Puppet Class: profile::mariadb::check_private_data
- Defined in:
- modules/profile/manifests/mariadb/check_private_data.pp
Overview
Deploy script and dependencies needed to check no private data persists on the database
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 |
# File 'modules/profile/manifests/mariadb/check_private_data.pp', line 3
class profile::mariadb::check_private_data {
file { '/etc/mysql/private_tables.txt':
ensure => file,
content => template('role/mariadb/private_tables.txt.erb'),
owner => 'root',
group => 'root',
mode => '0644',
}
file { '/etc/mysql/filtered_tables.txt':
ensure => file,
source => 'puppet:///modules/role/mariadb/filtered_tables.txt',
owner => 'root',
group => 'root',
mode => '0644',
}
file { '/usr/local/sbin/check_private_data.py':
ensure => file,
source => 'puppet:///modules/role/mariadb/check_private_data.py',
owner => 'root',
group => 'root',
mode => '0744',
require => [Package['python3-yaml', 'python3-pymysql'],
Git::Clone['operations/mediawiki-config'],
File['/etc/mysql/filtered_tables.txt'],
File['/etc/mysql/private_tables.txt'],
],
}
file { '/usr/local/sbin/check_private_data_report':
ensure => file,
source => 'puppet:///modules/role/mariadb/check_private_data_report',
owner => 'root',
group => 'root',
mode => '0744',
}
systemd::timer::job { 'check-private-data':
ensure => present,
description => 'Regular jobs for checking and reporting private data',
user => 'root',
monitoring_enabled => false,
logging_enabled => false,
command => '/usr/local/sbin/check_private_data_report',
interval => {'start' => 'OnCalendar', 'interval' => '*-*-* 05:00:00'},
require => [
File['/usr/local/sbin/check_private_data_report'],
File['/usr/local/sbin/check_private_data.py'],
],
}
file { '/usr/local/sbin/redact_sanitarium.sh':
ensure => file,
source => 'puppet:///modules/role/mariadb/redact_sanitarium.sh',
owner => 'root',
group => 'root',
mode => '0744',
require => File['/etc/mysql/filtered_tables.txt'],
}
}
|