aboutsummaryrefslogtreecommitdiff
path: root/manifests/subsystem/scanner.pp
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2014-12-31 14:45:02 -0200
committerSilvio Rhatto <rhatto@riseup.net>2014-12-31 14:45:02 -0200
commit301667e66aa403e4699fa9c895b994e6213e55f6 (patch)
tree8afcf2bd00515e1068b23da04be1f0a9f27cba08 /manifests/subsystem/scanner.pp
parent51dad1ad46f7415a180390afe624946c37ee86ac (diff)
downloadpuppet-nodo-301667e66aa403e4699fa9c895b994e6213e55f6.tar.gz
puppet-nodo-301667e66aa403e4699fa9c895b994e6213e55f6.tar.bz2
Scanning over network support
Diffstat (limited to 'manifests/subsystem/scanner.pp')
-rw-r--r--manifests/subsystem/scanner.pp66
1 files changed, 66 insertions, 0 deletions
diff --git a/manifests/subsystem/scanner.pp b/manifests/subsystem/scanner.pp
new file mode 100644
index 0000000..26622e9
--- /dev/null
+++ b/manifests/subsystem/scanner.pp
@@ -0,0 +1,66 @@
+class nodo::subsystem::scanner {
+ package { 'sane':
+ ensure => present,
+ }
+
+ group { [ 'lp', 'saned', 'scanner' ]:
+ ensure => present,
+ allowdupe => false,
+ }
+
+ user { 'saned':
+ ensure => present,
+ comment => 'saned',
+ gid => 'saned',
+ home => '/home/saned',
+ shell => '/bin/false',
+ allowdupe => false,
+ require => Group['lp', 'saned', 'scanner'],
+ }
+
+ file { '/etc/default/saned' :
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ source => 'puppet:///modules/nodo/etc/default/saned',
+ require => Package['saned'],
+ }
+
+ file { '/etc/sane.d/saned.conf' :
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ source => 'puppet:///modules/nodo/etc/sane.d/saned.conf',
+ require => Package['sane'],
+ }
+
+ service { 'saned' :
+ ensure => running,
+ enable => true,
+ require => Package['saned'],
+ subscribe => [ File['/etc/default/saned/', '/etc/sane.d/saned.conf'], User['saned'] ],
+ }
+
+ # Firewall
+ shorewall::rule { "saned":
+ action => 'ACCEPT',
+ source => 'net',
+ destination => '$FW',
+ proto => 'tcp',
+ destinationport => "6566",
+ ratelimit => '-',
+ order => 200,
+ }
+
+ shorewall::rule { "saned-range":
+ action => 'ACCEPT',
+ source => 'net',
+ destination => '$FW',
+ proto => 'tcp',
+ destinationport => "10000:10100",
+ ratelimit => '-',
+ order => 200,
+ }
+}