From 54eade454bc9db2312ac374a94c79f6722333ce0 Mon Sep 17 00:00:00 2001
From: Aurelien Jarno <aurelien@aurel32.net>
Date: Sun, 8 Apr 2018 15:18:59 +0200
Subject: [PATCH] Reorganize buildd module into different sections

That'll help the switch from buildd to pybuildd

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 modules/buildd/manifests/init.pp | 195 +++++++++++++++++--------------
 1 file changed, 107 insertions(+), 88 deletions(-)

diff --git a/modules/buildd/manifests/init.pp b/modules/buildd/manifests/init.pp
index 7fc00c568..0338a1f99 100644
--- a/modules/buildd/manifests/init.pp
+++ b/modules/buildd/manifests/init.pp
@@ -1,6 +1,20 @@
 class buildd ($ensure=present) {
 	# Do nothing until we get the buildd user from ldap
 	if $::buildd_user_exists {
+		#
+		# home directory
+		#
+		file { '/home/buildd':
+			ensure  => directory,
+			mode    => '2755',
+			group   => buildd,
+			owner   => buildd,
+		}
+
+
+		#
+		# sbuild configuration, including chroots
+		#
 		include schroot
 
 		package { 'sbuild':
@@ -12,56 +26,40 @@ class buildd ($ensure=present) {
 			tag    => extra_repo,
 			before => Package['sbuild']
 		}
-
-		if $ensure == present {
-			package { 'dupload':
-				ensure => installed,
-			}
-			file { '/etc/dupload.conf':
-				source  => 'puppet:///modules/buildd/dupload.conf',
-				require => Package['dupload'],
-			}
-			package { 'buildd':
-				ensure => installed,
-			}
-			file { '/etc/buildd/buildd.conf':
-				source  => 'puppet:///modules/buildd/buildd.conf',
-				require => Package['buildd'],
-			}
-			file { '/etc/sbuild/sbuild.conf':
-				source  => 'puppet:///modules/buildd/sbuild.conf',
-				require => Package['sbuild'],
-			}
-			include ferm::ftp_conntrack
+		file { '/etc/sbuild/sbuild.conf':
+			source  => 'puppet:///modules/buildd/sbuild.conf',
+			require => Package['sbuild'],
 		}
-
-		if (versioncmp($::lsbmajdistrelease, '9') >= 0) {
-			site::aptrepo { 'buildd.debian.org':
-				ensure => absent,
-			}
-			file { '/etc/apt/apt.conf.d/puppet-https-buildd':
-				ensure => absent,
-			}
-		} else {
-			site::aptrepo { 'buildd.debian.org':
-				key        => 'puppet:///modules/buildd/buildd.debian.org.gpg',
-				url        => 'https://apt.buildd.debian.org/',
-				suite      => 'jessie',
-				components => 'main',
-				require    => Package['apt-transport-https'],
-			}
-			file { '/etc/apt/apt.conf.d/puppet-https-buildd':
-				content => "Acquire::https::apt.buildd.debian.org::CaInfo \"/etc/ssl/ca-debian/ca-certificates.crt\";\n",
+		if $has_srv_buildd {
+			concat::fragment { 'dsa-puppet-stuff--buildd-update-schroots':
+				target => '/etc/cron.d/dsa-puppet-stuff',
+				content  => @(EOF)
+					13 22 * * 0,3 root PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin setup-all-dchroots buildd
+					| EOF
 			}
 		}
+		exec { 'add-buildd-user-to-sbuild':
+			command => 'adduser buildd sbuild',
+			onlyif  => "getent group sbuild > /dev/null && ! getent group sbuild | grep '\\<buildd\\>' > /dev/null"
+		}
 
-		file { '/etc/cron.d/dsa-buildd': ensure => absent, }
-		concat::fragment { 'dsa-puppet-stuff--buildd':
-			target => '/etc/cron.d/dsa-puppet-stuff',
-			source  => 'puppet:///modules/buildd/cron.d-dsa-buildd',
-			require => Package['debian.org']
+
+		#
+		# dupload configuration
+		#
+		package { 'dupload':
+			ensure => installed,
+		}
+		file { '/etc/dupload.conf':
+			source  => 'puppet:///modules/buildd/dupload.conf',
+			require => Package['dupload'],
 		}
+		include ferm::ftp_conntrack
 
+
+		#
+		# Aptitude killer
+		#
 		package { 'python-psutil':
 			ensure => installed,
 		}
@@ -70,7 +68,6 @@ class buildd ($ensure=present) {
 			mode    => '0555',
 		}
 
-		file { '/etc/cron.d/puppet-buildd-aptitude': ensure => absent }
 		concat::fragment { 'dsa-puppet-stuff--buildd-aptitude-killer':
 			target => '/etc/cron.d/dsa-puppet-stuff',
 			content  => @(EOF)
@@ -78,27 +75,33 @@ class buildd ($ensure=present) {
 				| EOF
 		}
 
