZejYrtE+4+uU0v2M1095TlFmNNpbvb9d0vtYogsUsLNRxPpq06R6amSCB/tWhVr3f604Draw=='; # lint:ignore:140chars
'samla949':
commonname => 'Samuel Larsson',
shell => '/bin/bash',
--
GitLab
From 13894679c36c538f59e98ef5fe46d2b96489c7c8 Mon Sep 17 00:00:00 2001
From: Nils Olof Paulsson <nils.olof.paulsson@liu.se>
Date: Wed, 26 Feb 2025 13:19:41 +0100
Subject: [PATCH 28/28] mysql::passwd
---
manifests/init.pp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 22f5aac..7cad1db 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -222,7 +222,7 @@ class aim_control (
mysql_user { 'root@%':
ensure => 'present',
- password_hash => mysql_password($mysql_password),
+ password_hash => mysql::password($mysql_password),
}
mysql_grant { 'root@%/*.*':
--
GitLab