From 027b3896cbbea053e99aa61b8f212bbb65c5dc86 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Sun, 8 Sep 2019 00:30:43 +0200
Subject: [PATCH] Split buildd class into small pieces

---
 modules/buildd/manifests/aptitude.pp |  17 ++
 modules/buildd/manifests/buildd.pp   |  68 ++++++++
 modules/buildd/manifests/dupload.pp  |  11 ++
 modules/buildd/manifests/gnupg.pp    |  14 ++
 modules/buildd/manifests/init.pp     | 248 +++------------------------
 modules/buildd/manifests/pybuildd.pp |  54 ++++++
 modules/buildd/manifests/schroot.pp  |  30 ++++
 modules/buildd/manifests/ssh.pp      |   4 +
 8 files changed, 222 insertions(+), 224 deletions(-)
 create mode 100644 modules/buildd/manifests/aptitude.pp
 create mode 100644 modules/buildd/manifests/buildd.pp
 create mode 100644 modules/buildd/manifests/dupload.pp
 create mode 100644 modules/buildd/manifests/gnupg.pp
 create mode 100644 modules/buildd/manifests/pybuildd.pp
 create mode 100644 modules/buildd/manifests/schroot.pp
 create mode 100644 modules/buildd/manifests/ssh.pp

diff --git a/modules/buildd/manifests/aptitude.pp b/modules/buildd/manifests/aptitude.pp
new file mode 100644
index 000000000..b53b871c1
--- /dev/null
+++ b/modules/buildd/manifests/aptitude.pp
@@ -0,0 +1,17 @@
+# Aptitude killer
+class buildd::aptitude {
+  package { 'python-psutil':
+    ensure => installed,
+  }
+  file { '/usr/local/sbin/buildd-schroot-aptitude-kill':
+    source  => 'puppet:///modules/buildd/buildd-schroot-aptitude-kill',
+    mode    => '0555',
+  }
+
+  concat::fragment { 'dsa-puppet-stuff--buildd-aptitude-killer':
+    target => '/etc/cron.d/dsa-puppet-stuff',
+    content  => @(EOF)
+      */5 * * * * root /usr/local/sbin/buildd-schroot-aptitude-kill
+      | EOF
+  }
+}
diff --git a/modules/buildd/manifests/buildd.pp b/modules/buildd/manifests/buildd.pp
new file mode 100644
index 000000000..026af5e25
--- /dev/null
+++ b/modules/buildd/manifests/buildd.pp
@@ -0,0 +1,68 @@
+# buildd configuration
+class buildd {
+  file { '/home/buildd/build':
+    ensure  => directory,
+    mode    => '2750',
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/home/buildd/logs':
+    ensure  => directory,
+    mode    => '2750',
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/home/buildd/old-logs':
+    ensure  => directory,
+    mode    => '2750',
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/home/buildd/upload-security':
+    ensure  => directory,
+    mode    => '2750',
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/home/buildd/stats':
+    ensure  => directory,
+    mode    => '2755',
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/home/buildd/stats/graphs':
+    ensure  => directory,
+    mode    => '2755',
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/home/buildd/upload':
+    ensure  => directory,
+    mode    => '2755',
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/home/buildd/.forward':
+    content  => "|/usr/bin/buildd-mail\n",
+    group   => buildd,
+    owner   => buildd,
+  }
+
+  package { 'buildd':
+    ensure => installed,
+  }
+  file { '/etc/buildd/buildd.conf':
+    source  => 'puppet:///modules/buildd/buildd.conf',
+    require => Package['buildd'],
+  }
+
+  concat::fragment { 'dsa-puppet-stuff--buildd':
+    target => '/etc/cron.d/dsa-puppet-stuff',
+    source  => 'puppet:///modules/buildd/cron.d-dsa-buildd',
+    require => Package['debian.org']
+  }
+  service { 'buildd':
+    enable => false,
+    ensure => 'stopped',
+  }
+}
