OP#414 add user control

2026-02-04 10:55:41 +01:00
parent 9899e62739
commit f516107df6
8 changed files with 38 additions and 15 deletions
--- a/README.md
+++ b/README.md
@@ -23,6 +23,7 @@ Installation

 Configuration

+- install required system user
 - manage directory structure 
 - manage configuration files 
  - file system permissions
--- a/manifests/firewall/iptables.pp
+++ b/manifests/firewall/iptables.pp
@@ -6,7 +6,7 @@
 class confdroid_gitea::firewall::iptables (

 ) inherits confdroid_gitea::params {
-  if $ga_use_firewall == true {
+  if ($ga_use_firewall == true) and ($ga_host_fqdn == $fqdn) {
    firewall { "${ga_order_prefix}${ga_http_port} allow gitea http port ${ga_http_port}":
      proto => 'tcp',
      dport => $ga_http_port,
--- a/manifests/main/dirs.pp
+++ b/manifests/main/dirs.pp
@@ -6,5 +6,5 @@
 class confdroid_gitea::main::dirs (

 ) inherits confdroid_gitea::params {
-  require confdroid_gitea::main::files
+  require confdroid_gitea::main::user
 }
--- a/manifests/main/files.pp
+++ b/manifests/main/files.pp
@@ -6,5 +6,15 @@
 class confdroid_gitea::main::files (

 ) inherits confdroid_gitea::params {
-  require confdroid_gitea::main::user
+  if $ga_host_fqdn == $fqdn {
+    require confdroid_gitea::main::dirs
+
+    file { "${ga_working_dir}/gitea":
+      ensure => 'file',
+      mode   => '0755',
+      owner  => $ga_user,
+      group  => $ga_user,
+      source => "${ga_dl_url}/gitea/${ga_dl_version}/gitea-${ga_dl_version}-linux-amd64",
+    }
+  }
 }
--- a/manifests/main/install.pp
+++ b/manifests/main/install.pp
@@ -1,9 +0,0 @@
-## confdroid_gitea::main::install.pp
-# Module name: confdroid_gitea
-# Author: 12ww1160 (12ww1160@confdroid.com)
-# @summary manages the installation for the confdroid_gitea Puppet module.
-##############################################################################
-class confdroid_gitea::main::install (
-
-) inherits confdroid_gitea::params {
-}
--- a/manifests/main/service.pp
+++ b/manifests/main/service.pp
@@ -6,6 +6,8 @@
 class confdroid_gitea::main::service (

 ) inherits confdroid_gitea::params {
-  require confdroid_gitea::firewall::iptables
-  require confdroid_gitea::main::dirs
+  if  $ga_host_fqdn == $fqdn {
+    require confdroid_gitea::firewall::iptables
+    require confdroid_gitea::main::files
+  }
 }
--- a/manifests/main/user.pp
+++ b/manifests/main/user.pp
@@ -6,5 +6,12 @@
 class confdroid_gitea::main::user (

 ) inherits confdroid_gitea::params {
-  require confdroid_gitea::main::install
+  if $ga_host_fqdn == $fqdn {
+    user { $ga_user:
+      ensure     => 'present',
+      managehome => true,
+      shell      => '/bin/false',
+      system     => true,
+    }
+  }
 }
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -6,9 +6,21 @@
 # @param [String] ga_http_port The main port number for Gitea.
 # @param [String] ga_ssh_port The SSH port number for Gitea.
 # @param [String] ga_order_prefix The order prefix for firewall rules.
+# @param [String] ga_host_fqdn The FQDN for the Gitea host. 
+# @param [String] ga_working_dir The working directory for Gitea.
+# @param [String] ga_dl_url The download URL for Gitea.
+# @param [String] ga_dl_version The version of Gitea to download.
+# @param [String] ga_user The system user for Gitea.
 ##############################################################################
 class confdroid_gitea::params (

+  # main
+  String $ga_host_fqdn    = 'gitea.example.net',
+  String $ga_working_dir  = '/opt/gitea',
+  String $ga_dl_url       = 'https://dl.gitea.com/gitea',
+  String $ga_dl_version   = '1.25.4',
+  String $ga_user         = 'git',
+
  # firewall
  Boolean $ga_use_firewall  = true,
  String $ga_http_port      = '3000',