+# autossh tunnel interface
+#
+# TODO: User handling should be put somewhere. Here we are duplicating
+# code from backupninja module. Further developments should consider
+# have an unified user handling, maybe at puppet-user.
+#
+# For now, it's important to preserve the 'backupninja-' like tag
+# otherwise the behavior of this code will conflict with backupninja
+# and we'll see strange things like exported resources not being
+# realized.
+
+# this define realizes all needed resources for a hosted tunnel
+define tunnel_server_realize($host) {
+ User <<| tag == "backupninja-$host" |>>
+ File <<| tag == "backupninja-$host" |>>
+ Ssh_authorized_key <<| tag == "backupninja-$host" |>>
+}
+
class tunnel {
- User <<| tag == "autossh-$fqdn" |>>
- File <<| tag == "autossh-$fqdn" |>>
+ # collect all resources from hosted tunnels
+ Tunnel_server_realize <<| tag == "$fqdn" |>>
- # TODO: user setup should be put somewhere
define setup($ensure = present, $user = $hostname, $host, $localport, $hostport, $sshport = '22', $keytype = 'dsa') {
$dir = "/var/backups/remote/$user.$domain"
- $tag = "autossh-$host"
+ $tag = "backupninja-$fqdn"
$ssh_dir = "$dir/.ssh"
autossh::tunnel { $name:
sshport => $sshport,
}
+ if !defined(Tunnel_server_realize["${fqdn}@${real_host}"]) {
+ # this defines just maps that $host host an user environment for $fdqn
+ @@tunnel_server_realize { "${fqdn}@${real_host}":
+ host => $fqdn,
+ tag => $host,
+ }
+ }
+
if !defined(File["$dir"]) {
@@file { "$dir":
ensure => directory,
if !defined(User["$user"]) {
@@user { "$user":
ensure => "present",
- comment => "$name backup sandbox",
+ comment => "$user backup sandbox",
home => "$dir",
gid => "backupninjas",
managehome => true,
projects / puppet-nodo.git / commitdiff