diff --git a/modules/buildd/manifests/dupload.pp b/modules/buildd/manifests/dupload.pp
new file mode 100644
index 000000000..9865f6f65
--- /dev/null
+++ b/modules/buildd/manifests/dupload.pp
@@ -0,0 +1,11 @@
+# dupload configuration
+class buildd::dupload {
+  package { 'dupload':
+    ensure => installed,
+  }
+  file { '/etc/dupload.conf':
+    source  => 'puppet:///modules/buildd/dupload.conf',
+    require => Package['dupload'],
+  }
+  include ferm::ftp_conntrack
+}
diff --git a/modules/buildd/manifests/gnupg.pp b/modules/buildd/manifests/gnupg.pp
new file mode 100644
index 000000000..12bdf5756
--- /dev/null
+++ b/modules/buildd/manifests/gnupg.pp
@@ -0,0 +1,14 @@
+# GPG key generation
+class buildd::gnupg {
+  file { '/home/buildd/.gnupg':
+    ensure  => directory,
+    mode    => '700',
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/home/buildd/.gnupg/gpg.conf':
+    content  => "personal-digest-preferences SHA512\n",
+    group   => buildd,
+    owner   => buildd,
+  }
+}
diff --git a/modules/buildd/manifests/init.pp b/modules/buildd/manifests/init.pp
index a8affb0ce..ea7338029 100644
--- a/modules/buildd/manifests/init.pp
+++ b/modules/buildd/manifests/init.pp
@@ -1,225 +1,25 @@
-class buildd ($ensure=present) {
-	# Do nothing until we get the buildd user from ldap
-	if $::buildd_user_exists {
-		#
-		# home directory
-		#
-		file { '/home/buildd':
-			ensure  => directory,
-			mode    => '2755',
-			group   => buildd,
-			owner   => buildd,
-		}
-
-
-		#
-		# sbuild configuration, including chroots
-		#
-		include schroot
-
-		package { 'sbuild':
-			ensure => installed,
-			tag    => extra_repo,
-		}
-		package { 'libsbuild-perl':
-			ensure => installed,
-			tag    => extra_repo,
-			before => Package['sbuild']
-		}
-		file { '/etc/sbuild/sbuild.conf':
-			source  => 'puppet:///modules/buildd/sbuild.conf',
-			require => Package['sbuild'],
-		}
-		if $has_srv_buildd {
-			concat::fragment { 'dsa-puppet-stuff--buildd-update-schroots':
-				target => '/etc/cron.d/dsa-puppet-stuff',
-				content  => @(EOF)
-					13 22 * * 0,3 root PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin setup-all-dchroots buildd
-					| EOF
-			}
-		}
-		exec { 'add-buildd-user-to-sbuild':
-			command => 'adduser buildd sbuild',
-			onlyif  => "getent group sbuild > /dev/null && ! getent group sbuild | grep '\\<buildd\\>' > /dev/null"
-		}
-
-
-		#
-		# dupload configuration
-		#
-		package { 'dupload':
-			ensure => installed,
-		}
-		file { '/etc/dupload.conf':
-			source  => 'puppet:///modules/buildd/dupload.conf',
-			require => Package['dupload'],
-		}
-		include ferm::ftp_conntrack
-
-
-		#
-		# Aptitude killer
-		#
-		package { 'python-psutil':
-			ensure => installed,
-		}
-		file { '/usr/local/sbin/buildd-schroot-aptitude-kill':
-			source  => 'puppet:///modules/buildd/buildd-schroot-aptitude-kill',
-			mode    => '0555',
-		}
-
-		concat::fragment { 'dsa-puppet-stuff--buildd-aptitude-killer':
-			target => '/etc/cron.d/dsa-puppet-stuff',
-			content  => @(EOF)
-				*/5 * * * * root /usr/local/sbin/buildd-schroot-aptitude-kill
-				| EOF
-		}
-
-
-		#
-		# GPG/SSH key generation
-		#
-		file { '/home/buildd/.gnupg':
-			ensure  => directory,
-			mode    => '700',
-			group   => buildd,
-			owner   => buildd,
-		}
-		file { '/home/buildd/.gnupg/gpg.conf':
-			content  => "personal-digest-preferences SHA512\n",
-			group   => buildd,
-			owner   => buildd,
-		}
-
-		ssh::keygen {'buildd': }
-
-		#
-		# buildd/pybuildd configuration
-		#
