aboutsummaryrefslogtreecommitdiff
path: root/manifests/subsystem
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/subsystem')
-rw-r--r--manifests/subsystem/scanner.pp66
-rw-r--r--manifests/subsystem/scanner/client.pp14
2 files changed, 80 insertions, 0 deletions
diff --git a/manifests/subsystem/scanner.pp b/manifests/subsystem/scanner.pp
new file mode 100644
index 0000000..26622e9
--- /dev/null
+++ b/manifests/subsystem/scanner.pp
@@ -0,0 +1,66 @@
+class nodo::subsystem::scanner {
+ package { 'sane':
+ ensure => present,
+ }
+
+ group { [ 'lp', 'saned', 'scanner' ]:
+ ensure => present,
+ allowdupe => false,
+ }
+
+ user { 'saned':
+ ensure => present,
+ comment => 'saned',
+ gid => 'saned',
+ home => '/home/saned',
+ shell => '/bin/false',
+ allowdupe => false,
+ require => Group['lp', 'saned', 'scanner'],
+ }
+
+ file { '/etc/default/saned' :
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ source => 'puppet:///modules/nodo/etc/default/saned',
+ require => Package['saned'],
+ }
+
+ file { '/etc/sane.d/saned.conf' :
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ source => 'puppet:///modules/nodo/etc/sane.d/saned.conf',
+ require => Package['sane'],
+ }
+
+ service { 'saned' :
+ ensure => running,
+ enable => true,
+ require => Package['saned'],
+ subscribe => [ File['/etc/default/saned/', '/etc/sane.d/saned.conf'], User['saned'] ],
+ }
+
+ # Firewall
+ shorewall::rule { "saned":
+ action => 'ACCEPT',
+ source => 'net',
+ destination => '$FW',
+ proto => 'tcp',
+ destinationport => "6566",
+ ratelimit => '-',
+ order => 200,
+ }
+
+ shorewall::rule { "saned-range":
+ action => 'ACCEPT',
+ source => 'net',
+ destination => '$FW',
+ proto => 'tcp',
+ destinationport => "10000:10100",
+ ratelimit => '-',
+ order => 200,
+ }
+}
diff --git a/manifests/subsystem/scanner/client.pp b/manifests/subsystem/scanner/client.pp
new file mode 100644
index 0000000..873f8b9
--- /dev/null
+++ b/manifests/subsystem/scanner/client.pp
@@ -0,0 +1,14 @@
+class nodo::subsystem::scanner::client($server = hiera('nodo::subsystem::scanner::client::hostname', 'localhost')) {
+ package { 'sane':
+ ensure => present,
+ }
+
+ file { '/etc/sane.d/net.conf':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ content => template('nodo/sane.d/net.conf.erb'),
+ require => Package['sane'],
+ }
+}