diff options
| -rw-r--r-- | README | 6 | ||||
| -rw-r--r-- | files/incoming | 2 | ||||
| -rw-r--r-- | files/reprepro-export-key.sh | 19 | ||||
| -rw-r--r-- | manifests/init.pp | 186 | ||||
| -rw-r--r-- | manifests/repository.pp | 190 | ||||
| -rw-r--r-- | templates/distributions.erb | 28 | ||||
| -rw-r--r-- | templates/inoticoming.default.erb | 2 | ||||
| -rw-r--r-- | templates/reprepro-export-key.sh.erb | 18 |
8 files changed, 225 insertions, 226 deletions
@@ -21,6 +21,12 @@ Instead of: class { 'reprepro': origin => 'example.com' } +Even more recent versions do not use parametrized classes anymore but +defines, in order to support multiple repositories. So you should do +instead: + + reprepro::repository { "default": origin => 'example.com' } + Parameters ========== diff --git a/files/incoming b/files/incoming index 57c6a5f..874fe1c 100644 --- a/files/incoming +++ b/files/incoming @@ -3,5 +3,5 @@ Name: incoming IncomingDir: incoming TempDir: tmp -Allow: oldstable>lenny stable>squeeze testing>wheezy unstable>sid +Allow: stable testing unstable Cleanup: on_deny on_error diff --git a/files/reprepro-export-key.sh b/files/reprepro-export-key.sh new file mode 100644 index 0000000..6e0b278 --- /dev/null +++ b/files/reprepro-export-key.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# +# This file is managed by Puppet. Do not edit, any changes will be overwritten! +# + +set -e + +BASEDIR="$1" +KEY=$(gpg --homedir "$BASEDIR/.gnupg" --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1) + +if [ -n "$KEY" ]; then + TEMPFILE=$(mktemp --tmpdir="$BASEDIR") + trap "rm -f '$TEMPFILE'" EXIT + DESTFILE="$BASEDIR/key.asc" + gpg --homedir "$BASEDIR/.gnupg" --export --armor "$KEY" > "$TEMPFILE" + mv "$TEMPFILE" "$DESTFILE" + chown reprepro:reprepro "$DESTFILE" + chmod 0664 "$DESTFILE" +fi diff --git a/manifests/init.pp b/manifests/init.pp index 00a6aad..8c5989b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,195 +1,13 @@ -class reprepro ( - $uploaders, - $basedir = '/srv/reprepro', - $origin = $::domain, - $architectures = [ 'amd64', 'i386', 'source' ], - $basedir_mode = '0771', - $incoming_mode = '1777', - $manage_distributions_conf = true, - $manage_incoming_conf = true, - $handle_incoming_with_cron = false, - $handle_incoming_with_inotify = false, - $signwith = 'yes', - $secring_source = undef, - $index_template = 'reprepro/index.html.erb', -){ +class reprepro { package { 'reprepro': ensure => 'installed'; } - user { 'reprepro': - ensure => present, - home => $basedir, - gid => 'reprepro', - password => '*', - comment => 'reprepro sandbox', - require => Group['reprepro'], - } - - if !defined(Group['reprepro']) { - group { 'reprepro': - ensure => present, - } - } - - File { - owner => reprepro, - group => reprepro, - } - - file { $basedir: - ensure => directory, - mode => $basedir_mode, - } - file { "${basedir}/conf": - ensure => directory, - mode => '0770', - } - file { "${basedir}/db": - ensure => directory, - mode => '0770', - } - file { "${basedir}/dists": - ensure => directory, - mode => '0775', - } - file { "${basedir}/pool": - ensure => directory, - mode => '0775', - } - file { "${basedir}/incoming": - ensure => directory, - mode => $incoming_mode, - } - file { "${basedir}/logs": - ensure => directory, - mode => '0775', - } - file { "${basedir}/tmp": - ensure => directory, - mode => '0775', - } - file { "${basedir}/conf/uploaders": - mode => '0660', owner => root, - content => template('reprepro/uploaders.erb'), - } - file { "${basedir}/index.html": - mode => '0664', owner => root, - content => template($index_template), - } - - file { "${basedir}/.gnupg": - ensure => directory, - mode => '0700', - } - file { "${basedir}/.gnupg/secring.gpg": - source => $secring_source, - ensure => present, - mode => '0600', - } file { '/usr/local/bin/reprepro-export-key': ensure => present, - content => template('reprepro/reprepro-export-key.sh.erb'), + source => "puppet:///modules/reprepro/reprepro-export-key.sh", owner => root, group => root, mode => '0755', } - exec { '/usr/local/bin/reprepro-export-key': - creates => "${basedir}/key.asc", - user => reprepro, - subscribe => File["${basedir}/.gnupg/secring.gpg"], - require => File['/usr/local/bin/reprepro-export-key'], - } - - - file { "${basedir}/conf/distributions": - ensure => present, - } - if $manage_distributions_conf { - File["${basedir}/conf/distributions"] { - owner => root, - mode => '0664', - content => template('reprepro/distributions.erb'), - } - - exec { "reprepro -b ${basedir} createsymlinks": - refreshonly => true, - subscribe => File["${basedir}/conf/distributions"], - user => reprepro, - path => '/usr/bin:/bin', - } - exec { "reprepro -b ${basedir} export": - refreshonly => true, - user => reprepro, - subscribe => File["${basedir}/conf/distributions"], - path => '/usr/bin:/bin', - } - } - - file { "${basedir}/conf/incoming": - ensure => present, - } - if $manage_incoming_conf { - File["${basedir}/conf/incoming"] { - mode => '0664', - owner => root, - source => 'puppet:///modules/reprepro/incoming' - } - } - - # Handling of incoming with cron - - $cron_presence = $handle_incoming_with_cron ? { - true => present, - default => absent, - } - - cron { 'reprepro': - ensure => $cron_presence, - command => "/usr/bin/reprepro --silent -b ${basedir} processincoming incoming", - user => reprepro, - minute => '*/5', - require => [ Package['reprepro'], File["${basedir}/conf/distributions"], - File["${basedir}/incoming"], ], - } - - # Handling of incoming with inoticoming - - $inoticoming_presence = $handle_incoming_with_inotify ? { - true => present, - default => absent, - } - $inoticoming_enabled = $handle_incoming_with_inotify ? { - true => true, - default => false, - } - - package { 'inoticoming': - ensure => $inoticoming_presence, - } - file { '/etc/init.d/reprepro': - ensure => $inoticoming_presence, - owner => root, - group => root, - mode => '0755', - source => 'puppet:///modules/reprepro/inoticoming.init', - } - file { '/etc/default/reprepro': - ensure => $inoticoming_presence, - owner => root, group => root, mode => '0755', - content => template('reprepro/inoticoming.default.erb'), - } - - service { 'reprepro': - ensure => $inoticoming_enabled, - enable => $inoticoming_enabled, - pattern => 'inoticoming.*reprepro.*processincoming', - require => [ Package['inoticoming'], - File['/etc/default/reprepro'], - File['/etc/init.d/reprepro'], - File["$basedir/incoming"] ], - } - -# TODO: setup needeed lines in apache site config file - } diff --git a/manifests/repository.pp b/manifests/repository.pp new file mode 100644 index 0000000..7914048 --- /dev/null +++ b/manifests/repository.pp @@ -0,0 +1,190 @@ +define reprepro::repository ( + $uploaders, + $user = 'reprepro', + $group = 'reprepro', + $basedir = '/srv/reprepro', + $origin = $::domain, + $architectures = [ 'amd64', 'i386', 'source' ], + $basedir_mode = '0771', + $incoming_mode = '1777', + $manage_distributions_conf = true, + $manage_incoming_conf = true, + $handle_incoming_with_cron = false, + $handle_incoming_with_inotify = false +) { + include reprepro + + if !defined(User[$user]) { + user { $user: + ensure => "present", + home => "$basedir", + gid => $group, + password => "*", + comment => "reprepro sandbox", + require => Group[$group], + } + } + + if !defined(Group[$group]) { + group { $group: + ensure => present, + } + } + + File { + owner => $user, + group => $group, + } + + file { "$basedir": + ensure => directory, + mode => $basedir_mode, + } + file { "$basedir/conf": + ensure => directory, + mode => '0770', + } + file { "$basedir/db": + ensure => directory, + mode => '0770', + } + file { "$basedir/dists": + ensure => directory, + mode => '0775', + } + file { "$basedir/pool": + ensure => directory, + mode => '0775', + } + file { "$basedir/incoming": + ensure => directory, + mode => $incoming_mode, + } + file { "$basedir/logs": + ensure => directory, + mode => '0775', + } + file { "$basedir/tmp": + ensure => directory, + mode => '0775', + } + file { "$basedir/conf/uploaders": + mode => '0640', owner => root, + content => template("reprepro/uploaders.erb"), + } + file { "$basedir/index.html": + mode => '0664', owner => root, + content => template("reprepro/index.html.erb"), + } + + file { "$basedir/.gnupg": + ensure => directory, + mode => '0700', + } + file { "$basedir/.gnupg/secring.gpg": + ensure => present, + mode => '0600', + } + + exec { "/usr/local/bin/reprepro-export-key '$basedir'": + creates => "$basedir/key.asc", + user => $user, + subscribe => File["$basedir/.gnupg/secring.gpg"], + require => File["/usr/local/bin/reprepro-export-key"], + } + + + file { "$basedir/conf/distributions": + ensure => present, + } + if $manage_distributions_conf { + File["$basedir/conf/distributions"] { + owner => root, + mode => '0664', + content => template("reprepro/distributions.erb"), + } + + exec { "reprepro -b $basedir createsymlinks": + refreshonly => true, + subscribe => File["$basedir/conf/distributions"], + user => $user, + path => "/usr/bin:/bin", + } + exec { "reprepro -b $basedir export": + refreshonly => true, + user => $user, + subscribe => File["$basedir/conf/distributions"], + path => "/usr/bin:/bin", + } + } + + file { "$basedir/conf/incoming": + ensure => present, + } + if $manage_incoming_conf { + File["$basedir/conf/incoming"] { + mode => '0664', + owner => root, + source => "puppet:///modules/reprepro/incoming" + } + } + + # Handling of incoming with cron + + $cron_presence = $handle_incoming_with_cron ? { + true => present, + default => absent, + } + + cron { "reprepro-$name": + ensure => $cron_presence, + command => "/usr/bin/reprepro --silent -b $basedir processincoming incoming", + user => $user, + minute => '*/5', + require => [ Package['reprepro'], File["$basedir/conf/distributions"], + File["$basedir/incoming"], ], + } + + # Handling of incoming with inoticoming + + $inoticoming_presence = $handle_incoming_with_inotify ? { + true => present, + default => absent, + } + $inoticoming_enabled = $handle_incoming_with_inotify ? { + true => true, + default => false, + } + + if !defined(Package['inoticoming']) { + package { 'inoticoming': + ensure => $inoticoming_presence, + } + } + + file { '/etc/init.d/reprepro': + ensure => $inoticoming_presence, + owner => root, + group => root, + mode => '0755', + source => "puppet:///modules/reprepro/inoticoming.init", + } + file { '/etc/default/reprepro': + ensure => $inoticoming_presence, + owner => root, group => root, mode => '0755', + content => template('reprepro/inoticoming.default.erb'), + } + + service { 'reprepro': + ensure => $inoticoming_enabled, + enable => $inoticoming_enabled, + pattern => 'inoticoming.*reprepro.*processincoming', + require => [ Package['inoticoming'], + File['/etc/default/reprepro'], + File['/etc/init.d/reprepro'], + File["$basedir/incoming"] ], + } + +# TODO: setup needeed lines in apache site config file + +} diff --git a/templates/distributions.erb b/templates/distributions.erb index 350d4da..0e98142 100644 --- a/templates/distributions.erb +++ b/templates/distributions.erb @@ -2,44 +2,28 @@ Origin: <%= @origin %> Label: <%= @origin %> -Suite: oldstable -Pull: stable -Codename: lenny -Version: 5.0 -Architectures: <%= @architectures.join(' ') %> -Components: main non-free contrib -Description: <%= @origin %> specific (or backported) packages -SignWith: <%= signwith %> -Uploaders: uploaders - -Origin: <%= @origin %> -Label: <%= @origin %> Suite: stable Pull: testing -Codename: squeeze -Version: 6.0 +Codename: stable Architectures: <%= @architectures.join(' ') %> Components: main non-free contrib -Description: <%= @origin %> specific (or backported) packages -SignWith: <%= signwith %> Uploaders: uploaders Origin: <%= @origin %> Label: <%= @origin %> Suite: testing -Codename: wheezy +Pull: unstable +Codename: testing Architectures: <%= @architectures.join(' ') %> Components: main non-free contrib -Description: <%= @origin %> specific (or backported) packages -SignWith: <%= signwith %> +SignWith: yes Uploaders: uploaders Origin: <%= @origin %> Label: <%= @origin %> Suite: unstable -Codename: sid +Codename: unstable Architectures: <%= @architectures.join(' ') %> Components: main non-free contrib -Description: <%= @origin %> specific (or backported) packages -SignWith: <%= signwith %> +SignWith: yes Uploaders: uploaders diff --git a/templates/inoticoming.default.erb b/templates/inoticoming.default.erb index a298a16..dd4d55d 100644 --- a/templates/inoticoming.default.erb +++ b/templates/inoticoming.default.erb @@ -5,7 +5,7 @@ # for an explanation of options and actions, see inoticoming(1) # user to run inoticoming as -USER=reprepro +USER=<%= @user %> # log to some file instead of syslog # required if you want to use --stdout-to-log or --stderr-to-log in actions diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb deleted file mode 100644 index bbc195c..0000000 --- a/templates/reprepro-export-key.sh.erb +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh -# -# This file is managed by Puppet. Do not edit, any changes will be overwritten! -# - -set -e - -KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)" - -if [ -n "$KEY" ]; then - TEMPFILE=$(mktemp --tmpdir='<%= @basedir %>') - trap "rm -f '$TEMPFILE'" EXIT - DESTFILE='<%= @basedir %>/key.asc' - gpg --homedir '<%= @basedir %>/.gnupg' --export --armor "$KEY" > "$TEMPFILE" - mv "$TEMPFILE" "$DESTFILE" - chown reprepro:reprepro "$DESTFILE" - chmod 0664 "$DESTFILE" -fi |