diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2014-12-31 14:45:02 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2014-12-31 14:45:02 -0200 |
commit | 301667e66aa403e4699fa9c895b994e6213e55f6 (patch) | |
tree | 8afcf2bd00515e1068b23da04be1f0a9f27cba08 /manifests/subsystem/scanner.pp | |
parent | 51dad1ad46f7415a180390afe624946c37ee86ac (diff) | |
download | puppet-nodo-301667e66aa403e4699fa9c895b994e6213e55f6.tar.gz puppet-nodo-301667e66aa403e4699fa9c895b994e6213e55f6.tar.bz2 |
Scanning over network support
Diffstat (limited to 'manifests/subsystem/scanner.pp')
-rw-r--r-- | manifests/subsystem/scanner.pp | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/manifests/subsystem/scanner.pp b/manifests/subsystem/scanner.pp new file mode 100644 index 0000000..26622e9 --- /dev/null +++ b/manifests/subsystem/scanner.pp @@ -0,0 +1,66 @@ +class nodo::subsystem::scanner { + package { 'sane': + ensure => present, + } + + group { [ 'lp', 'saned', 'scanner' ]: + ensure => present, + allowdupe => false, + } + + user { 'saned': + ensure => present, + comment => 'saned', + gid => 'saned', + home => '/home/saned', + shell => '/bin/false', + allowdupe => false, + require => Group['lp', 'saned', 'scanner'], + } + + file { '/etc/default/saned' : + ensure => present, + owner => 'root', + group => 'root', + mode => '0644', + source => 'puppet:///modules/nodo/etc/default/saned', + require => Package['saned'], + } + + file { '/etc/sane.d/saned.conf' : + ensure => present, + owner => 'root', + group => 'root', + mode => '0644', + source => 'puppet:///modules/nodo/etc/sane.d/saned.conf', + require => Package['sane'], + } + + service { 'saned' : + ensure => running, + enable => true, + require => Package['saned'], + subscribe => [ File['/etc/default/saned/', '/etc/sane.d/saned.conf'], User['saned'] ], + } + + # Firewall + shorewall::rule { "saned": + action => 'ACCEPT', + source => 'net', + destination => '$FW', + proto => 'tcp', + destinationport => "6566", + ratelimit => '-', + order => 200, + } + + shorewall::rule { "saned-range": + action => 'ACCEPT', + source => 'net', + destination => '$FW', + proto => 'tcp', + destinationport => "10000:10100", + ratelimit => '-', + order => 200, + } +} |