From 75eb1a889edfceadad4de0c19a64b0f8c3e808d3 Mon Sep 17 00:00:00 2001 From: "Jason Crowe (Mozilla)" Date: Mon, 6 Nov 2017 15:25:40 -0500 Subject: [PATCH 1/9] Update builder artifacts for v2.1.0-dev release [skip ci] --- nubis/builder/project.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nubis/builder/project.json b/nubis/builder/project.json index 2f38ca0..196051f 100644 --- a/nubis/builder/project.json +++ b/nubis/builder/project.json @@ -5,6 +5,6 @@ ], "project_description": "Creates a HA nat instance as well as a squid proxy", "project_name": "nubis-nat", - "project_version": "v2.0.3" + "project_version": "v2.1.0-dev" } } From 2f426b6d03e77f7d8dbafdfc87efeada822597c4 Mon Sep 17 00:00:00 2001 From: limed Date: Wed, 15 Nov 2017 15:18:06 -0800 Subject: [PATCH 2/9] Use proper interface for squid exporter service --- nubis/puppet/files/interface-fixup | 2 ++ nubis/puppet/files/squid-exporter/svc-squid-exporter.json | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/nubis/puppet/files/interface-fixup b/nubis/puppet/files/interface-fixup index c9d9f71..e33a061 100644 --- a/nubis/puppet/files/interface-fixup +++ b/nubis/puppet/files/interface-fixup @@ -25,3 +25,5 @@ cat < Date: Mon, 27 Nov 2017 12:12:20 -0500 Subject: [PATCH 3/9] Move nubis/puppet/files => nubis/files --- nubis/{puppet => }/files/interface-fixup | 0 nubis/{puppet => }/files/nat-welcome | 0 nubis/{puppet => }/files/nat/confd/conf.d/iptables.toml | 0 nubis/{puppet => }/files/nat/confd/templates/iptables.tmpl | 0 nubis/{puppet => }/files/nat/eip-attach | 0 nubis/{puppet => }/files/nat/eni-associate | 0 nubis/{puppet => }/files/nat/iptables.save | 0 nubis/{puppet => }/files/nat/logging/99-iptables.conf | 0 nubis/{puppet => }/files/nat/logging/logrotate_iptables.conf | 0 nubis/{puppet => }/files/nat/profile.d_proxy.sh | 0 nubis/{puppet => }/files/proxy/allow_domains.txt | 0 nubis/{puppet => }/files/proxy/allow_regex_domains.txt | 0 nubis/{puppet => }/files/proxy/allow_subnets.txt | 0 .../files/proxy/confd-squid/conf.d/squid_allow_domains.toml | 0 .../files/proxy/confd-squid/conf.d/squid_allow_regex_domains.toml | 0 .../files/proxy/confd-squid/conf.d/squid_allow_subnets.toml | 0 .../files/proxy/confd-squid/conf.d/squid_deny_domains.toml | 0 .../files/proxy/confd-squid/conf.d/squid_deny_subnets.toml | 0 .../files/proxy/confd-squid/templates/squid_allow_domains.tmpl | 0 .../proxy/confd-squid/templates/squid_allow_regex_domains.tmpl | 0 .../files/proxy/confd-squid/templates/squid_allow_subnets.tmpl | 0 .../files/proxy/confd-squid/templates/squid_deny_domains.tmpl | 0 .../files/proxy/confd-squid/templates/squid_deny_subnets.tmpl | 0 .../files/proxy/confd-squid3/conf.d/squid_allow_domains.toml | 0 .../proxy/confd-squid3/conf.d/squid_allow_regex_domains.toml | 0 .../files/proxy/confd-squid3/conf.d/squid_allow_subnets.toml | 0 .../files/proxy/confd-squid3/conf.d/squid_deny_domains.toml | 0 .../files/proxy/confd-squid3/conf.d/squid_deny_subnets.toml | 0 .../files/proxy/confd-squid3/templates/squid_allow_domains.tmpl | 0 .../proxy/confd-squid3/templates/squid_allow_regex_domains.tmpl | 0 .../files/proxy/confd-squid3/templates/squid_allow_subnets.tmpl | 0 .../files/proxy/confd-squid3/templates/squid_deny_domains.tmpl | 0 .../files/proxy/confd-squid3/templates/squid_deny_subnets.tmpl | 0 nubis/{puppet => }/files/proxy/consul-svc-squid.json | 0 nubis/{puppet => }/files/proxy/consul-svc-squid3.json | 0 nubis/{puppet => }/files/proxy/deny_domains.txt | 0 nubis/{puppet => }/files/proxy/deny_subnets.txt | 0 nubis/{puppet => }/files/squid-exporter/99-squid-exporter-startup | 0 nubis/{puppet => }/files/squid-exporter/squid-exporter.init | 0 nubis/{puppet => }/files/squid-exporter/squid-exporter.upstart | 0 nubis/{puppet => }/files/squid-exporter/svc-squid-exporter.json | 0 nubis/{puppet => }/files/vpc-blocklist | 0 42 files changed, 0 insertions(+), 0 deletions(-) rename nubis/{puppet => }/files/interface-fixup (100%) rename nubis/{puppet => }/files/nat-welcome (100%) rename nubis/{puppet => }/files/nat/confd/conf.d/iptables.toml (100%) rename nubis/{puppet => }/files/nat/confd/templates/iptables.tmpl (100%) rename nubis/{puppet => }/files/nat/eip-attach (100%) rename nubis/{puppet => }/files/nat/eni-associate (100%) rename nubis/{puppet => }/files/nat/iptables.save (100%) rename nubis/{puppet => }/files/nat/logging/99-iptables.conf (100%) rename nubis/{puppet => }/files/nat/logging/logrotate_iptables.conf (100%) rename nubis/{puppet => }/files/nat/profile.d_proxy.sh (100%) rename nubis/{puppet => }/files/proxy/allow_domains.txt (100%) rename nubis/{puppet => }/files/proxy/allow_regex_domains.txt (100%) rename nubis/{puppet => }/files/proxy/allow_subnets.txt (100%) rename nubis/{puppet => }/files/proxy/confd-squid/conf.d/squid_allow_domains.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid/conf.d/squid_allow_regex_domains.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid/conf.d/squid_allow_subnets.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid/conf.d/squid_deny_domains.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid/conf.d/squid_deny_subnets.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid/templates/squid_allow_domains.tmpl (100%) rename nubis/{puppet => }/files/proxy/confd-squid/templates/squid_allow_regex_domains.tmpl (100%) rename nubis/{puppet => }/files/proxy/confd-squid/templates/squid_allow_subnets.tmpl (100%) rename nubis/{puppet => }/files/proxy/confd-squid/templates/squid_deny_domains.tmpl (100%) rename nubis/{puppet => }/files/proxy/confd-squid/templates/squid_deny_subnets.tmpl (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/conf.d/squid_allow_domains.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/conf.d/squid_allow_regex_domains.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/conf.d/squid_allow_subnets.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/conf.d/squid_deny_domains.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/conf.d/squid_deny_subnets.toml (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/templates/squid_allow_domains.tmpl (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/templates/squid_allow_regex_domains.tmpl (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/templates/squid_allow_subnets.tmpl (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/templates/squid_deny_domains.tmpl (100%) rename nubis/{puppet => }/files/proxy/confd-squid3/templates/squid_deny_subnets.tmpl (100%) rename nubis/{puppet => }/files/proxy/consul-svc-squid.json (100%) rename nubis/{puppet => }/files/proxy/consul-svc-squid3.json (100%) rename nubis/{puppet => }/files/proxy/deny_domains.txt (100%) rename nubis/{puppet => }/files/proxy/deny_subnets.txt (100%) rename nubis/{puppet => }/files/squid-exporter/99-squid-exporter-startup (100%) rename nubis/{puppet => }/files/squid-exporter/squid-exporter.init (100%) rename nubis/{puppet => }/files/squid-exporter/squid-exporter.upstart (100%) rename nubis/{puppet => }/files/squid-exporter/svc-squid-exporter.json (100%) rename nubis/{puppet => }/files/vpc-blocklist (100%) diff --git a/nubis/puppet/files/interface-fixup b/nubis/files/interface-fixup similarity index 100% rename from nubis/puppet/files/interface-fixup rename to nubis/files/interface-fixup diff --git a/nubis/puppet/files/nat-welcome b/nubis/files/nat-welcome similarity index 100% rename from nubis/puppet/files/nat-welcome rename to nubis/files/nat-welcome diff --git a/nubis/puppet/files/nat/confd/conf.d/iptables.toml b/nubis/files/nat/confd/conf.d/iptables.toml similarity index 100% rename from nubis/puppet/files/nat/confd/conf.d/iptables.toml rename to nubis/files/nat/confd/conf.d/iptables.toml diff --git a/nubis/puppet/files/nat/confd/templates/iptables.tmpl b/nubis/files/nat/confd/templates/iptables.tmpl similarity index 100% rename from nubis/puppet/files/nat/confd/templates/iptables.tmpl rename to nubis/files/nat/confd/templates/iptables.tmpl diff --git a/nubis/puppet/files/nat/eip-attach b/nubis/files/nat/eip-attach similarity index 100% rename from nubis/puppet/files/nat/eip-attach rename to nubis/files/nat/eip-attach diff --git a/nubis/puppet/files/nat/eni-associate b/nubis/files/nat/eni-associate similarity index 100% rename from nubis/puppet/files/nat/eni-associate rename to nubis/files/nat/eni-associate diff --git a/nubis/puppet/files/nat/iptables.save