Add Filtermaster

modules/filtermaster/manifests/init.pp

Index: modules/filtermaster/manifests/init.pp
===================================================================
new file mode 100755
--- /dev/null
+++ b/modules/filtermaster/manifests/init.pp
@@ -0,0 +1,135 @@
+class filtermaster {
+  Cron {
+    #TODO: Change The MAILTO to the correct paramater befor commiting
+    environment => ['MAILTO=ROOT', 'PYTHONPATH=/opt/sitescripts'],
+  }
+	
+  class {'ssh':
+    custom_configuration => 'Match User rsync
+    AllowTcpForwarding no
+    X11Forwarding no
+    AllowAgentForwarding no
+    GatewayPorts no
+    ForceCommand rsync --server --sender -vltprz --delete-excluded . /home/rsync/subscription/files/subscriptions/data'

[Wladimir Palant, 2013/11/12 13:04:03]

I think the slash at the end of the path isn't optional here.

+  }
+  
+  user {'rsync':
+    ensure => present,
+    comment => 'Filter list mirror user',
+    home => '/home/rsync',
+    managehome => true
+  }
+
+  file {'/home/rsync/update_repos.sh':
+    ensure => file,
+    require => User['rsync'],
+    owner => rsync,
+    mode => 0700,
+    source => 'puppet:///modules/filtermaster/update_repos.sh'
+  }
+	 
+  file {'/home/rsync/.ssh':
+    ensure => directory,
+    require => User['rsync'],
+    owner => rsync,
+    mode => 0600
+  }
+  
+  file {'/home/rsync/subscription':
+    ensure => directory,
+    require => User['rsync'],
+    owner => rsync
+  }
+
+  file {'/home/rsync/subscription/files':
+    ensure => directory,
+    require => [
+    File['/home/rsync/subscription'],
+    User['rsync']
+    ],
+    owner => rsync
+  }
+
+  file {'/home/rsync/subscription/files/subscriptions':
+    ensure => directory,
+    require => [
+    File['/home/rsync/subscription/files'],
+    User['rsync']
+    ],
+    owner => rsync
+  }
+	 
+  file {'/home/rsync/.ssh/authorized_keys':
+    ensure => file,
+    require => [
+    File['/home/rsync/.ssh'],
+    User['rsync']
+    ],
+    owner => rsync,
+    mode => 0600,
+    source => 'puppet:///modules/filtermaster/authorized_keys'
+  }
+
+  package {['p7zip-full']:}
+
+  define repo_download( ) { 
+    exec { "fetch_${title}":
+      command =>  "hg clone https://hg.adblockplus.org/${title} /home/rsync/subscription/${title}",
+      path => ["/usr/bin/", "/bin/"],
+      require => Package['mercurial'],
+      user => rsync,
+      timeout => 0,
+      onlyif => "test ! -d /home/rsync/subscription/${title}"
+    }
+  }
+ 
+  repo_download {['easylist',
+		  'easylistgermany',
+		  'easylistitaly',
+ 		  'easylistcombinations',
+		  'malwaredomains',
+		  'ruadlist',
+		  'listefr',
+		  'exceptionrules',
+		  'easylistdutch',
+		  'facebookfilters',
+		  'antiadblockfilters'
+		 ]:
+  }  
+
+  cron {'update_subscription':
+    ensure => present,
+    command => "python -m sitescripts.subscriptions.bin.updateSubscriptionDownloads 3>&1 1>/dev/null 2>&3 | perl -pe 's/^/\"[\" . scalar localtime() . \"] \"/e' >> /tmp/subscription_errors && chmod 666 /tmp/subscription_errors 2>/dev/null",
+    user => rsync,
+    require => [
+    User['rsync']
+    ],
+    minute => '*/10'
+  }
+	 	 
+  cron {'update_malware':
+    ensure => present,
+    command => "python -m sitescripts.subscriptions.bin.updateMalwareDomainsList",
+    user => rsync,
+    require => [
+    User['rsync']
+    ],
+    hour => '*/6',
+    minute => 15
+  }
+  
+  cron {'update_repos':
+    ensure => present,
+    command => "/home/rsync/update_repos.sh 1>/dev/null",
+    user => rsync,
+    require => [
+    User['rsync'],
+    File['/home/rsync/update_repos.sh']
+    ],
+    minute  => '*/5'

[Wladimir Palant, 2013/11/12 13:04:03]

It doesn't make sense to update repositories at the same time when subscriptions
are being generated. It also doesn't make sense to update repositories twice as
frequently as subscriptions are being generated. I think you want minute =>
'8-58/10'

+  }
+
+  class {'sitescripts':
+    sitescriptsini_source => 'puppet:///modules/filtermaster/sitescripts'
+  }
+}