jtopjian/base-role.pp

## base-role.pp
class admin::roles::base {

  class { 'ntp': }
  class { 'stdlib': }
  class { 'firewall': }
  class { 'admin::base::security_updates': }
  class { 'admin::base::packages': }

  # Firewall
  resources { 'firewall':
    purge => true
  }

  # root's SSH key
  sshkeys::create_key { 'root':
    home => '/root',
  }
}

## bootstrap.pp
class { 'admin::roles::base': } ->
class { 'admin::roles::puppet::master': }

## bootstrap.sh
#!/bin/bash

# Variables
repo_location="/root/t"

echo "Installing base packages"
read -p "Press [Enter] to continue..."

wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb
dpkg -i puppetlabs-release-precise.deb
apt-get update
apt-get install -y git puppet rake rubygems
rm *.deb

echo "Setting up dotfiles"
read -p "Press [Enter] to continue..."

# Set up environment
cd
git clone https://github.com/jtopjian/dotfiles .dotfiles
cd .dotfiles
bash create.sh

echo "Installing core site modules"
read -p "Press [Enter] to continue..."

# Get core site modules
mkdir -p /etc/puppet/site/modules
cd /etc/puppet/site/modules
for repo in admin puppet nginx unicorn gitolite sshkeys
do
  cp -a ${repo_location}/${repo} $repo
  rm -rf $repo/.git
done
chown -R root:root /etc/puppet/site/modules

echo "Installing third party modules"
read -p "Press [Enter] to continue..."

# Get supplemental modules
cd /etc/puppet/modules
git clone https://github.com/puppetlabs/puppetlabs-stdlib stdlib
git clone https://github.com/puppetlabs/puppetlabs-inifile inifile
git clone https://github.com/jtopjian/jtopjian-fqdn_underscore fqdn_underscore
git clone https://github.com/puppetlabs/puppetlabs-apt apt
git clone https://github.com/puppetlabs/puppetlabs-mysql mysql
git clone https://github.com/puppetlabs/puppetlabs-vcsrepo vcsrepo
git clone https://github.com/ripienaar/puppet-concat concat
git clone https://github.com/puppetlabs/puppetlabs-ntp ntp
git clone https://github.com/puppetlabs/puppetlabs-puppetdb puppetdb
git clone https://github.com/puppetlabs/puppetlabs-postgresql postgresql
git clone https://github.com/puppetlabs/puppetlabs-firewall firewall
git clone https://github.com/dalen/puppet-puppetdbquery puppetdbquery

echo "Configuring Puppet"
read -p "Press [Enter] to continue..."
rm /etc/puppet/puppet.conf
ln -s /etc/puppet/site/modules/admin/ext/puppet.conf /etc/puppet/
ln -s /etc/puppet/site/modules/admin/ext/hiera.yaml /etc/puppet/
ln -s /etc/puppet/site/modules/admin/ext/nodes.pp /etc/puppet/manifests
ln -s /etc/puppet/site/modules/admin/ext/site.pp /etc/puppet/manifests

## puppet-apply.sh
puppet apply --verbose bootstrap.pp

## puppetmaster-role.pp
class admin::roles::puppet::master {
  anchor { 'admin::roles::puppet::master::begin': } -> Class['::puppetdb']
  Class['nginx::server'] -> anchor { 'admin::roles::puppet::master::end': }

  # Rake dependency
  package { 'rake':
    ensure => present,
  }

  # PuppetDB
  class { '::puppetdb': } ->
  class { '::puppetdb::master::config': } ->

  # Puppet Server
  class { '::puppet':
    settings      => hiera('puppet_config'),
    agent         => true,
    master        => true,
    master_type   => 'nginx',
  } ->

  # Nginx and Unicorn
  class { 'unicorn::server': } ->
  class { 'nginx::server': }

  # Firewall
  $interfaces = hiera('interfaces')
  $interfaces.each { |$interface|
    firewall { "100 allow puppet to puppetdb on ${interface}":
      proto  => 'tcp',
      port   => 8081,
      source => $interface,
      action => 'accept',
    }
  }

  firewall { '900 deny all to puppetdb':
    proto  => 'tcp',
    port   => [8080, 8081],
    action => 'drop',
  }
}
	class admin::roles::base {

	class { 'ntp': }
	class { 'stdlib': }
	class { 'firewall': }
	class { 'admin::base::security_updates': }
	class { 'admin::base::packages': }

