puppet 3.0.0.rc5 → 3.0.0.rc7

data/ext/debian/puppetmaster-common.manpages

@@ -0,0 +1,2 @@
+man/man8/puppet-ca.8
+man/man8/puppet-master.8

data/ext/debian/puppetmaster-common.puppetqd.default

@@ -0,0 +1,27 @@
+# Defaults for puppetqd - sourced by /etc/init.d/puppetqd
+
+# Should puppetqd (the storeconfigs queuing broker) be started? 
+#  This can take some load off of the puppetmaster by queuing the
+#  storeconfig updates to the database with puppetqd. You need
+#  to have the 'stompserver' package installed and running, and
+#  the following configured in your puppet.conf:
+#
+#  [main]
+#  queue_type = stomp
+#  queue_source = stomp://localhost:61613
+#  dbadapter = (sqlite3|mysql|postgresql)
+#  dbserver=localhost
+#  dbname=puppet
+#  dbuser=puppet
+#  dbpassword=xxxx
+#  dblocation = /var/lib/puppet/storeconfigs.sqlite <-- only if using sqlite
+#
+#  [master]
+#  async_storeconfigs = true
+#
+#  See: http://puppetlabs.com/trac/puppet/wiki/UsingStoredConfiguration
+#
+#  Once you have the proper puppet.conf, and stompserver, you can enable
+#  the following:
+PUPPETQD=no
+PUPPETQD_OPTS=""

data/ext/debian/puppetmaster-common.puppetqd.init

@@ -0,0 +1,84 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: puppetqd
+# Required-Start:    $network $named $remote_fs $syslog
+# Required-Stop:     $network $named $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+### END INIT INFO                 
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/bin/puppet
+DAEMON_OPTS="queue"
+NAME=queue
+DESC="puppet queue"
+PIDFILE="/var/run/puppet/${NAME}.pid"
+
+test -x $DAEMON || exit 0
+
+[ -r /etc/default/puppetqd ] && . /etc/default/puppetqd
+
+. /lib/lsb/init-functions
+
+if [ ! -d /var/run/puppet ]; then
+	mkdir -p /var/run/puppet
+fi
+
+chown puppet:puppet /var/run/puppet
+
+is_true() {
+    if [ "x$1" = "xtrue" -o "x$1" = "xyes" -o "x$1" = "x0" ] ; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+start_puppet_queue() {
+    if is_true "$PUPPETQD" ; then
+	start-stop-daemon --start --quiet --pidfile=${PIDFILE} \
+	    --startas $DAEMON -- $NAME $DAEMON_OPTS $PUPPETQD_OPTS
+    fi
+}
+
+stop_puppet_queue() {
+    start-stop-daemon --stop --quiet --oknodo --pidfile ${PIDFILE}
+    rm -f ${PIDFILE}
+}
+
+status_puppet_queue() {
+    if is_true "$PUPPETQD" ; then
+        status_of_proc -p "${PIDFILE}" "${DAEMON}" "${NAME}"
+    else
+	echo ""
+	echo "puppetqd not configured to start"
+    fi
+}
+
+
+case "$1" in
+    start)
+	log_begin_msg "Starting $DESC"
+	start_puppet_queue
+	log_end_msg $?
+	;;
+    stop)
+	log_begin_msg "Stopping $DESC"
+	stop_puppet_queue
+	log_end_msg $?
+	;;
+    status)
+	status_puppet_queue
+        ;;
+    reload|restart|force-reload)
+	log_begin_msg "Restarting $DESC"
+	stop_puppet_queue
+	sleep 1
+	start_puppet_queue
+	log_end_msg $?
+	;;
+    *)
+	echo "Usage: $0 {start|stop|status|restart|force-reload}" >&2
+	exit 1
+	;;
+esac

data/ext/debian/puppetmaster-passenger.dirs

@@ -0,0 +1,4 @@
+usr/share/puppet/rack/puppetmasterd
+usr/share/puppet/rack/puppetmasterd/public
+usr/share/puppet/rack/puppetmasterd/tmp
+usr/share/puppetmaster-passenger/

