Faidon Liambotis has uploaded a new change for review.
https://gerrit.wikimedia.org/r/180441
Change subject: install-server::tftp-server cleanups
......................................................................
install-server::tftp-server cleanups
- Set backup => false: do not filebucket debian-installer binaries;
they're large and it's also useless to back them up.
- Drop /srv/tftpboot/restricted (it's empty) & its resepective lighttpd
configuration.
- Drop /tftpboot symlink, it's useless and non-FHS compliant.
- ensure => s/latest/ensure/ for atftpd.
- Remove comment that states that atftpd is started by inetd; simply
untrue, as our atftpd-default has USE_INETD=false.
- Add a Service['atftpd'] stanza and notify it from the config File
resource.
- Indent
Change-Id: I5999c75e9eaa912026b2cd21221d80d8932ff02c
---
M modules/install-server/files/lighttpd.conf
M modules/install-server/manifests/tftp-server.pp
M modules/install-server/spec/classes/install_server_tftp_server_spec.rb
3 files changed, 20 insertions(+), 40 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/41/180441/1
diff --git a/modules/install-server/files/lighttpd.conf
b/modules/install-server/files/lighttpd.conf
index 72fd856..343e623 100644
--- a/modules/install-server/files/lighttpd.conf
+++ b/modules/install-server/files/lighttpd.conf
@@ -61,9 +61,3 @@
## load enabled configuration files,
## read /etc/lighttpd/conf-available/README first
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
-
-# Deny access to restricted directories
-$HTTP["url"] =~ "^/tftpboot/restricted/" {
- url.access-deny = ( "" )
-}
-
diff --git a/modules/install-server/manifests/tftp-server.pp
b/modules/install-server/manifests/tftp-server.pp
index 72a9d13..dd0885d 100644
--- a/modules/install-server/manifests/tftp-server.pp
+++ b/modules/install-server/manifests/tftp-server.pp
@@ -13,24 +13,19 @@
# include install-server::tftp-server
class install-server::tftp-server {
- file {
- '/srv/tftpboot':
- # config files in the puppet repository,
- # larger files like binary images in volatile
- source => [ 'puppet:///modules/install-server/tftpboot',
'puppet:///volatile/tftpboot' ],
- sourceselect => all,
- mode => '0444',
- owner => 'root',
- group => 'root',
- recurse => remote;
- '/srv/tftpboot/restricted/':
- ensure => directory,
- mode => '0755',
- owner => 'root',
- group => 'root';
- '/tftpboot':
- ensure => link,
- target => '/srv/tftpboot';
+ file { '/srv/tftpboot':
+ # config files in the puppet repository,
+ # larger files like binary images in volatile
+ source => [
+ 'puppet:///modules/install-server/tftpboot',
+ 'puppet:///volatile/tftpboot'
+ ],
+ sourceselect => all,
+ mode => '0444',
+ owner => 'root',
+ group => 'root',
+ recurse => remote,
+ backup => false,
}
file { '/etc/default/atftpd':
@@ -38,11 +33,16 @@
owner => 'root',
group => 'root',
source => 'puppet:///modules/install-server/atftpd-default',
+ notify => Service['atftpd'],
}
- # Started by inetd
package { 'atftpd':
- ensure => latest,
+ ensure => present,
require => File['/etc/default/atftpd'],
}
+
+ service { 'atftpd':
+ ensure => running,
+ require => Package['atftpd'],
+ }
}
diff --git
a/modules/install-server/spec/classes/install_server_tftp_server_spec.rb
b/modules/install-server/spec/classes/install_server_tftp_server_spec.rb
index 192224b..8695751 100644
--- a/modules/install-server/spec/classes/install_server_tftp_server_spec.rb
+++ b/modules/install-server/spec/classes/install_server_tftp_server_spec.rb
@@ -20,18 +20,4 @@
'recurse' => 'remote',
})
end
- it do
- should contain_file('/srv/tftpboot/restricted/').with({
- 'ensure' => 'directory',
- 'mode' => '0755',
- 'owner' => 'root',
- 'group' => 'root',
- })
- end
- it do
- should contain_file('/tftpboot').with({
- 'ensure' => 'link',
- 'target' => '/srv/tftpboot',
- })
- end
end
--
To view, visit https://gerrit.wikimedia.org/r/180441
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I5999c75e9eaa912026b2cd21221d80d8932ff02c
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Faidon Liambotis <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
