Ben Vincent
19836e2069
- add autosyncer/autopromoter scripts - add timer and service to initial sync process - add timer/service for daily/weekly/monthly autopromote - add define to manage each repo - add nginx webserver to share repos - add favion.ico if enabled - add selinux management, and packages for selinux - cleanup package management, sorting package groups into package classes
59 lines
1.6 KiB
Puppet
59 lines
1.6 KiB
Puppet
# setup a reposync webserver
|
|
class profiles::reposync::webserver (
|
|
String $www_root = '/data/repos/snap',
|
|
String $nginx_vhost = 'repos.main.unkin.net',
|
|
Integer $nginx_port = 80,
|
|
Boolean $favicon = true,
|
|
Boolean $selinux = true,
|
|
) {
|
|
|
|
class { 'nginx': }
|
|
|
|
# create the nginx vhost
|
|
nginx::resource::server { $nginx_vhost:
|
|
listen_port => $nginx_port,
|
|
server_name => [$nginx_vhost],
|
|
use_default_location => true,
|
|
access_log => "/var/log/nginx/${nginx_vhost}_access.log",
|
|
error_log => "/var/log/nginx/${nginx_vhost}_error.log",
|
|
www_root => $www_root,
|
|
autoindex => 'on',
|
|
}
|
|
|
|
if $favicon {
|
|
file { "${www_root}/favicon.ico":
|
|
ensure => 'file',
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0644',
|
|
source => 'puppet:///modules/profiles/reposync/favicon.ico',
|
|
}
|
|
}
|
|
|
|
if $selinux {
|
|
|
|
# include packages that are required
|
|
include profiles::packages::selinux
|
|
|
|
# set httpd_sys_content_t to all files under the www_root
|
|
selinux::fcontext { $www_root:
|
|
ensure => 'present',
|
|
seltype => 'httpd_sys_content_t',
|
|
pathspec => "${www_root}(/.*)?",
|
|
}
|
|
|
|
# make sure we can connect to port 80
|
|
selboolean { 'httpd_can_network_connect':
|
|
persistent => true,
|
|
value => 'on',
|
|
}
|
|
|
|
exec { "restorecon_${www_root}":
|
|
path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'],
|
|
command => "restorecon -Rv ${www_root}",
|
|
refreshonly => true,
|
|
subscribe => Selinux::Fcontext[$www_root],
|
|
}
|
|
}
|
|
}
|