more on gogios

2 files changed, 14 insertions, 1 deletions

diff --git a/frontends/Rexfile b/frontends/Rexfile
index d7e9605..1b4c692 100644
--- a/frontends/Rexfile
+++ b/frontends/Rexfile
@@ -380,6 +380,9 @@ task 'dtail', group => 'frontends',
 
       append_if_no_such_line '/etc/daily.local', '/usr/local/bin/dserver-update-key-cache.sh';
 
+      run 'adduser -class nologin -group _dserver -batch _dserver', unless => 'id _dserver';
+      run 'usermod -d /var/run/dserver _dserver';
+
       service 'dserver' => 'restart' if $restart;
       service 'dserver', ensure => 'started';
    };
@@ -392,6 +395,15 @@ task 'gogios', group => 'frontends',
           acme_hosts => \@acme_hosts),
         owner => 'root',
         group => 'wheel',
+        mode => '744';
+
+      run 'adduser -group _gogios -batch _gogios', unless => 'id _gogios';
+      run 'usermod -d /var/run/gogios _gogios';
+
+      file '/var/run/gogios',
+        ensure => 'directory',
+        owner => '_gogios',
+        group => '_gogios',
         mode => '755';
   };
 
diff --git a/frontends/etc/gogios.json.tpl b/frontends/etc/gogios.json.tpl
index 64d2083..50e8b66 100644
--- a/frontends/etc/gogios.json.tpl
+++ b/frontends/etc/gogios.json.tpl
@@ -1,8 +1,9 @@
 {
   "EmailTo": "paul",
   "EmailFrom": "gogios@mx.buetow.org",
-  "CheckTimeoutS": 10,
+  "CheckTimeoutS": 4,
   "CheckConcurrency": 10,
+  "StateDir": "/var/run/gogios",
   "Checks": {
     <% for my $host (@$acme_hosts) { -%>
       <% for my $prefix ('', 'www.') { -%>