summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2019-08-01 15:47:54 +0200
committerJan Dittberner <jandd@cacert.org>2019-08-01 15:48:10 +0200
commit63428a61fd9f971ca3ebd06764e8453c41e92170 (patch)
treeb3d33e4b0658dd52af62c18d5d053447558a9a8f
parentc1cccba05650a46570b0c3d7ed5c540e2e5ff22d (diff)
downloadcacert-puppet-63428a61fd9f971ca3ebd06764e8453c41e92170.tar.gz
cacert-puppet-63428a61fd9f971ca3ebd06764e8453c41e92170.tar.xz
cacert-puppet-63428a61fd9f971ca3ebd06764e8453c41e92170.zip
Add new profile debarchive for webstatic
-rw-r--r--hieradata/nodes/webstatic.yaml2
-rw-r--r--sitemodules/profiles/manifests/debarchive.pp72
-rw-r--r--sitemodules/roles/manifests/webstatic.pp1
3 files changed, 75 insertions, 0 deletions
diff --git a/hieradata/nodes/webstatic.yaml b/hieradata/nodes/webstatic.yaml
index 4102b5d..e70bcf7 100644
--- a/hieradata/nodes/webstatic.yaml
+++ b/hieradata/nodes/webstatic.yaml
@@ -4,6 +4,8 @@ classes:
profiles::base::admins:
- jandd
- law
+profiles::debarchive::uploaders:
+ - jandd
profiles::icinga2_agent::pki_ticket: >
ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
DQYJKoZIhvcNAQEBBQAEggEApecW/rPl4fMSAHNJSzDl5RX8y0JJSVqPj+S6
diff --git a/sitemodules/profiles/manifests/debarchive.pp b/sitemodules/profiles/manifests/debarchive.pp
new file mode 100644
index 0000000..2ad18be
--- /dev/null
+++ b/sitemodules/profiles/manifests/debarchive.pp
@@ -0,0 +1,72 @@
+# Class: profiles::debarchive
+# ===========================
+#
+# This class defines a mini-dinstall based Debian package archive setup.
+#
+# Parameters
+# ----------
+#
+# @param uploaders a list of users that are allowed to dput files to the
+# Debian archive
+#
+# Examples
+# --------
+#
+# @example
+# class 'roles::myhost' {
+# include profiles::debarchive
+# }
+#
+# Authors
+# -------
+#
+# Jan Dittberner <jandd@cacert.org>
+#
+# Copyright
+# ---------
+#
+# Copyright 2019 Jan Dittberner
+#
+class profiles::debarchive (
+ Array[String] $uploaders = [],
+) {
+ include profiles::base
+
+ package { 'mini-dinstall':
+ ensure => latest,
+ }
+ group { 'debarchive':
+ ensure => present,
+ system => true,
+ }
+ user { 'debarchive':
+ ensure => present,
+ comment => 'CAcert debian archive user',
+ system => true,
+ group => 'nogroup',
+ home => '/srv/debarchive',
+ shell => '/bin/false',
+ }
+ file { '/srv/debarchive':
+ ensure => directory,
+ owner => 'debarchive',
+ group => 'debarchive',
+ mode => '0755',
+ }
+ file { '/srv/debarchive/mini-dinstall':
+ ensure => directory,
+ owner => 'debarchive',
+ group => 'debarchive',
+ mode => '0755',
+ }
+ file { '/srv/debarchive/mini-dinstall/incoming':
+ ensure => directory,
+ owner => 'debarchive',
+ group => 'debarchive',
+ mode => '0770',
+ }
+
+ $uploaders.each |String $username| {
+ User<| title == $username |> { groups +> 'debarchive' }
+ }
+}
diff --git a/sitemodules/roles/manifests/webstatic.pp b/sitemodules/roles/manifests/webstatic.pp
index e4a8d8b..59bef2e 100644
--- a/sitemodules/roles/manifests/webstatic.pp
+++ b/sitemodules/roles/manifests/webstatic.pp
@@ -25,4 +25,5 @@ class roles::webstatic {
include profiles::rsyslog
include profiles::purge_nrpe_agent
include profiles::icinga2_agent
+ include profiles::debarchive
}