Puppet: managing directories recursively
This is not very obvious from Puppet's TypeReference, but you can manage directories in a very interesting way:
- Recursively copy a directory from the filestore to a client _and_
- remove all unmanaged files
- You can deploy an empty directory,
- Fill this directory using seperate file resources, possibly from other modules (or even other nodes, if you use exported resources)
- Everything puppet did not put into the directory gets removed.
We're using this approach for all sorts of configuration directories, including:
- APT's sources.list.d and apt.conf.d
- Debian-Apache2's sites-available/sites-enabled
- Debian-Exim4's conf.d (including subdirectories)
- Bacula director/Munin configuration (in combination with the concatenated_file type)
- prepare a directory in your module filestore which will be the (usually empty) source directory
I often put a README file in there, explaining what's going on. - add this code snippet for managing the target directory:
file { "/etc/exim4/conf.d": ensure => directory, # so make this a directory recurse => true, # enable recursive directory management purge => true, # purge all unmanaged junk force => true, # also purge subdirs and links etc. owner => "root", group => "root", mode => 0644, # this mode will also apply to files from the source directory # puppet will automatically set +x for directories source => "puppet:///exim/exim4-conf.d-empty", } - add one or more file resources which deploy files into the target directory, example:
file { "/etc/exim4/conf.d/router/400_testrouter": ensure => present, owner => "root", group => "root", mode => 0644, source => "puppet:///exim/exim4-conf.d/router/400_testrouter", }
file { "/etc/exim4/conf.d/acl":
ensure => directory,
owner => "root",
group => "root",
mode => 0755,
}