aboutsummaryrefslogtreecommitdiffstats
path: root/modules/buildsystem/manifests/init.pp
blob: b55c7e00f2bba91126049fd4d33b3678b81032a3 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

class buildsystem {

    class base {
	$build_login = "iurt"
	$build_home_dir = "/home/$build_login"

	include ssh::auth
	ssh::auth::key { $build_login: } # declare a key for build bot: RSA, 2048 bits
    }

    class mainnode inherits base {
        include iurtuser
        ssh::auth::server { $build_login: }

        package { "task-bs-cluster-main":
            ensure => "installed"
        }
    }

    class buildnode inherits base {
        include iurt
    }

    class scheduler {
        # ulri        
    }

    class dispatcher {
        # emi
    }
    
    class repsys {
        package { 'repsys':

        }


    }

    class iurtuser {
        group {"$build_login": 
            ensure => present,
        }

        user {"$build_login":
            ensure => present,
            comment => "System user used to run build bots",
            managehome => true,
            gid => $build_login,
            shell => "/bin/bash",
            notify => Exec["unlock$build_login"],
        }

        # set password to * to unlock the account but forbid login through login
        exec { "unlock$build_login":
            command => "usermod -p '*' $build_login",
            refreshonly => true,
        }

        file { $build_home_dir:
            ensure => "directory",
        }

        file { "$build_home_dir/.ssh":
            ensure => "directory",
            mode   => 600,
            owner  => $build_login,
            group  => $build_login,
        }
    }

    class iurt {
        include sudo
        include iurtuser
        ssh::auth::client { $build_login: }

        # build node common settings
        # we could have the following skip list to use less space:
        # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
        $package_list = ['task-bs-cluster-chroot', 'iurt']
        package { $package_list:
            ensure => installed;
        }

        file { "$build_home_dir/.iurt.cauldron.conf":
            ensure => present,
            owner => $build_login,
            group => $build_login,
            mode => 644,
            content => template("buildsystem/iurt.cauldron.conf")
        }

        file { "/etc/sudoers.d/iurt":
            ensure => present,
            owner => root,
            group => root,
            mode => 440,
            content => template("buildsystem/sudoers.iurt")
        }
    }
}
generated by cgit v1.2.1 (git 2.21.0) at 2024-07-01 06:31:07 +0000