diff --git a/Puppetfile b/Puppetfile index 47eccf7e4..682d728e0 100644 --- a/Puppetfile +++ b/Puppetfile @@ -1,167 +1,172 @@ mod 'apache', - :git => 'https://github.com/puppetlabs/puppetlabs-apache.git', - :commit => '769ff363a8a3c51e24f63a2494217d2d029289c6' + :commit => '769ff363a8a3c51e24f63a2494217d2d029289c6', + :git => 'https://github.com/puppetlabs/puppetlabs-apache.git' mod 'ceilometer', - :git => 'https://github.com/stackforge/puppet-ceilometer.git', - :commit => '08fc9d9159cd9eb0830d550abb1058bc2b9b5759' + :commit => '08fc9d9159cd9eb0830d550abb1058bc2b9b5759', + :git => 'https://github.com/stackforge/puppet-ceilometer.git' mod 'certmonger', - :git => 'https://github.com/rcritten/puppet-certmonger.git', - :commit => '5fbf10fbbff4aed4db30e839c63c99b195e8425a' + :commit => '5fbf10fbbff4aed4db30e839c63c99b195e8425a', + :git => 'https://github.com/rcritten/puppet-certmonger.git' mod 'cinder', - :git => 'https://github.com/stackforge/puppet-cinder.git', - :commit => '2da616a4a52d3086fe3a291b9199fc7313575504' + :commit => '2da616a4a52d3086fe3a291b9199fc7313575504', + :git => 'https://github.com/stackforge/puppet-cinder.git' mod 'common', - :git => 'https://github.com/purpleidea/puppet-common.git', - :commit => '2c0ed2844c606fd806bde0c02e47e79c88fab4a9' + :commit => '2c0ed2844c606fd806bde0c02e47e79c88fab4a9', + :git => 'https://github.com/purpleidea/puppet-common.git' mod 'concat', - :git => 'https://github.com/puppetlabs/puppetlabs-concat.git', - :commit => '07bba0bcad2e3a2baf19dbff8b1a5146d9141153' + :commit => '07bba0bcad2e3a2baf19dbff8b1a5146d9141153', + :git => 'https://github.com/puppetlabs/puppetlabs-concat.git' mod 'firewall', - :git => 'https://github.com/puppetlabs/puppetlabs-firewall.git', - :commit => 'd5a10f5a52d84b9fcfb8fc65ef505685a07d5799' + :commit => 'd5a10f5a52d84b9fcfb8fc65ef505685a07d5799', + :git => 'https://github.com/puppetlabs/puppetlabs-firewall.git' mod 'galera', - :git => 'https://github.com/rohara/puppet-galera.git', - :commit => 'e35922bbb31ef2e6a86c7973cbafea96a8b160af' + :commit => 'e35922bbb31ef2e6a86c7973cbafea96a8b160af', + :git => 'https://github.com/rohara/puppet-galera.git' mod 'glance', - :git => 'https://github.com/stackforge/puppet-glance.git', - :commit => 'f377c0229c006b02f43a14be4979553e983cb98e' + :commit => 'f377c0229c006b02f43a14be4979553e983cb98e', + :git => 'https://github.com/stackforge/puppet-glance.git' mod 'gluster', - :git => 'https://github.com/purpleidea/puppet-gluster.git', - :commit => '6c962083d8b100dcaeb6f11dbe61e6071f3d13f0' + :commit => '6c962083d8b100dcaeb6f11dbe61e6071f3d13f0', + :git => 'https://github.com/purpleidea/puppet-gluster.git' mod 'haproxy', - :git => 'https://github.com/puppetlabs/puppetlabs-haproxy.git', - :commit => 'f381510e940ee11feb044c1c728ba2e5af807c79' + :commit => 'f381510e940ee11feb044c1c728ba2e5af807c79', + :git => 'https://github.com/puppetlabs/puppetlabs-haproxy.git' mod 'heat', - :git => 'https://github.com/stackforge/puppet-heat.git', - :commit => 'e9e1ba05e13948b8e0c7a72b1b68cefbedd2b40d' + :commit => 'e9e1ba05e13948b8e0c7a72b1b68cefbedd2b40d', + :git => 'https://github.com/stackforge/puppet-heat.git' mod 'horizon', - :git => 'https://github.com/stackforge/puppet-horizon.git', - :commit => '16b482ea21a70d8dd06ab4c98ac5a218399b0213' + :commit => '16b482ea21a70d8dd06ab4c98ac5a218399b0213', + :git => 'https://github.com/stackforge/puppet-horizon.git' mod 'inifile', - :git => 'https://github.com/puppetlabs/puppetlabs-inifile.git', - :commit => 'fe9b0d5229ea37179a08c4b49239da9bc950acd1' + :commit => 'fe9b0d5229ea37179a08c4b49239da9bc950acd1', + :git => 'https://github.com/puppetlabs/puppetlabs-inifile.git' mod 'keystone', - :git => 'https://github.com/stackforge/puppet-keystone.git', - :commit => '605161f3d4b7bbcffc657c86b367159701dfdcbe' + :commit => '605161f3d4b7bbcffc657c86b367159701dfdcbe', + :git => 'https://github.com/stackforge/puppet-keystone.git' mod 'memcached', - :git => 'https://github.com/saz/puppet-memcached.git', - :commit => '49dbf102fb6eee90297b2ed6a1fa463a8c5ccee7' + :commit => '49dbf102fb6eee90297b2ed6a1fa463a8c5ccee7', + :git => 'https://github.com/saz/puppet-memcached.git' mod 'module-data', - :git => 'https://github.com/ripienaar/puppet-module-data.git', - :commit => '159fc5e0e21ce9df96c777f0064b5eca88e29cae' + :commit => '159fc5e0e21ce9df96c777f0064b5eca88e29cae', + :git => 'https://github.com/ripienaar/puppet-module-data.git' mod 'mongodb', - :git => 'https://github.com/puppetlabs/puppetlabs-mongodb.git', - :commit => '0518f864afcce2ebb79f1f2edab5de323c811af7' + :commit => '0518f864afcce2ebb79f1f2edab5de323c811af7', + :git => 'https://github.com/puppetlabs/puppetlabs-mongodb.git' mod 'mysql', - :git => 'https://github.com/puppetlabs/puppetlabs-mysql.git', - :commit => 'c70fc13fc15740b61b8eccd3c79168d3e417a374' + :commit => 'c70fc13fc15740b61b8eccd3c79168d3e417a374', + :git => 'https://github.com/puppetlabs/puppetlabs-mysql.git' mod 'n1k-vsm', - :git => 'https://github.com/stackforge/puppet-n1k-vsm.git', - :commit => '69ff094069506f98431182c6097b3b6b9ea6fdb9' + :commit => '69ff094069506f98431182c6097b3b6b9ea6fdb9', + :git => 'https://github.com/stackforge/puppet-n1k-vsm.git' mod 'nagios', - :git => 'https://github.com/gildub/puppet-nagios-openstack.git', - :commit => '56a1eee350c4600bb12e017d64238fb3f876abd4' + :commit => '56a1eee350c4600bb12e017d64238fb3f876abd4', + :git => 'https://github.com/gildub/puppet-nagios-openstack.git' mod 'neutron', - :git => 'https://github.com/stackforge/puppet-neutron.git', - :commit => 'dcd122e477713421d9601d93d13725a4871b9c42' + :commit => 'dcd122e477713421d9601d93d13725a4871b9c42', + :git => 'https://github.com/stackforge/puppet-neutron.git' mod 'nova', - :git => 'https://github.com/stackforge/puppet-nova.git', - :commit => 'a79e5338df5f85cb299183e54b39e8a22a640f59' + :commit => 'a79e5338df5f85cb299183e54b39e8a22a640f59', + :git => 'https://github.com/stackforge/puppet-nova.git' mod 'nssdb', - :git => 'https://github.com/rcritten/puppet-nssdb.git', - :commit => 'b3799a9a7c62c3b5b7968f9860220a885b45fb8a' + :commit => 'b3799a9a7c62c3b5b7968f9860220a885b45fb8a', + :git => 'https://github.com/rcritten/puppet-nssdb.git' + +mod 'ntp', + :commit => '8f697e32bc279b36ada752273e6c788716b95315', + :git => 'https://github.com/puppetlabs/puppetlabs-ntp' mod 'openstack', - :git => 'https://github.com/stackforge/puppet-openstack.git', - :commit => 'd81d2d86280d5739cc896a48b68d7309e765047a' + :commit => 'd81d2d86280d5739cc896a48b68d7309e765047a', + :git => 'https://github.com/stackforge/puppet-openstack.git' mod 'openstacklib', - :git => 'https://github.com/stackforge/puppet-openstacklib.git', - :commit => 'c374bed10f8af6000601fa407ebaef0833e1999c' + :commit => 'c374bed10f8af6000601fa407ebaef0833e1999c', + :git => 'https://github.com/stackforge/puppet-openstacklib.git' mod 'pacemaker', - :git => 'https://github.com/radez/puppet-pacemaker.git', - :commit => '0ed9ee8a29c0f27e86727d415b39d2715332df7d' + :commit => '0ed9ee8a29c0f27e86727d415b39d2715332df7d', + :git => 'https://github.com/radez/puppet-pacemaker.git' mod 'puppet', - :git => 'https://github.com/purpleidea/puppet-puppet.git', - :commit => 'bd467cae15eba9ca44274034d2593b0eaf30518d' + :commit => 'bd467cae15eba9ca44274034d2593b0eaf30518d', + :git => 'https://github.com/purpleidea/puppet-puppet.git' mod 'qpid', - :git => 'https://github.com/dprince/puppet-qpid', - :commit => '1f0c32b39ad17e7acbd440b50fb6f0875971f5e1' + :commit => '1f0c32b39ad17e7acbd440b50fb6f0875971f5e1', + :git => 'https://github.com/dprince/puppet-qpid' mod 'rabbitmq', - :git => 'https://github.com/puppetlabs/puppetlabs-rabbitmq.git', - :commit => 'cbda1ced336f9768ebd442415b4d9c7c4ddb48c7' + :commit => 'cbda1ced336f9768ebd442415b4d9c7c4ddb48c7', + :git => 'https://github.com/puppetlabs/puppetlabs-rabbitmq.git' mod 'rsync', - :git => 'https://github.com/puppetlabs/puppetlabs-rsync.git', - :commit => '357d51f3a6a22bc3da842736176c3510e507b4fb' + :commit => '357d51f3a6a22bc3da842736176c3510e507b4fb', + :git => 'https://github.com/puppetlabs/puppetlabs-rsync.git' mod 'sahara', - :git => 'https://github.com/stackforge/puppet-sahara.git', - :commit => 'f4e5681cfb289113be1ba49c12709145ecbad938' + :commit => 'f4e5681cfb289113be1ba49c12709145ecbad938', + :git => 'https://github.com/stackforge/puppet-sahara.git' mod 'ssh', - :git => 'https://github.com/saz/puppet-ssh.git', - :commit => 'd6571f8c43ac55d20a6afd8a8ce3f86ac4b0d7a4' + :commit => 'd6571f8c43ac55d20a6afd8a8ce3f86ac4b0d7a4', + :git => 'https://github.com/saz/puppet-ssh.git' mod 'staging', - :git => 'https://github.com/nanliu/puppet-staging.git', - :commit => '887275d8fb20e148c6f9eb327f1f6c8ea5ee280f' + :commit => '887275d8fb20e148c6f9eb327f1f6c8ea5ee280f', + :git => 'https://github.com/nanliu/puppet-staging.git' mod 'stdlib', - :git => 'https://github.com/puppetlabs/puppetlabs-stdlib.git', - :commit => '62e8c1d76902e6f22cb9f7b3abd43e757b4130a3' + :commit => '62e8c1d76902e6f22cb9f7b3abd43e757b4130a3', + :git => 'https://github.com/puppetlabs/puppetlabs-stdlib.git' mod 'swift', - :git => 'https://github.com/stackforge/puppet-swift.git', - :commit => '3ea00440361ff2452561d2cce808d938e39cce56' + :commit => '3ea00440361ff2452561d2cce808d938e39cce56', + :git => 'https://github.com/stackforge/puppet-swift.git' mod 'sysctl', - :git => 'https://github.com/puppetlabs/puppetlabs-sysctl.git', - :commit => 'c4486acc2d66de857dbccd8b4b945ea803226705' + :commit => 'c4486acc2d66de857dbccd8b4b945ea803226705', + :git => 'https://github.com/puppetlabs/puppetlabs-sysctl.git' mod 'tempest', - :git => 'https://github.com/stackforge/puppet-tempest.git', - :commit => '7a3369949fc8af41e190dd8115391354a7575ecb' + :commit => '7a3369949fc8af41e190dd8115391354a7575ecb', + :git => 'https://github.com/stackforge/puppet-tempest.git' mod 'vcsrepo', - :git => 'https://github.com/puppetlabs/puppetlabs-vcsrepo.git', - :commit => '6f7507a2a48ff0a58c7db026760a2eb84e382a77' + :commit => '6f7507a2a48ff0a58c7db026760a2eb84e382a77', + :git => 'https://github.com/puppetlabs/puppetlabs-vcsrepo.git' mod 'vlan', - :git => 'https://github.com/derekhiggins/puppet-vlan.git', - :commit => 'c937de75c28e63fba8d8738ad6a5f2ede517e53d' + :commit => 'c937de75c28e63fba8d8738ad6a5f2ede517e53d', + :git => 'https://github.com/derekhiggins/puppet-vlan.git' mod 'vswitch', - :git => 'https://github.com/stackforge/puppet-vswitch.git', - :commit => '17b62e56e07eeed25fd2aaef278a16c97155a115' + :commit => '17b62e56e07eeed25fd2aaef278a16c97155a115', + :git => 'https://github.com/stackforge/puppet-vswitch.git' mod 'xinetd', - :git => 'https://github.com/puppetlabs/puppetlabs-xinetd.git', - :commit => '6b02de8d4f30a819eb404048e4258e3a5e8023c8' + :commit => '6b02de8d4f30a819eb404048e4258e3a5e8023c8', + :git => 'https://github.com/puppetlabs/puppetlabs-xinetd.git' + diff --git a/ntp/.fixtures.yml b/ntp/.fixtures.yml new file mode 100644 index 000000000..a4b980143 --- /dev/null +++ b/ntp/.fixtures.yml @@ -0,0 +1,5 @@ +fixtures: + repositories: + "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git" + symlinks: + "ntp": "#{source_dir}" diff --git a/ntp/.gitignore b/ntp/.gitignore new file mode 100644 index 000000000..b5b7a00d6 --- /dev/null +++ b/ntp/.gitignore @@ -0,0 +1,7 @@ +pkg/ +Gemfile.lock +vendor/ +spec/fixtures/ +.vagrant/ +.bundle/ +coverage/ diff --git a/ntp/.nodeset.yml b/ntp/.nodeset.yml new file mode 100644 index 000000000..cbd0d57b8 --- /dev/null +++ b/ntp/.nodeset.yml @@ -0,0 +1,35 @@ +--- +default_set: 'centos-64-x64' +sets: + 'centos-59-x64': + nodes: + "main.foo.vm": + prefab: 'centos-59-x64' + 'centos-64-x64': + nodes: + "main.foo.vm": + prefab: 'centos-64-x64' + 'fedora-18-x64': + nodes: + "main.foo.vm": + prefab: 'fedora-18-x64' + 'debian-607-x64': + nodes: + "main.foo.vm": + prefab: 'debian-607-x64' + 'debian-70rc1-x64': + nodes: + "main.foo.vm": + prefab: 'debian-70rc1-x64' + 'ubuntu-server-10044-x64': + nodes: + "main.foo.vm": + prefab: 'ubuntu-server-10044-x64' + 'ubuntu-server-12042-x64': + nodes: + "main.foo.vm": + prefab: 'ubuntu-server-12042-x64' + 'sles-11sp1-x64': + nodes: + "main.foo.vm": + prefab: 'sles-11sp1-x64' diff --git a/ntp/.sync.yml b/ntp/.sync.yml new file mode 100644 index 000000000..66a03c649 --- /dev/null +++ b/ntp/.sync.yml @@ -0,0 +1,3 @@ +--- +spec/spec_helper.rb: + unmanaged: true diff --git a/ntp/.travis.yml b/ntp/.travis.yml new file mode 100644 index 000000000..a40ae502e --- /dev/null +++ b/ntp/.travis.yml @@ -0,0 +1,17 @@ +--- +language: ruby +bundler_args: --without development +script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'" +matrix: + fast_finish: true + include: + - rvm: 1.8.7 + env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" + - rvm: 1.8.7 + env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" + - rvm: 1.9.3 + env: PUPPET_GEM_VERSION="~> 3.0" + - rvm: 2.0.0 + env: PUPPET_GEM_VERSION="~> 3.0" +notifications: + email: false diff --git a/ntp/CHANGELOG.md b/ntp/CHANGELOG.md new file mode 100644 index 000000000..a0e0d6b09 --- /dev/null +++ b/ntp/CHANGELOG.md @@ -0,0 +1,199 @@ +##2014-09-10 - Supported Release 3.2.0 +###Summary + +This is primarily a feature release. It adds a few new parameters to class `ntp` +and adds support for Solaris 11. + +####Features +- Add the `$interfaces` parameter to `ntp` +- Add support for Solaris 10 and 11 +- Synchronized files with modulesync +- Test updates +- Add the `$iburst_enable` parameter to `ntp` + +####Bugfixes +- Fixes for strict variables +- Remove dependency on stdlib4 + +##2014-06-06 - Release 3.1.2 +###Summary + +This is a supported release. This release fixes a manifest typo. + +##2014-06-06 - Release 3.1.1 +###Summary + +This is a bugfix release to get around dependency issues in PMT 3.6. This +version has a dependency on puppetlabs-stdlib >= 4 so PE3.2.x is no longer +supported. + +####Bugfixes +- Remove deprecated Modulefile as it was causing duplicate dependencies with PMT. + +##2014-05-14 - Release 3.1.0 +###Summary + +This release adds `disable_monitor` so you can disable the monitor functionality +of NTP, which was recently used in NTP amplification attacks. It also adds +support for RHEL7 and Ubuntu 14.04. + +####Features +- Add `disable_monitor` + +####Bugfixes + +#####Known Bugs +* No known bugs + +##2014-04-09 - Supported Release 3.0.4 +###Summary +This is a supported release. + +The only functional change in this release is to split up the restrict +defaults to be per operating system so that we can provide safer defaults +for AIX, to resolve cases where IPv6 are disabled. + +####Features +- Rework restrict defaults. + +####Bugfixes +- Fix up a comment. +- Fix a test to work better on PE. + +#####Known Bugs +* No known bugs + +##2014-03-04 - Supported Release 3.0.3 +###Summary +This is a supported release. Correct stdlib compatibility + +####Bugfixes +- Remove `dirname()` call for correct stdlib compatibility. +- Improved tests + +####Known Bugs +* No known bugs + + +## 2014-02-13 - Release 3.0.2 +###Summary + +No functional changes: Update the README and allow custom gem sources. + +## 2013-12-17 - Release 3.0.1 +### Summary + +Work around a packaging bug with symlinks, no other functional changes. + +## 2013-12-13 - Release 3.0.0 +### Summary + +Final release of 3.0, enjoy! + + +## 2013-10-14 - Version 3.0.0-rc1 + +###Summary + +This release changes the behavior of restrict and adds AIX osfamily support. + +####Backwards-incompatible Changes: + +`restrict` no longer requires you to pass in parameters as: + +restrict => [ 'restrict x', 'restrict y' ] + +but just as: + +restrict => [ 'x', 'y' ] + +As the template now prefixes each line with restrict. + +####Features +- Change the behavior of `restrict` so you no longer need the restrict +keyword. +- Add `udlc` parameter to enable undisciplined local clock regardless of the +machines status as a virtual machine. +- Add AIX support. + +####Fixes +- Use class{} instead of including and then anchoring. (style) +- Extend Gentoo coverage to Facter 1.7. + +--- +##2013-09-05 - Version 2.0.1 + +###Summary + +Correct the LICENSE file. + +####Bugfixes +- Add in the appropriate year and name in LICENSE. + + +##2013-07-31 - Version 2.0.0 + +###Summary + +The 2.0 release focuses on merging all the distro specific +templates into a single reusable template across all platforms. + +To aid in that goal we now allow you to change the driftfile, +ntp keys, and perferred_servers. + +####Backwards-incompatible changes + +As all the distro specific templates have been removed and a +unified one created you may be missing functionality you +previously relied on. Please test carefully before rolling +out globally. + +Configuration directives that might possibly be affected: +- `filegen` +- `fudge` (for virtual machines) +- `keys` +- `logfile` +- `restrict` +- `restrictkey` +- `statistics` +- `trustedkey` + +####Features: +- All templates merged into a single template. +- NTP Keys support added. +- Add preferred servers support. +- Parameters in `ntp` class: + - `driftfile`: path for the ntp driftfile. + - `keys_enable`: Enable NTP keys feature. + - `keys_file`: Path for the NTP keys file. + - `keys_trusted`: Which keys to trust. + - `keys_controlkey`: Which key to use for the control key. + - `keys_requestkey`: Which key to use for the request key. + - `preferred_servers`: Array of servers to prefer. + - `restrict`: Array of restriction options to apply. + +--- +###2013-07-15 - Version 1.0.1 +####Bugfixes +- Fix deprecated warning in `autoupdate` parameter. +- Correctly quote is_virtual fact. + + +##2013-07-08 - Version 1.0.0 +####Features +- Completely refactored to split across several classes. +- rspec-puppet tests rewritten to cover more options. +- rspec-system tests added. +- ArchLinux handled via osfamily instead of special casing. +- parameters in `ntp` class: + - `autoupdate`: deprecated in favor of directly setting package_ensure. + - `panic`: set to false if you wish to allow large clock skews. + +--- +##2011-11-10 Dan Bode - 0.0.4 +* Add Amazon Linux as a supported platform +* Add unit tests + + +##2011-06-16 Jeff McCune - 0.0.3 +* Initial release under puppetlabs diff --git a/ntp/CONTRIBUTING.md b/ntp/CONTRIBUTING.md new file mode 100644 index 000000000..e1288478a --- /dev/null +++ b/ntp/CONTRIBUTING.md @@ -0,0 +1,234 @@ +Checklist (and a short version for the impatient) +================================================= + + * Commits: + + - Make commits of logical units. + + - Check for unnecessary whitespace with "git diff --check" before + committing. + + - Commit using Unix line endings (check the settings around "crlf" in + git-config(1)). + + - Do not check in commented out code or unneeded files. + + - The first line of the commit message should be a short + description (50 characters is the soft limit, excluding ticket + number(s)), and should skip the full stop. + + - Associate the issue in the message. The first line should include + the issue number in the form "(#XXXX) Rest of message". + + - The body should provide a meaningful commit message, which: + + - uses the imperative, present tense: "change", not "changed" or + "changes". + + - includes motivation for the change, and contrasts its + implementation with the previous behavior. + + - Make sure that you have tests for the bug you are fixing, or + feature you are adding. + + - Make sure the test suites passes after your commit: + `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below + + - When