projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ftp-master as historical_master (part of RT#7644)
[mirror/dsa-puppet.git] / modules / roles / manifests / archvsync_base.pp
diff --git a/modules/roles/manifests/archvsync_base.pp b/modules/roles/manifests/archvsync_base.pp
index adb8d6a..2620f4d 100644 (file)
--- a/modules/roles/manifests/archvsync_base.pp
+++ b/modules/roles/manifests/archvsync_base.pp
@@ -1,11 +1,12 @@
-# this is usually pulled in by *-mirror or syncproxy roles
+# this is pulled in by *-mirror or syncproxy roles
+# in ensures the archvsync user has a home, and
+# that mirrormaster can ssh to it
 class roles::archvsync_base {
   file { '/srv/mirrors':
     ensure => directory,
     owner  => root,
-    group  => 1176, # archvsync
+    group  => 'archvsync',
     mode   => '0775',
-    # links  => follow,
   }
 
   file { '/srv/mirrors/.nobackup':
@@ -17,4 +18,6 @@ class roles::archvsync_base {
     ensure => 'link',
     target => '/home/archvsync/.ssh/authorized_keys',
   }
+
+  Ferm::Rule::Simple <<| tag == 'ssh::server::to::archvsync' |>>
 }
Unnamed repository; edit this file 'description' to name the repository.