/[adm]/puppet/modules/buildsystem/manifests/init.pp
ViewVC logotype

Annotation of /puppet/modules/buildsystem/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 503 - (hide annotations) (download)
Sun Dec 5 22:40:31 2010 UTC (13 years, 3 months ago) by blino
File size: 4730 byte(s)
mga-committers should be able to write in /home/schedbot/repsys/tmp

1 misc 213 class buildsystem {
2 dmorgan 86
3 boklm 356 class base {
4     $build_login = "iurt"
5 blino 387 $build_home_dir = "/home/$build_login"
6 blino 397 $sched_login = "schedbot"
7 blino 393 $sched_home_dir = "/home/$sched_login"
8 blino 366
9     include ssh::auth
10     ssh::auth::key { $build_login: } # declare a key for build bot: RSA, 2048 bits
11 blino 395 ssh::auth::key { $sched_login: } # declare a key for sched bot: RSA, 2048 bits
12 boklm 356 }
13 boklm 355
14 boklm 356 class mainnode inherits base {
15 blino 381 include iurtuser
16 blino 353
17 blino 395 sshuser { $sched_login:
18     homedir => $sched_home_dir,
19     comment => "System user used to schedule builds",
20     }
21    
22 blino 399 ssh::auth::client { $sched_login: }
23     ssh::auth::server { $build_login: }
24    
25 blino 398 $package_list = ['task-bs-cluster-main', 'iurt']
26     package { $package_list:
27 blino 350 ensure => "installed"
28     }
29 blino 403
30     apache::vhost_other_app { "repository.$domain":
31 blino 404 vhost_file => "buildsystem/vhost_repository.conf",
32 blino 403 }
33    
34 blino 466 apache::vhost_other_app { "pkgsubmit.$domain":
35     vhost_file => "buildsystem/vhost_pkgsubmit.conf",
36     }
37    
38 blino 430 include scheduler
39 blino 431 include gatherer
40 blino 500 include repsys
41 blino 350 }
42    
43 boklm 356 class buildnode inherits base {
44 misc 213 include iurt
45 dmorgan 86 }
46    
47 misc 265 class scheduler {
48     # ulri
49 blino 430 include iurtupload
50 misc 265 }
51    
52 blino 431 class gatherer {
53 misc 265 # emi
54 blino 430 include iurtupload
55 misc 265 }
56 blino 430
57     class iurtupload {
58 blino 432 file { "/etc/iurt/upload.conf":
59 blino 430 ensure => present,
60     owner => $build_login,
61     group => $build_login,
62     mode => 644,
63     require => File["/etc/iurt"],
64     content => template("buildsystem/upload.conf")
65     }
66     }
67 misc 265
68     class repsys {
69     package { 'repsys':
70    
71     }
72    
73 blino 500 file { "repsys.conf":
74     path => "/etc/repsys.conf",
75     owner => root,
76     group => root,
77     mode => 644,
78     content => template("buildsystem/repsys.conf")
79     }
80 blino 502
81     file { "$sched_home_dir/repsys":
82     ensure => "directory",
83     require => File[$sched_home_dir],
84     }
85    
86     file { "$sched_home_dir/repsys/tmp":
87     ensure => "directory",
88 blino 503 group => "mga-committers",
89     mode => 775,
90 blino 502 require => File["$sched_home_dir/repsys"],
91     }
92    
93     file { "$sched_home_dir/repsys/srpms":
94     ensure => "directory",
95     require => File["$sched_home_dir/repsys"],
96     }
97 misc 265 }
98    
99 blino 394 define sshuser($homedir, $comment) {
100     group {"$title":
101 blino 351 ensure => present,
102     }
103    
104 blino 394 user {"$title":
105 blino 351 ensure => present,
106 blino 393 comment => $comment,
107 blino 351 managehome => true,
108 blino 394 gid => $title,
109 blino 351 shell => "/bin/bash",
110 blino 394 notify => Exec["unlock$title"],
111 blino 424 require => Group[$title],
112 blino 351 }
113 blino 372
114 blino 386 # set password to * to unlock the account but forbid login through login
115 blino 394 exec { "unlock$title":
116     command => "usermod -p '*' $title",
117 blino 386 refreshonly => true,
118     }
119    
120 blino 393 file { $homedir:
121 blino 383 ensure => "directory",
122 blino 423 require => User[$title],
123 blino 383 }
124    
125 blino 393 file { "$homedir/.ssh":
126 blino 372 ensure => "directory",
127     mode => 600,
128 blino 394 owner => $title,
129     group => $title,
130 blino 423 require => File[$homedir],
131 blino 372 }
132 blino 351 }
133    
134 blino 393 class iurtuser {
135 blino 394 sshuser { $build_login:
136     homedir => $build_home_dir,
137     comment => "System user used to run build bots",
138     }
139 blino 429
140     file { "/etc/iurt":
141     ensure => "directory",
142     }
143 blino 393 }
144    
145 misc 213 class iurt {
146 boklm 216 include sudo
147 blino 381 include iurtuser
148 blino 366 ssh::auth::client { $build_login: }
149 blino 396 ssh::auth::server { $sched_login: user => $build_login }
150 misc 213
151     # build node common settings
152     # we could have the following skip list to use less space:
153     # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
154     $package_list = ['task-bs-cluster-chroot', 'iurt']
155     package { $package_list:
156     ensure => installed;
157     }
158    
159 blino 426 file { "/etc/iurt/build":
160     ensure => "directory",
161 blino 428 require => File["/etc/iurt"],
162 blino 426 }
163    
164 blino 425 file { "/etc/iurt/build/cauldron.conf":
165 misc 213 ensure => present,
166     owner => $build_login,
167     group => $build_login,
168     mode => 644,
169 blino 426 require => File["/etc/iurt/build"],
170 boklm 218 content => template("buildsystem/iurt.cauldron.conf")
171 misc 213 }
172    
173 boklm 216 file { "/etc/sudoers.d/iurt":
174     ensure => present,
175     owner => root,
176     group => root,
177 boklm 219 mode => 440,
178 boklm 218 content => template("buildsystem/sudoers.iurt")
179 boklm 216 }
180 dmorgan 86 }
181     }

  ViewVC Help
Powered by ViewVC 1.1.30