b/nubis/files/nat/iptables.save similarity index 100% rename from nubis/puppet/files/nat/iptables.save rename to nubis/files/nat/iptables.save diff --git a/nubis/puppet/files/nat/logging/99-iptables.conf b/nubis/files/nat/logging/99-iptables.conf similarity index 100% rename from nubis/puppet/files/nat/logging/99-iptables.conf rename to nubis/files/nat/logging/99-iptables.conf diff --git a/nubis/puppet/files/nat/logging/logrotate_iptables.conf b/nubis/files/nat/logging/logrotate_iptables.conf similarity index 100% rename from nubis/puppet/files/nat/logging/logrotate_iptables.conf rename to nubis/files/nat/logging/logrotate_iptables.conf diff --git a/nubis/puppet/files/nat/profile.d_proxy.sh b/nubis/files/nat/profile.d_proxy.sh similarity index 100% rename from nubis/puppet/files/nat/profile.d_proxy.sh rename to nubis/files/nat/profile.d_proxy.sh diff --git a/nubis/puppet/files/proxy/allow_domains.txt b/nubis/files/proxy/allow_domains.txt similarity index 100% rename from nubis/puppet/files/proxy/allow_domains.txt rename to nubis/files/proxy/allow_domains.txt diff --git a/nubis/puppet/files/proxy/allow_regex_domains.txt b/nubis/files/proxy/allow_regex_domains.txt similarity index 100% rename from nubis/puppet/files/proxy/allow_regex_domains.txt rename to nubis/files/proxy/allow_regex_domains.txt diff --git a/nubis/puppet/files/proxy/allow_subnets.txt b/nubis/files/proxy/allow_subnets.txt similarity index 100% rename from nubis/puppet/files/proxy/allow_subnets.txt rename to nubis/files/proxy/allow_subnets.txt diff --git a/nubis/puppet/files/proxy/confd-squid/conf.d/squid_allow_domains.toml b/nubis/files/proxy/confd-squid/conf.d/squid_allow_domains.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/conf.d/squid_allow_domains.toml rename to nubis/files/proxy/confd-squid/conf.d/squid_allow_domains.toml diff --git a/nubis/puppet/files/proxy/confd-squid/conf.d/squid_allow_regex_domains.toml b/nubis/files/proxy/confd-squid/conf.d/squid_allow_regex_domains.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/conf.d/squid_allow_regex_domains.toml rename to nubis/files/proxy/confd-squid/conf.d/squid_allow_regex_domains.toml diff --git a/nubis/puppet/files/proxy/confd-squid/conf.d/squid_allow_subnets.toml b/nubis/files/proxy/confd-squid/conf.d/squid_allow_subnets.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/conf.d/squid_allow_subnets.toml rename to nubis/files/proxy/confd-squid/conf.d/squid_allow_subnets.toml diff --git a/nubis/puppet/files/proxy/confd-squid/conf.d/squid_deny_domains.toml b/nubis/files/proxy/confd-squid/conf.d/squid_deny_domains.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/conf.d/squid_deny_domains.toml rename to nubis/files/proxy/confd-squid/conf.d/squid_deny_domains.toml diff --git a/nubis/puppet/files/proxy/confd-squid/conf.d/squid_deny_subnets.toml b/nubis/files/proxy/confd-squid/conf.d/squid_deny_subnets.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/conf.d/squid_deny_subnets.toml rename to nubis/files/proxy/confd-squid/conf.d/squid_deny_subnets.toml diff --git a/nubis/puppet/files/proxy/confd-squid/templates/squid_allow_domains.tmpl b/nubis/files/proxy/confd-squid/templates/squid_allow_domains.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/templates/squid_allow_domains.tmpl rename to nubis/files/proxy/confd-squid/templates/squid_allow_domains.tmpl diff --git a/nubis/puppet/files/proxy/confd-squid/templates/squid_allow_regex_domains.tmpl b/nubis/files/proxy/confd-squid/templates/squid_allow_regex_domains.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/templates/squid_allow_regex_domains.tmpl rename to nubis/files/proxy/confd-squid/templates/squid_allow_regex_domains.tmpl diff --git a/nubis/puppet/files/proxy/confd-squid/templates/squid_allow_subnets.tmpl b/nubis/files/proxy/confd-squid/templates/squid_allow_subnets.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/templates/squid_allow_subnets.tmpl rename to nubis/files/proxy/confd-squid/templates/squid_allow_subnets.tmpl diff --git a/nubis/puppet/files/proxy/confd-squid/templates/squid_deny_domains.tmpl b/nubis/files/proxy/confd-squid/templates/squid_deny_domains.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/templates/squid_deny_domains.tmpl rename to nubis/files/proxy/confd-squid/templates/squid_deny_domains.tmpl diff --git a/nubis/puppet/files/proxy/confd-squid/templates/squid_deny_subnets.tmpl b/nubis/files/proxy/confd-squid/templates/squid_deny_subnets.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid/templates/squid_deny_subnets.tmpl rename to nubis/files/proxy/confd-squid/templates/squid_deny_subnets.tmpl diff --git a/nubis/puppet/files/proxy/confd-squid3/conf.d/squid_allow_domains.toml b/nubis/files/proxy/confd-squid3/conf.d/squid_allow_domains.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/conf.d/squid_allow_domains.toml rename to nubis/files/proxy/confd-squid3/conf.d/squid_allow_domains.toml diff --git a/nubis/puppet/files/proxy/confd-squid3/conf.d/squid_allow_regex_domains.toml b/nubis/files/proxy/confd-squid3/conf.d/squid_allow_regex_domains.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/conf.d/squid_allow_regex_domains.toml rename to nubis/files/proxy/confd-squid3/conf.d/squid_allow_regex_domains.toml diff --git a/nubis/puppet/files/proxy/confd-squid3/conf.d/squid_allow_subnets.toml b/nubis/files/proxy/confd-squid3/conf.d/squid_allow_subnets.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/conf.d/squid_allow_subnets.toml rename to nubis/files/proxy/confd-squid3/conf.d/squid_allow_subnets.toml diff --git a/nubis/puppet/files/proxy/confd-squid3/conf.d/squid_deny_domains.toml b/nubis/files/proxy/confd-squid3/conf.d/squid_deny_domains.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/conf.d/squid_deny_domains.toml rename to nubis/files/proxy/confd-squid3/conf.d/squid_deny_domains.toml diff --git a/nubis/puppet/files/proxy/confd-squid3/conf.d/squid_deny_subnets.toml b/nubis/files/proxy/confd-squid3/conf.d/squid_deny_subnets.toml similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/conf.d/squid_deny_subnets.toml rename to nubis/files/proxy/confd-squid3/conf.d/squid_deny_subnets.toml diff --git a/nubis/puppet/files/proxy/confd-squid3/templates/squid_allow_domains.tmpl b/nubis/files/proxy/confd-squid3/templates/squid_allow_domains.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/templates/squid_allow_domains.tmpl rename to nubis/files/proxy/confd-squid3/templates/squid_allow_domains.tmpl diff --git a/nubis/puppet/files/proxy/confd-squid3/templates/squid_allow_regex_domains.tmpl b/nubis/files/proxy/confd-squid3/templates/squid_allow_regex_domains.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/templates/squid_allow_regex_domains.tmpl rename to nubis/files/proxy/confd-squid3/templates/squid_allow_regex_domains.tmpl diff --git a/nubis/puppet/files/proxy/confd-squid3/templates/squid_allow_subnets.tmpl b/nubis/files/proxy/confd-squid3/templates/squid_allow_subnets.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/templates/squid_allow_subnets.tmpl rename to nubis/files/proxy/confd-squid3/templates/squid_allow_subnets.tmpl diff --git a/nubis/puppet/files/proxy/confd-squid3/templates/squid_deny_domains.tmpl b/nubis/files/proxy/confd-squid3/templates/squid_deny_domains.