proxmox4/manifests/params.pp

58 lines
2.5 KiB
Puppet

# == Class: proxmox4::params
#
class proxmox4::params {
case $::osfamily {
'Debian': {
if $::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '8.0') >= 0 {
# Virtual Environment packages
$ve_pkg_ensure = 'present'
$ve_pkg_name = [ 'proxmox-ve', 'ksm-control-daemon', 'open-iscsi', 'pve-firmware' ]
# PVE Kernel
$kernel_pkg_name = [ 'pve-kernel-4.4.16-1-pve' ]
# Recommended packages
$rec_pkg_name = [ 'bridge-utils', 'lvm2', 'ntp', 'postfix', 'ssh' ]
# Old useless packages
$old_pkg_ensure = 'absent'
$old_pkg_name = [ 'acpid', 'linux-image-amd64', 'linux-base', 'linux-image-3.16.0-4-amd64' ]
# Manage PVE Enterprise repository (need a subscription)
$pve_enterprise_repo_ensure = 'absent'
# Pveproxy access restriction
$pveproxy_default_path = '/etc/default/pveproxy'
$pveproxy_default_content = 'proxmox4/hypervisor/pveproxy_default.erb'
$pveproxy_allow = '127.0.0.1'
$pveproxy_deny = 'all'
$pveproxy_policy = 'allow'
$pveproxy_service_name = 'pveproxy'
$pveproxy_service_manage = true
$pveproxy_service_enabled = true
# Manage additionnals modules
$pve_modules_list = [ 'iptable_filter', 'iptable_mangle', 'iptable_nat', 'ipt_length', 'ipt_limit', 'ipt_LOG', 'ipt_MASQUERADE', 'ipt_multiport', 'ipt_owner', 'ipt_recent', 'ipt_REDIRECT', 'ipt_REJECT', 'ipt_state', 'ipt_TCPMSS', 'ipt_tcpmss', 'ipt_TOS', 'ipt_tos', 'ip_conntrack', 'ip_nat_ftp', 'xt_iprange', 'xt_comment', 'ip6table_filter', 'ip6table_mangle', 'ip6t_REJECT' ]
$pve_modules_file_path = '/etc/modules-load.d/proxmox.conf'
$pve_modules_file_content = 'proxmox4/hypervisor/proxmox_modules.conf.erb'
# Boot
$pve_lvm_delay = true
$init_lvm_script_path = '/etc/initramfs-tools/scripts/local-top/lvm-manual'
$init_lvm_script_content = 'proxmox4/hypervisor/initramfs-lvm-manual.erb'
# Firewall
$labs_firewall_rule = false
}
}
default: {
fail("Proxmox Virtual Environment only works with Debian system; And the OpenVZ configuration has been tested only with Debian family; So osfamily (${::osfamily}) or lsbdistid (${::lsbdistid}) is unsupported")
}
}
} # Private class: proxmox4::params