|
class foreman_proxy::config {
|
|
user { $foreman_proxy::params::user:
|
|
ensure => 'present',
|
|
shell => '/sbin/nologin',
|
|
comment => 'Foreman Proxy account',
|
|
groups => $foreman_proxy::params::puppet_group,
|
|
home => $foreman_proxy::params::dir,
|
|
require => Class['foreman_proxy::install'],
|
|
notify => Class['foreman_proxy::service'],
|
|
}
|
|
|
|
file{'/etc/foreman-proxy/settings.yml':
|
|
content => template('foreman_proxy/settings.yml.erb'),
|
|
owner => $foreman_proxy::params::user,
|
|
group => $foreman_proxy::params::user,
|
|
mode => '0644',
|
|
require => Class['foreman_proxy::install'],
|
|
notify => Class['foreman_proxy::service'],
|
|
}
|
|
|
|
augeas { 'sudo-foreman-proxy':
|
|
context => '/files/etc/sudoers',
|
|
changes => [
|
|
"set spec[user = '${foreman_proxy::params::user}']/user ${foreman_proxy::params::user}",
|
|
"set spec[user = '${foreman_proxy::params::user}']/host_group/host ALL",
|
|
"set spec[user = '${foreman_proxy::params::user}']/host_group/command[1] ${foreman_proxy::params::puppetca_cmd}",
|
|
"set spec[user = '${foreman_proxy::params::user}']/host_group/command[2] ${foreman_proxy::params::puppetrun_cmd}",
|
|
"set spec[user = '${foreman_proxy::params::user}']/host_group/command[1]/tag NOPASSWD",
|
|
"set Defaults[type = ':${foreman_proxy::params::user}']/type :${foreman_proxy::params::user}",
|
|
"set Defaults[type = ':${foreman_proxy::params::user}']/requiretty/negate ''",
|
|
],
|
|
}
|
|
|
|
if $foreman_proxy::params::puppetca { include foreman_proxy::puppetca }
|
|
if $foreman_proxy::params::tftp { include foreman_proxy::tftp }
|
|
|
|
# Somehow, calling these DHCP and DNS seems to conflict. So, they get a prefix...
|
|
if $foreman_proxy::params::dhcp { include foreman_proxy::proxydhcp }
|
|
if $foreman_proxy::params::dns { include foreman_proxy::proxydns }
|
|
|
|
}
|