# @summary
# OpenDSA server for exams.
#
# Detailed summary info if suitable
#
#
class aes::opendsa {
$opendsa_user = opendsa
$opendsa_group = $opendsa_user
$opendsa_home = "/srv/${opendsa_user}"
$opendsa_service = $opendsa_user
user { $opendsa_user :
ensure => present,
home => $opendsa_home,
comment => 'OpenDSA server',
managehome => false,
membership => inclusive,
system => true,
shell => '/sbin/nologin',
}
file { $opendsa_home:
ensure => directory,
owner => $opendsa_user,
group => $opendsa_group,
mode => '0755',
}
# This file will be executed as root, which is why we don't let anyone but root examine it.
file { "${opendsa_home}/on_update.sh":
ensure => file,
owner => $opendsa_user,
group => $opendsa_group,
mode => '0755',
source => "puppet:///modules/${module_name}/opendsa/on_update.sh",
}
file { "/etc/systemd/system/${opendsa_service}.service":
ensure => file,
owner => root,
group => root,
mode => '0644',
source => "puppet:///modules/${module_name}/opendsa/opendsa.service",
}
vcsrepo { "${opendsa_home}/src":
ensure => latest,
provider => git,
submodules => false,
source => 'https://oauth2:taNPRZid9Hv6jJtdW_T8@gitlab.liu.se/opendsa/OpenDSA.git',
revision => 'exam',
owner => $opendsa_user,
group => $opendsa_group,
notify => Exec['update-opendsa-repo'],
}
exec { 'update-opendsa-repo':
user => $opendsa_user,
group => $opendsa_group,
cwd => $opendsa_home,
path => '/bin:/usr/bin',
environment => ["HOME=${opendsa_home}"],
command => "${opendsa_home}/on_update.sh",
require => File["${opendsa_home}/on_update.sh"],
notify => Service[$opendsa_service],
refreshonly => true,
}
file { "${opendsa_home}/manage.sh":
ensure => file,
owner => $opendsa_user,
group => $opendsa_group,
mode => '0755',
source => "puppet:///modules/${module_name}/opendsa/manage.sh",
}
# Do we need port 12000 open? NO
service { $opendsa_service :
ensure => 'running',
}
# Ă„ndra TDDD86-raden i rules.d/opendsa till "TDDD86[AB]_191219"
}