jlgreer/gist:912610

## gistfile1.txt
################################################################################
#
# Administers version control (Subversion) for Cfengine 3
#
################################################################################

bundle agent cfgMgtVcs {

vars:

  "fileserver"      slist => { @(var.fileserver) };
  "masterfiles"    string => "$(var.masterfiles)";
  "secrets"        string => "/var/cfengine/masterfiles/dcsunix/cfgMgtVcs/pri";
  "prefix"         string => "/var/cfengine/masterfiles/dcsunix/cfgMgtVcs/pub";

  "svn_sticky_dirs" slist => { "httpdincludes", "repos", "svnacls", "svnlogs" };
  "repo_store"     string => "/data01/svn";
  "dav_cfg_dir"    string => "$(repo_store)/httpdincludes";
  "svn_acl_dir"    string => "$(repo_store)/svnacls";
  #"repositories"    slist => { "cf3unixsys", "cf3dcsunix", "cf3shared", "foobar" };
  "repositories"    slist => { "baz", "cf3shared", "foobar" };

classes:

  CfgMgtVcs::

    "repository_exists" expression => fileexists("$(repo_store)/repos/$(repositories)");

    "chkconfig_httpd_on" expression =>
      returnszero("/sbin/chkconfig --level 3 httpd", "noshell");

reports:

  repository_exists::

    "repository exists: $(repositories)";

files:

  CfgMgtVcs::

    "$(repo_store)/."
      create => "true",
      perms  => mode_owner_group("0755", "svn", "svn"),
      action => actionsettings_fix_inform("inform");

    "$(repo_store)/$(svn_sticky_dirs)/."
      create => "true",
      perms  => mode_owner_group("2755", "svn", "svn"),
      action => actionsettings_fix_inform("inform");

    "/etc/httpd/conf.d/auth_ldap.conf"
      perms     => mode_owner_group("0644", "root", "root"),
      copy_from => copy_std("$(secrets)/etc/httpd/conf.d/auth_ldap.conf",
          "@(fileserver)", "false", "timestamp"),
      classes   => if_repaired("httpd_reload"),
      action    => actionsettings_fix_inform("inform");

    "$(dav_cfg_dir)/cfgmgtsvn-prd-$(repositories).conf"
      perms         => mode_owner_group("0444", "svn", "svn"),
      create        => "true",
      edit_line     => template("$(prefix)/$(dav_cfg_dir)/master.conf",
        "__repository__", "$(repositories)"),
      edit_defaults => empty,
      classes       => if_repaired("httpd_reload"),
      action        => actionsettings_fix_inform("inform");

    "/etc/httpd/conf/httpd.conf"
      perms     => mode_owner_group("0644", "root", "root"),
      copy_from => copy_std("$(prefix)/etc/httpd/conf/httpd.conf",
          "@(fileserver)", "false", "timestamp"),
      classes   => if_repaired("httpd_reload"),
      action    => actionsettings_fix_inform("inform");

    "$(svn_acl_dir)"
      copy_from    => copy_std("$(prefix)/$(svn_acl_dir)",
        "$(fileserver)", "false", "timestamp"),
      depth_search => searchsettings_exclude("inf", "/.*/.svn", "false"),
      file_select  => files_matching_not_leaf("@(var.rcs_metadata)",
        "@(var.filetype_all)"),
      classes      => if_repaired("httpd_reload"),
      perms        => mode_owner_group("0644", "svn", "svn"),
      action       => actionsettings_fix_inform("inform");

commands:


  # Careful here - negated class.  Make sure it's protected by compoounding it with
  # classes that apply to this case
  CfgMgtVcs.!chkconfig_httpd_on::
    "/sbin/chkconfig httpd on"
      contain => container_std("root", false),
      action  => actionsettings_fix_inform_noisylogs("inform");

  # move this to main
  CfgMgtVcs.httpd_reload::

    "/etc/init.d/httpd reload"
      contain => container_std("root", true),
      action  => actionsettings_fix_inform("verbose");


