buildsystem/manifests/init.pp

class buildsystem {

    class base {
        $build_login = "iurt"
        $build_home_dir = "/home/$build_login"
        $sched_login = "schedbot"
        $sched_home_dir = "/var/lib/$sched_login"
        $packages_archivedir = "$sched_home_dir/old"
        $sign_login = "signbot"
        $sign_home_dir = "/var/lib/$sign_login"
        $sign_keydir = "$sign_home_dir/keys"
        # FIXME: maybe keyid should be defined at an other place
        $sign_keyid = "80420F66"
        $repository_root = "/distrib/bootstrap"
        $mirror_root = "/distrib/mirror"
        $maintdb_url = 'http://www.maintdb2.mageia.org.uk/maintainers_packages/create'
        # FIXME: Test password. Real password should be in extdata.
        $maintdb_key = 'm1g234'
        $packagers_group = 'mga-packagers'
        $createsrpm_path = '/usr/share/repsys/create-srpm'

        include ssh::auth
        ssh::auth::key { $build_login: # declare a key for build bot: RSA, 2048 bits
                home => $build_home_dir,
        }
        ssh::auth::key { $sched_login: # declare a key for sched bot: RSA, 2048 bits
                home => $sched_home_dir,
        }
    }

    class mainnode inherits base {
        include iurtuser

        sshuser { $sched_login:
          homedir => $sched_home_dir,
          comment => "System user used to schedule builds",
        }

        ssh::auth::client { $sched_login: }
        ssh::auth::server { $sched_login: }
        ssh::auth::server { $build_login: }

        # FIXME Add again task-bs-cluster-main when it will require mgarepo instead of repsys
        $package_list = ['iurt']
        package { $package_list:
            ensure => "installed"
        }

        apache::vhost_other_app { "repository.$domain":
            vhost_file => "buildsystem/vhost_repository.conf",
        }

        $location = "/var/www/bs"
        apache::vhost_base { "pkgsubmit.$domain":
            aliases => { "/uploads" => "$sched_home_dir/uploads" },
            location => $location,
            content => template("buildsystem/vhost_pkgsubmit.conf"),
        }

        subversion::snapshot { $location:
            source => "svn://svn.$domain/soft/buildsystem/web/",
        }

        file { "$repository_root/distrib/cauldron/i586/media/media_info/media.cfg":
            ensure => present,
            owner => $sched_login,
            group => $sched_login,
            mode => 644,
            source => "puppet:///modules/buildsystem/i586/media.cfg",
        }

        file { "$repository_root/distrib/cauldron/x86_64/media/media_info/media.cfg":
            ensure => present,
            owner => $sched_login,
            group => $sched_login,
            mode => 644,
            source => "puppet:///modules/buildsystem/x86_64/media.cfg",
        }

        include scheduler
        include gatherer
        include mgarepo
        include youri_submit
        include check_missing_deps 
        include signbot
    }

    class buildnode inherits base {
        include iurt
    }

    class signbot {
        sshuser { $sign_login:
          homedir => $sign_home_dir,
          comment => "System user used to sign packages",
          groups => [$sched_login],
        }

        gnupg::keys{"packages":
          email => "packages@$domain",
          #FIXME there should be a variable somewhere to change the name of the distribution
          key_name => 'Mageia Packages',
          login => $sign_login,
          batchdir => "$sign_home_dir/batches",
          keydir => $sign_keydir,
        }

        sudo::sudoers_config { "signpackage":
            content => template("buildsystem/sudoers.signpackage")
        }

        file { "$sign_home_dir/.rpmmacros":
            ensure => present,
            owner => root,
            group => root,
            mode => 644,
            content => template("buildsystem/signbot-rpmmacros")
        }

        file { "/usr/local/bin/sign-check-package":
            ensure => present,
            owner => root,
            group => root,
            mode => 755,
            content => template("buildsystem/sign-check-package")
        }
    }

