modules/rsync/manifests/site.pp

   1 define rsync::site (
   2         $bind='',
   3         $bind6='',
   4         $source='',
   5         $content='',
   6         $fname='',
   7         $max_clients=200,
   8         $ensure=present,
   9         $sslname='',
  10         $sslport=1873
  11 ){
  12
  13         include rsync
  14
  15         if ! $fname {
  16                 $fname_real = "/etc/rsyncd-${name}.conf"
  17         } else {
  18                 $fname_real = $fname
  19         }
  20         case $ensure {
  21                 present,absent: {}
  22                 default: { fail ( "Invald ensure `${ensure}' for ${name}" ) }
  23         }
  24
  25         if ($source and $content) {
  26                 fail ( "Can't define both source and content for ${name}" )
  27         }
  28
  29         if $source {
  30                 file { $fname_real:
  31                         ensure => $ensure,
  32                         source => $source
  33                 }
  34         } elsif $content {
  35                 file { $fname_real:
  36                         ensure  => $ensure,
  37                         content => $content,
  38                 }
  39         } else {
  40                 fail ( "Can't find config for ${name}" )
  41         }
  42
  43         xinetd::service { "rsync-${name}":
  44                 bind        => $bind,
  45                 id          => "${name}-rsync",
  46                 server      => '/usr/bin/rsync',
  47                 service     => 'rsync',
  48                 server_args => "--daemon --config=${fname_real}",
  49                 ferm        => false,
  50                 instances   => $max_clients,
  51                 require     => File[$fname_real]
  52         }
  53
  54         if $bind6 != '' {
  55                 if $bind == '' {
  56                         fail("Cannot listen on * and a specific ipv6 address")
  57                 }
  58                 xinetd::service { "rsync-${name}6":
  59                         bind        => $bind6,
  60                         id          => "${name}-rsync6",
  61                         server      => '/usr/bin/rsync',
  62                         service     => 'rsync',
  63                         server_args => "--daemon --config=${fname_real}",
  64                         ferm        => false,
  65                         instances   => $max_clients,
  66                         require     => File[$fname_real]
  67                 }
  68         }
  69
  70         if $sslname != '' {
  71                 file { "/etc/rsyncd-${name}-stunnel.conf":
  72                         content => template('rsync/rsyncd-stunnel.conf.erb')
  73                 }
  74                 @ferm::rule { "rsync-${name}-ssl":
  75                         domain      => '(ip ip6)',
  76                         description => 'Allow rsync access',
  77                         rule        => "&SERVICE(tcp, $sslport)",
  78                 }
  79                 xinetd::service { "rsync-${name}-ssl":
  80                         bind        => $bind,
  81                         id          => "rsync-${name}-ssl",
  82                         server      => '/usr/bin/stunnel4',
  83                         server_args => "/etc/rsyncd-${name}-stunnel.conf",
  84                         service     => "rsync-ssl",
  85                         type        => 'UNLISTED',
  86                         port        => "$sslport",
  87                         ferm        => true,
  88                         instances   => $max_clients,
  89                         require     => File["/etc/rsyncd-${name}-stunnel.conf"],
  90                 }
  91                 if $bind6 != '' {
  92                         xinetd::service { "rsync-${name}-ssl6":
  93                                 bind        => $bind6,
  94                                 id          => "rsync-${name}-ssl6",
  95                                 server      => '/usr/bin/stunnel4',
  96                                 server_args => "/etc/rsyncd-${name}-stunnel.conf",
  97                                 service     => "rsync-ssl",
  98                                 type        => 'UNLISTED',
  99                                 port        => "$sslport",
 100                                 ferm        => true,
 101                                 instances   => $max_clients,
 102                                 require     => File["/etc/rsyncd-${name}-stunnel.conf"],
 103                         }
 104                 }
 105         }
 106
 107         Service['rsync']->Service['xinetd']
 108 }