modules/filtermaster/manifests/init.pp - Issue 6029451183783936: Add Filtermaster

Unified Diff: modules/filtermaster/manifests/init.pp

Issue 6029451183783936: Add Filtermaster (Closed)

Patch Set: Use a define for the repo download Created Nov. 8, 2013, 2:35 p.m.

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View side-by-side diff with in-line comments

Index: modules/filtermaster/manifests/init.pp

===================================================================

new file mode 100755

--- /dev/null

+++ b/modules/filtermaster/manifests/init.pp

@@ -0,0 +1,112 @@

+class filtermaster {

+ Cron {

+ environment => ['MAILTO=ROOT', 'PYTHONPATH=/opt/sitescripts'],

Wladimir Palant 2013/11/08 15:32:06 Add a TODO comment so that you don't forget to cha

christian 2013/11/08 16:25:01 Done.

+ }

+ class {'ssh':

+ custom_configuration => 'Match User rsync

+ AllowTcpForwarding no

+ X11Forwarding no

+ AllowAgentForwarding no

+ GatewayPorts no

+ ForceCommand rsync --server --sender -vltprz --delete-excluded --exclude CVS . /home/rsync/subscriptions/'

Wladimir Palant 2013/11/08 15:32:06 /home/rsync/subscriptions isn't what you want to s

christian 2013/11/08 16:25:01 Done.

+ }

+ user {'rsync':

+ ensure => present,

+ comment => 'Filter list mirror user',

+ home => '/home/rsync',

+ managehome => true

+ }

+ file {'/home/rsync/.ssh':

+ ensure => directory,

+ require => User['rsync'],

+ owner => rsync,

+ mode => 0600

+ }

+ file {'/home/rsync/.ssh/authorized_keys':

+ ensure => file,

+ require => [

+ File['/home/rsync/.ssh'],

+ User['rsync']

+ ],

+ owner => rsync,

+ mode => 0600,

+ source => 'puppet:///modules/filtermaster/authorized_keys'

+ }

+ file {'/etc/sitescripts':

+ ensure => file,

+ owner => root,

+ mode => 0644,

+ source => 'puppet:///modules/filtermaster/sitescripts'

+ }

+#donwload the repos

Wladimir Palant 2013/11/08 15:32:06 Typo: donwload => download

Felix Dahlke 2013/11/08 15:49:39 I'd actually remove this, "repo_download" pretty m

christian 2013/11/08 16:25:01 Done.

+ define repo_download( $name ) {

+ exec { "fetch_${title}":

+ command => "hg clone https://hg.adblockplus.org/${name} /home/rsync/subscription/${name}",

+ path => ["/usr/bin/", "/bin/"],

+ require => Package['mercurial'],

+ user => rsync,

+ timeout => 0,

+ onlyif => "test ! -d /home/rsync/subscription/${name}"

+ }

Wladimir Palant 2013/11/08 15:32:06 What about a cron job to update these repositories

christian 2013/11/08 16:25:01 Don't "updateSubscriptionDownloads" update all rep

+ }

+ repo_download {'easylist':

+ name => "easylist"

+ }

+ repo_download {'easylist_germany':

+ name => "easylistgermany"

Wladimir Palant 2013/11/08 15:32:06 This looks redundant, why not drop the $name param

Felix Dahlke 2013/11/08 15:49:39 Yes, then you could actually do this: repo_downlo

+ }

+ repo_download {'easylist_italy':

+ name => "easylistitaly"

+ }

+ repo_download {'easylist_combinations':

+ name => "easylistcombinations"

+ }

+ repo_download {'malwaredomains':

+ name => "malwaredomains"

+ }

+ repo_download {'ruadlist':

+ name => "ruadlist"

+ }

+ repo_download {'listefr':

+ name => "listefr"

+ }

+ repo_download {'exceptionrules':

+ name => "exceptionrules"

+ }

+ cron {update_subscription:

Felix Dahlke 2013/11/08 15:49:39 Still needs to go in '' for consistency, same belo

+ ensure => present,

+ command => "python -m sitescripts.subscriptions.bin.updateSubscriptionDownloads 3>&1 1>/dev/null 2>&3 | perl -pe 's/^/\"[\" . scalar localtime() . \"] \"/e' >> /tmp/subscription_errors && chmod 666 /tmp/subscription_errors 2>/dev/null",

+ user => rsync,

+ require => [

+ User['rsync']

+ ],

+ minute => '*/10'

+ }

+ cron {update_malware:

+ ensure => present,

+ command => "python -m sitescripts.subscriptions.bin.updateMalwareDomainsList",

+ user => rsync,

+ require => [

+ User['rsync']

+ ],

+ hour => '*/6',

+ minute => 15

+ }

« modules/filtermaster/files/sitescripts ('K') | « modules/filtermaster/files/sitescripts ('k') | no next file » | no next file with comments »