Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Delta Between Two Patch Sets: manifests/issuesserver.pp

Issue 5735669590654976: #753 - set up an order system to let eyeo employees file order requests (Closed)
Left Patch Set: #753 - set up an order system to let eyeo employees file order requests Created July 29, 2014, 11:18 a.m.
Right Patch Set: #753 - set up an order system to let eyeo employees file order requests Created Aug. 6, 2014, 12:38 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
Left: Side by side diff | Download
Right: Side by side diff | Download
« no previous file with change/comment | « no previous file | modules/trac/files/eyeo_logo.png » ('j') | no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
LEFTRIGHT
1 node 'issues1' { 1 node 'issues1' {
2 2
3 include base, private::trac 3 include base, private::trac
4 4
5 class {'trac': 5 class {'trac':
6 domain => 'issues.adblockplus.org', 6 domain => 'issues.adblockplus.org',
7 certificate => 'issues.adblockplus.org_sslcert.pem', 7 certificate => 'issues.adblockplus.org_sslcert.pem',
8 private_key => 'issues.adblockplus.org_sslcert.key', 8 private_key => 'issues.adblockplus.org_sslcert.key',
9 is_default => true, 9 is_default => true,
10 } 10 }
11 11
12 trac::instance {'trac': 12 trac::instance {'issues':
13 config => 'trac/trac.ini.erb', 13 config => 'trac/trac.ini.erb',
14 description => 'Adblock Plus Issue Tracker', 14 description => 'Adblock Plus Issue Tracker',
15 environment => 'environment',
16 location => '/', 15 location => '/',
17 logo => 'adblockplus_logo.png', 16 logo => 'puppet:///modules/trac/adblockplus_logo.png',
18 database => 'trac', 17 database => 'trac',
19 permissions => "puppet:///modules/trac/permissions.csv", 18 permissions => "puppet:///modules/trac/permissions.csv",
20 } 19 }
21 20
22 trac::instance {'orders': 21 trac::instance {'orders':
23 config => 'trac/orders.ini.erb', 22 config => 'trac/orders.ini.erb',
24 description => 'Eyeo Order System', 23 description => 'Eyeo Order System',
25 environment => 'environment-orders',
26 location => '/orders', 24 location => '/orders',
27 logo => 'eyeo_logo.png', 25 logo => 'puppet:///modules/trac/eyeo_logo.png',
28 database => 'trac_orders', 26 database => 'trac_orders',
29 permissions => "puppet:///modules/trac/order-permissions.csv", 27 permissions => "puppet:///modules/trac/order-permissions.csv",
30 } 28 }
31 29
32 # Transforming the auth_cookie table of the "new" Trac project into an 30 # Transforming the auth_cookie table of the "new" Trac project into an
33 # insertable view for the "old" project's table of the same name avoids 31 # insertable view for the "old" project's table of the same name avoids
34 # the need to convert the entire auth to htpasswd-file handling, which 32 # the need to convert the entire auth to htpasswd-file handling, which
35 # would be the official way to go for achieving a shared authentication. 33 # would be the official way to go for achieving a shared authentication.
36 exec { 'trac_auth_cookie_federated': 34 exec { 'trac_auth_cookie_view':
37 command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' 35 command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute '
38 CREATE VIEW auth_cookie_view AS SELECT * FROM trac.auth_cookie; 36 DROP TABLE IF EXISTS auth_cookie;
39 RENAME TABLE auth_cookie TO auth_cookie_original, auth_cookie_view TO auth _cookie;'", 37 CREATE VIEW auth_cookie AS SELECT * FROM trac.auth_cookie;'",
40 unless => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' 38 unless => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute '
41 SHOW CREATE TABLE auth_cookie' | grep VIEW", 39 SHOW CREATE VIEW auth_cookie'",
42 path => "/usr/bin:/usr/sbin:/bin:/usr/local/bin", 40 path => "/usr/bin:/usr/sbin:/bin:/usr/local/bin",
43 require => [ 41 require => [
44 Exec["deploy_trac"], 42 Exec["deploy_issues"],
45 Exec["deploy_orders"], 43 Exec["deploy_orders"],
46 ], 44 ],
47 } 45 }
48 46
49 # Synchronizing e-mail and password information between the project 47 # Synchronizing e-mail and password information between the project
50 # allows for logging in from any entry point - whilst maintaining a 48 # allows for logging in from any entry point - whilst maintaining a
51 # registration form (and process) in one project only. 49 # registration form (and process) in one project only.
52 cron {'trac_session_attribute_sync': 50 cron {'trac_session_attribute_sync':
53 ensure => present, 51 ensure => present,
54 user => trac, 52 user => trac,
55 minute => '*/30', 53 minute => '*/30',
56 command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' \ 54 command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' \
57 INSERT INTO session_attribute (sid, authenticated, name, value) SELECT sid , authenticated, name, value \ 55 INSERT INTO session_attribute (sid, authenticated, name, value) SELECT sid , authenticated, name, value \
58 FROM trac.session_attribute WHERE authenticated = 1 AND name IN (\"email\" , \"password\") \ 56 FROM trac.session_attribute WHERE authenticated = 1 AND name IN (\"email\" , \"password\") \
59 ON DUPLICATE KEY UPDATE value=VALUES(value) ' >/dev/null 57 ON DUPLICATE KEY UPDATE value=VALUES(value) ' >/dev/null
60 ", 58 ",
61 require => Exec['trac_auth_cookie_federated'], 59 require => Exec['trac_auth_cookie_view'],
60 }
61
62 # This directive is required due to legacy issues, where only one trac
63 # project was configured. Now we want to have more verbose names, e.g.
64 # tracd_issues and tracd_orders, but the spawn-fcgi module doesn't remove
65 # unmentioned former setups. So, in order to avoid conflicts or manual
66 # intervention during rollout, we must keep this statement here and never
67 # re-use the name again. Ugly, but neccessary.
68 spawn-fcgi::pool {"tracd":
69 ensure => absent,
70 require => Exec['tracd_kludge'],
71 }
72
73 # Unfortunately, the spawn-fcgi module is not capable of stopping the
74 # processes of pools that are changed to absent - simply because it removes
75 # the configuration file and the subsequent reload or restart does not
76 # recognize the pool any more. Thus, we have to ensure that the service is
77 # stopped before:
78 exec { 'tracd_kludge':
79 command => 'service spawn-fcgi stop',
80 onlyif => 'service spawn-fcgi status',
81 path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
82 notify => Service['spawn-fcgi'],
83 }
84
85 # Pretty similar to the "tracd" pool issue above: The trac-admin initenv
86 # command would fail for environment-issues after creation of the directory
87 # structure, when it comes to the database setup (which already exists),
88 # if we do not handle the existing resources manually..
89 exec { 'trac_env_issues_kludge':
90 command => 'ln -s environment /home/trac/environment-issues',
91 before => Exec['trac_env_issues'],
92 path => "/usr/bin:/bin",
93 user => trac,
94 onlyif => 'test -d /home/trac/environment && \
95 test ! -e /home/trac/environment-issues',
96 require => User['trac'],
62 } 97 }
63 98
64 class {'nagios::client': 99 class {'nagios::client':
65 server_address => 'monitoring.adblockplus.org' 100 server_address => 'monitoring.adblockplus.org'
66 } 101 }
67 } 102 }
LEFTRIGHT

Powered by Google App Engine
This is Rietveld