    class scheduler {
        # ulri        
        include iurtupload
    }

    class gatherer {
        # emi
        include iurtupload
    }

    class iurtupload {
        file { "/etc/iurt/upload.conf":
            ensure => present,
            owner => $build_login,
            group => $build_login,
            mode => 644,
            require => File["/etc/iurt"],
            content => template("buildsystem/upload.conf")
        }
    }

    class maintdb inherits base {
        include sudo
        $maintdb_login = "maintdb"
        $maintdb_homedir = "/var/lib/maintdb"
        $maintdb_dbdir = "$maintdb_homedir/db"
        $maintdb_binpath = "/usr/local/sbin/maintdb"
        $maintdb_wrappath = "/usr/local/bin/wrapper.maintdb"
        $maintdb_dump = "/var/www/bs/data/maintdb.txt"

        user {"$maintdb_login":
            ensure => present,
            comment => "Maintainers database",
            managehome => true,
            shell => "/bin/bash",
            home => "$maintdb_homedir",
        }

        file { "$maintdb_dbdir":
           ensure => directory,
           owner => "$maintdb_login",
           group => "$maintdb_login",
           mode => 700,
           require => User["$maintdb_login"],
        }

        file { "$maintdb_binpath":
           ensure => present,
           owner => root,
           group => root,
           mode => 755,
           content => template("buildsystem/maintdb")
        }

        file { "$maintdb_wrappath":
           ensure => present,
           owner => root,
           group => root,
           mode => 755,
           content => template("buildsystem/wrapper.maintdb")
        }

        sudo::sudoers_config { "maintdb":
            content => template("buildsystem/sudoers.maintdb")
        }

        file { "$maintdb_dump":
           ensure => present,
           owner => $maintdb_login,
           mode => 644,
        }

        cron { "update maintdb export":
            user => $maintdb_login,
            command => "$maintdb_binpath root get > $maintdb_dump",
            minute => "*/30",
        }

    }
    
    class mgarepo {
        package { 'mgarepo':

        }

        package { 'rpm-build':
        }

        file { "repsys.conf":
          path => "/etc/repsys.conf",
          owner  => root,
          group => root,
          mode => 644,
          content => template("buildsystem/repsys.conf")
        }

        file { "$packages_archivedir":
            ensure => "directory",
            owner  => $sched_login,
            require => File[$sched_home_dir],
        }

        file { "$sched_home_dir/repsys":
            ensure => "directory",
            owner  => $sched_login,
            require => File[$sched_home_dir],
        }

        file { ["$sched_home_dir/repsys/tmp", "$sched_home_dir/repsys/srpms"]:
            ensure => "directory",
            owner  => $sched_login,
            group => "mga-packagers",
            mode => 1775,
            require => File["$sched_home_dir/repsys"],
        }

        # FIXME: disabled temporarly as upload dir is a symlink to /var/lib/repsys/uploads
        #file { "$sched_home_dir/uploads":
        #    ensure => "directory",
        #    owner  => $sched_login,
        #    require => File[$sched_home_dir],
        #}

        # too tedious to create everything by hand
        # so I prefered to used some puppet ruby module
        # the exact content and directory name should IMHO be consolidated somewhere
        import "create_upload_dir.rb"
        create_upload_dir { "$sched_home_dir/uploads":
            owner => $sched_login, 
            group => $sched_login,
        } 
        
        tidy { "$sched_home_dir/uploads":
            age     => "2w",
            recurse => true,
            type    => "ctime",
        }

        tidy { "$packages_archivedir":
            age     => "1w",
            matches => "*.rpm",
            recurse => true,
            type    => "ctime",
        }
    }

    class youri_submit {
        include sudo

        file { "/usr/local/bin/mga-youri-submit":
          owner  => root,
          group => root,
          mode => 755,
          content => template("buildsystem/mga-youri-submit")
        }

        file { "/usr/local/bin/mga-youri-submit.wrapper":
          owner  => root,
          group => root,
          mode => 755,
          content => template("buildsystem/mga-youri-submit.wrapper")
        }

        sudo::sudoers_config { "mga-youri-submit":
            content => template("buildsystem/sudoers.youri")
        }

