Develop Reference

Converting Puppet DSL to Yaml - how to get the same list item twice?

I have a puppet class I am configuring:
class { 'filebeat':
modules => [
module => 'apache',
module => 'iptables',
],
],
}
I am trying to output the following:
filebeat:
modules:
- module: apache
- module: iptables
However, having the two items both named "module" causes the second one to overwrite the first. The actual output I get is:
filebeat:
modules:
- module: iptables
How can I edit my Puppet code such that I generate the desired yaml output with multiple module entries?

The correct syntax is:
class { 'filebeat':
modules => [
{ module => 'apache' } ,
{ module => 'auditd' } ,
],
}

looping in Puppet 5 results in duplicate declaration error

Request some help please.
Requirement is to create a custom firewall service and then allow this custom firewall service only to a selected ips (trying to use firewalld_rich_rules here).
Here is the sample code:
class foo::fwall (
$sourceip = undef,
)
{
include firewalld
if $sourceip {
$sourceip.each |String $ipaddr| {
firewalld_rich_rule { "rich_rule_${ipaddr}":
ensure => enabled,
permanent => true,
zone => 'public',
family => ipv4,
source => $ipaddr,
element => service,
servicename => 'bar',
action => accept,
}
}
}
# this is defined in firewalld class and works good
firewalld::custom_service { 'bar':
short => 'bar custom service',
description => 'custom service ports',
ports => [
{
port => '7771',
protocol => 'tcp',
},
{
port => '8282',
protocol => 'tcp',
},
{
port => '8539',
protocol => 'tcp',
},
],
}
}
and while running it on a node, with couple of ip addresses (provided as an array for $sourceip), it results in duplicate declaration error
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Error while evaluating a Resource Statement, Duplicate declaration: Firewalld_rich_rule[rich_rule_2] is already declared at (file: .../dev/modules/test/manifests/fwall.pp, line: 11); cannot redeclare (file: .../dev/modules/test/manifests/fwall.pp, line: 11) (file: .../dev/modules/test/manifests/fwall.pp, line: 11, column: 7) on node server.domain
Trying it in puppet v5.5 (from puppetlabs) for Redhat Enterprise Linux 7 servers
Note: tried defining a resource following this example from Puppet documentation but getting invalid address error.
define puppet::binary::symlink ($binary = $title) {
file {"/usr/bin/${binary}":
ensure => link,
target => "/opt/puppetlabs/bin/${binary}",
}
}
Use the defined type for the iteration somewhere ele in your manifest file:
$binaries = ['facter', 'hiera', 'mco', 'puppet', 'puppetserver']
puppet::binary::symlink { $binaries: }

I had to change the datatype for $sourceip to array in RH Satellite's smart class parameters which was String by default. Everything works good now.

Puppet Evaluation Error: Error while evaluating a Resource Statement, Could not find declared class

I'm trying to deploy an application called Bag-Of-Holding via Puppet using the instruction as posted on github - https://github.com/ribeiroit/boh-puppet
I run the command: sudo puppet apply /etc/puppet/manifests/site.pp
and I get the error below:
Error: Evaluation Error: Error while evaluating a Resource Statement, Could not find declared class boh at /etc/puppet/manifests/site.pp:2:2 on node lab1-hp-elitebook-8570p
It appears the puppet is having hard time finding the class boh which is already in the manifest folder
This is my directory tree:
/etc/puppet
├── code
├── manifests
└── modules
└── boh-puppet
├── manifests
└── templates
my site.pp file is located in /etc/puppet/manifests
and it looks like this:
node 'lab1-hp-elitebook-8570p' {
class { 'boh':
python_version => 3,
environment => 'dev',
language => 'en',
debug => 'True',
create_superuser => 'true',
pkg_checksum => '86b0164f7fd6c5e4aa43c8f056f08cea'
}
}
And init.pp file has the class {boh } and that's located at:
/etc/puppet/modules/boh-puppet/manifests
Any ideas how to fix this?

Puppet requires certain namespace restrictions and conventions with module directory structure and class names when autoloading. In this case, your problem can be solved most simply and cleanly to follow normal conventions by renaming your module directory of boh-puppet to simply boh. That will fix your issue.
Consult the documentation here for more information: https://puppet.com/docs/puppet/4.10/lang_namespaces.html
Since you are using puppet apply with absolute paths, you will also need to supply the path to your modules by modifying the command to: sudo puppet apply --modulepath=/etc/puppet/modules /etc/puppet/manifests/site.pp.

