cfengine/cf.services.file



control:
    AddInstallable = ( samba samba_reload netatalk netatalk_reload lprng lprng_reload cups cups_reload )
    
    #
    # Variables for shares
    # You can change the paths here and it will be changed both in
    # the conf file and in the filesystem - But once it is implemented,
    # it is not wise to change it - the data in the shares doesn't get
    # moved!
    # You can change the rights on the shares in the "directories:"
    # section.
    #
    netlogshare = ( /etc/samba/netlogon )
    commonsharedir  = ( /home/fsadmin/COMMON )
    datashare   = ( /home/fsadmin/COMMON/documents )
    softshare   = ( /home/fsadmin/COMMON/software )
    profshare   = ( /home/fsadmin/COMMON/samba/userprofiles )
    printdir    = ( /var/spool/sharedprinter )
    privpcshare = ( .pcshare )
    privmacshare    = ( .macshare )
    privxchngshare  = ( .xchangeshare )
    
    #
    # Administrative user and group
    #
    adminuser   = ( fsadmin )
    admingrp    = ( fsadmin )
    
    #
    # Determine if this is a samba server, netatalk server or both, and define
    # classes based on that.
    #
classes:
    samba       = ( `/usr/bin/test -x /usr/sbin/smbd` )
    netatalk    = ( `/usr/bin/test -x /usr/sbin/afpd` )
    
    #
    # Determine which print system is in use, and define classes based on that.
    # We only support lprng and cups
    #
    lprng       = ( `/usr/bin/test -x /usr/sbin/lpd` )
    cups        = ( `/usr/bin/test -x /usr/sbin/cupsd` )
        
editfiles:
    samba::
        #
        # Samba configuration stuff.
        #
        { /etc/samba/smb.conf
        #
        # Global stuff
        #
        # Remove share declarations from main smb.conf. It is split
        # up in the following files:
        # - smb.conf
        # - smb-shares-COMMON.conf
        # - smb-shares-$(site).conf
        # - smb-printers.conf
        #
#       DeleteLinesAfterThisMatching "^\[homes\]$(n)*.*"
#       ResetSearch "1"
#       CatchAbort
#       ResetSearch "1"
        
        #
        # Append the include lines for the files decribed above
        #
        AppendIfNoSuchLine "include = /etc/samba/smb-shares-COMMON.conf"
        AppendIfNoSuchLine "include = /etc/samba/smb-printers.conf"
        BeginGroupIfFileExists "/etc/local-COMMON/samba/smb-shares-$(site).conf"
                AppendIfNoSuchLine "include = /etc/samba/smb-shares-$(site).conf"
        EndGroup
        ResetSearch "1"

        #
        # workgroup = $(site)
        #
        LocateLineMatching "^[;[:blank:]]*workgroup[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching '^[[:blank:]]*workgroup[[:blank:]]*=[[:blank:]]*$(site)[[:blank:]]*'
            ReplaceLineWith '   workgroup = $(site)'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch '^[[:blank:]]*workgroup[[:blank:]]*=[[:blank:]]*$(site)[[:blank:]]*'
            InsertLine '   workgroup = $(site)'
        EndGroup

        #
        # wins support = yes
        #
        LocateLineMatching "^[;[:blank:]]*wins support[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching "^[[:blank:]]*wins support[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
            ReplaceLineWith '   wins support = yes'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch "^[[:blank:]]*wins support[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
            InsertLine '   wins support = yes'
        EndGroup

        #
        # os level = 65
        #
        LocateLineMatching "^[;[:blank:]]*os level[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching "^[[:blank:]]*os level[[:blank:]]*=[[:blank:]]*65[[:blank:]]*"
            ReplaceLineWith '   os level = 65'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch "^[[:blank:]]*os level[[:blank:]]*=[[:blank:]]*65[[:blank:]]*"
            InsertLine '   os level = 65'
        EndGroup

        #
        # domain master = yes
        #
        LocateLineMatching "^[;[:blank:]]*domain master[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching "^[[:blank:]]*domain master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
            ReplaceLineWith '   domain master = yes'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch "^[[:blank:]]*domain master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
            InsertLine '   domain master = yes'
        EndGroup

        #
        # local master = yes
        #
        LocateLineMatching "^[;[:blank:]]*local master[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching "^[[:blank:]]*local master[[:blank:]]*=[[:blank:]]*yes"
            ReplaceLineWith '   local master = yes'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch "^[[:blank:]]*local master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
            InsertLine '   local master = yes'
        EndGroup

        #
        # logon drive = U:
        #
        LocateLineMatching "^[;[:blank:]]*logon drive[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching "^[[:blank:]]*logon drive[[:blank:]]*=[[:blank:]]*U:[[:blank:]]*"
            ReplaceLineWith '   logon drive = U:'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch "^[[:blank:]]*logon drive[[:blank:]]*=[[:blank:]]*U:[[:blank:]]*"
            InsertLine '   logon drive = U:'
        EndGroup
            