        # directory that hold configuration auto extracted after upload
        # of the rpmlint policy
        file { "/etc/rpmlint/extracted.d/":
            ensure => directory,
            owner => $sched_login,
        }

        file { "/etc/youri":
            ensure => "directory",
        }

        file { "/etc/youri/submit-todo.conf":
            ensure => present,
            mode => 644,
            require => File["/etc/youri"],
            content => template("buildsystem/submit-todo.conf")
        }

        file { "/etc/youri/submit-upload.conf":
            ensure => present,
            mode => 644,
            require => File["/etc/youri"],
            content => template("buildsystem/submit-upload.conf")
        }

        file { "/etc/youri/acl.conf":
            ensure => present,
            mode => 644,
            require => File["/etc/youri"],
            content => template("buildsystem/youri_acl.conf")
        }

        file { '/usr/local/bin/submit_package':
            ensure => present,
            mode => 755,
            content => template('buildsystem/submit_package')
        }

        # FIXME use the correct perl directory
        file { "/usr/lib/perl5/site_perl/5.10.1/Youri/Repository":
            ensure => "directory",
        }

        file { '/usr/lib/perl5/site_perl/5.10.1/Youri/Repository/Mageia.pm':
            ensure => present,
            mode => 644,
            require => File["/usr/lib/perl5/site_perl/5.10.1/Youri/Repository"],
            source => "puppet:///modules/buildsystem/Mageia.pm",
        }

        $package_list = ['perl-SVN', 'mdv-distrib-tools', 'perl-Youri-Media',
                         'perl-Youri-Package', 'perl-Youri-Repository',
                         'perl-Youri-Utils', 'perl-Youri-Config', 'mga-youri-submit']

        package { $package_list:
            ensure => installed;
        }
    }

    # $groups: array of secondary groups (only local groups, no ldap)
    define sshuser($homedir, $comment, $groups = []) {
        group {"$title": 
            ensure => present,
        }

        user {"$title":
            ensure => present,
            comment => $comment,
            managehome => true,
            home => $homedir,
            gid => $title,
            groups => $groups,
            shell => "/bin/bash",
            notify => Exec["unlock$title"],
            require => Group[$title],
        }

        # set password to * to unlock the account but forbid login through login
        exec { "unlock$title":
            command => "usermod -p '*' $title",
            refreshonly => true,
        }

        file { $homedir:
            ensure => "directory",
            require => User[$title],
        }

        file { "$homedir/.ssh":
            ensure => "directory",
            mode   => 600,
            owner  => $title,
            group  => $title,
            require => File[$homedir],
        }
    }

    class iurtuser {
        sshuser { $build_login:
          homedir => $build_home_dir,
          comment => "System user used to run build bots",
        }

        file { "/etc/iurt":
            ensure => "directory",
        }
    }

    class iurt {
        include sudo
        include iurtuser
        ssh::auth::client { $build_login: }
        ssh::auth::server { $sched_login: user => $build_login }

        # build node common settings
        # we could have the following skip list to use less space:
        # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
        $package_list = ['task-bs-cluster-chroot', 'iurt']
        package { $package_list:
            ensure => installed;
        }

        file { "/etc/iurt/build":
            ensure => "directory",
            require => File["/etc/iurt"],
        }

        file { "/etc/iurt/build/cauldron.conf":
            ensure => present,
            owner => $build_login,
            group => $build_login,
            mode => 644,
            require => File["/etc/iurt/build"],
            content => template("buildsystem/iurt.cauldron.conf")
        }

        file { "/etc/iurt/build/1.conf":
            ensure => present,
            owner => $build_login,
            group => $build_login,
            mode => 644,
            require => File["/etc/iurt/build"],
            content => template("buildsystem/iurt.1.conf")
        }

        file { "/etc/iurt/build/mandriva2010.1.conf":
            ensure => present,
            owner => $build_login,
            group => $build_login,
            mode => 644,
            require => File["/etc/iurt/build"],
            content => template("buildsystem/iurt.mandriva2010.1.conf")
        }

        sudo::sudoers_config { "iurt":
            content => template("buildsystem/sudoers.iurt")
        }
    }

