feat: adding reposync wrapper and tooling
- add autosyncer/autopromoter scripts - add timer and service to initial sync process - add timer/service for daily/weekly/monthly autopromote - add define to manage each repo - add nginx webserver to share repos - add favion.ico if enabled - add selinux management, and packages for selinux - cleanup package management, sorting package groups into package classes
This commit is contained in:
@@ -0,0 +1,58 @@
|
||||
# setup a reposync webserver
|
||||
class profiles::reposync::webserver (
|
||||
String $www_root = '/data/repos/snap',
|
||||
String $nginx_vhost = 'repos.main.unkin.net',
|
||||
Integer $nginx_port = 80,
|
||||
Boolean $favicon = true,
|
||||
Boolean $selinux = true,
|
||||
) {
|
||||
|
||||
class { 'nginx': }
|
||||
|
||||
# create the nginx vhost
|
||||
nginx::resource::server { $nginx_vhost:
|
||||
listen_port => $nginx_port,
|
||||
server_name => [$nginx_vhost],
|
||||
use_default_location => true,
|
||||
access_log => "/var/log/nginx/${nginx_vhost}_access.log",
|
||||
error_log => "/var/log/nginx/${nginx_vhost}_error.log",
|
||||
www_root => $www_root,
|
||||
autoindex => 'on',
|
||||
}
|
||||
|
||||
if $favicon {
|
||||
file { "${www_root}/favicon.ico":
|
||||
ensure => 'file',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
source => 'puppet:///modules/profiles/reposync/favicon.ico',
|
||||
}
|
||||
}
|
||||
|
||||
if $selinux {
|
||||
|
||||
# include packages that are required
|
||||
include profiles::packages::selinux
|
||||
|
||||
# set httpd_sys_content_t to all files under the www_root
|
||||
selinux::fcontext { $www_root:
|
||||
ensure => 'present',
|
||||
seltype => 'httpd_sys_content_t',
|
||||
pathspec => "${www_root}(/.*)?",
|
||||
}
|
||||
|
||||
# make sure we can connect to port 80
|
||||
selboolean { 'httpd_can_network_connect':
|
||||
persistent => true,
|
||||
value => 'on',
|
||||
}
|
||||
|
||||
exec { "restorecon_${www_root}":
|
||||
path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'],
|
||||
command => "restorecon -Rv ${www_root}",
|
||||
refreshonly => true,
|
||||
subscribe => Selinux::Fcontext[$www_root],
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user