define vsftpd::site (
- $source='',
- $content='',
- $bind='',
- $ensure=present
-){
-
- include vsftpd::nolisten
-
- if ($source and $content) {
- fail ( "Can't have both source and content for $name" )
- }
+ $root,
+ $binds=['[::]'],
+ $chown_user='',
+ $writable=false,
+ $writable_other=false,
+ $readable=true,
+ $listable=true,
+ $banner="${name} FTP Server",
+ $max_clients=100,
+ $logfile="/var/log/ftp/vsftpd-${name}.debian.org.log",
+ $ensure=present,
+) {
+ include vsftpd
+ include ferm::ftp_conntrack
case $ensure {
present,absent: {}
default: { fail ( "Invald ensure `$ensure' for $name" ) }
}
+ $ensure_service = $ensure ? {
+ present => running,
+ absent => stopped,
+ }
+
+ $ensure_enable = $ensure ? {
+ present => true,
+ absent => false,
+ }
+
+ $ftpsite = $name
+
$fname = "/etc/vsftpd-${name}.conf"
- $noop = $::hostname ? {
- bizet => false,
- franck => false,
- gluck => false,
- lobos => false,
- kassia => false,
- klecker => false,
- ravel => false,
- saens => false,
- santoro => false,
- schein => false,
- steffani => false,
- villa => false,
- wieck => false,
- morricone => false,
- default => true
+ file { $fname:
+ ensure => $ensure,
+ content => template('vsftpd/vsftpd.conf.erb'),
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ }
+
+ file { "/etc/logrotate.d/vsftpd-${name}":
+ ensure => absent
}
- if $source {
- file { $fname:
- ensure => $ensure,
- noop => $noop,
- source => $source,
- }
- } elsif $content {
- file { $fname:
- ensure => $ensure,
- noop => $noop,
- content => $content,
- }
- } else {
- fail ( "Need one of source or content for $name" )
+ file { "/etc/systemd/system/vsftpd-${name}@.service":
+ ensure => $ensure,
+ content => template('vsftpd/systemd-vsftpd.service.erb'),
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ require => File[$fname],
+ notify => Exec['systemctl daemon-reload'],
}
- # We don't need a firewall rule because it's added in vsftp.pp
- xinetd::service { "vsftpd-${name}":
- bind => $bind,
- id => "${name}-ftp",
- server => '/usr/sbin/vsftpd',
- port => 'ftp',
- server_args => $fname,
- ferm => false,
- instances => 200,
- require => File[$fname]
+ file { "/etc/systemd/system/vsftpd-${name}.socket":
+ ensure => $ensure,
+ content => template('vsftpd/systemd-vsftpd.socket.erb'),
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ notify => [
+ Exec['systemctl daemon-reload'],
+ Service["vsftpd-${name}.socket"],
+ ],
}
+ service { "vsftpd-${name}.socket":
+ ensure => $ensure_service,
+ enable => $ensure_enable,
+ require => [
+ Exec['systemctl daemon-reload'],
+ File["/etc/systemd/system/vsftpd-${name}@.service"],
+ File["/etc/systemd/system/vsftpd-${name}.socket"],
+ ],
+ provider => systemd,
+ }
+
+ munin::check { "vsftpd-${name}":
+ ensure => $ensure,
+ script => 'vsftpd'
+ }
+ munin::conf { "vsftpd-${name}":
+ ensure => $ensure,
+ content => template('vsftpd/munin.erb')
+ }
}
projects / mirror / dsa-puppet.git / blobdiff