Page MenuHomeDevCentral

No OneTemporary

diff --git a/GIDs b/GIDs
index 0101963..c2891c9 100644
--- a/GIDs
+++ b/GIDs
@@ -1,10 +1,11 @@
827 chaton-dev
828 deployment
829 nasqueron-irc
+990 quassel
3001 ops
#3002 is intentionally left unassigned
3003 deployment
3004 mediawiki
9001 salt
9002 deploy
9003 web
diff --git a/UIDs b/UIDs
index f6f670f..dfc76b6 100644
--- a/UIDs
+++ b/UIDs
@@ -1,9 +1,10 @@
830 odderon
831 builder
832 chaton
833 viper
834 tc2
+990 quassel
3004 mediawiki
9001 salt
9002 deploy
8900 zr
diff --git a/map.jinja b/map.jinja
index 1b46bd9..5173d13 100644
--- a/map.jinja
+++ b/map.jinja
@@ -1,196 +1,205 @@
{% set dirs = salt['grains.filter_by']({
'Debian': {
'etc': '/etc',
'bin': '/usr/bin',
'include': '/usr/include',
'lib': '/usr/lib',
'man': '/usr/share/man',
'sbin': '/usr/sbin',
'share': '/usr/share',
},
'FreeBSD' : {
'etc': '/usr/local/etc',
'bin': '/usr/local/bin',
'include': '/usr/local/include',
'lib': '/usr/local/lib',
'man': '/usr/local/man',
'sbin': '/usr/local/sbin',
'share': '/usr/local/share',
},
}, default='Debian') %}
{% set services = salt['grains.filter_by']({
'Debian': {
'manager': 'systemd',
},
'FreeBSD' : {
'manager': 'rc',
},
}, default='Debian') %}
{% set shells = salt['grains.filter_by']({
'Debian': {
'bash': '/bin/bash',
'fish': '/usr/bin/fish',
+ 'nologin': '/usr/sbin/nologin',
'tcsh': '/usr/bin/tcsh',
'zsh': '/bin/zsh',
},
'FreeBSD' : {
'bash': '/usr/local/bin/bash',
'fish': '/usr/local/bin/fish',
+ 'nologin': '/sbin/nologin',
'tcsh': '/bin/tcsh',
'zsh': '/usr/local/bin/zsh',
},
+ 'Arch': {
+ 'bash': '/bin/bash',
+ 'fish': '/usr/bin/fish',
+ 'nologin': '/sbin/nologin',
+ 'tcsh': '/usr/bin/tcsh',
+ 'zsh': '/bin/zsh',
+ },
}, default='Debian') %}
{% set paths = salt['grains.filter_by']({
'FreeBSD': {
'sshd': '/usr/sbin/sshd',
'sftp': '/usr/libexec/sftp-server',
},
'Debian': {
'sshd': '/usr/sbin/sshd',
'sftp': '/usr/lib/openssh/sftp-server',
},
'RedHat': {
'sshd': '/sbin/sshd',
'sftp': '/usr/libexec/openssh/sftp-server',
},
'Arch': {
'sshd': '/usr/sbin/sshd',
'sftp': '/usr/lib/ssh/sftp-server',
},
}, default='FreeBSD') %}
{% set packages_prefixes = salt['grains.filter_by']({
'Debian': {
'php': 'php7.2-',
'python2': '',
'python3': 'python3-',
},
'RedHat': {
'python2': 'python-',
'python3': 'python3-',
},
'FreeBSD' : {
'php': 'php72-',
'python2': 'py27-',
'python3': 'py36-',
'rubygem': 'rubygem-',
},
}, default='Debian') %}
{% set packages = salt['grains.filter_by']({
'Debian' : {
'ag': 'silversearcher-ag',
'aspell-fr': 'aspell-fr',
'aspell-en': 'aspell-en',
'certbot': 'certbot',
'composer': 'composer',
'cppunit': 'libcppunit-dev',
'emacs': 'emacs-nox',
'exiftool': 'libimage-exiftool-perl',
'gpg': 'gpg',
'imagemagick': 'imagemagick',
'jpeg-turbo' : 'libjpeg-turbo',
'librabbitmq': 'librabbitmq-dev',
'lua': 'lua5.1',
'mariadb': 'mariadb-server',
'node': 'nodejs',
'pear': 'php-pear',
'phpcs': 'php-codesniffer',
'phpunit': 'phpunit',
'postgresql': 'postgresql-10',
'sphinx': 'python3-sphinx',
'tcl': 'tcl8.6-dev',
'tcltls': 'tcl-tls',
'tdom': 'tdom',
'varnish': 'varnish',
'verbiste': 'verbiste',
'youtube-dl': 'youtube-dl',
'yubico-pam': 'libpam-yubico',
},
'RedHat': {
'ag': 'the_silver_searcher',
'aspell-fr': 'aspell-fr',
'certbot': 'python2-certbot',
'cppunit': 'cppunit-devel',
'emacs': 'emacs-nox',
'exiftool': 'perl-Image-ExifTool',
'jpeg-turbo' : 'libjpeg-turbo',
'librabbitmq': 'librabbitmq',
'lua': 'lua',
'mariadb': 'mariadb-server',
'node': 'nodejs',
'pear': 'php-pear',
'phpcs': 'php-pear-PHP-CodeSniffer',
'sphinx': 'python3-sphinx',
'tcl': 'tcl',
'tcltls': 'tcltls',
'varnish': 'varnish',
'youtube-dl': 'youtube-dl',
'yubico-pam': 'pam_yubico',
},
'Arch': {
'ag': 'the_silver_searcher',
'aspell-fr': 'aspell-fr',
'certbot': 'certbot',
'cppunit': 'cppunit',
'emacs': 'emacs-nox',
'mariadb': 'mariadb',
'sphinx': 'python-sphinx',
'tcltls': 'tcltls',
'varnish': 'varnish',
'youtube-dl': 'youtube-dl',
'yubico-pam': 'yubico-pam',
},
'FreeBSD' : {
'ag': 'the_silver_searcher',
'aspell-fr': 'fr-aspell',
'aspell-en': 'en-aspell',
'boost': 'boost-all',
'certbot': 'py27-certbot',
'composer': 'php-composer',
'cppunit': 'cppunit',
'emacs': 'emacs-nox11',
'exiftool': 'p5-Image-ExifTool-devel',
'gpg': 'gnupg',
'imagemagick': 'ImageMagick',
'jpeg-turbo' : 'jpeg-turbo',
'librabbitmq': 'rabbitmq-c-devel',
'lua': 'lua51',
'mariadb': 'mariadb102-server',
'node': 'node',
'pear': 'pear',
'phpcs': 'pear-PHP_CodeSniffer',
'phpunit': 'phpunit6',
'postgresql': 'postgresql10-server',
'sphinx': 'py36-sphinx',
'tcl': 'tcl86',
'tcltls': 'tcltls',
'tdom': 'tDOM',
'varnish': 'varnish5',
