/[adm]/puppet/modules/buildsystem/manifests/init.pp
ViewVC logotype

Annotation of /puppet/modules/buildsystem/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 510 - (hide annotations) (download)
Mon Dec 6 14:20:31 2010 UTC (13 years, 3 months ago) by boklm
File size: 4946 byte(s)
add sticky bit on repsys/tmp and repsys/srpms
1 misc 213 class buildsystem {
2 dmorgan 86
3 boklm 356 class base {
4     $build_login = "iurt"
5 blino 387 $build_home_dir = "/home/$build_login"
6 blino 397 $sched_login = "schedbot"
7 blino 393 $sched_home_dir = "/home/$sched_login"
8 blino 366
9     include ssh::auth
10     ssh::auth::key { $build_login: } # declare a key for build bot: RSA, 2048 bits
11 blino 395 ssh::auth::key { $sched_login: } # declare a key for sched bot: RSA, 2048 bits
12 boklm 356 }
13 boklm 355
14 boklm 356 class mainnode inherits base {
15 blino 381 include iurtuser
16 blino 353
17 blino 395 sshuser { $sched_login:
18     homedir => $sched_home_dir,
19     comment => "System user used to schedule builds",
20     }
21    
22 blino 399 ssh::auth::client { $sched_login: }
23     ssh::auth::server { $build_login: }
24    
25 blino 398 $package_list = ['task-bs-cluster-main', 'iurt']
26     package { $package_list:
27 blino 350 ensure => "installed"
28     }
29 blino 403
30     apache::vhost_other_app { "repository.$domain":
31 blino 404 vhost_file => "buildsystem/vhost_repository.conf",
32 blino 403 }
33    
34 blino 466 apache::vhost_other_app { "pkgsubmit.$domain":
35     vhost_file => "buildsystem/vhost_pkgsubmit.conf",
36     }
37    
38 blino 430 include scheduler
39 blino 431 include gatherer
40 blino 500 include repsys
41 blino 350 }
42    
43 boklm 356 class buildnode inherits base {
44 misc 213 include iurt
45 dmorgan 86 }
46    
47 misc 265 class scheduler {
48     # ulri
49 blino 430 include iurtupload
50 misc 265 }
51    
52 blino 431 class gatherer {
53 misc 265 # emi
54 blino 430 include iurtupload
55 misc 265 }
56 blino 430
57     class iurtupload {
58 blino 432 file { "/etc/iurt/upload.conf":
59 blino 430 ensure => present,
60     owner => $build_login,
61     group => $build_login,
62     mode => 644,
63     require => File["/etc/iurt"],
64     content => template("buildsystem/upload.conf")
65     }
66     }
67 misc 265
68     class repsys {
69     package { 'repsys':
70    
71     }
72    
73 blino 505 package { 'rpm-build':
74     }
75    
76 blino 500 file { "repsys.conf":
77     path => "/etc/repsys.conf",
78     owner => root,
79     group => root,
80     mode => 644,
81     content => template("buildsystem/repsys.conf")
82     }
83 blino 502
84     file { "$sched_home_dir/repsys":
85     ensure => "directory",
86 blino 508 owner => $sched_login,
87 blino 502 require => File[$sched_home_dir],
88     }
89    
90     file { "$sched_home_dir/repsys/tmp":
91     ensure => "directory",
92 blino 508 owner => $sched_login,
93 blino 503 group => "mga-committers",
94 boklm 510 mode => 1775,
95 blino 502 require => File["$sched_home_dir/repsys"],
96     }
97    
98     file { "$sched_home_dir/repsys/srpms":
99     ensure => "directory",
100 blino 508 owner => $sched_login,
101 blino 509 group => "mga-committers",
102 boklm 510 mode => 1775,
103 blino 502 require => File["$sched_home_dir/repsys"],
104     }
105 misc 265 }
106    
107 blino 394 define sshuser($homedir, $comment) {
108     group {"$title":
109 blino 351 ensure => present,
110     }
111    
112 blino 394 user {"$title":
113 blino 351 ensure => present,
114 blino 393 comment => $comment,
115 blino 351 managehome => true,
116 blino 394 gid => $title,
117 blino 351 shell => "/bin/bash",
118 blino 394 notify => Exec["unlock$title"],
119 blino 424 require => Group[$title],
120 blino 351 }
121 blino 372
122 blino 386 # set password to * to unlock the account but forbid login through login
123 blino 394 exec { "unlock$title":
124     command => "usermod -p '*' $title",
125 blino 386 refreshonly => true,
126     }
127    
128 blino 393 file { $homedir:
129 blino 383 ensure => "directory",
130 blino 423 require => User[$title],
131 blino 383 }
132    
133 blino 393 file { "$homedir/.ssh":
134 blino 372 ensure => "directory",
135     mode => 600,
136 blino 394 owner => $title,
137     group => $title,
138 blino 423 require => File[$homedir],
139 blino 372 }
140 blino 351 }
141    
142 blino 393 class iurtuser {
143 blino 394 sshuser { $build_login:
144     homedir => $build_home_dir,
145     comment => "System user used to run build bots",
146     }
147 blino 429
148     file { "/etc/iurt":
149     ensure => "directory",
150     }
151 blino 393 }
152    
153 misc 213 class iurt {
154 boklm 216 include sudo
155 blino 381 include iurtuser
156 blino 366 ssh::auth::client { $build_login: }
157 blino 396 ssh::auth::server { $sched_login: user => $build_login }
158 misc 213
159     # build node common settings
160     # we could have the following skip list to use less space:
161     # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
162     $package_list = ['task-bs-cluster-chroot', 'iurt']
163     package { $package_list:
164     ensure => installed;
165     }
166    
167 blino 426 file { "/etc/iurt/build":
168     ensure => "directory",
169 blino 428 require => File["/etc/iurt"],
170 blino 426 }
171    
172 blino 425 file { "/etc/iurt/build/cauldron.conf":
173 misc 213 ensure => present,
174     owner => $build_login,
175     group => $build_login,
176     mode => 644,
177 blino 426 require => File["/etc/iurt/build"],
178 boklm 218 content => template("buildsystem/iurt.cauldron.conf")
179 misc 213 }
180    
181 boklm 216 file { "/etc/sudoers.d/iurt":
182     ensure => present,
183     owner => root,
184     group => root,
185 boklm 219 mode => 440,
186 boklm 218 content => template("buildsystem/sudoers.iurt")
187 boklm 216 }
188 dmorgan 86 }
189     }

  ViewVC Help
Powered by ViewVC 1.1.30