diff options
author | Micah Anderson <micah@riseup.net> | 2013-02-13 11:58:37 -0500 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2013-02-13 11:58:37 -0500 |
commit | e20017a22d135361980c4889f1827e5ecd3fd1af (patch) | |
tree | 9e7c44c39cb7b481c8320ff73c785370ed0cba9d | |
parent | 4ea15148100fdf0f8b172901c41ba58b06ff0bec (diff) | |
parent | cc12ced0f3f62c975f9f711da67770ffb33d7ba7 (diff) |
Merge branch 'master' into leap
this brings our master back to before we made some changes. I've split out
those changes into topic branches, and rebased them on top of the current state
of master. I will merge those in next
Conflicts:
manifests/init.pp
templates/distributions.erb
-rw-r--r-- | README | 6 | ||||
-rw-r--r-- | files/incoming | 2 | ||||
-rw-r--r-- | files/reprepro-export-key.sh | 19 | ||||
-rw-r--r-- | manifests/init.pp | 186 | ||||
-rw-r--r-- | manifests/repository.pp | 190 | ||||
-rw-r--r-- | templates/distributions.erb | 28 | ||||
-rw-r--r-- | templates/inoticoming.default.erb | 2 | ||||
-rw-r--r-- | templates/reprepro-export-key.sh.erb | 18 |
8 files changed, 225 insertions, 226 deletions
@@ -21,6 +21,12 @@ Instead of: class { 'reprepro': origin => 'example.com' } +Even more recent versions do not use parametrized classes anymore but +defines, in order to support multiple repositories. So you should do +instead: + + reprepro::repository { "default": origin => 'example.com' } + Parameters ========== diff --git a/files/incoming b/files/incoming index 57c6a5f..874fe1c 100644 --- a/files/incoming +++ b/files/incoming @@ -3,5 +3,5 @@ Name: incoming IncomingDir: incoming TempDir: tmp -Allow: oldstable>lenny stable>squeeze testing>wheezy unstable>sid +Allow: stable testing unstable Cleanup: on_deny on_error diff --git a/files/reprepro-export-key.sh b/files/reprepro-export-key.sh new file mode 100644 index 0000000..6e0b278 --- /dev/null +++ b/files/reprepro-export-key.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# +# This file is managed by Puppet. Do not edit, any changes will be overwritten! +# + +set -e + +BASEDIR="$1" +KEY=$(gpg --homedir "$BASEDIR/.gnupg" --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1) + +if [ -n "$KEY" ]; then + TEMPFILE=$(mktemp --tmpdir="$BASEDIR") + trap "rm -f '$TEMPFILE'" EXIT + DESTFILE="$BASEDIR/key.asc" + gpg --homedir "$BASEDIR/.gnupg" --export --armor "$KEY" > "$TEMPFILE" + mv "$TEMPFILE" "$DESTFILE" + chown reprepro:reprepro "$DESTFILE" + chmod 0664 "$DESTFILE" +fi diff --git a/manifests/init.pp b/manifests/init.pp index 00a6aad..8c5989b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,195 +1,13 @@ -class reprepro ( - $uploaders, - $basedir = '/srv/reprepro', - $origin = $::domain, - $architectures = [ 'amd64', 'i386', 'source' ], - $basedir_mode = '0771', - $incoming_mode = '1777', - $manage_distributions_conf = true, - $manage_incoming_conf = true, - $handle_incoming_with_cron = false, - $handle_incoming_with_inotify = false, - $signwith = 'yes', - $secring_source = undef, - $index_template = 'reprepro/index.html.erb', -){ +class reprepro { package { 'reprepro': ensure => 'installed'; } - user { 'reprepro': - ensure => present, - home => $basedir, - gid => 'reprepro', - password => '*', - comment => 'reprepro sandbox', - require => Group['reprepro'], - } - - if !defined(Group['reprepro']) { - group { 'reprepro': - ensure => present, - } - } - - File { - owner => reprepro, - group => reprepro, - } - - file { $basedir: - ensure => directory, - mode => $basedir_mode, - } - file { "${basedir}/conf": - ensure => directory, - mode => '0770', - } - file { "${basedir}/db": - ensure => directory, - mode => '0770', - } - file { "${basedir}/dists": - ensure => directory, - mode => '0775', - } - file { "${basedir}/pool": - ensure => directory, - mode => '0775', - } - file { "${basedir}/incoming": - ensure => directory, - mode => $incoming_mode, - } - file { "${basedir}/logs": - ensure => directory, - mode => '0775', - } - file { "${basedir}/tmp": - ensure => directory, - mode => '0775', - } - file { "${basedir}/conf/uploaders": - mode => '0660', owner => root, - content => template('reprepro/uploaders.erb'), - } - file { "${basedir}/index.html": - mode => '0664', owner => root, - content => template($index_template), - } - - file { "${basedir}/.gnupg": - ensure => directory, - mode => '0700', - } - file { "${basedir}/.gnupg/secring.gpg": - source => $secring_source, - ensure => present, - mode => '0600', - } file { '/usr/local/bin/reprepro-export-key': ensure => present, - content => template('reprepro/reprepro-export-key.sh.erb'), + source => "puppet:///modules/reprepro/reprepro-export-key.sh", owner => root, group => root, mode => '0755', } - exec { '/usr/local/bin/reprepro-export-key': - creates => "${basedir}/key.asc", - user => reprepro, - subscribe => File["${basedir}/.gnupg/secring.gpg"], - require => File['/usr/local/bin/reprepro-export-key'], - } - - - file { "${basedir}/conf/distributions": - ensure => present, - } - if $manage_distributions_conf { - File["${basedir}/conf/distributions"] { - owner => root, - mode => '0664', - content => template('reprepro/distributions.erb'), - } - - exec { "reprepro -b ${basedir} createsymlinks": - refreshonly => true, - subscribe => File["${basedir}/conf/distributions"], - user => reprepro, - path => '/usr/bin:/bin', - } - exec { "reprepro -b ${basedir} export": - refreshonly => true, - user => reprepro, - subscribe => File["${basedir}/conf/distributions"], - path => '/usr/bin:/bin', - } - } - - file { "${basedir}/conf/incoming": - ensure => present, - } - if $manage_incoming_conf { - File["${basedir}/conf/incoming"] { - mode => '0664', - owner => root, - source => 'puppet:///modules/reprepro/incoming' - } - } - - # Handling of incoming with cron - - $cron_presence = $handle_incoming_with_cron ? { - true => present, - default => absent, - } - - cron { 'reprepro': - ensure => $cron_presence, - command => "/usr/bin/reprepro --silent -b ${basedir} processincoming incoming", - user => reprepro, - minute => '*/5', - require => [ Package['reprepro'], File["${basedir}/conf/distributions"], - File["${basedir}/incoming"], ], - } - - # Handling of incoming with inoticoming - - $inoticoming_presence = $handle_incoming_with_inotify ? { - true => present, - default => absent, - } - $inoticoming_enabled = $handle_incoming_with_inotify ? { - true => true, - default => false, - } - - package { 'inoticoming': - ensure => $inoticoming_presence, - } - file { '/etc/init.d/reprepro': - ensure => $inoticoming_presence, - owner => root, - group => root, - mode => '0755', - source => 'puppet:///modules/reprepro/inoticoming.init', - } - file { '/etc/default/reprepro': - ensure => $inoticoming_presence, - owner => root, group => root, mode => '0755', - content => template('reprepro/inoticoming.default.erb'), - } - - service { 'reprepro': - ensure => $inoticoming_enabled, - enable => $inoticoming_enabled, - pattern => 'inoticoming.*reprepro.*processincoming', - require => [ Package['inoticoming'], - File['/etc/default/reprepro'], - File['/etc/init.d/reprepro'], - File["$basedir/incoming"] ], - } - -# TODO: setup needeed lines in apache site config file - } diff --git a/manifests/repository.pp b/manifests/repository.pp new file mode 100644 index 0000000..7914048 --- /dev/null +++ b/manifests/repository.pp @@ -0,0 +1,190 @@ +define reprepro::repository ( + $uploaders, + $user = 'reprepro', + $group = 'reprepro', + $basedir = '/srv/reprepro', + $origin = $::domain, + $architectures = [ 'amd64', 'i386', 'source' ], + $basedir_mode = '0771', + $incoming_mode = '1777', + $manage_distributions_conf = true, + $manage_incoming_conf = true, + $handle_incoming_with_cron = false, + $handle_incoming_with_inotify = false +) { + include reprepro + + if !defined(User[$user]) { + user { $user: + ensure => "present", + home => "$basedir", + gid => $group, + password => "*", + comment => "reprepro sandbox", + require => Group[$group], + } + } + + if !defined(Group[$group]) { + group { $group: + ensure => present, + } + } + + File { + owner => $user, + group => $group, + } + + file { "$basedir": + ensure => directory, + mode => $basedir_mode, + } + file { "$basedir/conf": + ensure => directory, + mode => '0770', + } + file { "$basedir/db": + ensure => directory, + mode => '0770', + } + file { "$basedir/dists": + ensure => directory, + mode => '0775', + } + file { "$basedir/pool": + ensure => directory, + mode => '0775', + } + file { "$basedir/incoming": + ensure => directory, + mode => $incoming_mode, + } + file { "$basedir/logs": + ensure => directory, + mode => '0775', + } + file { "$basedir/tmp": + ensure => directory, + mode => '0775', + } + file { "$basedir/conf/uploaders": + mode => '0640', owner => root, + content => template("reprepro/uploaders.erb"), + } + file { "$basedir/index.html": + mode => '0664', owner => root, + content => template("reprepro/index.html.erb"), + } + + file { "$basedir/.gnupg": + ensure => directory, + mode => '0700', + } + file { "$basedir/.gnupg/secring.gpg": + ensure => present, + mode => '0600', + } + + exec { "/usr/local/bin/reprepro-export-key '$basedir'": + creates => "$basedir/key.asc", + user => $user, + subscribe => File["$basedir/.gnupg/secring.gpg"], + require => File["/usr/local/bin/reprepro-export-key"], + } + + + file { "$basedir/conf/distributions": + ensure => present, + } + if $manage_distributions_conf { + File["$basedir/conf/distributions"] { + owner => root, + mode => '0664', + content => template("reprepro/distributions.erb"), + } + + exec { "reprepro -b $basedir createsymlinks": + refreshonly => true, + subscribe => File["$basedir/conf/distributions"], + user => $user, + path => "/usr/bin:/bin", + } + exec { "reprepro -b $basedir export": + refreshonly => true, + user => $user, + subscribe => File["$basedir/conf/distributions"], + path => "/usr/bin:/bin", + } + } + + file { "$basedir/conf/incoming": + ensure => present, + } + if $manage_incoming_conf { + File["$basedir/conf/incoming"] { + mode => '0664', + owner => root, + source => "puppet:///modules/reprepro/incoming" + } + } + + # Handling of incoming with cron + + $cron_presence = $handle_incoming_with_cron ? { + true => present, + default => absent, + } + + cron { "reprepro-$name": + ensure => $cron_presence, + command => "/usr/bin/reprepro --silent -b $basedir processincoming incoming", + user => $user, + minute => '*/5', + require => [ Package['reprepro'], File["$basedir/conf/distributions"], + File["$basedir/incoming"], ], + } + + # Handling of incoming with inoticoming + + $inoticoming_presence = $handle_incoming_with_inotify ? { + true => present, + default => absent, + } + $inoticoming_enabled = $handle_incoming_with_inotify ? { + true => true, + default => false, + } + + if !defined(Package['inoticoming']) { + package { 'inoticoming': + ensure => $inoticoming_presence, + } + } + + file { '/etc/init.d/reprepro': + ensure => $inoticoming_presence, + owner => root, + group => root, + mode => '0755', + source => "puppet:///modules/reprepro/inoticoming.init", + } + file { '/etc/default/reprepro': + ensure => $inoticoming_presence, + owner => root, group => root, mode => '0755', + content => template('reprepro/inoticoming.default.erb'), + } + + service { 'reprepro': + ensure => $inoticoming_enabled, + enable => $inoticoming_enabled, + pattern => 'inoticoming.*reprepro.*processincoming', + require => [ Package['inoticoming'], + File['/etc/default/reprepro'], + File['/etc/init.d/reprepro'], + File["$basedir/incoming"] ], + } + +# TODO: setup needeed lines in apache site config file + +} diff --git a/templates/distributions.erb b/templates/distributions.erb index 350d4da..0e98142 100644 --- a/templates/distributions.erb +++ b/templates/distributions.erb @@ -2,44 +2,28 @@ Origin: <%= @origin %> Label: <%= @origin %> -Suite: oldstable -Pull: stable -Codename: lenny -Version: 5.0 -Architectures: <%= @architectures.join(' ') %> -Components: main non-free contrib -Description: <%= @origin %> specific (or backported) packages -SignWith: <%= signwith %> -Uploaders: uploaders - -Origin: <%= @origin %> -Label: <%= @origin %> Suite: stable Pull: testing -Codename: squeeze -Version: 6.0 +Codename: stable Architectures: <%= @architectures.join(' ') %> Components: main non-free contrib -Description: <%= @origin %> specific (or backported) packages -SignWith: <%= signwith %> Uploaders: uploaders Origin: <%= @origin %> Label: <%= @origin %> Suite: testing -Codename: wheezy +Pull: unstable +Codename: testing Architectures: <%= @architectures.join(' ') %> Components: main non-free contrib -Description: <%= @origin %> specific (or backported) packages -SignWith: <%= signwith %> +SignWith: yes Uploaders: uploaders Origin: <%= @origin %> Label: <%= @origin %> Suite: unstable -Codename: sid +Codename: unstable Architectures: <%= @architectures.join(' ') %> Components: main non-free contrib -Description: <%= @origin %> specific (or backported) packages -SignWith: <%= signwith %> +SignWith: yes Uploaders: uploaders diff --git a/templates/inoticoming.default.erb b/templates/inoticoming.default.erb index a298a16..dd4d55d 100644 --- a/templates/inoticoming.default.erb +++ b/templates/inoticoming.default.erb @@ -5,7 +5,7 @@ # for an explanation of options and actions, see inoticoming(1) # user to run inoticoming as -USER=reprepro +USER=<%= @user %> # log to some file instead of syslog # required if you want to use --stdout-to-log or --stderr-to-log in actions diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb deleted file mode 100644 index bbc195c..0000000 --- a/templates/reprepro-export-key.sh.erb +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh -# -# This file is managed by Puppet. Do not edit, any changes will be overwritten! -# - -set -e - -KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)" - -if [ -n "$KEY" ]; then - TEMPFILE=$(mktemp --tmpdir='<%= @basedir %>') - trap "rm -f '$TEMPFILE'" EXIT - DESTFILE='<%= @basedir %>/key.asc' - gpg --homedir '<%= @basedir %>/.gnupg' --export --armor "$KEY" > "$TEMPFILE" - mv "$TEMPFILE" "$DESTFILE" - chown reprepro:reprepro "$DESTFILE" - chmod 0664 "$DESTFILE" -fi |