1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
class profiles::syncthing (
$data,
Array[String] $enable_for = [],
) {
case $facts['osfamily'] {
'Debian': {
file { '/etc/apt/trusted.gpg.d/syncthing.gpg':
ensure => file,
source => 'https://syncthing.net/release-key.gpg',
checksum => 'sha256',
checksum_value => 'a3806c3511f2cce3d2f12962f64b58b9192a15c9d862886cc46f9de8a25d7dbf',
}
ensure_resource(exec, { 'apt update' => { refreshonly => true }})
file { '/etc/apt/sources.list.d/syncthing.list':
content => "deb https://apt.syncthing.net/ syncthing stable\n",
# TODO more general way to add apt repos
notify => Exec['apt update'],
before => Package['syncthing']
}
}
}
package { 'syncthing':
ensure => installed
}
systemd::dropin_file { 'nospam.conf':
unit => 'syncthing@.service',
content => @(EOF)
[Service]
ExecStart=
ExecStart=/bin/bash -c 'set -o pipefail; /usr/bin/syncthing -no-browser -no-restart -logflags=0 | grep -v "INFO: "'
| EOF
}
$enable_for.map |$user| {
user { $user:
home => "/home/${user}",
managehome => true,
}
$dir = "/home/${user}/.config/syncthing"
file { "/home/${user}/.config":
ensure => directory,
owner => $user,
group => $user,
}
exec { "/usr/bin/syncthing -generate='${dir}'":
user => $user,
creates => $dir,
}
# service { "syncthing@${user}":
# enable => true,
# }
augeas { 'syncthing_config':
context => "/files/home/${user}.config/syncthing/config.xml/configuration",
changes => [
'set gui/#attribute/enabled false',
],
}
}
# TODO manage synced data
}
|