Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Unified Diff: modules/web/manifests/server.pp

Issue 5728306397708288: Added definition for eyeo.com webserver (Closed)
Patch Set: Created Dec. 4, 2013, 3:58 p.m.
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « modules/web/files/sitescripts ('k') | modules/web/templates/site.erb » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: modules/web/manifests/server.pp
===================================================================
new file mode 100644
--- /dev/null
+++ b/modules/web/manifests/server.pp
@@ -0,0 +1,83 @@
+class web::server($vhost, $repository) {
+ File {
+ owner => 'root',
+ group => 'root',
+ mode => 0644,
+ }
+
+ Cron {
+ environment => ['MAILTO=admin@adblockplus.org', 'PYTHONPATH=/opt/sitescripts'],
+ }
+
+ include nginx
+
+ package {['python-jinja2', 'python-markdown']:}
+
+ file {'/etc/nginx/sites-enabled/default':
Felix Dahlke 2013/12/05 06:06:44 The nginx module already has this.
+ ensure => absent,
+ require => Package['nginx'],
+ }
+
+ file {"/etc/nginx/sites-available/${vhost}":
Felix Dahlke 2013/12/05 06:06:44 Why not use nginx::hostconfig?
+ content => template('web/site.erb'),
+ require => Package['nginx'],
+ notify => Service['nginx'],
+ }
+
+ file {"/etc/nginx/sites-enabled/${vhost}":
+ ensure => link,
+ target => "/etc/nginx/sites-available/${vhost}",
+ notify => Service['nginx'],
+ }
+
+ file {'/etc/nginx/sites-available/adblockplus.org_sslcert.key':
Felix Dahlke 2013/12/05 06:06:44 Shouldn't especially the key have mode 0400?
+ ensure => file,
+ require => Package['nginx'],
+ source => 'puppet:///modules/private/adblockplus.org_sslcert.key',
+ }
+
+ file {'/etc/nginx/sites-available/adblockplus.org_sslcert.pem':
+ ensure => file,
+ mode => 0400,
+ require => Package['nginx'],
+ source => 'puppet:///modules/private/adblockplus.org_sslcert.pem',
+ }
+
+ class {'sitescripts':
+ sitescriptsini_source => 'puppet:///modules/web/sitescripts',
+ }
+
+ user {'wwwuser':
Felix Dahlke 2013/12/05 06:06:44 I'd vote for just 'www' here, that's in line with
+ ensure => present,
+ comment => 'Web content owner',
+ home => '/home/wwwuser',
+ managehome => true,
+ }
+
+ exec {"fetch_repo":
+ command => "hg clone -U https://hg.adblockplus.org/${repository} /home/wwwuser/${repository}",
+ path => ["/usr/bin/", "/bin/"],
+ require => Package['mercurial'],
+ user => wwwuser,
+ timeout => 0,
+ onlyif => "test ! -d /home/wwwuser/${repository}",
+ }
+
+ file {'/var/www':
+ ensure => directory,
+ mode => 755,
+ }
+
+ file {"/var/www/${vhost}":
+ ensure => directory,
+ owner => wwwuser,
+ mode => 755,
+ }
+
+ cron {'update_repo':
+ ensure => present,
+ command => "hg pull -q -R /home/wwwuser/${repository} && python -m sitescripts.cms.bin.generate_static_pages /home/wwwuser/${repository} /var/www/${vhost}",
+ user => wwwuser,
+ minute => '*/10',
+ }
+}
« no previous file with comments | « modules/web/files/sitescripts ('k') | modules/web/templates/site.erb » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld