diff options
Diffstat (limited to 'manifests/subsystems/tunnel.pp')
-rw-r--r-- | manifests/subsystems/tunnel.pp | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/manifests/subsystems/tunnel.pp b/manifests/subsystems/tunnel.pp new file mode 100644 index 0000000..f034c61 --- /dev/null +++ b/manifests/subsystems/tunnel.pp @@ -0,0 +1,76 @@ +class tunnel { + + User <<| tag == "autossh-$fqdn" |>> + File <<| tag == "autossh-$fqdn" |>> + Ssh_authorized_key <<| tag == "autossh-$real_backupserver_tag" |>> + + define setup($ensure = present, $user = $hostname, $host, $localport, $hostport, $sshport = '22', $keytype = 'dsa') { + $dir = "/var/backups/remote/$user" + $tag = "autossh-$hostname" + $ssh_dir = "$dir/.ssh" + + autossh::tunnel { $name: + ensure => $ensure, + user => $user, + port => $localport, + hostport => $hostport, + remote_host => $host, + sshport => $sshport, + } + + if !defined(File["$dir"]) { + @@file { "$dir": + ensure => directory, + mode => 0750, + owner => $user, + group => 0, + tag => "$tag", + } + } + + if !defined(File["$sshdir"]) { + @@file { "$sshdir": + ensure => directory, + mode => 0700, + owner => $user, + group => 0, + require => [User[$user], File["$dir"]], + tag => "$tag", + } + } + + if !defined(File["${ssh_dir}/authorized_keys"]) { + @@file { "${ssh_dir}/authorized_keys": + ensure => present, + mode => 0644, + owner => 0, + group => 0, + source => "puppet://$server/files/keys/${user}_id_${keytype}.pub", + require => File["${ssh_dir}"], + tag => "$tag", + } + } + + if !defined(User["$user"]) { + @@user { "$user": + ensure => "present", + comment => "$name backup sandbox", + home => "$dir", + managehome => true, + shell => "/bin/sh", + password => '*', + require => Group['backupninjas'], + tag => "$tag" + } + } + } + + define mail ($sshport = '22') { + tunnel::setup { "smtp": + host => "$name.$domain", + sshport => "$sshport", + localport => '25', + hostport => '25', + } + } +} |