diff options
author | Micah Anderson <micah@riseup.net> | 2013-02-13 11:07:44 -0500 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2013-02-13 11:07:44 -0500 |
commit | cc12ced0f3f62c975f9f711da67770ffb33d7ba7 (patch) | |
tree | bbde5c6f5a2df2da3e97780f04c45407dda49a5a | |
parent | d49d2ef054bb1764aa3d374870d6d6557b3234e3 (diff) | |
parent | ef40c3b4c8f7e9405397ccf8ca3f9fb8ace22328 (diff) |
Merge remote-tracking branch 'koumbit/multi_repo_support'
-rw-r--r-- | README | 6 | ||||
-rw-r--r-- | files/reprepro-export-key.sh | 19 | ||||
-rw-r--r-- | manifests/init.pp | 182 | ||||
-rw-r--r-- | manifests/repository.pp | 190 | ||||
-rw-r--r-- | templates/inoticoming.default.erb | 2 | ||||
-rw-r--r-- | templates/reprepro-export-key.sh.erb | 18 |
6 files changed, 218 insertions, 199 deletions
@@ -21,6 +21,12 @@ Instead of: class { 'reprepro': origin => 'example.com' } +Even more recent versions do not use parametrized classes anymore but +defines, in order to support multiple repositories. So you should do +instead: + + reprepro::repository { "default": origin => 'example.com' } + Parameters ========== diff --git a/files/reprepro-export-key.sh b/files/reprepro-export-key.sh new file mode 100644 index 0000000..6e0b278 --- /dev/null +++ b/files/reprepro-export-key.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# +# This file is managed by Puppet. Do not edit, any changes will be overwritten! +# + +set -e + +BASEDIR="$1" +KEY=$(gpg --homedir "$BASEDIR/.gnupg" --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1) + +if [ -n "$KEY" ]; then + TEMPFILE=$(mktemp --tmpdir="$BASEDIR") + trap "rm -f '$TEMPFILE'" EXIT + DESTFILE="$BASEDIR/key.asc" + gpg --homedir "$BASEDIR/.gnupg" --export --armor "$KEY" > "$TEMPFILE" + mv "$TEMPFILE" "$DESTFILE" + chown reprepro:reprepro "$DESTFILE" + chmod 0664 "$DESTFILE" +fi diff --git a/manifests/init.pp b/manifests/init.pp index e96cf2d..16aa700 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,191 +1,13 @@ -class reprepro ( - $uploaders, - $basedir = '/srv/reprepro', - $origin = $::domain, - $architectures = [ 'amd64', 'i386', 'source' ], - $basedir_mode = '0771', - $incoming_mode = '1777', - $manage_distributions_conf = true, - $manage_incoming_conf = true, - $handle_incoming_with_cron = false, - $handle_incoming_with_inotify = false -){ +class reprepro { package { "reprepro": ensure => 'installed'; } - user { "reprepro": - ensure => "present", - home => "$basedir", - gid => "reprepro", - password => "*", - comment => "reprepro sandbox", - require => Group["reprepro"], - } - - if !defined(Group["reprepro"]) { - group { "reprepro": - ensure => present, - } - } - - File { - owner => reprepro, - group => reprepro, - } - - file { "$basedir": - ensure => directory, - mode => $basedir_mode, - } - file { "$basedir/conf": - ensure => directory, - mode => '0770', - } - file { "$basedir/db": - ensure => directory, - mode => '0770', - } - file { "$basedir/dists": - ensure => directory, - mode => '0775', - } - file { "$basedir/pool": - ensure => directory, - mode => '0775', - } - file { "$basedir/incoming": - ensure => directory, - mode => $incoming_mode, - } - file { "$basedir/logs": - ensure => directory, - mode => '0775', - } - file { "$basedir/tmp": - ensure => directory, - mode => '0775', - } - file { "$basedir/conf/uploaders": - mode => '0660', owner => root, - content => template("reprepro/uploaders.erb"), - } - file { "$basedir/index.html": - mode => '0664', owner => root, - content => template("reprepro/index.html.erb"), - } - - file { "$basedir/.gnupg": - ensure => directory, - mode => '0700', - } - file { "$basedir/.gnupg/secring.gpg": - ensure => present, - mode => '0600', - } file { '/usr/local/bin/reprepro-export-key': ensure => present, - content => template('reprepro/reprepro-export-key.sh.erb'), + source => "puppet:///modules/reprepro/reprepro-export-key.sh", owner => root, group => root, mode => '0755', } - exec { "/usr/local/bin/reprepro-export-key": - creates => "$basedir/key.asc", - user => reprepro, - subscribe => File["$basedir/.gnupg/secring.gpg"], - require => File["/usr/local/bin/reprepro-export-key"], - } - - - file { "$basedir/conf/distributions": - ensure => present, - } - if $manage_distributions_conf { - File["$basedir/conf/distributions"] { - owner => root, - mode => '0664', - content => template("reprepro/distributions.erb"), - } - - exec { "reprepro -b $basedir createsymlinks": - refreshonly => true, - subscribe => File["$basedir/conf/distributions"], - user => reprepro, - path => "/usr/bin:/bin", - } - exec { "reprepro -b $basedir export": - refreshonly => true, - user => reprepro, - subscribe => File["$basedir/conf/distributions"], - path => "/usr/bin:/bin", - } - } - - file { "$basedir/conf/incoming": - ensure => present, - } - if $manage_incoming_conf { - File["$basedir/conf/incoming"] { - mode => '0664', - owner => root, - source => "puppet:///modules/reprepro/incoming" - } - } - - # Handling of incoming with cron - - $cron_presence = $handle_incoming_with_cron ? { - true => present, - default => absent, - } - - cron { 'reprepro': - ensure => $cron_presence, - command => "/usr/bin/reprepro --silent -b $basedir processincoming incoming", - user => reprepro, - minute => '*/5', - require => [ Package['reprepro'], File["$basedir/conf/distributions"], - File["$basedir/incoming"], ], - } - - # Handling of incoming with inoticoming - - $inoticoming_presence = $handle_incoming_with_inotify ? { - true => present, - default => absent, - } - $inoticoming_enabled = $handle_incoming_with_inotify ? { - true => true, - default => false, - } - - package { 'inoticoming': - ensure => $inoticoming_presence, - } - file { '/etc/init.d/reprepro': - ensure => $inoticoming_presence, - owner => root, - group => root, - mode => '0755', - source => "puppet:///modules/reprepro/inoticoming.init", - } - file { '/etc/default/reprepro': - ensure => $inoticoming_presence, - owner => root, group => root, mode => '0755', - content => template('reprepro/inoticoming.default.erb'), - } - - service { 'reprepro': - ensure => $inoticoming_enabled, - enable => $inoticoming_enabled, - pattern => 'inoticoming.*reprepro.*processincoming', - require => [ Package['inoticoming'], - File['/etc/default/reprepro'], - File['/etc/init.d/reprepro'], - File["$basedir/incoming"] ], - } - -# TODO: setup needeed lines in apache site config file - } diff --git a/manifests/repository.pp b/manifests/repository.pp new file mode 100644 index 0000000..7914048 --- /dev/null +++ b/manifests/repository.pp @@ -0,0 +1,190 @@ +define reprepro::repository ( + $uploaders, + $user = 'reprepro', + $group = 'reprepro', + $basedir = '/srv/reprepro', + $origin = $::domain, + $architectures = [ 'amd64', 'i386', 'source' ], + $basedir_mode = '0771', + $incoming_mode = '1777', + $manage_distributions_conf = true, + $manage_incoming_conf = true, + $handle_incoming_with_cron = false, + $handle_incoming_with_inotify = false +) { + include reprepro + + if !defined(User[$user]) { + user { $user: + ensure => "present", + home => "$basedir", + gid => $group, + password => "*", + comment => "reprepro sandbox", + require => Group[$group], + } + } + + if !defined(Group[$group]) { + group { $group: + ensure => present, + } + } + + File { + owner => $user, + group => $group, + } + + file { "$basedir": + ensure => directory, + mode => $basedir_mode, + } + file { "$basedir/conf": + ensure => directory, + mode => '0770', + } + file { "$basedir/db": + ensure => directory, + mode => '0770', + } + file { "$basedir/dists": + ensure => directory, + mode => '0775', + } + file { "$basedir/pool": + ensure => directory, + mode => '0775', + } + file { "$basedir/incoming": + ensure => directory, + mode => $incoming_mode, + } + file { "$basedir/logs": + ensure => directory, + mode => '0775', + } + file { "$basedir/tmp": + ensure => directory, + mode => '0775', + } + file { "$basedir/conf/uploaders": + mode => '0640', owner => root, + content => template("reprepro/uploaders.erb"), + } + file { "$basedir/index.html": + mode => '0664', owner => root, + content => template("reprepro/index.html.erb"), + } + + file { "$basedir/.gnupg": + ensure => directory, + mode => '0700', + } + file { "$basedir/.gnupg/secring.gpg": + ensure => present, + mode => '0600', + } + + exec { "/usr/local/bin/reprepro-export-key '$basedir'": + creates => "$basedir/key.asc", + user => $user, + subscribe => File["$basedir/.gnupg/secring.gpg"], + require => File["/usr/local/bin/reprepro-export-key"], + } + + + file { "$basedir/conf/distributions": + ensure => present, + } + if $manage_distributions_conf { + File["$basedir/conf/distributions"] { + owner => root, + mode => '0664', + content => template("reprepro/distributions.erb"), + } + + exec { "reprepro -b $basedir createsymlinks": + refreshonly => true, + subscribe => File["$basedir/conf/distributions"], + user => $user, + path => "/usr/bin:/bin", + } + exec { "reprepro -b $basedir export": + refreshonly => true, + user => $user, + subscribe => File["$basedir/conf/distributions"], + path => "/usr/bin:/bin", + } + } + + file { "$basedir/conf/incoming": + ensure => present, + } + if $manage_incoming_conf { + File["$basedir/conf/incoming"] { + mode => '0664', + owner => root, + source => "puppet:///modules/reprepro/incoming" + } + } + + # Handling of incoming with cron + + $cron_presence = $handle_incoming_with_cron ? { + true => present, + default => absent, + } + + cron { "reprepro-$name": + ensure => $cron_presence, + command => "/usr/bin/reprepro --silent -b $basedir processincoming incoming", + user => $user, + minute => '*/5', + require => [ Package['reprepro'], File["$basedir/conf/distributions"], + File["$basedir/incoming"], ], + } + + # Handling of incoming with inoticoming + + $inoticoming_presence = $handle_incoming_with_inotify ? { + true => present, + default => absent, + } + $inoticoming_enabled = $handle_incoming_with_inotify ? { + true => true, + default => false, + } + + if !defined(Package['inoticoming']) { + package { 'inoticoming': + ensure => $inoticoming_presence, + } + } + + file { '/etc/init.d/reprepro': + ensure => $inoticoming_presence, + owner => root, + group => root, + mode => '0755', + source => "puppet:///modules/reprepro/inoticoming.init", + } + file { '/etc/default/reprepro': + ensure => $inoticoming_presence, + owner => root, group => root, mode => '0755', + content => template('reprepro/inoticoming.default.erb'), + } + + service { 'reprepro': + ensure => $inoticoming_enabled, + enable => $inoticoming_enabled, + pattern => 'inoticoming.*reprepro.*processincoming', + require => [ Package['inoticoming'], + File['/etc/default/reprepro'], + File['/etc/init.d/reprepro'], + File["$basedir/incoming"] ], + } + +# TODO: setup needeed lines in apache site config file + +} diff --git a/templates/inoticoming.default.erb b/templates/inoticoming.default.erb index a298a16..dd4d55d 100644 --- a/templates/inoticoming.default.erb +++ b/templates/inoticoming.default.erb @@ -5,7 +5,7 @@ # for an explanation of options and actions, see inoticoming(1) # user to run inoticoming as -USER=reprepro +USER=<%= @user %> # log to some file instead of syslog # required if you want to use --stdout-to-log or --stderr-to-log in actions diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb deleted file mode 100644 index bbc195c..0000000 --- a/templates/reprepro-export-key.sh.erb +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh -# -# This file is managed by Puppet. Do not edit, any changes will be overwritten! -# - -set -e - -KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)" - -if [ -n "$KEY" ]; then - TEMPFILE=$(mktemp --tmpdir='<%= @basedir %>') - trap "rm -f '$TEMPFILE'" EXIT - DESTFILE='<%= @basedir %>/key.asc' - gpg --homedir '<%= @basedir %>/.gnupg' --export --armor "$KEY" > "$TEMPFILE" - mv "$TEMPFILE" "$DESTFILE" - chown reprepro:reprepro "$DESTFILE" - chmod 0664 "$DESTFILE" -fi |