diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-12 02:26:25 +0100 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-12 02:26:25 +0100 |
| commit | dd28dcf3d620a4ac7d0a1532b812213cf094cd3c (patch) | |
| tree | a3fa8c8ef446de2bcc2f317bceb4bca868f7e0f0 /modules/profiles/manifests | |
| parent | Move webdav into profiles. (diff) | |
| download | webdav_server-dd28dcf3d620a4ac7d0a1532b812213cf094cd3c.tar.gz webdav_server-dd28dcf3d620a4ac7d0a1532b812213cf094cd3c.tar.xz | |
Revert "Move webdav into profiles."
It actually reverts the non-need for the nginx module webdav_ext. Since
Omnifocus requires PROPFIND.
This reverts commit edf6ffe8b399679ba28cc5e558a6838919dd1ee8.
Diffstat (limited to 'modules/profiles/manifests')
24 files changed, 0 insertions, 887 deletions
diff --git a/modules/profiles/manifests/client.pp b/modules/profiles/manifests/client.pp deleted file mode 100644 index f0a9b93..0000000 --- a/modules/profiles/manifests/client.pp +++ /dev/null @@ -1,9 +0,0 @@ -class profiles::client { - - class { 'puppet': - server => false, - agent => true, - puppetmaster => $facts['extlib__puppet_config']['main']['server'], - } - -} diff --git a/modules/profiles/manifests/common.pp b/modules/profiles/manifests/common.pp deleted file mode 100644 index 4cb5226..0000000 --- a/modules/profiles/manifests/common.pp +++ /dev/null @@ -1,43 +0,0 @@ -class profiles::common ( - String $timezone, - Array[String] $locales = [ 'en_US.UTF-8', ], -) { - - file_line { 'hosts ourself': - ensure => present, - line => "::1\t${facts['name']}\t${::fqdn}", - path => '/etc/hosts', - } - - file { '/etc/localtime': - ensure => link, - target => "/usr/share/zoneinfo/${timezone}", - } - - # TODO possibly check in /usr/share/i18n/locales if file exists - # there - - $fixed_locales = ($locales.map |$locale| { - if $locale =~ /^[^.]*\.(.*)$/ { - "${locale} ${1}" - } else { - "${locale} UTF-8" - } - } + [ '' ]) - - file { '/etc/locale.gen': - content => $fixed_locales.join("\n") - } ~> exec { 'locale-gen': - path => [ '/bin', '/usr/bin', ], - refreshonly => true, - } - - file { 'Default locales': - path => '/etc/locale.conf', - content => @(EOF) - LANG=en_US.UTF-8 - LC_TIME=sv_SE.UTF-8 - | EOF - } - -} diff --git a/modules/profiles/manifests/dns_zones.pp b/modules/profiles/manifests/dns_zones.pp deleted file mode 100644 index 8e9edf8..0000000 --- a/modules/profiles/manifests/dns_zones.pp +++ /dev/null @@ -1,12 +0,0 @@ -class profiles::dns_zones ( - Hash $zones, - Hash $default = {}, -) { - create_resources(dns::zone, $zones, $default) - - $rev_zone = dns::reverse_dns($facts['networking']['network6'])[32,-1] - dns::zone { $rev_zone: - reverse => true, - } - -} diff --git a/modules/profiles/manifests/dolphin.pp b/modules/profiles/manifests/dolphin.pp deleted file mode 100644 index f1fdcf8..0000000 --- a/modules/profiles/manifests/dolphin.pp +++ /dev/null @@ -1,70 +0,0 @@ -# Configure the file manager dolphin -class profiles::dolphin { - ensure_packages ([ - 'dolphin', - 'kde-cli-tools', - 'ffmpegthumbs', - 'kdegraphics-thumbnailers', - 'konsole', - 'breeze-icons', - ], { ensure => installed }) - - - $dolphin_settings = { - 'General' => { - 'BrowseThroughArchives' => 'true', - 'GlobalViewProps' => 'false', - 'HomeUrl' => '/usr/net/video', - 'OpenExternallyCalledFolderInNewTab' => 'false', - 'RememberOpenedTabs' => 'false', - 'ShowFullPath' => 'true', - }, - 'MainWindow' => { - 'MenuBar' => 'Disabled', - 'ToolBarsMovable' => 'Disabled', - }, - 'VersionControl' => { - 'enabledPlugins' => [ - 'Dropbox', - 'Git', - ] - }, - 'PreviewSettings' => { - 'Plugins' => [ - 'appimagethumbnail', - 'audiothumbnail', - 'blenderthumbnail', - 'comicbookthumbnail', - 'djvuthumbnail', - 'ebookthumbnail', - 'exrthumbnail', - 'directorythumbnail', - 'fontthumbnail', - 'imagethumbnail', - 'jpegthumbnail', - 'kraorathumbnail', - 'windowsexethumbnail', - 'windowsimagethumbnail', - 'opendocumentthumbnail', - 'gsthumbnail', - 'svgthumbnail', - 'textthumbnail', - 'ffmpegthumbs', - ] - } - } - - $dolphin_settings.map |$category, $group| { - $group.map |$setting, $value| { - ini_setting { "Dolphin [${category}].