Puppet Class: storm::webdav::config

Defined in:
manifests/webdav/config.pp

Summary

StoRM WebDAV config class

Overview



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# File 'manifests/webdav/config.pp', line 3

class storm::webdav::config (

) {
  file { '/var/lib/storm-webdav/work':
    ensure  => directory,
    owner   => 'storm',
    group   => 'storm',
    mode    => '0755',
    recurse => true,
  }

  # Service's host credentials directory
  file { '/etc/grid-security/storm-webdav':
    ensure  => directory,
    owner   => 'storm',
    group   => 'storm',
    mode    => '0755',
    recurse => true,
  }
  # Service's hostcert
  file { '/etc/grid-security/storm-webdav/hostcert.pem':
    ensure  => file,
    mode    => '0644',
    owner   => 'storm',
    group   => 'storm',
    source  => '/etc/grid-security/hostcert.pem',
    require => File['/etc/grid-security/storm-webdav'],
  }
  # Service's hostkey
  file { '/etc/grid-security/storm-webdav/hostkey.pem':
    ensure  => file,
    mode    => '0400',
    owner   => 'storm',
    group   => 'storm',
    source  => '/etc/grid-security/hostkey.pem',
    require => File['/etc/grid-security/storm-webdav'],
  }

  file { '/etc/storm/webdav/sa.d/README.md':
    ensure => file,
  }
  file { '/etc/storm/webdav/sa.d/sa.properties.template':
    ensure => file,
  }
  file { '/etc/storm/webdav/sa.d':
    ensure  => directory,
    recurse => true,
    purge   => true,
  }

  if $storm::webdav::storage_areas {
    $sa_properties_template_file='storm/etc/storm/webdav/sa.d/sa.properties.erb'
    $storm::webdav::storage_areas.each | $sa | {
      # define template variables
      # mandatory fields
      $name = $sa[name]
      $root_path = $sa[root_path]
      # optional fileds
      $fs_type = pick($sa[filesystem_type], 'posix')
      $access_points = pick($sa[access_points], ["/${name}"])
      $vos = pick($sa[vos], [])
      $orgs = pick($sa[orgs], [])
      $authenticated_read_enabled = pick($sa[authenticated_read_enabled], false)
      $anonymous_read_enabled = pick($sa[anonymous_read_enabled], false)
      $vo_map_enabled = pick($sa[vo_map_enabled], true)
      $vo_map_grants_write_permission = pick($sa[vo_map_grants_write_permission], false)
      $orgs_grant_read_permission = pick($sa[orgs_grant_read_permission], true)
      $orgs_grant_write_permission = pick($sa[orgs_grant_write_permission], false)
      $wlcg_scope_authz_enabled = pick($sa[wlcg_scope_authz_enabled], false)
      $fine_grained_authz_enabled = pick($sa[fine_grained_authz_enabled], false)
      # use template
      file { "/etc/storm/webdav/sa.d/${name}.properties":
        ensure  => file,
        content => template($sa_properties_template_file),
        owner   => 'root',
        group   => 'storm',
        notify  => Service['storm-webdav'],
      }
    }
  } else {
    notice('Empty storage area list. No storage area has been defined and initialized.')
  }

  # Directory '/etc/systemd/system/storm-webdav.service.d' is created by rpm
  $service_dir='/etc/systemd/system/storm-webdav.service.d'

  $limit_template_file='storm/etc/systemd/system/storm-webdav.service.d/filelimit.conf.erb'
  $limit_file="${service_dir}/filelimit.conf"
  # configuration of filelimit.conf
  file { $limit_file:
    ensure  => file,
    content => template($limit_template_file),
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    notify  => [Service['storm-webdav']],
  }

  $environment_file="${service_dir}/storm-webdav.conf"
  $environment_template_file='storm/etc/systemd/system/storm-webdav.service.d/storm-webdav.conf.erb'
  file { $environment_file:
    ensure  => file,
    content => template($environment_template_file),
    notify  => [Service['storm-webdav']],
  }
}