        #
        # logon script = common.bat
        #
        LocateLineMatching "^[;[:blank:]]*logon script[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching "^[[:blank:]]*logon script[[:blank:]]*=[[:blank:]]*common.bat[[:blank:]]*"
            ReplaceLineWith '   logon script = common.bat'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch "^[[:blank:]]*logon script[[:blank:]]*=[[:blank:]]*common.bat[[:blank:]]*"
            InsertLine '   logon script = common.bat'
        EndGroup

        #
        # domain logons = yes
        #
        LocateLineMatching "^[;[:blank:]]*domain logons[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching "^[[:blank:]]*domain logons[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
            ReplaceLineWith '   domain logons = yes'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch "^[[:blank:]]*domain logons[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
            InsertLine '   domain logons = yes'
        EndGroup

        #
        # logon path = \\%N\USERPROFILES\%U
        #
        LocateLineMatching "^[;[:blank:]]*logon path[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching "^[[:blank:]]*logon path[[:blank:]]*=[[:blank:]]*[\\][\\]%N[\\]USERPROFILES[\\]%U[[:blank:]]*"
            ReplaceLineWith '   logon path = \\%N\USERPROFILES\%U'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch "^[[:blank:]]*logon path[[:blank:]]*=[[:blank:]]*[\\][\\]%N[\\]USERPROFILES[\\]%U[[:blank:]]*"
            InsertLine '   logon path = \\%N\USERPROFILES\%U'
        EndGroup

        #
        # preferred master = yes
        #
        LocateLineMatching "^[;[:blank:]]*preferred master[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching "^[[:blank:]]*preferred master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
            ReplaceLineWith '   preferred master = yes'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch "^[[:blank:]]*preferred master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
            InsertLine '   preferred master = yes'
        EndGroup
        DefineClasses "samba_reload"
        }

        { /etc/samba/smb-shares-COMMON.conf
        #
        # This file contains all the shares common to all installations.
        # We check if the proper sections are there and add them if they
        # isn't. We don't check the file line for line.
        #
        AutoCreate
        
        #
        # [netlogon]
        #
        BeginGroupIfNoLineMatching "^\[netlogon\]"
            Append '[netlogon]'
            Append '    comment = Network logon'
            Append '    path = $(netlogshare)'
            Append '    browsable = no'
            Append '    writeable = no'
            Append '    share modes = no'
        EndGroup
        #
        # [userprofiles]
        #
        BeginGroupIfNoLineMatching "^\[userprofiles\]"
            Append '[userprofiles]'
            Append '    path = $(profshare)'
            Append '    force user = %u'
            Append '    writable = yes'
            Append '    browsable = no'
            Append '    root preexec = /bin/mkdir $(profshare)/%U \'
            Append '            /bin/chown %U $(profshare)/%U \'
            Append '            /bin/chmod 700 $(profshare)/%U'
        EndGroup
        #
        # [homes]
        #
        BeginGroupIfNoLineMatching "^\[homes\]"
            Append '[homes]'
            Append '    path = /home/%u/$(privpcshare)'
            Append '    browsable = no'
            Append '    root preexec = /bin/mkdir /home/%u/$(privpcshare) \'
            Append '            /bin/chown %U /home/%u/$(privpcshare) \'
            Append '            /bin/chmod 644 /home/%u/$(privpcshare)'
        EndGroup
        #
        # [programmer]
        #
        BeginGroupIfNoLineMatching "^\[software\]"
            Append '[software]'
            Append '    path = $(softshare)'
            Append '    comment = F�lles software'
            Append '    browsable = yes'
            Append '    guest ok = no'
            Append '    writeable = yes'
            Append '    valid users = @$(admingrp)'
            Append '    force group = +$(admingrp)'
        EndGroup
        #
        # [dokumenter]
        #
        BeginGroupIfNoLineMatching "^\[dokumenter\]"
            Append '[dokumenter]'
            Append '    path = $(datashare)'
            Append '    comment = F�lles dokumenter'
            Append '    browsable = yes'
            Append '    guest ok = no'
            Append '    writeable = yes'
            Append '    valid users = @$(admingrp)'
            Append '    force group = +$(admingrp)'
        EndGroup
        DefineClasses "samba_reload"
        }

        #
        # Local shares special for the site.
        # In this file you can define special shares that you need
        #
        { /etc/samba/smb-shares-$(site).conf
        #
        # We don't make this file dynamically, but instead we copy the contents
        # of a master file, but only if it's newer than the one installed.
        #
        BeginGroupIfFileIsNewer "/etc/local-COMMON/samba/smb-shares-$(site).conf"
            EmptyEntireFilePlease
            InsertFile "/etc/local-COMMON/samba/smb-shares-$(site).conf"
            Append "; Edited by cfengine $(date)"
        EndGroup
        DefineClasses "samba_reload"
        }

