2020-03-04 16:20:34 +01:00
|
|
|
{% set gvaappname = salt['pillar.get']('gnuviechadmin:appname') %}
|
|
|
|
{% set purpose = "for file server configuration management" %}
|
|
|
|
{% set mail_directory = salt['pillar.get']('gnuviechadmin:gvafile:mail_directory', '/home/mail') %}
|
|
|
|
{% set web_directory = salt['pillar.get']('gnuviechadmin:gvafile:web_directory', '/home/www') %}
|
|
|
|
{% set nfs_root = salt['pillar.get']('nfsserver:nfsroot', '/srv/nfs4') %}
|
|
|
|
{% set sftp_chroot = salt['pillar.get']('gnuviechadmin:gvafile:sftp_chroot', '/srv/sftp') %}
|
|
|
|
{% from 'gnuviechadmin/gvaapp_macros.sls' import create_celery_worker with context %}
|
2016-02-06 13:54:57 +01:00
|
|
|
include:
|
2020-03-04 16:20:34 +01:00
|
|
|
- base
|
|
|
|
- python.pipenv
|
|
|
|
- python.virtualenv
|
|
|
|
- nfsserver
|
|
|
|
|
|
|
|
{{ mail_directory }}:
|
|
|
|
file.directory:
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- mode: 0751
|
|
|
|
|
|
|
|
{{ web_directory }}:
|
|
|
|
file.directory:
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- mode: 0751
|
|
|
|
|
|
|
|
{{ sftp_chroot }}:
|
|
|
|
file.directory:
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- mode: 0755
|
|
|
|
|
|
|
|
{{ sftp_chroot }}/home:
|
|
|
|
file.directory:
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- mode: 0751
|
|
|
|
- require:
|
|
|
|
- file: {{ sftp_chroot }}
|
|
|
|
|
|
|
|
bind_mount_nfs_mail:
|
|
|
|
mount.fstab_present:
|
|
|
|
- name: {{ mail_directory }}
|
|
|
|
- fs_file: {{ nfs_root }}/mail
|
|
|
|
- fs_vfstype: none
|
|
|
|
- fs_mntops: bind
|
|
|
|
- require:
|
|
|
|
- file: {{ mail_directory }}
|
|
|
|
- file: {{ nfs_root }}/mail
|
|
|
|
- watch_in:
|
|
|
|
- service: nfs-kernel-server
|
|
|
|
|
|
|
|
bind_mount_nfs_web:
|
|
|
|
mount.fstab_present:
|
|
|
|
- name: {{ web_directory }}
|
|
|
|
- fs_file: {{ nfs_root }}/web
|
|
|
|
- fs_vfstype: none
|
|
|
|
- fs_mntops: bind
|
|
|
|
- require:
|
|
|
|
- file: {{ web_directory }}
|
|
|
|
- file: {{ nfs_root }}/web
|
|
|
|
- watch_in:
|
|
|
|
- service: nfs-kernel-server
|
|
|
|
|
|
|
|
bind_mount_sftp_chroot:
|
|
|
|
mount.fstab_present:
|
|
|
|
- name: {{ web_directory }}
|
|
|
|
- fs_file: {{ sftp_chroot }}/home
|
|
|
|
- fs_vfstype: none
|
|
|
|
- fs_mntops: bind
|
|
|
|
- require:
|
|
|
|
- file: {{ web_directory }}
|
|
|
|
- file: {{ sftp_chroot }}/home
|
|
|
|
|
|
|
|
{{ create_celery_worker(gvaappname, purpose) }}
|
|
|
|
|
|
|
|
/etc/sudoers.d/{{ gvaappname }}:
|
|
|
|
file.managed:
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- source: salt://gnuviechadmin/{{ gvaappname }}/sudoers
|
|
|
|
- template: jinja
|
|
|
|
- context:
|
|
|
|
app_user: {{ salt['grains.get']('gnuviechadmin:user', gvaappname) }}
|
|
|
|
- require:
|
|
|
|
- pkg: sudo
|