diff --git a/data/common.yaml b/data/common.yaml
index 11d9b06014445601ec59cd4b69150c6ae6b11cae..e1414775418393cd29180542217ff61c22247ba4 100644
--- a/data/common.yaml
+++ b/data/common.yaml
@@ -25,3 +25,15 @@ aes::auth::keytab_devel: >
6BI72YBgvod9N9z6P2iH0gFVVazciWTHVNcL4qZN4UHGDeBu5MH1wvTBZPpC
IcAIbgvoQbriFHLJiL9HIWl6GSe6I/jp9n5veEkhHdT3M0nEEc0hbKWBaELj
gTDWfQoET9V1Lrtv]
+
+aes::tal_cli::credentials: >
+ ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAii6nHpFM6+6aPuw1Qnawf77K7f
+ C5I+XqUJJBFxdiKq1VKDlcM3mme+MlB6cR7+GYYN1VRc7bQSTbmA80bdryBQ
+ zutD8KOvNWDytmdZhnDiboQEqSyuabdHjTlWRRONcENgMni5Vobmkr45JNDT
+ 5PQcTdVAP9z7K0+1tcHnQFhQczkW3iBhSq47awLNQQA4EXzQRNvSbF+DogBT
+ 2H62DEufNsn0Ca537PcAccRGILqJ1xS3i5h3SG0+dizx3XW1OxPXhmP+OXa/
+ /5BIgbJGSRen3BYEgQw1uXgIaQbmXa9gRWw8e9GS8eDYwXtkygTsSDyXATt2
+ VFwo8lT/XfMs2sczBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCOn8Yp6O
+ diU5v1PVARi1m6gCAqYcAytahjgq8Prbq9bwqHAvw8XyNek07WiXM3WNj8VA
+ ==]
diff --git a/files/tal/on_update.sh b/files/tal/on_update.sh
new file mode 100644
index 0000000000000000000000000000000000000000..115437173bd8f5504fc59e74cab125346759ba38
--- /dev/null
+++ b/files/tal/on_update.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/bash
+
+cd source
+
+sed -i 's|url = \.\./database|url = https://oauth2:glpat-WeW_ytbQ83JMs2UnQmhe@gitlab.liu.se/upp-aes/database|' .gitmodules
+git submodule update --init
+git checkout .gitmodules
+
+make
+
+cd ..
+ln -s source/oracle oracle
+cp source/tal tal
diff --git a/files/tal/tal-cli b/files/tal/tal-cli
new file mode 100644
index 0000000000000000000000000000000000000000..6e91c37e005604be48286c128bf8f12dbacb030a
--- /dev/null
+++ b/files/tal/tal-cli
@@ -0,0 +1,3 @@
+#!/usr/bin/bash
+
+exec sudo -u examadm /home/examadm/tal-cli/tal "$@"
diff --git a/manifests/aes_sw.pp b/manifests/aes_sw.pp
index e8c780cd127f3205ce7013a424c748b5e3e72de0..d6be61e81a100f456a524671b3254b22719dfa21 100644
--- a/manifests/aes_sw.pp
+++ b/manifests/aes_sw.pp
@@ -87,6 +87,17 @@ class aes::aes_sw {
| MSCRON
}
+ file { '/etc/cron.daily/aes_login':
+ ensure => file,
+ owner => root,
+ group => root,
+ mode => '0700',
+ content => @(MSCRON),
+ #!/bin/sh
+ /usr/bin/systemctl restart aes_login
+ | MSCRON
+ }
+
# todo: logrotate
service { 'aes_ms' :
ensure => 'running',
diff --git a/manifests/init.pp b/manifests/init.pp
index cc1d5e8ea889ae40013ad416e6adda2a7f5ca5c6..da08f5a4676a008e19acc9c2c53a345ae1bee3e2 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,6 +1,7 @@
class aes {
include aes::examfiles
include aes::aes_sw
+ include aes::tal_cli
include aes::opendsa
include aes::squid_filter
include aes::latex
@@ -96,7 +97,9 @@ class aes {
::users::liu_user { 'torjo38':
commonname => 'Torbjörn Jonsson',
shell => '/bin/bash',
