OP#586 add confdroid_java to puppet_collection

OP#563 add confdroid_selinux and confdroid_ssh
OP#547 add confdroid_automatic to puppet collection
2026-04-16 15:45:41 +02:00 · 2026-04-05 18:35:57 +02:00 · 2026-03-30 14:23:19 +02:00
2 changed files with 26 additions and 117 deletions
--- a/116
+++ b/116
@@ -1,116 +0,0 @@
-pipeline {
-    agent {
-      label 'puppet'
-    }
-
-    post {
-        always {
-            deleteDir() /* clean up our workspace */
-        }
-        success {
-            updateGitlabCommitStatus state: 'success'
-        }
-        failure {
-            updateGitlabCommitStatus state: 'failed'
-            step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'support@confdroid.com', sendToIndividuals: true])
-        }
-    }
-
-    options {
-          gitLabConnection('gitlab.confdroid.com')
-    }
-
-    stages {
-
-      stage('pull master') {
-        steps {
-          sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-            sh '''
-                git config user.name "Jenkins Server"
-                git config user.email jenkins@confdroid.com
-                # Ensure we're on the development branch (triggered by push)
-                git checkout development
-                # Create jenkins branch from development
-                git checkout -b jenkins-build-$BUILD_NUMBER
-                # Optionally merge master into jenkins to ensure compatibility
-                git merge origin/master --no-ff || { echo "Merge conflict detected"; exit 1; }
-            '''
-        }
-      }
-    }
-
-      stage('SonarScan') {
-         steps {
-            withCredentials([string(credentialsId: 'sonar-token-12ww1160', variable: 'SONAR_TOKEN')]) {
-              sh '''
-              /opt/sonar-scanner/bin/sonar-scanner \
-                -Dsonar.projectKey=puppet_collection \
-                -Dsonar.sources=. \
-                -Dsonar.host.url=https://sonarqube.confdroid.com \
-                -Dsonar.token=$SONAR_TOKEN
-                '''
-              }
-            }
-          }
-
-      stage('update repo') {
-        steps {
-          sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-            sh '''
-                git config user.name "Jenkins Server"
-                git config user.email jenkins@confdroid.com
-                git add -A && git commit -am "Recommit for updates in build $BUILD_NUMBER" || echo "No changes to commit"
-                git push origin HEAD:master
-            '''
-        }
-      }
-    }
-
-         stage('Mirror to Gitea') {
-             steps {
-                withCredentials([usernamePassword(
-                credentialsId: 'Jenkins-gitea',
-                usernameVariable: 'GITEA_USER',
-                passwordVariable: 'GITEA_TOKEN')]) {
-                script {
-                    // Checkout from GitLab (already done implicitly)
-                    sh '''
-                        git checkout master
-                        git pull origin master
-                        git branch -D development
-                        git branch -D jenkins-build-$BUILD_NUMBER
-                        git rm -f Jenkinsfile
-                        git rm -r --cached .vscode || echo "No .vscode to remove from git"
-                        git commit --amend --no-edit --allow-empty
-                        git remote add master https://sourcecode.confdroid.com/confdroid/puppet_collection.git
-                        git -c credential.helper="!f() { echo username=${GITEA_USER}; echo password=${GITEA_TOKEN}; }; f" \
-                        push master --mirror
-                    '''
-					}
-				}
-			}
-		}
-
-         stage('Mirror to Github - Grizzlycoda') {
-             steps {
-              sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-                sh '''
-                  git remote set-url --push master git@github.com:grizzlycoda/puppet_collection.git
-                  git push master --mirror
-                '''
-        }
-      }
-	  }
-
-         stage('Mirror to Github - 12ww1160') {
-             steps {
-              sshagent(['key-github-12ww160-not-grizzly']) {
-                sh '''
-                  git remote set-url --push master git@github.com:12ww1160/puppet_collection.git
-                  git push master --mirror
-                '''
-        }
-      }
-	  }
-  }
-}
--- a/README.md
+++ b/README.md
@@ -18,6 +18,9 @@
    - [confdroid\_fail2ban](#confdroid_fail2ban)
    - [control repo template](#control-repo-template)
    - [confdroid\_automatic](#confdroid_automatic)
+    - [confdroid\_selinux](#confdroid_selinux)
+    - [confdroid\_ssh](#confdroid_ssh)
+    - [confdroid\_java](#confdroid_java)
  - [FAQ](#faq)

 ## Summary
@@ -137,16 +140,38 @@ A template for starting a r10k control repo in a new puppet infrastructure

 ### [confdroid_automatic](https://3for.me/wglig)

-Install, configure and manage automatic OS system updates on RHEL-9 like operating systems using DNF. 
+Install, configure and manage automatic OS system updates on RHEL-9 like operating systems using DNF.

 - install required binaries,
 - manage files and directories with proper selinux context
 - manage main configurations files via parameters
 - manage service

+### [confdroid_selinux](https://3for.me/z2tsi)
+
+- Install binaries required for selinux and related tools
+- manage /etc/sysconfig/selinux file (file system permissions, selinux context, content)
+- manage current selinux status (permissive,enforcing)
+
+### [confdroid_ssh](https://3for.me/jhjim)
+
+Install, configure and manage SSHD and ssh settings
+
+- install required binaries
+- manage local custom configuration based on parameters, overriding the defaults
+- manage selinux rules
+- manage service
+- (optional) manage firewall
+
+### [confdroid_java](https://3for.me/erwc5)
+
+Install java binaries for usage with other modules, i.e. confdroid_jenkins, as specified in parameters.
+
 ---

 ## FAQ

 - Q: "Why are the names of the modules using underscore instead of hyphens?"
  A: The modules are best deployed through the [R10k](https://github.com/puppetlabs/r10k) service using a Puppetfile. The deployment process using Puppetfile would convert the name of say "confdroid-postgresql" into a module called "confdroid" locally on the puppet server, cutting off everything after the hyphen. It also would then not deploy more than one module, because they all would be called "confdroid"
+- Q: "why is always only Rocky 9 listed as supported OS"?
+  A: In fact **any** RHEL-9 based OS should work. But  all modules are thoroughly being tested under Rocky 9 as OS of choice.
Author	SHA1	Message	Date
12ww1160	e2cc14b686	OP#586 add confdroid_java to puppet_collection	2026-04-16 15:45:41 +02:00
12ww1160	96d82469f5	OP#563 add confdroid_selinux and confdroid_ssh	2026-04-05 18:35:57 +02:00
12ww1160	ad60e1498d	OP#547 add confdroid_automatic to puppet collection	2026-03-30 14:23:19 +02:00