${setting}": - path => '/etc/xdg/dolphinrc', - section => $category, - setting => $setting, - value => $value ? { - Array => $value.join(','), - String => $value, - } - } - } - } -} diff --git a/modules/profiles/manifests/fcgiwrap.pp b/modules/profiles/manifests/fcgiwrap.pp deleted file mode 100644 index fa667d1..0000000 --- a/modules/profiles/manifests/fcgiwrap.pp +++ /dev/null @@ -1,8 +0,0 @@ -class profiles::fcgiwrap { - ensure_packages(['fcgiwrap']) - - service { 'fcgiwrap.socket': - ensure => running, - enable => true, - } -} diff --git a/modules/profiles/manifests/firewall.pp b/modules/profiles/manifests/firewall.pp deleted file mode 100644 index 6c9d7e6..0000000 --- a/modules/profiles/manifests/firewall.pp +++ /dev/null @@ -1,19 +0,0 @@ -class profiles::firewall { - ensure_packages ([ - 'iptables-persistent', - 'fail2ban', - ], { ensure => installed }) - - file { '/etc/iptables/rules.v4': - source => 'puppet:///modules/profiles/firewall/rules.v4', - } ~> exec { 'reload firewall': - command => '/usr/share/netfilter-persistent/plugins.d/15-ip4tables restart', - refreshonly => true, - } - - service { 'fail2ban': - ensure => running, - enable => true, - } - -} diff --git a/modules/profiles/manifests/group_profile.pp b/modules/profiles/manifests/group_profile.pp deleted file mode 100644 index 2025a4b..0000000 --- a/modules/profiles/manifests/group_profile.pp +++ /dev/null @@ -1,16 +0,0 @@ -class profiles::group_profile { - file { '/etc/profile.d/group-env.sh': - ensure => 'file', - content => @(EOF) - for group in $(groups $(id -nu)) - do - f="/etc/profile.d/group.d/${group}" - test -f "$f" && . $f - done - | EOF - } - - file { '/etc/profile.d/group.d': - ensure => 'directory', - } -} diff --git a/modules/profiles/manifests/imagemagick.pp b/modules/profiles/manifests/imagemagick.pp deleted file mode 100644 index 7663cf8..0000000 --- a/modules/profiles/manifests/imagemagick.pp +++ /dev/null @@ -1,17 +0,0 @@ -class profiles::imagemagick { - package { 'imagemagick': - ensure => installed, - } - - file { '/etc/ImageMagick-7/policy.xml': - content => epp('profiles/imagemagick-policy.xml', { - policies => [ - { - domain => 'coder', - rights => 'read | write', - pattern => 'PDF' - }, - ] - }), - } -} diff --git a/modules/profiles/manifests/letsencrypt.pp b/modules/profiles/manifests/letsencrypt.pp deleted file mode 100644 index 48aa3a8..0000000 --- a/modules/profiles/manifests/letsencrypt.pp +++ /dev/null @@ -1,35 +0,0 @@ -class profiles::letsencrypt ( - String $certname, - Array[String] $domains, - Enum['nginx','apache'] $provider, - Optional[String] $nginx_plugin = undef, - Optional[String] $apache_plugin = undef, -) { - - include ::letsencrypt - - $plugin = $provider - $post_hook = $provider ? { - 'nginx' => 'systemctl restart nginx.service', - 'apache' => 'systemctl restart apache2.service', - } - - case $provider { - 'apache': { - ensure_packages ([$apache_plugin]) - } - 'nginx': { - ensure_packages ([$nginx_plugin]) - } - } - - letsencrypt::certonly { $certname: - ensure => present, - domains => $domains, - manage_cron => true, - plugin => $plugin, - additional_args => [ '--quiet', ], - # pre_hook_commands => [ 'systemctl