From: Ismaël Bouya <ismael.bouya@normalesup.org>
Date: Sun, 15 Jul 2018 09:25:27 +0000 (+0200)
Subject: Add file store role
X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FProjets%2FPuppet.git;a=commitdiff_plain;h=81ec6f92f400f667c2ce9d879396bfff00ec5bb2

Add file store role
---

diff --git a/.gitmodules b/.gitmodules
index f8ff2b7..f5d2bd0 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -73,3 +73,6 @@
 [submodule "external_modules/augeasproviders_core"]
 	path = external_modules/augeasproviders_core
 	url = git://git.immae.eu/github/hercules-team/augeasproviders_core.git
+[submodule "external_modules/nfs"]
+	path = external_modules/nfs
+	url = git://git.immae.eu/github/derdanne/puppet-nfs
diff --git a/environments/global/roles/file_store.yaml b/environments/global/roles/file_store.yaml
new file mode 100644
index 0000000..c0912e2
--- /dev/null
+++ b/environments/global/roles/file_store.yaml
@@ -0,0 +1,4 @@
+---
+classes:
+  role::file_store: ~
+letsencrypt::hosts: "%{lookup('base_installation::system_hostname')}"
diff --git a/external_modules/nfs b/external_modules/nfs
new file mode 160000
index 0000000..2402020
--- /dev/null
+++ b/external_modules/nfs
@@ -0,0 +1 @@
+Subproject commit 24020205590d9ae942e0acf79c1506b40ab09e40
diff --git a/modules/role/manifests/file_store.pp b/modules/role/manifests/file_store.pp
new file mode 100644
index 0000000..1d3ee49
--- /dev/null
+++ b/modules/role/manifests/file_store.pp
@@ -0,0 +1,36 @@
+class role::file_store (
+  Optional[Array]  $nfs_mounts = ["cardano"],
+  Optional[String] $mountpoint = "/fichiers1",
+) {
+  include "base_installation"
+
+  include "profile::fstab"
+  include "profile::tools"
+  include "profile::monitoring"
+
+  unless empty($mountpoint) {
+    class { "::nfs":
+      server_enabled             => true,
+      nfs_v4                     => true,
+      nfs_v4_export_root         => '/exports',
+      nfs_v4_export_root_clients => 'localhost(rw)',
+      require                    => Mount[$mountpoint],
+    }
+
+    $nfs_mounts.each |$nfs_mount| {
+      file { "$mountpoint/$nfs_mount":
+        ensure  => "directory",
+        mode    => "0755",
+        owner   => "nobody",
+        group   => "nobody",
+        require => Mount[$mountpoint],
+      } ->
+      nfs::server::export { "$mountpoint/$nfs_mount":
+        owner   => "nobody",
+        group   => "nobody",
+        ensure  => "present",
+        clients => "immae.eu(rw,secure,sync,all_squash,sec=krb5p)",
+      }
+    }
+  }
+}