introducing a new feature, make sure it is properly + documented in the README.md + + * Submission: + + * Pre-requisites: + + - Sign the [Contributor License Agreement](https://cla.puppetlabs.com/) + + - Make sure you have a [GitHub account](https://github.com/join) + + - [Create a ticket](http://projects.puppetlabs.com/projects/modules/issues/new), or [watch the ticket](http://projects.puppetlabs.com/projects/modules/issues) you are patching for. + + * Preferred method: + + - Fork the repository on GitHub. + + - Push your changes to a topic branch in your fork of the + repository. (the format ticket/1234-short_description_of_change is + usually preferred for this project). + + - Submit a pull request to the repository in the puppetlabs + organization. + +The long version +================ + + 1. Make separate commits for logically separate changes. + + Please break your commits down into logically consistent units + which include new or changed tests relevant to the rest of the + change. The goal of doing this is to make the diff easier to + read for whoever is reviewing your code. In general, the easier + your diff is to read, the more likely someone will be happy to + review it and get it into the code base. + + If you are going to refactor a piece of code, please do so as a + separate commit from your feature or bug fix changes. + + We also really appreciate changes that include tests to make + sure the bug is not re-introduced, and that the feature is not + accidentally broken. + + Describe the technical detail of the change(s). If your + description starts to get too long, that is a good sign that you + probably need to split up your commit into more finely grained + pieces. + + Commits which plainly describe the things which help + reviewers check the patch and future developers understand the + code are much more likely to be merged in with a minimum of + bike-shedding or requested changes. Ideally, the commit message + would include information, and be in a form suitable for + inclusion in the release notes for the version of Puppet that + includes them. + + Please also check that you are not introducing any trailing + whitespace or other "whitespace errors". You can do this by + running "git diff --check" on your changes before you commit. + + 2. Sign the Contributor License Agreement + + Before we can accept your changes, we do need a signed Puppet + Labs Contributor License Agreement (CLA). + + You can access the CLA via the [Contributor License Agreement link](https://cla.puppetlabs.com/) + + If you have any questions about the CLA, please feel free to + contact Puppet Labs via email at cla-submissions@puppetlabs.com. + + 3. Sending your patches + + To submit your changes via a GitHub pull request, we _highly_ + recommend that you have them on a topic branch, instead of + directly on "master". + It makes things much easier to keep track of, especially if + you decide to work on another thing before your first change + is merged in. + + GitHub has some pretty good + [general documentation](http://help.github.com/) on using + their site. They also have documentation on + [creating pull requests](http://help.github.com/send-pull-requests/). + + In general, after pushing your topic branch up to your + repository on GitHub, you can switch to the branch in the + GitHub UI and click "Pull Request" towards the top of the page + in order to open a pull request. + + + 4. Update the related GitHub issue. + + If there is a GitHub issue associated with the change you + submitted, then you should update the ticket to include the + location of your branch, along with any other commentary you + may wish to make. + +Testing +======= + +Getting Started +--------------- + +Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby +package manager such as [bundler](http://bundler.io/) what Ruby packages, +or Gems, are required to build, develop, and test this software. + +Please make sure you have [bundler installed](http://bundler.io/#getting-started) +on your system, then use it to install all dependencies needed for this project, +by running + +```shell +% bundle install +Fetching gem metadata from https://rubygems.org/........ +Fetching gem metadata from https://rubygems.org/.. +Using rake (10.1.0) +Using builder (3.2.2) +-- 8><-- many more --><8 -- +Using rspec-system-puppet (2.2.0) +Using serverspec (0.6.3) +Using rspec-system-serverspec (1.0.0) +Using bundler (1.3.5) +Your bundle is complete! +Use `bundle show [gemname]` to see where a bundled gem is installed. +``` + +NOTE some systems may require you to run this command with sudo. + +If you already have those gems installed, make sure they are up-to-date: + +```shell +% bundle update +``` + +With all dependencies in place and up-to-date we can now run the tests: + +```shell +% rake spec +``` + +This will execute all the [rspec tests](http://rspec-puppet.com/) tests +under [spec/defines](./spec/defines), [spec/classes](./spec/classes), +and so on. rspec tests may have the same kind of dependencies as the +module they are testing. While the module defines in its [Modulefile](./Modulefile), +rspec tests define them in [.fixtures.yml](./fixtures.yml). + +Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) +tests. These tests spin up a virtual machine under +[VirtualBox](https://www.virtualbox.org/)) with, controlling it with +[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test +scenarios. In order to run these, you will need both of those tools +installed on your system. + +You can run them by issuing the following command + +```shell +% rake spec_clean +% rspec spec/acceptance +``` + +This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), +install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) +and then run all the tests under [spec/acceptance](./spec/acceptance). + +Writing Tests +------------- + +XXX getting started writing tests. + +If you have commit access to the repository +=========================================== + +Even if you have commit access to the repository, you will still need to +go through the process above, and have someone else review and merge +in your changes. The rule is that all changes must be reviewed by a +developer on the project (that did not write the code) to ensure that +all changes go through a code review process. + +Having someone other than the author of the topic branch recorded as +performing the merge is the record that they performed the code +review. + + +Additional Resources +==================== + +* [Getting additional help](http://projects.puppetlabs.com/projects/puppet/wiki/Getting_Help) + +* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) + +* [Patchwork](https://patchwork.puppetlabs.com) + +* [Contributor License Agreement](https://projects.puppetlabs.com/contributor_licenses/sign) + +* [General GitHub documentation](http://help.github.com/) + +* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) + diff --git a/ntp/Gemfile b/ntp/Gemfile new file mode 100644 index 000000000..e960f7c4b --- /dev/null +++ b/ntp/Gemfile @@ -0,0 +1,27 @@ +source ENV['GEM_SOURCE'] || "https://rubygems.org" + +group :development, :test do + gem 'rake', :require => false + gem 'rspec-puppet', :require => false + gem 'puppetlabs_spec_helper', :require => false + gem 'serverspec', :require => false + gem 'puppet-lint', :require => false + gem 'beaker', :require => false + gem 'beaker-rspec', :require => false + gem 'pry', :require => false + gem 'simplecov', :require => false +end + +if facterversion = ENV['FACTER_GEM_VERSION'] + gem 'facter', facterversion, :require => false +else + gem 'facter', :require => false +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end + +# vim:ft=ruby diff --git a/ntp/LICENSE b/ntp/LICENSE new file mode 100644 index 000000000..bc1c718de --- /dev/null +++ b/ntp/LICENSE @@ -0,0 +1,202 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [2013] [Puppet Labs] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/ntp/README.markdown b/ntp/README.markdown new file mode 100644 index 000000000..630d70dd6 --- /dev/null +++ b/ntp/README.markdown @@ -0,0 +1,252 @@ +#ntp + +####Table of Contents + +1. [Overview](#overview) +2. [Module Description - What the module does and why it is useful](#module-description) +3. [Setup - The basics of getting started with ntp](#setup) + * [What ntp affects](#what-ntp-affects) + * [Setup requirements](#setup-requirements) + * [Beginning with ntp](#beginning-with-ntp) +4. [Usage - Configuration options and additional functionality](#usage) +5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) +5. [Limitations - OS compatibility, etc.](#limitations) +6. [Development - Guide for contributing to the module](#development) + +##Overview + +The ntp module installs, configures, and manages the NTP service. + +##Module Description + +The ntp module handles installing, configuring, and running NTP across a range of operating systems and distributions. + +##Setup + +###What ntp affects + +* ntp package. +* ntp configuration file. +* ntp service. + +###Beginning with ntp + +`include '::ntp'` is enough to get you up and running. If you wish to pass in +parameters specifying which servers to use, then: + +```puppet +class { '::ntp': + servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], +} +``` + +##Usage + +All interaction with the ntp module can do be done through the main ntp class. +This means you can simply toggle the options in `::ntp` to have full functionality of the module. + +###I just want NTP, what's the minimum I need? + +```puppet +include '::ntp' +``` + +###I just want to tweak the servers, nothing else. + +```puppet +class { '::ntp': + servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], +} +``` + +###I'd like to make sure I restrict who can connect as well. + +```puppet +class { '::ntp': + servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], + restrict => ['127.0.0.1'], +} +``` + +###I only want to listen on specific interfaces, not on 0.0.0.0 + +Restricting this is especially useful on Openstack nodes which may have numerous virtual interfaces. + +```puppet +class { '::ntp': + servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], + interfaces => ['127.0.0.1', '1.2.3.4'] +} +``` + +###I'd like to opt out of having the service controlled; we use another tool for that. + +```puppet +class { '::ntp': + servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], + restrict => ['127.0.0.1'], + service_manage => false, +} +``` + +###Looks great! But I'd like a different template; we need to do something unique here. + +```puppet +class { '::ntp': + servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], + restrict => ['127.0.0.1'], + service_manage => false, + config_template => 'different/module/custom.template.erb', +} +``` + +##Reference + +###Classes + +####Public Classes + +* ntp: Main class, includes all other classes. + +####Private Classes + +* ntp::install: Handles the packages. +* ntp::config: Handles the configuration file. +* ntp::service: Handles the service. + +###Parameters + +The following parameters are available in the ntp module: + +####`autoupdate` + +**Deprecated:** This parameter determined whether the ntp module should be +automatically updated to the latest version available. Replaced by `package_ensure`. + +####`config` + +Sets the file that ntp configuration is written into. + +####`config_template` + +Determines which template Puppet should use for the ntp configuration. + +####`disable_monitor` + +Disables monitoring of ntp. + +####`driftfile` + +Sets the location of the drift file for ntp. + +####`iburst_enable` + +Set the iburst option in the ntp configuration. If enabled the option is set for every ntp peer. + +####`interfaces` + +Sets the list of interfaces NTP will listen on. This parameter must be an array. + +####`keys_controlkey` + +The key to use as the control key. + +####`keys_enable` + +Whether the ntp keys functionality is enabled. + +####`keys_file` + +Location of the keys file. + +####`keys_requestkey` + +Which of the keys is the request key. + +#### `keys_trusted` + +Array of trusted keys. + +####`package_ensure` + +Sets the ntp package to be installed. Can be set to 'present', 'latest', or a specific version. + +####`package_name` + +Determines the name of the package to install. + +####`panic` + +Determines if ntp should 'panic' in the event of a very large clock skew. +This defaults to false for virtual machines, as they don't do a great job with keeping time. + +####`preferred_servers` + +List of ntp servers to prefer. Will append 'prefer' for any server in this list +that also appears in the servers list. + +####`restrict` + +Sets the restrict options in the ntp configuration. The lines are +prefixed with 'restrict', so you just need to list the rest of the restriction. + +####`servers` + +Selects the servers to use for ntp peers. + +####`service_enable` + +Determines if the service should be enabled at boot. + +####`service_ensure` + +Determines if the service should be running or not. + +####`service_manage` + +Selects whether Puppet should manage the service. + +####`service_name` + +Selects the name of the ntp service for Puppet to manage. + +####`udlc` + +Enables configs for undisciplined local clock, regardless of +status as a virtual machine. + + +##Limitations + +This module has been built on and tested against Puppet 2.7 and higher. + +The module has been tested on: + +* RedHat Enterprise Linux 5/6 +* Debian 6/7 +* CentOS 5/6 +* Ubuntu 12.04 +* Gentoo +* Arch Linux +* FreeBSD +* Solaris 11 +* AIX 5.3, 6.1, 7.1 + +Testing on other platforms has been light and cannot be guaranteed. + +##Development + +Puppet Labs modules on the Puppet Forge are open projects, and community +contributions are essential for keeping them great. We can’t access the +huge number of platforms and myriad of hardware, software, and deployment +configurations that Puppet is intended to serve. + +We want to keep it as easy as possible to contribute changes so that our +modules work in your environment. There are a few guidelines that we need +contributors to follow so that we can have a chance of keeping on top of things. + +You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) + +###Contributors + +The list of contributors can be found at: [https://github.com/puppetlabs/puppetlabs-ntp/graphs/contributors](https://github.com/puppetlabs/puppetlabs-ntp/graphs/contributors) diff --git a/ntp/Rakefile b/ntp/Rakefile new file mode 100644 index 000000000..5868545f2 --- /dev/null +++ b/ntp/Rakefile @@ -0,0 +1,10 @@ +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' + +PuppetLint.configuration.fail_on_warnings +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_class_inherits_from_params_class') +PuppetLint.configuration.send('disable_class_parameter_defaults') +PuppetLint.configuration.send('disable_documentation') +PuppetLint.configuration.send('disable_single_quote_string_with_variables') +PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/ntp/lib/puppet/parser/functions/ntp_dirname.rb b/ntp/lib/puppet/parser/functions/ntp_dirname.rb new file mode 100644 index 000000000..06cdb7ce9 --- /dev/null +++ b/ntp/lib/puppet/parser/functions/ntp_dirname.rb @@ -0,0 +1,15 @@ +module Puppet::Parser::Functions + newfunction(:ntp_dirname, :type => :rvalue, :doc => <<-EOS + Returns the dirname of a path. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "ntp_dirname(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + path = arguments[0] + return File.dirname(path) + end +end + +# vim: set ts=2 sw=2 et : diff --git a/ntp/manifests/config.pp b/ntp/manifests/config.pp new file mode 100644 index 000000000..91990ba11 --- /dev/null +++ b/ntp/manifests/config.pp @@ -0,0 +1,22 @@ +# +class ntp::config inherits ntp { + + if $keys_enable { + $directory = ntp_dirname($keys_file) + file { $directory: + ensure => directory, + owner => 0, + group => 0, + mode => '0755', + } + } + + file { $config: + ensure => file, + owner => 0, + group => 0, + mode => '0644', + content => template($config_template), + } + +} diff --git a/ntp/manifests/init.pp b/ntp/manifests/init.pp new file mode 100644 index 000000000..2cbc462fd --- /dev/null +++ b/ntp/manifests/init.pp @@ -0,0 +1,64 @@ +class ntp ( + $autoupdate = $ntp::params::autoupdate, + $config = $ntp::params::config, + $config_template = $ntp::params::config_template, + $disable_monitor = $ntp::params::disable_monitor, + $driftfile = $ntp::params::driftfile, + $logfile = $ntp::params::logfile, + $iburst_enable = $ntp::params::iburst_enable, + $keys_enable = $ntp::params::keys_enable, + $keys_file = $ntp::params::keys_file, + $keys_controlkey = $ntp::params::keys_controlkey, + $keys_requestkey = $ntp::params::keys_requestkey, + $keys_trusted = $ntp::params::keys_trusted, + $package_ensure = $ntp::params::package_ensure, + $package_name = $ntp::params::package_name, + $panic = $ntp::params::panic, + $preferred_servers = $ntp::params::preferred_servers, + $restrict = $ntp::params::restrict, + $interfaces = $ntp::params::interfaces, + $servers = $ntp::params::servers, + $service_enable = $ntp::params::service_enable, + $service_ensure = $ntp::params::service_ensure, + $service_manage = $ntp::params::service_manage, + $service_name = $ntp::params::service_name, + $udlc = $ntp::params::udlc +) inherits ntp::params { + + validate_absolute_path($config) + validate_string($config_template) + validate_bool($disable_monitor) + validate_absolute_path($driftfile) + if $logfile { validate_absolute_path($logfile) } + validate_bool($iburst_enable) + validate_bool($keys_enable) + validate_re($keys_controlkey, ['^\d+$', '']) + validate_re($keys_requestkey, ['^\d+$', '']) + validate_array($keys_trusted) + validate_string($package_ensure) + validate_array($package_name) + validate_bool($panic) + validate_array($preferred_servers) + validate_array($restrict) + validate_array($interfaces) + validate_array($servers) + validate_bool($service_enable) + validate_string($service_ensure) + validate_bool($service_manage) + validate_string($service_name) + validate_bool($udlc) + + if $autoupdate { + notice('autoupdate parameter has been deprecated and replaced with package_ensure. Set this to latest for the same behavior as autoupdate => true.') + } + + # Anchor this as per #8040 - this ensures that classes won't float off and + # mess everything up. You can read about this at: + # http://docs.puppetlabs.com/puppet/2.7/reference/lang_containment.html#known-issues + anchor { 'ntp::begin': } -> + class { '::ntp::install': } -> + class { '::ntp::config': } ~> + class { '::ntp::service': } -> + anchor { 'ntp::end': } + +} diff --git a/ntp/manifests/install.pp b/ntp/manifests/install.pp new file mode 100644 index 000000000..237f4c1c0 --- /dev/null +++ b/ntp/manifests/install.pp @@ -0,0 +1,8 @@ +# +class ntp::install inherits ntp { + + package { $package_name: + ensure => $package_ensure, + } + +} diff --git a/ntp/manifests/params.pp b/ntp/manifests/params.pp new file mode 100644 index 000000000..a3cde9ea5 --- /dev/null +++ b/ntp/manifests/params.pp @@ -0,0 +1,225 @@ +class ntp::params { + + $autoupdate = false + $config_template = 'ntp/ntp.conf.erb' + $disable_monitor = false + $keys_enable = false + $keys_controlkey = '' + $keys_requestkey = '' + $keys_trusted = [] + $logfile = undef + $package_ensure = 'present' + $preferred_servers = [] + $service_enable = true + $service_ensure = 'running' + $service_manage = true + $udlc = false + $interfaces = [] + + # On virtual machines allow large clock skews. + $panic = str2bool($::is_virtual) ? { + true => false, + default => true, + } + + $default_config = '/etc/ntp.conf' + $default_keys_file = '/etc/ntp/keys' + $default_driftfile = '/var/lib/ntp/drift' + $default_package_name = ['ntp'] + $default_service_name = 'ntpd' + + case $::osfamily { + 'AIX': { + $config = $default_config + $keys_file = '/etc/ntp.keys' + $driftfile = '/etc/ntp.drift' + $package_name = [ 'bos.net.tcp.client' ] + $restrict = [ + 'default nomodify notrap nopeer noquery', + '127.0.0.1', + ] + $service_name = 'xntpd' + $iburst_enable = true + $servers = [ + '0.debian.pool.ntp.org', + '1.debian.pool.ntp.org', + '2.debian.pool.ntp.org', + '3.debian.pool.ntp.org', + ] + } + 'Debian': { + $config = $default_config + $keys_file = $default_keys_file + $driftfile = $default_driftfile + $package_name = $default_package_name + $restrict = [ + 'default kod nomodify notrap nopeer noquery', + '-6 default kod nomodify notrap nopeer noquery', + '127.0.0.1', + '-6 ::1', + ] + $service_name = 'ntp' + $iburst_enable = true + $servers = [ + '0.debian.pool.ntp.org', + '1.debian.pool.ntp.org', + '2.debian.pool.ntp.org', + '3.debian.pool.ntp.org', + ] + } + 'RedHat': { + $config = $default_config + $keys_file = $default_keys_file + $driftfile = $default_driftfile + $package_name = $default_package_name + $service_name = $default_service_name + $restrict = [ + 'default kod nomodify notrap nopeer noquery', + '-6 default kod nomodify notrap nopeer noquery', + '127.0.0.1', + '-6 ::1', + ] + $iburst_enable = false + $servers = [ + '0.centos.pool.ntp.org', + '1.centos.pool.ntp.org', + '2.centos.pool.ntp.org', + ] + } + 'Suse': { + $config = $default_config + $keys_file = $default_keys_file + $driftfile = '/var/lib/ntp/drift/ntp.drift' + $package_name = $default_package_name + $restrict = [ + 'default kod nomodify notrap nopeer noquery', + '-6 default kod nomodify notrap nopeer noquery', + '127.0.0.1', + '-6 ::1', + ] + $service_name = 'ntp' + $iburst_enable = false + $servers = [ + '0.opensuse.pool.ntp.org', + '1.opensuse.pool.ntp.org', + '2.opensuse.pool.ntp.org', + '3.opensuse.pool.ntp.org', + ] + } + 'FreeBSD': { + $config = $default_config + $driftfile = '/var/db/ntpd.drift' + $keys_file = $default_keys_file + $package_name = ['net/ntp'] + $restrict = [ + 'default kod nomodify notrap nopeer noquery', + '-6 default kod nomodify notrap nopeer noquery', + '127.0.0.1', + '-6 ::1', + ] + $service_name = $default_service_name + $iburst_enable = true + $servers = [ + '0.freebsd.pool.ntp.org maxpoll 9', + '1.freebsd.pool.ntp.org maxpoll 9', + '2.freebsd.pool.ntp.org maxpoll 9', + '3.freebsd.pool.ntp.org maxpoll 9', + ] + } + 'Archlinux': { + $config = $default_config + $keys_file = $default_keys_file + $driftfile = $default_driftfile + $package_name = $default_package_name + $service_name = $default_service_name + $restrict = [ + 'default kod nomodify notrap nopeer noquery', + '-6 default kod nomodify notrap nopeer noquery', + '127.0.0.1', + '-6 ::1', + ] + $iburst_enable = false + $servers = [ + '0.pool.ntp.org', + '1.pool.ntp.org', + '2.pool.ntp.org', + ] + } + 'Solaris': { + $config = '/etc/inet/ntp.conf' + $driftfile = '/var/ntp/ntp.drift' + $keys_file = '/etc/inet/ntp.keys' + $package_name = $::operatingsystemrelease ? { + /^(5\.10|10|10_u\d+)$/ => [ 'SUNWntpr', 'SUNWntpu' ], + /^(5\.11|11|11\.\d+)$/ => [ 'service/network/ntp' ] + } + $restrict = [ + 'default kod nomodify notrap nopeer noquery', + '-6 default kod nomodify notrap nopeer noquery', + '127.0.0.1', + '-6 ::1', + ] + $service_name = 'network/ntp' + $iburst_enable = false + $servers = [ + '0.pool.ntp.org', + '1.pool.ntp.org', + '2.pool.ntp.org', + '3.pool.ntp.org', + ] + } + # Gentoo was added as its own $::osfamily in Facter 1.7.0 + 'Gentoo': { + $config = $default_config + $keys_file = $default_keys_file + $driftfile = $default_driftfile + $package_name = ['net-misc/ntp'] + $service_name = $default_service_name + $restrict = [ + 'default kod nomodify notrap nopeer noquery', + '-6 default kod nomodify notrap nopeer noquery', + '127.0.0.1', + '-6 ::1', + ] + $iburst_enable = false + $servers = [ + '0.gentoo.pool.ntp.org', + '1.gentoo.pool.ntp.org', + '2.gentoo.pool.ntp.org', + '3.gentoo.pool.ntp.org', + ] + } + 'Linux': { + # Account for distributions that don't have $::osfamily specific settings. + # Before Facter 1.7.0 Gentoo did not have its own $::osfamily + case $::operatingsystem { + 'Gentoo': { + $config = $default_config + $keys_file = $default_keys_file + $driftfile = $default_driftfile + $service_name = $default_service_name + $package_name = ['net-misc/ntp'] + $restrict = [ + 'default kod nomodify notrap nopeer noquery', + '-6 default kod nomodify notrap nopeer noquery', + '127.0.0.1', + '-6 ::1', + ] + $iburst_enable = false + $servers = [ + '0.gentoo.pool.ntp.org', + '1.gentoo.pool.ntp.org', + '2.gentoo.pool.ntp.org', + '3.gentoo.pool.ntp.org', + ] + } + default: { + fail("The ${module_name} module is not supported on an ${::operatingsystem} distribution.") + } + } + } + default: { + fail("The ${module_name} module is not supported on an ${::osfamily} based system.") + } + } +} diff --git a/ntp/manifests/service.pp b/ntp/manifests/service.pp new file mode 100644 index 000000000..3f1ada0b7 --- /dev/null +++ b/ntp/manifests/service.pp @@ -0,0 +1,18 @@ +# +class ntp::service inherits ntp { + + if ! ($service_ensure in [ 'running', 'stopped' ]) { + fail('service_ensure parameter must be running or stopped') + } + + if $service_manage == true { + service { 'ntp': + ensure => $service_ensure, + enable => $service_enable, + name => $service_name, + hasstatus => true, + hasrestart => true, + } + } + +} diff --git a/ntp/metadata.json b/ntp/metadata.json new file mode 100644 index 000000000..48fdafde2 --- /dev/null +++ b/ntp/metadata.json @@ -0,0 +1,90 @@ +{ + "name": "puppetlabs-ntp", + "version": "3.2.0", + "author": "Puppet Labs", + "summary": "NTP Module", + "license": "Apache Version 2.0", + "source": "https://github.com/puppetlabs/puppetlabs-ntp", + "project_page": "https://github.com/puppetlabs/puppetlabs-ntp", + "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "CentOS", + "operatingsystemrelease": [ + "5", + "6" + ] + }, + { + "operatingsystem": "OracleLinux", + "operatingsystemrelease": [ + "5", + "6" + ] + }, + { + "operatingsystem": "Scientific", + "operatingsystemrelease": [ + "5", + "6" + ] + }, + { + "operatingsystem": "SLES", + "operatingsystemrelease": [ + "11 SP1" + ] + }, + { + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "6", + "7" + ] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "10.04", + "12.04", + "14.04" + ] + }, + { + "operatingsystem": "Solaris", + "operatingsystemrelease": [ + "11" + ] + }, + { + "operatingsystem": "AIX", + "operatingsystemrelease": [ + "5.3", + "6.1", + "7.1" + ] + } + ], + "requirements": [ + { + "name": "pe", + "version_requirement": "3.x" + }, + { + "name": "puppet", + "version_requirement": "3.x" + } + ], + "description": "NTP Module for Debian, Ubuntu, CentOS, RHEL, OEL, Fedora, FreeBSD, ArchLinux and Gentoo.", + "dependencies": [ + {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0 < 5.0.0"} + ] +} diff --git a/ntp/spec/acceptance/class_spec.rb b/ntp/spec/acceptance/class_spec.rb new file mode 100644 index 000000000..41f5b7119 --- /dev/null +++ b/ntp/spec/acceptance/class_spec.rb @@ -0,0 +1,37 @@ +require 'spec_helper_acceptance' + +describe 'ntp class:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + it 'should run successfully' do + pp = "class { 'ntp': }" + + # Apply twice to ensure no errors the second time. + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stderr).not_to match(/error/i) + end + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stderr).not_to eq(/error/i) + + expect(r.exit_code).to be_zero + end + end + + context 'service_ensure => stopped:' do + it 'runs successfully' do + pp = "class { 'ntp': service_ensure => stopped }" + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stderr).not_to match(/error/i) + end + end + end + + context 'service_ensure => running:' do + it 'runs successfully' do + pp = "class { 'ntp': service_ensure => running }" + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stderr).not_to match(/error/i) + end + end + end +end diff --git a/ntp/spec/acceptance/disable_monitoring_spec.rb b/ntp/spec/acceptance/disable_monitoring_spec.rb new file mode 100644 index 000000000..e86c9b80c --- /dev/null +++ b/ntp/spec/acceptance/disable_monitoring_spec.rb @@ -0,0 +1,36 @@ +require 'spec_helper_acceptance' + +if (fact('osfamily') == 'Solaris') + config = '/etc/inet/ntp.conf' +else + config = '/etc/ntp.conf' +end + +describe "ntp class with disable_monitor:", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + context 'should run successfully' do + pp = "class { 'ntp': disable_monitor => true }" + + it 'runs twice' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{config}") do + its(:content) { should match('disable monitor') } + end + end + + context 'should run successfully' do + pp = "class { 'ntp': disable_monitor => false }" + + it 'runs twice' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{config}") do + its(:content) { should_not match('disable monitor') } + end + end + +end diff --git a/ntp/spec/acceptance/nodesets/centos-59-x64.yml b/ntp/spec/acceptance/nodesets/centos-59-x64.yml new file mode 100644 index 000000000..2ad90b86a --- /dev/null +++ b/ntp/spec/acceptance/nodesets/centos-59-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-59-x64: + roles: + - master + platform: el-5-x86_64 + box : centos-59-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/ntp/spec/acceptance/nodesets/centos-64-x64-pe.yml b/ntp/spec/acceptance/nodesets/centos-64-x64-pe.yml new file mode 100644 index 000000000..7d9242f1b --- /dev/null +++ b/ntp/spec/acceptance/nodesets/centos-64-x64-pe.yml @@ -0,0 +1,12 @@ +HOSTS: + centos-64-x64: + roles: + - master + - database + - dashboard + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: pe diff --git a/ntp/spec/acceptance/nodesets/centos-64-x64.yml b/ntp/spec/acceptance/nodesets/centos-64-x64.yml new file mode 100644 index 000000000..05540ed8c --- /dev/null +++ b/ntp/spec/acceptance/nodesets/centos-64-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-64-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/ntp/spec/acceptance/nodesets/centos-65-x64.yml b/ntp/spec/acceptance/nodesets/centos-65-x64.yml new file mode 100644 index 000000000..4e2cb809e --- /dev/null +++ b/ntp/spec/acceptance/nodesets/centos-65-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-65-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-65-x64-vbox436-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/ntp/spec/acceptance/nodesets/default.yml b/ntp/spec/acceptance/nodesets/default.yml new file mode 100644 index 000000000..05540ed8c --- /dev/null +++ b/ntp/spec/acceptance/nodesets/default.