'verbiste': 'fr-verbiste',
'youtube-dl': 'youtube_dl',
'yubico-pam': 'pam_yubico',
},
}, default='Debian') %}
{# -------------------------------------------------------------
Capabilities of OS and distributions
:: MOTD-printed-at-login
Login mechanism, through PAM or dotfiles,
prints the MOTD when a session is opened.
When at False, OpenSSH will take care of it.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #}
{% set capabilities = salt['grains.filter_by']({
'Debian': {
'MOTD-printed-at-login': True,
},
'FreeBSD' : {
'MOTD-printed-at-login': False,
},
}, default='Debian') %}
diff --git a/roles/shellserver/init.sls b/roles/shellserver/init.sls
index 3f872f3..91fa735 100644
--- a/roles/shellserver/init.sls
+++ b/roles/shellserver/init.sls
@@ -1,17 +1,18 @@
# -------------------------------------------------------------
# Salt — Shell server's units
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
include:
# System features
- .userland-software
- .vhosts
- .web-hosting
- .database
+ - .quassel-core
# Services hosted
- .odderon
- .bonjour-chaton
diff --git a/roles/shellserver/quassel-core/account.sls b/roles/shellserver/quassel-core/account.sls
new file mode 100644
index 0000000..c661ddc
--- /dev/null
+++ b/roles/shellserver/quassel-core/account.sls
@@ -0,0 +1,26 @@
+# -------------------------------------------------------------
+# Salt — Provision Quassel core
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2018-03-28
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import shells with context %}
+
+# -------------------------------------------------------------
+# Account
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+quassel_account:
+ group.present:
+ - name: quassel
+ - gid: 990
+ - system: True
+ user.present:
+ - name: quassel
+ - fullname: Quassel core
+ - uid: 990
+ - gid: 990
+ - home: /var/lib/quassel
+ - shell: {{ shells.nologin }}
diff --git a/roles/shellserver/quassel-core/certificate.sls b/roles/shellserver/quassel-core/certificate.sls
new file mode 100644
index 0000000..c746e44
--- /dev/null
+++ b/roles/shellserver/quassel-core/certificate.sls
@@ -0,0 +1,30 @@
+# -------------------------------------------------------------
+# Salt — Provision Quassel core
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2018-03-28
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Certificate
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/lib/quassel:
+ file.directory:
+ - user: quassel
+ - group: quassel
+
+quassel_certificate:
+ cmd.run:
+ - name: cat privkey.pem cert.pem > /var/lib/quassel/quasselCert.pem
+ - cwd: /etc/letsencrypt/live/quassel.eglide.org
+ - creates: /var/lib/quassel/quasselCert.pem
+
+quassel_certificate_rights:
+ file.managed:
+ - name: /var/lib/quassel/quasselCert.pem
+ - replace: False
+ - user: quassel
+ - group: quassel
+ - mode: 400
diff --git a/roles/shellserver/init.sls b/roles/shellserver/quassel-core/init.sls
similarity index 56%
copy from roles/shellserver/init.sls
copy to roles/shellserver/quassel-core/init.sls
index 3f872f3..df8e1bc 100644
--- a/roles/shellserver/init.sls
+++ b/roles/shellserver/quassel-core/init.sls
@@ -1,17 +1,12 @@
# -------------------------------------------------------------
-# Salt — Shell server's units
+# Salt — Provision Quassel core
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Nasqueron
+# Project: Eglide
+# Created: 2018-03-28
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
include:
- # System features
- - .userland-software
- - .vhosts
- - .web-hosting
- - .database
-
- # Services hosted
- - .odderon
- - .bonjour-chaton
+ - .account
+ - .certificate
+ - .software
diff --git a/roles/shellserver/quassel-core/software.sls b/roles/shellserver/quassel-core/software.sls
new file mode 100644
index 0000000..8f03ba7
--- /dev/null
+++ b/roles/shellserver/quassel-core/software.sls
@@ -0,0 +1,23 @@
+# -------------------------------------------------------------
+# Salt — Provision Quassel core
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2018-03-28
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Software
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+quassel-core:
+ pkg.installed
+
+# -------------------------------------------------------------
+# Dependencies
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{% if grains['os_family'] == 'Debian' %}
+libqt5sql5-psql:
+ pkg.installed
+{% endif %}

File Metadata

Mime Type
text/x-diff
Expires
Sun, Nov 24, 19:42 (6 h, 22 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2258812
Default Alt Text
(11 KB)

Event Timeline