ensure => installed
}
+ service { 'acpid':
+ ensure => running,
+ require => Package['acpid'],
+ }
+
if $::lsbdistcodename != 'lenny' {
package { 'acpi-support-base':
ensure => installed
ensure => installed,
}
+ File {
+ owner => root,
+ group => www-data,
+ mode => '0640',
+ noop => true,
+ }
+
file { '/var/log/dacs':
ensure => directory,
- owner => root,
- group => www-data,
mode => '0770',
purge => true,
}
'/etc/dacs/federations/debian.org/DEBIAN/groups/DACS'
]:
ensure => directory,
- owner => root,
- group => www-data,
mode => '0750',
require => Package['libapache2-mod-dacs'],
purge => true
}
file { '/etc/dacs/federations/site.conf':
source => 'puppet:///modules/dacs/common/site.conf',
- mode => '0640',
- owner => root,
- group => www-data
}
file { '/etc/dacs/federations/debian.org/DEBIAN/dacs.conf':
source => [ "puppet:///modules/dacs/per-host/${::fqdn}/dacs.conf",
'puppet:///modules/dacs/common/dacs.conf', ],
- mode => '0640',
- owner => root,
- group => www-data
}
file { '/etc/dacs/federations/debian.org/DEBIAN/acls/revocations':
source => 'puppet:///modules/dacs/common/revocations',
- mode => '0640',
- owner => root,
- group => www-data
}
file { '/etc/dacs/federations/debian.org/DEBIAN/groups/DACS/jurisdictions.grp':
source => 'puppet:///modules/dacs/common/jurisdictions.grp',
- mode => '0640',
- owner => root,
- group => www-data
}
file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-noauth.0':
source => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-noauth.0",
'puppet:///modules/dacs/common/acl-noauth.0' ],
- mode => '0640',
- owner => root,
- group => www-data,
notify => Exec['dacsacl']
}
file { '/etc/dacs/federations/debian.org/DEBIAN/acls/acl-private.0':
source => [ "puppet:///modules/dacs/per-host/${::fqdn}/acl-private.0",
'puppet:///modules/dacs/common/acl-private.0' ],
- mode => '0640',
- owner => root,
- group => www-data,
notify => Exec['dacsacl']
}
file { '/etc/dacs/federations/debian.org/federation_keyfile':
source => 'puppet:///modules/dacs/private/debian.org_federation_keyfile',
- mode => '0640',
- owner => root,
- group => www-data
}
file { '/etc/dacs/federations/debian.org/DEBIAN/jurisdiction_keyfile':
source => 'puppet:///modules/dacs/private/DEBIAN_jurisdiction_keyfile',
- mode => '0640',
- owner => root,
- group => www-data
}
exec { 'dacsacl':
}
service { 'ekeyd-egd-linux':
- require => File['/etc/default/ekeyd-egd-linux'],
+ require => [
+ File['/etc/default/ekeyd-egd-linux'],
+ Package['ekeyd-egd-linux']
+ ]
}
}
service { 'ekeyd':
ensure => running,
- require => File['/etc/entropykey/ekeyd.conf'],
+ require => [
+ File['/etc/entropykey/ekeyd.conf'],
+ Package['ekeyd']
+ ]
}
stunnel4::server { 'ekeyd':
-class entropykey::remote_consumer ($entropy_provider) inherits entropykey::local_consumer {
+class entropykey::remote_consumer ($entropy_provider) {
+
+ include entropykey::local_consumer
stunnel4::client { 'ekeyd':
accept => '127.0.0.1:8888',
-define ferm::rule(
+define ferm::rule (
$rule,
$domain='ip',
$table='filter',
notify => Service['ferm'],
}
}
-
-
file { '/etc/monit/':
ensure => directory,
- owner => root,
- group => root,
mode => '0755',
purge => true,
notify => Exec['monit stop'],
}
file { '/etc/monit/monit.d':
ensure => directory,
- owner => root,
- group => root,
mode => '0750',
purge => true,
}
'nfs-common',
'nfs-kernel-server'
]:
- ensure => installed
+ ensure => installed
}
service { 'nfs-common':
file { '/etc/default/nfs-common':
source => 'puppet:///modules/nfs-server/nfs-common.default',
- require => Package['nfs-common'],
+ before => Package['nfs-common'],
notify => Service['nfs-common'],
}
file { '/etc/default/nfs-kernel-server':
source => 'puppet:///modules/nfs-server/nfs-kernel-server.default',
- require => Package['nfs-kernel-server'],
+ before => Package['nfs-kernel-server'],
notify => Service['nfs-kernel-server'],
}
file { '/etc/modprobe.d/lockd.local':
- source => 'puppet:///modules/nfs-server/lockd.local.modprobe'
+ source => 'puppet:///modules/nfs-server/lockd.local.modprobe',
+ before => Package['nfs-common'],
+ notify => Service['nfs-common'],
}
}
}
service { 'ssh':
- ensure => running
+ ensure => running,
+ require => Package['openssh-server']
}
@ferm::rule { 'dsa-ssh':
}
service { 'vsftpd':
- ensure => running
+ ensure => running,
+ require => Package['vsftpd']
}
munin::check { 'vsftpd': }
}
service { 'xinetd':
- ensure => running,
- noop => true,
+ ensure => running,
+ noop => true,
+ require => Package['xinetd']
}
}
projects / mirror / dsa-puppet.git / commitdiff