data/ext/debian/puppetmaster-passenger.postinst

@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+    
+    # Change the owner of the rack config.ru to be the puppet user
+    # because passenger will suid to that user, see #577366
+    if ! dpkg-statoverride --list /usr/share/puppet/rack/puppetmasterd/config.ru >/dev/null 2>&1
+    then
+	dpkg-statoverride --update --add puppet puppet 0644 /usr/share/puppet/rack/puppetmasterd/config.ru
+    fi
+    # Setup passenger configuration
+    if [ "$2" = "" ]; then
+        # Initialize puppetmaster CA and generate the master certificate 
+        # only if the host doesn't already have any puppet ssl certificate.
+        # The ssl key and cert need to be available (eg generated) before
+        # apache2 is configured and started since apache2 ssl configuration 
+        # uses the puppetmaster ssl files.
+	if [ ! -e "$(puppet master --configprint hostcert)" ]; then
+		puppet cert generate $(puppet master --configprint certname)
+	fi
+        # Setup apache2 configuration files
+        APACHE2_SITE_FILE="/etc/apache2/sites-available/puppetmaster" 
+        if  [ ! -e "${APACHE2_SITE_FILE}" ]; then
+            cp /usr/share/puppetmaster-passenger/apache2.site.conf.tmpl "${APACHE2_SITE_FILE}"
+            # Fix path to SSL files
+            sed -r -i "s|(SSLCertificateFile\s+).+$|\1$(puppet master --configprint hostcert)|" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|(SSLCertificateKeyFile\s+).+$|\1$(puppet master --configprint hostprivkey)|" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|(SSLCACertificateFile\s+).+$|\1$(puppet master --configprint localcacert)|" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|(SSLCertificateChainFile\s+).+$|\1$(puppet master --configprint localcacert)|" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|(SSLCARevocationFile\s+).+$|\1$(puppet master --configprint cacrl)|" "${APACHE2_SITE_FILE}"
+
+            # Fix path to rack docroot and directory
+            sed -r -i "s|DocumentRoot /etc/puppet/rack/public|DocumentRoot /usr/share/puppet/rack/puppetmasterd/public|g" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|<Directory /etc/puppet/rack/>|<Directory /usr/share/puppet/rack/puppetmasterd/>|g" "${APACHE2_SITE_FILE}"
+        fi
+        a2enmod ssl
+        a2enmod headers
+        a2ensite puppetmaster
+        if [ -x "/etc/init.d/apache2" ]; then
+            # Seems that a restart is needed. reload breaks ssl apparently.
+            if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+                invoke-rc.d apache2 restart || exit $?
+            else
+                /etc/init.d/apache2 restart || exit $?
+            fi
+        fi
+    fi
+    # Fix CRL file on upgrade to use the CA crl file instead of the host crl.
+    if dpkg --compare-versions "$2" lt-nl "2.6.1-1"; then
+        if [ -e /etc/apache2/sites-available/puppetmaster ]; then
+            sed -r -i 's|SSLCARevocationFile[[:space:]]+/var/lib/puppet/ssl/crl.pem$|SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem|' /etc/apache2/sites-available/puppetmaster
+            if [ -x "/etc/init.d/apache2" ]; then
+                # Seems that a restart is needed. reload breaks ssl apparently.
+                if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+                    invoke-rc.d apache2 restart || exit $?
+                else
+                    /etc/init.d/apache2 restart || exit $?
+                fi
+            fi
+        fi
+    fi
+fi
+
+#DEBHELPER#

data/ext/debian/puppetmaster-passenger.postrm

@@ -0,0 +1,33 @@
+#!/bin/sh -e
+
+case "$1" in
+    purge)
+	if dpkg-statoverride --list /usr/share/puppet/rack/puppetmasterd/config.ru >/dev/null 2>&1
+	then
+	    dpkg-statoverride --remove /usr/share/puppet/rack/puppetmasterd/config.ru
+	fi
+	# Remove the puppetmaster site configuration on purge
+	rm -f /etc/apache2/sites-available/puppetmaster
+	;;
+    remove)
+        # Disable the puppetmaster apache2 site configuration on package removal
+        a2dissite puppetmaster
+        if [ -x "/etc/init.d/apache2" ]; then
+            if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+                invoke-rc.d apache2 force-reload || exit $?
+            else
+                /etc/init.d/apache2 force-reload || exit $?
+            fi
+        fi
+	;;
+    upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+        ;;
+    *)
+        echo "postrm called with unknown argument \`$1'" >&2
+        exit 1
+
+esac
+
+#DEBHELPER#
+
+exit 0

