aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2013-05-13 21:44:51 -0300
committerSilvio Rhatto <rhatto@riseup.net>2013-05-13 21:44:51 -0300
commit5d6c2be119c7bbfbf8bf6d84aa523929afe0f1ad (patch)
tree3d176339b1b767a66f758f870c87ab6e32413431
parent8d2a62d157f9c12e3c3becdcfbff0ee96cf23930 (diff)
downloadpuppet-nodo-5d6c2be119c7bbfbf8bf6d84aa523929afe0f1ad.tar.gz
puppet-nodo-5d6c2be119c7bbfbf8bf6d84aa523929afe0f1ad.tar.bz2
NAS enhancements
-rw-r--r--manifests/base/personal.pp2
-rw-r--r--manifests/role/nas.pp311
-rw-r--r--manifests/role/nas/desktop.pp4
-rw-r--r--manifests/subsystem/media.pp13
4 files changed, 181 insertions, 149 deletions
diff --git a/manifests/base/personal.pp b/manifests/base/personal.pp
index adfa5ec..4f18d85 100644
--- a/manifests/base/personal.pp
+++ b/manifests/base/personal.pp
@@ -15,7 +15,7 @@ class nodo::base::personal {
}
# Media folders and groups
- class { [ 'nodo::subsystem::media::folders', 'nodo::subsystem::media::groups' ]: }
+ include nodo::subsystem::media
# Mountpoint for encrypted home folders
file { [ '/mnt/crypt/', '/mnt/crypt/home' ]:
diff --git a/manifests/role/nas.pp b/manifests/role/nas.pp
index 2460615..a18e274 100644
--- a/manifests/role/nas.pp
+++ b/manifests/role/nas.pp
@@ -5,8 +5,36 @@ class nodo::role::nas {
# Firewall rules
include firewall::nas
+ # Media folders and groups
+ include nodo::subsystem::media
+
+ #
+ # Avahi
+ #
+ # References
+ # http://nfs-lan.sevka.info/
+ # http://en.gentoo-wiki.com/wiki/Avahi
+ # http://wiki.debian.org/ZeroConf
+ # https://wiki.archlinux.org/index.php/Avahi
+ # http://packages.debian.org/wheezy/libnss-mdns
+ # http://packages.debian.org/wheezy/mdns-scan
+ # http://packages.debian.org/wheezy/avahi-discover
+ # http://askubuntu.com/questions/19590/how-do-i-share-nfs-mounts-over-zeroconf
+ # http://sophie.zarb.org/distrib/Mandriva/current/x86_64/rpms/pure-ftpd/files/1
+ # https://github.com/stahnma/puppet-module-avahi
+ # https://github.com/tjfontaine/airprint-generate
+ # http://mryoung.soundbomb.net/index.php/apple-airprint-with-linux-avahi
+ # http://lists.freedesktop.org/archives/avahi/2006-July/000824.html
+ # http://cups.org/documentation.php/doc-1.6/ref-cupsd-conf.html#BrowseLocalProtocols
+ # http://www.dns-sd.org/ServiceTypes.html
+ include avahi
+
# DLNA
- class { 'minidlna': }
+ $dlna = hiera('nodo::role::nas::dlna', false);
+
+ if $dlna == true {
+ class { 'minidlna': }
+ }
#
# NFS
@@ -19,41 +47,54 @@ class nodo::role::nas {
# http://git.puppet.immerda.ch/?p=module-nfsd.git;a=summary
# http://wiki.debian.org/NFSServerSetup
# http://www.tldp.org/HOWTO/NFS-HOWTO/
+ $nfs = hiera('nodo::role::nas::nfs', false);
- # Main class
- class { 'nfs':
- server => true;
+ if $nfs == true {
+ # Main class
+ class { 'nfs':
+ server => true;
+ }
}
#
# FTP
#
-
# References
# https://forge.puppetlabs.com/tags/ftp
# https://forum.openwrt.org/viewtopic.php?id=12976
# http://download.pureftpd.org/pub/pure-ftpd/doc/FAQ
# http://www.massimilianomarini.com/04/02/2012/how-follow-symbolic-links-pure-ftpd
+ $ftp = hiera('nodo::role::nas::ftp', false);
- # Main class
- class { 'pureftpd':
- virtualchroot => true,
- }
+ if $ftp == true {
+ # Main class
+ class { 'pureftpd':
+ virtualchroot => true,
+ }
+
+ # Enable anonymous ftp
+ file { '/etc/pure-ftpd/conf/NoAnonymous':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 0644,
+ content => "no\n",
+ notify => Service[$pureftpd::params::service_name],
+ }
- # Enable anonymous ftp
- file { '/etc/pure-ftpd/conf/NoAnonymous':
- ensure => present,
- owner => root,
- group => root,
- mode => 0644,
- content => "no\n",
- notify => Service[$pureftpd::params::service_name],
+ file { '/etc/avahi/services/ftp.service':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 0644,
+ source => 'puppet:///modules/site_avahi/services/ftp.service',
+ notify => Service['avahi-daemon'],
+ }
}
#
# Samba
#
-
# References
# https://github.com/ajjahn/puppet-samba
# https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id2583364
@@ -61,177 +102,151 @@ class nodo::role::nas {
