Commit d44bf921 authored by mh's avatar mh
Browse files
parents bff6571c 5524eb7a
......@@ -52,6 +52,8 @@ define webhosting::passenger(
$mod_security = true,
$passenger_app = 'rails',
$git_repo = 'absent',
$user_scripts = 'absent',
$user_scripts_options = {},
){
if ($uid_name == 'absent'){
......@@ -74,28 +76,30 @@ define webhosting::passenger(
}
}
webhosting::common{$name:
ensure => $ensure,
configuration => $configuration,
uid => $uid,
uid_name => $real_uid_name,
gid => $gid,
gid_name => $real_gid_name,
user_access => $user_access,
password => $password,
password_crypted => $password_crypted,
htpasswd_file => $htpasswd_file,
ssl_mode => $ssl_mode,
run_mode => $run_mode,
run_uid => $run_uid,
run_uid_name => $run_uid_name,
run_gid => $run_gid,
wwwmail => $wwwmail,
nagios_check => $nagios_check,
nagios_check_domain => $nagios_check_domain,
nagios_check_url => $nagios_check_url,
nagios_check_code => $nagios_check_code,
nagios_use => $nagios_use,
git_repo => $git_repo,
ensure => $ensure,
configuration => $configuration,
uid => $uid,
uid_name => $real_uid_name,
gid => $gid,
gid_name => $real_gid_name,
user_access => $user_access,
password => $password,
password_crypted => $password_crypted,
htpasswd_file => $htpasswd_file,
ssl_mode => $ssl_mode,
run_mode => $run_mode,
run_uid => $run_uid,
run_uid_name => $run_uid_name,
run_gid => $run_gid,
wwwmail => $wwwmail,
nagios_check => $nagios_check,
nagios_check_domain => $nagios_check_domain,
nagios_check_url => $nagios_check_url,
nagios_check_code => $nagios_check_code,
nagios_use => $nagios_use,
git_repo => $git_repo,
user_scripts => $user_scripts,
user_scripts_options => $user_scripts_options,
}
apache::vhost::passenger{$name:
ensure => $ensure,
......@@ -127,18 +131,18 @@ define webhosting::passenger(
$path_options = "\nexport PATH=~/gems/bin:\$PATH"
file{
"/var/www/vhosts/${name}/.ccache":
ensure => directory,
owner => $real_uid_name,
group => $real_gid_name,
mode => '0750';
ensure => directory,
owner => $real_uid_name,
group => $real_gid_name,
mode => '0750';
"/var/www/vhosts/${name}/.bashrc":
content => "export GEM_HOME=~/gems/${path_options}${rails_options}\n",
owner => $real_uid_name,
group => $real_gid_name,
mode => '0640';
"/var/www/vhosts/${name}/.profile":
ensure => link,
target => "/var/www/vhosts/${name}/.bashrc";
ensure => link,
target => "/var/www/vhosts/${name}/.bashrc";
"/var/www/vhosts/${name}/.gemrc":
content => "gem: --no-ri --no-rdoc\n",
owner => $real_uid_name,
......
......@@ -26,8 +26,8 @@ define webhosting::user_scripts::manage(
require ::webhosting::user_scripts
file{
"user_scripts_${name}":
path => $scripts_path,
ensure => directory,
path => $scripts_path,
owner => root,
group => $web_group,
mode => '0440',
......@@ -52,10 +52,10 @@ define webhosting::user_scripts::manage(
if ($script_name in $scripts) or ($scripts == 'ALL') {
file{
"${scripts_path}/${script_name}":
ensure => directory,
owner => $sftp_user,
group => $web_group,
mode => '0600';
ensure => directory,
owner => $sftp_user,
group => $web_group,
mode => '0600';
"incron_${script_name}_${name}":
path => "/etc/incron.d/${name}_${script_name}",
content => "${scripts_path}/${script_name}/ IN_CREATE /opt/webhosting_user_scripts/common/run_incron.sh \$@ \$#\n",
......@@ -68,23 +68,30 @@ define webhosting::user_scripts::manage(
file{
"${scripts_path}/${script_name}/${script_name}.${config_ext}":
content => template("webhosting/user_scripts/${script_name}/${script_name}.${config_ext}.erb"),
replace => false,
owner => $sftp_user,
group => $web_group,
mode => '0600';
}
if ($script_name == 'ssh_authorized_keys') {
file{"/var/www/ssh_authorized_keys/${sftp_user}":
content => template('webhosting/user_scripts/ssh_authorized_keys/ssh_authorized_keys.keys.erb'),
owner => $sftp_user,
group => 0,
mode => '0600',
seltype => 'ssh_home_t';
}
if !$user_scripts_options['enforce_ssh_authorized_keys'] {
File["/var/www/ssh_authorized_keys/${sftp_user}","${scripts_path}/${script_name}/${script_name}.${config_ext}"]{
replace => false,
}
}
} else {
File["${scripts_path}/${script_name}/${script_name}.${config_ext}"]{
replace => false,
}
}
}
}
}
if ('ssh_authorized_keys' in $scripts) or ($scripts == 'ALL') {
file{"/var/www/ssh_authorized_keys/${sftp_user}":
content => template('webhosting/user_scripts/ssh_authorized_keys/ssh_authorized_keys.keys.erb'),
replace => false,
owner => $sftp_user,
group => 0,
mode => '0600',
seltype => 'ssh_home_t';
}
}
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment