/[adm]/puppet/modules/buildsystem/manifests/init.pp
ViewVC logotype

Annotation of /puppet/modules/buildsystem/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 399 - (hide annotations) (download)
Mon Nov 22 13:59:56 2010 UTC (13 years, 4 months ago) by blino
File size: 2987 byte(s)
create schedbot user before writing ssh config files

1 misc 213 class buildsystem {
2 dmorgan 86
3 boklm 356 class base {
4     $build_login = "iurt"
5 blino 387 $build_home_dir = "/home/$build_login"
6 blino 397 $sched_login = "schedbot"
7 blino 393 $sched_home_dir = "/home/$sched_login"
8 blino 366
9     include ssh::auth
10     ssh::auth::key { $build_login: } # declare a key for build bot: RSA, 2048 bits
11 blino 395 ssh::auth::key { $sched_login: } # declare a key for sched bot: RSA, 2048 bits
12 boklm 356 }
13 boklm 355
14 boklm 356 class mainnode inherits base {
15 blino 381 include iurtuser
16 blino 353
17 blino 395 sshuser { $sched_login:
18     homedir => $sched_home_dir,
19     comment => "System user used to schedule builds",
20     }
21    
22 blino 399 ssh::auth::client { $sched_login: }
23     ssh::auth::server { $build_login: }
24    
25 blino 398 $package_list = ['task-bs-cluster-main', 'iurt']
26     package { $package_list:
27 blino 350 ensure => "installed"
28     }
29     }
30    
31 boklm 356 class buildnode inherits base {
32 misc 213 include iurt
33 dmorgan 86 }
34    
35 misc 265 class scheduler {
36     # ulri
37     }
38    
39     class dispatcher {
40     # emi
41     }
42    
43     class repsys {
44     package { 'repsys':
45    
46     }
47    
48    
49     }
50    
51 blino 394 define sshuser($homedir, $comment) {
52     group {"$title":
53 blino 351 ensure => present,
54     }
55    
56 blino 394 user {"$title":
57 blino 351 ensure => present,
58 blino 393 comment => $comment,
59 blino 351 managehome => true,
60 blino 394 gid => $title,
61 blino 351 shell => "/bin/bash",
62 blino 394 notify => Exec["unlock$title"],
63 blino 351 }
64 blino 372
65 blino 386 # set password to * to unlock the account but forbid login through login
66 blino 394 exec { "unlock$title":
67     command => "usermod -p '*' $title",
68 blino 386 refreshonly => true,
69     }
70    
71 blino 393 file { $homedir:
72 blino 383 ensure => "directory",
73     }
74    
75 blino 393 file { "$homedir/.ssh":
76 blino 372 ensure => "directory",
77     mode => 600,
78 blino 394 owner => $title,
79     group => $title,
80 blino 372 }
81 blino 351 }
82    
83 blino 393 class iurtuser {
84 blino 394 sshuser { $build_login:
85     homedir => $build_home_dir,
86     comment => "System user used to run build bots",
87     }
88 blino 393 }
89    
90 misc 213 class iurt {
91 boklm 216 include sudo
92 blino 381 include iurtuser
93 blino 366 ssh::auth::client { $build_login: }
94 blino 396 ssh::auth::server { $sched_login: user => $build_login }
95 misc 213
96     # build node common settings
97     # we could have the following skip list to use less space:
98     # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
99     $package_list = ['task-bs-cluster-chroot', 'iurt']
100     package { $package_list:
101     ensure => installed;
102     }
103    
104 blino 351 file { "$build_home_dir/.iurt.cauldron.conf":
105 misc 213 ensure => present,
106     owner => $build_login,
107     group => $build_login,
108     mode => 644,
109 boklm 218 content => template("buildsystem/iurt.cauldron.conf")
110 misc 213 }
111    
112 boklm 216 file { "/etc/sudoers.d/iurt":
113     ensure => present,
114     owner => root,
115     group => root,
116 boklm 219 mode => 440,
117 boklm 218 content => template("buildsystem/sudoers.iurt")
118 boklm 216 }
119 dmorgan 86 }
120     }

  ViewVC Help
Powered by ViewVC 1.1.30