]> git.donarmstrong.com Git - dsa-puppet.git/blob - modules/dacs/manifests/init.pp
projects / dsa-puppet.git / blob
? search:


e49b43f0db65dda8c179ec2cb4187f2bdd06dad1
[dsa-puppet.git] / modules / dacs / manifests / init.pp
1 # = Class: dacs
2 #
3 # This class installs and configures dacs for web auth
4 #
5 # == Sample Usage:
6 #
7 #   include dacs
8 #
9 class dacs {
10         package { 'dacs':
11                 ensure => installed,
12         }
13         package { 'libapache2-mod-dacs':
14                 ensure => installed,
15         }
16
17         file { '/var/log/dacs':
18                 ensure  => directory,
19                 owner   => root,
20                 group   => www-data,
21                 mode    => '0770',
22                 purge   => true,
23         }
24         file { [
25                         '/etc/dacs/federations',
26                         '/etc/dacs/federations/debian.org/',
27                         '/etc/dacs/federations/debian.org/DEBIAN',
28                         '/etc/dacs/federations/debian.org/DEBIAN/acls',
29                         '/etc/dacs/federations/debian.org/DEBIAN/groups',
30                         '/etc/dacs/federations/debian.org/DEBIAN/groups/DACS'
31                 ]:
32                 ensure  => directory,
33                 owner   => root,
34                 group   => www-data,
35                 mode    => '0750',
36                 require => Package['libapache2-mod-dacs'],
37                 purge   => true
38         }
39         file { '/etc/dacs/federations/site.conf':
40                 source  => 'puppet:///modules/dacs/common/site.conf',
41                 mode    => '0640',
42                 owner   => root,
43                 group   => www-data
44         }
45         file { '/etc/dacs/federations/debian.org/DEBIAN/dacs.conf':
46                 source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/dacs.conf",
47                         'puppet:///modules/dacs/common/dacs.conf', ],
48                 mode    => '0640',
49                 owner   => root,
50                 group   => www-data
51         }
52         file { '/etc/dacs/federations/debian.org/DEBIAN/acls/revocations':
53                 source  => 'puppet:///modules/dacs/common/revocations',
54                 mode    => '0640',
55                 owner   => root,
56                 group   => www-data
57         }
58         file { '/etc/dacs/federations/debian.org/DEBIAN/groups/DACS/jurisdictions.grp':
59                 source  => 'puppet:///modules/dacs/common/jurisdictions.grp',
60                 mode    => '0640',
61                 owner   => root,
62                 group   => www-data
63         }
64         file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-noauth.0':
65                 source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-noauth.0",
66                         'puppet:///modules/dacs/common/acl-noauth.0' ],
67                 mode    => '0640',
68                 owner   => root,
69                 group   => www-data,
70                 notify  => Exec['dacsacl']
71         }
72         file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-private.0':
73                 source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-private.0",
74                         'puppet:///modules/dacs/common/acl-private.0' ],
75                 mode    => '0640',
76                 owner   => root,
77                 group   => www-data,
78                 notify  => Exec['dacsacl']
79         }
80         file { '/etc/dacs/federations/debian.org/federation_keyfile':
81                 source  => 'puppet:///modules/dacs/private/debian.org_federation_keyfile',
82                 mode    => '0640',
83                 owner   => root,
84                 group   => www-data
85         }
86         file { '/etc/dacs/federations/debian.org/DEBIAN/jurisdiction_keyfile':
87                 source  => 'puppet:///modules/dacs/private/DEBIAN_jurisdiction_keyfile',
88                 mode    => '0640',
89                 owner   => root,
90                 group   => www-data
91         }
92
93         exec { 'dacsacl':
94                 command     => 'dacsacl -sc /etc/dacs/federations/site.conf -c /etc/dacs/federations/debian.org/DEBIAN/dacs.conf -uj DEBIAN && chown root:www-data /etc/dacs/federations/debian.org/DEBIAN/acls/INDEX',
95                 refreshonly => true,
96         }
97
98 }
Unnamed repository; edit this file 'description' to name the repository.