data/ext/debian/puppetmaster.README.debian

@@ -0,0 +1,16 @@
+By default, the puppetmaster package is configured in
+/etc/default/puppetmaster to utilize the webrick server included in
+the application. This server is single-threaded, very slow and tends
+to fall over when you get close to 30 nodes. You will start to see
+connection-reset or End-of-file errors when this happens.
+
+You will want to a server that can scale better than webrick, such as
+Passenger (aka. mod_rails), or mongrel, both with a front-end
+web-proxy such as apache.
+
+If you would like to run Passenger (aka. mod_rails) with apache install the
+puppetmaster-passenger package. It will automatically setup an apache2 virtual
+host that will run puppetmaster under Passenger.
+
+For more information:
+http://projects.puppetlabs.com/projects/puppet/wiki/Using_Passenger

data/ext/debian/puppetmaster.default

@@ -0,0 +1,38 @@
+# Defaults for puppetmaster - sourced by /etc/init.d/puppetmaster
+
+# Start puppetmaster on boot? If you are using passenger, you should
+# have this set to "no"
+START=yes
+
+# Startup options
+DAEMON_OPTS=""
+
+# What server type to run 
+# Options: 
+# 	   webrick: default, cannot handle more than ~30 nodes
+#	   mongrel: scales better than webrick because you can run
+#	    	    multiple processes if you are getting
+#	    	    connection-reset or End-of-file errors, switch to
+#	    	    mongrel. Requires front-end web-proxy such as
+#	    	    apache, nginx, or pound, more information:
+#	            http://puppetlabs.com/trac/puppet/wiki/UsingMongrel
+#          passenger: no need to set this, be sure to set START=no above
+SERVERTYPE=webrick
+
+# How many puppetmaster instances to start? Its pointless to set this
+# higher than 1 if you are not using mongrel. 
+PUPPETMASTERS=1
+
+# What port should the puppetmaster listen on (default: 8140). If
+# PUPPETMASTERS is set to a number greater than 1, then the port for
+# the first puppetmaster will be set to the port listed below, and
+# further instances will be incremented by one 
+#
+# NOTE: if you are using mongrel, then you will need to have a
+# front-end web-proxy (such as apache, nginx, pound) that takes
+# incoming requests on the port your clients are connecting to
+# (default is: 8140), and then passes them off to the mongrel
+# processes.  In this case it is recommended to run your web-proxy on
+# port 8140 and change the below number to something else, such as
+# 18140.
+PORT=8140

