1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
# Sets up a syncthing node, available to the net.
# Doesn't configure reverse proxies or firewalls.
# Also doesn't manage devices or folders in the instance. Those are
# currently seen as program state
class profiles::syncthing (
Array[String] $enable_for = [],
) {
class { 'syncthing':
manage_repo => $::osfamily == 'Debian',
service_type => 'systemd',
}
systemd::dropin_file { 'nospam.conf':
ensure => absent,
unit => 'syncthing@.service',
content => @(EOF)
[Service]
ExecStart=
ExecStart=/bin/bash -c 'set -o pipefail; /usr/bin/syncthing -no-browser -no-restart -logflags=0 | grep -v "INFO: "'
| EOF
}
$enable_for.map |$user| {
# TODO create deferred function returning passwd entries
# {{{ruby
# require 'etc'
# Etc.getpwnam('hugo')
# }}}
# {{{
# => #<struct Etc::Passwd name="hugo", passwd="x",
# uid=1000, gid=1000,
# gecos="Hugo Hörnquist",
# dir="/home/hugo", shell="/bin/bash">
# }}}
$home = "/home/${user}"
$conf_dir = "/home/${user}/.config/syncthing"
syncthing::instance { $user:
home_path => $conf_dir,
daemon_uid => $user,
gui => true,
gui_tls => false,
gui_address => '[::]',
# TODO ldap
gui_port => 8384,
options => {
'startBrowser' => 'false',
}
# defaults
}
# ensure_packages(['syncthing-gtk-python3'])
}
}
|