68 lines
1.4 KiB
Puppet
68 lines
1.4 KiB
Puppet
# Configure AbuseSA services.
|
|
#
|
|
class abusesa::services(
|
|
$allow_dn=undef,
|
|
$paths=[],
|
|
$services=[],
|
|
$datadir='/var/lib/abuserv',
|
|
$socketdir='/var/lib/abuserv/run',
|
|
) {
|
|
|
|
include user::system
|
|
realize(User['abuserv'], Group['abuserv'])
|
|
|
|
exec { 'usermod-abusesa-abuserv':
|
|
path => '/bin:/usr/bin:/sbin:/usr/sbin',
|
|
command => 'usermod -a -G abuserv abusesa',
|
|
unless => 'id -n -G abusesa | grep \'\babuserv\b\'',
|
|
require => [
|
|
User['abusesa'],
|
|
Group['abuserv'],
|
|
],
|
|
}
|
|
|
|
include nginx
|
|
|
|
exec { 'usermod-nginx-abuserv':
|
|
path => '/bin:/usr/bin:/sbin:/usr/sbin',
|
|
command => "usermod -a -G abuserv ${nginx::user}",
|
|
unless => "id -n -G ${nginx::user} | grep '\\babuserv\\b'",
|
|
notify => Service['nginx'],
|
|
require => [
|
|
Package['nginx'],
|
|
Group['abuserv'],
|
|
],
|
|
}
|
|
|
|
if $datadir != '/var/lib/abuserv' {
|
|
file { '/var/lib/abuserv':
|
|
ensure => link,
|
|
target => $datadir,
|
|
}
|
|
}
|
|
|
|
file { [
|
|
$datadir,
|
|
$socketdir,
|
|
]:
|
|
ensure => directory,
|
|
mode => '2770',
|
|
owner => 'abuserv',
|
|
group => 'abuserv',
|
|
}
|
|
|
|
file { '/var/lib/abuserv/.profile':
|
|
ensure => present,
|
|
mode => '0600',
|
|
owner => 'abuserv',
|
|
group => 'abuserv',
|
|
content => "umask 007\n",
|
|
}
|
|
|
|
include ssl::ciphersuites
|
|
|
|
nginx::config { 'abusesa.conf':
|
|
content => template('abusesa/services/nginx.conf.erb'),
|
|
}
|
|
|
|
}
|