stop nginx.service', ], - post_hook_commands => [ $post_hook, ], - } -} diff --git a/modules/profiles/manifests/mysql.pp b/modules/profiles/manifests/mysql.pp deleted file mode 100644 index 01372d0..0000000 --- a/modules/profiles/manifests/mysql.pp +++ /dev/null @@ -1,8 +0,0 @@ -class profiles::mysql { - require ::mysql::server - - mysql_user { 'root@localhost': - ensure => present, - plugin => 'unix_socket', - } -} diff --git a/modules/profiles/manifests/phpfpm.pp b/modules/profiles/manifests/phpfpm.pp deleted file mode 100644 index 2aaf0df..0000000 --- a/modules/profiles/manifests/phpfpm.pp +++ /dev/null @@ -1,21 +0,0 @@ -class profiles::phpfpm ( - String $version = '7.4', -) { - - # The packageg php-fpm also exists, which simply pulls in php7.4-fpm - - ensure_packages(["php${version}-fpm"]) - - service { "php${version}-fpm": - ensure => running, - enable => true, - } - - systemd::dropin_file { 'runtime-dir.conf': - unit => 'php${version}-fpm.service', - content => @(EOF) - [Service] - RuntimeDirectory=php - | EOF - } -} diff --git a/modules/profiles/manifests/puppetboard.pp b/modules/profiles/manifests/puppetboard.pp deleted file mode 100644 index d477632..0000000 --- a/modules/profiles/manifests/puppetboard.pp +++ /dev/null @@ -1,57 +0,0 @@ -class profiles::puppetboard { - # https://forge.puppet.com/modules/puppet/puppetboard/readme - # Configure Apache - class { 'apache': - default_vhost => false, - purge_configs => true, - } - - $wsgi = $facts['os']['family'] ? { - 'Debian' => { - package_name => 'libapache2-mod-wsgi-py3', - mod_path => '/usr/lib/apache2/modules/mod_wsgi.so', - }, - default => {} - } - - class { 'apache::mod::wsgi': - * => $wsgi, - } - - # Configure puppetboard - - class { 'puppetboard': - manage_git => true, - manage_virtualenv => true, - require => Class['puppetdb'], - puppetdb_port => 8080, - # Required for /metrics/ to work - puppetdb_host => '127.0.0.1', - enable_catalog => true, - python_loglevel => 'info', - offline_mode => true, - } - - class { '::profiles::letsencrypt': - provider => apache, - } - - $certname = lookup('certname') - class { 'puppetboard::apache::vhost': - vhost_name => $::fqdn, - port => 443, - ssl => true, - ssl_cert => "/etc/letsencrypt/live/${certname}/cert.pem", - ssl_key => "/etc/letsencrypt/live/${certname}/privkey.pem", - ssl_chain => "/etc/letsencrypt/live/${certname}/fullchain.pem", - } - - apache::vhost { "http-redirect": - servername => $::fqdn, - port => 80, - redirect_source => ['/'], - redirect_dest => ["https://${::fqdn}/"], - redirect_status => ['permanent'], - docroot => false, - } -} diff --git a/modules/profiles/manifests/puppetdb.pp b/modules/profiles/manifests/puppetdb.pp deleted file mode 100644 index ddfb73c..0000000 --- a/modules/profiles/manifests/puppetdb.pp +++ /dev/null @@ -1,10 +0,0 @@ -class profiles::puppetdb { - # exec { 'puppetdb ssl-setup': - # creates => '/etc/puppetlabs/puppetdb/ssl/{ca,private,public}.pem' - # } - - class { 'puppetdb': - listen_address => '::', - disable_ssl => false, - } -} diff --git a/modules/profiles/manifests/puppetserver.pp b/modules/profiles/manifests/puppetserver.pp deleted file mode 100644 index 82de2b5..0000000 --- a/modules/profiles/manifests/puppetserver.pp +++ /dev/null @@ -1,46 +0,0 @@ -class profiles::puppetserver ( - Hash $hiera, -) { - # required for the git hook - ensure_packages(['ruby']) - - file { '/usr/libexec': - ensure => directory, - } - - ensure_packages(['python3-yaml']) - - inifile::create_ini_settings( - { common => { - node_fmt => yaml, - nodes => '/puppet/nodes.yaml', - }, - }, - { - path => '/etc/node-classifier.ini', - } - ) - - file { '/usr/libexec/external-node-classifier': - mode => '0555', - source => 'puppet:///modules/profiles/node-classifier.py', - } - - class { 'puppet': - server => true, - server_foreman => false, - server_reports => 'puppetdb', - server_storeconfigs => true, - server_git_repo => true, - server_git_repo_path => '/var/lib/puppet.git', - server_external_nodes => '/usr/libexec/external-node-classifier', - server_strict_variables => true, - } - - file { "/etc/puppetlabs/puppet/hiera.yaml": - ensure => file, - content => hash2yaml($hiera, { - 'header' => '# This file is managed by puppet', - }), - } -} diff --git a/modules/profiles/manifests/remarkable.pp b/modules/profiles/manifests/remarkable.pp deleted file mode 100644 index d88486f..0000000 --- a/modules/profiles/manifests/remarkable.pp +++ /dev/null @@ -1,30 +0,0 @@ -define profiles::remarkable ( - String $prefix = '10.11.99', - String $addr = '2', -) { - - file_line { 'remarkable usb': - ensure => present, - path => '/etc/hosts', - line => "${prefix}.1 remarkable.usb", - } - - file_line { 'remarkable usb self': - ensure => present, - path => '/etc/hosts', - line => "${prefix}.${addr} host.usb", - } - - # TODO Shouldn't we just use DHCP as intended here? - networking::networkd_instance { 'remarkable-usb': - content => { - 'Match' => { - 'Name' => 'enp3s0f0u4', - }, - 'Network' => { - 'Description' => 'Remarkable USB connection', - 'Address' => "${prefix}.${addr}/29", - }, - }, - } -} diff --git a/modules/profiles/manifests/shiori.pp b/modules/profiles/manifests/shiori.pp deleted file mode 100644 index df9b718..0000000 --- a/modules/profiles/manifests/shiori.pp +++ /dev/null @@ -1,46 +0,0 @@ -class profiles::shiori ( - String $server_name, - Array[String] $group_members = [], - $port = 8080, -) { - - class { 'shiori': - port => $port, - } - - group { 'shiori': - ensure => present, - members => $group_members, - } - - include ::profiles::group_profile - - file { '/etc/profile.d/group.d/shiori': - ensure => file, - content => "export SHIORI_DIR=${shiori::dir}\n", - } - - include ::nginx - - $certname = lookup('certname') - - nginx::resource::server { $server_name: - ipv6_enable => true, - ipv6_listen_options => '', - ssl => true, - ssl_redirect => true, - ssl_cert => "/etc/letsencrypt/live/${certname}/fullchain.pem", - ssl_key => "/etc/letsencrypt/live/${certname}/privkey.pem", - www_root => $shiori::dir, - use_default_location => false, - } - - nginx::resource::location { 'shiori /': - location => '/', - proxy => "http://[::]:$port", - index_files => [], - ssl => true, - ssl_only => true, - server => $server_name, - } -} diff --git a/modules/profiles/manifests/ssh.pp b/modules/profiles/manifests/ssh.pp deleted file mode 100644 index 1cf0fbf..0000000 --- a/modules/profiles/manifests/ssh.pp +++ /dev/null @@ -1,18 +0,0 @@ -class profiles::ssh { - include ::ssh - - $authorized_keys = lookup('ssh_authorized_keys', Array[Hash], undef, []) - - ssh::client::config::user { 'root': - user_home_dir => '/root' - } - - $authorized_keys.each |$key| { - ssh_authorized_key { $key['name']: - user => $key['user'], - type => $key['type'], - key => $key['key'], - } - } -} - diff --git a/modules/profiles/manifests/syncthing.pp b/modules/profiles/manifests/syncthing.pp deleted file mode 100644 index 7d8183e..0000000 --- a/modules/profiles/manifests/syncthing.pp +++ /dev/null @@ -1,28 +0,0 @@ -class profiles::syncthing ( - Array[String] $enable_for = [] -) { - - # TODO add repo for those systems that need it - - package { 'syncthing': - ensure => installed - } - - systemd::dropin_file { 'nospam.conf': - unit => 'syncthing@.service', - content => @(EOF) - [Service] - ExecStart= - ExecStart=/bin/bash -c 'set -o pipefail; /usr/bin/syncthing -no-browser -no-restart -logflags=0 | grep -v "INFO: "' - | EOF - } - - $enable_for.map |$user| { - service { "syncthing@${user}": - enable => true, - } - } - - # TODO manage synced data - -} diff --git a/modules/profiles/manifests/synth.pp b/modules/profiles/manifests/synth.pp deleted file mode 100644 index eb01f8f..0000000 --- a/modules/profiles/manifests/synth.pp +++ /dev/null @@ -1,33 +0,0 @@ -class profiles::synth { - - package { 'freepats-general-midi': - ensure => installed, - } - - file { '/etc/conf.d/fluidsynth': - content => @(EOF) - SOUND_FONT=/usr/share/soundfonts/freepats-general-midi.sf2 - OTHER_OPTS='-a alsa' - | EOF - } - - # TODO pull in aur package from - # https://git.hornquist.se/archpkg/aconnect-service/ - - # TODO setup the rest - - # - template: - # dest: ~/.config/aconnect/impact - # source: aconnect - # vars: - # input_unit: Impact LX25 - # output_unit: FLUID Synth - # - # - systemd: - # name: aconnect@{{ impact }} - # scope: user - # enabled: yes - # become: yes - # become_user: hugo - -} diff --git a/modules/profiles/manifests/transmission.pp b/modules/profiles/manifests/transmission.pp deleted file mode 100644 index f79517b..0000000 --- a/modules/profiles/manifests/transmission.pp +++ /dev/null @@ -1,71 +0,0 @@ -class profiles::transmission ( - Optional[String] $nginx_server = undef, - Enum['None', 'Error', 'Info', 'Debug'] $msg_level = 'Error', -) { - - $transmission_url = '/transmission' - $transmission_port = 9091 - - if ($nginx_server) { - require ::nginx - - nginx::resource::location { $transmission_url: - proxy => "http://localhost:${transmission_port}${transmission_url}", - proxy_set_header => [], - server => $nginx_server, - ssl => true, - ssl_only => true, - } - } - - ensure_packages(['transmission-cli'], - { ensure => installed }) - - systemd::dropin_file { 'transmission-after.conf': - unit => 'transmission.service', - content => @(EOF) - [Unit] - After=network-online.target - | EOF - } - - systemd::dropin_file { 'transmission-flags.conf': - unit => 'transmission.service', - content => @(EOF) - [Service] - ExecStart= - ExecStart=/usr/bin/transmission-daemon -f - | EOF - } - - # TODO whitelists are currently disabled, since they don't seem to - # work. Possibly turn them on again some day. - - # https://github.com/transmission/transmission/wiki/Editing-Configuration-File - file { '/var/lib/transmission/.config/transmission-daemon/settings.json': - content => epp('profiles/transmission.json.epp', { - rpc_username => 'hugo', - # '{' + sha1(password + salt) - # But I don't know how I managed to generate it, since - # transmission rolls its own crypto - rpc_password => '{eb43101d3b9aa02223466d7f98c5329c841c7967/Zr2tFpn', - download_dir => '/usr/net/', - rpc_whitelist => ['127.0.0.1', '::1'], - rpc_port => $transmission_port, - rpc_url => "${transmission_url}/", - msg_level => case $msg_level { - 'None': { 0 } - 'Error': { 1 } - 'Info': { 2 } - 'Debug': { 3 } - }, - }), - } ~> exec { '/bin/systemctl reload transmission': - refreshonly => true, - } - - service { 'transmission': - ensure => 'running', - enable => true, - } -} diff --git a/modules/profiles/manifests/webdav.pp b/modules/profiles/manifests/webdav.pp deleted file mode 100644 index bd586f6..0000000 --- a/modules/profiles/manifests/webdav.pp +++ /dev/null @@ -1,73 +0,0 @@ -class profiles::webdav ( - String $nginx_server, - String $file_path, - String $location, - String $passwd_file = "${file_path}/.htpasswd", - String $owner = 'http', - String $group = 'share', - Array[Array[String,2,2]] $users = [], - Array[String] $dav_methods = ['PUT', 'DELETE', 