diff --git a/manifests/dispersion.pp b/manifests/dispersion.pp index 80993320..1c7fd9ab 100644 --- a/manifests/dispersion.pp +++ b/manifests/dispersion.pp @@ -87,8 +87,8 @@ class swift::dispersion ( file { '/etc/swift/dispersion.conf': ensure => file, - owner => 'swift', - group => 'swift', + owner => $::swift::params::user, + group => $::swift::params::group, mode => '0640', } diff --git a/manifests/init.pp b/manifests/init.pp index 3dd1fd78..b650d71b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -68,9 +68,9 @@ class swift( } File { - owner => 'swift', - group => 'swift', - tag => 'swift-file', + owner => $::swift::params::user, + group => $::swift::params::group, + tag => 'swift-file', } file { '/etc/swift': diff --git a/manifests/memcache.pp b/manifests/memcache.pp index a0f6a02b..38d2cc64 100644 --- a/manifests/memcache.pp +++ b/manifests/memcache.pp @@ -75,8 +75,8 @@ class swift::memcache ( file { '/etc/swift/memcache.conf': ensure => file, - owner => 'swift', - group => 'swift', + owner => $::swift::params::user, + group => $::swift::params::group, mode => '0640', } diff --git a/manifests/params.pp b/manifests/params.pp index 90794e9f..23cbd794 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -8,6 +8,8 @@ class swift::params { $client_package = 'python3-swiftclient' $dnspython_pakage_name = 'python3-dnspython' $service_provider = undef + $user = 'swift' + $group = 'swift' case $::osfamily { 'Debian': { diff --git a/manifests/ringserver.pp b/manifests/ringserver.pp index 0595b850..62cc43d6 100644 --- a/manifests/ringserver.pp +++ b/manifests/ringserver.pp @@ -53,8 +53,8 @@ class swift::ringserver( rsync::server::module { 'swift_server': path => '/etc/swift', lock_file => '/var/lock/swift_server.lock', - uid => 'swift', - gid => 'swift', + uid => $::swift::params::user, + gid => $::swift::params::group, max_connections => $max_connections, read_only => true, } diff --git a/manifests/storage/disk.pp b/manifests/storage/disk.pp index b71576e7..f961561b 100644 --- a/manifests/storage/disk.pp +++ b/manifests/storage/disk.pp @@ -70,12 +70,13 @@ define swift::storage::disk( ) { include swift::deps + include swift::params if(!defined(File[$mnt_base_dir])) { file { $mnt_base_dir: ensure => directory, - owner => 'swift', - group => 'swift', + owner => $::swift::params::user, + group => $::swift::params::group, require => Anchor['swift::config::begin'], before => Anchor['swift::config::end'], } diff --git a/manifests/storage/generic.pp b/manifests/storage/generic.pp index 79377c4e..99d33120 100644 --- a/manifests/storage/generic.pp +++ b/manifests/storage/generic.pp @@ -58,8 +58,8 @@ define swift::storage::generic( file { "/etc/swift/${name}-server/": ensure => directory, - owner => 'swift', - group => 'swift', + owner => $::swift::params::user, + group => $::swift::params::group, tag => 'swift-file', } diff --git a/manifests/storage/loopback.pp b/manifests/storage/loopback.pp index 7870ce70..8d16822b 100644 --- a/manifests/storage/loopback.pp +++ b/manifests/storage/loopback.pp @@ -39,6 +39,7 @@ define swift::storage::loopback( ) { include swift::deps + include swift::params if(!defined(File[$base_dir])) { file { $base_dir: @@ -51,8 +52,8 @@ define swift::storage::loopback( if(!defined(File[$mnt_base_dir])) { file { $mnt_base_dir: ensure => directory, - owner => 'swift', - group => 'swift', + owner => $::swift::params::user, + group => $::swift::params::group, require => Anchor['swift::config::begin'], before => Anchor['swift::config::end'], } diff --git