From 96daffc9798c8afcae5de49b386cb8483909f071 Mon Sep 17 00:00:00 2001
From: Georg Pfuetzenreuter
Date: Sun, 12 Mar 2023 17:01:00 +0100
Subject: Add privatebin profile+role

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
---
 salt/profile/privatebin/init.sls | 55 ++++++++++++++++++++++++++++++++++++++++
 salt/role/privatebin.sls         |  4 +++
 2 files changed, 59 insertions(+)
 create mode 100644 salt/profile/privatebin/init.sls
 create mode 100644 salt/role/privatebin.sls

diff --git a/salt/profile/privatebin/init.sls b/salt/profile/privatebin/init.sls
new file mode 100644
index 0000000..7b9c036
--- /dev/null
+++ b/salt/profile/privatebin/init.sls
@@ -0,0 +1,55 @@
+{%- set mypillar = salt['pillar.get']('profile:privatebin', {}) -%}
+{%- set confdir = '/etc/PrivateBin' -%}
+{%- set configfile = confdir ~ '/conf.php' -%}
+
+privatebin_packages:
+  pkg.installed:
+    - names:
+      - PrivateBin-config-httpd
+
+privatebin_clean:
+  file.directory:
+    - name: {{ confdir }}
+    - clean: True
+    - onchanges:
+      - pkg: privatebin_packages
+    - require:
+      - pkg: privatebin_packages
+
+{%- if mypillar | length %}
+{{ configfile }}:
+  ini.options_present:
+    - separator: '='
+    - strict: True
+    - sections:
+        {%- macro conf(section, options) %}
+        {%- for option in options.keys() -%}
+        {%- if mypillar[section][option] is string and mypillar[section][option].startswith('$') or mypillar[section][option] is number %}
+        {%- set value = mypillar[section][option] -%}
+        {%- else %}
+        {%- set value = mypillar[section][option] | quote -%}
+        {%- endif %}
+          {{ option }}: {{ value }}
+        {%- endfor -%}
+        {%- endmacro %}
+        {%- for section, options in mypillar.items() %}
+        {{ section }}:
+          {{ conf(section, options) }}
+        {%- endfor %}
+    - require:
+      - pkg: privatebin_packages
+    - watch:
+      - file: privatebin_clean
+    - watch_in:
+      - file: privatebin_permissions
+{%- endif %}
+
+privatebin_permissions:
+  file.managed:
+    - mode: '0640'
+    - user: wwwrun
+    - group: privatebin
+    - names:
+      - {{ configfile }}
+    - require:
+      - pkg: privatebin_packages
diff --git a/salt/role/privatebin.sls b/salt/role/privatebin.sls
new file mode 100644
index 0000000..ec8581d
--- /dev/null
+++ b/salt/role/privatebin.sls
@@ -0,0 +1,4 @@
+include:
+  - role.web.apache-httpd
+  - profile.privatebin
+  - php.fpm
-- 
cgit v1.2.3