Move uploads to /srv/upload/incoming
authorJan Dittberner <jandd@cacert.org>
Thu, 1 Aug 2019 20:06:04 +0000 (22:06 +0200)
committerJan Dittberner <jandd@cacert.org>
Thu, 1 Aug 2019 20:06:04 +0000 (22:06 +0200)
To make this setup work you should have the following in
/etc/ssh/sshd_config:

  Match User debarchive
      ForceCommand internal-sftp
      ChrootDirectory /srv/upload
      AllowTcpForwarding no

sitemodules/profiles/files/debarchive/debarchive.service
sitemodules/profiles/manifests/debarchive.pp

index 0fc3555..ec6f12e 100644 (file)
@@ -3,7 +3,7 @@ Description=CAcert Debian Archive Update service
 
 [Service]
 Type=forking
-ExecStart=/usr/bin/mini-dinstall
+ExecStart=/usr/bin/mini-dinstall /srv/upload/incoming
 ExecStop=/usr/bin/mini-dinstall -k
 User=debarchive
 
index e075137..8124ddf 100644 (file)
@@ -70,19 +70,7 @@ class profiles::debarchive (
     group  => 'nogroup',
     mode   => '0711',
   }
-  file { '/srv/debarchive/archive':
-    ensure => directory,
-    owner  => 'debarchive',
-    group  => 'nogroup',
-    mode   => '0711',
-  }
-  file { '/srv/debarchive/archive/mini-dinstall':
-    ensure => directory,
-    owner  => 'debarchive',
-    group  => 'nogroup',
-    mode   => '0711',
-  }
-  file { '/srv/debarchive/archive/mini-dinstall/incoming':
+  file { '/srv/upload/incoming':
     ensure => directory,
     owner  => 'debarchive',
     group  => 'nogroup',