4 files changed, 55 insertions, 47 deletions

diff --git a/modules/libvirtd/files/network_add.py b/modules/libvirtd/files/network_add.py
index ab40bf0e..4ed63109 100644
--- a/modules/libvirtd/files/network_add.py
+++ b/modules/libvirtd/files/network_add.py
@@ -1,9 +1,9 @@
-#!/usr/bin/python
+#!/usr/bin/python3
 import libvirt
 import os
 import IPy
 
-# bridge_name 
+# bridge_name
 
 # forward -> nat/ route
 # forward-dev
@@ -59,4 +59,3 @@ network_xml = """
 
 c=libvirt.open("qemu:///system")
 c.networkDefineXML(network_xml)
-
diff --git a/modules/libvirtd/files/storage_add.py b/modules/libvirtd/files/storage_add.py
index 5d95922d..10369e36 100644
--- a/modules/libvirtd/files/storage_add.py
+++ b/modules/libvirtd/files/storage_add.py
@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/python3
 import libvirt
 import sys
 
@@ -25,4 +25,3 @@ storage_xml = """
 
 c=libvirt.open("qemu:///system")
 c.storagePoolDefineXML(storage_xml,0)
-
diff --git a/modules/libvirtd/manifests/init.pp b/modules/libvirtd/manifests/init.pp
index d73fed1c..f0cbb887 100644
--- a/modules/libvirtd/manifests/init.pp
+++ b/modules/libvirtd/manifests/init.pp
@@ -5,61 +5,71 @@ class libvirtd {
         # netcat-openbsd -> for ssh remote access
         # iptables -> for dhcp, message error was quite puzzling
         # python-* => needed for helper script
-        package { ["libvirt-utils","dnsmasq-base","netcat-openbsd","iptables","python-libvirt","python-IPy"]:
+        package {['libvirt-utils',
+                  'dnsmasq',
+                  'netcat-openbsd',
+                  'iptables',
+                  'python3-libvirt',
+                  'python3-IPy']:
         }
-
-        service { libvirtd:
+        service { 'libvirtd':
             require => Package['libvirt-utils'],
         }
 
         #TODO remove once libvirt package is fixed to manage the directory
-        file { ["/etc/libvirt/storage","/etc/libvirt/storage/autostart"]:
-            ensure => directory,
+        file { ['/etc/libvirt/storage',
+                '/etc/libvirt/storage/autostart']:
+            ensure  => directory,
             require => Package['libvirt-utils'],
         }
 
-        file { "/usr/local/bin/storage_add.py":
-            mode => 755,
-            source => "puppet:///modules/libvirtd/storage_add.py", 
+        file { '/usr/local/bin/storage_add.py':
+            mode   => '0755',
+            source => 'puppet:///modules/libvirtd/storage_add.py',
         }
- 
-        file { "/usr/local/bin/network_add.py":
-            mode => 755,
-            source => "puppet:///modules/libvirtd/network_add.py", 
+
+        file { '/usr/local/bin/network_add.py':
+            mode   => '0755',
+            source => 'puppet:///modules/libvirtd/network_add.py',
         }
 
     }
 
     class kvm inherits base {
         # pull cyrus-sasl, should be checked
-        package { "qemu": }
-    
+        package { 'qemu': }
     }
 
-    # see http://wiki.libvirt.org/page/SSHPolicyKitSetup
+    # see https://wiki.libvirt.org/page/SSHPolicyKitSetup
     define group_access() {
         # to pull polkit and create the directory
         include libvirtd::base
-        file { "/etc/polkit-1/localauthority/50-local.d/50-$name-libvirt-remote-access.pkla":
-            content => template("libvirtd/50-template-libvirt-remote-access.pkla"),
+        file { "/etc/polkit-1/localauthority/50-local.d/50-${name}-libvirt-remote-access.pkla":
+            content => template('libvirtd/50-template-libvirt-remote-access.pkla'),
             require => Package['libvirt-utils'],
         }
+        # give access to /dev/kvm to people allowed to use libvirt
+        file { '/dev/kvm':
+            group  => $name,
+            owner  => 'root',
+            mode   => '0660',
+        }
     }
 
