From: Hendrik Jäger <gitcommit@henk.geekmail.org>
Date: Fri, 1 Jul 2022 20:15:04 +0000 (+0200)
Subject: refactor
X-Git-Url: https://git.netwichtig.de/gitweb/?a=commitdiff_plain;h=e1c6349ec0d9aa6cb7d1690edf0416ddd3709d8a;p=user%2Fhenk%2Fcode%2Fpuppet%2Fmodules%2Fhenks_ircservices.git

refactor
---

diff --git a/manifests/init.pp b/manifests/init.pp
index b7765a5..e9f962a 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,10 +1,11 @@
 class henks_ircservices (
+  Array $networks
 ) {
-  user {
-    'irc-services':
-      ensure     => present,
-      managehome => true,
-      password   => '!',
-    ;
+  $networks.each |$network| {
+    henks_ircservices::network {
+      $network['name']:
+        run_user => $network.dig('system_user').lest | | { "irc-services-${network['name']}" },
+      ;
+    }
   }
 }
diff --git a/manifests/network.pp b/manifests/network.pp
new file mode 100644
index 0000000..1e432ac
--- /dev/null
+++ b/manifests/network.pp
@@ -0,0 +1,64 @@
+define henks_ircservices::network (
+  String $run_user = "irc-services-${name}",
+  String $network_name = $name,
+) {
+  $service_base = "/etc/s6-services/irc-services-${network_name}/"
+
+  user {
+    $run_user:
+      ensure     => present,
+      password   => '!',
+      managehome => true,
+    ;
+  }
+
+  file {
+    $service_base:
+      ensure => directory,
+    ;
+    "${service_base}/run":
+      ensure  => present,
+      content => epp(
+        'henks_ircservices/etc/s6-services/irc-services/run.epp',
+        {
+          'network_name' => $network_name,
+          'run_user'     => $run_user,
+        },
+      ),
+      mode    => '0755',
+    ;
+    "${service_base}/timeout-kill":
+      ensure  => present,
+      content => '0',
+    ;
+    "${service_base}/log/":
+      ensure => directory,
+    ;
+    "${service_base}/log/run":
+      ensure  => present,
+      content => epp(
+        'henks_ircservices/etc/s6-services/irc-services/log/run.epp',
+        {
+          'network_name' => $network_name,
+        },
+      ),
+      mode    => '0755',
+    ;
+    "/var/log/s6/irc-services-${network_name}/":
+      ensure => directory,
+      mode   => '0700',
+    ;
+    "/var/log/s6/irc-services-${network_name}/logs/":
+      ensure => directory,
+      mode   => '0700',
+    ;
+  }
+
+  service {
+    "irc-services-${network_name}":
+      ensure   => running,
+      enable   => true,
+      provider => 's6',
+    ;
+  }
+}
diff --git a/templates/etc/s6-services/irc-services/log/run.epp b/templates/etc/s6-services/irc-services/log/run.epp
new file mode 100644
index 0000000..60f5e08
--- /dev/null
+++ b/templates/etc/s6-services/irc-services/log/run.epp
@@ -0,0 +1,20 @@
+<%- |
+	String $network_name,
+| -%>
+<% if versioncmp( $facts['os']['release']['major'], '10' ) >= 1 { -%>
+#!/usr/bin/execlineb -P
+<% } else { -%>
+#!/usr/local/bin/execlineb -P
+<% } -%>
+
+define NETWORK_NAME <%= $network_name %>
+define SERVICES_LOGDIR /var/log/s6/irc-services-${NETWORK_NAME}
+define SERVICES_MAIL_FIFO ${SERVICES_LOGDIR}/mail_fifo
+
+fdmove -c 2 1
+s6-log
+	t
+	s1048576
+	S2147483648
+	!"background { redirfd -r 0 ${SERVICES_MAIL_FIFO} mail -s \"irc-services log: ${NETWORK_NAME}\" -- root } tee ${SERVICES_MAIL_FIFO}"
+	"${SERVICES_LOGDIR}/logs"
diff --git a/templates/etc/s6-services/irc-services/run.epp b/templates/etc/s6-services/irc-services/run.epp
new file mode 100644
index 0000000..ddac6e2
--- /dev/null
+++ b/templates/etc/s6-services/irc-services/run.epp
@@ -0,0 +1,18 @@
+<%- |
+	String $network_name,
+	String $run_user,
+| -%>
+<% if versioncmp( $facts['os']['release']['major'], '10' ) >= 1 { -%>
+#!/usr/bin/execlineb -P
+<% } else { -%>
+#!/usr/local/bin/execlineb -P
+<% } -%>
+
+define NETWORK_NAME <%= $network_name %>
+define RUN_USER <%= $run_user %>
+backtick HOME { homeof ${RUN_USER} }
+importas -n -u HOME HOME
+
+fdmove -c 2 1
+s6-setuidgid ${RUN_USER}
+${HOME}/rundir/anope/current/bin/services --nofork