reset repo

4 files changed, 261 insertions, 0 deletions

diff --git a/var/www/html/CentOS-Base.repo b/var/www/html/CentOS-Base.repo
new file mode 100644
index 0000000..449198b
--- /dev/null
+++ b/var/www/html/CentOS-Base.repo
@@ -0,0 +1,52 @@
+# CentOS-Base.repo
+#
+# The mirror system uses the connecting IP address of the client and the
+# update status of each mirror to pick mirrors that are updated to and
+# geographically close to the client.  You should use this for CentOS updates
+# unless you are manually picking other mirrors.
+#
+# If the baseurl= does not work for you, as a fall back you can try the 
+# remarked out baseurl= line instead.
+#
+#
+
+[base]
+name=CentOS-$releasever - Base
+baseurl=http://192.168.0.159/Centos/$releasever/os/$basearch/
+#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
+
+#released updates 
+[updates]
+name=CentOS-$releasever - Updates
+baseurl=http://192.168.0.159/Centos/$releasever/updates/$basearch/
+#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
+
+#additional packages that may be useful
+[extras]
+name=CentOS-$releasever - Extras
+baseurl=http://192.168.0.159/Centos/$releasever/extras/$basearch/
+#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
+
+#additional packages that extend functionality of existing packages
+[centosplus]
+name=CentOS-$releasever - Plus
+baseurl=http://192.168.0.159/Centos/$releasever/centosplus/$basearch/
+#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
+gpgcheck=1
+enabled=0
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
+
+#contrib - packages by Centos Users
+[contrib]
+name=CentOS-$releasever - Contrib
+baseurl=http://192.168.0.159/Centos/$releasever/contrib/$basearch
+#baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/
+gpgcheck=1
+enabled=0
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
diff --git a/var/www/html/cfengine/failsafe.cf b/var/www/html/cfengine/failsafe.cf
new file mode 100644
index 0000000..52215b9
--- /dev/null
+++ b/var/www/html/cfengine/failsafe.cf
@@ -0,0 +1,22 @@
+# failsafe file, do not change!
+
+body common control
+{
+    bundlesequence => { "update" };
+
+    inputs => { "update.cf" };
+}
+
+############################################
+
+body depth_search recurse(d)
+{
+    depth => "$(d)";
+}
+
+body depth_search recurse_ignore(d,list)
+{
+    depth => "$(d)";
+    exclude_dirs => { @(list) };
+}
+
diff --git a/var/www/html/cfengine/update.cf b/var/www/html/cfengine/update.cf
new file mode 100644
index 0000000..039636c
--- /dev/null
+++ b/var/www/html/cfengine/update.cf
@@ -0,0 +1,132 @@
+# update promises
+
+bundle agent update
+{
+    vars:
+
+        any::
+
+            "master_server"   string => "phost1.eurospider.com";
+
+            "master_location" string => "/var/cfengine/masterfiles";
+
+            "ignore_list"     slist  => { "\.svn", ".*~" };
+
+        redhat|freebsd::
+
+            "inputs_location" string => "$(sys.workdir)/inputs/.";
+
+        debian::
+
+            "inputs_location" string => "/etc/cfengine3/.";
+
+    files:
+
+        any::
+
+            "$(sys.workdir)/."
+
+                create  => "true",
+                perms   => u_p( "0700" ),
+                action  => uimmediate;
+
+        redhat|freebsd::
+
+            "$(sys.workdir)/bin/."
+
+                create  => "true",
+                perms   => u_p( "0700" ),
+                action  => uimmediate;
+
+        debian::
+
+            "$(sys.workdir)/bin/."
+
+                link_from => u_ln_s( "/usr/sbin" ),
+                action  => uimmediate;
+
+        any::
+
+            "$(sys.workdir)/ppkeys/."
