Newer
Older
##############################################################################
# Definition for configuring the whois and finger service
##############################################################################
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
$ensure = 'present'
) {
case $ensure {
#### ABSENT ####
'absent': {
file {
'/etc/remctl/conf.d/whoisd': ensure => absent;
'/etc/remctl/conf.d/whois-search': ensure => absent;
'/etc/remctl/acl/whois-search': ensure => absent;
'/etc/whoisd/whoisd.conf': ensure => absent;
'/etc/whoisd/whoisd-remctl.conf': ensure => absent;
}
package {'stanford-whoisd': ensure => absent }
}
#### PRESENT ####
'present': {
# principal that is used to query the directory
base::wallet { 'service/whois':
path => '/etc/whoisd/keytab',
owner => 'root',
ensure => present,
require => File['/etc/whoisd'];
}
# Ports listened to by whois and finger
base::iptables::rule { 'whois':
ensure => 'present',
description => 'Allow finger and whois connections',
port => ['43','79'],
protocol => 'tcp',
}
# Intall the package after the configuration is in place
package {'stanford-whoisd':
ensure => installed,
require => File['/etc/whoisd/whoisd.conf'];
}
# Make sure whoisd and fingerd are running.
## WHOIS
# We want to reload the systemd daemon on any change to the unit
# file. We use the systemd shared library's systemd-daemon-reload to
# do this.
file { '/lib/systemd/system/whoisd.service':
ensure => present,
source => 'puppet:///modules/s_ldap/lib/systemd/system/whoisd.service',
mode => '0644',
notify => Exec['systemd-daemon-reload']
}
service { 'whoisd':
ensure => 'running',
require => [
File['/lib/systemd/system/whoisd.service'],
File['/etc/whoisd/whoisd.conf'],
Package['stanford-whoisd'],
],
}
## FINGER
file { '/lib/systemd/system/fingerd.service':
ensure => present,
source => 'puppet:///modules/s_ldap/lib/systemd/system/fingerd.service',
mode => '0644',
notify => Exec['systemd-daemon-reload']
}
service { 'fingerd':
ensure => 'running',
require => [
File['/etc/whoisd/fingerd.conf'],
],
}
file {
'/etc/whoisd':
mode => '0755',
ensure => directory;
'/etc/whoisd/fingerd.conf':
mode => '0644',
content => template('s_ldap/etc/whoisd/fingerd.conf.erb'),
require => File['/etc/whoisd'];
'/etc/whoisd/whoisd.conf':
mode => '0644',
content => template('s_ldap/etc/whoisd/whoisd.conf.erb'),
require => File['/etc/whoisd'];
'/etc/whoisd/whoisd-remctl.conf':
mode => '0644',
content => template('s_ldap/etc/whoisd/whoisd-remctl.conf.erb'),
require => File['/etc/whoisd'];
'/etc/remctl/conf.d/whoisd':
mode => '0644',
source => 'puppet:///modules/s_ldap/etc/remctl/conf.d/whoisd';
}
}
}
}