-		if $::hostname in [x86-grnet-01,x86-grnet-02,zani] {
-			#
-			# pybuildd configuration
-			#
-			package { 'buildd':
-				ensure => purged,
-			}
-
-			package { ['python3-retrying', 'python3-yaml']:
-				ensure => installed,
-			}
-			file { '/home/buildd/.profile':
-				content  => @(EOT),
-					export XDG_RUNTIME_DIR="/run/user/$(id -u)"
-					export DBUS_SESSION_BUS_ADDRESS="unix:path=${XDG_RUNTIME_DIR}/bus"
-					| EOT
-				group   => buildd,
-				owner   => buildd,
-			}
-			file { '/home/buildd/logs':
-				ensure  => directory,
-				mode    => '2750',
-				group   => buildd,
-				owner   => buildd,
-			}
-			file { '/var/lib/systemd/linger':
-				ensure  => directory,
-				mode    => '755',
-			}
-			file { "/var/lib/systemd/linger/buildd":
-				ensure => present,
-			}
-			file { '/etc/systemd/journald.conf.d':
-				ensure  => directory,
-				mode    => '755',
-			}
-			file { '/etc/systemd/journald.conf.d/persistency.conf':
-				source => 'puppet:///modules/dsa_systemd/persistency.conf',
-			}
-
-			# Make sure that the build directory have the correct permissions.
-			# This should go away once pybuildd issue #3 is solved.
-			file { '/home/buildd/build':
-				ensure  => directory,
-				mode    => '2750',
-				group   => buildd,
-				owner   => buildd,
-			}
-			# work around https://salsa.debian.org/wb-team/pybuildd/issues/11
-			concat::fragment { 'dsa-puppet-stuff--pybuildd-expire-logs':
-				target => '/etc/cron.d/dsa-puppet-stuff',
-				content  => @(EOF)
-					@daily buildd [ -d ~buildd/logs ] && find ~buildd/logs -type f -mtime +90 -delete
-					| EOF
-			}
-		} else {
-			#
-			# buildd configuration
-			#
-			file { '/home/buildd/build':
-				ensure  => directory,
-				mode    => '2750',
-				group   => buildd,
-				owner   => buildd,
-			}
-			file { '/home/buildd/logs':
-				ensure  => directory,
-				mode    => '2750',
-				group   => buildd,
-				owner   => buildd,
-			}
-			file { '/home/buildd/old-logs':
-				ensure  => directory,
-				mode    => '2750',
-				group   => buildd,
-				owner   => buildd,
-			}
-			file { '/home/buildd/upload-security':
-				ensure  => directory,
-				mode    => '2750',
-				group   => buildd,
-				owner   => buildd,
-			}
-			file { '/home/buildd/stats':
-				ensure  => directory,
-				mode    => '2755',
-				group   => buildd,
-				owner   => buildd,
-			}
-			file { '/home/buildd/stats/graphs':
-				ensure  => directory,
-				mode    => '2755',
-				group   => buildd,
-				owner   => buildd,
-			}
-			file { '/home/buildd/upload':
-				ensure  => directory,
-				mode    => '2755',
-				group   => buildd,
-				owner   => buildd,
-			}
-			file { '/home/buildd/.forward':
-				content  => "|/usr/bin/buildd-mail\n",
-				group   => buildd,
-				owner   => buildd,
-			}
-
-			package { 'buildd':
-				ensure => installed,
-			}
-			file { '/etc/buildd/buildd.conf':
-				source  => 'puppet:///modules/buildd/buildd.conf',
-				require => Package['buildd'],
-			}
-
-			concat::fragment { 'dsa-puppet-stuff--buildd':
-				target => '/etc/cron.d/dsa-puppet-stuff',
-				source  => 'puppet:///modules/buildd/cron.d-dsa-buildd',
-				require => Package['debian.org']
-			}
-			service { 'buildd':
-				enable => false,
-				ensure => 'stopped',
-			}
-		}
-	}
+# A debian.org buildd
+class buildd {
+  # Do nothing until we get the buildd user from ldap
+  if $::buildd_user_exists {
+    # home directory
+    file { '/home/buildd':
+      ensure  => directory,
+      mode    => '2755',
+      group   => buildd,
+      owner   => buildd,
