summaryrefslogtreecommitdiff
path: root/manifests/base.pp
blob: 42a670fa52101c756f9a48b630e34edfa3984d49 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
class ekeyd::base {

  package{'ekeyd':
    ensure => installed,
  }

  # TODO (from riseup code)
  # * eventually it would be cool if we could have two classes: one for 
  # SetOutputToKernel and one for EGDTCPSocket. But for now we're just going
  # to have puppet deliver the ekeyd.conf file.
  # * ekeyd will be setup to feed output to whatever is configured in the
  #   variables: $ekeyd_host and $ekeyd_port with the defaults being
  #   127.0.0.1 and 8888
  file{'/etc/entropykey/ekeyd.conf':
    content => $operatingsystem ? {
      'debian' => template("ekeyd/ekeyd_${lsbdistcodename}.conf.erb"),
       default => template("ekeyd/ekeyd_default.conf.erb"),
    },
    require => Package['ekeyd'],
    notify => Service['ekeyd'],
    owner => root, group => 0, mode => 0644;
  }
  service{'ekeyd':
    ensure => running,
    enable => true,
  }

  exec{'configure_ekeyd_key':
    command => "ekey-rekey `ekeydctl list | grep \"/dev/entropykey\" | awk -F, '{ print \$5}'` ${ekeyd::ekeyd_masterkey}",
    unless => "ekeydctl list | grep -q 'Running OK'",
    require => Service['ekeyd'],
  } 
}