Commit based on PR #10 to standardise use of variables in group names

cc3a692b · Jonathan Gazeley · d89b3de3 · cc3a692b · cc3a692b · cc3a692b
Commit cc3a692b authored 10 years ago by Jonathan Gazeley
--- a/manifests/attr.pp
+++ b/manifests/attr.pp
@@ -3,14 +3,14 @@ define freeradius::attr ($source) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
-  $fr_user = $::freeradius::params::fr_user
+  $fr_group    = $::freeradius::params::fr_group

  file { "${fr_basepath}/attr.d/${name}":
    mode    => '0640',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    source  => $source,
-    require => File["${fr_basepath}/attr.d"],
+    require => [File["${fr_basepath}/attr.d"], Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }
 }
--- a/manifests/client.pp
+++ b/manifests/client.pp
@@ -11,19 +11,18 @@ define freeradius::client (
  $netmask        = undef,
  $redirect       = undef,
  $port           = undef,
-  $srcip=undef,
-) {
+  $srcip          = undef,) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
-  $fr_user = $::freeradius::params::fr_user
+  $fr_group    = $::freeradius::params::fr_group

  file { "${fr_basepath}/clients.d/${shortname}.conf":
    mode    => '0640',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    content => template('freeradius/client.conf.erb'),
-    require => File["${fr_basepath}/clients.d"],
+    require => [File["${fr_basepath}/clients.d"], Group[$fr_group]],
    notify  => Service[$fr_service],
  }
 }
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -3,14 +3,14 @@ define freeradius::config ($source) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
-  $fr_user = $::freeradius::params::fr_user
+  $fr_group    = $::freeradius::params::fr_group

  file { "${fr_basepath}/conf.d/${name}":
    mode    => '0640',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    source  => $source,
-    require => File["${fr_basepath}/conf.d"],
+    require => [File["${fr_basepath}/conf.d"], Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }
 }
--- a/manifests/dictionary.pp
+++ b/manifests/dictionary.pp
@@ -3,14 +3,15 @@ define freeradius::dictionary ($source, $order=50) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_group    = $::freeradius::params::fr_group

  # Install dictionary in dictionary.d
  file { "${fr_basepath}/dictionary.d/dictionary.${name}":
    mode    => '0644',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    source  => $source,
-    require => Package[$fr_package],
+    require => [File["${fr_basepath}/dictionary.d"], Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }


--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -15,9 +15,9 @@ class freeradius (
    name    => "${fr_basepath}/radiusd.conf",
    mode    => '0640',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    content => template('freeradius/radiusd.conf.erb'),
-    require => Package[$fr_package],
+    require => [Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }

@@ -38,8 +38,8 @@ class freeradius (
    ensure  => directory,
    mode    => '0750',
    owner   => 'root',
-    group   => 'radiusd',
-    require => Package[$fr_package],
+    group   => $fr_group,
+    require => [Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }

@@ -47,8 +47,9 @@ class freeradius (
  # We also add standard header and footer
  concat { "${fr_basepath}/policy.conf":
    owner   => 'root',
-    group => 'radiusd',
+    group   => $fr_group,
    mode    => '0640',
+    require => [Package[$fr_package], Group[$fr_group]],
  }
  concat::fragment { 'policy_header':
    target  => "${fr_basepath}/policy.conf",
@@ -65,8 +66,9 @@ class freeradius (
  # our custom dictionaries
  concat { "${fr_basepath}/dictionary":
    owner   => 'root',
-    group => 'radiusd',
+    group   => $fr_group,
    mode    => '0640',
+    require => [Package[$fr_package], Group[$fr_group]],
  }
  concat::fragment { 'dictionary_header':
    target => "${fr_basepath}/dictionary",
@@ -116,12 +118,7 @@ class freeradius (
  service { 'radiusd':
    ensure     => running,
    name       => $fr_service,
-    require    => [
-      Exec['radiusd-config-test'],
-      File['radiusd.conf'],
-      User['radiusd'],
-      Package[$fr_package],
-    ],
+    require    => [Exec['radiusd-config-test'], File['radiusd.conf'], User[$fr_user], Package[$fr_package],],
    enable     => true,
    hasstatus  => true,
    hasrestart => true,
@@ -130,7 +127,7 @@ class freeradius (
  # We don't want to create the radiusd user, just add it to the
  # wbpriv group if the user needs winbind support. We depend on
  # the FreeRADIUS package to be sure that the user has been created
-  user { 'radiusd':
+  user { $fr_user:
    ensure  => present,
    groups  => $winbind_support ? {
      true    => $fr_wbpriv_user,
@@ -139,6 +136,14 @@ class freeradius (
    require => Package[$fr_package],
  }

