soc-ops/global/overlay/etc/puppet/modules/soc/manifests/intelmq.pp

class soc::intelmq(
) {

  group { 'intelmq':
    ensure => present,
  }

  user { 'intelmq':
    ensure     => present,
    gid        => 'intelmq',
    groups     => 'www-data',
    home       => '/opt/intelmq',
    managehome => true,
    shell      => '/bin/bash',
  }

  file { '/etc/intelmq':
    ensure => directory,
    owner  => 'intelmq',
    group  => 'intelmq',
  }

  #  file { '/opt/sso/apache/groups.txt':
  #  ensure  => file,
  #    content => template('soc/sso/apache-groups.txt.erb')
  #  }

  ensure_packages(['apache2'])
  package { ['apache2', 'libapache2-mod-wsgi-py3', 'postgresql', 'python3-venv', 'python3-pip', 'python3-gpg', 'python3-psycopg2', 'redict', ]:
    ensure => 'latest',
  }

  exec { 'Install IntelMQ venv':
    command => 'sudo -u intelmq /usr/bin/python3 -m venv --system-site-packages /opt/intelmq/venv',
    creates => '/opt/intelmq/venv',
  }

  file { '/opt/intelmq/install-intelmq.sh':
    ensure  => file,
    content => file('soc/intelmq/install-intelmq.sh'),
    mode    => '0555',
  }

  exec { 'Install IntelMQ':
    command => 'sudo -u intelmq /opt/intelmq/install-intelmq.sh',
    creates => '/opt/intelmq/.installed'
  }

  exec { 'Run IntelMQ setup script':
    command => '/opt/intelmq/venv/bin/intelmqsetup --state-file /opt/intelmq/.setup_state',
    creates => '/opt/intelmq/.setup_state',
    returns => ['0', '1',],
  }

  file { '/etc/sudoers.d/01_intelmq-api':
    ensure  => file,
    content => file('soc/intelmq/sudoers-01-intelmq-api'),
    mode    => '0440',
  }

  service { 'apache2':
    ensure  => 'running',
    enable  => true,
    require => Package['apache2'],
  }

  exec { 'Enable Apache2 modules':
    command => 'a2enmod ssl wsgi proxy proxy_http header rewrite',
    creates => ['/etc/apache2/mods-enabled/ssl.load', '/etc/apache2/mods-enabled/wsgi.load', '/etc/apache2/mods-enabled/proxy.load', '/etc/apache2/mods-enabled/proxy_http.load', '/etc/apache2/mods-enabled/header.load', '/etc/apache2/mods-enabled/rewrite.load'],
    notify  => Service['apache2'],
  }
}
First skeleton for soc::intelmq 2024-11-13 16:25:14 +01:00			`class soc::intelmq(`
			`) {`

			`group { 'intelmq':`
			`ensure => present,`
			`}`

			`user { 'intelmq':`
Testfix 2024-11-13 16:49:11 +01:00			`ensure => present,`
			`gid => 'intelmq',`
			`groups => 'www-data',`
			`home => '/opt/intelmq',`
			`managehome => true,`
Bugfix 2024-11-14 10:24:57 +01:00			`shell => '/bin/bash',`
First skeleton for soc::intelmq 2024-11-13 16:25:14 +01:00			`}`

			`file { '/etc/intelmq':`
			`ensure => directory,`
			`owner => 'intelmq',`
			`group => 'intelmq',`
			`}`

			`# file { '/opt/sso/apache/groups.txt':`
			`# ensure => file,`
			`# content => template('soc/sso/apache-groups.txt.erb')`
			`# }`

Typo. 2024-11-14 12:20:05 +01:00			`ensure_packages(['apache2'])`
More to install. 2024-11-14 12:16:26 +01:00			`package { ['apache2', 'libapache2-mod-wsgi-py3', 'postgresql', 'python3-venv', 'python3-pip', 'python3-gpg', 'python3-psycopg2', 'redict', ]:`
First skeleton for soc::intelmq 2024-11-13 16:25:14 +01:00			`ensure => 'latest',`
			`}`

More to install. 2024-11-14 12:16:26 +01:00			`exec { 'Install IntelMQ venv':`
			`command => 'sudo -u intelmq /usr/bin/python3 -m venv --system-site-packages /opt/intelmq/venv',`
			`creates => '/opt/intelmq/venv',`
First skeleton for soc::intelmq 2024-11-13 16:25:14 +01:00			`}`

Bugfix 2024-11-14 10:24:57 +01:00			`file { '/opt/intelmq/install-intelmq.sh':`
			`ensure => file,`
			`content => file('soc/intelmq/install-intelmq.sh'),`
Bugfix 2024-11-14 10:27:12 +01:00			`mode => '0555',`
Bugfix 2024-11-14 10:24:57 +01:00			`}`

More to install. 2024-11-14 12:16:26 +01:00			`exec { 'Install IntelMQ':`
			`command => 'sudo -u intelmq /opt/intelmq/install-intelmq.sh',`
			`creates => '/opt/intelmq/.installed'`
First skeleton for soc::intelmq 2024-11-13 16:25:14 +01:00			`}`
Fixes with installation script. 2024-11-14 10:51:10 +01:00
More to install. 2024-11-14 12:16:26 +01:00			`exec { 'Run IntelMQ setup script':`
			`command => '/opt/intelmq/venv/bin/intelmqsetup --state-file /opt/intelmq/.setup_state',`
Bugfix. 2024-11-14 10:58:37 +01:00			`creates => '/opt/intelmq/.setup_state',`
			`returns => ['0', '1',],`
Fixes with installation script. 2024-11-14 10:51:10 +01:00			`}`

Typo. 2024-11-14 10:52:32 +01:00			`file { '/etc/sudoers.d/01_intelmq-api':`
Fixes with installation script. 2024-11-14 10:51:10 +01:00			`ensure => file,`
			`content => file('soc/intelmq/sudoers-01-intelmq-api'),`
			`mode => '0440',`
			`}`

More to install. 2024-11-14 12:16:26 +01:00			`service { 'apache2':`
			`ensure => 'running',`
			`enable => true,`
			`require => Package['apache2'],`
			`}`

			`exec { 'Enable Apache2 modules':`
Bugfix. 2024-11-14 12:17:22 +01:00			`command => 'a2enmod ssl wsgi proxy proxy_http header rewrite',`
Typo. 2024-11-14 12:18:00 +01:00			`creates => ['/etc/apache2/mods-enabled/ssl.load', '/etc/apache2/mods-enabled/wsgi.load', '/etc/apache2/mods-enabled/proxy.load', '/etc/apache2/mods-enabled/proxy_http.load', '/etc/apache2/mods-enabled/header.load', '/etc/apache2/mods-enabled/rewrite.load'],`
More to install. 2024-11-14 12:16:26 +01:00			`notify => Service['apache2'],`
			`}`
First skeleton for soc::intelmq 2024-11-13 16:25:14 +01:00			`}`