Automated server setup with Puppet

I will need to set up some CentOS server and also keeping them uptodate. This will typically be used to set up a VPS to run Ruby on Rails, and/or Drupal and/or Magento. I would like to automate this using Puppet. I am not an expert on setting up a server, so your input are highly valued (what have I not thought of?). What Puppet needs to do: -Update CentOS to the latest version & pathces (se version of CentOS installed may vary, but we want to have the latest). -Lock down server: change root pw, disable ssh to root, change ssh from port 22 to another one, remove all services other than what is needed (see below), configure firewall, install and configure Fail2Ban. Other things? You are the expert ;) -Set domain name, install and configure email: Postfix with MySQL, Dovecot and MailScanner and ClamAV. -Install and configure nginx, MySQL (setting root pw and other standard first-time-configuration), PHP and PHP soap (and such, so it passes the Magento server-requirements-test.), Ruby, Rails and Passenger (and make it work with nginx) and Drupal (so it works with nginx). -Keep the system updated And, as said, you are the expert, so please do specify any changes/additions or whatever to make the system as secure and efficient as possible!