Puppet Class: profile::opensearch::dashboards::phatality
- Defined in:
- modules/profile/manifests/opensearch/dashboards/phatality.pp
Overview
SPDX-License-Identifier: Apache-2.0
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'modules/profile/manifests/opensearch/dashboards/phatality.pp', line 2
class profile::opensearch::dashboards::phatality (
$enabled = lookup('profile::opensearch::dashboards::phatality::enabled', { 'default_value' => true }),
$provision_scap = lookup('profile::opensearch::dashboards::phatality::provision_scap', { 'default_value' => true }),
) {
if $enabled {
# All files in /usr/share/opensearch-dashboards are owned by root, but `opensearch-dashboards-plugin install`
# recommends it not be run as root.
# Here we will change ownership of the plugins directory to opensearch-dashboards so that plugin installation
# can be run as the opensearch-dashboards user.
file { '/usr/share/opensearch-dashboards/plugins':
owner => 'opensearch-dashboards',
group => 'opensearch-dashboards',
require => Package['opensearch-dashboards']
}
file { '/usr/share/opensearch-dashboards/bin/upgrade-phatality.sh':
ensure => 'file',
mode => '0555',
source => 'puppet:///modules/profile/opensearch/dashboards/phatality/upgrade-phatality.sh',
}
if $provision_scap {
scap::target { 'releng/phatality':
deploy_user => 'deploy-service',
manage_user => true,
require => [
Package['opensearch-dashboards'],
],
}
$plugincmd = '/usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin'
$deploydir = '/srv/deployment/releng/phatality/deploy'
sudo::user { 'opensearch-dashboards-deploy-phatality':
user => 'deploy-service',
privileges => [
"ALL = (opensearch-dashboards) NOPASSWD: ${plugincmd} install file\\://${deploydir}/*",
"ALL = (opensearch-dashboards) NOPASSWD: ${plugincmd} remove *",
'ALL = (root) NOPASSWD: /usr/bin/systemctl restart opensearch-dashboards',
]
}
}
} else {
scap::target { 'releng/phatality':
ensure => 'absent'
}
sudo::user { 'opensearch-dashboards-deploy-phatality':
ensure => 'absent'
}
file { '/usr/share/opensearch-dashboards/bin/upgrade-phatality.sh':
ensure => 'absent'
}
}
}
|