9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
# File 'manifests/setup/dehydrated_host.pp', line 9
class dehydrated::setup::dehydrated_host {
if ! defined(Class['dehydrated']) {
fail('You must include the dehydrated base class first; also this class is not supposed to be included on its own.')
}
if ($facts['kernel'] == 'windows') {
fail('Running dehydrated on windows is not supported (yet - patches welcome).')
}
if ($::dehydrated::manage_user) {
if ($::dehydrated::dehydrated_group != $::dehydrated::group) {
group { $::dehydrated::dehydrated_group :
ensure => present,
}
}
if ($::dehydrated::dehydrated_user != $::dehydrated::user) {
user { $::dehydrated::dehydrated_user :
ensure => present,
gid => $::dehydrated::dehydrated_group,
home => $::dehydrated::dehydrated_base_dir,
shell => '/bin/bash',
managehome => false,
password => '!!',
require => Group[$::dehydrated::dehydrated_group],
}
$_require = User[$::dehydrated::dehydrated_user]
} else {
$_require = Group[$::dehydrated::dehydrated_group]
}
} else {
$_require = undef
}
File {
owner => $::dehydrated::dehydrated_user,
group => $::dehydrated::dehydrated_group,
mode => '0750',
require => $_require,
}
file { [
$::dehydrated::dehydrated_base_dir,
$::dehydrated::dehydrated_wellknown_dir,
$::dehydrated::dehydrated_alpncert_dir,
$::dehydrated::dehydrated_requests_dir,
] :
ensure => directory,
mode => '0751',
}
file { [
$::dehydrated::dehydrated_hooks_dir,
] :
ensure => directory,
mode => '0750',
}
$dehydrated_host_script = join(
[$::dehydrated::dehydrated_base_dir, 'dehydrated_job_runner.rb'],
$::dehydrated::params::path_seperator
)
$dehydrated_host_script_config = join(
[$::dehydrated::dehydrated_base_dir, 'config.json'],
$::dehydrated::params::path_seperator
)
file { $dehydrated_host_script :
ensure => file,
mode => '0750',
source => 'puppet:///modules/dehydrated/dehydrated_job_runner.rb',
}
file { $dehydrated_host_script_config :
ensure => file,
mode => '0640',
source => $::dehydrated::params::configfile,
require => File[$::dehydrated::params::configfile],
}
$dehydrated_host_script_lock = "${dehydrated_host_script}.lock"
$dehydrated_host_script_lock_command = join([
'/usr/bin/flock -x -n -E 0',
$dehydrated_host_script_lock,
'/usr/bin/timeout -k 10 7200',
], ' ')
$escaped_path = shell_escape($facts['path'])
$cron_escaped_path = regsubst($escaped_path, '%', '\%', 'G')
$cron_command = join([
'/usr/bin/env',
"PATH=${cron_escaped_path}",
$dehydrated_host_script_lock_command,
$dehydrated_host_script,
$dehydrated_host_script_config,
], ' ')
cron { 'dehydrated_host_script':
command => $cron_command,
user => $::dehydrated::dehydrated_user,
minute => [3,18,33,48,]
}
vcsrepo { $::dehydrated::dehydrated_git_dir :
ensure => latest,
revision => $::dehydrated::dehydrated_git_tag,
provider => git,
source => $::dehydrated::dehydrated_git_url,
user => $::dehydrated::dehydrated_user,
require => [
File[$::dehydrated::dehydrated_base_dir],
Package['git']
],
}
if ($::dehydrated::manage_packages) {
ensure_packages($::dehydrated::dehydrated_host_packages)
}
concat { $::dehydrated::dehydrated_requests_config :
ensure => present,
format => 'json-pretty',
require => [
File[$::dehydrated::dehydrated_base_dir],
File[$::dehydrated::dehydrated_requests_dir],
File[$::dehydrated::dehydrated_wellknown_dir],
],
}
}
|