aboutsummaryrefslogtreecommitdiffstats
path: root/modules/mga-advisories/manifests/init.pp
blob: 56929b6ac62b0e79537f01114be0505c0872f209 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

class mga-advisories(
  $advisories_svn = "svn://svn.${::domain}/svn/advisories",
  $vhost
){
  $mgaadv_login = 'mga-advisories'
  $mgaadv_homedir = "/var/lib/${mgaadv_login}"
  $vhostdir = "${mgaadv_homedir}/vhost"
  $advisories_dir = "${mgaadv_homedir}/advisories"
  $status_dir = "${mgaadv_homedir}/status"
  $update_script = '/usr/local/bin/update_mga-advisories'
  $move_script = '/root/tmp/mgatools-new/mga-move-pkg'
  $move_wrapper_script = '/usr/local/bin/mga-adv-move-pkg'

  group { $mgaadv_login:
    ensure => present,
  }

  user { $mgaadv_login:
    ensure     => present,
    comment    => 'mga-advisories user',
    home       => $mgaadv_homedir,
    managehome => true,
    gid        => $mgaadv_login,
  }

  package { 'mga-advisories':
    ensure => installed,
  }

  file {'/etc/mga-advisories.conf':
    ensure  => present,
    owner   => root,
    group   => root,
    mode    => '0644',
    content => template('mga-advisories/mga-advisories.conf'),
    require => Package['mga-advisories'],
  }

  file { [ $vhostdir, $status_dir ]:
    ensure => directory,
    owner  => $mgaadv_login,
    group  => $mgaadv_login,
    mode   => '0755',
  }

  $vhost_aliases = {
    "/static" => '/usr/share/mga-advisories/static',
  }
  apache::vhost::base { $vhost:
    location => $vhostdir,
    aliases  => $vhost_aliases,
    require  => File[$vhostdir],
  }

  apache::vhost::base { "ssl_${vhost}":
    use_ssl  => true,
    vhost    => $vhost,
    aliases  => $vhost_aliases,
    location => $vhostdir,
    require  => File[$vhostdir],
  }

  subversion::snapshot { $advisories_dir:
    source  => $advisories_svn,
    user    => $mgaadv_login,
    refresh => '0',
    require => User[$mgaadv_login],
  }

  file { $update_script:
    ensure  => present,
    owner   => root,
    group   => root,
    mode    => '0755',
    content => template('mga-advisories/update_script'),
  }

  file { $move_wrapper_script:
    ensure  => present,
    owner   => root,
    group   => root,
    mode    => '0755',
    content => template('mga-advisories/adv-move-pkg'),
  }

  sudo::sudoers_config { 'mga-adv-move-pkg':
    content => template('mga-advisories/sudoers.adv-move-pkg')
  }

  # Disable for now... we may re-instate once it's been a little more tested.
  #cron { $update_script:
  #  command => $update_script,
  #  user    => $mgaadv_login,
  #  hour    => '*',
  #  minute  => '10',
  #  require => Subversion::Snapshot[$advisories_dir],
  #}
}
# vim: sw=2
generated by cgit v1.2.1 (git 2.21.0) at 2024-11-14 13:56:07 +0000