a/manifests/storage/mount.pp b/manifests/storage/mount.pp index ee5f9443..1f45dba8 100644 --- a/manifests/storage/mount.pp +++ b/manifests/storage/mount.pp @@ -29,6 +29,7 @@ define swift::storage::mount( ) { include swift::deps + include swift::params if($loopback){ $options = 'noatime,nodiratime,nofail,loop' @@ -46,8 +47,8 @@ define swift::storage::mount( # needs to exist file { "${mnt_base_dir}/${name}": ensure => directory, - owner => 'swift', - group => 'swift', + owner => $::swift::params::user, + group => $::swift::params::group, require => Anchor['swift::config::begin'], before => Anchor['swift::config::end'], } diff --git a/manifests/storage/node.pp b/manifests/storage/node.pp index 765be811..90275333 100644 --- a/manifests/storage/node.pp +++ b/manifests/storage/node.pp @@ -24,11 +24,11 @@ # # [*owner*] # (optional) Owner (uid) of rsync server. -# Defaults to 'swift'. +# Defaults to $::swift::params::user. # # [*group*] # (optional) Group (gid) of rsync server. -# Defaults to 'swift'. +# Defaults to $::swift::params::group. # # [*max_connections*] # (optional) maximum number of simultaneous connections allowed. @@ -44,12 +44,12 @@ define swift::storage::node( $mnt_base_dir, $zone, - $weight = 1, - $owner = 'swift', - $group = 'swift', - $max_connections = 25, + $weight = 1, + $owner = undef, + $group = undef, + $max_connections = 25, $storage_local_net_ip = '127.0.0.1', - $policy_index = undef, + $policy_index = undef, ) { include swift::deps @@ -61,8 +61,8 @@ define swift::storage::node( storage_local_net_ip => $storage_local_net_ip, devices => $mnt_base_dir, max_connections => $max_connections, - owner => $owner, - group => $group, + owner => pick($owner, $::swift::params::user), + group => pick($group, $::swift::params::group), } swift::storage::server { "60${name}0": diff --git a/manifests/storage/server.pp b/manifests/storage/server.pp index 27a62820..f60a234d 100644 --- a/manifests/storage/server.pp +++ b/manifests/storage/server.pp @@ -20,11 +20,11 @@ # # [*owner*] # (optional) Owner (uid) of rsync server. -# Defaults to 'swift'. +# Defaults to $::swift::params::user. # # [*group*] # (optional) Group (gid) of rsync server. -# Defaults to 'swift'. +# Defaults to $::swift::params::group. # # [*max_connections*] # (optional) maximum number of simultaneous connections allowed. @@ -57,7 +57,7 @@ # # [*user*] # (optional) User to run as -# Defaults to 'swift'. +# Defaults to $::swift::params::user. # # [*workers*] # (optional) Override the number of pre-forked workers that will accept @@ -201,15 +201,15 @@ define swift::storage::server( $type, $storage_local_net_ip, $devices = '/srv/node', - $owner = 'swift', - $group = 'swift', + $owner = undef, + $group = undef, $incoming_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r', $outgoing_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r', $max_connections = 25, $pipeline = ["${type}-server"], $mount_check = true, $servers_per_port = 0, - $user = 'swift', + $user = undef, $workers = $::os_workers, $replicator_concurrency = 1, $replicator_interval = 30, @@ -245,9 +245,12 @@ define swift::storage::server( $container_sharder_interval = 30, # DEPRECATED PARAMETERS $allow_versions = undef, -) { +){ include swift::deps + include swift::params + + $user_real = pick($user, $::swift::params::user) if $allow_versions != undef { warning('The allow_versions parameter is deprecated and will be removed in a future release') @@ -285,8 +288,8 @@ define swift::storage::server( rsync::server::module { $type: path => $devices, lock_file => "/var/lock/${type}.lock", - uid => $owner, - gid => $group, + uid => pick($owner, $::swift::params::user), + gid => pick($group, $::swift::params::group), incoming_chmod => $incoming_chmod, outgoing_chmod => $outgoing_chmod, max_connections => $max_connections, @@ -294,8 +297,8 @@ define swift::storage::server( } concat { "/etc/swift/${config_file_path}": - owner => $owner, - group => $group, + owner => pick($owner, $::swift::params::user), + group => pick($group, $::swift::params::group), notify => Anchor['swift::config::end'], require => Anchor['swift::install::end'], tag => 'swift-concat', diff --git a/manifests/storage/xfs.pp b/manifests/storage/xfs.pp index fda02f36..8c8b9bad 100644 --- a/manifests/storage/xfs.pp +++ b/manifests/storage/xfs.pp @@ -50,6 +50,7 @@ define swift::storage::xfs( ) { include swift::deps + include swift::params include swift::xfs if $device == '' { @@ -74,8 +75,8 @@ define swift::storage::xfs( if(!defined(File[$mnt_base_dir])) { file { $mnt_base_dir: ensure => directory, - owner => 'swift', - group => 'swift', + owner => $::swift::params::user, + group => $::swift::params::group, require => Anchor['swift::config::begin'], before => Anchor['swift::config::end'], } diff --git a/spec/defines/swift_storage_mount_spec.rb b/spec/defines/swift_storage_mount_spec.rb index 2cc30df2..1cc8e1e1 100644 --- a/spec/defines/swift_storage_mount_spec.rb +++ b/spec/defines/swift_storage_mount_spec.rb @@ -1,8 +1,6 @@ require 'spec_helper' describe 'swift::storage::mount' do - # TODO add unit tests - let :title do 'dans_mount_point' end @@ -44,16 +42,16 @@ describe 'swift::storage::mount' do } end - let :facts do - { + before do + facts.merge!({ :selinux => 'true', - } + }) end it { is_expected.to contain_exec("restorecon_mount_dans_mount_point").with( - {:command => "restorecon /srv/node/dans_mount_point", - :path => ['/usr/sbin', '/sbin'], - :refreshonly => true} + :command => "restorecon /srv/node/dans_mount_point", + :path => ['/usr/sbin', '/sbin'], + :refreshonly => true )} end end diff --git a/templates/account-server.conf.erb b/templates/account-server.conf.erb index d4fa2a78..bdf49647 100644 --- a/templates/account-server.conf.erb +++ b/templates/account-server.conf.erb @@ -3,7 +3,7 @@ devices = <%= @devices %> bind_ip = <%= @storage_local_net_ip %> bind_port = <%= @bind_port %> mount_check = <%= @mount_check %> -user = <%= @user %> +user = <%= @user_real %> workers = <%= @workers %> log_name = <%= @log_name %> log_facility = <%= @log_facility %> diff --git a/templates/container-server.conf.erb b/templates/container-server.conf.erb index cfc17b46..8f19991f 100644 --- a/templates/container-server.conf.erb +++ b/templates/container-server.conf.erb @@ -3,7 +3,7 @@ devices = <%= @devices %> bind_ip = <%= @storage_local_net_ip %> bind_port = <%= @bind_port %> mount_check = <%= @mount_check %> -user = <%= @user %> +user = <%= @user_real %> log_name = <%= @log_name %> log_facility = <%= @log_facility %> log_level = <%= @log_level %> diff --git a/templates/object-server.conf.erb b/templates/object-server.conf.erb index 6b1b979f..efb95b8a 100644 --- a/templates/object-server.conf.erb +++ b/templates/object-server.conf.erb @@ -4,7 +4,7 @@ bind_ip = <%= @storage_local_net_ip %> bind_port = <%= @bind_port %> mount_check = <%= @mount_check %> servers_per_port = <%= @servers_per_port %> -user = <%= @user %> +user = <%= @user_real %> log_name = <%= @log_name %> log_facility = <%= @log_facility %> log_level = <%= @log_level %>