+
+                perms   => u_p( "0700" ),
+                action  => uimmediate;
+
+        redhat|freebsd::
+
+            "$(sys.workdir)/bin"
+
+                comment      => "copy binaries from RPM location",
+                perms        => u_p( "700" ),
+                copy_from    => mycopy( "/usr/local/sbin", "localhost" ),
+                depth_search => recurse( "inf" ),
+                action       => uimmediate;
+
+        bunsen::
+
+            "$(inputs_location)"
+
+                comment      => "copy from local masterfiles on master policy server",
+                perms        => u_p( "600" ),
+                copy_from    => mycopy("$(master_location)","localhost"),
+                depth_search => recurse_ignore( "inf", "$(ignore_list)" ),
+                action       => uimmediate;
+
+        !bunsen::
+
+            "$(inputs_location)"
+
+                comment      => "all others fetch the promises from the policy master (also the slave)",
+                perms        => u_p( "600" ),
+                copy_from    => remote_copy( "$(master_location)", "$(master_server)" ),
+                depth_search => recurse_ignore( "inf", "$(ignore_list)" ),
+                action       => uimmediate;
+
+    commands:
+
+        bunsen::
+
+           "/bin/sh -c 'cd $(master_location) && svn up >/dev/null 2>&1'"
+
+               comment => "update the master policy files from SVN";
+}
+
+# self-contained functions, must work even if libaries have bugs
+
+# Set permissions
+body perms u_p( p )
+{
+    mode => "$(p)";
+}
+
+# Basic copy function (for local file copies)
+body copy_from mycopy( from, server )
+{
+    source      => "$(from)";
+    compare     => "digest";
+}
+
+# Remote copy function, secure
+body copy_from remote_copy( sourcedir, sourceserver )
+{
+    source      => "$(sourcedir)";   
+    servers     => { "$(sourceserver)" };
+    compare     => "digest";
+    encrypt     => "true";
+    verify      => "true";
+    trustkey    => "true";
+    preserve    => "true";
+}
+
+# Copy if at least 1 minute has elapsed
+body action uimmediate
+{
+    ifelapsed => "1";
+}
+
+body link_from u_ln_s(x)
+{
+    link_type => "symlink";
+    source => "$(x)";
+    when_no_source => "force";
+}
diff --git a/var/www/html/kickstart.cfg b/var/www/html/kickstart.cfg
new file mode 100644
index 0000000..cfbfca4
--- /dev/null
+++ b/var/www/html/kickstart.cfg
@@ -0,0 +1,55 @@
+# Kickstart file automatically generated by anaconda.
+
+#version=DEVEL
+install
+url --url=http://192.168.0.159/Centos/6.3/os/x86_64
+lang en_US.UTF-8
+keyboard us
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+rootpw  --iscrypted $6$M0aOpoXkLRTRzKcS$RPTbAk5YjUZR/JO1ClO9BWZU4KNkXXGOO/9yu2lrHMsfjgehv1Sg02dvhLQ3OzLBfIGggcZ7.2JRle4TJbdAU/
+firewall --service=ssh --port=5308:tcp
+authconfig --enableshadow --passalgo=sha512
+selinux --enforcing
+timezone --utc Europe/Zurich
+bootloader --location=mbr --driveorder=sda --append=" rhgb crashkernel=auto console=ttyS0,9600n81"
+
+zerombr
+clearpart --all --drives=sda --initlabel
+
+part / --label=ROOT --fstype=ext4 --size=8192
+part swap --label=SWAP --size=4096
+part /data --label=DATA --size=8192 --grow
+
+skipx
+cmdline
+
+repo --name="CentOS"  --baseurl=http://192.168.0.159/Centos/6.3/os/x86_64 --cost=100
+
+reboot
+
+%packages --excludedocs --nobase
+@core
+wget
+%end
+
+%post
+exec < /dev/console > /dev/console
+#!/bin/bash
+cd /root
+wget -O /etc/yum.repos.d/CentOS-Base.repo http://192.168.0.159/CentOS-Base.repo
+rpm --import /etc/pki/rpm-gpg/*
+yum clean all
+yum update -y
+
+mkdir /root/cfengine
+cd /root/cfengine
+wget -nd -r http://192.168.0.159/cfengine
+yum localinstall -y cfengine-community-3.2.1-1.el6.x86_64.rpm
+cp -v {failsafe,update}.cf /var/cfengine/inputs/.
+cd /root
+
+/usr/local/sbin/cf-agent -B
+
+/usr/local/sbin/cf-agent
+
+%end