    # temporary script to create home dir with ssh key
    # taking login and url as arguments
    class mgacreatehome {
        file { "/usr/local/sbin/mgacreatehome":
            ensure => present,
            owner => root,
            group => root,
            mode => 700,
            content => template("buildsystem/mgacreatehome")
        }
    }

    class check_missing_deps {
        file { "/usr/local/bin/missing-deps.sh":
            ensure => present,
            owner => root,
            group => root,
            mode => 755,
            source => "puppet:///modules/buildsystem/missing-deps.sh",
        }
    
        # FIXME hardcoded path
        cron { "check missing deps":
            command => "cd /var/www/bs/data && /usr/local/bin/missing-deps.sh",
            minute => "*/15",
        }
    }

    class release {
        subversion::snapshot { "/root/release":
            source => "svn://svn.$domain/soft/release/trunk/",
        }

        package { "hardlink":
            ensure => "installed",
        }
    }

    # A script to copy on valstar the 2010.1 rpms built on jonund
    class sync20101 inherits base {
       file { "/usr/local/bin/sync2010.1":
           ensure => present,
           owner => root,
           group => root,
           mode => 755,
           content => template("buildsystem/sync2010.1"),
       }
    }

    # a script to build 2010.1 packages. used on jonund
    class iurt20101 inherits base {
       file { "/usr/local/bin/iurt2010.1":
           ensure => present,
           owner => root,
           group => root,
           mode => 755,
           content => template("buildsystem/iurt2010.1"),
       }
    }
}
1	misc	213	class buildsystem {
2	dmorgan	86
3	boklm	356	class base {
4			$build_login = "iurt"
5	blino	387	$build_home_dir = "/home/$build_login"
6	blino	397	$sched_login = "schedbot"
7	boklm	917	$sched_home_dir = "/var/lib/$sched_login"
8	boklm	1223	$packages_archivedir = "$sched_home_dir/old"
9	boklm	861	$sign_login = "signbot"
10			$sign_home_dir = "/var/lib/$sign_login"
11	boklm	969	$sign_keydir = "$sign_home_dir/keys"
12			# FIXME: maybe keyid should be defined at an other place
13			$sign_keyid = "80420F66"
14	blino	545	$repository_root = "/distrib/bootstrap"
15	blino	1398	$mirror_root = "/distrib/mirror"
16	boklm	1388	$maintdb_url = 'http://www.maintdb2.mageia.org.uk/maintainers_packages/create'
17	boklm	1384	# FIXME: Test password. Real password should be in extdata.
18			$maintdb_key = 'm1g234'
19	boklm	817	$packagers_group = 'mga-packagers'
20			$createsrpm_path = '/usr/share/repsys/create-srpm'
21	blino	366
22			include ssh::auth
23	boklm	918	ssh::auth::key { $build_login: # declare a key for build bot: RSA, 2048 bits
24			home => $build_home_dir,
25			}
26			ssh::auth::key { $sched_login: # declare a key for sched bot: RSA, 2048 bits
27			home => $sched_home_dir,
28			}
29	boklm	356	}
30	boklm	355
31	boklm	356	class mainnode inherits base {
32	blino	381	include iurtuser
33	blino	353
34	blino	395	sshuser { $sched_login:
35			homedir => $sched_home_dir,
36			comment => "System user used to schedule builds",
37			}
38
39	blino	399	ssh::auth::client { $sched_login: }
40	blino	573	ssh::auth::server { $sched_login: }
41	blino	399	ssh::auth::server { $build_login: }
42
43	pterjan	703	# FIXME Add again task-bs-cluster-main when it will require mgarepo instead of repsys
44			$package_list = ['iurt']
45	blino	398	package { $package_list:
