refactor

diff --git a/manifests/init.pp b/manifests/init.pp
index b7765a557c23f8efbd0c774a9dd1715cb4976f97..e9f962aeaba389be2a918af1272f575cb23543e9 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,10 +1,11 @@
 class henks_ircservices (
+  Array $networks
 ) {
-  user {
-    'irc-services':
-      ensure     => present,
-      managehome => true,
-      password   => '!',
-    ;
+  $networks.each |$network| {
+    henks_ircservices::network {
+      $network['name']:
+        run_user => $network.dig('system_user').lest | | { "irc-services-${network['name']}" },
+      ;
+    }
   }
 }

diff --git a/manifests/network.pp b/manifests/network.pp
new file mode 100644 (file)
index 0000000..1e432ac
--- /dev/null
+++ b/manifests/network.pp
@@ -0,0 +1,64 @@
+define henks_ircservices::network (
+  String $run_user = "irc-services-${name}",
+  String $network_name = $name,
+) {
+  $service_base = "/etc/s6-services/irc-services-${network_name}/"
+
+  user {
+    $run_user:
+      ensure     => present,
+      password   => '!',
+      managehome => true,
+    ;
+  }
+
+  file {
+    $service_base:
+      ensure => directory,
+    ;
+    "${service_base}/run":
+      ensure  => present,
+      content => epp(
+        'henks_ircservices/etc/s6-services/irc-services/run.epp',
+        {
+          'network_name' => $network_name,
+          'run_user'     => $run_user,
+        },
+      ),
+      mode    => '0755',
+    ;
+    "${service_base}/timeout-kill":
+      ensure  => present,
+      content => '0',
+    ;
+    "${service_base}/log/":
+      ensure => directory,
+    ;
+    "${service_base}/log/run":
+      ensure  => present,
+      content => epp(
+        'henks_ircservices/etc/s6-services/irc-services/log/run.epp',
+        {
+          'network_name' => $network_name,
+        },
+      ),
+      mode    => '0755',
+    ;
+    "/var/log/s6/irc-services-${network_name}/":
+      ensure => directory,
+      mode   => '0700',
+    ;
+    "/var/log/s6/irc-services-${network_name}/logs/":
+      ensure => directory,
+      mode   => '0700',
+    ;
+  }
+
+  service {
+    "irc-services-${network_name}":
+      ensure   => running,
+      enable   => true,
+      provider => 's6',
+    ;
+  }
+}

diff --git a/templates/etc/s6-services/irc-services/log/run.epp b/templates/etc/s6-services/irc-services/log/run.epp
new file mode 100644 (file)
index 0000000..60f5e08
--- /dev/null
+++ b/templates/etc/s6-services/irc-services/log/run.epp
@@ -0,0 +1,20 @@
+<%- |
+       String $network_name,
+| -%>
+<% if versioncmp( $facts['os']['release']['major'], '10' ) >= 1 { -%>
+#!/usr/bin/execlineb -P
+<% } else { -%>
+#!/usr/local/bin/execlineb -P
+<% } -%>
+
+define NETWORK_NAME <%= $network_name %>
+define SERVICES_LOGDIR /var/log/s6/irc-services-${NETWORK_NAME}
+define SERVICES_MAIL_FIFO ${SERVICES_LOGDIR}/mail_fifo
+
+fdmove -c 2 1
+s6-log
+       t
+       s1048576
+       S2147483648
+       !"background { redirfd -r 0 ${SERVICES_MAIL_FIFO} mail -s \"irc-services log: ${NETWORK_NAME}\" -- root } tee ${SERVICES_MAIL_FIFO}"
+       "${SERVICES_LOGDIR}/logs"

diff --git a/templates/etc/s6-services/irc-services/run.epp b/templates/etc/s6-services/irc-services/run.epp
new file mode 100644 (file)
index 0000000..ddac6e2
--- /dev/null
+++ b/templates/etc/s6-services/irc-services/run.epp
@@ -0,0 +1,18 @@
+<%- |
+       String $network_name,
+       String $run_user,
+| -%>
+<% if versioncmp( $facts['os']['release']['major'], '10' ) >= 1 { -%>
+#!/usr/bin/execlineb -P
+<% } else { -%>
+#!/usr/local/bin/execlineb -P
+<% } -%>
+
+define NETWORK_NAME <%= $network_name %>
+define RUN_USER <%= $run_user %>
+backtick HOME { homeof ${RUN_USER} }
+importas -n -u HOME HOME
+
+fdmove -c 2 1
+s6-setuidgid ${RUN_USER}
+${HOME}/rundir/anope/current/bin/services --nofork