X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fvsftpd%2Fmanifests%2Finit.pp;h=d59a3269a8acafd054edf734cc7e5c8500c7a2d4;hb=598ef097f4c8f6b50b61dde7fc4bd011e955b754;hp=9ca68bfdd3eb76fe2b0da0262c44b15dd03c2466;hpb=47b37f6a9bbb69e5d90ea7e44237618c14b90608;p=mirror%2Fdsa-puppet.git

diff --git a/modules/vsftpd/manifests/init.pp b/modules/vsftpd/manifests/init.pp
index 9ca68bfdd..d59a3269a 100644
--- a/modules/vsftpd/manifests/init.pp
+++ b/modules/vsftpd/manifests/init.pp
@@ -8,17 +8,55 @@ class vsftpd {
 	}
 
 	service { 'vsftpd':
-		ensure => running
+		ensure  => stopped,
+		require => Package['vsftpd']
 	}
 
-	munin::check { 'vsftpd': }
+	file { '/etc/vsftpd.conf':
+		content => "listen=NO\n",
+		require => Package['vsftpd'],
+		notify  => Service['vsftpd']
+	}
+
+	# Mask the vsftpd service as we are using xinetd
+	file { '/etc/systemd/system/vsftpd.service':
+		ensure => 'link',
+		target => '/dev/null',
+		notify => Exec['systemctl daemon-reload'],
+	}
+
+	# Ensure the empty dir is present, workaround for #789127
+	file { '/etc/tmpfiles.d/vsftpd.conf':
+		content => 'd /var/run/vsftpd/empty 0755 root root -',
+		notify => Exec['systemd-tmpfiles --create --exclude-prefix=/dev'],
+	}
+
+	munin::check { 'vsftpd':
+		ensure => absent
+	}
 	munin::check { 'ps_vsftpd':
 		script => 'ps_'
 	}
 
-	@ferm::rule { 'dsa-ftp':
+	ferm::rule { 'dsa-ftp':
 		domain      => '(ip ip6)',
 		description => 'Allow ftp access',
 		rule        => '&SERVICE(tcp, 21)',
 	}
+
+	file { '/srv/ftp':
+		ensure => directory,
+		mode   => '0755'
+	}
+	file { '/var/log/ftp':
+		ensure => directory,
+		mode   => '0755'
+	}
+	file { '/etc/logrotate.d/vsftpd':
+		source  => 'puppet:///modules/vsftpd/logrotate.conf',
+		require => [
+			Package['vsftpd'],
+			Package['debian.org']
+		]
+	}
 }