Updated the keydb to use vcsrepo as well.

ad96de01 · Filip Strömbäck · 06f322f1 · 06f322f1 · ad96de01
Commit ad96de01 authored 1 year ago by Filip Strömbäck
--- a/files/auth/on_update_keydb.sh
+++ b/files/auth/on_update_keydb.sh
-#!/bin/bash
-
-systemctl restart aes_auth_keydb.service
-systemctl restart aes_temp_userdb.service
--- a/manifests/auth_keydb.pp
+++ b/manifests/auth_keydb.pp
 # @summary
-#   Describe what this class do!
+#   Key database for the communication module.
 #
-#   Detailed summary info if suitable
+#   Stores authentication keys (=SSH keys) for cases where Kerberos
+#   is not a suitable authentication method.
 #
 #
 class aes::auth_keydb {
@@ -45,22 +46,14 @@ class aes::auth_keydb {
    source => "puppet:///modules/${module_name}/auth/keydb.service",
  }

-  file { "${keydb_home}/on_update.sh" :
-    ensure => file,
-    owner  => root,
-    group  => root,
-    mode   => '0700',
-    source => "puppet:///modules/${module_name}/auth/on_update_keydb.sh",
-  }
-
-  exec { 'update-keydb-repo' :
-    command     => "/opt/utils/update_repo.sh ${keydb_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
-    environment => ["REPO_USER=${keydb_user}", "REPO_GROUP=${keydb_group}", "REPO_ON_UPDATE=${keydb_home}/on_update.sh"],
-    # This command will need to run "on_update" as root in order to restart the service.
-    user        => root,
-    group       => root,
-    cwd         => $keydb_home,
-    require     => File["${keydb_home}/on_update.sh"],
+  vcsrepo { "${keydb_home}/src":
+    ensure   => latest,
+    provider => git,
+    source   => 'https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git',
+    revision => $server_type,
+    owner    => $keydb_user,
+    group    => $keydb_group,
+    notify   => [Service[$keydb_service], Service['aes_temp_userdb']],
  }

  service { $keydb_service :