Puppet Class: releases::reprepro::upload

Defined in:
modules/releases/manifests/reprepro/upload.pp

Overview

Parameters:

  • private_key (String) (defaults to: 'releases/id_rsa.upload')
  • user (String) (defaults to: 'releases')
  • group (String) (defaults to: 'releases')
  • sudo_user (String) (defaults to: '%wikidev')
  • homedir (Stdlib::Unixpath) (defaults to: '/var/lib/releases')
  • upload_host (Optional[String]) (defaults to: undef)


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
# File 'modules/releases/manifests/reprepro/upload.pp', line 1

class releases::reprepro::upload (
    String $private_key  = 'releases/id_rsa.upload',
    String $user         = 'releases',
    String $group        = 'releases',
    String $sudo_user    = '%wikidev',
    Stdlib::Unixpath $homedir      = '/var/lib/releases',
    Optional[String] $upload_host  = undef,
) {
    group { 'releases':
        ensure => present,
        name   => $group,
    }

    user { 'releases':
        ensure     => present,
        name       => $user,
        home       => $homedir,
        shell      => '/bin/false',
        comment    => 'Releases user',
        gid        => $group,
        managehome => true,
        require    => Group['releases'],
    }

    file { "${homedir}/.ssh":
        ensure  => directory,
        owner   => $user,
        group   => $group,
        mode    => '0700',
        require => User['releases'],
    }

    file { "${homedir}/.ssh/id_rsa.${upload_host}":
        ensure    => file,
        owner     => $user,
        group     => $group,
        mode      => '0600',
        require   => User['releases'],
        content   => secret($private_key),
        show_diff => false,
    }

    file { "${homedir}/.ssh/config":
        ensure  => file,
        owner   => $user,
        group   => $group,
        mode    => '0600',
        require => User['releases'],
        content => template('releases/ssh_config.erb'),
    }

    file { "${homedir}/.dput.cf":
        ensure  => file,
        owner   => $user,
        group   => $group,
        mode    => '0600',
        require => User['releases'],
        content => template('releases/dput.erb'),
    }

    file { '/usr/local/bin/deb-upload':
        ensure  => file,
        owner   => $user,
        group   => $group,
        mode    => '0555',
        require => User['releases'],
        source  => 'puppet:///modules/releases/deb-upload',
    }

    package { 'dput':
        before => File['/usr/local/bin/deb-upload'],
    }

    sudo::user { 'releases_dput':
        user       => $sudo_user,
        privileges => ["ALL = (${user}) NOPASSWD: /usr/bin/dput"],
    }

    # T83213
    package { 'unzip':
        ensure => 'present',
    }
}