Merge branch 'devel' into 'production'

Devel

See merge request !25

files/tal/on_update.sh

 #!/usr/bin/bash
 
+python3 -m pip install --user -r scripts/requirements.txt
+
 cd source
 
 sed -i 's|url = \.\./database|url = https://oauth2:glpat-WeW_ytbQ83JMs2UnQmhe@gitlab.liu.se/upp-aes/database|' .gitmodules

files/tal/tal-cli

 #!/usr/bin/bash
 
-exec sudo -u examadm /home/examadm/tal-cli/tal "$@"
+exec sudo -u examadm /home/examadm/tal-cli/scripts/tal-cli.py "$@"

files/tal/tal-export

+#!/usr/bin/bash
+
+exec sudo -u examadm /home/examadm/tal-cli/scripts/tal-export.py "$@"

manifests/aes_sw.pp

@@ -18,7 +18,7 @@ class aes::aes_sw {
     managehome => false,
     membership => inclusive,
     system     => true,
-    shell      => '/sbin/nologin',
+    shell      => '/bin/bash',
   }
 
   file { $examadm_home:
@@ -28,6 +28,23 @@ class aes::aes_sw {
     group  => $examadm_group,
   }
 
+  file { "${examadm_home}/.ssh":
+    ensure => directory,
+    mode   => '0700',
+    owner  => $examadm_user,
+    group  => $examadm_group,
+  }
+
+  file { "${examadm_home}/.ssh/authorized_keys":
+    ensure  => file,
+    mode   => '0600',
+    owner  => $examadm_user,
+    group  => $examadm_group,
+    content => @(SSHPUBKEY),
+command="/home/examadm/bin/tal-export --format ics --lookback 90 --lookahead 180",no-pty,no-user-rc,no-port-forwarding,no-agent-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJW4LP0av20r7lPXNgsftF9oaAXK41AvHyuHwybciZC/QBfTcmYif83563cTg0OzR/p+OSobiDM0odaaFYtP/8xbuVRz87X5bGYm2m8yHHqPxobHkT5g/faMkl9Fef+Al4EsT5tiaYMOhG2lj8XRYuwAb7qjoz3FFbs8TEPE7Sv+4BUCCH94taCuNYLXSxN1EXvw7VW6Ld5QXRFP53l2QUeTqE9oSii3BVrXlqqrLvNV/7nwdwyse4uhff4QrM9o4oc9FaQr8PLlPGxdlbSfIQJMVzHGpeDu0WLw+NqtLO1hsdlvQm7GrT/v8N7GJNKlsvhwnwUuMhTrB0yPMbbub1 klaar36@upp
+    | SSHPUBKEY
+  }
+
   file { '/etc/systemd/system/aes_login.service':
     ensure  => file,
     owner   => root,

manifests/autocorr.pp

-class aes::autocorr {
-
-  $autocorr_user = autocorr
-  $autocorr_group = $autocorr_user
-  $autocorr_home = "/home/${autocorr_user}"
-
-  user { 'autocorr' :
-    ensure     => present,
-    managehome => false,
-    membership => inclusive,
-    system     => true,
-    shell      => '/bin/bash',
-  }
-
-  file { $autocorr_home:
-    ensure => directory,
-    mode   => '0755',
-    owner  => $autocorr_user,
-    group  => $autocorr_group,
-  }
-
-  file { "${autocorr_home}/.ssh":
-    ensure => directory,
-    mode   => '0700',
-    owner  => $autocorr_user,
-    group  => $autocorr_group,
-  }
-
-  file { "${autocorr_home}/.ssh/authorized_keys":
-    ensure  => file,
-    mode   => '0600',
-    owner  => $autocorr_user,
-    group  => $autocorr_group,
-    content => @(SSHPUBKEY),
-command="if [[ \"$SSH_ORIGINAL_COMMAND\" =~ ^scp[[:space:]]-f[[:space:]]/home/examadm/Version-3.1/exam/[[:space:]0-9a-zA-Z_/.-]*$ ]]; then $SSH_ORIGINAL_COMMAND; else >&2 echo \"ERROR Access Denied ('$SSH_ORIGINAL_COMMAND')\"; fi",no-pty,no-user-rc,no-port-forwarding,no-agent-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu/so6GPeUOpK0Zeiv8pM4UF4BAGnbjc92rYJP7PH2tnCvzTcj7Zx5fw6oyoFPw7SJ21ybIYHr1Eef7LsfJc6lOx/xNm8XABhOJw7Gy12WnjRF9SmsT7+YqJDvDOeN89PvzmHNdhpCerpdhDGvAKu2MjP2fAEW0eIgHWYfzFwQxXqfsEdKYAtIx0v/VTLxFjtZOz5PQGAPR28NZkffMt1ePaAO5WUwjkxcyIbrtrOWWYDtqa9G7gTwgdf7m9IG69G6sqKGzyZrfd0nrpMmtWmX6/9bWwUk1ADaLdEFiupsZ9k+QsLB7/v7fxzbPD61yAJ75JUecghlXFJ4ob9OsmPz torjo@upp
-    | SSHPUBKEY
-  }
-}

manifests/init.pp

@@ -8,7 +8,6 @@ class aes {
   include aes::broker
   include aes::auth
   include aes::auth_keydb
-  include aes::autocorr
   include liurepo::centos_sclo_rh
 
   package {

manifests/tal_cli.pp

@@ -17,6 +17,14 @@ class aes::tal_cli(
     source => "puppet:///modules/${module_name}/tal/tal-cli",
   }
 
+  file { '/home/examadm/bin/tal-export' :
+    ensure => file,
+    owner  => examadm,
+    group  => examadm,
+    mode   => '0755',
+    source => "puppet:///modules/${module_name}/tal/tal-export",
+  }
+
   file { '/home/examadm/tal-cli/.tal' :
     ensure  => file,
     owner   => examadm,