Puppet – Installing modules

1. Search for puppet modules

1.i from cli
$ puppet module search accounts

1.ii OR from https://forge.puppet.com/

2. Install puppet module from puppet forge repository

$ puppet module install puppetlabs/accounts
Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules …
Notice: Downloading from https://forgeapi.puppet.com …
Notice: Installing — do not interrupt …
/etc/puppetlabs/code/environments/production/modules
└─┬ puppetlabs-accounts (v1.3.0)
└── puppetlabs-stdlib (v4.25.1)

3. Install puppet module from different repository

$ puppet module install –module_repository http://dev-forge.example.com puppetlabs-apache

4. Install puppet module from release tar ball

$ puppet module install ~/puppetlabs-apache-0.10.0.tar.gz –ignore-dependencies

5. Show installed puppet modules

$ puppet module list
/etc/puppetlabs/code/environments/production/modules
├── puppetlabs-accounts (v1.3.0)
├── puppetlabs-stdlib (v4.25.1)
├── ssh (???)
└── usermanagement (???)
/etc/puppetlabs/code/modules (no modules installed)
/opt/puppetlabs/puppet/modules
├── puppetlabs-facter_task (v0.3.0)
├── puppetlabs-package (v0.2.0)
├── puppetlabs-pe_accounts (v2016.5.0)
├── puppetlabs-pe_concat (v1.1.1)
├── puppetlabs-pe_hocon (v2016.2.0)
├── puppetlabs-pe_infrastructure (v2018.1.0)
├── puppetlabs-pe_inifile (v1.1.3)
├── puppetlabs-pe_install (v2018.1.0)
├── puppetlabs-pe_java_ks (v2016.4.0)
├── puppetlabs-pe_nginx (v2017.1.0)
├── puppetlabs-pe_postgresql (v2016.5.0)
├── puppetlabs-pe_puppet_authorization (v2016.2.0)
├── puppetlabs-pe_r10k (v2016.2.0)
├── puppetlabs-pe_razor (v0.2.1)
├── puppetlabs-pe_repo (v2018.1.0)
├── puppetlabs-pe_staging (v0.3.3)
├── puppetlabs-pe_support_script (v2.7.0)
├── puppetlabs-puppet_conf (v0.2.0)
├── puppetlabs-puppet_enterprise (v2018.1.0)
└── puppetlabs-service (v0.3.1)

6. Upgrade puppet module

$ puppet module upgrade module-name
$ puppet module upgrade puppetlabs-accounts
$ puppet module upgrade puppetlabs-accounts –version=v1.3.0

7. Uninstall puppet module

$ puppet module uninstall module-name
$ puppet module uninstall puppetlabs-accounts

reference:
https://puppet.com/docs/puppet/5.3/modules_installing.html#installing-modules-from-the-command-line

Cloudflare API- bash script to block IP address in firewall (check if IP exists)

Cloudflare API- bash script to block IP address in firewall 
[ check if IP exists in the firewall before blocking ]

Note: The details of organization,zone etc can be found in respective cloudflare login

Requirement: Install jq, https://stedolan.github.io/jq/

 

#!/bin/bash
organization=””
zones=””
email=””
authkey=””
id=””
org_name=””
notes=””

> ipsblocked.txt

for i in `cat ips.txt`; do
RESULT_JSON=`curl -sSX GET “https://api.cloudflare.com/client/v4/organizations/$organization/firewall/access_rules/rules?mode=block&configuration_target=ip&configuration_value=$i” -H “X-Auth-Email: $email” -H “X-Auth-Key: $authkey” -H “Content-Type: application/json”;`
echo “\n”
#echo “$RESULT_JSON”
#echo ” result with jq”
STATUS_IPBLOCKED=`echo “$RESULT_JSON” | jq ‘.mode’`

if [ $STATUS_IPBLOCKED != block ]
then
curl -sSX POST “https://api.cloudflare.com/client/v4/organizations/$organization/firewall/access_rules/rules” -H “X-Auth-Email: $email” -H “X-Auth-Key: $authkey” -H “Content-Type: application/json” –data “{\”mode\”:\”block\”,\”scope\”:{\”id\”:\”$id\”,\”name\”:\”$org_name\”,\”type\”:\”organization\”},\”configuration\”:{\”target\”:\”ip\”,\”value\”:\”$i\”},\”notes\”:\”$notes\”}” ;
echo “\n”
echo “IP $i blocked in Cloudflare”
echo “IP $i blocked in Cloudflare” >> ipsblocked.txt
echo “\n”
else
echo “IP $i already blocked in Cloudflare, skip”
echo “IP $i already blocked in Cloudflare, skip” >> ips_blocked.txt
fi

echo “\n”
done