diff options
Diffstat (limited to 'manifests/subsystem')
-rw-r--r-- | manifests/subsystem/scanner.pp | 66 | ||||
-rw-r--r-- | manifests/subsystem/scanner/client.pp | 14 |
2 files changed, 80 insertions, 0 deletions
diff --git a/manifests/subsystem/scanner.pp b/manifests/subsystem/scanner.pp new file mode 100644 index 0000000..26622e9 --- /dev/null +++ b/manifests/subsystem/scanner.pp @@ -0,0 +1,66 @@ +class nodo::subsystem::scanner { + package { 'sane': + ensure => present, + } + + group { [ 'lp', 'saned', 'scanner' ]: + ensure => present, + allowdupe => false, + } + + user { 'saned': + ensure => present, + comment => 'saned', + gid => 'saned', + home => '/home/saned', + shell => '/bin/false', + allowdupe => false, + require => Group['lp', 'saned', 'scanner'], + } + + file { '/etc/default/saned' : + ensure => present, + owner => 'root', + group => 'root', + mode => '0644', + source => 'puppet:///modules/nodo/etc/default/saned', + require => Package['saned'], + } + + file { '/etc/sane.d/saned.conf' : + ensure => present, + owner => 'root', + group => 'root', + mode => '0644', + source => 'puppet:///modules/nodo/etc/sane.d/saned.conf', + require => Package['sane'], + } + + service { 'saned' : + ensure => running, + enable => true, + require => Package['saned'], + subscribe => [ File['/etc/default/saned/', '/etc/sane.d/saned.conf'], User['saned'] ], + } + + # Firewall + shorewall::rule { "saned": + action => 'ACCEPT', + source => 'net', + destination => '$FW', + proto => 'tcp', + destinationport => "6566", + ratelimit => '-', + order => 200, + } + + shorewall::rule { "saned-range": + action => 'ACCEPT', + source => 'net', + destination => '$FW', + proto => 'tcp', + destinationport => "10000:10100", + ratelimit => '-', + order => 200, + } +} diff --git a/manifests/subsystem/scanner/client.pp b/manifests/subsystem/scanner/client.pp new file mode 100644 index 0000000..873f8b9 --- /dev/null +++ b/manifests/subsystem/scanner/client.pp @@ -0,0 +1,14 @@ +class nodo::subsystem::scanner::client($server = hiera('nodo::subsystem::scanner::client::hostname', 'localhost')) { + package { 'sane': + ensure => present, + } + + file { '/etc/sane.d/net.conf': + ensure => present, + owner => 'root', + group => 'root', + mode => '0644', + content => template('nodo/sane.d/net.conf.erb'), + require => Package['sane'], + } +} |