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-64-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/ntp/spec/acceptance/nodesets/fedora-18-x64.yml b/ntp/spec/acceptance/nodesets/fedora-18-x64.yml new file mode 100644 index 000000000..136164983 --- /dev/null +++ b/ntp/spec/acceptance/nodesets/fedora-18-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + fedora-18-x64: + roles: + - master + platform: fedora-18-x86_64 + box : fedora-18-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/ntp/spec/acceptance/nodesets/sles-11-x64.yml b/ntp/spec/acceptance/nodesets/sles-11-x64.yml new file mode 100644 index 000000000..41abe2135 --- /dev/null +++ b/ntp/spec/acceptance/nodesets/sles-11-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + sles-11-x64.local: + roles: + - master + platform: sles-11-x64 + box : sles-11sp1-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/ntp/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/ntp/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml new file mode 100644 index 000000000..5ca1514e4 --- /dev/null +++ b/ntp/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-10044-x64: + roles: + - master + platform: ubuntu-10.04-amd64 + box : ubuntu-server-10044-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/ntp/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/ntp/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml new file mode 100644 index 000000000..d065b304f --- /dev/null +++ b/ntp/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-12042-x64: + roles: + - master + platform: ubuntu-12.04-amd64 + box : ubuntu-server-12042-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/ntp/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/ntp/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml new file mode 100644 index 000000000..cba1cd04c --- /dev/null +++ b/ntp/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1404-x64: + roles: + - master + platform: ubuntu-14.04-amd64 + box : puppetlabs/ubuntu-14.04-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm + hypervisor : vagrant +CONFIG: + log_level : debug + type: git diff --git a/ntp/spec/acceptance/nodesets/ubuntu-server-14042-x64.yml b/ntp/spec/acceptance/nodesets/ubuntu-server-14042-x64.yml new file mode 100644 index 000000000..da3a6d462 --- /dev/null +++ b/ntp/spec/acceptance/nodesets/ubuntu-server-14042-x64.yml @@ -0,0 +1,16 @@ +HOSTS: + ubuntu1404: + roles: + - agent + platform: ubuntu-14.04-amd64 + template: ubuntu-1404-x86_64 + hypervisor: vcloud +CONFIG: + type: foss + keyfile: ~/.ssh/id_rsa-acceptance + nfs_server: none + consoleport: 443 + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/ntp/spec/acceptance/ntp_config_spec.rb b/ntp/spec/acceptance/ntp_config_spec.rb new file mode 100644 index 000000000..689ba8e6c --- /dev/null +++ b/ntp/spec/acceptance/ntp_config_spec.rb @@ -0,0 +1,44 @@ +require 'spec_helper_acceptance' + +case fact('osfamily') +when 'FreeBSD' + line = '0.freebsd.pool.ntp.org maxpoll 9 iburst' +when 'Debian' + line = '0.debian.pool.ntp.org iburst' +when 'RedHat' + line = '0.centos.pool.ntp.org' +when 'Suse' + line = '0.opensuse.pool.ntp.org' +when 'Gentoo' + line = '0.gentoo.pool.ntp.org' +when 'Linux' + case fact('operatingsystem') + when 'ArchLinux' + line = '0.pool.ntp.org' + when 'Gentoo' + line = '0.gentoo.pool.ntp.org' + end +when 'Solaris' + line = '0.pool.ntp.org' +when 'AIX' + line = '0.debian.pool.ntp.org iburst' +end + +if (fact('osfamily') == 'Solaris') + config = '/etc/inet/ntp.conf' +else + config = '/etc/ntp.conf' +end + +describe 'ntp::config class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + it 'sets up ntp.conf' do + apply_manifest(%{ + class { 'ntp': } + }, :catch_failures => true) + end + + describe file("#{config}") do + it { should be_file } + its(:content) { should match line } + end +end diff --git a/ntp/spec/acceptance/ntp_install_spec.rb b/ntp/spec/acceptance/ntp_install_spec.rb new file mode 100644 index 000000000..1c81fb005 --- /dev/null +++ b/ntp/spec/acceptance/ntp_install_spec.rb @@ -0,0 +1,40 @@ +require 'spec_helper_acceptance' + +case fact('osfamily') +when 'FreeBSD' + packagename = 'net/ntp' +when 'Gentoo' + packagename = 'net-misc/ntp' +when 'Linux' + case fact('operatingsystem') + when 'ArchLinux' + packagename = 'ntp' + when 'Gentoo' + packagename = 'net-misc/ntp' + end +when 'AIX' + packagename = 'bos.net.tcp.client' +when 'Solaris' + case fact('operatingsystemrelease') + when '5.10' + packagename = ['SUNWntpr','SUNWntpu'] + when '5.11' + packagename = 'service/network/ntp' + end +else + packagename = 'ntp' +end + +describe 'ntp::install class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + it 'installs the package' do + apply_manifest(%{ + class { 'ntp': } + }, :catch_failures => true) + end + + Array(packagename).each do |package| + describe package(package) do + it { should be_installed } + end + end +end diff --git a/ntp/spec/acceptance/ntp_parameters_spec.rb b/ntp/spec/acceptance/ntp_parameters_spec.rb new file mode 100644 index 000000000..675cf81e4 --- /dev/null +++ b/ntp/spec/acceptance/ntp_parameters_spec.rb @@ -0,0 +1,180 @@ +require 'spec_helper_acceptance' + +case fact('osfamily') +when 'FreeBSD' + packagename = 'net/ntp' +when 'Gentoo' + packagename = 'net-misc/ntp' +when 'Linux' + case fact('operatingsystem') + when 'ArchLinux' + packagename = 'ntp' + when 'Gentoo' + packagename = 'net-misc/ntp' + end +when 'AIX' + packagename = 'bos.net.tcp.client' +when 'Solaris' + case fact('operatingsystemrelease') + when '5.10' + packagename = ['SUNWntpr','SUNWntpu'] + when '5.11' + packagename = 'service/network/ntp' + end +else + packagename = 'ntp' +end + +if (fact('osfamily') == 'Solaris') + config = '/etc/inet/ntp.conf' +else + config = '/etc/ntp.conf' +end + +describe "ntp class:", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + it 'applies successfully' do + pp = "class { 'ntp': }" + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stderr).not_to match(/error/i) + end + end + + describe 'autoconfig' do + it 'raises a deprecation warning' do + pp = "class { 'ntp': autoupdate => true }" + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/autoupdate parameter has been deprecated and replaced with package_ensure/) + end + end + end + + describe 'config' do + it 'sets the ntp.conf location' do + pp = "class { 'ntp': config => '/etc/antp.conf' }" + apply_manifest(pp, :catch_failures => true) + end + + describe file('/etc/antp.conf') do + it { should be_file } + end + end + + describe 'config_template' do + it 'sets up template' do + modulepath = default['distmoduledir'] + shell("mkdir -p #{modulepath}/test/templates") + shell("echo 'testcontent' >> #{modulepath}/test/templates/ntp.conf") + end + + it 'sets the ntp.conf location' do + pp = "class { 'ntp': config_template => 'test/ntp.conf' }" + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{config}") do + it { should be_file } + its(:content) { should match 'testcontent' } + end + end + + describe 'driftfile' do + it 'sets the driftfile location' do + pp = "class { 'ntp': driftfile => '/tmp/driftfile' }" + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{config}") do + it { should be_file } + its(:content) { should match 'driftfile /tmp/driftfile' } + end + end + + describe 'keys' do + it 'enables the key parameters' do + pp = <<-EOS + class { 'ntp': + keys_enable => true, + keys_file => '/etc/ntp/keys', + keys_controlkey => '/etc/ntp/controlkey', + keys_requestkey => '1', + keys_trusted => [ '1', '2' ], + } + EOS + # Rely on a shell command instead of a file{} here to avoid loops + # within puppet when it tries to manage /etc/ntp/keys before /etc/ntp. + shell("mkdir -p /etc/ntp && echo '1 M AAAABBBB' >> /etc/ntp/keys") + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{config}") do + it { should be_file } + its(:content) { should match 'keys /etc/ntp/keys' } + its(:content) { should match 'controlkey /etc/ntp/controlkey' } + its(:content) { should match 'requestkey 1' } + its(:content) { should match 'trustedkey 1 2' } + end + end + + describe 'package' do + it 'installs the right package' do + pp = <<-EOS + class { 'ntp': + package_ensure => present, + package_name => #{Array(packagename).inspect}, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + Array(packagename).each do |package| + describe package(package) do + it { should be_installed } + end + end + end + + describe 'panic => false' do + it 'enables the tinker panic setting' do + pp = <<-EOS + class { 'ntp': + panic => false, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{config}") do + its(:content) { should match 'tinker panic' } + end + end + + describe 'panic => true' do + it 'disables the tinker panic setting' do + pp = <<-EOS + class { 'ntp': + panic => true, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{config}") do + its(:content) { should_not match 'tinker panic 0' } + end + end + + describe 'udlc' do + it 'adds a udlc' do + pp = "class { 'ntp': udlc => true }" + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{config}") do + it { should be_file } + its(:content) { should match '127.127.1.0' } + end + end + +end diff --git a/ntp/spec/acceptance/ntp_service_spec.rb b/ntp/spec/acceptance/ntp_service_spec.rb new file mode 100644 index 000000000..83c279758 --- /dev/null +++ b/ntp/spec/acceptance/ntp_service_spec.rb @@ -0,0 +1,65 @@ +require 'spec_helper_acceptance' + +case fact('osfamily') +when 'RedHat', 'FreeBSD', 'Linux', 'Gentoo' + servicename = 'ntpd' +when 'Solaris' + servicename = 'network/ntp' +when 'AIX' + servicename = 'xntpd' +else + servicename = 'ntp' +end + +describe 'ntp::service class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + describe 'basic test' do + it 'sets up the service' do + apply_manifest(%{ + class { 'ntp': } + }, :catch_failures => true) + end + + describe service(servicename) do + it { should be_enabled } + it { should be_running } + end + end + + describe 'service parameters' do + it 'starts the service' do + pp = <<-EOS + class { 'ntp': + service_enable => true, + service_ensure => running, + service_manage => true, + service_name => '#{servicename}' + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service(servicename) do + it { should be_running } + it { should be_enabled } + end + end + + describe 'service is unmanaged' do + it 'shouldnt stop the service' do + pp = <<-EOS + class { 'ntp': + service_enable => false, + service_ensure => stopped, + service_manage => false, + service_name => '#{servicename}' + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service(servicename) do + it { should be_running } + it { should be_enabled } + end + end +end diff --git a/ntp/spec/acceptance/preferred_servers_spec.rb b/ntp/spec/acceptance/preferred_servers_spec.rb new file mode 100644 index 000000000..072752721 --- /dev/null +++ b/ntp/spec/acceptance/preferred_servers_spec.rb @@ -0,0 +1,30 @@ +require 'spec_helper_acceptance' + +if (fact('osfamily') == 'Solaris') + config = '/etc/inet/ntp.conf' +else + config = '/etc/ntp.conf' +end + +describe 'preferred servers', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + pp = <<-EOS + class { '::ntp': + servers => ['a', 'b', 'c', 'd'], + preferred_servers => ['c', 'd'], + } + EOS + + it 'applies cleanly' do + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stderr).not_to match(/error/i) + end + end + + describe file("#{config}") do + it { should be_file } + its(:content) { should match 'server a' } + its(:content) { should match 'server b' } + its(:content) { should match /server c (iburst\s|)prefer/ } + its(:content) { should match /server d (iburst\s|)prefer/ } + end +end diff --git a/ntp/spec/acceptance/restrict_spec.rb b/ntp/spec/acceptance/restrict_spec.rb new file mode 100644 index 000000000..b919a6b2a --- /dev/null +++ b/ntp/spec/acceptance/restrict_spec.rb @@ -0,0 +1,25 @@ +require 'spec_helper_acceptance' + +if (fact('osfamily') == 'Solaris') + config = '/etc/inet/ntp.conf' +else + config = '/etc/ntp.conf' +end + +describe "ntp class with restrict:", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + context 'should run successfully' do + it 'runs twice' do + pp = "class { 'ntp': restrict => ['test restrict']}" + 2.times do + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stderr).not_to match(/error/i) + end + end + end + end + + describe file("#{config}") do + its(:content) { should match('test restrict') } + end + +end diff --git a/ntp/spec/acceptance/unsupported_spec.rb b/ntp/spec/acceptance/unsupported_spec.rb new file mode 100644 index 000000000..5f4490dee --- /dev/null +++ b/ntp/spec/acceptance/unsupported_spec.rb @@ -0,0 +1,10 @@ +require 'spec_helper_acceptance' + +describe 'unsupported distributions and OSes', :if => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + it 'should fail' do + pp = <<-EOS + class { 'ntp': } + EOS + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/is not supported on an/i) + end +end diff --git a/ntp/spec/classes/ntp_spec.rb b/ntp/spec/classes/ntp_spec.rb new file mode 100644 index 000000000..809bc12f5 --- /dev/null +++ b/ntp/spec/classes/ntp_spec.rb @@ -0,0 +1,395 @@ +require 'spec_helper' + +describe 'ntp' do + let(:facts) {{ :is_virtual => 'false' }} + + ['Debian', 'RedHat','Suse', 'FreeBSD', 'Archlinux', 'Gentoo', 'Gentoo (Facter < 1.7)'].each do |system| + context "when on system #{system}" do + if system == 'Gentoo (Facter < 1.7)' + let :facts do + super().merge({ :osfamily => 'Linux', :operatingsystem => 'Gentoo' }) + end + else + let :facts do + super().merge({ :osfamily => system }) + end + end + + it { should contain_class('ntp::install') } + it { should contain_class('ntp::config') } + it { should contain_class('ntp::service') } + + describe "ntp::config on #{system}" do + it { should contain_file('/etc/ntp.conf').with_owner('0') } + it { should contain_file('/etc/ntp.conf').with_group('0') } + it { should contain_file('/etc/ntp.conf').with_mode('0644') } + + describe 'allows template to be overridden' do + let(:params) {{ :config_template => 'my_ntp/ntp.conf.erb' }} + it { should contain_file('/etc/ntp.conf').with({ + 'content' => /server foobar/}) + } + end + + describe "keys for osfamily #{system}" do + context "when enabled" do + let(:params) {{ + :keys_enable => true, + :keys_file => '/etc/ntp/ntp.keys', + :keys_trusted => ['1', '2', '3'], + :keys_controlkey => '2', + :keys_requestkey => '3', + }} + + it { should contain_file('/etc/ntp').with({ + 'ensure' => 'directory'}) + } + it { should contain_file('/etc/ntp.conf').with({ + 'content' => /trustedkey 1 2 3/}) + } + it { should contain_file('/etc/ntp.conf').with({ + 'content' => /controlkey 2/}) + } + it { should contain_file('/etc/ntp.conf').with({ + 'content' => /requestkey 3/}) + } + end + end + + context "when disabled" do + let(:params) {{ + :keys_enable => false, + :keys_file => '/etc/ntp/ntp.keys', + :keys_trusted => ['1', '2', '3'], + :keys_controlkey => '2', + :keys_requestkey => '3', + }} + + it { should_not contain_file('/etc/ntp').with({ + 'ensure' => 'directory'}) + } + it { should_not contain_file('/etc/ntp.conf').with({ + 'content' => /trustedkey 1 2 3/}) + } + it { should_not contain_file('/etc/ntp.conf').with({ + 'content' => /controlkey 2/}) + } + it { should_not contain_file('/etc/ntp.conf').with({ + 'content' => /requestkey 3/}) + } + end + + describe 'preferred servers' do + context "when set" do + let(:params) {{ + :servers => ['a', 'b', 'c', 'd'], + :preferred_servers => ['a', 'b'] + }} + + it { should contain_file('/etc/ntp.conf').with({ + 'content' => /server a( iburst)? prefer\nserver b( iburst)? prefer\nserver c( iburst)?\nserver d( iburst)?/}) + } + end + context "when not set" do + let(:params) {{ + :servers => ['a', 'b', 'c', 'd'], + :preferred_servers => [] + }} + + it { should_not contain_file('/etc/ntp.conf').with({ + 'content' => /server a prefer/}) + } + end + end + describe 'specified interfaces' do + context "when set" do + let(:params) {{ + :servers => ['a', 'b', 'c', 'd'], + :interfaces => ['127.0.0.1', 'a.b.c.d'] + }} + + it { should contain_file('/etc/ntp.conf').with({ + 'content' => /interface ignore wildcard\ninterface listen 127.0.0.1\ninterface listen a.b.c.d/}) + } + end + context "when not set" do + let(:params) {{ + :servers => ['a', 'b', 'c', 'd'], + }} + + it { should_not contain_file('/etc/ntp.conf').with({ + 'content' => /interface ignore wildcard/}) + } + end + end + + describe "ntp::install on #{system}" do + let(:params) {{ :package_ensure => 'present', :package_name => ['ntp'], }} + + it { should contain_package('ntp').with( + :ensure => 'present' + )} + + describe 'should allow package ensure to be overridden' do + let(:params) {{ :package_ensure => 'latest', :package_name => ['ntp'] }} + it { should contain_package('ntp').with_ensure('latest') } + end + + describe 'should allow the package name to be overridden' do + let(:params) {{ :package_ensure => 'present', :package_name => ['hambaby'] }} + it { should contain_package('hambaby') } + end + end + + describe 'ntp::service' do + let(:params) {{ + :service_manage => true, + :service_enable => true, + :service_ensure => 'running', + :service_name => 'ntp' + }} + + describe 'with defaults' do + it { should contain_service('ntp').with( + :enable => true, + :ensure => 'running', + :name => 'ntp' + )} + end + + describe 'service_ensure' do + describe 'when overridden' do + let(:params) {{ :service_name => 'ntp', :service_ensure => 'stopped' }} + it { should contain_service('ntp').with_ensure('stopped') } + end + end + + describe 'service_manage' do + let(:params) {{ + :service_manage => false, + :service_enable => true, + :service_ensure => 'running', + :service_name => 'ntpd', + }} + + it 'when set to false' do + should_not contain_service('ntp').with({ + 'enable' => true, + 'ensure' => 'running', + 'name' => 'ntpd' + }) + end + end + end + + describe 'with parameter iburst_enable' do + context 'when set to true' do + let(:params) {{ + :iburst_enable => true, + }} + + it do + should contain_file('/etc/ntp.conf').with({ + 'content' => /iburst\n/, + }) + end + end + + context 'when set to false' do + let(:params) {{ + :iburst_enable => false, + }} + + it do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /iburst\n/, + }) + end + end + end + + describe 'with parameter logfile' do + context 'when set to true' do + let(:params) {{ + :servers => ['a', 'b', 'c', 'd'], + :logfile => '/var/log/foobar.log', + }} + + it 'should contain logfile setting' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /^logfile = \/var\/log\/foobar\.log\n/, + }) + end + end + + context 'when set to false' do + let(:params) {{ + :servers => ['a', 'b', 'c', 'd'], + }} + + it 'should not contain a logfile line' do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /logfile =/, + }) + end + end + end + end + end + + context 'ntp::config' do + describe "for operating system Gentoo (Facter < 1.7)" do + let :facts do + super().merge({ :operatingsystem => 'Gentoo', + :osfamily => 'Linux' }) + end + + it 'uses the NTP pool servers by default' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /server \d.gentoo.pool.ntp.org/, + }) + end + end + + describe "on osfamily Gentoo" do + let :facts do + super().merge({ :osfamily => 'Gentoo' }) + end + + it 'uses the NTP pool servers by default' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /server \d.gentoo.pool.ntp.org/, + }) + end + end + + describe "on osfamily Debian" do + let :facts do + super().merge({ :osfamily => 'debian' }) + end + + it 'uses the debian ntp servers by default' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /server \d.debian.pool.ntp.org iburst\n/, + }) + end + end + + describe "on osfamily RedHat" do + let :facts do + super().merge({ :osfamily => 'RedHat' }) + end + + it 'uses the redhat ntp servers by default' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /server \d.centos.pool.ntp.org/, + }) + end + end + + describe "on osfamily Suse" do + let :facts do + super().merge({ :osfamily => 'Suse' }) + end + + it 'uses the opensuse ntp servers by default' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /server \d.opensuse.pool.ntp.org/, + }) + end + end + + describe "on osfamily FreeBSD" do + let :facts do + super().merge({ :osfamily => 'FreeBSD' }) + end + + it 'uses the freebsd ntp servers by default' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /server \d.freebsd.pool.ntp.org maxpoll 9 iburst/, + }) + end + end + + describe "on osfamily ArchLinux" do + let :facts do + super().merge({ :osfamily => 'ArchLinux' }) + end + + it 'uses the NTP pool servers by default' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /server \d.pool.ntp.org/, + }) + end + end + + describe "on osfamily Solaris and operatingsystemrelease 5.10" do + let :facts do + super().merge({ :osfamily => 'Solaris', :operatingsystemrelease => '5.10' }) + end + + it 'uses the NTP pool servers by default' do + should contain_file('/etc/inet/ntp.conf').with({ + 'content' => /server \d.pool.ntp.org/, + }) + end + end + + describe "on osfamily Solaris and operatingsystemrelease 5.11" do + let :facts do + super().merge({ :osfamily => 'Solaris', :operatingsystemrelease => '5.11' }) + end + + it 'uses the NTP pool servers by default' do + should contain_file('/etc/inet/ntp.conf').with({ + 'content' => /server \d.pool.ntp.org/, + }) + end + end + + describe "for operating system family unsupported" do + let :facts do + super().merge({ + :osfamily => 'unsupported', + }) + end + + it { expect{ subject }.to raise_error( + /^The ntp module is not supported on an unsupported based system./ + )} + end + end + + describe 'for virtual machines' do + let :facts do + super().merge({ :osfamily => 'Archlinux', + :is_virtual => 'true' }) + end + + it 'should not use local clock as a time source' do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /server.*127.127.1.0.*fudge.*127.127.1.0 stratum 10/, + }) + end + + it 'allows large clock skews' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /tinker panic 0/, + }) + end + end + + describe 'for physical machines' do + let :facts do + super().merge({ :osfamily => 'Archlinux', + :is_virtual => 'false' }) + end + + it 'disallows large clock skews' do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /tinker panic 0/, + }) + end + end + end +end diff --git a/ntp/spec/fixtures/modules/my_ntp/templates/ntp.conf.erb b/ntp/spec/fixtures/modules/my_ntp/templates/ntp.conf.erb new file mode 100644 index 000000000..40cf67c6d --- /dev/null +++ b/ntp/spec/fixtures/modules/my_ntp/templates/ntp.conf.erb @@ -0,0 +1,4 @@ +#my uber ntp config +# + +server foobar diff --git a/ntp/spec/spec.opts b/ntp/spec/spec.opts new file mode 100644 index 000000000..91cd6427e --- /dev/null +++ b/ntp/spec/spec.opts @@ -0,0 +1,6 @@ +--format +s +--colour +--loadby +mtime +--backtrace diff --git a/ntp/spec/spec_helper.rb b/ntp/spec/spec_helper.rb new file mode 100644 index 000000000..270d2acdf --- /dev/null +++ b/ntp/spec/spec_helper.rb @@ -0,0 +1,28 @@ +require 'puppetlabs_spec_helper/module_spec_helper' + +RSpec.configure do |c| + c.include PuppetlabsSpec::Files + + c.before :each do + # Ensure that we don't accidentally cache facts and environment + # between test cases. + Facter::Util::Loader.any_instance.stubs(:load_all) + Facter.clear + Facter.clear_messages + + # Store any environment variables away to be restored later + @old_env = {} + ENV.each_key {|k| @old_env[k] = ENV[k]} + + if Gem::Version.new(`puppet --version`) >= Gem::Version.new('3.5') + Puppet.settings[:strict_variables]=true + end + if ENV['PARSER'] + Puppet.settings[:parser]=ENV['PARSER'] + end + end + + c.after :each do + PuppetlabsSpec::Files.cleanup + end +end diff --git a/ntp/spec/spec_helper_acceptance.rb b/ntp/spec/spec_helper_acceptance.rb new file mode 100644 index 000000000..07c47c601 --- /dev/null +++ b/ntp/spec/spec_helper_acceptance.rb @@ -0,0 +1,37 @@ +require 'beaker-rspec' + +UNSUPPORTED_PLATFORMS = [ 'windows', 'Darwin' ] + +unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' + # This will install the latest available package on el and deb based + # systems fail on windows and osx, and install via gem on other *nixes + foss_opts = { :default_action => 'gem_install' } + + if default.is_pe?; then install_pe; else install_puppet( foss_opts ); end + + hosts.each do |host| + unless host.is_pe? + on host, "/bin/echo '' > #{host['hieraconf']}" + end + on host, "mkdir -p #{host['distmoduledir']}" + on host, puppet('module install puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } + end +end + +RSpec.configure do |c| + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Readable test descriptions + c.formatter = :documentation + + # Configure all nodes in nodeset + c.before :suite do + hosts.each do |host| + on host, "mkdir -p #{host['distmoduledir']}/ntp" + %w(lib manifests templates metadata.json).each do |file| + scp_to host, "#{proj_root}/#{file}", "#{host['distmoduledir']}/ntp" + end + end + end +end diff --git a/ntp/spec/unit/puppet/provider/README.markdown b/ntp/spec/unit/puppet/provider/README.markdown new file mode 100644 index 000000000..702585021 --- /dev/null +++ b/ntp/spec/unit/puppet/provider/README.markdown @@ -0,0 +1,4 @@ +Provider Specs +============== + +Define specs for your providers under this directory. diff --git a/ntp/spec/unit/puppet/type/README.markdown b/ntp/spec/unit/puppet/type/README.markdown new file mode 100644 index 000000000..1ee19ac84 --- /dev/null +++ b/ntp/spec/unit/puppet/type/README.markdown @@ -0,0 +1,4 @@ +Resource Type Specs +=================== + +Define specs for your resource types in this directory. diff --git a/ntp/templates/ntp.conf.erb b/ntp/templates/ntp.conf.erb new file mode 100644 index 000000000..99f43d7e0 --- /dev/null +++ b/ntp/templates/ntp.conf.erb @@ -0,0 +1,62 @@ +# ntp.conf: Managed by puppet. +# +<% if @panic == false -%> +# Keep ntpd from panicking in the event of a large clock skew +# when a VM guest is suspended and resumed. +tinker panic 0 +<% end -%> + +<% if @disable_monitor == true -%> +disable monitor +<% end -%> + +<% if @restrict != [] -%> +# Permit time synchronization with our time source, but do not +# permit the source to query or modify the service on this system. +<% @restrict.flatten.each do |restrict| -%> +restrict <%= restrict %> +<% end -%> +<% end -%> + +<% if @interfaces != [] -%> +# Ignore wildcard interface and only listen on the following specified +# interfaces +interface ignore wildcard +<% @interfaces.flatten.each do |interface| -%> +interface listen <%= interface %> +<% end -%> +<% end -%> + +<% [@servers].flatten.each do |server| -%> +server <%= server %><% if @iburst_enable == true -%> iburst<% end %><% if @preferred_servers.include?(server) -%> prefer<% end %> +<% end -%> + +<% if scope.lookupvar('::is_virtual') == "false" or @udlc -%> +# Undisciplined Local Clock. This is a fake driver intended for backup +# and when no outside source of synchronized time is available. +server 127.127.1.0 +fudge 127.127.1.0 stratum 10 +restrict 127.127.1.0 +<% end -%> + +# Driftfile. +driftfile <%= @driftfile %> + +<% unless @logfile.nil? -%> +# Logfile +logfile = <%= @logfile %> +<% end -%> + +<% if @keys_enable -%> +keys <%= @keys_file %> +<% unless @keys_trusted.empty? -%> +trustedkey <%= @keys_trusted.join(' ') %> +<% end -%> +<% if @keys_requestkey != '' -%> +requestkey <%= @keys_requestkey %> +<% end -%> +<% if @keys_controlkey != '' -%> +controlkey <%= @keys_controlkey %> +<% end -%> + +<% end -%> diff --git a/ntp/tests/init.pp b/ntp/tests/init.pp new file mode 100644 index 000000000..e6d9b537f --- /dev/null +++ b/ntp/tests/init.pp @@ -0,0 +1,11 @@ +node default { + + notify { 'enduser-before': } + notify { 'enduser-after': } + + class { 'ntp': + require => Notify['enduser-before'], + before => Notify['enduser-after'], + } + +}