modules/dacs/manifests/init.pp

   1 # = Class: dacs
   2 #
   3 # This class installs and configures dacs for web auth
   4 #
   5 # == Sample Usage:
   6 #
   7 #   include dacs
   8 #
   9 class dacs {
  10         package { 'dacs':
  11                 ensure => installed,
  12         }
  13         package { 'libapache2-mod-dacs':
  14                 ensure => installed,
  15         }
  16
  17         File {
  18                 owner => root,
  19                 group => www-data,
  20                 mode  => '0640',
  21                 noop  => true,
  22         }
  23
  24         file { '/var/log/dacs':
  25                 ensure  => directory,
  26                 mode    => '0770',
  27                 purge   => true,
  28         }
  29         file { [
  30                         '/etc/dacs/federations',
  31                         '/etc/dacs/federations/debian.org/',
  32                         '/etc/dacs/federations/debian.org/DEBIAN',
  33                         '/etc/dacs/federations/debian.org/DEBIAN/acls',
  34                         '/etc/dacs/federations/debian.org/DEBIAN/groups',
  35                         '/etc/dacs/federations/debian.org/DEBIAN/groups/DACS'
  36                 ]:
  37                 ensure  => directory,
  38                 mode    => '0750',
  39                 require => Package['libapache2-mod-dacs'],
  40                 purge   => true
  41         }
  42         file { '/etc/dacs/federations/site.conf':
  43                 source  => 'puppet:///modules/dacs/common/site.conf',
  44         }
  45         file { '/etc/dacs/federations/debian.org/DEBIAN/dacs.conf':
  46                 source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/dacs.conf",
  47                         'puppet:///modules/dacs/common/dacs.conf', ],
  48         }
  49         file { '/etc/dacs/federations/debian.org/DEBIAN/acls/revocations':
  50                 source  => 'puppet:///modules/dacs/common/revocations',
  51         }
  52         file { '/etc/dacs/federations/debian.org/DEBIAN/groups/DACS/jurisdictions.grp':
  53                 source  => 'puppet:///modules/dacs/common/jurisdictions.grp',
  54         }
  55         file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-noauth.0':
  56                 source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-noauth.0",
  57                         'puppet:///modules/dacs/common/acl-noauth.0' ],
  58                 notify  => Exec['dacsacl']
  59         }
  60         file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-private.0':
  61                 source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-private.0",
  62                         'puppet:///modules/dacs/common/acl-private.0' ],
  63                 notify  => Exec['dacsacl']
  64         }
  65         file { '/etc/dacs/federations/debian.org/federation_keyfile':
  66                 source  => 'puppet:///modules/dacs/private/debian.org_federation_keyfile',
  67         }
  68         file { '/etc/dacs/federations/debian.org/DEBIAN/jurisdiction_keyfile':
  69                 source  => 'puppet:///modules/dacs/private/DEBIAN_jurisdiction_keyfile',
  70         }
  71
  72         exec { 'dacsacl':
  73                 command     => 'dacsacl -sc /etc/dacs/federations/site.conf -c /etc/dacs/federations/debian.org/DEBIAN/dacs.conf -uj DEBIAN && chown root:www-data /etc/dacs/federations/debian.org/DEBIAN/acls/INDEX',
  74                 refreshonly => true,
  75         }
  76
  77 }