Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3742339
D971.id2493.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Referenced Files
None
Subscribers
None
D971.id2493.diff
View Options
diff --git a/GIDs b/GIDs
--- a/GIDs
+++ b/GIDs
@@ -1,2 +1,3 @@
+827 chaton-dev
828 deployment
829 nasqueron-irc
diff --git a/UIDs b/UIDs
--- a/UIDs
+++ b/UIDs
@@ -1,2 +1,3 @@
830 odderon
831 builder
+832 chaton
diff --git a/pillar/users/shellgroups.sls b/pillar/users/shellgroups.sls
--- a/pillar/users/shellgroups.sls
+++ b/pillar/users/shellgroups.sls
@@ -11,6 +11,11 @@
# -------------------------------------------------------------
shellgroups:
+ chaton-dev:
+ gid: 827
+ description: Bonjour chaton
+ members:
+ - hlp
deployment:
gid: 828
description: Build softwares to be installed on the servers
diff --git a/roles/shellserver/bonjour-chaton/account.sls b/roles/shellserver/bonjour-chaton/account.sls
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/bonjour-chaton/account.sls
@@ -0,0 +1,32 @@
+# -------------------------------------------------------------
+# Salt — Deploy Bonjour chaton
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Created: 2017-01-24
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+
+# -------------------------------------------------------------
+# Service account
+# -------------------------------------------------------------
+
+bonjour_chaton_account:
+ user.present:
+ - name: chaton
+ - fullname: Bonjour chaton bot
+ - uid: 832
+ - gid: 827
+ - home: /opt/bonjour-chaton
+
+# -------------------------------------------------------------
+# Sudo capabilities
+#
+# Members of bonjour-chaton-dev should be able to sudo -u bonjour_chaton …
+# -------------------------------------------------------------
+
+bonjour_chaton_sudo_capabilities_file:
+ file.managed:
+ - name: {{ dirs.etc }}/sudoers.d/bonjour_chaton
+ - source: salt://roles/shellserver/bonjour-chaton/files/bonjour_chaton.sudoers
+ - template: jinja
diff --git a/roles/shellserver/bonjour-chaton/certificates.sls b/roles/shellserver/bonjour-chaton/certificates.sls
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/bonjour-chaton/certificates.sls
@@ -0,0 +1,35 @@
+# -------------------------------------------------------------
+# Salt — Deploy Bonjour chaton
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Created: 2017-04-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+
+/opt/bonjour-chaton/certs:
+ file.directory:
+ - user: chaton
+ - group: chaton-dev
+ - dir_mode: 750
+
+bonjour_chaton_certificates_private:
+ cmd.run:
+ - name: cp {{ dirs.etc }}/letsencrypt/live/robot.paysannerebelle.com/privkey.pem /opt/bonjour-chaton/certs/private.pem
+ - creates: /opt/bonjour-chaton/certs/private.pem
+ file.managed:
+ - name: /opt/bonjour-chaton/certs/private.pem
+ - user: chaton
+ - group: chaton-dev
+ - mode: 0600
+ - replace: False
+ - show_changes: False
+
+bonjour_chaton_certificates_public:
+ cmd.run:
+ - name: cp {{ dirs.etc }}/letsencrypt/live/robot.paysannerebelle.com/fullchain.pem /opt/bonjour-chaton/certs/cert.pem
+ file.managed:
+ - name: /opt/bonjour-chaton/certs/cert.pem
+ - user: chaton
+ - group: chaton-dev
+ - mode: 0644
diff --git a/roles/shellserver/bonjour-chaton/files/bonjour_chaton.sudoers b/roles/shellserver/bonjour-chaton/files/bonjour_chaton.sudoers
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/bonjour-chaton/files/bonjour_chaton.sudoers
@@ -0,0 +1,21 @@
+# -------------------------------------------------------------
+# Bonjour chaton
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Created: 2017-01-24
+# License: Trivial work, not eligible to copyright
+# Source file: roles/shellserver/bonjour_chaton/files/bonjour_chaton.sudoers
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+%chaton-dev ALL=(chaton) NOPASSWD: ALL
+
+# Service management
+{% for command in ["start", "stop", "restart", "reload"] %}
+%chaton-dev ALL= NOPASSWD: /bin/systemctl {{ command }} chaton
+{% endfor %}
diff --git a/roles/shellserver/bonjour-chaton/init.sls b/roles/shellserver/bonjour-chaton/init.sls
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/bonjour-chaton/init.sls
@@ -0,0 +1,10 @@
+# -------------------------------------------------------------
+# Salt — Deploy Bonjour chaton
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Created: 2017-04-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+include:
+ - .account
+ - .certificates
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Fri, Nov 15, 04:49 (5 h, 52 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2245724
Default Alt Text
D971.id2493.diff (4 KB)
Attached To
Mode
D971: Bootstrap bonjour chaton service
Attached
Detach File
Event Timeline
Log In to Comment