Page MenuHomeDevCentral
Files F3769430

No OneTemporary
Actions

View Options

diff --git a/roles/shellserver/quassel-core/init.sls b/pillar/shellserver/quassel.sls
similarity index 80%
copy from roles/shellserver/quassel-core/init.sls
copy to pillar/shellserver/quassel.sls
index 5f68bab..46c107c 100644
--- a/roles/shellserver/quassel-core/init.sls
+++ b/pillar/shellserver/quassel.sls
@@ -1,11 +1,10 @@
# -------------------------------------------------------------
-# Salt — Provision Quassel core
+# Salt — Quassel managed installation
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Eglide
# Created: 2018-03-28
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
-include:
- - .certificate
- - .software
+quassel_users:
+ - balaji
diff --git a/pillar/top.sls b/pillar/top.sls
index 60d3a37..2adfc56 100644
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -1,29 +1,31 @@
# -------------------------------------------------------------
# Salt configuration for Nasqueron servers
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2016-04-10
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
base:
'*':
- core.users
- core.groups
- certificates.certificates
- nodes.nodes
- nodes.forests
- hotfixes.roles
- webserver.sites
dwellers:
- paas.docker
+ eglide:
+ - shellserver.quassel
equatower:
- paas.docker
- saas.phpbb
ysul:
- devserver.repos
- saas.mediawiki
- viperserv.bots
- viperserv.fantoir
- webserver.labs
- webserver.wwwroot51
diff --git a/roles/shellserver/quassel-core/changepassword.sls b/roles/shellserver/quassel-core/changepassword.sls
new file mode 100644
index 0000000..1c2cdda
--- /dev/null
+++ b/roles/shellserver/quassel-core/changepassword.sls
@@ -0,0 +1,38 @@
+# -------------------------------------------------------------
+# Salt — Provision Quassel core
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2018-03-28
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+{% from "roles/shellserver/quassel-core/map.jinja" import quassel with context %}
+
+# -------------------------------------------------------------
+# Wrapper for quasselcore --change-userpass
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ dirs.bin }}/chquasselpasswd:
+ file.managed:
+ - source: salt://roles/shellserver/quassel-core/files/chquasselpasswd.sh.jinja
+ - mode: 755
+ - template: jinja
+ - context:
+ quassel: {{ quassel }}
+
+# -------------------------------------------------------------
+# Sudo capabilities
+#
+# Quassel users can change their password
+# -------------------------------------------------------------
+
+chquasselpasswd_sudo_capabilities_file:
+ file.managed:
+ - name: {{ dirs.etc }}/sudoers.d/chquasselpasswd
+ - source: salt://roles/shellserver/quassel-core/files/chquasselpasswd.suoders
+ - template: jinja
+ - context:
+ dirs: {{ dirs }}
+ quassel: {{ quassel }}
+ users: {{ pillar['quassel_users'] }}
diff --git a/roles/shellserver/quassel-core/files/chquasselpasswd.sh.jinja b/roles/shellserver/quassel-core/files/chquasselpasswd.sh.jinja
new file mode 100755
index 0000000..2d2356d
--- /dev/null
+++ b/roles/shellserver/quassel-core/files/chquasselpasswd.sh.jinja
@@ -0,0 +1,59 @@
+#!/bin/sh
+# -------------------------------------------------------------
+# Quassel change password wrapper
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2018-03-28
+# License: Trivial work, not eligible to copyright
+# Source file: roles/shellserver/quassel-core/files/chquasselpasswd.sh
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# -------------------------------------------------------------
+# Configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+QUASSEL_CONFIG_DIR=/var/lib/quassel
+QUASSEL_USER="{{ quassel.user }}"
+
+# -------------------------------------------------------------
+# Helper methods
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+error() {
+ echo "$@" 1>&2;
+}
+
+getcommandname() {
+ basename "$0"
+}
+
+usage() {
+ echo "Usage: $(getcommandname)"
+ echo " Change the Quassel user password"
+ exit 64
+}
+
+# -------------------------------------------------------------
+# Check arguments
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
+ usage
+elif [ $# -gt 0 ]; then
+ error "$(getcommandname): illegal option -- $*"
+ usage
+fi
+
+# -------------------------------------------------------------
+# Call quassel core
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+sudo -u "$QUASSEL_USER" \
+ quasselcore --configdir="$QUASSEL_CONFIG_DIR" --change-userpass="$USER"
diff --git a/roles/shellserver/quassel-core/files/chquasselpasswd.suoders b/roles/shellserver/quassel-core/files/chquasselpasswd.suoders
new file mode 100644
index 0000000..9ec80a3
--- /dev/null
+++ b/roles/shellserver/quassel-core/files/chquasselpasswd.suoders
@@ -0,0 +1,20 @@
+#!/bin/sh
+# -------------------------------------------------------------
+# Quassel change password wrapper - sudo capabilities
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2018-03-28
+# License: Trivial work, not eligible to copyright
+# Source file: roles/shellserver/quassel-core/files/chquasselpasswd.suoders
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+{% for user in users -%}
+{{ user }} ALL=({{ quassel.user }}) NOPASSWD: {{ dirs.bin }}/quasselcore --configdir=/var/lib/quassel --change-userpass={{ user }}
+{% endfor -%}
diff --git a/roles/shellserver/quassel-core/init.sls b/roles/shellserver/quassel-core/init.sls
index 5f68bab..a806de6 100644
--- a/roles/shellserver/quassel-core/init.sls
+++ b/roles/shellserver/quassel-core/init.sls
@@ -1,11 +1,12 @@
# -------------------------------------------------------------
# Salt — Provision Quassel core
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Eglide
# Created: 2018-03-28
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
include:
- .certificate
- .software
+ - .changepassword

File Metadata

Mime Type
text/x-diff
Expires
Mon, Nov 25, 14:35 (1 d, 6 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2258828
Default Alt Text
(7 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator