... | ... | @@ -10,6 +10,60 @@ we favor the use of [fabric](howto/fabric). |
|
|
This page is long! This first section hopes to get
|
|
|
you running with a simple task quickly.
|
|
|
|
|
|
## Adding an "message of the day" (motd) on a server
|
|
|
|
|
|
To post announcements to shell users of a servers, it might be a good
|
|
|
idea to post a "message of the day" (`/etc/motd`) that will show up on
|
|
|
login. Good examples are known issues, maintenance windows, or service
|
|
|
retirements.
|
|
|
|
|
|
This change should be fairly inoffensive because it should affect only
|
|
|
a single server, and only the `motd`, so the worst that can happen
|
|
|
here is a silly motd gets displayed (or nothing at all).
|
|
|
|
|
|
Here is how to make the change:
|
|
|
|
|
|
1. To any change on the Puppet server, you will first need to clone
|
|
|
the git repository:
|
|
|
|
|
|
git clone pauli.torproject.org:/srv/puppet.torproject.org/git/tor-puppet
|
|
|
|
|
|
This needs to be only done once.
|
|
|
|
|
|
2. the messages are managed by the `motd` module, but to easily add
|
|
|
an "extra" entry, you should had to the Hiera data storage for the
|
|
|
specific host you want to modify. Let's say you want to add a
|
|
|
`motd` on `perdulce`, the current `people.torproject.org`
|
|
|
server. The file you will need to change (or create!) is
|
|
|
`hiera/nodes/perdulce.torproject.org.yaml`:
|
|
|
|
|
|
$EDITOR hiera/nodes/perdulce.torproject.org.yaml
|
|
|
|
|
|
3. Hiera stores data in YAML. So you need to create a little YAML
|
|
|
snippet, like this:
|
|
|
|
|
|
motd::extra: |
|
|
|
Hello world!
|
|
|
|
|
|
4. Then you can commit this and *push*:
|
|
|
|
|
|
git commit -m"add a nice friendly message to the motd" && git push
|
|
|
|
|
|
5. Then you should login to the host and make sure the code applies
|
|
|
correctly, in dry-run mode:
|
|
|
|
|
|
ssh -tt perdulce.torproject.org sudo puppet agent -t --noop
|
|
|
|
|
|
6. If that works, you can do it for real:
|
|
|
|
|
|
ssh -tt perdulce.torproject.org sudo puppet agent -t
|
|
|
|
|
|
On next login, you should see your friendly new message. Do not forget
|
|
|
to revert the change!
|
|
|
|
|
|
The next tutorial is about a more elaborate change, performed on
|
|
|
multiple servers.
|
|
|
|
|
|
## Adding an IP address to the global allow list
|
|
|
|
|
|
In this tutorial, we will add an IP address to the global allow list,
|
... | ... | |