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/templates/squid_deny_domains.tmpl rename to nubis/files/proxy/confd-squid3/templates/squid_deny_domains.tmpl diff --git a/nubis/puppet/files/proxy/confd-squid3/templates/squid_deny_subnets.tmpl b/nubis/files/proxy/confd-squid3/templates/squid_deny_subnets.tmpl similarity index 100% rename from nubis/puppet/files/proxy/confd-squid3/templates/squid_deny_subnets.tmpl rename to nubis/files/proxy/confd-squid3/templates/squid_deny_subnets.tmpl diff --git a/nubis/puppet/files/proxy/consul-svc-squid.json b/nubis/files/proxy/consul-svc-squid.json similarity index 100% rename from nubis/puppet/files/proxy/consul-svc-squid.json rename to nubis/files/proxy/consul-svc-squid.json diff --git a/nubis/puppet/files/proxy/consul-svc-squid3.json b/nubis/files/proxy/consul-svc-squid3.json similarity index 100% rename from nubis/puppet/files/proxy/consul-svc-squid3.json rename to nubis/files/proxy/consul-svc-squid3.json diff --git a/nubis/puppet/files/proxy/deny_domains.txt b/nubis/files/proxy/deny_domains.txt similarity index 100% rename from nubis/puppet/files/proxy/deny_domains.txt rename to nubis/files/proxy/deny_domains.txt diff --git a/nubis/puppet/files/proxy/deny_subnets.txt b/nubis/files/proxy/deny_subnets.txt similarity index 100% rename from nubis/puppet/files/proxy/deny_subnets.txt rename to nubis/files/proxy/deny_subnets.txt diff --git a/nubis/puppet/files/squid-exporter/99-squid-exporter-startup b/nubis/files/squid-exporter/99-squid-exporter-startup similarity index 100% rename from nubis/puppet/files/squid-exporter/99-squid-exporter-startup rename to nubis/files/squid-exporter/99-squid-exporter-startup diff --git a/nubis/puppet/files/squid-exporter/squid-exporter.init b/nubis/files/squid-exporter/squid-exporter.init similarity index 100% rename from nubis/puppet/files/squid-exporter/squid-exporter.init rename to nubis/files/squid-exporter/squid-exporter.init diff --git a/nubis/puppet/files/squid-exporter/squid-exporter.upstart b/nubis/files/squid-exporter/squid-exporter.upstart similarity index 100% rename from nubis/puppet/files/squid-exporter/squid-exporter.upstart rename to nubis/files/squid-exporter/squid-exporter.upstart diff --git a/nubis/puppet/files/squid-exporter/svc-squid-exporter.json b/nubis/files/squid-exporter/svc-squid-exporter.json similarity index 100% rename from nubis/puppet/files/squid-exporter/svc-squid-exporter.json rename to nubis/files/squid-exporter/svc-squid-exporter.json diff --git a/nubis/puppet/files/vpc-blocklist b/nubis/files/vpc-blocklist similarity index 100% rename from nubis/puppet/files/vpc-blocklist rename to nubis/files/vpc-blocklist From 2a5fd4b5a98d432bef4a67cead7e2f43c819ceef Mon Sep 17 00:00:00 2001 From: "Philippe M. Chiasson" Date: Mon, 27 Nov 2017 13:07:14 -0500 Subject: [PATCH 4/9] convert to puppet 4 --- nubis/files/nat/confd/conf.d/iptables.toml | 2 +- nubis/files/nat/confd/templates/iptables.tmpl | 14 ++++++++++++-- nubis/puppet/01_proxy.pp | 13 ------------- 3 files changed, 13 insertions(+), 16 deletions(-) delete mode 100644 nubis/puppet/01_proxy.pp diff --git a/nubis/files/nat/confd/conf.d/iptables.toml b/nubis/files/nat/confd/conf.d/iptables.toml index cbdb1e5..ed580e7 100644 --- a/nubis/files/nat/confd/conf.d/iptables.toml +++ b/nubis/files/nat/confd/conf.d/iptables.toml @@ -11,4 +11,4 @@ keys = [ "/config/IptablesAllowUDP" ] -reload_cmd = "/usr/bin/puppet apply --modulepath /etc/puppet/modules /usr/local/bin/iptables.pp" +reload_cmd = "/usr/bin/puppet apply /usr/local/bin/iptables.pp" diff --git a/nubis/files/nat/confd/templates/iptables.tmpl b/nubis/files/nat/confd/templates/iptables.tmpl index 9fa7aa5..74c52b4 100644 --- a/nubis/files/nat/confd/templates/iptables.tmpl +++ b/nubis/files/nat/confd/templates/iptables.tmpl @@ -6,8 +6,8 @@ # 200 - 299 UDP confd generated rules # 990 - 999 Bottom of the file rules -$vpc_fact = "ec2_network_interfaces_macs_${macaddress_eth1}_vpc_ipv4_cidr_block" -$vpc_cidr = inline_template("<%= scope.lookupvar(@vpc_fact.downcase) %>") +$mac_addr = $::networking['interfaces']['eth1']['mac'] +$vpc_cidr = $::ec2_metadata['network']['interfaces']['macs'][$mac_addr]['vpc-ipv4-cidr-block'] class { 'firewall': } @@ -117,6 +117,16 @@ firewall { '007 Consul/udp in': action => 'accept', } +# Allow conntrackd/udp +firewall { '007 conntrackd/udp in': + chain => 'INPUT', + proto => 'udp', + dport => '3780', + state => [ 'NEW' ], + iniface => 'eth1', + action => 'accept', +} + # Allow node monitoring IN internally firewall { '008 node monitoring IN': chain => 'INPUT', diff --git a/nubis/puppet/01_proxy.pp b/nubis/puppet/01_proxy.pp deleted file mode 100644 index b3909e0..0000000 --- a/nubis/puppet/01_proxy.pp +++ /dev/null @@ -1,13 +0,0 @@ -# Configuring general stuff - -file { '/etc/update-motd.d/55-squid-welcome': - source => 'puppet:///nubis/files/nat-welcome', - owner => 'root', - group => 'root', - mode => '0755', -} - -exec { 'motd_update': - command => $motd_update_command, - require => File['/etc/update-motd.d/55-squid-welcome'], -} From e4f36767183957090b39984134d5c2f251b1e709 Mon Sep 17 00:00:00 2001 From: "Philippe M. Chiasson" Date: Mon, 27 Nov 2017 13:07:20 -0500 Subject: [PATCH 5/9] cleanup --- nubis/Puppetfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nubis/Puppetfile b/nubis/Puppetfile index a5d966c..75ec2eb 100644 --- a/nubis/Puppetfile +++ b/nubis/Puppetfile @@ -4,7 +4,7 @@ mod 'nubis/nubis_nat', :git => 'https://github.com/nubisproject/nubis-puppet-nat.git', :ref => 'develop' -mod 'tinnightcap/puppet-squid3', +mod 'tinnightcap/squid3', :git => 'https://github.com/tinnightcap/puppet-squid3.git', :ref => '9e778ffca2f07d034717da29715e01def7712430' From 2d056b3048aaf71f3074b97e7f11d9d499ddf736 Mon Sep 17 00:00:00 2001 From: "Philippe M. Chiasson" Date: Mon, 27 Nov 2017 13:07:43 -0500 Subject: [PATCH 6/9] cleanup --- .../squid-exporter/99-squid-exporter-startup | 15 -- .../files/squid-exporter/squid-exporter.init | 159 ------------------ 2 files changed, 174 deletions(-) delete mode 100644 nubis/files/squid-exporter/99-squid-exporter-startup delete mode 100644 nubis/files/squid-exporter/squid-exporter.init diff --git a/nubis/files/squid-exporter/99-squid-exporter-startup b/nubis/files/squid-exporter/99-squid-exporter-startup deleted file mode 100644 index 0b6297f..0000000 --- a/nubis/files/squid-exporter/99-squid-exporter-startup +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -# shellcheck disable=SC1091 -[ -e /usr/local/lib/nubis/nubis-lib.sh ] && . /usr/local/lib/nubis/nubis-lib.sh || exit 1 - -log "Starting up squid exporter" - -os=$(lsb_release -i | awk '{print $3}') -if [ "${os}" == 'AmazonAMI' ]; then - /etc/init.d/squid-exporter start -elif [ "${os}" == "Ubuntu" ]; then - start squid-exporter -else - log "[warn] Cannot start squid exporter" -fi diff --git a/nubis/files/squid-exporter/squid-exporter.init b/nubis/files/squid-exporter/squid-exporter.init deleted file mode 100644 index 54a093d..0000000 --- a/nubis/files/squid-exporter/squid-exporter.init +++ /dev/null @@ -1,159 +0,0 @@ -#!/bin/sh -# Init script for squid-exporter -# Maintained by -# Generated by pleaserun. -# Implemented based on LSB Core 3.1: -# * Sections: 20.2, 20.3 -# -### BEGIN INIT INFO -# Provides: squid-exporter -# Required-Start: $remote_fs $syslog -# Required-Stop: $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: -# Description: no description given -### END INIT INFO - -PATH=/sbin:/usr/sbin:/bin:/usr/bin -export PATH - -name=squid-exporter -program="/usr/local/bin/$name" -bind_addr=$(jq -r .bind_addr /etc/consul/interface.json) -args="-listern-address ${bind_addr} -listern-port 9106" -pidfile=/var/run/$name.pid -user=root -group=root -chroot="/" -chdir="/" - -# shellcheck disable=SC1090 -[ -r /etc/default/$name ] && . /etc/default/$name -# shellcheck disable=SC1090 -[ -r /etc/sysconfig/$name ] && . /etc/sysconfig/$name - -trace() { - logger -t "$name" "$@" -} - -emit() { - trace "$@" - echo "$@" -} - -start() { - - - # Setup any environmental stuff beforehand - - - # Run the program! - - chroot --userspec "$user":"$group" "$chroot" sh -c " - - cd \"$chdir\" - exec \"$program\" $args - " >> /var/log/$name.log 2>&1 & - - # Generate the pidfile from here. If we instead made the forked process - # generate it there will be a race condition between the pidfile writing - # and a process possibly asking for status. - echo $! > $pidfile - - emit "$name started" - return 0 -} - -stop() { - # Try a few times to kill TERM the program - if status ; then - pid=$(cat "$pidfile") - trace "Killing $name (pid $pid) with SIGTERM" - kill -TERM "$pid" - # Wait for it to exit. - # shellcheck disable=SC2034 - for i in 1 2 3 4 5 ; do - trace "Waiting $name (pid $pid) to die..." - status || break - sleep 1 - done - if status ; then - emit "$name stop failed; still running." - else - emit "$name stopped." - fi - fi -} - -status() { - if [ -f "$pidfile" ] ; then - pid=$(cat "$pidfile") - if ps -p "$pid" > /dev/null 2> /dev/null ; then - # process by this pid is running. - # It may not be our pid, but that's what you get with just pidfiles. - # TODO(sissel): Check if this process seems to be the same as the one we - # expect. It'd be nice to use flock here, but flock uses fork, not exec, - # so it makes it quite awkward to use in this case. - return 0 - else - return 2 # program is dead but pid file exists - fi - else - return 3 # program is not running - fi -} - -force_stop() { - if status ; then - stop - status && kill -KILL "$(cat "$pidfile")" - fi -} - - -case "$1" in - force-start|start|stop|force-stop|restart) - trace "Attempting '$1' on snmp_exporter" - ;; -esac - -case "$1" in - force-start) - exec "$0" start - ;; - start) - status - code=$? - if [ $code -eq 0 ]; then - emit "$name is already running" - exit $code - else - start - exit $? - fi - ;; - stop) stop ;; - force-stop) force_stop ;; - status) - status - code=$? - if [ $code -eq 0 ] ; then - emit "$name is running" - else - emit "$name is not running" - fi - exit $code - ;; - restart) - - stop && start - ;; - *) - echo "Usage: $SCRIPTNAME {start|stop|force-start|force-stop|status|restart}" >&2 - exit 3 - ;; -esac - -exit $? - From e169acb3b536235567ff894740821b6bc1d6e44a Mon Sep 17 00:00:00 2001 From: "Philippe M. Chiasson" Date: Mon, 27 Nov 2017 13:08:13 -0500 Subject: [PATCH 7/9] Finish conversion to CentOS --- nubis/builder/project.json | 5 ++- nubis/files/conntrackd-onboot | 12 ++++++ nubis/files/conntrackd.conf.ctmpl | 46 +++++++++++++++++++++ nubis/files/squid-exporter.systemd | 13 ++++++ nubis/puppet/00_nat.pp | 66 +++++++++++++++++++++++++++++- nubis/puppet/conntrackd.pp | 34 +++++++++++++++ nubis/puppet/squid_exporter.pp | 53 +++--------------------- 7 files changed, 177 insertions(+), 52 deletions(-) create mode 100644 nubis/files/conntrackd-onboot create mode 100644 nubis/files/conntrackd.conf.ctmpl create mode 100644 nubis/files/squid-exporter.systemd create mode 100644 nubis/puppet/conntrackd.pp diff --git a/nubis/builder/project.json b/nubis/builder/project.json index 196051f..ee5726e 100644 --- a/nubis/builder/project.json +++ b/nubis/builder/project.json @@ -1,10 +1,11 @@ { "variables": { "builders": [ - "amazon-ebs-amazon-linux" + "amazon-ebs-centos" ], + "deregister": "true", "project_description": "Creates a HA nat instance as well as a squid proxy", "project_name": "nubis-nat", - "project_version": "v2.1.0-dev" + "project_version": "v2.1.0-rc1" } } diff --git a/nubis/files/conntrackd-onboot b/nubis/files/conntrackd-onboot new file mode 100644 index 0000000..2a0cc43 --- /dev/null +++ b/nubis/files/conntrackd-onboot @@ -0,0 +1,12 @@ +#!/bin/bash + +IP=$(ip addr show dev eth1 scope global | grep inet | awk '{print $2}' | cut -d/ -f1) + +# Stick our side's IP in Consul +NUBIS_ARENA=$(nubis-metadata NUBIS_ARENA) +NUBIS_PROJECT=$(nubis-metadata NUBIS_PROJECT) +KV_PREFIX="nubis/$NUBIS_PROJECT/$NUBIS_ARENA/config" + +SIDE=$(nubis-metadata NUBIS_NAT_SIDE) + +consulate kv set "$KV_PREFIX/EIP/$SIDE" "$IP" diff --git a/nubis/files/conntrackd.conf.ctmpl b/nubis/files/conntrackd.conf.ctmpl new file mode 100644 index 0000000..d0d0860 --- /dev/null +++ b/nubis/files/conntrackd.conf.ctmpl @@ -0,0 +1,46 @@ +{{ $side := plugin "nubis-metadata" "NUBIS_NAT_SIDE" }} +{{ $peer := plugin "nubis-metadata" "NUBIS_NAT_PEER_SIDE" }} + +# This is generated for the {{ $side }} side + +{{ $arena := plugin "nubis-metadata" "NUBIS_ARENA" }} +{{ $project := plugin "nubis-metadata" "NUBIS_PROJECT" }} +{{ $prefix := ( print "nubis/" $project "/" $arena "/config/EIP/" ) }} + +Sync { + Mode FTFW { + DisableExternalCache Off + } + UDP { + # Ourselves + IPv4_address {{ key ( print $prefix $side ) }} + + # Our peer from the {{ $peer }} side + IPv4_Destination_Address {{ key ( print $prefix $peer ) }} + + Port 3780 + Interface eth1 + } +} + +General { + Nice -20 + HashSize 32768 + HashLimit 131072 + LogFile on + LockFile /var/lock/conntrack.lock + UNIX { + Path /var/run/conntrackd.ctl + Backlog 20 + } + Filter From Kernelspace { + Protocol Accept { + TCP + UDP + ICMP + } + Address Ignore { + IPv4_address 127.0.0.1 # loopback + } + } +} diff --git a/nubis/files/squid-exporter.systemd b/nubis/files/squid-exporter.systemd new file mode 100644 index 0000000..7a7cce5 --- /dev/null +++ b/nubis/files/squid-exporter.systemd @@ -0,0 +1,13 @@ +[Unit] +Description=Squid Exporter +Wants=basic.target +After=basic.target network.target squid.service + +[Service] +Restart=on-failure +RestartSec=10s + +ExecStart=/usr/local/bin/squid-exporter -listern-port 9106 -listern-address 0.0.0.0 + +[Install] +WantedBy=multi-user.target diff --git a/nubis/puppet/00_nat.pp b/nubis/puppet/00_nat.pp index 90bcd09..9dfffea 100644 --- a/nubis/puppet/00_nat.pp +++ b/nubis/puppet/00_nat.pp @@ -70,13 +70,75 @@ source => 'puppet:///nubis/files/interface-fixup', } +file { '/etc/nubis.d/conntrackd-onboot': + ensure => file, + owner => root, + group => root, + mode => '0755', + source => 'puppet:///nubis/files/conntrackd-onboot', +} + # TODO: Should have a proper fix and not have nsm class # install supervisor -class { 'nsm': - nsm_mailto => 'moc@mozilla.com' +#class { 'nsm': +# nsm_mailto => 'moc@mozilla.com' +#}-> + +package { 'epel-release': + ensure => latest, +}-> +yumrepo { 'epel': + enabled => 1, +} + +yumrepo { 'ec2-net-utils': + descr => 'Copr repo for ec2-net-utils', + baseurl => 'https://copr-be.cloud.fedoraproject.org/results/gozer/ec2-utils/epel-7-$basearch/', + enabled => 1, + gpgcheck => 1, + gpgkey => 'https://copr-be.cloud.fedoraproject.org/results/gozer/ec2-utils/pubkey.gpg', +} + +package { 'ec2-net-utils': + ensure => latest, + require => [ + Yumrepo['ec2-net-utils'], + Yumrepo['epel'], + ] }-> +service { 'elastic-network-interfaces': + enable => true, +} + +package { 'supervisor': + ensure => latest, + require => [ + Package['epel-release'], + ] +} + +service {'supervisord': + enable => true, + require => [ + Package['supervisor'], + ], +} + +# Workaround for nubis_nat using hard-coded /usr/local/bin path +file { '/usr/local/bin/supervisord': + ensure => link, + target => '/usr/bin/supervisord', + require => [ + Package['supervisor'], + ] +} + class { 'nubis_nat': startup_order => '0-3', nat_in_interface => 'eth1', nat_out_interface => 'eth0', + require => [ + File['/usr/local/bin/supervisord'], + Package['supervisor'], + ], } diff --git a/nubis/puppet/conntrackd.pp b/nubis/puppet/conntrackd.pp new file mode 100644 index 0000000..c5bb9a8 --- /dev/null +++ b/nubis/puppet/conntrackd.pp @@ -0,0 +1,34 @@ +package { 'conntrack-tools': + ensure => latest, +}-> +service { 'conntrackd': + enable => false +} + +# Enable consul-template, base doesn't enable it yet +class { 'consul_template': + service_enable => true, + service_ensure => 'stopped', + version => '0.16.0', + user => 'root', + group => 'root', +} + +# Drop our template +file { "${consul_template::config_dir}/conntrackd.conf.ctmpl": + ensure => file, + owner => root, + group => root, + mode => '0644', + source => 'puppet:///nubis/files/conntrackd.conf.ctmpl', + require => [ + Class['consul_template'], + ], +} + +# Configure our navigation links +consul_template::watch { 'conntrackd.conf': + source => "${consul_template::config_dir}/conntrackd.conf.ctmpl", + destination => '/etc/conntrackd/conntrackd.conf', + command => '/usr/bin/systemctl restart conntrackd', +} diff --git a/nubis/puppet/squid_exporter.pp b/nubis/puppet/squid_exporter.pp index 652edb5..781a478 100644 --- a/nubis/puppet/squid_exporter.pp +++ b/nubis/puppet/squid_exporter.pp @@ -1,4 +1,4 @@ -$squid_exporter_version = '0.1' +$squid_exporter_version = '0.2' $squid_exporter_url = "https://github.com/boynux/squid-exporter/releases/download/v${squid_exporter_version}/squid-exporter" notice("Grabbing squid_exporter v${squid_exporter_version}") @@ -12,46 +12,11 @@ path => ['/sbin','/bin','/usr/sbin','/usr/bin','/usr/local/sbin','/usr/local/bin'], } -# Make sure its not running during packer build -# we start this up after our eni starts up -# startup will happen in nubis.d +systemd::unit_file { 'squid-exporter.service': + source => 'puppet:///nubis/files/squid-exporter.systemd', +}-> service { 'squid-exporter': - ensure => 'stopped', - enable => false, -} - -case $::osfamily { - 'RedHat': { - file { '/etc/init.d/squid-exporter': - ensure => file, - owner => root, - group => root, - mode => '0755', - source => 'puppet:///nubis/files/squid-exporter/squid-exporter.init', - before => Service['squid-exporter'], - } - } - 'Debian': { - file { '/etc/init/squid-exporter.conf': - ensure => file, - owner => root, - group => root, - mode => '0644', - source => 'puppet:///nubis/files/squid-exporter/squid-exporter.upstart', - before => Service['squid-exporter'], - } - file { '/etc/init/squid-exporter.override': - ensure => file, - owner => root, - group => root, - mode => '0644', - content => 'manual', - before => Service['squid-exporter'], - } - } - default: { - fail("Unsupported OS for squid-exporter ${::osfamily}") - } + enable => true, } file { '/etc/consul/svc-squid-exporter.json': @@ -61,11 +26,3 @@ mode => '0644', source => 'puppet:///nubis/files/squid-exporter/svc-squid-exporter.json', } - -file { '/etc/nubis.d/99-squid-exporter-startup': - ensure => file, - owner => root, - group => root, - mode => '0755', - source => 'puppet:///nubis/files/squid-exporter/99-squid-exporter-startup', -} From 626b0b559aa7a904802e7c4f8b7035422cdf995e Mon Sep 17 00:00:00 2001 From: "Nubisproject (Mozilla)" Date: Sat, 3 Feb 2018 00:00:42 +0000 Subject: [PATCH 8/9] Update builder artifacts for v2.1.0 release [skip ci] --- nubis/builder/artifacts/v2.1.0/AMIs.json | 13 + .../v2.1.0/amazon-ebs-centos-packages.pp | 1551 +++++++++++++++++ nubis/builder/project.json | 2 +- 3 files changed, 1565 insertions(+), 1 deletion(-) create mode 100644 nubis/builder/artifacts/v2.1.0/AMIs.json create mode 100644 nubis/builder/artifacts/v2.1.0/amazon-ebs-centos-packages.pp diff --git a/nubis/builder/artifacts/v2.1.0/AMIs.json b/nubis/builder/artifacts/v2.1.0/AMIs.json new file mode 100644 index 0000000..2d7ea25 --- /dev/null +++ b/nubis/builder/artifacts/v2.1.0/AMIs.json @@ -0,0 +1,13 @@ +{ + "builds": [ + { + "name": "amazon-ebs-centos", + "builder_type": "amazon-ebs", + "build_time": 1517616041, + "files": null, + "artifact_id": "ap-northeast-1:ami-1dfb917b,ap-northeast-2:ami-d41cbfba,ap-southeast-1:ami-c55413b9,ap-southeast-2:ami-4b27df29,eu-central-1:ami-d223b9bd,eu-west-1:ami-462f403f,sa-east-1:ami-d982cdb5,us-east-1:ami-4e252534,us-west-1:ami-5f030c3f,us-west-2:ami-c27cc6ba", + "packer_run_uuid": "6c33c2df-4692-2ac9-1806-2c85dd156388" + } + ], + "last_run_uuid": "6c33c2df-4692-2ac9-1806-2c85dd156388" +} \ No newline at end of file diff --git a/nubis/builder/artifacts/v2.1.0/amazon-ebs-centos-packages.pp b/nubis/builder/artifacts/v2.1.0/amazon-ebs-centos-packages.pp new file mode 100644 index 0000000..b22304b --- /dev/null +++ b/nubis/builder/artifacts/v2.1.0/amazon-ebs-centos-packages.pp @@ -0,0 +1,1551 @@ +package { 'Babel': + ensure => '0.9.6', +} +package { 'Cheetah': + ensure => '2.4.4', +} +package { 'GeoIP': + ensure => '1.5.0-11.el7', +} +package { 'IPy': + ensure => '0.75', +} +package { 'Jinja2': + ensure => '2.7.2', +} +package { 'Markdown': + ensure => '2.4.1', +} +package { 'MarkupSafe': + ensure => '0.11', +} +package { 'Pillow': + ensure => '2.0.0', +} +package { 'PyYAML': + ensure => '3.10-11.el7', +} +package { 'Pygments': + ensure => '1.4', +} +package { 'acl': + ensure => '2.2.51-12.el7', +} +package { 'asn1crypto': + ensure => '0.24.0', +} +package { 'at': + ensure => '3.1.13-22.el7_4.2', +} +package { 'audit': + ensure => '2.7.6-3.el7', +} +package { 'audit-libs': + ensure => '2.7.6-3.el7', +} +package { 'audit-libs-python': + ensure => '2.7.6-3.el7', +} +package { 'authconfig': + ensure => '6.2.8-30.el7', +} +package { 'autogen-libopts': + ensure => '5.18-5.el7', +} +package { 'avahi-libs': + ensure => '0.6.31-17.el7', +} +package { 'awscli': + ensure => '1.11.133-1.el7', +} +package { 'backports.ssl-match-hostname': + ensure => '3.4.0.2', +} +package { 'basesystem': + ensure => '10.0-7.el7.centos', +} +package { 'bash': + ensure => '4.2.46-29.el7_4', +} +package { 'bc': + ensure => '1.06.95-13.el7', +} +package { 'bigdecimal': + ensure => ['1.2.0'], +} +package { 'bind-libs': + ensure => '32:9.9.4-51.el7_4.2', +} +package { 'bind-libs-lite': + ensure => '32:9.9.4-51.el7_4.2', +} +package { 'bind-license': + ensure => '32:9.9.4-51.el7_4.2', +} +package { 'bind-utils': + ensure => '32:9.9.4-51.el7_4.2', +} +package { 'binutils': + ensure => '2.25.1-32.base.el7_4.2', +} +package { 'boto': + ensure => '2.45.0', +} +package { 'boto3': + ensure => '1.5.22', +} +package { 'botocore': + ensure => '1.8.36', +} +package { 'btrfs-progs': + ensure => '4.9.1-1.el7', +} +package { 'bzip2-libs': + ensure => '1.0.6-13.el7', +} +package { 'ca-certificates': + ensure => '2017.2.14-71.el7', +} +package { 'centos-logos': + ensure => '70.0.6-3.el7.centos', +} +package { 'centos-release': + ensure => '7-4.1708.el7.centos', +} +package { 'cffi': + ensure => '1.11.4', +} +package { 'chardet': + ensure => '2.2.1', +} +package { 'checkpolicy': + ensure => '2.5-4.el7', +} +package { 'chkconfig': + ensure => '1.7.4-1.el7', +} +package { 'cloud-init': + ensure => '0.7.9-9.el7.centos.2', +} +package { 'cloud-utils-growpart': + ensure => '0.29-2.el7', +} +package { 'colorama': + ensure => '0.3.2', +} +package { 'colored': + ensure => ['1.2'], +} +package { 'configobj': + ensure => '4.7.2', +} +package { 'conntrack-tools': + ensure => '1.4.4-3.el7_3', +} +package { 'consulate': + ensure => '0.6.0', +} +package { 'coreutils': + ensure => '8.22-18.el7', +} +package { 'cpio': + ensure => '2.11-25.el7_4', +} +package { 'cpp': + ensure => '4.8.5-16.el7_4.1', +} +package { 'cracklib': + ensure => '2.9.0-11.el7', +} +package { 'cracklib-dicts': + ensure => '2.9.0-11.el7', +} +package { 'credstash': + ensure => '1.14.0', +} +package { 'cri': + ensure => ['2.6.1'], +} +package { 'cronie': + ensure => '1.4.11-17.el7', +} +package { 'cronie-anacron': + ensure => '1.4.11-17.el7', +} +package { 'crontabs': + ensure => '1.11-6.20121102git.el7', +} +package { 'cryptography': + ensure => '2.0.3', +} +package { 'cryptsetup-libs': + ensure => '1.7.4-3.el7_4.1', +} +package { 'cups-client': + ensure => '1:1.6.3-29.el7', +} +package { 'cups-libs': + ensure => '1:1.6.3-29.el7', +} +package { 'curl': + ensure => '7.29.0-42.el7_4.1', +} +package { 'cyrus-sasl-lib': + ensure => '2.1.26-21.el7', +} +package { 'dbus': + ensure => '1:1.6.12-17.el7', +} +package { 'dbus-glib': + ensure => '0.100-7.el7', +} +package { 'dbus-libs': + ensure => '1:1.6.12-17.el7', +} +package { 'dbus-python': + ensure => '1.1.1-9.el7', +} +package { 'decorator': + ensure => '3.4.0', +} +package { 'deep_merge': + ensure => ['1.0.1'], +} +package { 'device-mapper': + ensure => '7:1.02.140-8.el7', +} +package { 'device-mapper-libs': + ensure => '7:1.02.140-8.el7', +} +package { 'dhclient': + ensure => '12:4.2.5-58.el7.centos.1', +} +package { 'dhcp-common': + ensure => '12:4.2.5-58.el7.centos.1', +} +package { 'dhcp-libs': + ensure => '12:4.2.5-58.el7.centos.1', +} +package { 'diffutils': + ensure => '3.3-4.el7', +} +package { 'dmidecode': + ensure => '1:3.0-5.el7', +} +package { 'dnsmasq': + ensure => '2.76-2.el7_4.2', +} +package { 'docutils': + ensure => '0.11', +} +package { 'dracut': + ensure => '033-502.el7_4.1', +} +package { 'dracut-config-generic': + ensure => '033-502.el7_4.1', +} +package { 'dracut-config-rescue': + ensure => '033-502.el7_4.1', +} +package { 'dracut-network': + ensure => '033-502.el7_4.1', +} +package { 'duo_unix': + ensure => '1.10.1-0.el7', +} +package { 'e2fsprogs': + ensure => '1.42.9-10.el7', +} +package { 'e2fsprogs-libs': + ensure => '1.42.9-10.el7', +} +package { 'ec2-net-utils': + ensure => '0.5-4.el7.centos', +} +package { 'ed': + ensure => '1.9-4.el7', +} +package { 'elfutils-default-yama-scope': + ensure => '0.168-8.el7', +} +package { 'elfutils-libelf': + ensure => '0.168-8.el7', +} +package { 'elfutils-libs': + ensure => '0.168-8.el7', +} +package { 'enum34': + ensure => '1.1.6', +} +package { 'epel-release': + ensure => '7-11', +} +package { 'ethtool': + ensure => '2:4.8-1.el7', +} +package { 'expat': + ensure => '2.1.0-10.el7_3', +} +package { 'facter': + ensure => ['3.6.8'], +} +package { 'faraday': + ensure => ['0.9.2'], +} +package { 'faraday_middleware': + ensure => ['0.10.1'], +} +package { 'fast_gettext': + ensure => ['1.1.0'], +} +package { 'file': + ensure => '5.11-33.el7', +} +package { 'file-libs': + ensure => '5.11-33.el7', +} +package { 'filesystem': + ensure => '3.2-21.el7', +} +package { 'findutils': + ensure => '1:4.5.11-5.el7', +} +package { 'fipscheck': + ensure => '1.4.1-6.el7', +} +package { 'fipscheck-lib': + ensure => '1.4.1-6.el7', +} +package { 'freetype': + ensure => '2.4.11-15.el7', +} +package { 'futures': + ensure => '3.0.5', +} +package { 'gawk': + ensure => '4.0.2-4.el7_3.1', +} +package { 'gcc': + ensure => '4.8.5-16.el7_4.1', +} +package { 'gdbm': + ensure => '1.10-8.el7', +} +package { 'gettext': + ensure => '0.19.8.1-2.el7', +} +package { 'gettext-libs': + ensure => '0.19.8.1-2.el7', +} +package { 'gettext-setup': + ensure => ['0.20'], +} +package { 'git': + ensure => '1.8.3.1-12.el7_4', +} +package { 'glib-networking': + ensure => '2.50.0-1.el7', +} +package { 'glib2': + ensure => '2.50.3-3.el7', +} +package { 'glibc': + ensure => '2.17-196.el7_4.2', +} +package { 'glibc-common': + ensure => '2.17-196.el7_4.2', +} +package { 'glibc-devel': + ensure => '2.17-196.el7_4.2', +} +package { 'glibc-headers': + ensure => '2.17-196.el7_4.2', +} +package { 'gmp': + ensure => '1:6.0.0-15.el7', +} +package { 'gnupg2': + ensure => '2.0.22-4.el7', +} +package { 'gnutls': + ensure => '3.3.26-9.el7', +} +package { 'gobject-introspection': + ensure => '1.50.0-1.el7', +} +package { 'gpg-pubkey': + ensure => '4bd6ec30-4c37bb40', +} +package { 'gpgme': + ensure => '1.3.2-5.el7', +} +package { 'gpm-libs': + ensure => '1.20.7-5.el7', +} +package { 'grep': + ensure => '2.20-3.el7', +} +package { 'groff-base': + ensure => '1.22.2-8.el7', +} +package { 'grub2': + ensure => '1:2.02-0.65.el7.centos.2', +} +package { 'grub2-common': + ensure => '1:2.02-0.65.el7.centos.2', +} +package { 'grub2-pc': + ensure => '1:2.02-0.65.el7.centos.2', +} +package { 'grub2-pc-modules': + ensure => '1:2.02-0.65.el7.centos.2', +} +package { 'grub2-tools': + ensure => '1:2.02-0.65.el7.centos.2', +} +package { 'grub2-tools-extra': + ensure => '1:2.02-0.65.el7.centos.2', +} +package { 'grub2-tools-minimal': + ensure => '1:2.02-0.65.el7.centos.2', +} +package { 'grubby': + ensure => '8.28-23.el7', +} +package { 'gsettings-desktop-schemas': + ensure => '3.22.0-1.el7', +} +package { 'gssproxy': + ensure => '0.7.0-4.el7', +} +package { 'gzip': + ensure => '1.5-9.el7', +} +package { 'hardlink': + ensure => '1:1.0-19.el7', +} +package { 'hiera': + ensure => ['3.3.2'], +} +package { 'hocon': + ensure => ['1.2.5'], +} +package { 'hostname': + ensure => '3.13-3.el7', +} +package { 'hwdata': + ensure => '0.252-8.6.el7', +} +package { 'idna': + ensure => '2.6', +} +package { 'info': + ensure => '5.1-4.el7', +} +package { 'iniparse': + ensure => '0.4', +} +package { 'initscripts': + ensure => '9.49.39-1.el7_4.1', +} +package { 'io-console': + ensure => ['0.4.2'], +} +package { 'ipaddress': + ensure => '1.0.19', +} +package { 'iproute': + ensure => '3.10.0-87.el7', +} +package { 'iptables': + ensure => '1.4.21-18.2.el7_4', +} +package { 'iputils': + ensure => '20160308-10.el7', +} +package { 'irqbalance': + ensure => '3:1.0.7-10.el7', +} +package { 'iwl7265-firmware': + ensure => '22.0.7.0-58.el7_4', +} +package { 'jansson': + ensure => '2.10-1.el7', +} +package { 'jbigkit-libs': + ensure => '2.0-11.el7', +} +package { 'jmespath': + ensure => '0.9.0', +} +package { 'jq': + ensure => '1.5-1.el7', +} +package { 'json': + ensure => ['1.7.7'], +} +package { 'json-c': + ensure => '0.11-4.el7_0', +} +package { 'jsonpatch': + ensure => '1.2', +} +package { 'jsonpointer': + ensure => '1.9', +} +package { 'kbd': + ensure => '1.15.5-13.el7', +} +package { 'kbd-legacy': + ensure => '1.15.5-13.el7', +} +package { 'kbd-misc': + ensure => '1.15.5-13.el7', +} +package { 'kernel': + ensure => '3.10.0-693.17.1.el7', +} +package { 'kernel-headers': + ensure => '3.10.0-693.17.1.el7', +} +package { 'kernel-tools': + ensure => '3.10.0-693.17.1.el7', +} +package { 'kernel-tools-libs': + ensure => '3.10.0-693.17.1.el7', +} +package { 'kexec-tools': + ensure => '2.0.14-17.2.el7', +} +package { 'keyutils': + ensure => '1.5.8-3.el7', +} +package { 'keyutils-libs': + ensure => '1.5.8-3.el7', +} +package { 'kitchen': + ensure => '1.1.1', +} +package { 'kmod': + ensure => '20-15.el7_4.7', +} +package { 'kmod-libs': + ensure => '20-15.el7_4.7', +} +package { 'kpartx': + ensure => '0.4.9-111.el7_4.2', +} +package { 'krb5-libs': + ensure => '1.15.1-8.el7', +} +package { 'less': + ensure => '458-9.el7', +} +package { 'libacl': + ensure => '2.2.51-12.el7', +} +package { 'libassuan': + ensure => '2.1.0-3.el7', +} +package { 'libattr': + ensure => '2.4.46-12.el7', +} +package { 'libbasicobjects': + ensure => '0.1.1-27.el7', +} +package { 'libblkid': + ensure => '2.23.2-43.el7_4.2', +} +package { 'libcap': + ensure => '2.22-9.el7', +} +package { 'libcap-ng': + ensure => '0.7.5-4.el7', +} +package { 'libcgroup': + ensure => '0.41-13.el7', +} +package { 'libcollection': + ensure => '0.6.2-27.el7', +} +package { 'libcom_err': + ensure => '1.42.9-10.el7', +} +package { 'libcroco': + ensure => '0.6.11-1.el7', +} +package { 'libcurl': + ensure => '7.29.0-42.el7_4.1', +} +package { 'libdaemon': + ensure => '0.14-7.el7', +} +package { 'libdb': + ensure => '5.3.21-21.el7_4', +} +package { 'libdb-utils': + ensure => '5.3.21-21.el7_4', +} +package { 'libecap': + ensure => '1.0.0-1.el7', +} +package { 'libedit': + ensure => '3.0-12.20121213cvs.el7', +} +package { 'libestr': + ensure => '0.1.9-2.el7', +} +package { 'libevent': + ensure => '2.0.21-4.el7', +} +package { 'libfastjson': + ensure => '0.99.4-2.el7', +} +package { 'libffi': + ensure => '3.0.13-18.el7', +} +package { 'libgcc': + ensure => '4.8.5-16.el7_4.1', +} +package { 'libgcrypt': + ensure => '1.5.3-14.el7', +} +package { 'libgnome-keyring': + ensure => '3.12.0-1.el7', +} +package { 'libgomp': + ensure => '4.8.5-16.el7_4.1', +} +package { 'libgpg-error': + ensure => '1.12-3.el7', +} +package { 'libgudev1': + ensure => '219-42.el7_4.7', +} +package { 'libidn': + ensure => '1.28-4.el7', +} +package { 'libini_config': + ensure => '1.3.0-27.el7', +} +package { 'libjpeg-turbo': + ensure => '1.2.90-5.el7', +} +package { 'libmnl': + ensure => '1.0.3-7.el7', +} +package { 'libmodman': + ensure => '2.0.1-8.el7', +} +package { 'libmount': + ensure => '2.23.2-43.el7_4.2', +} +package { 'libmpc': + ensure => '1.0.1-3.el7', +} +package { 'libndp': + ensure => '1.2-7.el7', +} +package { 'libnetfilter_conntrack': + ensure => '1.0.6-1.el7_3', +} +package { 'libnetfilter_cthelper': + ensure => '1.0.0-9.el7', +} +package { 'libnetfilter_cttimeout': + ensure => '1.0.0-6.el7', +} +package { 'libnetfilter_queue': + ensure => '1.0.2-2.el7_2', +} +package { 'libnfnetlink': + ensure => '1.0.1-4.el7', +} +package { 'libnfsidmap': + ensure => '0.25-17.el7', +} +package { 'libnl3': + ensure => '3.2.28-4.el7', +} +package { 'libnl3-cli': + ensure => '3.2.28-4.el7', +} +package { 'libpath_utils': + ensure => '0.2.1-27.el7', +} +package { 'libpcap': + ensure => '14:1.5.3-9.el7', +} +package { 'libpipeline': + ensure => '1.2.3-3.el7', +} +package { 'libproxy': + ensure => '0.4.11-10.el7', +} +package { 'libpwquality': + ensure => '1.2.3-4.el7', +} +package { 'libref_array': + ensure => '0.1.5-27.el7', +} +package { 'libseccomp': + ensure => '2.3.1-3.el7', +} +package { 'libselinux': + ensure => '2.5-11.el7', +} +package { 'libselinux-python': + ensure => '2.5-11.el7', +} +package { 'libselinux-utils': + ensure => '2.5-11.el7', +} +package { 'libsemanage': + ensure => '2.5-8.el7', +} +package { 'libsemanage-python': + ensure => '2.5-8.el7', +} +package { 'libsepol': + ensure => '2.5-6.el7', +} +package { 'libsoup': + ensure => '2.56.0-4.el7_4', +} +package { 'libss': + ensure => '1.42.9-10.el7', +} +package { 'libssh2': + ensure => '1.4.3-10.el7_2.1', +} +package { 'libstdc++': + ensure => '4.8.5-16.el7_4.1', +} +package { 'libsysfs': + ensure => '2.1.0-16.el7', +} +package { 'libtalloc': + ensure => '2.1.9-1.el7', +} +package { 'libtasn1': + ensure => '4.10-1.el7', +} +package { 'libteam': + ensure => '1.25-5.el7', +} +package { 'libtevent': + ensure => '0.9.31-1.el7', +} +package { 'libtiff': + ensure => '4.0.3-27.el7_3', +} +package { 'libtirpc': + ensure => '0.2.4-0.10.el7', +} +package { 'libtool-ltdl': + ensure => '2.4.2-22.el7_3', +} +package { 'libunistring': + ensure => '0.9.3-9.el7', +} +package { 'libuser': + ensure => '0.60-7.el7_1', +} +package { 'libutempter': + ensure => '1.1.6-4.el7', +} +package { 'libuuid': + ensure => '2.23.2-43.el7_4.2', +} +package { 'libverto': + ensure => '0.2.5-4.el7', +} +package { 'libverto-tevent': + ensure => '0.2.5-4.el7', +} +package { 'libwebp': + ensure => '0.3.0-7.el7', +} +package { 'libxml2': + ensure => '2.9.1-6.el7_2.3', +} +package { 'libxml2-python': + ensure => '2.9.1-6.el7_2.3', +} +package { 'libyaml': + ensure => '0.1.4-11.el7_0', +} +package { 'linux-firmware': + ensure => '20170606-58.gitc990aae.el7_4', +} +package { 'locale': + ensure => ['2.1.2'], +} +package { 'log4r': + ensure => ['1.1.10'], +} +package { 'logrotate': + ensure => '3.8.6-14.el7', +} +package { 'lua': + ensure => '5.1.4-15.el7', +} +package { 'lzo': + ensure => '2.06-8.el7', +} +package { 'm4': + ensure => '1.4.16-10.el7', +} +package { 'mailx': + ensure => '12.5-16.el7', +} +package { 'make': + ensure => '1:3.82-23.el7', +} +package { 'man-db': + ensure => '2.6.3-9.el7', +} +package { 'mariadb-libs': + ensure => '1:5.5.56-2.el7', +} +package { 'meld3': + ensure => '0.6.10', +} +package { 'microcode_ctl': + ensure => '2:2.1-22.5.el7_4', +} +package { 'mig-agent': + ensure => '20160715_0.a06734a.prod-1', +} +package { 'minitar': + ensure => ['0.6.1'], +} +package { 'minitest': + ensure => ['4.7.5'], +} +package { 'mozjs17': + ensure => '17.0.0-19.el7', +} +package { 'mpfr': + ensure => '3.1.1-4.el7', +} +package { 'multi_json': + ensure => ['1.13.1'], +} +package { 'multipart-post': + ensure => ['2.0.0'], +} +package { 'ncurses': + ensure => '5.9-14.20130511.el7_4', +} +package { 'ncurses-base': + ensure => '5.9-14.20130511.el7_4', +} +package { 'ncurses-libs': + ensure => '5.9-14.20130511.el7_4', +} +package { 'net-ssh': + ensure => ['4.1.0'], +} +package { 'net-tools': + ensure => '2.0-0.22.20131004git.el7', +} +package { 'nettle': + ensure => '2.7.1-8.el7', +} +package { 'newt': + ensure => '0.52.15-4.el7', +} +package { 'newt-python': + ensure => '0.52.15-4.el7', +} +package { 'nfs-utils': + ensure => '1:1.3.0-0.48.el7_4.1', +} +package { 'nspr': + ensure => '4.13.1-1.0.el7_3', +} +package { 'nss': + ensure => '3.28.4-15.el7_4', +} +package { 'nss-pem': + ensure => '1.0.3-4.el7', +} +package { 'nss-softokn': + ensure => '3.28.3-8.el7_4', +} +package { 'nss-softokn-freebl': + ensure => '3.28.3-8.el7_4', +} +package { 'nss-sysinit': + ensure => '3.28.4-15.el7_4', +} +package { 'nss-tools': + ensure => '3.28.4-15.el7_4', +} +package { 'nss-util': + ensure => '3.28.4-3.el7', +} +package { 'ntp': + ensure => '4.2.6p5-25.el7.centos.2', +} +package { 'ntpdate': + ensure => '4.2.6p5-25.el7.centos.2', +} +package { 'numactl-libs': + ensure => '2.0.9-6.el7_2', +} +package { 'oniguruma': + ensure => '5.9.5-3.el7', +} +package { 'openldap': + ensure => '2.4.44-5.el7', +} +package { 'openssh': + ensure => '7.4p1-13.el7_4', +} +package { 'openssh-clients': + ensure => '7.4p1-13.el7_4', +} +package { 'openssh-server': + ensure => '7.4p1-13.el7_4', +} +package { 'openssl': + ensure => '1:1.0.2k-8.el7', +} +package { 'openssl-libs': + ensure => '1:1.0.2k-8.el7', +} +package { 'os-prober': + ensure => '1.58-9.el7', +} +package { 'p11-kit': + ensure => '0.23.5-3.el7', +} +package { 'p11-kit-trust': + ensure => '0.23.5-3.el7', +} +package { 'pam': + ensure => '1.1.8-18.el7', +} +package { 'parted': + ensure => '3.1-28.el7', +} +package { 'passwd': + ensure => '0.79-4.el7', +} +package { 'patch': + ensure => '2.7.1-8.el7', +} +package { 'pciutils': + ensure => '3.5.1-2.el7', +} +package { 'pciutils-libs': + ensure => '3.5.1-2.el7', +} +package { 'pcre': + ensure => '8.32-17.el7', +} +package { 'perf': + ensure => '0.1', +} +package { 'perl': + ensure => '4:5.16.3-292.el7', +} +package { 'perl-Carp': + ensure => '1.26-244.el7', +} +package { 'perl-Compress-Raw-Bzip2': + ensure => '2.061-3.el7', +} +package { 'perl-Compress-Raw-Zlib': + ensure => '1:2.061-4.el7', +} +package { 'perl-DBI': + ensure => '1.627-4.el7', +} +package { 'perl-Data-Dumper': + ensure => '2.145-3.el7', +} +package { 'perl-Digest': + ensure => '1.17-245.el7', +} +package { 'perl-Digest-MD5': + ensure => '2.52-3.el7', +} +package { 'perl-Encode': + ensure => '2.51-7.el7', +} +package { 'perl-Error': + ensure => '1:0.17020-2.el7', +} +package { 'perl-Exporter': + ensure => '5.68-3.el7', +} +package { 'perl-File-Path': + ensure => '2.09-2.el7', +} +package { 'perl-File-Temp': + ensure => '0.23.01-3.el7', +} +package { 'perl-Filter': + ensure => '1.49-3.el7', +} +package { 'perl-Getopt-Long': + ensure => '2.40-2.el7', +} +package { 'perl-Git': + ensure => '1.8.3.1-12.el7_4', +} +package { 'perl-HTTP-Tiny': + ensure => '0.033-3.el7', +} +package { 'perl-IO-Compress': + ensure => '2.061-2.el7', +} +package { 'perl-Net-Daemon': + ensure => '0.48-5.el7', +} +package { 'perl-PathTools': + ensure => '3.40-5.el7', +} +package { 'perl-PlRPC': + ensure => '0.2020-14.el7', +} +package { 'perl-Pod-Escapes': + ensure => '1:1.04-292.el7', +} +package { 'perl-Pod-Perldoc': + ensure => '3.20-4.el7', +} +package { 'perl-Pod-Simple': + ensure => '1:3.28-4.el7', +} +package { 'perl-Pod-Usage': + ensure => '1.63-3.el7', +} +package { 'perl-Scalar-List-Utils': + ensure => '1.27-248.el7', +} +package { 'perl-Socket': + ensure => '2.010-4.el7', +} +package { 'perl-Storable': + ensure => '2.45-3.el7', +} +package { 'perl-TermReadKey': + ensure => '2.30-20.el7', +} +package { 'perl-Text-ParseWords': + ensure => '3.29-4.el7', +} +package { 'perl-Time-HiRes': + ensure => '4:1.9725-3.el7', +} +package { 'perl-Time-Local': + ensure => '1.2300-2.el7', +} +package { 'perl-constant': + ensure => '1.27-2.el7', +} +package { 'perl-libs': + ensure => '4:5.16.3-292.el7', +} +package { 'perl-macros': + ensure => '4:5.16.3-292.el7', +} +package { 'perl-parent': + ensure => '1:0.225-244.el7', +} +package { 'perl-podlators': + ensure => '2.5.1-3.el7', +} +package { 'perl-threads': + ensure => '1.87-4.el7', +} +package { 'perl-threads-shared': + ensure => '1.43-6.el7', +} +package { 'pinentry': + ensure => '0.8.1-17.el7', +} +package { 'pip': + ensure => '8.1.2', +} +package { 'pkgconfig': + ensure => '1:0.27.1-4.el7', +} +package { 'policycoreutils': + ensure => '2.5-17.1.el7', +} +package { 'policycoreutils-default-encoding': + ensure => '0.1', +} +package { 'policycoreutils-python': + ensure => '2.5-17.1.el7', +} +package { 'polkit': + ensure => '0.112-12.el7_3', +} +package { 'polkit-pkla-compat': + ensure => '0.1-4.el7', +} +package { 'popt': + ensure => '1.13-16.el7', +} +package { 'postfix': + ensure => '2:2.10.1-6.el7', +} +package { 'ppp': + ensure => '2.4.5-33.el7', +} +package { 'prettytable': + ensure => '0.7.2', +} +package { 'procps-ng': + ensure => '3.3.10-16.el7', +} +package { 'psmisc': + ensure => '22.20-15.el7', +} +package { 'psych': + ensure => ['2.0.0'], +} +package { 'pth': + ensure => '2.0.7-23.el7', +} +package { 'puppet': + ensure => ['4.10.9'], +} +package { 'puppet-agent': + ensure => '1.10.9-1.el7', +} +package { 'puppet_forge': + ensure => ['2.2.6'], +} +package { 'puppetlabs-release-pc1': + ensure => '1.1.0-5.el7', +} +package { 'pyasn1': + ensure => '0.1.9', +} +package { 'pycparser': + ensure => '2.18', +} +package { 'pycurl': + ensure => '7.19.0', +} +package { 'pygobject': + ensure => '3.22.0', +} +package { 'pygpgme': + ensure => '0.3-9.el7', +} +package { 'pyliblzma': + ensure => '0.5.3-11.el7', +} +package { 'pyserial': + ensure => '2.6-6.el7', +} +package { 'python': + ensure => '2.7.5-58.el7', +} +package { 'python-IPy': + ensure => '0.75-6.el7', +} +package { 'python-babel': + ensure => '0.9.6-8.el7', +} +package { 'python-backports': + ensure => '1.0-8.el7', +} +package { 'python-backports-ssl_match_hostname': + ensure => '3.4.0.2-4.el7', +} +package { 'python-chardet': + ensure => '2.2.1-1.el7_1', +} +package { 'python-cheetah': + ensure => '2.4.4-5.el7.centos', +} +package { 'python-colorama': + ensure => '0.3.2-3.el7', +} +package { 'python-configobj': + ensure => '4.7.2-7.el7', +} +package { 'python-dateutil': + ensure => '1.5-7.el7', +} +package { 'python-decorator': + ensure => '3.4.0-3.el7', +} +package { 'python-devel': + ensure => '2.7.5-58.el7', +} +package { 'python-docutils': + ensure => '0.11-0.2.20130715svn7687.el7', +} +package { 'python-gobject-base': + ensure => '3.22.0-1.el7_4.1', +} +package { 'python-iniparse': + ensure => '0.4-9.el7', +} +package { 'python-jinja2': + ensure => '2.7.2-2.el7', +} +package { 'python-jsonpatch': + ensure => '1.2-4.el7', +} +package { 'python-jsonpointer': + ensure => '1.9-2.el7', +} +package { 'python-kitchen': + ensure => '1.1.1-5.el7', +} +package { 'python-libs': + ensure => '2.7.5-58.el7', +} +package { 'python-linux-procfs': + ensure => '0.4.9-3.el7', +} +package { 'python-markdown': + ensure => '2.4.1-2.el7', +} +package { 'python-markupsafe': + ensure => '0.11-10.el7', +} +package { 'python-meld3': + ensure => '0.6.10-1.el7', +} +package { 'python-perf': + ensure => '3.10.0-693.17.1.el7', +} +package { 'python-pillow': + ensure => '2.0.0-19.gitd1c6db8.el7', +} +package { 'python-prettytable': + ensure => '0.7.2-3.el7', +} +package { 'python-pycurl': + ensure => '7.19.0-19.el7', +} +package { 'python-pygments': + ensure => '1.4-10.el7', +} +package { 'python-pyudev': + ensure => '0.15-9.el7', +} +package { 'python-requests': + ensure => '2.6.0-1.el7_1', +} +package { 'python-schedutils': + ensure => '0.4-6.el7', +} +package { 'python-setuptools': + ensure => '0.9.8-7.el7', +} +package { 'python-six': + ensure => '1.9.0-2.el7', +} +package { 'python-urlgrabber': + ensure => '3.10-8.el7', +} +package { 'python-urllib3': + ensure => '1.10.2-3.el7', +} +package { 'python2-boto': + ensure => '2.45.0-3.el7', +} +package { 'python2-botocore': + ensure => '1.6.0-1.el7', +} +package { 'python2-futures': + ensure => '3.0.5-1.el7', +} +package { 'python2-jmespath': + ensure => '0.9.0-3.el7', +} +package { 'python2-pip': + ensure => '8.1.2-5.el7', +} +package { 'python2-pyasn1': + ensure => '0.1.9-7.el7', +} +package { 'python2-rsa': + ensure => '3.4.1-1.el7', +} +package { 'python2-s3transfer': + ensure => '0.1.10-1.el7', +} +package { 'pyudev': + ensure => '0.15', +} +package { 'pyxattr': + ensure => '0.5.1-5.el7', +} +package { 'qrencode-libs': + ensure => '3.4.1-3.el7', +} +package { 'quota': + ensure => '1:4.01-14.el7', +} +package { 'quota-nls': + ensure => '1:4.01-14.el7', +} +package { 'r10k': + ensure => ['2.5.5'], +} +package { 'rake': + ensure => ['10.1.0'], +} +package { 'rdma-core': + ensure => '13-7.el7', +} +package { 'rdoc': + ensure => ['4.0.0'], +} +package { 'readline': + ensure => '6.2-10.el7', +} +package { 'redhat-lsb-core': + ensure => '4.1-27.el7.centos.1', +} +package { 'redhat-lsb-submod-security': + ensure => '4.1-27.el7.centos.1', +} +package { 'requests': + ensure => '2.6.0', +} +package { 'rootfiles': + ensure => '8.1-11.el7', +} +package { 'rpcbind': + ensure => '0.2.0-42.el7', +} +package { 'rpm': + ensure => '4.11.3-25.el7', +} +package { 'rpm-build-libs': + ensure => '4.11.3-25.el7', +} +package { 'rpm-libs': + ensure => '4.11.3-25.el7', +} +package { 'rpm-python': + ensure => '4.11.3-25.el7', +} +package { 'rsa': + ensure => '3.4.1', +} +package { 'rsync': + ensure => '3.0.9-18.el7', +} +package { 'rsyslog': + ensure => '8.24.0-12.el7', +} +package { 'ruby': + ensure => '2.0.0.648-30.el7', +} +package { 'ruby-devel': + ensure => '2.0.0.648-30.el7', +} +package { 'ruby-irb': + ensure => '2.0.0.648-30.el7', +} +package { 'ruby-libs': + ensure => '2.0.0.648-30.el7', +} +package { 'rubygem-bigdecimal': + ensure => '1.2.0-30.el7', +} +package { 'rubygem-io-console': + ensure => '0.4.2-30.el7', +} +package { 'rubygem-json': + ensure => '1.7.7-30.el7', +} +package { 'rubygem-psych': + ensure => '2.0.0-30.el7', +} +package { 'rubygem-rdoc': + ensure => '4.0.0-30.el7', +} +package { 'rubygems': + ensure => '2.0.14.1-30.el7', +} +package { 's3transfer': + ensure => '0.1.10', +} +package { 'schedutils': + ensure => '0.4', +} +package { 'sed': + ensure => '4.2.2-5.el7', +} +package { 'selinux-policy': + ensure => '3.13.1-166.el7_4.7', +} +package { 'selinux-policy-targeted': + ensure => '3.13.1-166.el7_4.7', +} +package { 'semantic_puppet': + ensure => ['0.1.2'], +} +package { 'seobject': + ensure => '0.1', +} +package { 'sepolicy': + ensure => '1.1', +} +package { 'setools-libs': + ensure => '3.3.8-1.1.el7', +} +package { 'setup': + ensure => '2.8.71-7.el7', +} +package { 'shadow-utils': + ensure => '2:4.1.5.1-24.el7', +} +package { 'shared-mime-info': + ensure => '1.8-3.el7', +} +package { 'six': + ensure => '1.9.0', +} +package { 'slang': + ensure => '2.2.4-11.el7', +} +package { 'snappy': + ensure => '1.1.0-3.el7', +} +package { 'spax': + ensure => '1.5.2-13.el7', +} +package { 'sqlite': + ensure => '3.7.17-8.el7', +} +package { 'squid': + ensure => '7:3.5.20-10.el7', +} +package { 'squid-migration-script': + ensure => '7:3.5.20-10.el7', +} +package { 'stomp': + ensure => ['1.3.3'], +} +package { 'sudo': + ensure => '1.8.19p2-11.el7_4', +} +package { 'supervisor': + ensure => '3.1.4-1.el7', +} +package { 'systemd': + ensure => '219-42.el7_4.7', +} +package { 'systemd-libs': + ensure => '219-42.el7_4.7', +} +package { 'systemd-sysv': + ensure => '219-42.el7_4.7', +} +package { 'sysvinit-tools': + ensure => '2.88-14.dsf.el7', +} +package { 'tar': + ensure => '2:1.26-32.el7', +} +package { 'tcp_wrappers': + ensure => '7.6-77.el7', +} +package { 'tcp_wrappers-libs': + ensure => '7.6-77.el7', +} +package { 'td-agent': + ensure => '3.1.1-0.el7', +} +package { 'teamd': + ensure => '1.25-5.el7', +} +package { 'test-unit': + ensure => ['2.1.9.0'], +} +package { 'text': + ensure => ['1.3.1'], +} +package { 'time': + ensure => '1.7-45.el7', +} +package { 'trousers': + ensure => '0.3.14-2.el7', +} +package { 'tuned': + ensure => '2.8.0-5.el7_4.2', +} +package { 'tzdata': + ensure => '2018c-1.el7', +} +package { 'unzip': + ensure => '6.0-16.el7', +} +package { 'urlgrabber': + ensure => '3.10', +} +package { 'urllib3': + ensure => '1.10.2', +} +package { 'ustr': + ensure => '1.0.4-16.el7', +} +package { 'util-linux': + ensure => '2.23.2-43.el7_4.2', +} +package { 'vim-common': + ensure => '2:7.4.160-2.el7', +} +package { 'vim-enhanced': + ensure => '2:7.4.160-2.el7', +} +package { 'vim-filesystem': + ensure => '2:7.4.160-2.el7', +} +package { 'vim-minimal': + ensure => '2:7.4.160-2.el7', +} +package { 'virt-what': + ensure => '1.13-10.el7', +} +package { 'wget': + ensure => '1.14-15.el7_4.1', +} +package { 'which': + ensure => '2.20-7.el7', +} +package { 'wpa_supplicant': + ensure => '1:2.6-5.el7_4.1', +} +package { 'xfsprogs': + ensure => '4.5.0-12.el7', +} +package { 'xz': + ensure => '5.2.2-1.el7', +} +package { 'xz-libs': + ensure => '5.2.2-1.el7', +} +package { 'yum': + ensure => '3.4.3-154.el7.centos.1', +} +package { 'yum-metadata-parser': + ensure => '1.1.4-10.el7', +} +package { 'yum-plugin-fastestmirror': + ensure => '1.1.31-42.el7', +} +package { 'yum-utils': + ensure => '1.1.31-42.el7', +} +package { 'zlib': + ensure => '1.2.7-17.el7', +} diff --git a/nubis/builder/project.json b/nubis/builder/project.json index ee5726e..7091fea 100644 --- a/nubis/builder/project.json +++ b/nubis/builder/project.json @@ -6,6 +6,6 @@ "deregister": "true", "project_description": "Creates a HA nat instance as well as a squid proxy", "project_name": "nubis-nat", - "project_version": "v2.1.0-rc1" + "project_version": "v2.1.0" } } From eb58198bbf486d84bf6c8016469061fd3136f021 Mon Sep 17 00:00:00 2001 From: "Nubisproject (Mozilla)" Date: Sat, 3 Feb 2018 00:01:49 +0000 Subject: [PATCH 9/9] Update CHANGELOG for v2.1.0 release [skip ci] --- CHANGELOG.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 69b4399..5f8578b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,34 @@ # Change Log +## [v2.0.4](https://github.com/nubisproject/nubis-nat/tree/v2.0.4) (2017-12-08) +[Full Changelog](https://github.com/nubisproject/nubis-nat/compare/v2.0.3...v2.0.4) + +**Implemented enhancements:** + +- Updating nubis-proxy puppet module [\#12](https://github.com/nubisproject/nubis-nat/issues/12) + +**Closed issues:** + +- \[squid-exporter\] Update squid exporter [\#206](https://github.com/nubisproject/nubis-nat/issues/206) +- Tag v2.0.4 release [\#215](https://github.com/nubisproject/nubis-nat/issues/215) + +**Merged pull requests:** + +- \[Centennial\] [\#214](https://github.com/nubisproject/nubis-nat/pull/214) ([gozer](https://github.com/gozer)) +- Use proper interface for squid exporter service [\#213](https://github.com/nubisproject/nubis-nat/pull/213) ([limed](https://github.com/limed)) + +## [v2.0.3](https://github.com/nubisproject/nubis-nat/tree/v2.0.3) (2017-11-02) +[Full Changelog](https://github.com/nubisproject/nubis-nat/compare/v2.0.2...v2.0.3) + +**Closed issues:** + +- Tag v2.0.3 release [\#210](https://github.com/nubisproject/nubis-nat/issues/210) + +**Merged pull requests:** + +- Merge v2.0.3 release into develop. \[skip ci\] [\#212](https://github.com/nubisproject/nubis-nat/pull/212) ([tinnightcap](https://github.com/tinnightcap)) +- Update CHANGELOG for v2.0.3 release \[skip ci\] [\#211](https://github.com/nubisproject/nubis-nat/pull/211) ([tinnightcap](https://github.com/tinnightcap)) + ## [v2.0.2](https://github.com/nubisproject/nubis-nat/tree/v2.0.2) (2017-10-24) [Full Changelog](https://github.com/nubisproject/nubis-nat/compare/v2.0.1...v2.0.2)