diff options
-rw-r--r-- | deployment/softwarekey/manifests/init.pp | 33 | ||||
-rw-r--r-- | manifests/nodes.pp | 1 | ||||
-rw-r--r-- | modules/buildsystem/manifests/init.pp | 9 |
3 files changed, 34 insertions, 9 deletions
diff --git a/deployment/softwarekey/manifests/init.pp b/deployment/softwarekey/manifests/init.pp new file mode 100644 index 00000000..4296cce0 --- /dev/null +++ b/deployment/softwarekey/manifests/init.pp @@ -0,0 +1,33 @@ +class softwarekey { + class variable { + $sign_login = "softwarekey" + $sign_home_dir = "/var/lib/$sign_login" + $sign_keydir = "$sign_home_dir/keys" + } + + class base inherits variable { + group {"$sign_login": + ensure => present, + } + + user {"$sign_login": + ensure => present, + comment => "System user to sign Mageia Software", + managehome => true, + home => $sign_home_dir, + gid => $sign_login, + shell => "/bin/bash", + require => Group[$sign_login], + } + + gnupg::keys{"software": + email => "software@$domain", + #FIXME there should be a variable somewhere to change the name of the distribution + key_name => 'Mageia Software', + login => $sign_login, + batchdir => "$sign_home_dir/batches", + keydir => $sign_keydir, + require => User[$sign_login], + } + } +} diff --git a/manifests/nodes.pp b/manifests/nodes.pp index 74b605c5..330d421e 100644 --- a/manifests/nodes.pp +++ b/manifests/nodes.pp @@ -23,6 +23,7 @@ node valstar { include ssh::auth::keymaster include buildsystem::mainnode include buildsystem::mgacreatehome + include softwarekey::base include access_classes::committers include restrictshell::allow_git diff --git a/modules/buildsystem/manifests/init.pp b/modules/buildsystem/manifests/init.pp index 0e273e93..d2dae545 100644 --- a/modules/buildsystem/manifests/init.pp +++ b/modules/buildsystem/manifests/init.pp @@ -89,15 +89,6 @@ class buildsystem { keydir => $sign_keydir, } - gnupg::keys{"software": - email => "software@$domain", - #FIXME there should be a variable somewhere to change the name of the distribution - key_name => 'Mageia Software', - login => $sign_login, - batchdir => "$sign_home_dir/batches", - keydir => $sign_keydir, - } - sudo::sudoers_config { "signpackage": content => template("buildsystem/sudoers.signpackage") } |