class nodo::role::nas( $virtual = false, ) { # Minimal utilities include nodo::utils::network::minimal # Archiving utilities include nodo::utils::storage::layer include nodo::utils::storage::archive include nodo::utils::storage::iso # Media folders and groups include nodo::subsystem::media # # Avahi # # References # http://nfs-lan.sevka.info/ # http://en.gentoo-wiki.com/wiki/Avahi # http://wiki.debian.org/ZeroConf # https://wiki.archlinux.org/index.php/Avahi # http://packages.debian.org/wheezy/libnss-mdns # http://packages.debian.org/wheezy/mdns-scan # http://packages.debian.org/wheezy/avahi-discover # http://askubuntu.com/questions/19590/how-do-i-share-nfs-mounts-over-zeroconf # http://sophie.zarb.org/distrib/Mandriva/current/x86_64/rpms/pure-ftpd/files/1 # https://github.com/stahnma/puppet-module-avahi # https://github.com/tjfontaine/airprint-generate # http://mryoung.soundbomb.net/index.php/apple-airprint-with-linux-avahi # http://lists.freedesktop.org/archives/avahi/2006-July/000824.html # http://cups.org/documentation.php/doc-1.6/ref-cupsd-conf.html#BrowseLocalProtocols # http://www.dns-sd.org/ServiceTypes.html $avahi = lookup('nodo::role::nas::avahi', undef, undef, false) if $avahi == true { include avahi } # DLNA $dlna = lookup('nodo::role::nas::dlna', undef, undef, false) if $dlna == true { # See https://wiki.archlinux.org/index.php/MiniDLNA#Automatic_Media_DB_Update nodo::subsystem::sysctl::entry { 'fs.inotify.max_user_watches': value => 100000, } # See https://dev.openwrt.org/ticket/10711 # http://forum.doozan.com/read.php?2,1931,1931 # http://crunchbang.org/forums/viewtopic.php?pid=294109 # http://dev.shyd.de/2011/08/minidlna-dockstar-dlna-server/ exec { 'minidlna-mknod-inotify': command => 'mknod /dev/inotify c 10 63', user => root, group => root, creates => '/dev/inotify', } class { 'minidlna': } } # # NFS # # References # https://github.com/arioch/puppet-nfs # https://github.com/stankevich/puppet-nfs # https://github.com/camptocamp/puppet-nfs # https://github.com/haraldsk/puppet-module-nfs/ # http://git.puppet.immerda.ch/?p=module-nfsd.git;a=summary # http://wiki.debian.org/NFSServerSetup # http://www.tldp.org/HOWTO/NFS-HOWTO/ $nfs = lookup('nodo::role::nas::nfs', undef, undef, false) if $nfs == true { # Main class class { 'nfs': server => true; } } # # FTP # # References # https://forge.puppetlabs.com/tags/ftp # https://forum.openwrt.org/viewtopic.php?id=12976 # http://download.pureftpd.org/pub/pure-ftpd/doc/FAQ # http://www.massimilianomarini.com/04/02/2012/how-follow-symbolic-links-pure-ftpd $ftp = lookup('nodo::role::nas::ftp', undef, undef, false) if $ftp == true { # Main class class { 'pureftpd': virtualchroot => true, } # Enable anonymous ftp file { '/etc/pure-ftpd/conf/NoAnonymous': ensure => present, owner => root, group => root, mode => '0644', content => "no\n", notify => Service[$pureftpd::params::service_name], } file { '/etc/avahi/services/ftp.service': ensure => $avahi ? { true => present, default => absent, }, owner => root, group => root, mode => '0644', source => 'puppet:///modules/site_avahi/services/ftp.service', notify => $avahi ? { true => Service['avahi-daemon'], default => undef, }, } } # # Samba # # References # https://github.com/ajjahn/puppet-samba # https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id2583364 # http://serverfault.com/questions/240217/dd-wrt-bonjour-netbios-etc-on-two-subnets # http://www.linuxplanet.com/linuxplanet/tutorials/6600/2 # http://forums.fedoraforum.org/showthread.php?t=260519 # http://randombio.com/linuxsetup38.html $samba = lookup('nodo::role::nas::samba', undef, undef, false) if $samba == true { # Main class class { 'samba::server': workgroup => lookup('nodo::samba::workgroup', undef, undef, 'WORKGROUP'), server_string => lookup('nodo::samba::server_string', undef, undef, 'Samba Server'), interfaces => lookup('nodo::samba::interfaces', undef, undef, 'lo eth0'), security => lookup('nodo::samba::security', undef, undef, 'user'), preferred_master => 'yes', printing => 'cups', printcap_name => 'cups', guest_account => 'incoming', map_to_guest => 'Bad User', } # We are avoiding multicast # http://bda.ath.cx/blog/2009/01/24/multicast-routing-upnp-traffic-with-linux/ # http://linux-igd.sourceforge.net/documentation.php samba::server::option { # Remote announce won't work since routers don't forward broadcast traffic #'remote announce': value => lookup('nodo::samba::remote_announce', undef, undef, ''); 'wins support': value => 'yes'; 'domain master': value => 'yes'; } # Disable browsing of printer drivers samba::server::share { 'print$': comment => 'Printer Drivers', path => '/var/lib/samba/printers', browsable => 'no', read_only => 'yes', guest_ok => 'no', ensure => absent, } file { '/etc/avahi/services/samba.service': ensure => $avahi ? { true => present, default => absent, }, owner => root, group => root, mode => '0644', source => 'puppet:///modules/site_avahi/services/samba.service', notify => $avahi ? { true => Service['avahi-daemon'], default => undef, }, } } # # HTTP # # References # https://github.com/camptocamp/puppet-lighttpd # https://github.com/example42/puppet-lighttpd # http://git.puppet.immerda.ch/?p=module-lighttpd.git;a=summary $http = lookup('nodo::role::nas::http', undef, undef, false) if $http == true { # Main class class { 'lighttpd': } # Document root file { '/var/www/data': ensure => directory, owner => root, group => root, mode => '0755', } file { '/etc/avahi/services/http.service': ensure => $avahi ? { true => present, default => absent, }, owner => root, group => root, mode => '0644', source => 'puppet:///modules/site_avahi/services/http.service', notify => $avahi ? { true => Service['avahi-daemon'], default => undef, }, } } # # TFTP # $tftp = lookup('nodo::role::nas::tftp', undef, undef, false) if $tftp == true { # Main class class { 'tftp': directory => '/srv/tftp', address => $::ipaddress, options => '--ipv4 --timeout 60', inetd => false, } } # # Rsync # $rsync = lookup('nodo::role::nas::rsync', undef, undef, false) if $rsync == true { include rsync::server file { '/etc/avahi/services/rsync.service': ensure => $avahi ? { true => present, default => absent, }, owner => root, group => root, mode => '0644', source => 'puppet:///modules/site_avahi/services/rsync.service', notify => $avahi ? { true => Service['avahi-daemon'], default => undef, }, } } # # MPD # $mpd = lookup('nodo::role::nas::mpd', undef, undef, false) if $mpd == true { include mpd include mpd::client include mpd::maintenance } # # CherryMusic # $cherrymusic = lookup('nodo::role::nas::cherrymusic', undef, undef, false) if $cherrymusic == true { include cherrymusic } # # Airsonic # $airsonic = lookup('nodo::role::nas::airsonic', undef, undef, false) if $airsonic == true { include airsonic } # # CUPS # # References # https://github.com/mosen/puppet-cups # https://github.com/camptocamp/puppet-cups $cups = lookup('nodo::role::nas::cups', undef, undef, false) if $cups == true { include firewall::printer include nodo::utils::printer } # # Torrent # $torrent = lookup('nodo::role::nas::torrent', undef, undef, false) # Pyroscope not being managed right now #if $torrent == true { # include pyroscope #} # # DAAP # # References # http://packages.debian.org/stable/forked-daapd # http://packages.debian.org/squeeze/mt-daapd # https://github.com/stahnma/puppet-module-daap_server #$daap = lookup('nodo::role::nas::daap', undef, undef, false) #if $daap == true { # # Main class, but package not available on wheezy # class { 'daap_server': # collection_name => 'Noise - DAAP', # music_dir => '/var/cache/media/noise', # } #} # Firewall rules if $virtual == false { class { 'firewall::nas': ftp => $ftp, tftp => $tftp, http => $http, nfsd => $nfs, rsync => $rsync, printer => $cups, torrent => $torrent, mpd => $mpd, samba => $samba, dlna => $dlna, #daap => $daap, } } }