anarcat · September 5, 2019 20:21 · Sep 5, 2019 · Sep 5, 2019
diff --git a/cdn-backend-sunet-01.torproject.org.yaml b/cdn-backend-sunet-01.torproject.org.yaml
@@ -0,0 +1,9 @@
+classes:
+  - roles::weblog_source
+  - roles::static_mirror_web
+# doesn't know its own IP, supply it here
+# XXX: maybe we want to override ipaddress for this entire host?
+roles::weblog_source::allow_address: 89.45.235.27
+roles::static_master::allow_address: 89.45.235.27
+# behind NAT
+hosts::managed: false
diff --git a/common.yaml b/common.yaml
@@ -0,0 +1,3 @@
+classes:
+  - roles::monitored
+  - base
diff --git a/hiera.yaml b/hiera.yaml
@@ -0,0 +1,18 @@
+---
+:backends:
+  - yaml
+
+:hierarchy:
+  - "nodes/%{trusted.certname}"
+  - "osfamily/%{::osfamily}"
+  # forward-compatibility with automated lookups, remove when
+  # Puppetmaster is >= 4.9, along with the symlinks in hiera/modules
+  - "modules/%{module_name}/data/%{facts.os.name}-%{facts.os.release.major}"
+  - "modules/%{module_name}/data/%{facts.os.name}"
+  - "modules/%{module_name}/data/%{facts.os.family}"
+  - "modules/%{module_name}/data/defaults"
+  - "modules/%{module_name}/data/common"
+  - common
+
+:yaml:
+  :datadir: /etc/puppet/hiera
diff --git a/base.pp b/base.pp
@@ -0,0 +1,8 @@
+class base(
+  Stdlib::IP::Address $public_address  = filter_ipv4(getfromhash($nodeinfo, 'ldap', 'ipHostNumber'))[0],
+  Stdlib::IP::Address $public_address6 = filter_ipv6(getfromhash($nodeinfo, 'ldap', 'ipHostNumber'))[0],
+) {
+  Notify { 'base_ips':
+    message => "base::public_address: ${base::public_address} base::public_address6: ${base::public_address6} ipaddress: ${::ipaddress} ipaddress6: ${::ipaddress6}",
+  }
+}
diff --git a/output.txt b/output.txt
@@ -0,0 +1,12 @@
+# puppet agent -t 
+Info: Using configured environment 'production'
+Info: Retrieving pluginfacts
+Info: Retrieving plugin
+Info: Loading facts
+Info: Caching catalog for cdn-backend-sunet-01.torproject.org
+Info: Applying configuration version '1567714440'
+Notice: base::public_address:  base::public_address6:  ipaddress: 89.45.235.27 ipaddress6: 2001:6b0:5a:5000::b allow_address 89.45.235.27 allow_address6 2001:6b0:5a:5000::b
+Notice: /Stage[main]/Roles::Weblog_source/Notify[weblog_source_ips]/message: defined 'message' as 'base::public_address:  base::public_address6:  ipaddress: 89.45.235.27 ipaddress6: 2001:6b0:5a:5000::b allow_address 89.45.235.27 allow_address6 2001:6b0:5a:5000::b'
+Notice: base::public_address: 89.45.235.27 base::public_address6: 2001:6b0:5a:5000::b ipaddress: 89.45.235.27 ipaddress6: 2001:6b0:5a:5000::b
+Notice: /Stage[main]/Base/Notify[base_ips]/message: defined 'message' as 'base::public_address: 89.45.235.27 base::public_address6: 2001:6b0:5a:5000::b ipaddress: 89.45.235.27 ipaddress6: 2001:6b0:5a:5000::b'
+Notice: Applied catalog in 5.12 seconds
diff --git a/weblog_source.pp b/weblog_source.pp
@@ -0,0 +1,8 @@
+class roles::weblog_source(
+  $allow_address  = $::ipaddress,
+  $allow_address6 = $::ipaddress6,
+) {
+  Notify { 'weblog_source_ips':
+    message => "base::public_address: ${base::public_address} base::public_address6: ${base::public_address6} ipaddress: ${::ipaddress} ipaddress6: ${::ipaddress6} allow_address ${allow_address} allow_address6 ${allow_address6}",
+  }
+}
No results found