You are not calling the module name properly. This should work:
node 'lab1-hp-elitebook-8570p' {
class { 'boh-puppet':
python_version => 3,
environment => 'dev',
language => 'en',
debug => 'True',
create_superuser => 'true',
pkg_checksum => '86b0164f7fd6c5e4aa43c8f056f08cea'
}
}
or the fqn this:
node 'lab1-hp-elitebook-8570p' {
class { '::boh-puppet':
python_version => 3,
environment => 'dev',
language => 'en',
debug => 'True',
create_superuser => 'true',
pkg_checksum => '86b0164f7fd6c5e4aa43c8f056f08cea'
}
}

Puppet can't find class firewall

I have a basic puppet install using this tutorial https://www.digitalocean.com/community/tutorials/how-to-install-puppet-4-on-ubuntu-16-04
When I run /opt/puppetlabs/bin/puppet agent --test on my node I get
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Error while evaluating a Resource Statement. Could not find declared class firewall at /etc/puppetlabs/code/environments/production/manifests/site.pp:7:1 on node mark-inspiron.
On my node:
/opt/puppetlabs/bin/puppet module list
returns
/etc/puppetlabs/code/environment/production/modules
----- puppetlabs-firewall (v1.9.0)
On my puppet master at /etc/puppetlabs/code/environments/production/manifests/site.pp:
file {'/tmp/it_works.txt': # resource type file and filename
ensure => present, # make sure it exists
mode => '0644', # file permissions
content => "It works on ${ipaddress_eth0}!\n", # Print the eth0 IP fact
}
class { 'firewall': }
resources { 'firewall':
purge => true,
}
firewall { "051 asterisk-set-rate-limit-register":
string => "REGISTER sip:",
string_algo => "bm",
dport => '5060',
proto => 'udp',
recent => 'set',
rname => 'VOIPREGISTER',
rsource => 'true';
}
firewall { "052 asterisk-drop-rate-limit-register":
string => "REGISTER sip:",
string_algo => "bm",
dport => '5060',
proto => 'udp',
action => 'drop',
recent => 'update',
rseconds => '600',
rhitcount => '5',
rname => 'VOIPREGISTER',
rsource => true,
rttl => true;
}
The file part works but not firewall.

You need to install the modules on your master in a master setup with Puppet. They need to be somewhere in your modulepath. You can either place it in the modules directory within your $codedir (normally /etc/puppetlabs/code/modules) or in your directory environment modules directory (likely /etc/puppetlabs/code/environments/production/modules in your case since your cited site.pp is there). If you defined additional module paths in your environment.conf, then you can also place the modules there.
You can install/deploy them with a variety of methods, such as librarian-puppet, r10k, or code-manager (in Enterprise). However, the easiest method for you would be puppet module install puppetlabs-firewall on the master. Your Puppet catalog will then find the firewall class during compilation.
On a side note, that:
resources { 'firewall':
purge => true,
}
will remove any changes to associated firewall configurations (as defined by Puppet's knowledge of the system firewall configuration according to the module's definition of what the resource manages) that are not managed by Puppet. This is nice for eliminating local changes that people make, but it can also have interesting side effects, so be careful.

Put an Include directive inside Directory in a vhost with puppet

Is there any way to create a "Directory" in a vhost and put inside an "Include" with Puppet?
Like this:
<Directory "/var/www">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
Include /etc/apache2/myconf.d/htpasswd.conf
</Directory>
I did it with "custom_fragment" but I would like to do with "additional_includes", but "additional_includes" can't use it inside the variable "directories".
Is there any another way?
Thanks.

I assume you are using Puppet Enterprise or the PLAM.
It has indeed no native support for what you are trying. custom_fragment is actually a very good choice here.
If you really want to add the include through a dedicated hash key, you can modify the module and open a pull request. You will basically have to add a section like the existing ones to the template. Also, some brief documentation. The guys love pull requests ;-)

Looks like you're looking for an array?
if you are using the puppetlabs module, you can use "additional_includes"
additional_includes
Specifies paths to additional static, vhost-specific Apache configuration files. Useful for implementing a unique, custom configuration not supported by this module. Can be an array. Defaults to '[]'.
https://forge.puppetlabs.com/puppetlabs/apache#parameter-directories-for-apachevhost
apache::vhost { 'myvhost.whaterver.com':
port => 8080,
docroot => '/var/www/folder',
directories => [
{ 'path' => '/var/www/folder',
'options' => 'None',
'allow_override' => 'None',
'order' => 'Allow,Deny',
'allow' => 'from All',
'additional_includes' => ['/etc/apache2/myconf.d/htpasswd.conf', 'other settings'],
},],
`

Here a snippet that works for me:
class {'apache':
default_vhost => false,
}
apache::vhost {'mydefault':
port => 80,
docroot => '/var/www/html',
directories => [
{
'path' => '/var/www/html',
'provider' => 'files',
},
{
'path' => '/media/my_builds',
'options' => 'Indexes FollowSymLinks MultiViews',
'allowoverride' => 'None',
'require' => 'all granted',
'additional_includes' => ['what Randy Black said'],
},
],
aliases => [
{
alias => '/my_builds',
path => '/media/my_builds',
},
],
}