46	blino	350	ensure => "installed"
47			}
48	blino	403
49			apache::vhost_other_app { "repository.$domain":
50	blino	404	vhost_file => "buildsystem/vhost_repository.conf",
51	blino	403	}
52
53	misc	1284	$location = "/var/www/bs"
54	misc	1283	apache::vhost_base { "pkgsubmit.$domain":
55			aliases => { "/uploads" => "$sched_home_dir/uploads" },
56	misc	1284	location => $location,
57	boklm	1300	content => template("buildsystem/vhost_pkgsubmit.conf"),
58	blino	466	}
59
60	misc	1284	subversion::snapshot { $location:
61			source => "svn://svn.$domain/soft/buildsystem/web/",
62			}
63
64	boklm	1582	file { "$repository_root/distrib/cauldron/i586/media/media_info/media.cfg":
65	boklm	1580	ensure => present,
66			owner => $sched_login,
67			group => $sched_login,
68			mode => 644,
69			source => "puppet:///modules/buildsystem/i586/media.cfg",
70			}
71
72	boklm	1582	file { "$repository_root/distrib/cauldron/x86_64/media/media_info/media.cfg":
73	boklm	1580	ensure => present,
74			owner => $sched_login,
75			group => $sched_login,
76			mode => 644,
77			source => "puppet:///modules/buildsystem/x86_64/media.cfg",
78			}
79
80	blino	430	include scheduler
81	blino	431	include gatherer
82	pterjan	700	include mgarepo
83	blino	517	include youri_submit
84	misc	860	include check_missing_deps
85	boklm	964	include signbot
86	blino	350	}
87
88	boklm	356	class buildnode inherits base {
89	misc	213	include iurt
90	dmorgan	86	}
91
92	boklm	964	class signbot {
93			sshuser { $sign_login:
94			homedir => $sign_home_dir,
95			comment => "System user used to sign packages",
96			groups => [$sched_login],
97			}
98
99			gnupg::keys{"packages":
100			email => "packages@$domain",
101			#FIXME there should be a variable somewhere to change the name of the distribution
102			key_name => 'Mageia Packages',
103			login => $sign_login,
104			batchdir => "$sign_home_dir/batches",
105	boklm	969	keydir => $sign_keydir,
106	boklm	964	}
107	boklm	966
108			sudo::sudoers_config { "signpackage":
109			content => template("buildsystem/sudoers.signpackage")
110			}
111	boklm	976
112			file { "$sign_home_dir/.rpmmacros":
113			ensure => present,
114			owner => root,
115			group => root,
116			mode => 644,
117			content => template("buildsystem/signbot-rpmmacros")
118			}
119	boklm	1023
120			file { "/usr/local/bin/sign-check-package":
121			ensure => present,
122			owner => root,
123			group => root,
124			mode => 755,
125			content => template("buildsystem/sign-check-package")
126			}
127	boklm	964	}
128
129	misc	265	class scheduler {
130			# ulri
131	blino	430	include iurtupload
132	misc	265	}
133
134	blino	431	class gatherer {
135	misc	265	# emi
136	blino	430	include iurtupload
137	misc	265	}
138	blino	430
139			class iurtupload {
140	blino	432	file { "/etc/iurt/upload.conf":
141	blino	430	ensure => present,
142			owner => $build_login,
143			group => $build_login,
144			mode => 644,
145			require => File["/etc/iurt"],
146			content => template("buildsystem/upload.conf")
147			}
148			}
149	boklm	1829
150	boklm	1838	class maintdb inherits base {
151	boklm	1837	include sudo
152	boklm	1829	$maintdb_login = "maintdb"
153			$maintdb_homedir = "/var/lib/maintdb"
154	boklm	1834	$maintdb_dbdir = "$maintdb_homedir/db"
155	boklm	1829	$maintdb_binpath = "/usr/local/sbin/maintdb"
156			$maintdb_wrappath = "/usr/local/bin/wrapper.maintdb"
157	misc	1859	$maintdb_dump = "/var/www/bs/data/maintdb.txt"
158	boklm	1829
159			user {"$maintdb_login":
160			ensure => present,
