Puppet Class: profile::base::labs

Defined in:
modules/profile/manifests/base/labs.pp

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • unattended_wmf (Wmflib::Ensure) (defaults to: lookup('profile::base::labs::unattended_wmf'))
  • unattended_distro (Wmflib::Ensure) (defaults to: lookup('profile::base::labs::unattended_distro'))
  • send_puppet_failure_emails (Boolean) (defaults to: lookup('send_puppet_failure_emails', {'default_value' => true}))
  • cleanup_puppet_client_bucket (Boolean) (defaults to: lookup('profile::base::labs::cleanup_puppet_client_bucket', {'default_value' => false}))
  • client_bucket_file_age (Integer) (defaults to: lookup('profile::base::labs::client_bucket_file_age', {'default_value' => 14}))


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# File 'modules/profile/manifests/base/labs.pp', line 2

class profile::base::labs(
    Wmflib::Ensure $unattended_wmf = lookup('profile::base::labs::unattended_wmf'),
    Wmflib::Ensure $unattended_distro = lookup('profile::base::labs::unattended_distro'),
    Boolean $send_puppet_failure_emails = lookup('send_puppet_failure_emails', {'default_value' => true}),
    Boolean $cleanup_puppet_client_bucket = lookup('profile::base::labs::cleanup_puppet_client_bucket', {'default_value' => false}),
    Integer $client_bucket_file_age = lookup('profile::base::labs::client_bucket_file_age', {'default_value' => 14}),
){

    # profile base is shared with production
    include profile::base
    class {'::apt::unattendedupgrades':
        unattended_wmf    => $unattended_wmf,
        unattended_distro => $unattended_distro,
    }

    # Labs instances /var is quite small, provide our own default
    # to keep less records (T71604).
    file { '/etc/default/acct':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0444',
        source => 'puppet:///modules/base/labs-acct.default',
    }

    # Turn on idmapd by default
    file { '/etc/default/nfs-common':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0444',
        source => 'puppet:///modules/base/labs/nfs-common.default',
    }

    file { '/usr/local/sbin/notify_maintainers.py':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0544',
        source => 'puppet:///modules/base/labs/notify_maintainers.py',
        before => File['/usr/local/sbin/puppet_alert.py'],
    }

    file { '/usr/local/sbin/puppet_alert.py':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0544',
        source => 'puppet:///modules/base/labs/puppet_alert.py',
    }

    $ensure_puppet_emails = $send_puppet_failure_emails ? {
        true    => 'present',
        default => 'absent',
    }

    systemd::timer::job { 'send_puppet_failure_emails':
        ensure          => $ensure_puppet_emails,
        description     => 'Send emails about Puppet failures',
        command         => '/usr/local/sbin/puppet_alert.py',
        interval        => {
            'start'    => 'OnCalendar',
            'interval' => '*-*-* 08:15:00',
        },
        logging_enabled => false,
        user            => 'root',
        require         => File['/usr/local/sbin/puppet_alert.py'],
    }

    # clean up puppet client bucket (T165885)
    systemd::timer::job { 'cleanup_puppet_client_bucket':
        ensure             => $cleanup_puppet_client_bucket.bool2str('present','absent'),
        description        => 'Delete old files from the puppet client bucket',
        command            => "/usr/bin/find /var/lib/puppet/clientbucket/ -type f -mtime +${client_bucket_file_age} -atime +${client_bucket_file_age} -delete",
        interval           => {
            'start'    => 'OnUnitInactiveSec',
            'interval' => '24h',
        },
        logging_enabled    => false,
        monitoring_enabled => false,
        user               => 'root',
    }
}