Skip to content
Snippets Groups Projects
Select Git revision
  • production default protected
  • devel protected
  • test protected
  • klaar36-production-patch-51565
  • klaar36-production-patch-83549
  • cherry-pick-7a0e7bf7
  • cherry-pick-3fdaab52
  • cherry-pick-b940cfc1
  • cert
9 results
Blame Permalink
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
opendsa.pp 2.22 KiB 
# @summary
#   OpenDSA server for exams.
#
#   Detailed summary info if suitable
#
#
class aes::opendsa {
  $opendsa_user = opendsa
  $opendsa_group = $opendsa_user
  $opendsa_home = "/srv/${opendsa_user}"
  $opendsa_service = $opendsa_user

  user { $opendsa_user :
    ensure     => present,
    home       => $opendsa_home,
    comment    => 'OpenDSA server',
    managehome => false,
    membership => inclusive,
    system     => true,
    shell      => '/sbin/nologin',
  }

  file { $opendsa_home:
    ensure => directory,
    owner  => $opendsa_user,
    group  => $opendsa_group,
    mode   => '0755',
  }

  # This file will be executed as root, which is why we don't let anyone but root examine it.
  file { "${opendsa_home}/on_update.sh":
    ensure => file,
    owner  => $opendsa_user,
    group  => $opendsa_group,
    mode   => '0755',
    source => "puppet:///modules/${module_name}/opendsa/on_update.sh",
  }

  file { "/etc/systemd/system/${opendsa_service}.service":
    ensure => file,
    owner  => root,
    group  => root,
    mode   => '0644',
    source => "puppet:///modules/${module_name}/opendsa/opendsa.service",
  }

  vcsrepo { "${opendsa_home}/OpenDSA":
    ensure     => latest,
    provider   => git,
    submodules => false,
    source     => 'https://oauth2:taNPRZid9Hv6jJtdW_T8@gitlab.liu.se/opendsa/OpenDSA.git',
    revision   => 'exam',
    owner      => $opendsa_user,
    group      => $opendsa_group,
    notify     => Exec['update-opendsa-repo'],
  }

  exec { 'update-opendsa-repo':
    user        => $opendsa_user,
    group       => $opendsa_group,
    cwd         => $opendsa_home,
    path        => '/bin:/usr/bin',
    environment => ["HOME=${opendsa_home}"],
    command     => "${opendsa_home}/on_update.sh",
    require     => File["${opendsa_home}/on_update.sh"],
    notify      => Service[$opendsa_service],
    refreshonly => true,
  }

  file { "${opendsa_home}/manage.sh":
    ensure => file,
    owner  => $opendsa_user,
    group  => $opendsa_group,
    mode   => '0755',
    source => "puppet:///modules/${module_name}/opendsa/manage.sh",
  }

  # Do we need port 12000 open? NO
  service { $opendsa_service :
    ensure => 'running',
  }

  # Ändra TDDD86-raden i rules.d/opendsa till "TDDD86[AB]_191219"
}