161			comment => "Maintainers database",
162			managehome => true,
163			shell => "/bin/bash",
164			home => "$maintdb_homedir",
165			}
166
167			file { "$maintdb_dbdir":
168			ensure => directory,
169			owner => "$maintdb_login",
170			group => "$maintdb_login",
171			mode => 700,
172			require => User["$maintdb_login"],
173			}
174
175			file { "$maintdb_binpath":
176			ensure => present,
177			owner => root,
178			group => root,
179			mode => 755,
180			content => template("buildsystem/maintdb")
181			}
182
183			file { "$maintdb_wrappath":
184			ensure => present,
185			owner => root,
186			group => root,
187			mode => 755,
188			content => template("buildsystem/wrapper.maintdb")
189			}
190	boklm	1837
191			sudo::sudoers_config { "maintdb":
192			content => template("buildsystem/sudoers.maintdb")
193			}
194
195	misc	1859	file { "$maintdb_dump":
196			ensure => present,
197			owner => $maintdb_login,
198			mode => 644,
199			}
200
201	boklm	1842	cron { "update maintdb export":
202	misc	1847	user => $maintdb_login,
203	misc	1859	command => "$maintdb_binpath root get > $maintdb_dump",
204	boklm	1843	minute => "*/30",
205	boklm	1841	}
206
207	boklm	1829	}
208	misc	265
209	pterjan	700	class mgarepo {
210			package { 'mgarepo':
211	misc	265
212			}
213
214	blino	505	package { 'rpm-build':
215			}
216
217	blino	500	file { "repsys.conf":
218			path => "/etc/repsys.conf",
219			owner => root,
220			group => root,
221			mode => 644,
222			content => template("buildsystem/repsys.conf")
223			}
224	blino	502
225	boklm	1223	file { "$packages_archivedir":
226			ensure => "directory",
227			owner => $sched_login,
228			require => File[$sched_home_dir],
229			}
230
231	blino	502	file { "$sched_home_dir/repsys":
232			ensure => "directory",
233	blino	508	owner => $sched_login,
234	blino	502	require => File[$sched_home_dir],
235			}
236
237	misc	1484	file { ["$sched_home_dir/repsys/tmp", "$sched_home_dir/repsys/srpms"]:
238	blino	502	ensure => "directory",
239	blino	508	owner => $sched_login,
240	boklm	512	group => "mga-packagers",
241	boklm	510	mode => 1775,
242	blino	502	require => File["$sched_home_dir/repsys"],
243			}
244
245	boklm	915	# FIXME: disabled temporarly as upload dir is a symlink to /var/lib/repsys/uploads
246			#file { "$sched_home_dir/uploads":
247			# ensure => "directory",
248			# owner => $sched_login,
249			# require => File[$sched_home_dir],
250			#}
251	misc	886
252			# too tedious to create everything by hand
253			# so I prefered to used some puppet ruby module
254			# the exact content and directory name should IMHO be consolidated somewhere
255			import "create_upload_dir.rb"
256	boklm	915	create_upload_dir { "$sched_home_dir/uploads":
257			owner => $sched_login,
258	boklm	968	group => $sched_login,
259	boklm	915	}
260	pterjan	1511
261	pterjan	1515	tidy { "$sched_home_dir/uploads":
262	pterjan	1511	age => "2w",
263			recurse => true,
264			type => "ctime",
265			}
266	pterjan	1224
267			tidy { "$packages_archivedir":
268	pterjan	1225	age => "1w",
269	pterjan	1224	matches => "*.rpm",
270			recurse => true,
271	pterjan	1226	type => "ctime",
272	pterjan	1224	}
273	misc	265	}
274
275	blino	516	class youri_submit {
276	boklm	522	include sudo
277
278	blino	1469	file { "/usr/local/bin/mga-youri-submit":
279	blino	516	owner => root,
280			group => root,
281			mode => 755,
282	blino	1469	content => template("buildsystem/mga-youri-submit")
283	blino	516	}
284
285	blino	1469	file { "/usr/local/bin/mga-youri-submit.wrapper":
