modules/vsftpd/manifests/site.pp

   1 define vsftpd::site (
   2         $root,
   3         $binds=['[::]'],
   4         $chown_user='',
   5         $writable=false,
   6         $writable_other=false,
   7         $readable=true,
   8         $listable=true,
   9         $banner="${name} FTP Server",
  10         $max_clients=100,
  11         $logfile="/var/log/ftp/vsftpd-${name}.debian.org.log",
  12         $ensure=present,
  13 ) {
  14         include vsftpd
  15         include ferm::ftp_conntrack
  16
  17         case $ensure {
  18                 present,absent: {}
  19                 default: { fail ( "Invald ensure `$ensure' for $name" ) }
  20         }
  21
  22         $ensure_service = $ensure ? {
  23                 present => running,
  24                 absent  => stopped,
  25         }
  26
  27         $ensure_enable = $ensure ? {
  28                 present => true,
  29                 absent  => false,
  30         }
  31
  32         $ftpsite = $name
  33
  34         $fname = "/etc/vsftpd-${name}.conf"
  35
  36         file { $fname:
  37                 ensure  => $ensure,
  38                 content => template('vsftpd/vsftpd.conf.erb'),
  39                 owner   => 'root',
  40                 group   => 'root',
  41                 mode    => '0444',
  42         }
  43
  44         file { "/etc/logrotate.d/vsftpd-${name}":
  45                 ensure => absent
  46         }
  47
  48         file { "/etc/systemd/system/vsftpd-${name}@.service":
  49                 ensure  => $ensure,
  50                 content => template('vsftpd/systemd-vsftpd.service.erb'),
  51                 owner   => 'root',
  52                 group   => 'root',
  53                 mode    => '0444',
  54                 require => File[$fname],
  55                 notify  => Exec['systemctl daemon-reload'],
  56         }
  57
  58         file { "/etc/systemd/system/vsftpd-${name}.socket":
  59                 ensure  => $ensure,
  60                 content => template('vsftpd/systemd-vsftpd.socket.erb'),
  61                 owner   => 'root',
  62                 group   => 'root',
  63                 mode    => '0444',
  64                 notify  => [
  65                         Exec['systemctl daemon-reload'],
  66                         Service["vsftpd-${name}.socket"],
  67                 ],
  68         }
  69
  70         service { "vsftpd-${name}.socket":
  71                 ensure   => $ensure_service,
  72                 enable   => $ensure_enable,
  73                 require  => [
  74                         Exec['systemctl daemon-reload'],
  75                         File["/etc/systemd/system/vsftpd-${name}@.service"],
  76                         File["/etc/systemd/system/vsftpd-${name}.socket"],
  77                 ],
  78                 provider => systemd,
  79         }
  80
  81         munin::check { "vsftpd-${name}":
  82                 ensure => $ensure,
  83                 script => 'vsftpd'
  84         }
  85         munin::conf { "vsftpd-${name}":
  86                 ensure  => $ensure,
  87                 content => template('vsftpd/munin.erb')
  88         }
  89 }