From 4aa867dd7fab505a1d9a7ee09d040e100b3a455c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= Date: Sun, 15 Jan 2023 12:17:08 +0100 Subject: Fix linter warnings. --- manifests/filter.pp | 15 ++-- manifests/filter_setup.pp | 14 ++-- manifests/init.pp | 197 +++++++++++++++++++++++----------------------- manifests/nginx.pp | 37 ++++----- 4 files changed, 130 insertions(+), 133 deletions(-) diff --git a/manifests/filter.pp b/manifests/filter.pp index 1c092f1..76bdcd3 100644 --- a/manifests/filter.pp +++ b/manifests/filter.pp @@ -19,24 +19,25 @@ define cgit::filter ( default => 'exec', } ) { - - include ::cgit::filter_setup + include cgit::filter_setup $dest = "${cgit::filterpath}/${filtername}-filter" + $mode = $type ? { + 'lua' => '0444', + 'exec' => '0555', + } + file { $dest: ensure => file, - mode => $type ? { - 'lua' => '0444', - 'exec' => '0555', - }, + mode => $mode, source => $source, content => $content, * => $file_props, } concat::fragment { "cgit config filter ${filtername}": - target => $::cgit::cgitrc, + target => $cgit::cgitrc, content => "${filtername}-filter=${type}:${dest}\n", require => File[$dest], } diff --git a/manifests/filter_setup.pp b/manifests/filter_setup.pp index e79f70b..63e3995 100644 --- a/manifests/filter_setup.pp +++ b/manifests/filter_setup.pp @@ -3,13 +3,13 @@ # Where in the filesystem filters should be kept. # @api private class cgit::filter_setup ( - String $filterpath = $::cgit::filterpath, + String $filterpath = $cgit::filterpath, ) { - file { dirname($filterpath): - ensure => directory, - } + file { dirname($filterpath): + ensure => directory, + } - file { $filterpath: - ensure => directory, - } + file { $filterpath: + ensure => directory, + } } diff --git a/manifests/init.pp b/manifests/init.pp index 6599301..9af59a4 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -51,115 +51,114 @@ # CGIT filters to be managed. # @see cgit::filter class cgit ( - String $root_title, - String $root_desc, - String $scan_path, - Array[String] $clone_url = [], - String $root = '/var/www/cgit', - String $filterpath = '/usr/lib/cgit/puppet-controlled-filters', - String $root_readme_source = "puppet:///modules/${module_name}/root_readme", - Optional[String] $root_readme_content = undef, - Optional[String] $root_readme_sha256 = undef, - String $root_readme_extension = '', - Boolean $enable_http_clone = false, - Array[String] $public_repos = [], - Array[Struct[{ - name => String, - pass => String }]] $users = [], - Variant[Boolean, Enum['nginx']] $manage_server = false, - Optional[String] $server_name = undef, - Optional[String] $certname = undef, - String $htpasswd = '/var/lib/nginx/cgit-htpasswd', - String $cgitrc = '/etc/cgitrc', - Hash[String, Hash] $filters = {}, + String $root_title, + String $root_desc, + String $scan_path, + Array[String] $clone_url = [], + String $root = '/var/www/cgit', + String $filterpath = '/usr/lib/cgit/puppet-controlled-filters', + String $root_readme_source = "puppet:///modules/${module_name}/root_readme", + Optional[String] $root_readme_content = undef, + Optional[String] $root_readme_sha256 = undef, + String $root_readme_extension = '', # lint:ignore:params_empty_string_assignment + Boolean $enable_http_clone = false, + Array[String] $public_repos = [], + Array[Struct[{ + name => String, + pass => String, + }]] $users = [], + Variant[Boolean, Enum['nginx']] $manage_server = false, + Optional[String] $server_name = undef, + Optional[String] $certname = undef, + String $htpasswd = '/var/lib/nginx/cgit-htpasswd', + String $cgitrc = '/etc/cgitrc', + Hash[String, Hash] $filters = {}, ) { - - # TODO figure out where CSS comes from - - ensure_packages([ - 'git', - 'cgit', - ], { ensure => installed }) - - Cgit::Filter <| |> -> Concat[$cgitrc] - - concat { $cgitrc: - ensure => present, - } - - concat::fragment { 'cgit config upper half': - order => 0, - content => epp('cgit/upper.epp'), - target => $::cgit::cgitrc, - } - - concat::fragment { 'cgit config lower half': - order => 99, - content => epp('cgit/lower.epp'), - target => $::cgit::cgitrc, - } - - create_resources(cgit::filter, $filters) - - file { "${root}/logo": - ensure => directory, - } - - file { "${root}/logo/logo.png": - ensure => file, - source => 'puppet:///modules/cgit/logo.png', + # TODO figure out where CSS comes from + + ensure_packages([ + 'git', + 'cgit', + ], { ensure => installed }) + + Cgit::Filter <| |> -> Concat[$cgitrc] + + concat { $cgitrc: + ensure => present, + } + + concat::fragment { 'cgit config upper half': + order => 0, + content => epp('cgit/upper.epp'), + target => $cgitrc, + } + + concat::fragment { 'cgit config lower half': + order => 99, + content => epp('cgit/lower.epp'), + target => $cgitrc, + } + + create_resources(cgit::filter, $filters) + + file { "${root}/logo": + ensure => directory, + } + + file { "${root}/logo/logo.png": + ensure => file, + source => 'puppet:///modules/cgit/logo.png', + } + + file { "${root}/logo/logo_large.png": + ensure => file, + source => 'puppet:///modules/cgit/logo_large.png', + } + + $chksum = if $root_readme_sha256 != undef { + { + 'checksum' => 'sha256', + 'checksum_value' => $root_readme_sha256, } + } else { + {} + } - file { "${root}/logo/logo_large.png": - ensure => file, - source => 'puppet:///modules/cgit/logo_large.png', + $readme = "${root}/README${root_readme_extension}" + if $root_readme_content { + file { $readme: + ensure => file, + content => $root_readme_content, + * => $chksum, } - - $chksum = if $root_readme_sha256 != undef { - { - 'checksum' => 'sha256', - 'checksum_value' => $root_readme_sha256, - } - } else { - { } + } else { + file { $readme: + ensure => file, + source => $root_readme_source, + * => $chksum, } + } - $readme = "${root}/README${root_readme_extension}" - if $root_readme_content { - file { $readme: - ensure => file, - content => $root_readme_content, - * => $chksum, - } - } else { - file { $readme: - ensure => file, - source => $root_readme_source, - * => $chksum, - } - } + file { ['/usr/local', '/usr/local/var']: + ensure => directory, + } - file { ['/usr/local', '/usr/local/var']: - ensure => directory, - } + file { '/usr/local/var/public-repos': + ensure => file, + content => ($public_repos << '').join("\n"), + } - file { '/usr/local/var/public-repos': - ensure => file, - content => ($public_repos << '').join("\n"), + if $manage_server { + if $server_name == undef { + fail('server_name must be set if manage_server is set') } + } - - if $manage_server { - if $server_name == undef { - fail('server_name must be set if manage_server is set') - } + case $manage_server { + 'nginx': { + include cgit::nginx } - - case $manage_server { - 'nginx': { - include ::cgit::nginx - } - default: { - } + default: { } + } } diff --git a/manifests/nginx.pp b/manifests/nginx.pp index 23e6874..b3af3f5 100644 --- a/manifests/nginx.pp +++ b/manifests/nginx.pp @@ -1,25 +1,24 @@ # @summary Manages nginx resources for cgit # @api private class cgit::nginx { - if ($cgit::certname == undef) { nginx::resource::server { 'cgit': - server_name => [ $cgit::server_name, ], + server_name => [$cgit::server_name], access_log => 'absent', error_log => 'absent', index_files => [], - try_files => [ '$uri', '@cgit' ], + try_files => ['$uri', '@cgit'], ssl => false, use_default_location => true, www_root => $cgit::root, } } else { nginx::resource::server { 'cgit': - server_name => [ $cgit::server_name, ], + server_name => [$cgit::server_name], access_log => 'absent', error_log => 'absent', index_files => [], - try_files => [ '$uri', '@cgit' ], + try_files => ['$uri', '@cgit'], ssl => true, ssl_cert => "/etc/letsencrypt/live/${cgit::certname}/fullchain.pem", ssl_key => "/etc/letsencrypt/live/${cgit::certname}/privkey.pem", @@ -47,27 +46,26 @@ class cgit::nginx { ensure => file, content => $cgit::users.map |$user| { [$user['name'], $user['pass']].join(':') - }.join("\n") + }.join("\n"), } # TODO each repo name should be regex-escaped $re = $cgit::public_repos.join('|') nginx::resource::location { "~ ^(/(${re})\\.git/.*)" : - server => 'cgit', - ssl_only => $cgit::certname != undef, - priority => 450, - fastcgi => 'unix:/run/fcgiwrap.socket', - fastcgi_params => 'fastcgi_params', - fastcgi_param => { - 'SCRIPT_FILENAME' => '/usr/lib/git-core/git-http-backend', - 'GIT_PROJECT_ROOT' => $cgit::scan_path, - 'GIT_HTTP_EXPORT_ALL' => '""', - 'PATH_INFO' => '$1', - } + server => 'cgit', + ssl_only => $cgit::certname != undef, + priority => 450, + fastcgi => 'unix:/run/fcgiwrap.socket', + fastcgi_params => 'fastcgi_params', + fastcgi_param => { + 'SCRIPT_FILENAME' => '/usr/lib/git-core/git-http-backend', + 'GIT_PROJECT_ROOT' => $cgit::scan_path, + 'GIT_HTTP_EXPORT_ALL' => '""', + 'PATH_INFO' => '$1', + }, } - nginx::resource::location { '~ (.*\.git/.*)': server => 'cgit', ssl_only => $cgit::certname != undef, @@ -82,7 +80,6 @@ class cgit::nginx { 'GIT_PROJECT_ROOT' => $cgit::scan_path, 'GIT_HTTP_EXPORT_ALL' => '""', 'PATH_INFO' => '$1', - } + }, } - } -- cgit v1.2.3