     define storage($path, $autostart = true) {
         include libvirtd::base
 
-        exec { "/usr/local/bin/storage_add.py $name $path":
-            creates => "/etc/libvirt/storage/$name.xml",
+        exec { "/usr/local/bin/storage_add.py ${name} ${path}":
+            creates => "/etc/libvirt/storage/${name}.xml",
             require => [File['/usr/local/bin/storage_add.py'],
-                        Package["python-libvirt"] ]
+                        Package['python3-libvirt'] ]
         }
 
         #TODO use API of libvirt
-        file { "/etc/libvirt/storage/autostart/$name.xml":
-            ensure => $autostart ? {
-                            true => "/etc/libvirt/storage/$name.xml",
-                            false => "absent"
+        file { "/etc/libvirt/storage/autostart/${name}.xml":
+            ensure  => $autostart ? {
+                            true  => "/etc/libvirt/storage/${name}.xml",
+                            false => absent
                       },
             require => Package['libvirt-utils'],
         }
@@ -70,28 +80,28 @@ class libvirtd {
                     $forward_dev = 'eth0',
                     $network = '192.168.122.0/24',
                     $tftp_root = '',
-                    $disable_pxe = '', 
-                    $autostart = true, 
+                    $disable_pxe = '',
+                    $autostart = true,
                     $vm_type = 'qemu') {
 
-        exec { "/usr/local/bin/network_add.py":
-            environment => ["BRIDGE_NAME=$bridge_name",
-                            "FORWARD=$forward",
-                            "FORWARD_DEV=$forward_dev",
-                            "NETWORK=$network",
-                            "TFTP_ROOT=$tftp_root",
-                            "DISABLE_PXE=\"$disable_pxe\""], 
-            
-            creates => "/etc/libvirt/$vm_type/networks/$name.xml",
-            require => [File['/usr/local/bin/network_add.py'],
-                        Package['python-IPy'], Package["python-libvirt"] ]
+        exec { '/usr/local/bin/network_add.py':
+            environment => ["BRIDGE_NAME=${bridge_name}",
+                            "FORWARD=${forward}",
+                            "FORWARD_DEV=${forward_dev}",
+                            "NETWORK=${network}",
+                            "TFTP_ROOT=${tftp_root}",
+                            "DISABLE_PXE=\"${disable_pxe}\""],
+
+            creates     => "/etc/libvirt/${vm_type}/networks/${name}.xml",
+            require     => [File['/usr/local/bin/network_add.py'],
+                        Package['python3-IPy'], Package['python3-libvirt'] ]
         }
 
         #TODO use API of libvirt
-        file { "/etc/libvirt/$vm_type/networks/autostart/$name.xml":
-            ensure => $autostart ? {
-                            true => "/etc/libvirt/$vm_type/networks/$name.xml",
-                            false => "absent"
+        file { "/etc/libvirt/${vm_type}/networks/autostart/${name}.xml":
+            ensure  => $autostart ? {
+                            true  => "/etc/libvirt/${vm_type}/networks/${name}.xml",
+                            false => absent
                       },
             require => Package['libvirt-utils'],
         }
diff --git a/modules/libvirtd/templates/50-template-libvirt-remote-access.pkla b/modules/libvirtd/templates/50-template-libvirt-remote-access.pkla
index 201e89a0..8806e3cb 100644
--- a/modules/libvirtd/templates/50-template-libvirt-remote-access.pkla
+++ b/modules/libvirtd/templates/50-template-libvirt-remote-access.pkla
@@ -1,5 +1,5 @@
 [Remote libvirt SSH access]
-Identity=unix-user:root;unix-group:<%= name %>
+Identity=unix-user:root;unix-group:<%= @name %>
 Action=org.libvirt.unix.manage
 ResultAny=yes
 ResultInactive=yes