[mirror/dsa-puppet.git] / modules / dacs / manifests / init.pp
1 # = Class: dacs
2 #
3 # This class installs and configures dacs for web auth
4 #
5 # == Sample Usage:
6 #
7 #   include dacs
8 #
9 class dacs {
10         package { 'dacs':
11                 ensure => installed,
12         }
13         package { 'libapache2-mod-dacs':
14                 ensure => installed,
15         }
17         File {
18                 owner => root,
19                 group => www-data,
20                 mode  => '0640',
21         }
23         file { '/var/log/dacs':
24                 ensure  => directory,
25                 mode    => '0770',
26                 purge   => true,
27         }
28         file { [
29                         '/etc/dacs/federations',
30                         '/etc/dacs/federations/',
31                         '/etc/dacs/federations/',
32                         '/etc/dacs/federations/',
33                         '/etc/dacs/federations/',
34                         '/etc/dacs/federations/'
35                 ]:
36                 ensure  => directory,
37                 mode    => '0750',
38                 require => Package['libapache2-mod-dacs'],
39                 purge   => true
40         }
41         file { '/etc/dacs/federations/site.conf':
42                 source  => 'puppet:///modules/dacs/common/site.conf',
43         }
44         file { '/etc/dacs/federations/':
45                 source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/dacs.conf",
46                         'puppet:///modules/dacs/common/dacs.conf', ],
47         }
48         file { '/etc/dacs/federations/':
49                 source  => 'puppet:///modules/dacs/common/revocations',
50         }
51         file { '/etc/dacs/federations/':
52                 source  => 'puppet:///modules/dacs/common/jurisdictions.grp',
53         }
54         file { '/etc/dacs/federations/':
55                 source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-noauth.0",
56                         'puppet:///modules/dacs/common/acl-noauth.0' ],
57                 notify  => Exec['dacsacl']
58         }
59         file { '/etc/dacs/federations/':
60                 source  => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-private.0",
61                         'puppet:///modules/dacs/common/acl-private.0' ],
62                 notify  => Exec['dacsacl']
63         }
64         file { '/etc/dacs/federations/':
65                 source  => 'puppet:///modules/dacs/private/debian.org_federation_keyfile',
66         }
67         file { '/etc/dacs/federations/':
68                 source  => 'puppet:///modules/dacs/private/DEBIAN_jurisdiction_keyfile',
69         }
71         exec { 'dacsacl':
72                 command     => 'dacsacl -sc /etc/dacs/federations/site.conf -c /etc/dacs/federations/ -uj DEBIAN && chown root:www-data /etc/dacs/federations/',
73                 refreshonly => true,
74         }
76 }