diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-12 02:26:25 +0100 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-12 02:26:25 +0100 |
| commit | dd28dcf3d620a4ac7d0a1532b812213cf094cd3c (patch) | |
| tree | a3fa8c8ef446de2bcc2f317bceb4bca868f7e0f0 /manifests | |
| parent | Move webdav into profiles. (diff) | |
| download | webdav_server-dd28dcf3d620a4ac7d0a1532b812213cf094cd3c.tar.gz webdav_server-dd28dcf3d620a4ac7d0a1532b812213cf094cd3c.tar.xz | |
Revert "Move webdav into profiles."
It actually reverts the non-need for the nginx module webdav_ext. Since
Omnifocus requires PROPFIND.
This reverts commit edf6ffe8b399679ba28cc5e558a6838919dd1ee8.
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/init.pp | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/manifests/init.pp b/manifests/init.pp new file mode 100644 index 0000000..f1a836c --- /dev/null +++ b/manifests/init.pp @@ -0,0 +1,73 @@ +define webdav_server ( + String $nginx_server, + String $file_path, + String $location = $name, + String $passwd_file = "${file_path}/.htpasswd", + String $owner = 'http', + String $group = 'share', + Array[Array[String,2,2]] $users = [], + Array[String] $dav_methods = ['PUT', 'DELETE', 'MKCOL', 'COPY', 'MOVE'], + Array[String] $dav_ext_methods = ['PROPFIND', 'OPTIONS'], + Hash[String,String] $dav_access = { + 'user' => 'rw', + 'group' => 'rw', + } +) { + + # TODO install this module somehow + # AUR: nginx-mainline-mod-dav-ext + + require ::nginx + + $modname = 'ngx_http_dav_ext_module' + # This assumes that the directory exists, and that + # nginx::include_modules_enabled => true + file { "/etc/nginx/modules-enabled/${modname}.conf": + ensure => file, + content => @("EOF") + load_module /usr/lib/nginx/modules/${modname}.so; + | EOF + } + + $lines = $users.map |$pair| { $pair.join(':') }.join("\n") + + file { + default: + owner => $owner, + group => $group, + ; + $file_path: + ensure => 'directory', + mode => '0770', + recurse => 'false', + ; + $passwd_file: + ensure => 'file', + mode => '0660', + content => @("EOF") + # File managed by puppet + ${lines} + | EOF + ; + } + + nginx::resource::location { $location: + server => $nginx_server, + location_alias => $file_path, + ssl => true, + ssl_only => true, + + auth_basic => 'Enter password for dav access', + auth_basic_user_file => $passwd_file, + + location_cfg_append => { + 'dav_methods' => $dav_methods.join(' '), + 'dav_ext_methods' => $dav_ext_methods.join(' '), + 'dav_access' => $dav_access.map |$k, $v| { "${k}:${v}" }.join(' '), + 'client_body_temp_path' => "${file_path}/tmp", + 'create_full_put_path' => 'on', + 'autoindex' => 'on', + 'allow' => 'all', + } + } +} |