diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2013-05-13 21:44:51 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2013-05-13 21:44:51 -0300 |
commit | 5d6c2be119c7bbfbf8bf6d84aa523929afe0f1ad (patch) | |
tree | 3d176339b1b767a66f758f870c87ab6e32413431 | |
parent | 8d2a62d157f9c12e3c3becdcfbff0ee96cf23930 (diff) | |
download | puppet-nodo-5d6c2be119c7bbfbf8bf6d84aa523929afe0f1ad.tar.gz puppet-nodo-5d6c2be119c7bbfbf8bf6d84aa523929afe0f1ad.tar.bz2 |
NAS enhancements
-rw-r--r-- | manifests/base/personal.pp | 2 | ||||
-rw-r--r-- | manifests/role/nas.pp | 311 | ||||
-rw-r--r-- | manifests/role/nas/desktop.pp | 4 | ||||
-rw-r--r-- | manifests/subsystem/media.pp | 13 |
4 files changed, 181 insertions, 149 deletions
diff --git a/manifests/base/personal.pp b/manifests/base/personal.pp index adfa5ec..4f18d85 100644 --- a/manifests/base/personal.pp +++ b/manifests/base/personal.pp @@ -15,7 +15,7 @@ class nodo::base::personal { } # Media folders and groups - class { [ 'nodo::subsystem::media::folders', 'nodo::subsystem::media::groups' ]: } + include nodo::subsystem::media # Mountpoint for encrypted home folders file { [ '/mnt/crypt/', '/mnt/crypt/home' ]: diff --git a/manifests/role/nas.pp b/manifests/role/nas.pp index 2460615..a18e274 100644 --- a/manifests/role/nas.pp +++ b/manifests/role/nas.pp @@ -5,8 +5,36 @@ class nodo::role::nas { # Firewall rules include firewall::nas + # Media folders and groups + include nodo::subsystem::media + + # + # Avahi + # + # References + # http://nfs-lan.sevka.info/ + # http://en.gentoo-wiki.com/wiki/Avahi + # http://wiki.debian.org/ZeroConf + # https://wiki.archlinux.org/index.php/Avahi + # http://packages.debian.org/wheezy/libnss-mdns + # http://packages.debian.org/wheezy/mdns-scan + # http://packages.debian.org/wheezy/avahi-discover + # http://askubuntu.com/questions/19590/how-do-i-share-nfs-mounts-over-zeroconf + # http://sophie.zarb.org/distrib/Mandriva/current/x86_64/rpms/pure-ftpd/files/1 + # https://github.com/stahnma/puppet-module-avahi + # https://github.com/tjfontaine/airprint-generate + # http://mryoung.soundbomb.net/index.php/apple-airprint-with-linux-avahi + # http://lists.freedesktop.org/archives/avahi/2006-July/000824.html + # http://cups.org/documentation.php/doc-1.6/ref-cupsd-conf.html#BrowseLocalProtocols + # http://www.dns-sd.org/ServiceTypes.html + include avahi + # DLNA - class { 'minidlna': } + $dlna = hiera('nodo::role::nas::dlna', false); + + if $dlna == true { + class { 'minidlna': } + } # # NFS @@ -19,41 +47,54 @@ class nodo::role::nas { # http://git.puppet.immerda.ch/?p=module-nfsd.git;a=summary # http://wiki.debian.org/NFSServerSetup # http://www.tldp.org/HOWTO/NFS-HOWTO/ + $nfs = hiera('nodo::role::nas::nfs', false); - # Main class - class { 'nfs': - server => true; + if $nfs == true { + # Main class + class { 'nfs': + server => true; + } } # # FTP # - # References # https://forge.puppetlabs.com/tags/ftp # https://forum.openwrt.org/viewtopic.php?id=12976 # http://download.pureftpd.org/pub/pure-ftpd/doc/FAQ # http://www.massimilianomarini.com/04/02/2012/how-follow-symbolic-links-pure-ftpd + $ftp = hiera('nodo::role::nas::ftp', false); - # Main class - class { 'pureftpd': - virtualchroot => true, - } + if $ftp == true { + # Main class + class { 'pureftpd': + virtualchroot => true, + } + + # Enable anonymous ftp + file { '/etc/pure-ftpd/conf/NoAnonymous': + ensure => present, + owner => root, + group => root, + mode => 0644, + content => "no\n", + notify => Service[$pureftpd::params::service_name], + } - # Enable anonymous ftp - file { '/etc/pure-ftpd/conf/NoAnonymous': - ensure => present, - owner => root, - group => root, - mode => 0644, - content => "no\n", - notify => Service[$pureftpd::params::service_name], + file { '/etc/avahi/services/ftp.service': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => 'puppet:///modules/site_avahi/services/ftp.service', + notify => Service['avahi-daemon'], + } } # # Samba # - # References # https://github.com/ajjahn/puppet-samba # https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id2583364 @@ -61,177 +102,151 @@ class nodo::role::nas { # http://www.linuxplanet.com/linuxplanet/tutorials/6600/2 # http://forums.fedoraforum.org/showthread.php?t=260519 # http://randombio.com/linuxsetup38.html + $samba = hiera('nodo::role::nas::samba', false); + + if $samba == true { + # Main class + class { 'samba::server': + workgroup => hiera('nodo::samba::workgroup', 'WORKGROUP'), + server_string => hiera('nodo::samba::server_string', 'Samba Server'), + interfaces => hiera('nodo::samba::interfaces', 'lo eth0'), + security => hiera('nodo::samba::security', 'share'), + } - # Main class - class { 'samba::server': - workgroup => hiera('nodo::samba::workgroup', 'WORKGROUP'), - server_string => hiera('nodo::samba::server_string', 'Samba Server'), - interfaces => hiera('nodo::samba::interfaces', 'lo eth0'), - security => hiera('nodo::samba::security', 'share'), - } + # We are avoiding multicast + # http://bda.ath.cx/blog/2009/01/24/multicast-routing-upnp-traffic-with-linux/ + # http://linux-igd.sourceforge.net/documentation.php + set_samba_option { + # Remote announce won't work since routers don't forward broadcast traffic + #'remote announce': value => hiera('nodo::samba::remote_announce', ''); + 'wins support': value => 'yes'; + 'preferred master': value => 'yes'; + 'domain master': value => 'yes'; + 'printing': value => 'cups'; + 'printcap name': value => 'cups'; + } - # We are avoiding multicast - # http://bda.ath.cx/blog/2009/01/24/multicast-routing-upnp-traffic-with-linux/ - # http://linux-igd.sourceforge.net/documentation.php - set_samba_option { - # Remote announce won't work since routers don't forward broadcast traffic - #'remote announce': value => hiera('nodo::samba::remote_announce', ''); - 'wins support': value => 'yes'; - 'preferred master': value => 'yes'; - 'domain master': value => 'yes'; - 'printing': value => 'cups'; - 'printcap name': value => 'cups'; - } + # Disable browsing of printer drivers + samba::server::share { 'print$': + comment => 'Printer Drivers', + path => '/var/lib/samba/printers', + browsable => 'no', + read_only => 'yes', + guest_ok => 'no', + } - # Disable browsing of printer drivers - samba::server::share { 'print$': - comment => 'Printer Drivers', - path => '/var/lib/samba/printers', - browsable => 'no', - read_only => 'yes', - guest_ok => 'no', + file { '/etc/avahi/services/samba.service': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => 'puppet:///modules/site_avahi/services/samba.service', + notify => Service['avahi-daemon'], + } } # # HTTP # - # References # https://github.com/camptocamp/puppet-lighttpd # https://github.com/example42/puppet-lighttpd # http://git.puppet.immerda.ch/?p=module-lighttpd.git;a=summary + $http = hiera('nodo::role::nas::http', false); + + if $http == true { + # Main class + class { 'lighttpd': } + + # Document root + file { '/var/www/data': + ensure => present, + owner => root, + group => root, + mode => 0755, + } - # Main class - class { 'lighttpd': } - - # Document root - file { '/var/www/data': - ensure => present, - owner => root, - group => root, - mode => 0755, + file { '/etc/avahi/services/http.service': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => 'puppet:///modules/site_avahi/services/http.service', + notify => Service['avahi-daemon'], + } } # # TFTP # + $tftp = hiera('nodo::role::nas::tftp', false); - # Main class - class { 'tftp': - directory => '/srv/tftp', - address => $::ipaddress, - options => '--ipv4 --timeout 60', - inetd => false, + if $tftp == true { + # Main class + class { 'tftp': + directory => '/srv/tftp', + address => $::ipaddress, + options => '--ipv4 --timeout 60', + inetd => false, + } } - # Rsync - include rsync::server - - # MPD - include mpd - include mpd::client - # - # CUPS + # Rsync # + $rsync = hiera('nodo::role::nas::rsync', false); - # References - # https://github.com/mosen/puppet-cups - # https://github.com/camptocamp/puppet-cups + if $rsync == true { + include rsync::server - # Package - package { [ 'cups', 'cups-client' ]: - ensure => installed, + file { '/etc/avahi/services/rsync.service': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => 'puppet:///modules/site_avahi/services/rsync.service', + notify => Service['avahi-daemon'], + } } # - # Avahi + # MPD # + $mpd = hiera('nodo::role::nas::mpd', false); - # References - # http://nfs-lan.sevka.info/ - # http://en.gentoo-wiki.com/wiki/Avahi - # http://wiki.debian.org/ZeroConf - # https://wiki.archlinux.org/index.php/Avahi - # http://packages.debian.org/wheezy/libnss-mdns - # http://packages.debian.org/wheezy/mdns-scan - # http://packages.debian.org/wheezy/avahi-discover - # http://askubuntu.com/questions/19590/how-do-i-share-nfs-mounts-over-zeroconf - # http://sophie.zarb.org/distrib/Mandriva/current/x86_64/rpms/pure-ftpd/files/1 - # https://github.com/stahnma/puppet-module-avahi - # https://github.com/tjfontaine/airprint-generate - # http://mryoung.soundbomb.net/index.php/apple-airprint-with-linux-avahi - # http://lists.freedesktop.org/archives/avahi/2006-July/000824.html - # http://cups.org/documentation.php/doc-1.6/ref-cupsd-conf.html#BrowseLocalProtocols - # http://www.dns-sd.org/ServiceTypes.html - - # Main class - include avahi - - file { '/etc/avahi/services/rsync.service': - ensure => present, - owner => root, - group => root, - mode => 0644, - source => 'puppet:///modules/site_avahi/services/rsync.service', - notify => Service['avahi-daemon'], - } - - file { '/etc/avahi/services/http.service': - ensure => present, - owner => root, - group => root, - mode => 0644, - source => 'puppet:///modules/site_avahi/services/http.service', - notify => Service['avahi-daemon'], + if $mpd == true { + include mpd + include mpd::client } - file { '/etc/avahi/services/samba.service': - ensure => present, - owner => root, - group => root, - mode => 0644, - source => 'puppet:///modules/site_avahi/services/samba.service', - notify => Service['avahi-daemon'], - } + # + # CUPS + # + # References + # https://github.com/mosen/puppet-cups + # https://github.com/camptocamp/puppet-cups + $cups = hiera('nodo::role::nas::cups', false); - file { '/etc/avahi/services/ftp.service': - ensure => present, - owner => root, - group => root, - mode => 0644, - source => 'puppet:///modules/site_avahi/services/ftp.service', - notify => Service['avahi-daemon'], + if $cups == true { + package { [ 'cups', 'cups-client' ]: + ensure => installed, + } } # # DAAP # - # References # http://packages.debian.org/stable/forked-daapd # http://packages.debian.org/squeeze/mt-daapd # https://github.com/stahnma/puppet-module-daap_server - - # Main class, but package not available on wheezy - #class { 'daap_server': - # collection_name => 'Noise - DAAP', - # music_dir => '/var/cache/media/noise', + #$daap = hiera('nodo::role::nas::daap', false); + + #if $daap == true { + # # Main class, but package not available on wheezy + # class { 'daap_server': + # collection_name => 'Noise - DAAP', + # music_dir => '/var/cache/media/noise', + # } #} - - # - # Media folders - # - - # Main classes - class { [ 'nodo::subsystem::media::folders', 'nodo::subsystem::media::groups' ]: } - - # Make sure basic media exist, no matter if there is an external disk attached - $cache = hiera('nodo::media::folders', '') - - if $cache != '' { - file { "${cache}": - ensure => directory, - } - } } diff --git a/manifests/role/nas/desktop.pp b/manifests/role/nas/desktop.pp new file mode 100644 index 0000000..5a14599 --- /dev/null +++ b/manifests/role/nas/desktop.pp @@ -0,0 +1,4 @@ +# A desktop action as a NAS +class nodo::role::nas::desktop inherits nodo::base::desktop { + include nodo::role::nas +} diff --git a/manifests/subsystem/media.pp b/manifests/subsystem/media.pp new file mode 100644 index 0000000..b67ddbd --- /dev/null +++ b/manifests/subsystem/media.pp @@ -0,0 +1,13 @@ +class nodo::subsystem::media { + # Main classes + class { [ 'nodo::subsystem::media::folders', 'nodo::subsystem::media::groups' ]: } + + # Make sure basic media exist, no matter if there is an external disk attached + $cache = hiera('nodo::media::folders', '') + + if $cache != '' { + file { "${cache}": + ensure => directory, + } + } +} |