	# Firewall
	resources { 'firewall':
	purge => true
	}

	# root's SSH key
	sshkeys::create_key { 'root':
	home => '/root',
	}
	}
	class { 'admin::roles::base': } ->
	class { 'admin::roles::puppet::master': }
	#!/bin/bash

	# Variables
	repo_location="/root/t"

	echo "Installing base packages"
	read -p "Press [Enter] to continue..."

	wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb
	dpkg -i puppetlabs-release-precise.deb
	apt-get update
	apt-get install -y git puppet rake rubygems
	rm *.deb

	echo "Setting up dotfiles"
	read -p "Press [Enter] to continue..."

	# Set up environment
	cd
	git clone https://github.com/jtopjian/dotfiles .dotfiles
	cd .dotfiles
	bash create.sh

	echo "Installing core site modules"
	read -p "Press [Enter] to continue..."

	# Get core site modules
	mkdir -p /etc/puppet/site/modules
	cd /etc/puppet/site/modules
	for repo in admin puppet nginx unicorn gitolite sshkeys
	do
	cp -a ${repo_location}/${repo} $repo
	rm -rf $repo/.git
	done
	chown -R root:root /etc/puppet/site/modules

	echo "Installing third party modules"
	read -p "Press [Enter] to continue..."

	# Get supplemental modules
	cd /etc/puppet/modules
	git clone https://github.com/puppetlabs/puppetlabs-stdlib stdlib
	git clone https://github.com/puppetlabs/puppetlabs-inifile inifile
	git clone https://github.com/jtopjian/jtopjian-fqdn_underscore fqdn_underscore
	git clone https://github.com/puppetlabs/puppetlabs-apt apt
	git clone https://github.com/puppetlabs/puppetlabs-mysql mysql
	git clone https://github.com/puppetlabs/puppetlabs-vcsrepo vcsrepo
	git clone https://github.com/ripienaar/puppet-concat concat
	git clone https://github.com/puppetlabs/puppetlabs-ntp ntp
	git clone https://github.com/puppetlabs/puppetlabs-puppetdb puppetdb
	git clone https://github.com/puppetlabs/puppetlabs-postgresql postgresql
	git clone https://github.com/puppetlabs/puppetlabs-firewall firewall
	git clone https://github.com/dalen/puppet-puppetdbquery puppetdbquery

	echo "Configuring Puppet"
	read -p "Press [Enter] to continue..."
	rm /etc/puppet/puppet.conf
	ln -s /etc/puppet/site/modules/admin/ext/puppet.conf /etc/puppet/
	ln -s /etc/puppet/site/modules/admin/ext/hiera.yaml /etc/puppet/
	ln -s /etc/puppet/site/modules/admin/ext/nodes.pp /etc/puppet/manifests
	ln -s /etc/puppet/site/modules/admin/ext/site.pp /etc/puppet/manifests
	class admin::roles::puppet::master {
	anchor { 'admin::roles::puppet::master::begin': } -> Class['::puppetdb']
	Class['nginx::server'] -> anchor { 'admin::roles::puppet::master::end': }

	# Rake dependency
	package { 'rake':
	ensure => present,
	}

	# PuppetDB
	class { '::puppetdb': } ->
	class { '::puppetdb::master::config': } ->

	# Puppet Server
	class { '::puppet':
	settings => hiera('puppet_config'),
	agent => true,
	master => true,
	master_type => 'nginx',
	} ->

	# Nginx and Unicorn
	class { 'unicorn::server': } ->
	class { 'nginx::server': }

	# Firewall
	$interfaces = hiera('interfaces')
	$interfaces.each { \|$interface\|
	firewall { "100 allow puppet to puppetdb on ${interface}":
	proto => 'tcp',
	port => 8081,
	source => $interface,
	action => 'accept',
	}
	}

	firewall { '900 deny all to puppetdb':
	proto => 'tcp',
	port => [8080, 8081],
	action => 'drop',
	}
	}