- sshkey => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDbYFQ5iuox4ZxjleyIR4Pebp045xV1AhcaGXLNsBAMEk08d5ExPVXdoTsNcV9aGDH3mMnhihe4d3bY8xh919n5f500VY6TI1BQKDYUq5HXxbgfl6AG96WntcRc8OIKo31hjMc4o+GPawgvpit7cWs4tWBAxoenJcB43m99AaVH6xd8e6DYC6os6Zv69hu+hD/01aFzJEnANAAsDRqr5b+LUy/qKeRWzT1zGSzWUOeJBHS9rGXHIPmgoOs7FMCtT3w/lzoehxDNCsOUG8aBBb4jH7zDB59fYE3bp55lxjx176AraFHv/H/hcB6EGkqyOyMppHi2B0uPRxlTFOtNVSHptqKINh9NMYAniv+ZUGylJZMSWSQkRSI7U65EvfOaLFTHB/+IBfWAaXjcA0fNcm3lG0tCRXg3rbpumQ2ikq23FpFzNHG+T+383pJjeOjvZB26ij5C+vZ+jEJyXyL528OjO8sOmHEeR6lyc2UjAeHbf7//+gv/bo7wDTSMZVySLKXVwxY+eCEAwh8aVQHCmwx/qWmfE9FuKYZ6AZfdCPpCSQOZY97aQTMMAcSgLV2sYrMim9QpylkH0h4RLhBo76w+83Cg1uprv1ypag0RXIOu+BV0gOHAa3DxhCgWtf9JR3B4YDAq8GaYuVRq9Q6c9+iPo+EmQEdbU+7X4Loj34auOw==', # lint:ignore:140chars
+ sshkey => [ 'AAB3NzaC1yc2EAAAADAQABAAACAQDbYFQ5iuox4ZxjleyIR4Pebp045xV1AhcaGXLNsBAMEk08d5ExPVXdoTsNcV9aGDH3mMnhihe4d3bY8xh919n5f500VY6TI1BQKDYUq5HXxbgfl6AG96WntcRc8OIKo31hjMc4o+GPawgvpit7cWs4tWBAxoenJcB43m99AaVH6xd8e6DYC6os6Zv69hu+hD/01aFzJEnANAAsDRqr5b+LUy/qKeRWzT1zGSzWUOeJBHS9rGXHIPmgoOs7FMCtT3w/lzoehxDNCsOUG8aBBb4jH7zDB59fYE3bp55lxjx176AraFHv/H/hcB6EGkqyOyMppHi2B0uPRxlTFOtNVSHptqKINh9NMYAniv+ZUGylJZMSWSQkRSI7U65EvfOaLFTHB/+IBfWAaXjcA0fNcm3lG0tCRXg3rbpumQ2ikq23FpFzNHG+T+383pJjeOjvZB26ij5C+vZ+jEJyXyL528OjO8sOmHEeR6lyc2UjAeHbf7//+gv/bo7wDTSMZVySLKXVwxY+eCEAwh8aVQHCmwx/qWmfE9FuKYZ6AZfdCPpCSQOZY97aQTMMAcSgLV2sYrMim9QpylkH0h4RLhBo76w+83Cg1uprv1ypag0RXIOu+BV0gOHAa3DxhCgWtf9JR3B4YDAq8GaYuVRq9Q6c9+iPo+EmQEdbU+7X4Loj34auOw==', # lint:ignore:140chars
+ 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCu/so6GPeUOpK0Zeiv8pM4UF4BAGnbjc92rYJP7PH2tnCvzTcj7Zx5fw6oyoFPw7SJ21ybIYHr1Eef7LsfJc6lOx/xNm8XABhOJw7Gy12WnjRF9SmsT7+YqJDvDOeN89PvzmHNdhpCerpdhDGvAKu2MjP2fAEW0eIgHWYfzFwQxXqfsEdKYAtIx0v/VTLxFjtZOz5PQGAPR28NZkffMt1ePaAO5WUwjkxcyIbrtrOWWYDtqa9G7gTwgdf7m9IG69G6sqKGzyZrfd0nrpMmtWmX6/9bWwUk1ADaLdEFiupsZ9k+QsLB7/v7fxzbPD61yAJ75JUecghlXFJ4ob9OsmPz', # lint:ignore:140chars
+ ],
}
::server_firewall::rules_file { '45-permit_squid.rules':
diff --git a/manifests/tal_cli.pp b/manifests/tal_cli.pp
new file mode 100644
index 0000000000000000000000000000000000000000..8ae2468ea6344725252a53b41704877d59132620
--- /dev/null
+++ b/manifests/tal_cli.pp
@@ -0,0 +1,43 @@
+class aes::tal_cli(
+ Optional[String] $credentials = undef
+) {
+
+ file { '/home/examadm/tal-cli' :
+ ensure => directory,
+ owner => examadm,
+ group => examadm,
+ mode => '0700',
+ }
+
+ file { '/home/examadm/bin/tal-cli' :
+ ensure => file,
+ owner => examadm,
+ group => examadm,
+ mode => '0755',
+ source => "puppet:///modules/${module_name}/tal/tal-cli",
+ }
+
+ file { '/home/examadm/tal-cli/.tal' :
+ ensure => file,
+ owner => examadm,
+ group => examadm,
+ mode => '0600',
+ content => $credentials,
+ }
+
+ file { '/home/examadm/tal-cli/on_update.sh' :
+ ensure => file,
+ owner => examadm,
+ group => examadm,
+ mode => '0700',
+ source => "puppet:///modules/${module_name}/tal/on_update.sh",
+ }
+
+ exec { 'update-tal-repo' :
+ command => '/opt/utils/update_repo.sh /home/examadm/tal-cli/source https://oauth2:glpat-bfpVssm_zFmt1YRW7cLz@gitlab.liu.se/upp-aes/tal-cli.git master',
+ environment => [ 'REPO_ON_UPDATE=/home/examadm/tal-cli/on_update.sh' ],
+ user => examadm,
+ group => examadm,
+ cwd => '/home/examadm/tal-cli',
+ }
+}