Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F11708181
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
5 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/GIDs b/GIDs
index 9208b35..37bec0e 100644
--- a/GIDs
+++ b/GIDs
@@ -1,2 +1,3 @@
+827 chaton-dev
828 deployment
829 nasqueron-irc
diff --git a/UIDs b/UIDs
index 25dcde2..0a75283 100644
--- a/UIDs
+++ b/UIDs
@@ -1,2 +1,3 @@
830 odderon
831 builder
+832 chaton
diff --git a/pillar/users/shellgroups.sls b/pillar/users/shellgroups.sls
index 4efb91d..31f10f8 100644
--- a/pillar/users/shellgroups.sls
+++ b/pillar/users/shellgroups.sls
@@ -1,24 +1,29 @@
# -------------------------------------------------------------
# Salt — Service groups list
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Eglide
# Created: 2017-01-24
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
# -------------------------------------------------------------
# Nasqueron
# -------------------------------------------------------------
shellgroups:
+ chaton-dev:
+ gid: 827
+ description: Bonjour chaton
+ members:
+ - hlp
deployment:
gid: 828
description: Build softwares to be installed on the servers
members:
- dereckson
nasqueron-irc:
gid: 829
description: Manages IRC bots used for Nasqueron projects
members:
- dereckson
- sandlayth
diff --git a/roles/shellserver/bonjour-chaton/account.sls b/roles/shellserver/bonjour-chaton/account.sls
new file mode 100644
index 0000000..714c93d
--- /dev/null
+++ b/roles/shellserver/bonjour-chaton/account.sls
@@ -0,0 +1,32 @@
+# -------------------------------------------------------------
+# Salt — Deploy Bonjour chaton
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Created: 2017-01-24
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+
+# -------------------------------------------------------------
+# Service account
+# -------------------------------------------------------------
+
+bonjour_chaton_account:
+ user.present:
+ - name: chaton
+ - fullname: Bonjour chaton bot
+ - uid: 832
+ - gid: 827
+ - home: /opt/bonjour-chaton
+
+# -------------------------------------------------------------
+# Sudo capabilities
+#
+# Members of bonjour-chaton-dev should be able to sudo -u bonjour_chaton …
+# -------------------------------------------------------------
+
+bonjour_chaton_sudo_capabilities_file:
+ file.managed:
+ - name: {{ dirs.etc }}/sudoers.d/bonjour_chaton
+ - source: salt://roles/shellserver/bonjour-chaton/files/bonjour_chaton.sudoers
+ - template: jinja
diff --git a/roles/shellserver/bonjour-chaton/certificates.sls b/roles/shellserver/bonjour-chaton/certificates.sls
new file mode 100644
index 0000000..b4a7e4e
--- /dev/null
+++ b/roles/shellserver/bonjour-chaton/certificates.sls
@@ -0,0 +1,35 @@
+# -------------------------------------------------------------
+# Salt — Deploy Bonjour chaton
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Created: 2017-04-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+
+/opt/bonjour-chaton/certs:
+ file.directory:
+ - user: chaton
+ - group: chaton-dev
+ - dir_mode: 750
+
+bonjour_chaton_certificates_private:
+ cmd.run:
+ - name: cp {{ dirs.etc }}/letsencrypt/live/robot.paysannerebelle.com/privkey.pem /opt/bonjour-chaton/certs/private.pem
+ - creates: /opt/bonjour-chaton/certs/private.pem
+ file.managed:
+ - name: /opt/bonjour-chaton/certs/private.pem
+ - user: chaton
+ - group: chaton-dev
+ - mode: 0600
+ - replace: False
+ - show_changes: False
+
+bonjour_chaton_certificates_public:
+ cmd.run:
+ - name: cp {{ dirs.etc }}/letsencrypt/live/robot.paysannerebelle.com/fullchain.pem /opt/bonjour-chaton/certs/cert.pem
+ file.managed:
+ - name: /opt/bonjour-chaton/certs/cert.pem
+ - user: chaton
+ - group: chaton-dev
+ - mode: 0644
diff --git a/roles/shellserver/bonjour-chaton/files/bonjour_chaton.sudoers b/roles/shellserver/bonjour-chaton/files/bonjour_chaton.sudoers
new file mode 100644
index 0000000..c843af9
--- /dev/null
+++ b/roles/shellserver/bonjour-chaton/files/bonjour_chaton.sudoers
@@ -0,0 +1,21 @@
+# -------------------------------------------------------------
+# Bonjour chaton
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Created: 2017-01-24
+# License: Trivial work, not eligible to copyright
+# Source file: roles/shellserver/bonjour_chaton/files/bonjour_chaton.sudoers
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+%chaton-dev ALL=(chaton) NOPASSWD: ALL
+
+# Service management
+{% for command in ["start", "stop", "restart", "reload"] %}
+%chaton-dev ALL= NOPASSWD: /bin/systemctl {{ command }} chaton
+{% endfor %}
diff --git a/roles/shellserver/bonjour-chaton/init.sls b/roles/shellserver/bonjour-chaton/init.sls
new file mode 100644
index 0000000..83e11eb
--- /dev/null
+++ b/roles/shellserver/bonjour-chaton/init.sls
@@ -0,0 +1,10 @@
+# -------------------------------------------------------------
+# Salt — Deploy Bonjour chaton
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Created: 2017-04-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+include:
+ - .account
+ - .certificates
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Mon, Sep 15, 05:10 (19 h, 10 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2983732
Default Alt Text
(5 KB)
Attached To
Mode
rOPS Nasqueron Operations
Attached
Detach File
Event Timeline
Log In to Comment