diff options
Diffstat (limited to '')
-rw-r--r-- | modules/nspawn/manifests/machine.pp | 38 | ||||
-rw-r--r-- | modules/nspawn/manifests/os/arch.pp | 14 | ||||
-rw-r--r-- | modules/nspawn/manifests/os/debian.pp | 49 | ||||
-rw-r--r-- | modules/nspawn/manifests/setup.pp | 16 | ||||
-rw-r--r-- | modules/nspawn/manifests/util/disable_networking.pp | 22 | ||||
-rw-r--r-- | modules/nspawn/manifests/util/enable_networkd.pp | 38 |
6 files changed, 0 insertions, 177 deletions
diff --git a/modules/nspawn/manifests/machine.pp b/modules/nspawn/manifests/machine.pp deleted file mode 100644 index 8ba9bf3..0000000 --- a/modules/nspawn/manifests/machine.pp +++ /dev/null @@ -1,38 +0,0 @@ -define nspawn::machine ( - String $os, - Hash $os_opts = {} , - String $machine = $name, - Boolean $enable = false, -) { - - require ::nspawn::setup - - file { "/var/lib/machines/${machine}/puppet": - ensure => directory, - } - - file { "/etc/systemd/nspawn/${machine}.nspawn": - content => @("EOF") - [Exec] - Hostname=${machine}.adrift.space - Boot=true - # /usr/lib/systemd/resolv.conf - ResolvConf=copy-static - - [Files] - # TODO This should only be mounted on puppet servers, in case it - # contains secrets - BindReadOnly=/usr/local/puppet:/puppet - - [Network] - Bridge=br0 - | EOF - } - - create_resources("nspawn::os::${os}", { $machine => $os_opts }) - - service { "systemd-nspawn@${machine}.service": - enable => $enable, - } - -} diff --git a/modules/nspawn/manifests/os/arch.pp b/modules/nspawn/manifests/os/arch.pp deleted file mode 100644 index e5fc210..0000000 --- a/modules/nspawn/manifests/os/arch.pp +++ /dev/null @@ -1,14 +0,0 @@ -define nspawn::os::arch ( - String $machine = $name, -) { - - ensure_packages(['arch-install-scripts']) - - $machine_path = "/var/lib/machines/${machine}" - - exec { "/usr/bin/pacstrap '${machine_path}' base puppet": - creates => "${machine_path}/etc/os-release", - } - - nspawn::util::enable_networkd { $machine: } -} diff --git a/modules/nspawn/manifests/os/debian.pp b/modules/nspawn/manifests/os/debian.pp deleted file mode 100644 index fbab9ac..0000000 --- a/modules/nspawn/manifests/os/debian.pp +++ /dev/null @@ -1,49 +0,0 @@ -define nspawn::os::debian ( - String $os_version, - String $machine = $name, -) { - - ensure_packages(['debootstrap']) - - exec { "/usr/bin/deboostrap ${os_version} /var/lib/machines/${machine}": - creates => "/var/lib/machines/${machine}/etc/os-release", - } - - $puppet_deb = "/var/lib/machines/${machine}/tmp/puppet7-release-${os_version}.deb" - file { $puppet_deb: - ensure => file, - source => "https://apt.puppet.com/puppet7-release-${os_version}.deb" - } - - $running = $facts['machined-info'][$machine] != Undef or $facts['machined-info'][$machine]['State'] == 'running' - - if $running { - # TODO - notify { "Notify skipping ${machine} setup": - message => "Skipping setup for ${machine}, already running", - } - } else { - exec { "Set up puppet repo for ${machine}": - subscribe => File[$puppet_deb], - command => [ '/usr/bin/systemd-nspawn', - '-M', $machine, - '--quiet', - '/bin/sh', '-c', - "dpkg -i '/tmp/puppet7-release-${os_version}.deb' && apt update" - ], - } - - exec { "install puppet-agent on ${machine}": - command => [ '/usr/bin/systemd-nspawn', - '-M', $machine, - '--quiet', - 'apt', 'install', 'puppet-agent', - ], - creates => "/var/lib/machines/${machine}/opt/puppetlabs/bin/puppet", - } - } - - nspawn::util::disable_networking { $machine: } - nspawn::util::enable_networkd { $machine: } - -} diff --git a/modules/nspawn/manifests/setup.pp b/modules/nspawn/manifests/setup.pp deleted file mode 100644 index 9f742fd..0000000 --- a/modules/nspawn/manifests/setup.pp +++ /dev/null @@ -1,16 +0,0 @@ -class nspawn::setup { - - # TODO find better file to use for containers - - file { '/usr/lib/systemd/resolv.conf': - ensure => file, - content => @(EOF) - # File /usr/lib/systemd/resolv.conf managed by puppet - # Local changes will be overwritten - nameserver 10.0.0.40 - search adrift.space - | EOF - } - - -} diff --git a/modules/nspawn/manifests/util/disable_networking.pp b/modules/nspawn/manifests/util/disable_networking.pp deleted file mode 100644 index 4a9b31b..0000000 --- a/modules/nspawn/manifests/util/disable_networking.pp +++ /dev/null @@ -1,22 +0,0 @@ -define nspawn::util::disable_networking ( - String $machine = $name, - String $machine_path = "/var/lib/machines/${machine}", -) { - - - $cmd = if $facts['machined-info'][$machine]['State'] == 'running' { - [ 'systemctl', '-M', $machine, 'disable', 'networking' ] - } else { - [ 'systemd-nspawn', '-M', $machine, '--quiet', - 'systemctl', 'disable', 'networking' ] - } - - exec { "Disable networking on ${machine}": - command => $cmd, - path => [ '/bin', '/usr/bin', ], - # among others - # creates => "${machine_path}/etc/systemd/system/multi-user.target.wants/systemd-networkd.service", - } - -} - diff --git a/modules/nspawn/manifests/util/enable_networkd.pp b/modules/nspawn/manifests/util/enable_networkd.pp deleted file mode 100644 index 8e447b9..0000000 --- a/modules/nspawn/manifests/util/enable_networkd.pp +++ /dev/null @@ -1,38 +0,0 @@ -define nspawn::util::enable_networkd ( - String $machine = $name, - String $machine_path = "/var/lib/machines/${machine}", -) { - - # TODO only do this if the directory is empty - networking::networkd_instance { "Initial networking on ${machine}": - priority => 50, - filename => 'puppet-initial', - path => "${machine_path}/${networking::networkd::path}", - content => { - 'Match' => { - 'Name' => 'host0', - }, - 'Network' => { - 'DHCP' => 'ipv4', - 'IPv6AcceptRA' => 1, - }, - }, - } - - $running = $facts['machined-info'][$machine] != Undef or $facts['machined-info'][$machine]['State'] == 'running' - - $cmd = if $running { - [ 'systemctl', '-M', $machine, 'enable', 'systemd-networkd' ] - } else { - [ 'systemd-nspawn', '-M', $machine, '--quiet', - 'systemctl', 'enable', 'systemd-networkd' ] - } - - exec { "Enable systemd-networkd on ${machine}": - command => $cmd, - path => [ '/bin', '/usr/bin', ], - # among others - creates => "${machine_path}/etc/systemd/system/multi-user.target.wants/systemd-networkd.service", - } - -} |