'MKCOL', 'COPY', 'MOVE'], - # Array[String] $dav_ext_methods = ['PROPFIND', 'OPTIONS'], - Hash[String,String] $dav_access = { - 'user' => 'rw', - 'group' => 'rw', - } -) { - - # TODO install this module somehow - # AUR: nginx-mainline-mod-dav-ext - - require ::nginx - - # $modname = 'ngx_http_dav_ext_module' - # # This assumes that the directory exists, and that - # # nginx::include_modules_enabled => true - # file { "/etc/nginx/modules-enabled/${modname}.conf": - # ensure => file, - # content => @("EOF") - # load_module /usr/lib/nginx/modules/${modname}.so; - # | EOF - # } - - $lines = $users.map |$pair| { $pair.join(':') }.join("\n") - - file { - default: - owner => $owner, - group => $group, - ; - $file_path: - ensure => 'directory', - mode => '0770', - recurse => 'false', - ; - $passwd_file: - ensure => 'file', - mode => '0660', - content => @("EOF") - # File managed by puppet - ${lines} - | EOF - ; - } - - nginx::resource::location { $location: - server => $nginx_server, - location_alias => $file_path, - ssl => true, - ssl_only => true, - - auth_basic => 'Enter password for dav access', - auth_basic_user_file => $passwd_file, - - location_cfg_append => { - 'dav_methods' => $dav_methods.join(' '), - # 'dav_ext_methods' => $dav_ext_methods.join(' '), - 'dav_access' => $dav_access.map |$k, $v| { "${k}:${v}" }.join(' '), - 'client_body_temp_path' => "${file_path}/tmp", - 'create_full_put_path' => 'on', - 'autoindex' => 'on', - 'allow' => 'all', - } - } -} diff --git a/modules/profiles/manifests/workstation.pp b/modules/profiles/manifests/workstation.pp deleted file mode 100644 index 167faef..0000000 --- a/modules/profiles/manifests/workstation.pp +++ /dev/null @@ -1,137 +0,0 @@ -class profiles::workstation ( -) { - $os = $facts['os']['name'].downcase() - include "::profiles::workstation::${os}" - - include ::profiles::group_profile - - if ($facts['systemd']) { - file { 'User ssh-agent service': - path => '/etc/systemd/user/ssh-agent.service', - source => "puppet:///modules/profiles/ssh-agent.service", - } - } - - # NOTE Hard coding checksums here kind of defeats the point of - # pulling in data from above (since we no longer get updates), - # but since GitHub doesn't send checksum headers the files gets - # updated every time otherwise, which creates noise. - - file { 'Dvorak A6 TTY keyboard layout': - ensure => file, - path => '/usr/share/kbd/keymaps/i386/dvorak/dvorak-sv-a6.map', - checksum => 'md5', - checksum_value => '96be6c1aa81522db46673c0f68e3336a', - source => 'https://raw.githubusercontent.com/HugoNikanor/keymaps/master/linux-tty/dvorak-sv-a6.map', - } - - file { 'Dvorak A6 X11 keyboard layout': - ensure => file, - path => '/usr/share/X11/xkb/symbols/planck', - checksum => 'md5', - checksum_value => '1f1023f6958916de592695cedbc94e5c', - source => 'https://raw.githubusercontent.com/HugoNikanor/keymaps/master/X11/planck', - } - - $xkb_layout = 'planck' - $xkb_variant = 'dvorak_a6' - $xkb_options = 'compose:caps' - - file { '/etc/X11/xorg.conf.d': - ensure => directory, - recurse => false, - } - - file { 'X11 Raise max clients': - ensure => file, - path => '/etc/X11/xorg.conf.d/99-maxclients.conf', - content => @(EOF) - Section "ServerFlags" - Option "MaxClients" "2048" - EndSection - | EOF - } - - file { 'Default X11 keymap': - ensure => file, - path => '/etc/X11/xorg.conf.d/00-keyboard.conf', - content => @("EOF") - Section "InputClass" - Identifier "system-keyboard" - MatchIsKeyboard "on" - Option "XkbLayout" "${xkb_layout}" - Option "XkbModel" "pc105" - Option "XkbVariant" "${xkb_variant}" - Option "XkbOptions" "${xkb_options}" - EndSection - | EOF - } - - file { 'Model M