data/ext/debian/puppetmaster.init

@@ -0,0 +1,158 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides:          puppetmaster
+# Required-Start:    $network $named $remote_fs $syslog
+# Required-Stop:     $network $named $remote_fs $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+### END INIT INFO                 
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/bin/puppet
+DAEMON_OPTS=""
+NAME=master
+DESC="puppet master"
+
+test -x $DAEMON || exit 0
+
+[ -r /etc/default/puppetmaster ] && . /etc/default/puppetmaster
+
+. /lib/lsb/init-functions
+
+if [ ! -d /var/run/puppet ]; then
+	mkdir -p /var/run/puppet
+fi
+
+chown puppet:puppet /var/run/puppet
+
+is_true() {
+    if [ "x$1" = "xtrue" -o "x$1" = "xyes" -o "x$1" = "x0" ] ; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+start_puppet_master() {
+    if is_true "$START" ; then
+	if [ "$SERVERTYPE" = "mongrel" ]
+	then
+	    DAEMON_OPTS="$DAEMON_OPTS --servertype=mongrel"
+	    NUMSTART=0
+	    STARTPORT=$PORT
+	    while [ $NUMSTART -lt $PUPPETMASTERS ]; do 
+		start-stop-daemon --start --quiet --pidfile=/var/run/puppet/${NAME}-${STARTPORT}.pid \
+		    --startas $DAEMON -- $NAME $DAEMON_OPTS --masterport=$STARTPORT --pidfile=/var/run/puppet/${NAME}-${STARTPORT}.pid
+		STARTPORT=$(($STARTPORT + 1))
+		NUMSTART=$(($NUMSTART + 1))
+	    done
+	else
+	    start-stop-daemon --start --quiet --pidfile /var/run/puppet/${NAME}.pid \
+		--startas $DAEMON -- $NAME $DAEMON_OPTS --masterport=$PORT
+	fi
+    else
+	echo ""
+	echo "puppetmaster not configured to start, please edit /etc/default/puppetmaster to enable"
+    fi
+}
+
+stop_puppet_master() {
+    if [ "$SERVERTYPE" = "mongrel" ]
+    then
+	NUMSTART=0
+	STOPPORT=$PORT
+	while [ $NUMSTART -lt $PUPPETMASTERS ]; do 
+	    start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/puppet/${NAME}-${STOPPORT}.pid
+	    rm -f /var/run/puppet/${NAME}-${STOPPORT}.pid
+	    STOPPORT=$(($STOPPORT + 1))
+	    NUMSTART=$(($NUMSTART + 1))
+	done
+    else
+	start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/puppet/${NAME}.pid
+    fi
+}
+
+status_puppet_master() {
+    if ( ! type status_of_proc > /dev/null 2>&1 ) ; then
+        status_of_proc() {
+            local pidfile daemon name status
+            pidfile=
+            OPTIND=1
+            while getopts p: opt ; do
+                case "$opt" in
+                    p)  pidfile="$OPTARG";;
+                esac
+            done
+            shift $(($OPTIND - 1))
+            
+            if [ -n "$pidfile" ]; then
+                pidfile="-p $pidfile"
+            fi
+            daemon="$1"
+            name="$2"
+        
+            status="0"
+            pidofproc $pidfile $daemon >/dev/null || status="$?"
+            if [ "$status" = 0 ]; then
+                log_success_msg "$name is running"
+                return 0
+            elif [ "$status" = 4 ]; then
+                log_failure_msg "could not access PID file for $name"
+                return $status
+            else
+                log_failure_msg "$name is not running"
+                return $status
+            fi         
+        }
+    fi
+
+   if is_true "$START" ; then
+	if [ "$SERVERTYPE" = "mongrel" ]
+	then
+	    NUMSTART=0
+	    STARTPORT=$PORT
+	    while [ $NUMSTART -lt $PUPPETMASTERS ]; do 
+		status_of_proc -p "/var/run/puppet/${NAME}-${STARTPORT}.pid" \
+                    "${DAEMON}" "${NAME}-${STARTPORT}"
+		STARTPORT=$(($STARTPORT + 1))
+		NUMSTART=$(($NUMSTART + 1))
+	    done
+	else
+            status_of_proc -p "/var/run/puppet/${NAME}.pid" "${DAEMON}" "${NAME}"
+	fi
+    else
+	echo ""
+	echo "puppetmaster not configured to start"
+    fi
+}
+
+
+case "$1" in
+    start)
+	log_begin_msg "Starting $DESC"
+	start_puppet_master
+	log_end_msg $?
+	;;
+    stop)
+	log_begin_msg "Stopping $DESC"
+	stop_puppet_master
+	log_end_msg $?
+	;;
+    reload)
+  	# Do nothing, as Puppetmaster rechecks its config automatically
+        ;;
+    status)
+	status_puppet_master
+        ;;
+    restart|force-reload)
+	log_begin_msg "Restarting $DESC"
+	stop_puppet_master
+	sleep 1
+	start_puppet_master
+	log_end_msg $?
+	;;
+    *)
+	echo "Usage: $0 {start|stop|status|restart|force-reload}" >&2
+	exit 1
+	;;
+esac

data/ext/debian/puppetmaster.lintian-overrides

@@ -0,0 +1,3 @@
+# Man pages are automatically generated, not much to do here
+puppetmaster binary: manpage-has-bad-whatis-entry
+puppetmaster binary: manpage-has-errors-from-man

data/ext/debian/puppetmaster.postinst

@@ -0,0 +1,20 @@
+#!/bin/sh
+
+set -e
+
+# Remove renamed configuration files which are now handled by other
+# packages
+if dpkg-maintscript-helper supports rm_conffile 2>/dev/null; then
+
+    dpkg-maintscript-helper rm_conffile \
+        /etc/logrotate.d/puppetmaster 2.7.16-1puppetlabs1 puppetmaster -- "$@"
+
+# For systems with dpkg < 1.15.7-2
+else
+
+    if [ -f /etc/logrotate.d/puppetmaster ]; then
+        rm /etc/logrotate.d/puppetmaster || true
+    fi
+fi
+
+#DEBHELPER#