-		service { 'buildd':
-			enable => false,
-			ensure => 'stopped',
-		}
 
-		file { '/etc/cron.d/puppet-update-buildd-schroots': ensure => absent }
-		if $has_srv_buildd {
-			concat::fragment { 'dsa-puppet-stuff--buildd-update-schroots':
-				target => '/etc/cron.d/dsa-puppet-stuff',
-				content  => @(EOF)
-					13 22 * * 0,3 root PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin setup-all-dchroots buildd
-					| EOF
-			}
-		}
-
-		file { '/home/buildd':
+		#
+		# GPG/SSH key generation
+		#
+		file { '/home/buildd/.gnupg':
 			ensure  => directory,
-			mode    => '2755',
+			mode    => '700',
 			group   => buildd,
 			owner   => buildd,
 		}
+		file { '/home/buildd/.gnupg/gpg.conf':
+			content  => "personal-digest-preferences SHA512\n",
+			group   => buildd,
+			owner   => buildd,
+		}
+
+		if ! $::buildd_key {
+			exec { 'create-buildd-key':
+				command => '/bin/su - buildd -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
+				onlyif  => '/usr/bin/getent passwd buildd > /dev/null && ! [ -e /home/buildd/.ssh/id_rsa ]'
+			}
+		}
+
+
+		#
+		# buildd configuration
+		#
 		file { '/home/buildd/build':
 			ensure  => directory,
 			mode    => '2750',
@@ -146,18 +149,49 @@ class buildd ($ensure=present) {
 			group   => buildd,
 			owner   => buildd,
 		}
-		file { '/home/buildd/.gnupg':
-			ensure  => directory,
-			mode    => '700',
-			group   => buildd,
-			owner   => buildd,
+
+		package { 'buildd':
+			ensure => installed,
 		}
-		file { '/home/buildd/.gnupg/gpg.conf':
-			content  => "personal-digest-preferences SHA512\n",
-			group   => buildd,
-			owner   => buildd,
+		file { '/etc/buildd/buildd.conf':
+			source  => 'puppet:///modules/buildd/buildd.conf',
+			require => Package['buildd'],
 		}
 
+		if (versioncmp($::lsbmajdistrelease, '9') >= 0) {
+			site::aptrepo { 'buildd.debian.org':
+				ensure => absent,
+			}
+			file { '/etc/apt/apt.conf.d/puppet-https-buildd':
+				ensure => absent,
+			}
+		} else {
+			site::aptrepo { 'buildd.debian.org':
+				key        => 'puppet:///modules/buildd/buildd.debian.org.gpg',
+				url        => 'https://apt.buildd.debian.org/',
+				suite      => 'jessie',
+				components => 'main',
+				require    => Package['apt-transport-https'],
+			}
+			file { '/etc/apt/apt.conf.d/puppet-https-buildd':
+				content => "Acquire::https::apt.buildd.debian.org::CaInfo \"/etc/ssl/ca-debian/ca-certificates.crt\";\n",
+			}
+		}
+
+		concat::fragment { 'dsa-puppet-stuff--buildd':
+			target => '/etc/cron.d/dsa-puppet-stuff',
+			source  => 'puppet:///modules/buildd/cron.d-dsa-buildd',
+			require => Package['debian.org']
+		}
+		service { 'buildd':
+			enable => false,
+			ensure => 'stopped',
+		}
+
+
+		#
+		# pybuildd configuration
+		#
 		file { '/home/buildd/.profile':
 			content  => @(EOT),
 				export XDG_RUNTIME_DIR="/run/user/$(id -u)"
@@ -167,20 +201,6 @@ class buildd ($ensure=present) {
 			owner   => buildd,
 		}
 
-		if ! $::buildd_key {
-			exec { 'create-buildd-key':
-				command => '/bin/su - buildd -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
-				onlyif  => '/usr/bin/getent passwd buildd > /dev/null && ! [ -e /home/buildd/.ssh/id_rsa ]'
-			}
-		}
-
-
-		exec { 'add-buildd-user-to-sbuild':
-			command => 'adduser buildd sbuild',
-			onlyif  => "getent group sbuild > /dev/null && ! getent group sbuild | grep '\\<buildd\\>' > /dev/null"
-		}
-
-		# Enable lingering for pybuildd
 		file { '/var/lib/systemd/linger':
 			ensure  => directory,
 			mode    => '755',
@@ -188,10 +208,9 @@ class buildd ($ensure=present) {
 		file { "/var/lib/systemd/linger/buildd":
 			ensure => present,
 		}
-
-		# And persistent journald storage
-		exec {'mkdir -p /etc/systemd/journald.conf.d':
-			unless => 'test -d /etc/systemd/journald.conf.d',
+		file { '/etc/systemd/journald.conf.d':
+			ensure  => directory,
+			mode    => '755',
 		}
 		file { '/etc/systemd/journald.conf.d/persistency.conf':
 			source => 'puppet:///modules/systemd/persistency.conf',
-- 
2.20.1