/[adm]/puppet/modules/buildsystem/manifests/init.pp
ViewVC logotype

Annotation of /puppet/modules/buildsystem/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 861 - (hide annotations) (download)
Thu Jan 20 17:41:50 2011 UTC (13 years, 3 months ago) by boklm
File size: 7925 byte(s) 
add signbot user
1 misc 213 class buildsystem {
2 dmorgan 86
3 boklm 356 class base {
4     $build_login = "iurt"
5 blino 387 $build_home_dir = "/home/$build_login"
6 blino 397 $sched_login = "schedbot"
7 blino 393 $sched_home_dir = "/home/$sched_login"
8 boklm 861 $sign_login = "signbot"
9     $sign_home_dir = "/var/lib/$sign_login"
10 blino 545 $repository_root = "/distrib/bootstrap"
11 boklm 817 $packagers_group = 'mga-packagers'
12     $createsrpm_path = '/usr/share/repsys/create-srpm'
13 blino 366
14     include ssh::auth
15     ssh::auth::key { $build_login: } # declare a key for build bot: RSA, 2048 bits
16 blino 395 ssh::auth::key { $sched_login: } # declare a key for sched bot: RSA, 2048 bits
17 boklm 356 }
18 boklm 355
19 boklm 356 class mainnode inherits base {
20 blino 381 include iurtuser
21 blino 353
22 blino 395 sshuser { $sched_login:
23     homedir => $sched_home_dir,
24     comment => "System user used to schedule builds",
25     }
26    
27 boklm 861 sshuser { $sign_login:
28     homedir => $sign_home_dir,
29     comment => "System user used to sign packages",
30     }
31    
32 blino 399 ssh::auth::client { $sched_login: }
33 blino 573 ssh::auth::server { $sched_login: }
34 blino 399 ssh::auth::server { $build_login: }
35    
36 pterjan 703 # FIXME Add again task-bs-cluster-main when it will require mgarepo instead of repsys
37     $package_list = ['iurt']
38 blino 398 package { $package_list:
39 blino 350 ensure => "installed"
40     }
41 blino 403
42     apache::vhost_other_app { "repository.$domain":
43 blino 404 vhost_file => "buildsystem/vhost_repository.conf",
44 blino 403 }
45    
46 blino 466 apache::vhost_other_app { "pkgsubmit.$domain":
47     vhost_file => "buildsystem/vhost_pkgsubmit.conf",
48     }
49    
50 blino 430 include scheduler
51 blino 431 include gatherer
52 pterjan 700 include mgarepo
53 blino 517 include youri_submit
54 misc 860 include check_missing_deps
55 blino 350 }
56    
57 boklm 356 class buildnode inherits base {
58 misc 213 include iurt
59 dmorgan 86 }
60    
61 misc 265 class scheduler {
62     # ulri
63 blino 430 include iurtupload
64 misc 265 }
65    
66 blino 431 class gatherer {
67 misc 265 # emi
68 blino 430 include iurtupload
69 misc 265 }
70 blino 430
71     class iurtupload {
72 blino 432 file { "/etc/iurt/upload.conf":
73 blino 430 ensure => present,
74     owner => $build_login,
75     group => $build_login,
76     mode => 644,
77     require => File["/etc/iurt"],
78     content => template("buildsystem/upload.conf")
79     }
80     }
81 misc 265
82 pterjan 700 class mgarepo {
83     package { 'mgarepo':
84 misc 265
85     }
86    
87 blino 505 package { 'rpm-build':
88     }
89    
90 blino 500 file { "repsys.conf":
91     path => "/etc/repsys.conf",
92     owner => root,
93     group => root,
94     mode => 644,
95     content => template("buildsystem/repsys.conf")
96     }
97 blino 502
98     file { "$sched_home_dir/repsys":
99     ensure => "directory",
100 blino 508 owner => $sched_login,
101 blino 502 require => File[$sched_home_dir],
102     }
103    
104     file { "$sched_home_dir/repsys/tmp":
105     ensure => "directory",
106 blino 508 owner => $sched_login,
107 boklm 512 group => "mga-packagers",
108 boklm 510 mode => 1775,
109 blino 502 require => File["$sched_home_dir/repsys"],
110     }
111    
112     file { "$sched_home_dir/repsys/srpms":
113     ensure => "directory",
114 blino 508 owner => $sched_login,
115 boklm 512 group => "mga-packagers",
116 boklm 510 mode => 1775,
117 blino 502 require => File["$sched_home_dir/repsys"],
118     }
119 misc 265 }
120    
121 blino 516 class youri_submit {
122 boklm 522 include sudo
123    
124 blino 516 file { "/usr/local/bin/mdv-youri-submit":
125     owner => root,
126     group => root,
127     mode => 755,
128     content => template("buildsystem/mdv-youri-submit")
129     }
130    
131     file { "/usr/local/bin/mdv-youri-submit.wrapper":
132     owner => root,
133     group => root,
134     mode => 755,
135     content => template("buildsystem/mdv-youri-submit.wrapper")
136     }
137    
138 boklm 770 sudo::sudoers_config { "mdv-youri-submit":
139 blino 516 content => template("buildsystem/sudoers.youri")
140     }
141 blino 543
