diff --git a/.rubocop.yml b/.rubocop.yml index 738e409..549805a 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -4,7 +4,7 @@ AllCops: Exclude: - 'pkg/**/*' - 'vendor/**/*' - TargetRubyVersion: 2.0 + TargetRubyVersion: 2.2 Metrics/BlockLength: Exclude: diff --git a/Gemfile.lock b/Gemfile.lock index 15ed9f0..a159b17 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,10 +1,10 @@ GEM remote: https://rubygems.org/ specs: - CFPropertyList (2.3.5) + CFPropertyList (2.3.6) addressable (2.5.2) public_suffix (>= 2.0.2, < 4.0) - ast (2.3.0) + ast (2.4.0) aws-sdk-v1 (1.67.0) json (~> 1.4) nokogiri (~> 1) @@ -32,12 +32,12 @@ GEM unf (~> 0.1) beaker-hiera (0.1.1) stringify-hash (~> 0.0.0) - beaker-hostgenerator (1.1.1) + beaker-hostgenerator (1.1.7) deep_merge (~> 1.0) stringify-hash (~> 0.0.0) beaker-puppet_install_helper (0.7.1) beaker (>= 2.0) - beaker-rspec (6.2.1) + beaker-rspec (6.2.3) beaker (~> 3.0) rspec (~> 3.0) serverspec (~> 2) @@ -52,20 +52,20 @@ GEM typhoeus (~> 1.0, >= 1.0.1) declarative (0.0.10) declarative-option (0.1.0) - deep_merge (1.1.1) + deep_merge (1.2.1) diff-lcs (1.3) docile (1.1.5) - docker-api (1.33.6) - excon (>= 0.38.0) - json - ethon (0.10.1) + docker-api (1.34.0) + excon (>= 0.47.0) + multi_json + ethon (0.11.0) ffi (>= 1.3.0) - excon (0.59.0) + excon (0.60.0) facter (2.5.1) - faraday (0.13.1) + faraday (0.14.0) multipart-post (>= 1.2, < 3) - fast_gettext (1.1.0) - ffi (1.9.18) + fast_gettext (1.1.2) + ffi (1.9.23) fission (0.5.0) CFPropertyList (~> 2.2) fog (1.41.0) @@ -110,12 +110,12 @@ GEM fog-atmos (0.1.0) fog-core fog-xml - fog-aws (1.4.1) + fog-aws (2.0.1) fog-core (~> 1.38) fog-json (~> 1.0) fog-xml (~> 0.1) ipaddress (~> 0.8) - fog-brightbox (0.13.0) + fog-brightbox (0.14.0) fog-core (~> 1.22) fog-json inflecto (~> 0.0.2) @@ -157,17 +157,17 @@ GEM fog-json (1.0.2) fog-core (~> 1.0) multi_json (~> 1.10) - fog-local (0.4.0) - fog-core (~> 1.27) - fog-openstack (0.1.21) - fog-core (>= 1.40) + fog-local (0.5.0) + fog-core (>= 1.27, < 3.0) + fog-openstack (0.1.24) + fog-core (~> 1.40) fog-json (>= 1.0) ipaddress (>= 0.8) fog-powerdns (0.1.1) fog-core (~> 1.27) fog-json (~> 1.0) fog-xml (~> 0.1) - fog-profitbricks (4.0.0) + fog-profitbricks (4.1.1) fog-core (~> 1.42) fog-json (~> 1.0) fog-rackspace (0.1.5) @@ -204,7 +204,7 @@ GEM fog-voxel (0.1.0) fog-core fog-xml - fog-vsphere (1.13.1) + fog-vsphere (2.0.0) fog-core rbvmomi (~> 1.9) fog-xenserver (0.3.0) @@ -214,29 +214,22 @@ GEM fog-core nokogiri (>= 1.5.11, < 2.0.0) formatador (0.2.5) - gettext (3.2.4) - locale (>= 2.0.5) - text (>= 1.3.0) - gettext-setup (0.28) - fast_gettext (~> 1.1.0) - gettext (>= 3.0.2) - locale - google-api-client (0.14.5) + google-api-client (0.19.8) addressable (~> 2.5, >= 2.5.1) - googleauth (~> 0.5) + googleauth (>= 0.5, < 0.7.0) httpclient (>= 2.8.1, < 3.0) mime-types (~> 3.0) representable (~> 3.0) retriable (>= 2.0, < 4.0) - googleauth (0.5.3) + googleauth (0.6.2) faraday (~> 0.12) - jwt (~> 1.4) + jwt (>= 1.4, < 3.0) logging (~> 2.0) memoist (~> 0.12) multi_json (~> 1.11) os (~> 0.9) signet (~> 0.7) - hashdiff (0.3.6) + hashdiff (0.3.7) hiera (3.4.2) hocon (1.2.5) httpclient (2.8.3) @@ -247,7 +240,7 @@ GEM json (1.8.6) json-schema (2.8.0) addressable (>= 2.4) - jwt (1.5.6) + jwt (2.1.0) little-plugger (1.1.4) locale (2.1.2) logging (2.2.2) @@ -255,7 +248,7 @@ GEM multi_json (~> 1.10) memoist (0.16.0) metaclass (0.0.4) - metadata-json-lint (2.0.2) + metadata-json-lint (2.1.0) json-schema (~> 2.8) spdx-licenses (~> 1.0) mime-types (3.1) @@ -263,40 +256,40 @@ GEM mime-types-data (3.2016.0521) mini_portile2 (2.3.0) minitar (0.5.4) - minitest (5.10.3) + minitest (5.11.3) mocha (1.3.0) metaclass (~> 0.0.1) - multi_json (1.12.2) + multi_json (1.13.1) multipart-post (2.0.0) net-scp (1.2.1) net-ssh (>= 2.6.5) net-ssh (4.2.0) net-telnet (0.1.1) - nokogiri (1.8.1) + nokogiri (1.8.2) mini_portile2 (~> 2.3.0) open_uri_redirections (0.2.1) os (0.9.6) - parallel (1.12.0) - parser (2.4.0.0) - ast (~> 2.2) + parallel (1.12.1) + parser (2.5.0.2) + ast (~> 2.4.0) powerpack (0.1.1) - public_suffix (3.0.0) - puppet (5.3.1) - facter (> 2.0, < 4) - gettext-setup (>= 0.10, < 1) + public_suffix (3.0.2) + puppet (5.4.0) + facter (> 2.0.1, < 4) + fast_gettext (~> 1.1.2) hiera (>= 3.2.1, < 4) locale (~> 2.1) puppet-lint (2.3.3) puppet-syntax (2.4.1) rake - puppetlabs_spec_helper (2.3.2) + puppetlabs_spec_helper (2.6.2) mocha (~> 1.0) puppet-lint (~> 2.0) puppet-syntax (~> 2.0) rspec-puppet (~> 2.0) rainbow (2.1.0) rake (10.5.0) - rbvmomi (1.11.3) + rbvmomi (1.11.7) builder (~> 3.0) json (>= 1.8) nokogiri (~> 1.5) @@ -306,24 +299,24 @@ GEM declarative-option (< 0.2.0) uber (< 0.2.0) retriable (3.1.1) - rspec (3.6.0) - rspec-core (~> 3.6.0) - rspec-expectations (~> 3.6.0) - rspec-mocks (~> 3.6.0) - rspec-core (3.6.0) - rspec-support (~> 3.6.0) - rspec-expectations (3.6.0) + rspec (3.7.0) + rspec-core (~> 3.7.0) + rspec-expectations (~> 3.7.0) + rspec-mocks (~> 3.7.0) + rspec-core (3.7.1) + rspec-support (~> 3.7.0) + rspec-expectations (3.7.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.6.0) + rspec-support (~> 3.7.0) rspec-its (1.2.0) rspec-core (>= 3.0.0) rspec-expectations (>= 3.0.0) - rspec-mocks (3.6.0) + rspec-mocks (3.7.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.6.0) + rspec-support (~> 3.7.0) rspec-puppet (2.5.0) rspec - rspec-support (3.6.0) + rspec-support (3.7.1) rsync (1.0.9) rubocop (0.49.1) parallel (~> 1.10) @@ -334,16 +327,16 @@ GEM unicode-display_width (~> 1.0, >= 1.0.1) ruby-progressbar (1.9.0) safe_yaml (1.0.4) - serverspec (2.41.0) + serverspec (2.41.3) multi_json rspec (~> 3.0) rspec-its specinfra (~> 2.72) sfl (2.3) - signet (0.7.3) + signet (0.8.1) addressable (~> 2.3) faraday (~> 0.9) - jwt (~> 1.5) + jwt (>= 1.5, < 3.0) multi_json (~> 1.10) simplecov (0.13.0) docile (~> 1.1.0) @@ -351,13 +344,12 @@ GEM simplecov-html (~> 0.10.0) simplecov-html (0.10.2) spdx-licenses (1.1.0) - specinfra (2.72.0) + specinfra (2.73.2) net-scp net-ssh (>= 2.7, < 5.0) net-telnet sfl stringify-hash (0.0.2) - text (1.3.1) thor (0.19.1) trollop (2.1.2) typhoeus (1.3.0) @@ -365,9 +357,9 @@ GEM uber (0.1.0) unf (0.1.4) unf_ext - unf_ext (0.0.7.4) + unf_ext (0.0.7.5) unicode-display_width (1.3.0) - webmock (3.0.1) + webmock (3.3.0) addressable (>= 2.3.6) crack (>= 0.3.2) hashdiff @@ -398,4 +390,4 @@ DEPENDENCIES xml-simple (~> 1.1.5) BUNDLED WITH - 1.15.1 + 1.16.0 diff --git a/README.md b/README.md index 020c7ec..9c81070 100644 --- a/README.md +++ b/README.md @@ -837,6 +837,9 @@ Optional. Sets the user for installation. Valid options: any valid user. Default ##### `version` Optional. Sets the version of AEM. Informational only, does not affect installation or resource management. Valid options: any semantic version. +##### `systemd_service_options` +Optional. Hash. Sets the Systemd service options. parameter in the service file. Default { 'PrivateTmp' => true }. + #### Define: `aem::license` Manages an AEM License file. Provides a convenient tool for managing the license file contents without needing to know the structure. For examples, see the [wiki][]. diff --git a/manifests/instance.pp b/manifests/instance.pp index f576e06..09943d9 100644 --- a/manifests/instance.pp +++ b/manifests/instance.pp @@ -4,28 +4,30 @@ # # define aem::instance ( - $ensure = 'present', - $context_root = undef, - $debug_port = undef, - $group = 'aem', - $home = undef, - $jvm_mem_opts = '-Xmx1024m', - $jvm_opts = undef, - $manage_group = true, - $manage_home = true, - $manage_user = true, - $osgi_configs = undef, - $crx_packages = undef, - $port = 4502, - $runmodes = [], - $sample_content = true, - $snooze = 10, - $source = undef, - $status = 'enabled', - $timeout = 600, - $type = author, - $user = 'aem', - $version = undef) { + $ensure = 'present', + $context_root = undef, + $debug_port = undef, + $group = 'aem', + $home = undef, + $jvm_mem_opts = '-Xmx1024m', + $jvm_opts = undef, + $manage_group = true, + $manage_home = true, + $manage_user = true, + $osgi_configs = undef, + $crx_packages = undef, + $port = 4502, + $runmodes = [], + $sample_content = true, + $snooze = 10, + $source = undef, + $status = 'enabled', + $timeout = 600, + $type = author, + $user = 'aem', + $version = undef, + $systemd_service_options = undef, +) { anchor { "aem::${name}::begin": } @@ -108,11 +110,12 @@ if $status != 'unmanaged' { aem::service { $name : - ensure => $ensure, - status => $status, - home => $_home, - user => $user, - group => $group, + ensure => $ensure, + status => $status, + home => $_home, + user => $user, + group => $group, + systemd_service_options => $systemd_service_options, } } diff --git a/manifests/service.pp b/manifests/service.pp index e3e7d39..84ea2b4 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -5,12 +5,12 @@ # Based on Elastic Search service management. # define aem::service ( - $ensure = 'present', - $group = 'aem', - $home = undef, - $status = 'enabled', - $user = 'aem', - + $ensure = 'present', + $group = 'aem', + $home = undef, + $status = 'enabled', + $user = 'aem', + $systemd_service_options = undef, ) { if $home == undef { @@ -64,11 +64,12 @@ } 'systemd' : { aem::service::systemd { $name : - ensure => $ensure, - status => $status, - group => $group, - home => $home, - user => $user, + ensure => $ensure, + status => $status, + group => $group, + home => $home, + user => $user, + systemd_service_options => $systemd_service_options, } } default : { diff --git a/manifests/service/systemd.pp b/manifests/service/systemd.pp index 360d383..ff3d7e0 100644 --- a/manifests/service/systemd.pp +++ b/manifests/service/systemd.pp @@ -11,7 +11,8 @@ $status, $group, $home, - $user + $user, + Hash $systemd_service_options = { 'PrivateTmp' => true }, ) { # Setup the system state. diff --git a/spec/defines/service_spec.rb b/spec/defines/service_spec.rb index 2844b76..15d9345 100644 --- a/spec/defines/service_spec.rb +++ b/spec/defines/service_spec.rb @@ -57,7 +57,8 @@ status: 'enabled', group: 'aem', home: '/opt/aem', - user: 'aem' + user: 'aem', + systemd_service_options: { 'PrivateTmp' => true } ) end end @@ -123,7 +124,8 @@ status: 'enabled', group: 'aem', home: '/opt/aem', - user: 'aem' + user: 'aem', + systemd_service_options: { 'PrivateTmp' => true } ) end end @@ -169,7 +171,8 @@ status: 'enabled', group: 'aem', home: '/opt/aem', - user: 'aem' + user: 'aem', + systemd_service_options: { 'PrivateTmp' => true } ) end end diff --git a/templates/etc/init.d/systemd.erb b/templates/etc/init.d/systemd.erb index 2f7eef1..43f60f2 100644 --- a/templates/etc/init.d/systemd.erb +++ b/templates/etc/init.d/systemd.erb @@ -11,7 +11,7 @@ Type=forking PIDFile=<%= @home %>/crx-quickstart/conf/cq.pid User=<%= @user %> Group=<%= @group %> -ExecStart=<%= @home %>/crx-quickstart/bin/start +ExecStart=<%= @home %>/crx-quickstart/bin/start ExecStop=<%= @home %>/crx-quickstart/bin/stop # We want systemd to give aem some time to finish gracefully, but still want # it to kill aem after TimeoutStopSec if something went wrong during the @@ -21,7 +21,10 @@ ExecStop=<%= @home %>/crx-quickstart/bin/stop TimeoutStopSec=4min KillSignal=SIGCONT -PrivateTmp=true + +<% @systemd_service_options.each do |key, value| -%> +<%= key %>=<%= value %> +<% end -%> [Install] WantedBy=multi-user.target