Add Filtermaster

modules/filtermaster/manifests/init.pp

Index: modules/filtermaster/manifests/init.pp
===================================================================
new file mode 100755
--- /dev/null
+++ b/modules/filtermaster/manifests/init.pp
@@ -0,0 +1,129 @@
+class filtermaster {
+  Cron {
+   #TODO change email
+    environment => ['MAILTO=root', 'PYTHONPATH=/opt/sitescripts'],
+  }
+  
+  class {'ssh':
+    custom_configuration => 'Match User rsync
+    AllowTcpForwarding no
+    X11Forwarding no
+    AllowAgentForwarding no
+    GatewayPorts no
+    ForceCommand rsync --server --sender -vltprz --delete-excluded . /home/rsync/generated/data/'
+  }
+  
+  user {'rsync':
+    ensure => present,
+    comment => 'Filter list mirror user',
+    home => '/home/rsync',
+    managehome => true
+  }
+
+  file {'/home/rsync/update_repos.sh':
+    ensure => file,
+    owner => rsync,
+    mode => 0700,
+    source => 'puppet:///modules/filtermaster/update_repos.sh'
+  }
+   
+  file {'/home/rsync/subscription':
+    ensure => directory,
+    owner => rsync
+  }
+
+  file {'/home/rsync/generated':
+    ensure => directory,
+    owner => rsync
+  }
+   
+  file {'/home/rsync/.ssh':
+    ensure => directory,
+    owner => rsync,
+    mode => 0600
+  }
+
+  file {'/home/rsync/.ssh/authorized_keys':
+    ensure => file,
+    owner => rsync,
+    mode => 0600,
+    source => 'puppet:///modules/private/rsync@easylist-downloads.adblockplus.org.pub'
+  }
+
+  file {'/etc/ssh/ssh_host_rsa_key':
+    require => Package['openssh-server'],
+    notify => Service['ssh'],
+    ensure => file,
+    owner => root,
+    group => root,
+    source => 'puppet:///modules/private/filtermaster.adblockplus.org_ssh.key'
+  }
+
+  file {'/etc/ssh/ssh_host_rsa_key.pub':
+    require => Package['openssh-server'],
+    notify => Service['ssh'],
+    ensure => file,
+    owner => root,
+    group => root,
+    source => 'puppet:///modules/private/filtermaster.adblockplus.org_ssh.pub'
+  }
+
+  package {['p7zip-full']:}
+
+  define repo_download() { 
+    exec {"fetch_${title}":
+      command => "hg clone https://hg.adblockplus.org/${title} /home/rsync/subscription/${title}",
+      path => ["/usr/bin/", "/bin/"],
+      require => Package['mercurial'],
+      user => rsync,
+      timeout => 0,
+      onlyif => "test ! -d /home/rsync/subscription/${title}"
+    }
+  }
+ 
+  repo_download {['easylist',
+                  'easylistgermany',
+                  'easylistitaly',
+                  'easylistcombinations',
+                  'malwaredomains',
+                  'ruadlist',
+                  'listefr',
+                  'exceptionrules',
+                  'easylistdutch',
+                  'facebookfilters',
+                  'antiadblockfilters'
+     ]:
+  }  
+
+  cron {'update_subscription':
+    ensure => present,
+    command => "python -m sitescripts.subscriptions.bin.updateSubscriptionDownloads 3>&1 1>/dev/null 2>&3 | perl -pe 's/^/\"[\" . scalar localtime() . \"] \"/e' >> /tmp/subscription_errors && chmod 666 /tmp/subscription_errors 2>/dev/null",
+    user => rsync,
+    require => User['rsync'],
+    minute => '*/10'
+  }
+     
+  cron {'update_malware':
+    ensure => present,
+    command => "python -m sitescripts.subscriptions.bin.updateMalwareDomainsList",
+    user => rsync,
+    require => User['rsync'],
+    hour => '*/6',
+    minute => 15
+  }
+  
+  cron {'update_repos':
+    ensure => present,
+    command => "/home/rsync/update_repos.sh",
+    user => rsync,
+    require => [
+      User['rsync'],
+      File['/home/rsync/update_repos.sh']
+    ],
+    minute  => '8-58/10'
+  }
+
+  class {'sitescripts':
+    sitescriptsini_source => 'puppet:///modules/filtermaster/sitescripts'
+  }
+}