X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fsalsa%2Fmanifests%2Finit.pp;h=a2d20630a16cf06d9408ad497831d2e07dc2e0cd;hb=0e54cd56f798ea46f72993862b7c7dc4b0a6122c;hp=2f741fba1b584d550f3643abab8f125f960c0bbe;hpb=bf2de708c73c0aee3af2585726515671284e0d9e;p=mirror%2Fdsa-puppet.git

diff --git a/modules/salsa/manifests/init.pp b/modules/salsa/manifests/init.pp
index 2f741fba1..a2d20630a 100644
--- a/modules/salsa/manifests/init.pp
+++ b/modules/salsa/manifests/init.pp
@@ -7,6 +7,7 @@ class salsa inherits salsa::params {
 	class { '::salsa::redis': } ->
 	class { '::salsa::packages': } ->
 	class { '::salsa::database': } ->
+	class { '::salsa::web': } ->
 	anchor { 'salsa::end': }
 
 	# userdir-ldap users get their home in /home
@@ -20,6 +21,17 @@ class salsa inherits salsa::params {
 		owner  => $salsa::user,
 		group  => $salsa::group,
 	}
+	file { "/home/${salsa::webhook_user}":
+		ensure => link,
+		target => $salsa::webhook_user_home,
+	}
+	file { $salsa::webhook_user_home:
+		ensure => directory,
+		mode   => '0755',
+		owner  => $salsa::webhook_user,
+		group  => $salsa::webhook_user,
+	}
+
 
 	file { "${salsa::home}/.credentials.yaml":
 		mode => '0400',
@@ -46,14 +58,33 @@ class salsa inherits salsa::params {
 		content  => @("EOF"),
 				---
 				# This file was put in place by puppet, but it won't overwrite it.
-				# Please fill in from dsa-passwords/service-salsa
+				# Please fill in from dsa-passwords/services-salsa
 				# mastersecret: "swordfish"
 				| EOF
 		replace => false,
 	}
-
-	ssl::service { $servicename:
-		# notify  => Exec['service apache2 reload'],
-		key => true,
+	file { "/var/lib/systemd/linger/${salsa::user}":
+		ensure => present,
+	}
+	file { "/var/lib/systemd/linger/${salsa::webhook_user}":
+		ensure => present,
+	}
+	file { "/etc/ssh/userkeys/${salsa::user}":
+		ensure => link,
+		target => "${salsa::home}/.ssh/authorized_keys",
+	}
+	# pages
+	file { "/etc/network/interfaces.d/pages.debian.net.conf":
+		content  => @("EOF"),
+				iface eth0 inet static
+				    address 209.87.16.45/24
+				iface eth0 inet6 static
+				    address 2607:f8f0:614:1::1274:45/64
+				    preferred-lifetime 0
+				| EOF
+		notify => Exec['service networking reload'],
+	}
+	exec { 'service networking reload':
+		refreshonly => true,
 	}
 }