tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Various fixes for irc module

Browse source
This commit is contained in:
Ossi Salmi 2012-11-19 12:08:50 +02:00
parent f19ae66ba5
commit 089082ef20
4 changed files with 85 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

82
irc/manifests/init.pp
View file

@ -1,5 +1,10 @@
# Install IRC server.
#
# === Global variables
#
# $irc_motd:
# IRC server message of the day.
#
class irc::server {
package { "ircd-ratbox":
@ -8,9 +13,18 @@ class irc::server {
file { "/var/lib/ratbox":
ensure => directory,
mode => "0700",
owner => "irc",
group => "irc",
mode => "0700",
require => Package["ircd-ratbox"],
}
file { "/etc/ircd-ratbox/ircd.motd":
ensure => present,
mode => "0644",
owner => "irc",
group => "irc",
content => "${irc_motd}",
require => Package["ircd-ratbox"],
}
@ -38,12 +52,48 @@ class irc::services inherits irc::server {
# Configure IRC network.
#
define irc::network($desc, $servername, $serverdesc,
$port, $sslport, $operpass, $userpass="",
$services=false, $servpass="") {
# === Parameters
#
# $name:
# IRC network name.
# $desc:
# IRC network description.
# $servername:
# Name of this IRC server.
# $serverdesc:
# Desription of this IRC server.
# $port:
# Port to listen.
# $sslport:
# Port to listen with SSL.
# $sslcert:
# Certificate source. Defaults to generated self signed cert.
# $operator:
# List of allowed operators. Defaults to ["*@127.0.0.1"].
# $operpass:
# Password required for gaining operator privileges.
# $userpass:
# Password required for joining this server.
# $service:
# Enabled IRC services. Defaults to false.
# $servpass:
# Password for IRC services.
# $ident:
# Use ident service. Defaults to false.
#
define irc::network($desc, $servername, $serverdesc, $port, $sslport,
$sslcert="", $operator=["*@127.0.0.1"], $operpass,
$userpass="", $services=false, $servpass="",
$ident=false) {
include irc::server
if $ident == false {
$disable_identd = "yes";
} else {
$disable_identd = "no";
}
file { "/var/lib/ratbox/${name}":
ensure => directory,
owner => "irc",
@ -66,12 +116,23 @@ define irc::network($desc, $servername, $serverdesc,
require => File["/var/lib/ratbox/${name}"],
}
ssl::certificate { "/var/lib/ratbox/${name}/ircd.pem":
cn => $servername,
mode => "0600",
owner => "irc",
group => "irc",
require => File["/var/lib/ratbox/${name}"],
if $sslcert {
file { "/var/lib/ratbox/${name}/ircd.pem":
ensure => present,
mode => "0600",
owner => "irc",
group => "irc",
source => "${sslcert}",
require => File["/var/lib/ratbox/${name}"],
}
} else {
ssl::certificate { "/var/lib/ratbox/${name}/ircd.pem":
cn => "${servername}",
mode => "0600",
owner => "irc",
group => "irc",
require => File["/var/lib/ratbox/${name}"],
}
}
ssl::dhparam { "/var/lib/ratbox/${name}/dh.pem":
@ -102,6 +163,7 @@ define irc::network($desc, $servername, $serverdesc,
ensure => running,
enable => true,
status => "pgrep -u irc -f /var/lib/ratbox/${name}",
restart => "/etc/init.d/ircd-${name} reload",
}
if $services == true {

12
irc/templates/ircd-ratbox.conf.erb
View file

@ -178,7 +178,7 @@ class "users" {
number_per_cidr = 100;
/* max number: the maximum number of users allowed in this class */
max_number = 100;
max_number = 1000;
/* sendq: the amount of data allowed in a clients queue before
* they are dropped.
@ -230,6 +230,7 @@ auth {
class = "users";
<% if userpass != "" -%>
password = "<%= userpass %>";
flags = encrypted;
<% end -%>
};
@ -244,7 +245,9 @@ operator "root" {
* supported now.
* multiple user="" lines are supported.
*/
user = "*@127.0.0.1";
<% operator.each do |user| -%>
user = "<%= user %>";
<% end -%>
/* password: the password required to oper. Unless ~encrypted is
* contained in flags = ...; this will need to be encrypted using
@ -301,8 +304,7 @@ operator "root" {
*
*/
flags = global_kill, remote, kline, unkline, gline,
die, rehash, admin, xline, resv, operwall,
~encrypted;
die, rehash, admin, xline, resv, operwall;
};
/* If you are using the ratbox-services compatibility code, uncomment this. */
@ -639,7 +641,7 @@ general {
connect_timeout = 30 seconds;
/* disable auth: disables identd checking */
disable_auth = no;
disable_auth = <%= disable_identd %>;
/* no oper flood: increase flood limits for opers. */
no_oper_flood = yes;

1
irc/templates/ircd-ratbox.init.erb
View file

@ -105,6 +105,7 @@ reload)
restart|force-reload)
log_daemon_msg "Restarting $NAME" "$NAME"
ratbox_stop
sleep 2
ratbox_start
case "$?" in
0) log_end_msg 0 ;;

8
irc/templates/ratbox-services.conf.erb
View file

@ -154,7 +154,9 @@ operator "root" {
/* user: specifies a user@host who may connect.
* multiple may be specified, wildcards are accepted.
*/
user = "*@127.0.0.1";
<% operator.each do |user| -%>
user = "<%= user %>";
<% end -%>
/* you may also restrict the oper to a specific server, they will
* then only be able to connect when using that server.
@ -167,7 +169,7 @@ operator "root" {
/* encrypted: specifies whether the above password has been
* encrypted or not. default: yes
*/
encrypted = no;
encrypted = yes;
/* flags: specifies what general privs an oper has
* admin - services admin, .die etc
@ -485,7 +487,7 @@ service "nickserv" {
realname = "nickname services";
/* disabled by default */
flags = opered, msg_self, disabled;
flags = opered, msg_self;
/* loglevel: level to log at, 0 to disable logging
* 1 - Admin commands