hey,
i''ve been working on getting puppet working with my freebsd machines
for
the past few hours. after reading up on the list archive, i saw that
some other people were asking about the best way to do this. i''d like
to
share my solution. there might be a better way, but this is working
really well for me so far.
keep in mind that i use the following settings:
configdir = /usr/local/etc/puppet
vardir = /k/vol01/puppet
templatedir = $vardir/templates
my solution consists of a few .pp files and a template:
$configdir/manifests/os/freebsd.pp
$configdir/manifests/classes/bsdrcconf.pp
$configdir/manifests/nodes/host.pp (one for each host)
$templatedir/rc.conf.erb
---
and now the meat & potatoes:
::hostname.pp:: (keep in mind you should have a file for each node! or
put them all in one file)
node "host.domain.com" inherits basenode {
$hostname = "host.domain.com"
$iface = "fxp0"
$ifconfig = "inet 1.2.3.4 netmask 255.255.255.0"
$defaultrouter = "1.2.3.1"
.
$rcvars_enabled = [sshd, ntpd, puppetd]
$rcvars_disabled = [sendmail, sendmail_submit,
sendmail_outbound, sendmail_msp_queue]
include bsdrcconf
include ntpclient
}
this should be pretty straightforward. the variables set at the top are
used in the template as you''ll see in a bit.
::bsdrcconf.pp:: (which is what includes the actual template)
class bsdrcconf {
file { "rc.conf":
path => "/etc/rc.conf",
owner => "root",
group => "wheel",
mode => 644,
content => template("rc.conf.erb")
}
}
::os/freebsd.pp::
class freebsd {
package { "portupgrade":
ensure => "installed" # chicken or the egg!
}
service { sendmail:
name => "sendmail",
ensure => stopped,
hasstatus => true,
provider => init,
stop => "env sendmail_enable=\"YES\"
/etc/rc.d/sendmail
stop"
}
service { ntpd:
name => "ntpd",
ensure => running,
hasstatus => true,
provider => init,
subscribe => File[ntpconf]
}
}
here you see a couple services handled by puppet. first, i always want
to disable the sendmail daemons (i also have a periodic.conf so the jobs
don''t run, but that''s easy to set up with a simple file
resource). i''m
using "env" to trick the rc script into believing sendmail is enabled
so
it will kill the daemons if they are running. the reason behind this is,
i have all of the processes set to "NO" in rc.conf. even if the
process
is running, the freebsd rc.d script reads in the value from rc.conf and
does nothing. so, as i said, we use "env" to trick it.
the ntpd service is straightforward, no explaning should be necessary there.
::$templatedir/rc.conf.erb::
#
# AUTOMATICALLY GENERATED BY PUPPET
#
# !!!DO NOT EDIT!!!
#
hostname="<%= hostname %>"
ifconfig_<%= iface %>="<%= ifconfig %>"
defaultrouter="<%= defaultrouter %>"
<% rcvars_enabled.each do |en_val| -%>
<%= en_val %>_enable="YES"
<% end -%>
<% rcvars_disabled.each do |dis_val| -%>
<%= dis_val %>_enable="NO"
<% end -%>
and that''s pretty much it. one thing that still needs to be addressed
is
the handling of non-enabled/disabled values in rc.conf (such as setting
flags and arguments to the daemon in question).
hope this is of help to someone. if anyone has any suggestions for
improvement, i''d love to hear them.
btw, i''ve set my Package provider for freebsd to "ports".
-scott