142     file { "/etc/youri":
143     ensure => "directory",
144     }
145    
146     file { "/etc/youri/submit-todo.conf":
147     ensure => present,
148     mode => 644,
149     require => File["/etc/youri"],
150     content => template("buildsystem/submit-todo.conf")
151     }
152 pterjan 682
153 pterjan 685 file { "/etc/youri/submit-upload.conf":
154 pterjan 682 ensure => present,
155     mode => 644,
156     require => File["/etc/youri"],
157 pterjan 685 content => template("buildsystem/submit-upload.conf")
158 pterjan 682 }
159 boklm 772
160     file { "/etc/youri/acl.conf":
161     ensure => present,
162     mode => 644,
163     require => File["/etc/youri"],
164     content => template("buildsystem/youri_acl.conf")
165     }
166 boklm 817
167     file { '/usr/local/bin/submit_package':
168     ensure => present,
169     mode => 755,
170     content => template('buildsystem/submit_package')
171     }
172 blino 516 }
173    
174 blino 394 define sshuser($homedir, $comment) {
175     group {"$title":
176 blino 351 ensure => present,
177     }
178    
179 blino 394 user {"$title":
180 blino 351 ensure => present,
181 blino 393 comment => $comment,
182 blino 351 managehome => true,
183 blino 394 gid => $title,
184 blino 351 shell => "/bin/bash",
185 blino 394 notify => Exec["unlock$title"],
186 blino 424 require => Group[$title],
187 blino 351 }
188 blino 372
189 blino 386 # set password to * to unlock the account but forbid login through login
190 blino 394 exec { "unlock$title":
191     command => "usermod -p '*' $title",
192 blino 386 refreshonly => true,
193     }
194    
195 blino 393 file { $homedir:
196 blino 383 ensure => "directory",
197 blino 423 require => User[$title],
198 blino 383 }
199    
200 blino 393 file { "$homedir/.ssh":
201 blino 372 ensure => "directory",
202     mode => 600,
203 blino 394 owner => $title,
204     group => $title,
205 blino 423 require => File[$homedir],
206 blino 372 }
207 blino 351 }
208    
209 blino 393 class iurtuser {
210 blino 394 sshuser { $build_login:
211     homedir => $build_home_dir,
212     comment => "System user used to run build bots",
213     }
214 blino 429
215     file { "/etc/iurt":
216     ensure => "directory",
217     }
218 blino 393 }
219    
220 misc 213 class iurt {
221 boklm 216 include sudo
222 blino 381 include iurtuser
223 blino 366 ssh::auth::client { $build_login: }
224 blino 396 ssh::auth::server { $sched_login: user => $build_login }
225 misc 213
226     # build node common settings
227     # we could have the following skip list to use less space:
228     # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
229     $package_list = ['task-bs-cluster-chroot', 'iurt']
230     package { $package_list:
231     ensure => installed;
232     }
233    
234 blino 426 file { "/etc/iurt/build":
235     ensure => "directory",
236 blino 428 require => File["/etc/iurt"],
237 blino 426 }
238    
239 blino 425 file { "/etc/iurt/build/cauldron.conf":
240 misc 213 ensure => present,
241     owner => $build_login,
242     group => $build_login,
243     mode => 644,
244 blino 426 require => File["/etc/iurt/build"],
245 boklm 218 content => template("buildsystem/iurt.cauldron.conf")
246 misc 213 }
247    
248 boklm 648 file { "/etc/iurt/build/mandriva2010.1.conf":
249     ensure => present,
250     owner => $build_login,
251     group => $build_login,
252     mode => 644,
253     require => File["/etc/iurt/build"],
254     content => template("buildsystem/iurt.mandriva2010.1.conf")
255     }
256    
257 boklm 770 sudo::sudoers_config { "iurt":
258 boklm 218 content => template("buildsystem/sudoers.iurt")
259 boklm 216 }
260 dmorgan 86 }
261 boklm 696
262     # temporary script to create home dir with ssh key
263     # taking login and url as arguments
264     class mgacreatehome {
265     file { "/usr/local/sbin/mgacreatehome":
266     ensure => present,
267     owner => root,
268     group => root,
269     mode => 700,
270     content => template("buildsystem/mgacreatehome")
271     }
272     }
273 misc 859
274     class check_missing_deps {
275     file { "/usr/local/bin/missing-deps.sh":
276     ensure => present,
277     owner => root,
278     group => root,
279     mode => 700,
280     content => "puppet:///modules/buildsystem/missing-deps.sh",
281     }
282    
283     # FIXME hardcoded path
284     cron { "check missing deps":
285     command => "cd /var/www/bs/data && /usr/local/bin/missing-deps.sh",
286     minute => "*/15",
287     }
288     }
289 dmorgan 86 }
  ViewVC Help
Powered by ViewVC 1.1.30