# http://www.linuxplanet.com/linuxplanet/tutorials/6600/2
# http://forums.fedoraforum.org/showthread.php?t=260519
# http://randombio.com/linuxsetup38.html
+ $samba = hiera('nodo::role::nas::samba', false);
+
+ if $samba == true {
+ # Main class
+ class { 'samba::server':
+ workgroup => hiera('nodo::samba::workgroup', 'WORKGROUP'),
+ server_string => hiera('nodo::samba::server_string', 'Samba Server'),
+ interfaces => hiera('nodo::samba::interfaces', 'lo eth0'),
+ security => hiera('nodo::samba::security', 'share'),
+ }
- # Main class
- class { 'samba::server':
- workgroup => hiera('nodo::samba::workgroup', 'WORKGROUP'),
- server_string => hiera('nodo::samba::server_string', 'Samba Server'),
- interfaces => hiera('nodo::samba::interfaces', 'lo eth0'),
- security => hiera('nodo::samba::security', 'share'),
- }
+ # We are avoiding multicast
+ # http://bda.ath.cx/blog/2009/01/24/multicast-routing-upnp-traffic-with-linux/
+ # http://linux-igd.sourceforge.net/documentation.php
+ set_samba_option {
+ # Remote announce won't work since routers don't forward broadcast traffic
+ #'remote announce': value => hiera('nodo::samba::remote_announce', '');
+ 'wins support': value => 'yes';
+ 'preferred master': value => 'yes';
+ 'domain master': value => 'yes';
+ 'printing': value => 'cups';
+ 'printcap name': value => 'cups';
+ }
- # We are avoiding multicast
- # http://bda.ath.cx/blog/2009/01/24/multicast-routing-upnp-traffic-with-linux/
- # http://linux-igd.sourceforge.net/documentation.php
- set_samba_option {
- # Remote announce won't work since routers don't forward broadcast traffic
- #'remote announce': value => hiera('nodo::samba::remote_announce', '');
- 'wins support': value => 'yes';
- 'preferred master': value => 'yes';
- 'domain master': value => 'yes';
- 'printing': value => 'cups';
- 'printcap name': value => 'cups';
- }
+ # Disable browsing of printer drivers
+ samba::server::share { 'print$':
+ comment => 'Printer Drivers',
+ path => '/var/lib/samba/printers',
+ browsable => 'no',
+ read_only => 'yes',
+ guest_ok => 'no',
+ }
- # Disable browsing of printer drivers
- samba::server::share { 'print$':
- comment => 'Printer Drivers',
- path => '/var/lib/samba/printers',
- browsable => 'no',
- read_only => 'yes',
- guest_ok => 'no',
+ file { '/etc/avahi/services/samba.service':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 0644,
+ source => 'puppet:///modules/site_avahi/services/samba.service',
+ notify => Service['avahi-daemon'],
+ }
}
#
# HTTP
#
-
# References
# https://github.com/camptocamp/puppet-lighttpd
# https://github.com/example42/puppet-lighttpd
# http://git.puppet.immerda.ch/?p=module-lighttpd.git;a=summary
+ $http = hiera('nodo::role::nas::http', false);
+
+ if $http == true {
+ # Main class
+ class { 'lighttpd': }
+
+ # Document root
+ file { '/var/www/data':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 0755,
+ }
- # Main class
- class { 'lighttpd': }
-
- # Document root
- file { '/var/www/data':
- ensure => present,
- owner => root,
- group => root,
- mode => 0755,
+ file { '/etc/avahi/services/http.service':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 0644,
+ source => 'puppet:///modules/site_avahi/services/http.service',
+ notify => Service['avahi-daemon'],
+ }
}
#
# TFTP
#
+ $tftp = hiera('nodo::role::nas::tftp', false);
- # Main class
- class { 'tftp':
- directory => '/srv/tftp',
- address => $::ipaddress,
- options => '--ipv4 --timeout 60',
- inetd => false,
+ if $tftp == true {
+ # Main class
+ class { 'tftp':
+ directory => '/srv/tftp',
+ address => $::ipaddress,
+ options => '--ipv4 --timeout 60',
+ inetd => false,
+ }
}
- # Rsync
- include rsync::server
-
- # MPD
- include mpd
- include mpd::client
-
#
- # CUPS
+ # Rsync
#
+ $rsync = hiera('nodo::role::nas::rsync', false);
- # References
- # https://github.com/mosen/puppet-cups
- # https://github.com/camptocamp/puppet-cups
+ if $rsync == true {
+ include rsync::server
- # Package
- package { [ 'cups', 'cups-client' ]:
- ensure => installed,
+ file { '/etc/avahi/services/rsync.service':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 0644,
