buildsystem/manifests/init.pp

class buildsystem {

    class base {
        $build_login = "iurt"
        $build_home_dir = "/home/$build_login"
        $sched_login = "schedbot"
        $sched_home_dir = "/home/$sched_login"

        include ssh::auth
        ssh::auth::key { $build_login: } # declare a key for build bot: RSA, 2048 bits
    }

    class mainnode inherits base {
        include iurtuser
        ssh::auth::server { $build_login: }

        package { "task-bs-cluster-main":
            ensure => "installed"
        }
    }

    class buildnode inherits base {
        include iurt
    }

    class scheduler {
        # ulri        
    }

    class dispatcher {
        # emi
    }
    
    class repsys {
        package { 'repsys':

        }


    }

    define sshuser($homedir, $comment) {
        group {"$title": 
            ensure => present,
        }

        user {"$title":
            ensure => present,
            comment => $comment,
            managehome => true,
            gid => $title,
            shell => "/bin/bash",
            notify => Exec["unlock$title"],
        }

        # set password to * to unlock the account but forbid login through login
        exec { "unlock$title":
            command => "usermod -p '*' $title",
            refreshonly => true,
        }

        file { $homedir:
            ensure => "directory",
        }

        file { "$homedir/.ssh":
            ensure => "directory",
            mode   => 600,
            owner  => $title,
            group  => $title,
        }
    }

    class iurtuser {
        sshuser { $build_login:
          homedir => $build_home_dir,
          comment => "System user used to run build bots",
        }
    }

    class iurt {
        include sudo
        include iurtuser
        ssh::auth::client { $build_login: }

        # build node common settings
        # we could have the following skip list to use less space:
        # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
        $package_list = ['task-bs-cluster-chroot', 'iurt']
        package { $package_list:
            ensure => installed;
        }

        file { "$build_home_dir/.iurt.cauldron.conf":
            ensure => present,
            owner => $build_login,
            group => $build_login,
            mode => 644,
            content => template("buildsystem/iurt.cauldron.conf")
        }

        file { "/etc/sudoers.d/iurt":
            ensure => present,
            owner => root,
            group => root,
            mode => 440,
            content => template("buildsystem/sudoers.iurt")
        }
    }
}
1	misc	213	class buildsystem {
2	dmorgan	86
3	boklm	356	class base {
4			$build_login = "iurt"
5	blino	387	$build_home_dir = "/home/$build_login"
6	blino	393	$sched_login = "schedbot"
7			$sched_home_dir = "/home/$sched_login"
8	blino	366
9			include ssh::auth
10			ssh::auth::key { $build_login: } # declare a key for build bot: RSA, 2048 bits
11	boklm	356	}
12	boklm	355
13	boklm	356	class mainnode inherits base {
14	blino	381	include iurtuser
15	blino	366	ssh::auth::server { $build_login: }
16	blino	353
17	blino	350	package { "task-bs-cluster-main":
18			ensure => "installed"
19			}
20			}
21
22	boklm	356	class buildnode inherits base {
23	misc	213	include iurt
24	dmorgan	86	}
25
26	misc	265	class scheduler {
27			# ulri
28			}
29
30			class dispatcher {
31			# emi
32			}
33
34			class repsys {
35			package { 'repsys':
36
37			}
38
39
40			}
41
42	blino	394	define sshuser($homedir, $comment) {
43			group {"$title":
44	blino	351	ensure => present,
45			}
46
47	blino	394	user {"$title":
48	blino	351	ensure => present,
49	blino	393	comment => $comment,
50	blino	351	managehome => true,
51	blino	394	gid => $title,
52	blino	351	shell => "/bin/bash",
53	blino	394	notify => Exec["unlock$title"],
54	blino	351	}
55	blino	372
56	blino	386	# set password to * to unlock the account but forbid login through login
57	blino	394	exec { "unlock$title":
58			command => "usermod -p '*' $title",
59	blino	386	refreshonly => true,
60			}
61
62	blino	393	file { $homedir:
63	blino	383	ensure => "directory",
64			}
65
66	blino	393	file { "$homedir/.ssh":
67	blino	372	ensure => "directory",
68			mode => 600,
69	blino	394	owner => $title,
70			group => $title,
71	blino	372	}
72	blino	351	}
73
74	blino	393	class iurtuser {
75	blino	394	sshuser { $build_login:
76			homedir => $build_home_dir,
77			comment => "System user used to run build bots",
78			}
79	blino	393	}
80
81	misc	213	class iurt {
82	boklm	216	include sudo
83	blino	381	include iurtuser
84	blino	366	ssh::auth::client { $build_login: }
85	misc	213
86			# build node common settings
87			# we could have the following skip list to use less space:
88			# '/(drakx-installer-binaries\|drakx-installer-advertising\|gfxboot\|drakx-installer-stage2\|mandriva-theme)/'
89			$package_list = ['task-bs-cluster-chroot', 'iurt']
90			package { $package_list:
91			ensure => installed;
92			}
93
94	blino	351	file { "$build_home_dir/.iurt.cauldron.conf":
95	misc	213	ensure => present,
96			owner => $build_login,
97			group => $build_login,
98			mode => 644,
99	boklm	218	content => template("buildsystem/iurt.cauldron.conf")
100	misc	213	}
101
102	boklm	216	file { "/etc/sudoers.d/iurt":
103			ensure => present,
104			owner => root,
105			group => root,
106	boklm	219	mode => 440,
107	boklm	218	content => template("buildsystem/sudoers.iurt")
108	boklm	216	}
109	dmorgan	86	}
110			}