        { /etc/samba/smb-printers.conf
        #
        # This file contains all the printers defined in the Linux printing
        # system. There shouldn't be any need for setting up additional
        # printer entries. Manage the printers through the Linux print
        # system you have installed - cups or lprng.
        # We check if the proper sections are there and add them if they
        # isn't. We don't check the file line for line.
        #
        AutoCreate
        
        #
        # [printers]
        #
        BeginGroupIfNoLineMatching "^\[printers\]"
            Append '[printers]'
            Append '    comment = %S printer'
            Append '    path = $(printdir)'
            Append '    print command = /usr/bin/lpr -h %s'
            Append '    lprm command = /usr/bin/lprm -P%S %j'
            Append '    public = yes'
            Append '    printable = yes'
        EndGroup
        }

        #
        # Batch file for mounting shares automatically
        #
        { /etc/samba/netlogon/common.bat
        #
        # We don't make this file dynamically, but instead we copy the contents
        # of a master file, but only if it's newer than the one installed.
        #
        BeginGroupIfFileIsNewer "/etc/local-COMMON/samba/netlogon/common.bat"
            AutoCreate
            EmptyEntireFilePlease
            InsertFile "/etc/local-COMMON/samba/netlogon/common.bat"
            Append "rem Edited by cfengine $(date)"
        EndGroup
        DefineClasses "samba_reload"
        }

    lprng::
        { /etc/samba/smb.conf
        #
        # printing = lprng
        #
        ResetSearch "1"
        LocateLineMatching "^[;[:blank:]]*printing[[:blank:]]*=.*"
        BeginGroupIfNoLineMatching '^[[:blank:]]*printing[[:blank:]]*=[[:blank:]]*lprng[[:blank:]]*'
            ReplaceLineWith '   printing = lprng'
        EndGroup
        CatchAbort
        BeginGroupIfNoMatch '^[[:blank:]]*printing[[:blank:]]*=[[:blank:]]*lprng[[:blank:]]*'
            InsertLine '   printing = lprng'
        EndGroup
        DefineClasses "samba_reload"
        }

        #
        # Printer configuration stuff
        #
        { /etc/printcap
        #
        # We don't make the printcap dynamically, but instead we copy the contents
        # of a master file, but only if it's newer than the one installed.
        #
        BeginGroupIfFileIsNewer "/etc/local-COMMON/printcap.$(site)"
            EmptyEntireFilePlease
            InsertFile "/etc/local-COMMON/printcap.$(site)"
            Append "# Edited by cfengine $(date)"
        EndGroup
        DefineClasses "lprng_reload"
        }

    samba_reload::
        { /etc/samba/smb.conf
            LocateLineMatching "^; EDITED BY CFENGINE .*"
            ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)'
            CatchAbort
            BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*"
                Append '; EDITED BY CFENGINE $(date)'
            EndGroup
        }

        { /etc/samba/smb-shares-COMMON.conf
            LocateLineMatching "^; EDITED BY CFENGINE .*"
            ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)'
            CatchAbort
            BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*"
                Append '; EDITED BY CFENGINE $(date)'
            EndGroup
        }

        { /etc/samba/smb-shares-$(site).conf
            LocateLineMatching "^; EDITED BY CFENGINE .*"
            ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)'
            CatchAbort
            BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*"
                Append '; EDITED BY CFENGINE $(date)'
            EndGroup
        }

        { /etc/samba/smb-printers.conf
            LocateLineMatching "^; EDITED BY CFENGINE .*"
            ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)'
            CatchAbort
            BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*"
                Append '; EDITED BY CFENGINE $(date)'
            EndGroup
        }

directories:
    any::
    $(commonsharedir)
        mode=755
        owner=$(adminuser)
        group=$(admingrp)
    $(softshare)
        mode=775
        owner=$(adminuser)
        group=$(admingrp)
    $(datashare)
        mode=775
        owner=$(adminuser)
        group=$(admingrp)
    samba::
    $(netlogshare)
        mode=755
        owner=root
        group=root
    $(profshare)
        mode=775
        owner=$(adminuser)
        group=$(admingrp)
    $(printdir)
        mode=775
        owner=root
        group=root

processes:
    "smbd"  restart "/etc/init.d/samba restart"
    "afpd"  restart "/etc/init.d/netatalk restart"

shellcommands:
    samba_reload::
    "/etc/init.d/samba force-reload"
    netatalk_reload::
    "/etc/init.d/netatalk force-reload"
    lprng_reload::
    "/etc/init.d/lprng force-reload"
    cups_reload::
    "/etc/init.d/cups force-reload"