Loading howto/puppet.md +54 −0 Original line number Diff line number Diff line Loading @@ -10,6 +10,60 @@ we favor the use of [fabric](howto/fabric). This page is long! This first section hopes to get you running with a simple task quickly. ## Adding an "message of the day" (motd) on a server To post announcements to shell users of a servers, it might be a good idea to post a "message of the day" (`/etc/motd`) that will show up on login. Good examples are known issues, maintenance windows, or service retirements. This change should be fairly inoffensive because it should affect only a single server, and only the `motd`, so the worst that can happen here is a silly motd gets displayed (or nothing at all). Here is how to make the change: 1. To any change on the Puppet server, you will first need to clone the git repository: git clone pauli.torproject.org:/srv/puppet.torproject.org/git/tor-puppet This needs to be only done once. 2. the messages are managed by the `motd` module, but to easily add an "extra" entry, you should had to the Hiera data storage for the specific host you want to modify. Let's say you want to add a `motd` on `perdulce`, the current `people.torproject.org` server. The file you will need to change (or create!) is `hiera/nodes/perdulce.torproject.org.yaml`: $EDITOR hiera/nodes/perdulce.torproject.org.yaml 3. Hiera stores data in YAML. So you need to create a little YAML snippet, like this: motd::extra: | Hello world! 4. Then you can commit this and *push*: git commit -m"add a nice friendly message to the motd" && git push 5. Then you should login to the host and make sure the code applies correctly, in dry-run mode: ssh -tt perdulce.torproject.org sudo puppet agent -t --noop 6. If that works, you can do it for real: ssh -tt perdulce.torproject.org sudo puppet agent -t On next login, you should see your friendly new message. Do not forget to revert the change! The next tutorial is about a more elaborate change, performed on multiple servers. ## Adding an IP address to the global allow list In this tutorial, we will add an IP address to the global allow list, Loading Loading
howto/puppet.md +54 −0 Original line number Diff line number Diff line Loading @@ -10,6 +10,60 @@ we favor the use of [fabric](howto/fabric). This page is long! This first section hopes to get you running with a simple task quickly. ## Adding an "message of the day" (motd) on a server To post announcements to shell users of a servers, it might be a good idea to post a "message of the day" (`/etc/motd`) that will show up on login. Good examples are known issues, maintenance windows, or service retirements. This change should be fairly inoffensive because it should affect only a single server, and only the `motd`, so the worst that can happen here is a silly motd gets displayed (or nothing at all). Here is how to make the change: 1. To any change on the Puppet server, you will first need to clone the git repository: git clone pauli.torproject.org:/srv/puppet.torproject.org/git/tor-puppet This needs to be only done once. 2. the messages are managed by the `motd` module, but to easily add an "extra" entry, you should had to the Hiera data storage for the specific host you want to modify. Let's say you want to add a `motd` on `perdulce`, the current `people.torproject.org` server. The file you will need to change (or create!) is `hiera/nodes/perdulce.torproject.org.yaml`: $EDITOR hiera/nodes/perdulce.torproject.org.yaml 3. Hiera stores data in YAML. So you need to create a little YAML snippet, like this: motd::extra: | Hello world! 4. Then you can commit this and *push*: git commit -m"add a nice friendly message to the motd" && git push 5. Then you should login to the host and make sure the code applies correctly, in dry-run mode: ssh -tt perdulce.torproject.org sudo puppet agent -t --noop 6. If that works, you can do it for real: ssh -tt perdulce.torproject.org sudo puppet agent -t On next login, you should see your friendly new message. Do not forget to revert the change! The next tutorial is about a more elaborate change, performed on multiple servers. ## Adding an IP address to the global allow list In this tutorial, we will add an IP address to the global allow list, Loading
