id.themis: import PrivateBin configuration

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>

pillar/id/themis_lysergic_dev.sls

@@ -75,3 +75,45 @@ profile:
     saml2_group_attribute: groups
     saml2_remove_from_groups: true
     queue_connection: database
+
+  privatebin:
+    main:
+      name: Bin
+      fileupload: true
+      syntaxhighlightingtheme: sons-of-obsidian
+      sizelimit: 310485760
+      notice: 'Note: Kittens will die if you abuse this service.'
+      languageselection: true
+      urlshortener: ${'secret_privatebin:main:urlshortener'}
+      qrcode: true
+    expire:
+      default: 1week
+    expire_options:
+      5min: 300
+      10min: 600
+      1hour: 3600
+      1day: 86400
+      1week: 604800
+      1month: 2592000
+      1year: 31536000
+      never: 0
+    formatter_options:
+      plaintext: Plain Text
+      syntaxhighlighting: Source Code
+      markdown: Markdown
+    traffic:
+      limit: 10
+      header: X_FORWARDED_FOR
+      dir: /var/lib/PrivateBin/limits
+    purge:
+      limit: 300
+      batchsize: 10
+      dir: /var/lib/PrivateBin/limits
+    model:
+      class: Database
+    model_options:
+      dsn: ${'secret_privatebin:model_options:dsn'}
+      tbl: privatebin_
+      usr: ${'secret_privatebin:model_options:usr'}
+      pwd: ${'secret_privatebin:model_options:pwd'}
+      opt[12]: true

salt/profile/privatebin/init.sls

@@ -0,0 +1,55 @@
+{%- set mypillar = salt['pillar.get']('profile:privatebin', {}) -%}
+{%- set confdir = '/etc/PrivateBin' -%}
+{%- set configfile = confdir ~ '/conf.php' -%}
+
+privatebin_packages:
+  pkg.installed:
+    - names:
+      - PrivateBin-config-httpd
+
+privatebin_clean:
+  file.directory:
+    - name: {{ confdir }}
+    - clean: True
+    - onchanges:
+      - pkg: privatebin_packages
+    - require:
+      - pkg: privatebin_packages
+
+{%- if mypillar | length %}
+{{ configfile }}:
+  ini.options_present:
+    - separator: '='
+    - strict: True
+    - sections:
+        {%- macro conf(section, options) %}
+        {%- for option in options.keys() -%}
+        {%- if mypillar[section][option] is string and mypillar[section][option].startswith('$') or mypillar[section][option] is number %}
+        {%- set value = mypillar[section][option] -%}
+        {%- else %}
+        {%- set value = mypillar[section][option] | quote -%}
+        {%- endif %}
+          {{ option }}: {{ value }}
+        {%- endfor -%}
+        {%- endmacro %}
+        {%- for section, options in mypillar.items() %}
+        {{ section }}:
+          {{ conf(section, options) }}
+        {%- endfor %}
+    - require:
+      - pkg: privatebin_packages
+    - watch:
+      - file: privatebin_clean
+    - watch_in:
+      - file: privatebin_permissions
+{%- endif %}
+
+privatebin_permissions:
+  file.managed:
+    - mode: '0640'
+    - user: wwwrun
+    - group: privatebin
+    - names:
+      - {{ configfile }}
+    - require:
+      - pkg: privatebin_packages

salt/role/privatebin.sls

@@ -0,0 +1,4 @@
+include:
+  - role.web.apache-httpd
+  - profile.privatebin
+  - php.fpm