X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fweblog_provider.pp;h=bed4aaca4ba84f193bfb04e1b3c94d4b7b972efc;hb=33a685862291e6f3c0c7f9df702b930430bbe419;hp=202bb8852deac64a1801d8531ae7f5f4e9e27dae;hpb=2f8db244cd4031714d948997301ebba4a2e6eb78;p=mirror%2Fdsa-puppet.git diff --git a/modules/roles/manifests/weblog_provider.pp b/modules/roles/manifests/weblog_provider.pp index 202bb8852..bed4aaca4 100644 --- a/modules/roles/manifests/weblog_provider.pp +++ b/modules/roles/manifests/weblog_provider.pp @@ -1,12 +1,18 @@ +# a provider of webserver logs class roles::weblog_provider { - if ! $::weblogsync_key { - exec { 'create-weblogsync-key': - command => '/bin/su - weblogsync -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'', - onlyif => '/usr/bin/getent passwd weblogsync > /dev/null && ! [ -e /home/weblogsync/.ssh/id_rsa ]' - } - } else { - file { '/etc/cron.d/puppet-weblog-provider': - content => "SHELL=/bin/bash\n\n0 */4 * * * weblogsync sleep $((RANDOM \% 1800)); rsync -a --delete-excluded --include '*-public-access.log-*gz' --exclude '**' /var/log/apache2/. weblogsync@wolkenstein.debian.org:-weblogs-incoming-\n", - } - } + ssh::keygen {'weblogsync': } + ssh::authorized_key_add { 'weblongsync-provider::destination': + target_user => 'weblogsync', + key => dig($facts, 'ssh_keys_users', 'weblogsync', 'id_rsa.pub', 'line'), + command => "/srv/weblogs.debian.org/bin/ssh-wrap ${::fqdn}", + collect_tag => 'weblogsync', + } + + file { '/etc/cron.d/puppet-weblog-provider': ensure => absent, } + concat::fragment { 'puppet-crontab--weblog-provider': + target => '/etc/cron.d/puppet-crontab', + content => @(EOF) + 0 1 * * * weblogsync sleep $((RANDOM \% 1800)); rsync -a --delete-excluded --include 'www.debian.org-access.log-*gz' --include '*-public-access.log-*gz' --exclude '**' /var/log/apache2/. weblogsync@wolkenstein.debian.org:-weblogs-incoming- + | EOF + } }