path: root/modules/shiori/manifests
diff options
authorHugo Hörnquist <>2021-09-28 04:16:03 +0200
committerHugo Hörnquist <>2021-09-28 04:16:03 +0200
commite62ccde573c969a16cee5e54cf8b8442b3936eb8 (patch)
tree4bf38ee742afd095ddba0a2c5c0abb7988f41576 /modules/shiori/manifests
parentAdd group profiles. (diff)
Configure shiori.
Diffstat (limited to 'modules/shiori/manifests')
1 files changed, 97 insertions, 0 deletions
diff --git a/modules/shiori/manifests/init.pp b/modules/shiori/manifests/init.pp
new file mode 100644
index 0000000..a8622e8
--- /dev/null
+++ b/modules/shiori/manifests/init.pp
@@ -0,0 +1,97 @@
+class shiori (
+ $port = 8080,
+ Array[String] $group_members = [],
+ Optional[Hash] $nginx = undef,
+) {
+ # on arch this is available through the aur
+ package { 'shiori-bin':
+ ensure => installed,
+ }
+ user { 'shiori':
+ ensure => present,
+ system => true,
+ home => '/var/www/shiori',
+ }
+ group { 'shiori':
+ ensure => present,
+ members => $group_members,
+ }
+ file { '/var/www/shiori':
+ ensure => directory,
+ owner => shiori,
+ group => shiori,
+ mode => '0750',
+ }
+ file { [
+ '/var/www/shiori/archive',
+ '/var/www/shiori/thumb',
+ ] :
+ ensure => directory,
+ owner => shiori,
+ group => shiori,
+ mode => '0770',
+ }
+ file { '/var/www/shiori/shiori.db':
+ owner => 'shiori',
+ group => 'shiori',
+ mode => '0660',
+ }
+ file { '/etc/systemd/system/shiori.service':
+ ensure => file,
+ source => 'puppet:///modules/shiori/shiori.service',
+ }
+ file { '/etc/conf.d/shiori':
+ ensure => 'file',
+ content => @("EOF")
+ # This file is managed by Puppet.
+ # Editing it might also lead to inconsistencies with nginx
+ PORT=${port}
+ | EOF
+ }
+ service { 'shiori':
+ ensure => running,
+ enable => true,
+ require => [
+ File['/etc/systemd/system/shiori.service'],
+ File['/etc/conf.d/shiori'],
+ ],
+ }
+ # TODO only run this if Class['profiles::group_profile'] is loaded
+ file { '/etc/profile.d/group.d/shiori':
+ ensure => file,
+ content => "export SHIORI_DIR=/var/www/shiori\n",
+ }
+ if ($nginx) {
+ $certname = $nginx['certname']
+ nginx::resource::server { $nginx['server_name']:
+ ipv6_enable => true,
+ ipv6_listen_options => '',
+ ssl => true,
+ ssl_redirect => true,
+ ssl_cert => "/etc/letsencrypt/live/${certname}/fullchain.pem",
+ ssl_key => "/etc/letsencrypt/live/${certname}/privkey.pem",
+ www_root => '/var/www/shiori',
+ use_default_location => false,
+ }
+ nginx::resource::location { 'shiori /':
+ location => '/',
+ proxy => "http://[::]:$port",
+ index_files => [],
+ ssl => true,
+ ssl_only => true,
+ server => $nginx['server_name'],
+ }
+ }