Do not mask vsftpd.service in each site

[dsa-puppet.git] / modules / vsftpd / manifests / site.pp

diff --git a/modules/vsftpd/manifests/site.pp b/modules/vsftpd/manifests/site.pp
index 7897c8fc4e2e21657f705beb5aa13476a92384ee..f8a71a0fb52d9aa297949593bf0df5af0efb635a 100644 (file)
--- a/modules/vsftpd/manifests/site.pp
+++ b/modules/vsftpd/manifests/site.pp
@@ -1,34 +1,52 @@
-class vsftpd::site (
-       $source='',
-       $content='',
+define vsftpd::site (
+       $root,
+       $bind='',
+       $chown_user='',
+       $writable=false,
+       $banner="${name} FTP Server",
+       $max_clients=100,
+       $logfile="/var/log/ftp/vsftpd-${name}.debian.org.log",
        $ensure=present
 ){
 
        include vsftpd
 
-       if ($source and $content) {
-               fail ( "Can't have both source and content for $name" )
-       }
-
        case $ensure {
                present,absent: {}
                default: { fail ( "Invald ensure `$ensure' for $name" ) }
        }
 
-       if $source {
-               file { '/etc/vsftpd.conf':
-                       ensure => $ensure,
-                       source => $source,
-                       notify => Service['vsftpd']
-               }
-       } elsif $content {
-               file { '/etc/vsftpd.conf':
-                       ensure  => $ensure,
-                       content => $content,
-                       notify  => Service['vsftpd']
-               }
-       } else {
-               fail ( "Need one of source or content for $name" )
+       $ftpsite = $name
+
+       $fname = "/etc/vsftpd-${name}.conf"
+
+       file { $fname:
+               ensure  => $ensure,
+               content => template('vsftpd/vsftpd.conf.erb')
+       }
+
+       file { "/etc/logrotate.d/vsftpd-${name}":
+               ensure => absent
+       }
+
+       munin::check { "vsftpd-${name}":
+               script => 'vsftpd'
+       }
+       munin::conf { "vsftpd-${name}":
+               content => template('vsftpd/munin.erb')
+       }
+
+       # We don't need a firewall rule because it's added in vsftp.pp
+       xinetd::service { "vsftpd-${name}":
+               bind        => $bind,
+               id          => "${name}-ftp",
+               server      => '/usr/sbin/vsftpd',
+               port        => 'ftp',
+               server_args => $fname,
+               ferm        => false,
+               instances   => $max_clients,
+               require     => File[$fname]
        }
 
+       Service['vsftpd']->Service['xinetd']
 }