Move elastic-recheck shell account out of /var/run

* manifests/site.pp: Expect the SSH key in /home rather than in /var/run. * modules/elastic_recheck/manifests/init.pp: Change the recheck shell account for elastic-recheck to use a homedir in /home. Change-Id: I43f4a8cdcb803328388b7e92732e5cb9d6acb2a8
2013-09-30 21:44:03 +00:00 · 2013-09-30 21:44:03 +00:00 · fd832de552
commit fd832de552
parent d1bd696b56
2 changed files with 18 additions and 2 deletions
--- a/manifests/site.pp
+++ b/manifests/site.pp
@ -278,7 +278,7 @@ node 'logstash.openstack.org' {
      'elasticsearch6.openstack.org:9200',
    ],
    # Config for elastic-recheck
-    gerrit_ssh_private_key          => '/etc/elastic-recheck/id_rsa',
+    gerrit_ssh_private_key          => '/home/recheck/.ssh/id_rsa',
    gerrit_ssh_private_key_contents => hiera('elastic-recheck_gerrit_ssh_private_key'),
    recheck_bot_nick                => 'openstackrecheck',
    recheck_bot_passwd              => hiera('elastic-recheck_ircbot_password'),
--- a/modules/elastic_recheck/manifests/init.pp
+++ b/modules/elastic_recheck/manifests/init.pp
@ -31,7 +31,7 @@ class elastic_recheck (

  user { 'recheck':
    ensure  => present,
-    home    => '/var/run/elastic-recheck',
+    home    => '/home/recheck',
    shell   => '/bin/false',
    gid     => 'recheck',
    require => Group['recheck'],
@ -115,6 +115,22 @@ class elastic_recheck (
    ],
  }

+  file { '/home/recheck':
+    ensure  => directory,
+    mode    => '0700',
+    owner   => 'recheck',
+    group   => 'recheck',
+    require => User['recheck'],
+  }
+
+  file { '/home/recheck/.ssh':
+    ensure  => directory,
+    mode    => '0700',
+    owner   => 'recheck',
+    group   => 'recheck',
+    require => User['recheck'],
+  }
+
  file { $gerrit_ssh_private_key:
    ensure  => present,
    mode    => '0600',