{"id":22700208,"url":"https://github.com/simp/pupmod-simp-simp","last_synced_at":"2025-04-13T05:53:38.170Z","repository":{"id":32298724,"uuid":"35873685","full_name":"simp/pupmod-simp-simp","owner":"simp","description":"The SIMP simp Puppet Module","archived":false,"fork":false,"pushed_at":"2024-09-16T18:23:13.000Z","size":1373,"stargazers_count":6,"open_issues_count":7,"forks_count":24,"subscribers_count":18,"default_branch":"master","last_synced_at":"2025-04-13T05:53:31.984Z","etag":null,"topics":["puppet","simp"],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simp.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-05-19T09:49:41.000Z","updated_at":"2024-09-16T18:20:47.000Z","dependencies_parsed_at":"2024-01-17T20:05:19.093Z","dependency_job_id":"1e3861e5-cd51-4f8a-8b8e-0b4a0e0d6937","html_url":"https://github.com/simp/pupmod-simp-simp","commit_stats":null,"previous_names":[],"tags_count":44,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simp%2Fpupmod-simp-simp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simp%2Fpupmod-simp-simp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simp%2Fpupmod-simp-simp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simp%2Fpupmod-simp-simp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simp","download_url":"https://codeload.github.com/simp/pupmod-simp-simp/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248670502,"owners_count":21142901,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["puppet","simp"],"created_at":"2024-12-10T06:10:28.764Z","updated_at":"2025-04-13T05:53:38.138Z","avatar_url":"https://github.com/simp.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![License](http://img.shields.io/:license-apache-blue.svg)](http://www.apache.org/licenses/LICENSE-2.0.html)\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/73/badge)](https://bestpractices.coreinfrastructure.org/projects/73)\n[![Puppet Forge](https://img.shields.io/puppetforge/v/simp/simp.svg)](https://forge.puppetlabs.com/simp/simp)\n[![Puppet Forge Downloads](https://img.shields.io/puppetforge/dt/simp/simp.svg)](https://forge.puppetlabs.com/simp/simp)\n[![Build Status](https://travis-ci.org/simp/pupmod-simp-simp.svg)](https://travis-ci.org/simp/pupmod-simp-simp)\n\n#### Table of Contents\n\n1. [Overview](#overview)\n2. [Module Description - What the module does and why it is useful](#module-description)\n3. [Setup - The basics of getting started with simp](#setup)\n    * [What simp affects](#what-simp-affects)\n4. [Usage - Configuration options and additional functionality](#usage)\n    * [Basic Usage](#basic-usage)\n    * [SIMP Scenarios](#simp-scenarios)\n5. [Limitations - OS compatibility, etc.](#limitations)\n6. [Development - Guide for contributing to the module](#development)\n      * [Acceptance Tests - Beaker env variables](#acceptance-tests)\n\n## Overview\n\nThis module is the overarching profile of SIMP managed systems. It should be\nthe entry point for all supported SIMP configurations.\n\n## This is a SIMP module\nThis module is a component of the [System Integrity Management Platform](https://simp-project.com)\n\nIf you find any issues, please submit them via [JIRA](https://simp-project.atlassian.net/).\n\nPlease read our [Contribution Guide](https://simp.readthedocs.io/en/stable/contributors_guide/index.html).\n\nThis module should be used within the SIMP ecosystem and will be of limited\nindependent use\n\n## Module Description\n\nThis module provides a convenient entry point for setting up systems to meet\nthe goals of the SIMP Project.\n\nIt is effectively a highly malleable Puppet profile that provides mechanisms\nfor direct overall system modification and management.\n\n## Setup\n\n### What SIMP affects\n\nThe ``simp`` module is meant to be the central controller of all node\nconfigurations. The suggested usage is to place the following in your\nenvironment's ``site.pp``:\n\n```ruby\ninclude 'simp_options'\ninclude 'simp'\n```\n\n*NOTE:* If using Puppet Enterprise, you can add the ``simp_options`` and\n``simp`` classes to nodes via the classification interface. Do be sure to\ninclude ``simp_options`` *before* ``simp`` so that the ``simp`` module has\nappropriate access to the parameters in ``simp_options``.