X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=modules%2Fdacs%2Fmanifests%2Finit.pp;h=aaad0c4cf26f34b459041730b4988660e0a965f9;hb=83adec02dbe52ac9e81721398067a7a685e60c9e;hp=a9e703de2c4cbb684556f7c90205e72647e9f670;hpb=b971cc837b8783402899e0aba3755a1f89ca1e27;p=dsa-puppet.git

diff --git a/modules/dacs/manifests/init.pp b/modules/dacs/manifests/init.pp
index a9e703de..aaad0c4c 100644
--- a/modules/dacs/manifests/init.pp
+++ b/modules/dacs/manifests/init.pp
@@ -45,6 +45,14 @@ class dacs {
              purge   => true
              ;
 
+        "/etc/dacs/federations/debian.org/DEBIAN/groups/DACS":
+             ensure  => directory,
+             owner   => root,
+             group   => www-data,
+             mode    => 750,
+             purge   => true
+             ;
+
         "/etc/dacs/federations/site.conf":
              source  => [ "puppet:///modules/dacs/per-host/$fqdn/site.conf",
                           "puppet:///modules/dacs/common/site.conf" ],
@@ -69,12 +77,20 @@ class dacs {
              group   => www-data
              ;
 
+        "/etc/dacs/federations/debian.org/DEBIAN/groups/DACS/jurisdictions.grp":
+             source  => [ "puppet:///modules/dacs/per-host/$fqdn/jurisdictions.grp",
+                          "puppet:///modules/dacs/common/jurisdictions.grp" ],
+             mode    => 640,
+             owner   => root,
+             group   => www-data
+             ;
+
         "/etc/dacs/federations/debian.org/DEBIAN/acls/acl-noauth.0":
              source  => [ "puppet:///modules/dacs/per-host/$fqdn/acl-noauth.0",
                           "puppet:///modules/dacs/common/acl-noauth.0" ],
              mode    => 640,
              owner   => root,
-             group   => www-data
+             group   => www-data,
              notify  => Exec["dacsacl"]
              ;
 
@@ -83,14 +99,29 @@ class dacs {
                           "puppet:///modules/dacs/common/acl-private.0" ],
              mode    => 640,
              owner   => root,
-             group   => www-data
+             group   => www-data,
              notify  => Exec["dacsacl"]
              ;
+
+        "/etc/dacs/federations/debian.org/federation_keyfile":
+             source  => "puppet:///modules/dacs/private/debian.org_federation_keyfile",
+             mode    => 640,
+             owner   => root,
+             group   => www-data
+             ;
+
+        "/etc/dacs/federations/debian.org/DEBIAN/jurisdiction_keyfile":
+             source  => "puppet:///modules/dacs/private/DEBIAN_jurisdiction_keyfile",
+             mode    => 640,
+             owner   => root,
+             group   => www-data
+             ;
+
     }
 
     exec {
         "dacsacl":
-            command     => "dacsacl -uj DEBIAN",
+            command     => "dacsacl -sc /etc/dacs/federations/site.conf -c /etc/dacs/federations/debian.org/DEBIAN/dacs.conf -uj DEBIAN && chown root:www-data /etc/dacs/federations/debian.org/DEBIAN/acls/INDEX",
             refreshonly => true,
     }