/[adm]/puppet/modules/buildsystem/manifests/init.pp
ViewVC logotype

Contents of /puppet/modules/buildsystem/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 512 - (show annotations) (download)
Mon Dec 6 15:08:58 2010 UTC (13 years, 3 months ago) by boklm
File size: 4944 byte(s)
repsys/tmp and repsys/srpms owned by mga-packagers group
1 class buildsystem {
2
3 class base {
4 $build_login = "iurt"
5 $build_home_dir = "/home/$build_login"
6 $sched_login = "schedbot"
7 $sched_home_dir = "/home/$sched_login"
8
9 include ssh::auth
10 ssh::auth::key { $build_login: } # declare a key for build bot: RSA, 2048 bits
11 ssh::auth::key { $sched_login: } # declare a key for sched bot: RSA, 2048 bits
12 }
13
14 class mainnode inherits base {
15 include iurtuser
16
17 sshuser { $sched_login:
18 homedir => $sched_home_dir,
19 comment => "System user used to schedule builds",
20 }
21
22 ssh::auth::client { $sched_login: }
23 ssh::auth::server { $build_login: }
24
25 $package_list = ['task-bs-cluster-main', 'iurt']
26 package { $package_list:
27 ensure => "installed"
28 }
29
30 apache::vhost_other_app { "repository.$domain":
31 vhost_file => "buildsystem/vhost_repository.conf",
32 }
33
34 apache::vhost_other_app { "pkgsubmit.$domain":
35 vhost_file => "buildsystem/vhost_pkgsubmit.conf",
36 }
37
38 include scheduler
39 include gatherer
40 include repsys
41 }
42
43 class buildnode inherits base {
44 include iurt
45 }
46
47 class scheduler {
48 # ulri
49 include iurtupload
50 }
51
52 class gatherer {
53 # emi
54 include iurtupload
55 }
56
57 class iurtupload {
58 file { "/etc/iurt/upload.conf":
59 ensure => present,
60 owner => $build_login,
61 group => $build_login,
62 mode => 644,
63 require => File["/etc/iurt"],
64 content => template("buildsystem/upload.conf")
65 }
66 }
67
68 class repsys {
69 package { 'repsys':
70
71 }
72
73 package { 'rpm-build':
74 }
75
76 file { "repsys.conf":
77 path => "/etc/repsys.conf",
78 owner => root,
79 group => root,
80 mode => 644,
81 content => template("buildsystem/repsys.conf")
82 }
83
84 file { "$sched_home_dir/repsys":
85 ensure => "directory",
86 owner => $sched_login,
87 require => File[$sched_home_dir],
88 }
89
90 file { "$sched_home_dir/repsys/tmp":
91 ensure => "directory",
92 owner => $sched_login,
93 group => "mga-packagers",
94 mode => 1775,
95 require => File["$sched_home_dir/repsys"],
96 }
97
98 file { "$sched_home_dir/repsys/srpms":
99 ensure => "directory",
100 owner => $sched_login,
101 group => "mga-packagers",
102 mode => 1775,
103 require => File["$sched_home_dir/repsys"],
104 }
105 }
106
107 define sshuser($homedir, $comment) {
108 group {"$title":
109 ensure => present,
110 }
111
112 user {"$title":
113 ensure => present,
114 comment => $comment,
115 managehome => true,
116 gid => $title,
117 shell => "/bin/bash",
118 notify => Exec["unlock$title"],
119 require => Group[$title],
120 }
121
122 # set password to * to unlock the account but forbid login through login
123 exec { "unlock$title":
124 command => "usermod -p '*' $title",
125 refreshonly => true,
126 }
127
128 file { $homedir:
129 ensure => "directory",
130 require => User[$title],
131 }
132
133 file { "$homedir/.ssh":
134 ensure => "directory",
135 mode => 600,
136 owner => $title,
137 group => $title,
138 require => File[$homedir],
139 }
140 }
141
142 class iurtuser {
143 sshuser { $build_login:
144 homedir => $build_home_dir,
145 comment => "System user used to run build bots",
146 }
147
148 file { "/etc/iurt":
149 ensure => "directory",
150 }
151 }
152
153 class iurt {
154 include sudo
155 include iurtuser
156 ssh::auth::client { $build_login: }
157 ssh::auth::server { $sched_login: user => $build_login }
158
159 # build node common settings
160 # we could have the following skip list to use less space:
161 # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
162 $package_list = ['task-bs-cluster-chroot', 'iurt']
163 package { $package_list:
164 ensure => installed;
165 }
166
167 file { "/etc/iurt/build":
168 ensure => "directory",
169 require => File["/etc/iurt"],
170 }
171
172 file { "/etc/iurt/build/cauldron.conf":
173 ensure => present,
174 owner => $build_login,
175 group => $build_login,
176 mode => 644,
177 require => File["/etc/iurt/build"],
178 content => template("buildsystem/iurt.cauldron.conf")
179 }
180
181 file { "/etc/sudoers.d/iurt":
182 ensure => present,
183 owner => root,
184 group => root,
185 mode => 440,
186 content => template("buildsystem/sudoers.iurt")
187 }
188 }
189 }

  ViewVC Help
Powered by ViewVC 1.1.30