+    }
+
+    include buildd::schroot
+    include buildd::dupload
+    include buildd::aptitude
+    include buildd::gnupg
+    include buildd::ssh
+
+    if $::hostname in [x86-grnet-01,x86-grnet-02,zani] {
+      include buildd::pybuildd
+    } else {
+      include buildd::buildd
+    }
+  }
 }
diff --git a/modules/buildd/manifests/pybuildd.pp b/modules/buildd/manifests/pybuildd.pp
new file mode 100644
index 000000000..6f73b0545
--- /dev/null
+++ b/modules/buildd/manifests/pybuildd.pp
@@ -0,0 +1,54 @@
+# pybuildd configuration
+class buildd {
+  package { 'buildd':
+    ensure => purged,
+  }
+
+  package { ['python3-retrying', 'python3-yaml']:
+    ensure => installed,
+  }
+  file { '/home/buildd/.profile':
+    content  => @(EOT),
+      export XDG_RUNTIME_DIR="/run/user/$(id -u)"
+      export DBUS_SESSION_BUS_ADDRESS="unix:path=${XDG_RUNTIME_DIR}/bus"
+      | EOT
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/home/buildd/logs':
+    ensure  => directory,
+    mode    => '2750',
+    group   => buildd,
+    owner   => buildd,
+  }
+  file { '/var/lib/systemd/linger':
+    ensure  => directory,
+    mode    => '755',
+  }
+  file { "/var/lib/systemd/linger/buildd":
+    ensure => present,
+  }
+  file { '/etc/systemd/journald.conf.d':
+    ensure  => directory,
+    mode    => '755',
+  }
+  file { '/etc/systemd/journald.conf.d/persistency.conf':
+    source => 'puppet:///modules/dsa_systemd/persistency.conf',
+  }
+
+  # Make sure that the build directory have the correct permissions.
+  # This should go away once pybuildd issue #3 is solved.
+  file { '/home/buildd/build':
+    ensure  => directory,
+    mode    => '2750',
+    group   => buildd,
+    owner   => buildd,
+  }
+  # work around https://salsa.debian.org/wb-team/pybuildd/issues/11
+  concat::fragment { 'dsa-puppet-stuff--pybuildd-expire-logs':
+    target => '/etc/cron.d/dsa-puppet-stuff',
+    content  => @(EOF)
+      @daily buildd [ -d ~buildd/logs ] && find ~buildd/logs -type f -mtime +90 -delete
+      | EOF
+  }
+}
diff --git a/modules/buildd/manifests/schroot.pp b/modules/buildd/manifests/schroot.pp
new file mode 100644
index 000000000..59e8b2cdf
--- /dev/null
+++ b/modules/buildd/manifests/schroot.pp
@@ -0,0 +1,30 @@
+# sbuild configuration, including chroots
+class buildd::schroot {
+  include schroot
+
+    package { 'sbuild':
+      ensure => installed,
+      tag    => extra_repo,
+    }
+    package { 'libsbuild-perl':
+      ensure => installed,
+      tag    => extra_repo,
+      before => Package['sbuild']
+    }
+    file { '/etc/sbuild/sbuild.conf':
+      source  => 'puppet:///modules/buildd/sbuild.conf',
+      require => Package['sbuild'],
+    }
+    if $has_srv_buildd {
+      concat::fragment { 'dsa-puppet-stuff--buildd-update-schroots':
+        target => '/etc/cron.d/dsa-puppet-stuff',
+        content  => @(EOF)
+          13 22 * * 0,3 root PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin setup-all-dchroots buildd
+          | EOF
+      }
+    }
+    exec { 'add-buildd-user-to-sbuild':
+      command => 'adduser buildd sbuild',
+      onlyif  => "getent group sbuild > /dev/null && ! getent group sbuild | grep '\\<buildd\\>' > /dev/null"
+    }
+}
diff --git a/modules/buildd/manifests/ssh.pp b/modules/buildd/manifests/ssh.pp
new file mode 100644
index 000000000..e4c08522b
--- /dev/null
+++ b/modules/buildd/manifests/ssh.pp
@@ -0,0 +1,4 @@
+# SSH configuration
+class buildd::ssh {
+  ssh::keygen {'buildd': }
+}
-- 
2.20.1