+  # We don't want to add the radiusd group but it must be defined
+  # here so we can depend on it. WE depend on the FreeRADIUS
+  # package to be sure that the group has been created.
+  group { $fr_group: 
+    ensure => present,
+    require => Package[$fr_package]
+  }
+
  # Install a few modules required on all FR installations
  freeradius::module  { 'always':
    source  => 'puppet:///modules/freeradius/modules/always',
@@ -181,18 +186,19 @@ class freeradius (
  }

  file { "${fr_logpath}/radius.log":
-    owner   => 'radiusd',
-    group   => 'radiusd',
+    owner   => $fr_user,
+    group   => $fr_group,
    seltype => 'radiusd_log_t',
+    require => [Package[$fr_package], User[$fr_user], Group[$fr_group]],
  }

  # Updated logrotate file to include radiusd-*.log
  file { '/etc/logrotate.d/radiusd':
    mode    => '0640',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    content => template('freeradius/radiusd.logrotate.erb'),
-    require => Package[$fr_package],
+    require => [Package[$fr_package], Group[$fr_group]],
  }

  # Generate global SSL parameters
@@ -230,8 +236,8 @@ class freeradius (
    content => "# FILE INTENTIONALLY BLANK\n",
    mode    => '0644',
    owner   => 'root',
-    group   => 'radiusd',
-    require => Package[$fr_package],
+    group   => $fr_group,
+    require => [Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }


--- a/manifests/instantiate.pp
+++ b/manifests/instantiate.pp
@@ -3,14 +3,14 @@ define freeradius::instantiate {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
-  $fr_user = $::freeradius::params::fr_user
+  $fr_group    = $::freeradius::params::fr_group

  file { "${fr_basepath}/instantiate/${name}":
    mode    => '0640',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    content => $name,
-    require => Package[$fr_package],
+    require => [Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }
 }
--- a/manifests/module.pp
+++ b/manifests/module.pp
@@ -3,14 +3,14 @@ define freeradius::module ($source) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
-  $fr_user = $::freeradius::params::fr_user
+  $fr_group    = $::freeradius::params::fr_group

  file { "${fr_basepath}/modules/${name}":
    mode    => '0640',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    source  => $source,
-    require => Package[$fr_package],
+    require => [Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }
 }
--- a/manifests/policy.pp
+++ b/manifests/policy.pp
@@ -3,15 +3,15 @@ define freeradius::policy ($source, $order=50) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
-  $fr_user = $::freeradius::params::fr_user
+  $fr_group    = $::freeradius::params::fr_group

  # Install policy in policy.d
  file { "${fr_basepath}/policy.d/${name}":
    mode    => '0644',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    source  => $source,
-    require => Package[$fr_package],
+    require => [Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }


--- a/manifests/script.pp
+++ b/manifests/script.pp
@@ -3,13 +3,14 @@ define freeradius::script ($source) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
-  $fr_user = $::freeradius::params::fr_user
+  $fr_group    = $::freeradius::params::fr_group

  file { "${fr_basepath}/scripts/${name}":
    mode    => '0750',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    source  => $source,
-    require => File["${fr_basepath}/scripts"],
+    require => [File["${fr_basepath}/scripts"], Package[$fr_package], Group[$fr_group]],
+    notify  => Service[$fr_service],
  }
 }
--- a/manifests/site.pp
+++ b/manifests/site.pp
 # Install FreeRADIUS virtual servers (sites)
-define freeradius::site (
-  $source  = undef,
-  $content = undef,
-) {
+define freeradius::site ($source = undef, $content = undef,) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
-  $fr_user = $::freeradius::params::fr_user
+  $fr_group    = $::freeradius::params::fr_group

  file { "${fr_basepath}/sites-enabled/${name}":
    mode    => '0640',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    source  => $source,
    content => $content,
-    require => Package[$fr_package],
+    require => [Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }
 }
--- a/manifests/statusclient.pp
+++ b/manifests/statusclient.pp
 # Install FreeRADIUS clients (WISMs or testing servers)
-define freeradius::statusclient (
-  $secret,
-  $ip=undef,
-  $ip6=undef,
-  $port=undef,
-  $shortname=$name,
-  $netmask = undef,
-) {
+define freeradius::statusclient ($secret, $ip = undef, $ip6 = undef, $port = undef, $shortname = $name, $netmask = undef,) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_basepath = $::freeradius::params::fr_basepath
-  $fr_user = $::freeradius::params::fr_user
+  $fr_group    = $::freeradius::params::fr_group

  file { "${fr_basepath}/statusclients.d/${name}.conf":
    mode    => '0640',
    owner   => 'root',
-    group   => 'radiusd',
+    group   => $fr_group,
    content => template('freeradius/client.conf.erb'),
-    require => File["${fr_basepath}/clients.d"],
+    require => [File["${fr_basepath}/clients.d"], Package[$fr_package], Group[$fr_group]],
    notify  => Service[$fr_service],
  }
 }