X11 keymap': - ensure => file, - path => '/etc/X11/xorg.conf.d/01-model-m.conf', - content => @(EOF) - Section "InputClass" - Identifier "Model M" - MatchUSBID "17f6:0822" - Option "XkbLayout" "us" - Option "XkbVariant" "dvorak" - EndSection - | EOF - } - - file { 'Setup console': - ensure => file, - path => '/etc/vconsole.conf', - content => epp('profiles/keyvalue.epp', { 'values' => { - 'KEYMAP' => 'dvorak-sv-a6', - 'FONT' => 'lat9v-12', - }}), - } - - $cowpath = [ - '/usr/share/cows', - '/usr/local/share/cows', - ] - - file { '/etc/environment': - content => epp('profiles/keyvalue.epp', { values => { - 'COWPATH' => $cowpath.join(':'), - 'MANWIDTH' => 80, - 'MPD_HOST' => 'jukebox.lysator.liu.se', - 'PAGER' => 'less', - 'EDITOR' => '/usr/bin/vi', - 'VISUAL' => '/usr/bin/vim', - }}) - } - - service { 'systemd-resolved': - enable => mask, - } - - file { 'Passmenu with OTP support': - path => '/usr/local/bin/passmenu', - mode => '0555', - source => 'puppet:///modules/profiles/passmenu', - } - - file { '/etc/sudoers': - validate_cmd => '/usr/bin/visudo -cf %', - content => @(EOF) - Defaults insults - root ALL=(ALL) ALL - %root ALL=(ALL) ALL - %wheel ALL=(ALL) ALL - - @includedir /etc/sudoers.d - | EOF - } - - - systemd_mount { '/usr/net': - what => 'elrond:/files', - where => '/usr/net', - wantedBy => 'remote-fs.target', - automount => true, - } -} diff --git a/modules/profiles/manifests/workstation/archlinux.pp b/modules/profiles/manifests/workstation/archlinux.pp deleted file mode 100644 index 0919efd..0000000 --- a/modules/profiles/manifests/workstation/archlinux.pp +++ /dev/null @@ -1,51 +0,0 @@ -class profiles::workstation::archlinux { - - pacman::hook { 'systemd daemon-reload': - description => 'Reload systemd user daemon', - exec => '/bin/sudo systemctl --machine=hugo@.host --user daemon-reload', - when => 'PostTransaction', - trigger => { - operation => 'Upgrade', - type => 'Path', - target => 'usr/lib/systemd/user/*', - }, - } - - package { 'kernel-modules-hook': - ensure => installed, - } -> service { 'linux-modules-cleanup': - enable => true, - } - - $cpus = $facts['processors']['count'] - 1 - file_line { 'Makepkg paralell': - path => '/etc/makepkg.conf', - after => '^#-- Make flags', - line => "MAKEFLAGS='-j${cpus}'" - } - - pacman::repo { 'adrift-space': - ensure => present, - server => 'http://repo.gandalf.adrift.space/arch', - sig_level => 'Optional', - } - - # remove - # - netctl - - # aur-packages -# - pacaur -# - ansible-aur-git -# - cyrus-sasl-xoauth2-git -# - todotxt -# - effitask -# - getmail -# - mu -# # - pacaur -# - pandoc-bin -# - tlclient -# # backups old modules on kernel update -# - kernel-modules-hook - - -} diff --git a/modules/profiles/manifests/xmonad.pp b/modules/profiles/manifests/xmonad.pp deleted file mode 100644 index be8d516..0000000 --- a/modules/profiles/manifests/xmonad.pp +++ /dev/null @@ -1,29 +0,0 @@ -# Setup xmonad, only tested on arch linux -class profiles::xmonad { - ensure_packages ([ - 'xmonad', - 'xmonad-contrib', - # apparently really needed by xmonad - 'xorg-fonts-misc', - 'ghc', - 'xorg-xmessage', - 'dzen2', - 'dmenu', - 'rofi', - ], { ensure => installed }) - - # Rebuilt my local xmonad config after an upgrade to xmonad. - # It's required, I think due to something with dynamic linking. - # It's actually pretty ugly that I'm hardcoded in here, but - # something had to be done. - pacman::hook { 'xmonad': - description => 'Rebuild local xmonad config.', - when => 'PostTransaction', - exec => '/bin/sudo -Hu hugo xmonad --recompile', - trigger => { - type => 'Package', - operation => ['Upgrade', 'Install'], - target => 'xmonad*', - }, - } -} |