  CfgMgtVcs.!repository_exists::

    # Revisit this - having "repos" hardcoded here is kind of ugly, but
    # I've already got a repo_storevariable.  Putting this name under my
    # pillow and hoping the fairy turns it into a dollar.
    "/usr/bin/svnadmin create $(repo_store)/repos/$(repositories) && /usr/bin/svn mkdir -m 'initial setup' file://$(repo_store)/repos/testrepo/{trunk,branches,tags}"
      contain => container_std("svn", true),
      action  => actionsettings_fix_inform("verbose");

  CfgMgtVcs::

    "/usr/bin/yum -y install httpd"
        contain => container_std("root", true),
        action  => actionsettings( "fix", "720", "2", "inform", "false", "false", "inform");

    "/usr/bin/yum -y install mod_dav_svn"
        contain => container_std("root", true),
        action  => actionsettings( "fix", "720", "2", "inform", "false", "false", "inform");

    "/usr/bin/yum -y install mod_ssl"
        contain => container_std("root", true),
        action  => actionsettings( "fix", "720", "2", "inform", "false", "false", "inform");

}


# Lifted from reference guide
body replace_with value(x)
{
replace_value => "$(x)";
occurrences => "all";
}

# Simple proof of concept for templatization
bundle edit_line template(templatefile, search, replace)

{

insert_lines:

 "$(templatefile)"

   insert_type     => "file",
   comment         => "Expand variables in the template file";
   # This appears only to work for Cfengine special variables?
   # expand_scalars => "true";

replace_patterns:

  "$(search)"
    replace_with => value("$(replace)");

}

body edit_defaults empty

{
empty_file_before_editing => "true";
edit_backup => "false";
max_file_size => "300000";
}

bundle edit_line search_replace(search, replace) {

replace_patterns:

    "$(search)"

          replace_with => replace_std("$(replace)");
}


body replace_with replace_std(value) {

replace_value => "$(value)";
occurrences => "all";

}
	################################################################################
	#
	# Administers version control (Subversion) for Cfengine 3
	#
	################################################################################

	bundle agent cfgMgtVcs {

	vars:

	"fileserver" slist => { @(var.fileserver) };
	"masterfiles" string => "$(var.masterfiles)";
	"secrets" string => "/var/cfengine/masterfiles/dcsunix/cfgMgtVcs/pri";
	"prefix" string => "/var/cfengine/masterfiles/dcsunix/cfgMgtVcs/pub";

	"svn_sticky_dirs" slist => { "httpdincludes", "repos", "svnacls", "svnlogs" };
	"repo_store" string => "/data01/svn";
	"dav_cfg_dir" string => "$(repo_store)/httpdincludes";
	"svn_acl_dir" string => "$(repo_store)/svnacls";
	#"repositories" slist => { "cf3unixsys", "cf3dcsunix", "cf3shared", "foobar" };
	"repositories" slist => { "baz", "cf3shared", "foobar" };

	classes:

	CfgMgtVcs::

	"repository_exists" expression => fileexists("$(repo_store)/repos/$(repositories)");

	"chkconfig_httpd_on" expression =>
	returnszero("/sbin/chkconfig --level 3 httpd", "noshell");

	reports:

	repository_exists::

	"repository exists: $(repositories)";

	files:

	CfgMgtVcs::

	"$(repo_store)/."
	create => "true",
	perms => mode_owner_group("0755", "svn", "svn"),
	action => actionsettings_fix_inform("inform");

	"$(repo_store)/$(svn_sticky_dirs)/."
	create => "true",
	perms => mode_owner_group("2755", "svn", "svn"),
	action => actionsettings_fix_inform("inform");

	"/etc/httpd/conf.d/auth_ldap.conf"
	perms => mode_owner_group("0644", "root", "root"),
	copy_from => copy_std("$(secrets)/etc/httpd/conf.d/auth_ldap.conf",
	"@(fileserver)", "false", "timestamp"),
	classes => if_repaired("httpd_reload"),
	action => actionsettings_fix_inform("inform");