\n\n## Reference\n\nSee the [REFERENCE.md][reference_md] for a comprehensive overview of the module\ncomponents.\n\n## Usage\n\n### Basic Usage\n\nIt is recommended that you start with one of the SIMP scenarios described below.\n\nThese may be set via the ``simp::scenario`` parameter via Hiera.\n\n| **NOTE** |\n| --- |\n| \u003cul\u003e\u003cli\u003e`simp::scenario` always affects SIMP **client** systems, no matter how it was set.\u003c/li\u003e\u003cli\u003eHowever: SIMP **servers** will default to the `simp` scenario unless `simp:scenario` is set _in Hiera_.\u003c/li\u003e\u003c/ul\u003e |\n\n\nYou may want to tweak individual module settings and should reference the\n[module documentation][reference_md] for full details.\n\n[reference_md]: https://github.com/simp/pupmod-simp-simp/blob/master/REFERENCE.md\n\n#### SIMP Scenarios\n\nThe SIMP module has the following scenarios defined for getting started with\ndifferent configurations easily:\n\n* ``simp``\n  * The default scenario. Enables all modules to support the default SIMP\n    infrastructure configured around security best practices and compatibility\n    with supported security policies as defined in the\n    ``compliance_markup`` module.\n\n* ``simp_lite``\n  * The ``simp`` profile with some of the more aggressive security support\n    modules disabled. These include, but are not limited to, ``iptables``,\n    ``fips``, and ``svckill``.\n\n* ``standalone``\n  * Applies all of the settings in the ``simp`` profile and, after a successful\n    run, either disables ``puppet`` from running again or removes it from the\n    system completely. Has options to ensure that there is a way to get back\n    into the system afterwards.\n\n* ``poss``\n  * The Puppet Open Source Software (POSS) configuration simply attaches your\n    node to the Puppet server and performs **no additional configuration**.  This\n    can be used as a starting point for building your own configuration without\n    needing to worry about how to configure your Puppet agents.\n\n* ``remote_access``\n  * Adds the common remote access capabilities of SIMP to the system on top of\n    the ``poss`` scenario.\n\n* ``none``\n  * Does nothing at all. All configuration is in your control.\n\n## Development\n\nPlease read our [Contribution Guide](https://simp.readthedocs.io/en/stable/contributors_guide/index.html).\n\n### Unit tests\n\nUnit tests, written in ``rspec-puppet`` can be run by calling:\n\n```shell\nbundle exec rake spec\n```\n\n### Acceptance tests\n\nTo run the system tests, you need [Vagrant](https://www.vagrantup.com/) installed. Then, run:\n\n```shell\nbundle exec rake beaker:suites\n```\n\nSome environment variables may be useful:\n\n```shell\nBEAKER_debug=true\nBEAKER_provision=no\nBEAKER_destroy=no\nBEAKER_use_fixtures_dir_for_modules=yes\n```\n\n* `BEAKER_debug`: show the commands being run on the STU and their output.\n* `BEAKER_destroy=no`: prevent the machine destruction after the tests finish so you can inspect the state.\n* `BEAKER_provision=no`: prevent the machine from being recreated. This can save a lot of time while you're writing the tests.\n* `BEAKER_use_fixtures_dir_for_modules=yes`: cause all module dependencies to be loaded from the `spec/fixtures/modules` directory, based on the contents of `.fixtures.yml`.  The contents of this directory are usually populated by `bundle exec rake spec_prep`.  This can be used to run acceptance tests to run on isolated networks.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimp%2Fpupmod-simp-simp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimp%2Fpupmod-simp-simp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimp%2Fpupmod-simp-simp/lists"}