+ source => 'puppet:///modules/site_avahi/services/rsync.service',
+ notify => Service['avahi-daemon'],
+ }
}
#
- # Avahi
+ # MPD
#
+ $mpd = hiera('nodo::role::nas::mpd', false);
- # References
- # http://nfs-lan.sevka.info/
- # http://en.gentoo-wiki.com/wiki/Avahi
- # http://wiki.debian.org/ZeroConf
- # https://wiki.archlinux.org/index.php/Avahi
- # http://packages.debian.org/wheezy/libnss-mdns
- # http://packages.debian.org/wheezy/mdns-scan
- # http://packages.debian.org/wheezy/avahi-discover
- # http://askubuntu.com/questions/19590/how-do-i-share-nfs-mounts-over-zeroconf
- # http://sophie.zarb.org/distrib/Mandriva/current/x86_64/rpms/pure-ftpd/files/1
- # https://github.com/stahnma/puppet-module-avahi
- # https://github.com/tjfontaine/airprint-generate
- # http://mryoung.soundbomb.net/index.php/apple-airprint-with-linux-avahi
- # http://lists.freedesktop.org/archives/avahi/2006-July/000824.html
- # http://cups.org/documentation.php/doc-1.6/ref-cupsd-conf.html#BrowseLocalProtocols
- # http://www.dns-sd.org/ServiceTypes.html
-
- # Main class
- include avahi
-
- file { '/etc/avahi/services/rsync.service':
- ensure => present,
- owner => root,
- group => root,
- mode => 0644,
- source => 'puppet:///modules/site_avahi/services/rsync.service',
- notify => Service['avahi-daemon'],
- }
-
- file { '/etc/avahi/services/http.service':
- ensure => present,
- owner => root,
- group => root,
- mode => 0644,
- source => 'puppet:///modules/site_avahi/services/http.service',
- notify => Service['avahi-daemon'],
+ if $mpd == true {
+ include mpd
+ include mpd::client
}
- file { '/etc/avahi/services/samba.service':
- ensure => present,
- owner => root,
- group => root,
- mode => 0644,
- source => 'puppet:///modules/site_avahi/services/samba.service',
- notify => Service['avahi-daemon'],
- }
+ #
+ # CUPS
+ #
+ # References
+ # https://github.com/mosen/puppet-cups
+ # https://github.com/camptocamp/puppet-cups
+ $cups = hiera('nodo::role::nas::cups', false);
- file { '/etc/avahi/services/ftp.service':
- ensure => present,
- owner => root,
- group => root,
- mode => 0644,
- source => 'puppet:///modules/site_avahi/services/ftp.service',
- notify => Service['avahi-daemon'],
+ if $cups == true {
+ package { [ 'cups', 'cups-client' ]:
+ ensure => installed,
+ }
}
#
# DAAP
#
-
# References
# http://packages.debian.org/stable/forked-daapd
# http://packages.debian.org/squeeze/mt-daapd
# https://github.com/stahnma/puppet-module-daap_server
-
- # Main class, but package not available on wheezy
- #class { 'daap_server':
- # collection_name => 'Noise - DAAP',
- # music_dir => '/var/cache/media/noise',
+ #$daap = hiera('nodo::role::nas::daap', false);
+
+ #if $daap == true {
+ # # Main class, but package not available on wheezy
+ # class { 'daap_server':
+ # collection_name => 'Noise - DAAP',
+ # music_dir => '/var/cache/media/noise',
+ # }
#}
-
- #
- # Media folders
- #
-
- # Main classes
- class { [ 'nodo::subsystem::media::folders', 'nodo::subsystem::media::groups' ]: }
-
- # Make sure basic media exist, no matter if there is an external disk attached
- $cache = hiera('nodo::media::folders', '')
-
- if $cache != '' {
- file { "${cache}":
- ensure => directory,
- }
- }
}
diff --git a/manifests/role/nas/desktop.pp b/manifests/role/nas/desktop.pp
new file mode 100644
index 0000000..5a14599
--- /dev/null
+++ b/manifests/role/nas/desktop.pp
@@ -0,0 +1,4 @@
+# A desktop action as a NAS
+class nodo::role::nas::desktop inherits nodo::base::desktop {
+ include nodo::role::nas
+}
diff --git a/manifests/subsystem/media.pp b/manifests/subsystem/media.pp
new file mode 100644
index 0000000..b67ddbd
--- /dev/null
+++ b/manifests/subsystem/media.pp
@@ -0,0 +1,13 @@
+class nodo::subsystem::media {
+ # Main classes
+ class { [ 'nodo::subsystem::media::folders', 'nodo::subsystem::media::groups' ]: }
+
+ # Make sure basic media exist, no matter if there is an external disk attached
+ $cache = hiera('nodo::media::folders', '')
+
+ if $cache != '' {
+ file { "${cache}":
+ ensure => directory,
+ }
+ }
+}