286	blino	516	owner => root,
287			group => root,
288			mode => 755,
289	blino	1469	content => template("buildsystem/mga-youri-submit.wrapper")
290	blino	516	}
291
292	blino	1469	sudo::sudoers_config { "mga-youri-submit":
293	blino	516	content => template("buildsystem/sudoers.youri")
294			}
295	blino	543
296	misc	1875	# directory that hold configuration auto extracted after upload
297			# of the rpmlint policy
298			file { "/etc/rpmlint/extracted.d/":
299			ensure => directory,
300			owner => $sched_login,
301			}
302
303	blino	543	file { "/etc/youri":
304			ensure => "directory",
305			}
306
307			file { "/etc/youri/submit-todo.conf":
308			ensure => present,
309			mode => 644,
310			require => File["/etc/youri"],
311			content => template("buildsystem/submit-todo.conf")
312			}
313	pterjan	682
314	pterjan	685	file { "/etc/youri/submit-upload.conf":
315	pterjan	682	ensure => present,
316			mode => 644,
317			require => File["/etc/youri"],
318	pterjan	685	content => template("buildsystem/submit-upload.conf")
319	pterjan	682	}
320	boklm	772
321			file { "/etc/youri/acl.conf":
322			ensure => present,
323			mode => 644,
324			require => File["/etc/youri"],
325			content => template("buildsystem/youri_acl.conf")
326			}
327	boklm	817
328			file { '/usr/local/bin/submit_package':
329			ensure => present,
330			mode => 755,
331			content => template('buildsystem/submit_package')
332			}
333	pterjan	1390
334			# FIXME use the correct perl directory
335			file { "/usr/lib/perl5/site_perl/5.10.1/Youri/Repository":
336			ensure => "directory",
337			}
338
339			file { '/usr/lib/perl5/site_perl/5.10.1/Youri/Repository/Mageia.pm':
340			ensure => present,
341			mode => 644,
342			require => File["/usr/lib/perl5/site_perl/5.10.1/Youri/Repository"],
343			source => "puppet:///modules/buildsystem/Mageia.pm",
344			}
345
346			$package_list = ['perl-SVN', 'mdv-distrib-tools', 'perl-Youri-Media',
347			'perl-Youri-Package', 'perl-Youri-Repository',
348	blino	1470	'perl-Youri-Utils', 'perl-Youri-Config', 'mga-youri-submit']
349	pterjan	1390
350			package { $package_list:
351			ensure => installed;
352			}
353	blino	516	}
354
355	boklm	862	# $groups: array of secondary groups (only local groups, no ldap)
356			define sshuser($homedir, $comment, $groups = []) {
357	blino	394	group {"$title":
358	blino	351	ensure => present,
359			}
360
361	blino	394	user {"$title":
362	blino	351	ensure => present,
363	blino	393	comment => $comment,
364	blino	351	managehome => true,
365	boklm	916	home => $homedir,
366	blino	394	gid => $title,
367	boklm	862	groups => $groups,
368	blino	351	shell => "/bin/bash",
369	blino	394	notify => Exec["unlock$title"],
370	blino	424	require => Group[$title],
371	blino	351	}
372	blino	372
373	blino	386	# set password to * to unlock the account but forbid login through login
374	blino	394	exec { "unlock$title":
375			command => "usermod -p '*' $title",
376	blino	386	refreshonly => true,
377			}
378
379	blino	393	file { $homedir:
380	blino	383	ensure => "directory",
381	blino	423	require => User[$title],
382	blino	383	}
383
384	blino	393	file { "$homedir/.ssh":
385	blino	372	ensure => "directory",
386			mode => 600,
387	blino	394	owner => $title,
388			group => $title,
389	blino	423	require => File[$homedir],
390	blino	372	}
391	blino	351	}
392
393	blino	393	class iurtuser {
394	blino	394	sshuser { $build_login:
395			homedir => $build_home_dir,
396			comment => "System user used to run build bots",
397			}
