modules/dacs/manifests/init.pp

   1 class dacs {
   2         package { 'dacs':
   3                 ensure => installed,
   4         }
   5         package { 'libapache2-mod-dacs':
   6                 ensure => installed,
   7         }
   8
   9         file { '/var/log/dacs':
  10                 ensure  => directory,
  11                 owner   => root,
  12                 group   => www-data,
  13                 mode    => '0770',
  14                 purge   => true,
  15         }
  16         file { [
  17                         '/etc/dacs/federations',
  18                         '/etc/dacs/federations/debian.org/',
  19                         '/etc/dacs/federations/debian.org/DEBIAN',
  20                         '/etc/dacs/federations/debian.org/DEBIAN/acls',
  21                         '/etc/dacs/federations/debian.org/DEBIAN/groups',
  22                         '/etc/dacs/federations/debian.org/DEBIAN/groups/DACS'
  23                 ]:
  24                 ensure  => directory,
  25                 owner   => root,
  26                 group   => www-data,
  27                 mode    => '0750',
  28                 require => Package['libapache2-mod-dacs'],
  29                 purge   => true
  30         }
  31         file { '/etc/dacs/federations/site.conf':
  32                 source  => 'puppet:///modules/dacs/common/site.conf',
  33                 mode    => '0640',
  34                 owner   => root,
  35                 group   => www-data
  36         }
  37         file { '/etc/dacs/federations/debian.org/DEBIAN/dacs.conf':
  38                 source => 'puppet:///modules/dacs/common/dacs.conf',
  39                 mode    => '0640',
  40                 owner   => root,
  41                 group   => www-data
  42         }
  43         file { '/etc/dacs/federations/debian.org/DEBIAN/acls/revocations':
  44                 source  => 'puppet:///modules/dacs/common/revocations',
  45                 mode    => '0640',
  46                 owner   => root,
  47                 group   => www-data
  48         }
  49         file { '/etc/dacs/federations/debian.org/DEBIAN/groups/DACS/jurisdictions.grp':
  50                 source  => 'puppet:///modules/dacs/common/jurisdictions.grp',
  51                 mode    => '0640',
  52                 owner   => root,
  53                 group   => www-data
  54         }
  55         file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-noauth.0':
  56                 source  => [ 'puppet:///modules/dacs/per-host/$fqdn/acl-noauth.0',
  57                         'puppet:///modules/dacs/common/acl-noauth.0' ],
  58                 mode    => '0640',
  59                 owner   => root,
  60                 group   => www-data,
  61                 notify  => Exec['dacsacl']
  62         }
  63         file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-private.0':
  64                 source  => [ 'puppet:///modules/dacs/per-host/$fqdn/acl-private.0',
  65                         'puppet:///modules/dacs/common/acl-private.0' ],
  66                 mode    => '0640',
  67                 owner   => root,
  68                 group   => www-data,
  69                 notify  => Exec['dacsacl']
  70         }
  71         file { '/etc/dacs/federations/debian.org/federation_keyfile':
  72                 source  => 'puppet:///modules/dacs/private/debian.org_federation_keyfile',
  73                 mode    => '0640',
  74                 owner   => root,
  75                 group   => www-data
  76         }
  77         file { '/etc/dacs/federations/debian.org/DEBIAN/jurisdiction_keyfile':
  78                 source  => 'puppet:///modules/dacs/private/DEBIAN_jurisdiction_keyfile',
  79                 mode    => '0640',
  80                 owner   => root,
  81                 group   => www-data
  82         }
  83
  84         exec { 'dacsacl':
  85                 command     => 'dacsacl -sc /etc/dacs/federations/site.conf -c /etc/dacs/federations/debian.org/DEBIAN/dacs.conf -uj DEBIAN && chown root:www-data /etc/dacs/federations/debian.org/DEBIAN/acls/INDEX',
  86                 refreshonly => true,
  87         }
  88
  89 }