	"$(dav_cfg_dir)/cfgmgtsvn-prd-$(repositories).conf"
	perms => mode_owner_group("0444", "svn", "svn"),
	create => "true",
	edit_line => template("$(prefix)/$(dav_cfg_dir)/master.conf",
	"__repository__", "$(repositories)"),
	edit_defaults => empty,
	classes => if_repaired("httpd_reload"),
	action => actionsettings_fix_inform("inform");

	"/etc/httpd/conf/httpd.conf"
	perms => mode_owner_group("0644", "root", "root"),
	copy_from => copy_std("$(prefix)/etc/httpd/conf/httpd.conf",
	"@(fileserver)", "false", "timestamp"),
	classes => if_repaired("httpd_reload"),
	action => actionsettings_fix_inform("inform");

	"$(svn_acl_dir)"
	copy_from => copy_std("$(prefix)/$(svn_acl_dir)",
	"$(fileserver)", "false", "timestamp"),
	depth_search => searchsettings_exclude("inf", "/.*/.svn", "false"),
	file_select => files_matching_not_leaf("@(var.rcs_metadata)",
	"@(var.filetype_all)"),
	classes => if_repaired("httpd_reload"),
	perms => mode_owner_group("0644", "svn", "svn"),
	action => actionsettings_fix_inform("inform");

	commands:


	# Careful here - negated class. Make sure it's protected by compoounding it with
	# classes that apply to this case
	CfgMgtVcs.!chkconfig_httpd_on::
	"/sbin/chkconfig httpd on"
	contain => container_std("root", false),
	action => actionsettings_fix_inform_noisylogs("inform");

	# move this to main
	CfgMgtVcs.httpd_reload::

	"/etc/init.d/httpd reload"
	contain => container_std("root", true),
	action => actionsettings_fix_inform("verbose");



	CfgMgtVcs.!repository_exists::

	# Revisit this - having "repos" hardcoded here is kind of ugly, but
	# I've already got a repo_storevariable. Putting this name under my
	# pillow and hoping the fairy turns it into a dollar.
	"/usr/bin/svnadmin create $(repo_store)/repos/$(repositories) && /usr/bin/svn mkdir -m 'initial setup' file://$(repo_store)/repos/testrepo/{trunk,branches,tags}"
	contain => container_std("svn", true),
	action => actionsettings_fix_inform("verbose");

	CfgMgtVcs::

	"/usr/bin/yum -y install httpd"
	contain => container_std("root", true),
	action => actionsettings( "fix", "720", "2", "inform", "false", "false", "inform");

	"/usr/bin/yum -y install mod_dav_svn"
	contain => container_std("root", true),
	action => actionsettings( "fix", "720", "2", "inform", "false", "false", "inform");

	"/usr/bin/yum -y install mod_ssl"
	contain => container_std("root", true),
	action => actionsettings( "fix", "720", "2", "inform", "false", "false", "inform");

	}



	# Lifted from reference guide
	body replace_with value(x)
	{
	replace_value => "$(x)";
	occurrences => "all";
	}

	# Simple proof of concept for templatization
	bundle edit_line template(templatefile, search, replace)

	{

	insert_lines:

	"$(templatefile)"

	insert_type => "file",
	comment => "Expand variables in the template file";
	# This appears only to work for Cfengine special variables?
	# expand_scalars => "true";

	replace_patterns:

	"$(search)"
	replace_with => value("$(replace)");

	}

	body edit_defaults empty

	{
	empty_file_before_editing => "true";
	edit_backup => "false";
	max_file_size => "300000";
	}

	bundle edit_line search_replace(search, replace) {

	replace_patterns:

	"$(search)"

	replace_with => replace_std("$(replace)");
	}


	body replace_with replace_std(value) {

	replace_value => "$(value)";
	occurrences => "all";

	}