398	blino	429
399			file { "/etc/iurt":
400			ensure => "directory",
401			}
402	blino	393	}
403
404	misc	213	class iurt {
405	boklm	216	include sudo
406	blino	381	include iurtuser
407	blino	366	ssh::auth::client { $build_login: }
408	blino	396	ssh::auth::server { $sched_login: user => $build_login }
409	misc	213
410			# build node common settings
411			# we could have the following skip list to use less space:
412			# '/(drakx-installer-binaries\|drakx-installer-advertising\|gfxboot\|drakx-installer-stage2\|mandriva-theme)/'
413			$package_list = ['task-bs-cluster-chroot', 'iurt']
414			package { $package_list:
415			ensure => installed;
416			}
417
418	blino	426	file { "/etc/iurt/build":
419			ensure => "directory",
420	blino	428	require => File["/etc/iurt"],
421	blino	426	}
422
423	blino	425	file { "/etc/iurt/build/cauldron.conf":
424	misc	213	ensure => present,
425			owner => $build_login,
426			group => $build_login,
427			mode => 644,
428	blino	426	require => File["/etc/iurt/build"],
429	boklm	218	content => template("buildsystem/iurt.cauldron.conf")
430	misc	213	}
431
432	pterjan	1730	file { "/etc/iurt/build/1.conf":
433			ensure => present,
434			owner => $build_login,
435			group => $build_login,
436			mode => 644,
437			require => File["/etc/iurt/build"],
438			content => template("buildsystem/iurt.1.conf")
439			}
440
441	boklm	648	file { "/etc/iurt/build/mandriva2010.1.conf":
442			ensure => present,
443			owner => $build_login,
444			group => $build_login,
445			mode => 644,
446			require => File["/etc/iurt/build"],
447			content => template("buildsystem/iurt.mandriva2010.1.conf")
448			}
449
450	boklm	770	sudo::sudoers_config { "iurt":
451	boklm	218	content => template("buildsystem/sudoers.iurt")
452	boklm	216	}
453	dmorgan	86	}
454	boklm	696
455			# temporary script to create home dir with ssh key
456			# taking login and url as arguments
457			class mgacreatehome {
458			file { "/usr/local/sbin/mgacreatehome":
459			ensure => present,
460			owner => root,
461			group => root,
462			mode => 700,
463			content => template("buildsystem/mgacreatehome")
464			}
465			}
466	misc	859
467			class check_missing_deps {
468			file { "/usr/local/bin/missing-deps.sh":
469			ensure => present,
470			owner => root,
471			group => root,
472	boklm	869	mode => 755,
473	boklm	868	source => "puppet:///modules/buildsystem/missing-deps.sh",
474	misc	859	}
475
476			# FIXME hardcoded path
477			cron { "check missing deps":
478			command => "cd /var/www/bs/data && /usr/local/bin/missing-deps.sh",
479			minute => "*/15",
480			}
481			}
482	boklm	1489
483	boklm	1646	class release {
484			subversion::snapshot { "/root/release":
485			source => "svn://svn.$domain/soft/release/trunk/",
486			}
487
488			package { "hardlink":
489			ensure => "installed",
490			}
491			}
492
493	boklm	1568	# A script to copy on valstar the 2010.1 rpms built on jonund
494			class sync20101 inherits base {
495			file { "/usr/local/bin/sync2010.1":
496			ensure => present,
497			owner => root,
498			group => root,
499			mode => 755,
500			content => template("buildsystem/sync2010.1"),
501			}
502			}
503
504			# a script to build 2010.1 packages. used on jonund
505	boklm	1491	class iurt20101 inherits base {
506	boklm	1489	file { "/usr/local/bin/iurt2010.1":
507			ensure => present,
508			owner => root,
509			group => root,
510			mode => 755,
511	boklm	1492	content => template("buildsystem/iurt2010.1"),
512	boklm	1489	}
513			}
514	dmorgan	86	}