Page MenuHomeDevCentral

D3473.id8958.diff
No OneTemporary

D3473.id8958.diff

diff --git a/roles/devserver/webserver-home/files/setup-web-home.py b/roles/devserver/webserver-home/files/setup-web-home.py
--- a/roles/devserver/webserver-home/files/setup-web-home.py
+++ b/roles/devserver/webserver-home/files/setup-web-home.py
@@ -10,7 +10,6 @@
import os
-import shutil
import sys
@@ -35,12 +34,6 @@
)
-def setup(username):
- os.mkdir(f"/var/home-wwwroot/{username}", mode=0o755)
- shutil.chown(f"/var/home-wwwroot/{username}", user=username, group="web")
- os.symlink(f"/var/home-wwwroot/{username}", f"/home/{username}/public_html")
-
-
# -------------------------------------------------------------
# Application entry point
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -49,7 +42,7 @@
def run(username):
if is_valid_setup(username):
print("Setup is already done and looks correct.", file=sys.stderr)
- sys.exit(4)
+ sys.exit(0)
if not is_clean(username):
print(
@@ -58,11 +51,11 @@
)
sys.exit(2)
- try:
- setup(username)
- except OSError as e:
- print(e, file=sys.stderr)
- sys.exit(8)
+ print(
+ "Nothing detected., apply Salt state roles/devserver/webserver-home to create it.",
+ file=sys.stderr,
+ )
+ sys.exit(4)
if __name__ == "__main__":
diff --git a/roles/devserver/webserver-home/init.sls b/roles/devserver/webserver-home/init.sls
--- a/roles/devserver/webserver-home/init.sls
+++ b/roles/devserver/webserver-home/init.sls
@@ -21,6 +21,64 @@
- source: salt://roles/devserver/webserver-home/files/setup-web-home.py
- mode: 755
+# -------------------------------------------------------------
+# ZFS datasets
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{% if salt["node.has"]("zfs:pool") %}
+
+{% set tank = salt["node.get"]("zfs:pool") %}
+{% set users = salt["forest.get_users"]() %}
+
+{{ tank }}/var/home-wwwroot:
+ zfs.filesystem_present:
+ - properties:
+ mountpoint: /var/home-wwwroot
+ compression: zstd
+
+zfs_webserver_home_permissions_sets:
+ cmd.run:
+ - name: |
+ zfs allow -s @local allow,clone,create,diff,hold,mount,promote,receive,release,rollback,snapshot,send {{ tank }}/var/home-wwwroot
+ zfs allow -s @descendent allow,clone,create,diff,destroy,hold,mount,promote,receive,release,rename,rollback,snapshot,send {{ tank }}/var/home-wwwroot
+ touch /var/home-wwwroot/.zfs-permissions-set
+ - creates: /var/home-wwwroot/.zfs-permissions-set
+
+{% for username in users %}
+{% set webserver_home_directory = tank + "/var/home-wwwroot/" + username %}
+
+{{ webserver_home_directory }}:
+ zfs.filesystem_present:
+ - properties:
+ compression: zstd
+ "com.sun:auto-snapshot": "true"
+
+zfs_permissions_webserver_home_local_{{ username }}:
+ cmd.run:
+ - name: zfs allow -lu {{ username }} @local {{ webserver_home_directory }}
+ - onchanges:
+ - zfs: {{ webserver_home_directory }}
+
+zfs_permissions_webserver_home_descendant_{{ username }}:
+ cmd.run:
+ - name: zfs allow -du {{ username }} @descendent {{ webserver_home_directory }}
+ - onchanges:
+ - zfs: {{ webserver_home_directory }}
+
+/var/home-wwwroot/{{ username }}:
+ file.directory:
+ - user: {{ username }}
+ - group: web
+ - dir_mode: 755
+
+/home/{{ username }}/public_html:
+ file.symlink:
+ - target: /var/home-wwwroot/{{ username }}
+
+{% endfor %}
+
+{% endif %}
+
# -------------------------------------------------------------
# Default vhost
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

File Metadata

Mime Type
text/plain
Expires
Tue, Nov 26, 11:16 (21 h, 41 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2264435
Default Alt Text
D3473.id8958.diff (3 KB)

Event Timeline