Add Filtermaster

modules/filtermaster/manifests/init.pp

Index: modules/filtermaster/manifests/init.pp
===================================================================
new file mode 100755
--- /dev/null
+++ b/modules/filtermaster/manifests/init.pp
@@ -0,0 +1,116 @@
+class filtermaster {
+  Cron {
+    #TODO: Change The MAILTO to the correct paramater befor commiting
+    environment => ['MAILTO=ROOT', 'PYTHONPATH=/opt/sitescripts'],
+  }
+  
+  class {'ssh':
+    custom_configuration => 'Match User rsync
+    AllowTcpForwarding no
+    X11Forwarding no
+    AllowAgentForwarding no
+    GatewayPorts no
+    ForceCommand rsync --server --sender -vltprz --delete-excluded . /home/rsync/generated/data/'
+  }
+  
+  user {'rsync':
+    ensure => present,
+    comment => 'Filter list mirror user',
+    home => '/home/rsync',
+    managehome => true
+  }
+
+  file {'/home/rsync/update_repos.sh':
+    ensure => file,
+    owner => rsync,
+    mode => 0700,
+    source => 'puppet:///modules/filtermaster/update_repos.sh'
+  }
+   
+  file {'/home/rsync/.ssh':
+    ensure => directory,
+    owner => rsync,
+    mode => 0600
+  }
+  
+  file {'/home/rsync/subscription':
+    ensure => directory,
+    owner => rsync
+  }
+
+  file {'/home/rsync/generated':
+    ensure => directory,
+    owner => rsync
+  }
+   
+  file {'/home/rsync/.ssh/authorized_keys':
+    ensure => file,
+    require => File['/home/rsync/.ssh'],

[Wladimir Palant, 2013/11/13 14:03:51]

As I said, *both* requires are unnecessary - the parent directory is
automatically "required".

[christian, 2013/11/13 14:15:27]

Done.

+    owner => rsync,
+    mode => 0600,
+    source => 'puppet:///modules/filtermaster/authorized_keys'
+  }
+
+  package {['p7zip-full']:}
+
+  define repo_download( ) { 
+    exec { "fetch_${title}":
+      command =>  "hg clone https://hg.adblockplus.org/${title} /home/rsync/subscription/${title}",
+      path => ["/usr/bin/", "/bin/"],
+      require => Package['mercurial'],
+      user => rsync,
+      timeout => 0,
+      onlyif => "test ! -d /home/rsync/subscription/${title}"
+    }
+  }
+ 
+  repo_download {['easylist',
+                  'easylistgermany',
+                  'easylistitaly',
+                  'easylistcombinations',
+                  'malwaredomains',
+                  'ruadlist',
+                  'listefr',
+                  'exceptionrules',
+                  'easylistdutch',
+                  'facebookfilters',
+                  'antiadblockfilters'
+     ]:
+  }  
+
+  cron {'update_subscription':
+    ensure => present,
+    command => "python -m sitescripts.subscriptions.bin.updateSubscriptionDownloads 3>&1 1>/dev/null 2>&3 | perl -pe 's/^/\"[\" . scalar localtime() . \"] \"/e' >> /tmp/subscription_errors && chmod 666 /tmp/subscription_errors 2>/dev/null",
+    user => rsync,
+    require => [
+    User['rsync']
+    ],
+    minute => '*/10'
+  }
+     
+  cron {'update_malware':
+    ensure => present,
+    command => "python -m sitescripts.subscriptions.bin.updateMalwareDomainsList",
+    user => rsync,
+    require => [
+    User['rsync']
+    ],
+    hour => '*/6',
+    minute => 15
+  }
+  
+  cron {'update_repos':
+    ensure => present,
+    command => "/home/rsync/update_repos.sh",
+    user => rsync,
+    require => [
+    User['rsync'],
+    File['/home/rsync/update_repos.sh']
+    ],
+    minute  => '8-58/10'
+  }
+
+  class {'sitescripts':
+    sitescriptsini_source => 'puppet:///modules/filtermaster/sitescripts'
+  }
+}