logrotate dacs logs

[dsa-puppet.git] / modules / dacs / manifests / init.pp

diff --git a/modules/dacs/manifests/init.pp b/modules/dacs/manifests/init.pp
index cd52af867c8bf086d240f5a07d7cdd3847085964..fb0cf1b362a1a8068ff6a9151c7bf0b1be9dd7d0 100644 (file)
--- a/modules/dacs/manifests/init.pp
+++ b/modules/dacs/manifests/init.pp
@@ -1,3 +1,11 @@
+# = Class: dacs
+#
+# This class installs and configures dacs for web auth
+#
+# == Sample Usage:
+#
+#   include dacs
+#
 class dacs {
        package { 'dacs':
                ensure => installed,
@@ -6,10 +14,14 @@ class dacs {
                ensure => installed,
        }
 
+       File {
+               owner => root,
+               group => www-data,
+               mode  => '0640',
+       }
+
        file { '/var/log/dacs':
                ensure  => directory,
-               owner   => root,
-               group   => www-data,
                mode    => '0770',
                purge   => true,
        }
@@ -22,63 +34,41 @@ class dacs {
                        '/etc/dacs/federations/debian.org/DEBIAN/groups/DACS'
                ]:
                ensure  => directory,
-               owner   => root,
-               group   => www-data,
                mode    => '0750',
                require => Package['libapache2-mod-dacs'],
                purge   => true
        }
+       file { '/etc/logrotate.d/dacs':
+               source  => 'puppet:///modules/dacs/common/dacs.logrotate',
+       }
        file { '/etc/dacs/federations/site.conf':
                source  => 'puppet:///modules/dacs/common/site.conf',
-               mode    => '0640',
-               owner   => root,
-               group   => www-data
        }
        file { '/etc/dacs/federations/debian.org/DEBIAN/dacs.conf':
-               source => 'puppet:///modules/dacs/common/dacs.conf',
-               mode    => '0640',
-               owner   => root,
-               group   => www-data
+               source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/dacs.conf",
+                       'puppet:///modules/dacs/common/dacs.conf', ],
        }
        file { '/etc/dacs/federations/debian.org/DEBIAN/acls/revocations':
                source  => 'puppet:///modules/dacs/common/revocations',
-               mode    => '0640',
-               owner   => root,
-               group   => www-data
        }
        file { '/etc/dacs/federations/debian.org/DEBIAN/groups/DACS/jurisdictions.grp':
                source  => 'puppet:///modules/dacs/common/jurisdictions.grp',
-               mode    => '0640',
-               owner   => root,
-               group   => www-data
        }
        file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-noauth.0':
                source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-noauth.0",
                        'puppet:///modules/dacs/common/acl-noauth.0' ],
-               mode    => '0640',
-               owner   => root,
-               group   => www-data,
                notify  => Exec['dacsacl']
        }
        file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-private.0':
                source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-private.0",
                        'puppet:///modules/dacs/common/acl-private.0' ],
-               mode    => '0640',
-               owner   => root,
-               group   => www-data,
                notify  => Exec['dacsacl']
        }
        file { '/etc/dacs/federations/debian.org/federation_keyfile':
                source  => 'puppet:///modules/dacs/private/debian.org_federation_keyfile',
-               mode    => '0640',
-               owner   => root,
-               group   => www-data
        }
        file { '/etc/dacs/federations/debian.org/DEBIAN/jurisdiction_keyfile':
                source  => 'puppet:///modules/dacs/private/DEBIAN_jurisdiction_keyfile',
-               mode    => '0640',
-               owner   => root,
-               group   => www-data
        }
 
        exec { 'dacsacl':