3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
# File 'manifests/webdav/config.pp', line 3
class storm::webdav::config (
) {
file { '/var/lib/storm-webdav/work':
ensure => directory,
owner => 'storm',
group => 'storm',
mode => '0755',
recurse => true,
}
# Service's host credentials directory
file { '/etc/grid-security/storm-webdav':
ensure => directory,
owner => 'storm',
group => 'storm',
mode => '0755',
recurse => true,
}
# Service's hostcert
file { '/etc/grid-security/storm-webdav/hostcert.pem':
ensure => file,
mode => '0644',
owner => 'storm',
group => 'storm',
source => '/etc/grid-security/hostcert.pem',
require => File['/etc/grid-security/storm-webdav'],
}
# Service's hostkey
file { '/etc/grid-security/storm-webdav/hostkey.pem':
ensure => file,
mode => '0400',
owner => 'storm',
group => 'storm',
source => '/etc/grid-security/hostkey.pem',
require => File['/etc/grid-security/storm-webdav'],
}
file { '/etc/storm/webdav/sa.d/README.md':
ensure => file,
}
file { '/etc/storm/webdav/sa.d/sa.properties.template':
ensure => file,
}
file { '/etc/storm/webdav/sa.d':
ensure => directory,
recurse => true,
purge => true,
}
if $storm::webdav::storage_areas {
$sa_properties_template_file='storm/etc/storm/webdav/sa.d/sa.properties.erb'
$storm::webdav::storage_areas.each | $sa | {
# define template variables
# mandatory fields
$name = $sa[name]
$root_path = $sa[root_path]
# optional fileds
$fs_type = pick($sa[filesystem_type], 'posix')
$access_points = pick($sa[access_points], ["/${name}"])
$vos = pick($sa[vos], [])
$orgs = pick($sa[orgs], [])
$authenticated_read_enabled = pick($sa[authenticated_read_enabled], false)
$anonymous_read_enabled = pick($sa[anonymous_read_enabled], false)
$vo_map_enabled = pick($sa[vo_map_enabled], true)
$vo_map_grants_write_permission = pick($sa[vo_map_grants_write_permission], false)
$orgs_grant_read_permission = pick($sa[orgs_grant_read_permission], true)
$orgs_grant_write_permission = pick($sa[orgs_grant_write_permission], false)
$wlcg_scope_authz_enabled = pick($sa[wlcg_scope_authz_enabled], false)
$fine_grained_authz_enabled = pick($sa[fine_grained_authz_enabled], false)
# use template
file { "/etc/storm/webdav/sa.d/${name}.properties":
ensure => file,
content => template($sa_properties_template_file),
owner => 'root',
group => 'storm',
notify => Service['storm-webdav'],
}
}
} else {
notice('Empty storage area list. No storage area has been defined and initialized.')
}
# Directory '/etc/systemd/system/storm-webdav.service.d' is created by rpm
$service_dir='/etc/systemd/system/storm-webdav.service.d'
$limit_template_file='storm/etc/systemd/system/storm-webdav.service.d/filelimit.conf.erb'
$limit_file="${service_dir}/filelimit.conf"
# configuration of filelimit.conf
file { $limit_file:
ensure => file,
content => template($limit_template_file),
owner => 'root',
group => 'root',
mode => '0644',
notify => [Service['storm-webdav']],
}
$environment_file="${service_dir}/storm-webdav.conf"
$environment_template_file='storm/etc/systemd/system/storm-webdav.service.d/storm-webdav.conf.erb'
file { $environment_file:
ensure => file,
content => template($environment_template_file),
notify => [Service['storm-webdav']],
}
}
|