One last question: Would the list suggest implementing "augeas" where possible? and would "augeas" fit into the "module layout"
Thanks Bruce On Jun 18, 9:29 am, Bruce Bushby <bruce.bus...@gmail.com> wrote: > Hello > > I'm new to large scale puppet deployment and was hoping the list could > offer some pointers on "module layout" > > My initial "layout" was motivated by a need to "harden" our Linux > systems. I grouped the various hardening configs into: > > Kernel > OS > Network > Shell > Files > Application > > I'm hoping I can create the same module structure within puppet. > > Using "sudo" as the first example, I want puppet to ensure "/usr/bin/ > sudo" has "4111" file perms and "root:root" ownership. > > Directory layout: > I used this handy script from > "ProfFalken"http://www.threedrunkensysadsonthe.net/2010/04/quick-creation-of-pupp... > > BUT...this is where things are getting a little grey. I currently > have: > > [root@laptop manifests]# pwd > /etc/puppet/manifests > [root@laptop manifests]# > [root@laptop manifests]# tree os > os > |-- files > |-- lib > | |-- facter > | `-- puppet > | |-- parser > | |-- provider > | `-- type > |-- manifests > | |-- init.pp > | `-- sudo.pp > `-- templates > > 9 directories, 2 files > [root@laptop manifests]# > [root@laptop manifests]# cat os/manifests/sudo.pp > # /etc/puppet/manifests/classes/sudo.pp > > class sudo { > file { "/etc/sudoers": > owner => "root", > group => "root", > mode => 4111, > }} > > [root@laptop manifests]# > > Am I on the correct track? > > I'm guessing I should break the classes down into: > sudo::perms > sudo::ownership > sudo::file (have puppet serve the sudo template) > > then in "os/manifests/site.pp" ..... would I import sudo? > > and the second question: How would I create hosts groups? I would like > to group my hosts in "dev", "uat", "staging" and "prod" etc? > > ThanksBruce -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
