projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
move localhost guest access in front of catch-all localhost access
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
archvsync_base.pp
diff --git
a/modules/roles/manifests/archvsync_base.pp
b/modules/roles/manifests/archvsync_base.pp
index
adb8d6a
..
2620f4d
100644
(file)
--- a/
modules/roles/manifests/archvsync_base.pp
+++ b/
modules/roles/manifests/archvsync_base.pp
@@
-1,11
+1,12
@@
-# this is usually pulled in by *-mirror or syncproxy roles
+# this is pulled in by *-mirror or syncproxy roles
+# in ensures the archvsync user has a home, and
+# that mirrormaster can ssh to it
class roles::archvsync_base {
file { '/srv/mirrors':
ensure => directory,
owner => root,
class roles::archvsync_base {
file { '/srv/mirrors':
ensure => directory,
owner => root,
- group =>
1176, # archvsync
+ group =>
'archvsync',
mode => '0775',
mode => '0775',
- # links => follow,
}
file { '/srv/mirrors/.nobackup':
}
file { '/srv/mirrors/.nobackup':
@@
-17,4
+18,6
@@
class roles::archvsync_base {
ensure => 'link',
target => '/home/archvsync/.ssh/authorized_keys',
}
ensure => 'link',
target => '/home/archvsync/.ssh/authorized_keys',
}
+
+ Ferm::Rule::Simple <<| tag == 'ssh::server::to::archvsync' |>>
}
}