Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Delta Between Two Patch Sets: manifests/issuesserver.pp

Issue 5735669590654976: #753 - set up an order system to let eyeo employees file order requests (Closed)
Left Patch Set: #753 - set up an order system to let eyeo employees file order requests Created July 22, 2014, 12:47 a.m.
Right Patch Set: #753 - set up an order system to let eyeo employees file order requests Created Aug. 6, 2014, 12:38 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
Left: Side by side diff | Download
Right: Side by side diff | Download
« no previous file with change/comment | « no previous file | modules/trac/files/eyeo_logo.png » ('j') | no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
LEFTRIGHT
1 node 'issues1' { 1 node 'issues1' {
2 2
3 include base, private::trac 3 include base, private::trac
4 4
5 class {'trac': 5 class {'trac':
6 domain => 'issues.adblockplus.org', 6 domain => 'issues.adblockplus.org',
7 certificate => 'issues.adblockplus.org_sslcert.pem', 7 certificate => 'issues.adblockplus.org_sslcert.pem',
8 private_key => 'issues.adblockplus.org_sslcert.key', 8 private_key => 'issues.adblockplus.org_sslcert.key',
9 is_default => true, 9 is_default => true,
10 } 10 }
11 11
12 trac::instance {'trac': 12 trac::instance {'issues':
13 config => 'trac/trac.ini.erb', 13 config => 'trac/trac.ini.erb',
14 description => 'Adblock Plus Issue Tracker', 14 description => 'Adblock Plus Issue Tracker',
15 environment => 'environment',
16 location => '/', 15 location => '/',
17 logo => 'adblockplus_logo.png', 16 logo => 'puppet:///modules/trac/adblockplus_logo.png',
18 database => 'trac', 17 database => 'trac',
18 permissions => "puppet:///modules/trac/permissions.csv",
19 } 19 }
20 20
21 trac::instance {'orders': 21 trac::instance {'orders':
22 config => 'trac/orders.ini.erb', 22 config => 'trac/orders.ini.erb',
23 description => 'Eyeo Order System', 23 description => 'Eyeo Order System',
24 environment => 'environment-orders', 24 location => '/orders',
25 location => '/orders/', 25 logo => 'puppet:///modules/trac/eyeo_logo.png',
26 logo => 'eyeo_logo.png',
27 database => 'trac_orders', 26 database => 'trac_orders',
27 permissions => "puppet:///modules/trac/order-permissions.csv",
28 } 28 }
29 29
30 # Transforming the auth_cookie table of the "new" Trac project into a 30 # Transforming the auth_cookie table of the "new" Trac project into an
31 # federated uplink for the "old" project's table of the same name avoids 31 # insertable view for the "old" project's table of the same name avoids
32 # the need to convert the entire auth to htpasswd-file handling, which 32 # the need to convert the entire auth to htpasswd-file handling, which
33 # would be the official way to go for achieving a shared authentication. 33 # would be the official way to go for achieving a shared authentication.
34 exec { 'trac_auth_cookie_federated': 34 exec { 'trac_auth_cookie_view':
35 command => "mysql -utrac -p'${private::trac::database_password}' trac --exec ute 'SHOW CREATE TABLE auth_cookie' -N \ 35 command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute '
36 | cut -d'»' -f2 \ 36 DROP TABLE IF EXISTS auth_cookie;
37 | sed -e 's/auth_cookie/auth_cookie_federated/' -e 's/\\\\n//g' \ 37 CREATE VIEW auth_cookie AS SELECT * FROM trac.auth_cookie;'",
38 -e 's/ENGINE=[A-Za-z]\\+/ENGINE=FEDERATED/' \ 38 unless => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute '
39 -e 's/$/ CONNECTION=\"mysql:\\/\\/trac:${private::trac::database_pas sword}@localhost\\/trac\\/auth_cookie\";/' \ 39 SHOW CREATE VIEW auth_cookie'",
40 -e 's/$/ RENAME TABLE auth_cookie TO auth_cookie_original, auth_cook ie_federated TO auth_cookie;/' \
41 | mysql -utrac -p'${private::trac::database_password}' trac_orders
42 ",
43 unless => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute 'SHOW CREATE TABLE auth_cookie' | grep FEDERATED",
Wladimir Palant 2014/07/22 13:52:24 This is quite complex, and there are lots of warni
mathias 2014/07/24 16:36:49 Sure, it does. Yet it does not allow to move to a
44 path => "/usr/bin:/usr/sbin:/bin:/usr/local/bin", 40 path => "/usr/bin:/usr/sbin:/bin:/usr/local/bin",
45 require => [ 41 require => [
46 Exec["deploy_trac"], 42 Exec["deploy_issues"],
47 Exec["deploy_orders"], 43 Exec["deploy_orders"],
48 ], 44 ],
49 } 45 }
50 46
51 # Synchronizing e-mail and password information between the project 47 # Synchronizing e-mail and password information between the project
52 # allows for logging in from any entry point - whilst maintaining a 48 # allows for logging in from any entry point - whilst maintaining a
53 # registration form (and process) in one project only. 49 # registration form (and process) in one project only.
Wladimir Palant 2014/07/22 13:52:24 Why do we want this table to be synced (rather inf
mathias 2014/07/24 16:36:49 Because the Trac software also stores other inform
54 cron {'trac_session_attribute_sync': 50 cron {'trac_session_attribute_sync':
55 ensure => present, 51 ensure => present,
56 user => trac, 52 user => trac,
57 minute => '*/30', 53 minute => '*/30',
58 command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' \ 54 command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' \
59 INSERT INTO session_attribute (sid, authenticated, name, value) SELECT sid , authenticated, name, value \ 55 INSERT INTO session_attribute (sid, authenticated, name, value) SELECT sid , authenticated, name, value \
60 FROM trac.session_attribute WHERE authenticated = 1 AND name IN (\"email\" , \"password\") \ 56 FROM trac.session_attribute WHERE authenticated = 1 AND name IN (\"email\" , \"password\") \
61 ON DUPLICATE KEY UPDATE value=VALUES(value) ' >/dev/null 57 ON DUPLICATE KEY UPDATE value=VALUES(value) ' >/dev/null
62 ", 58 ",
63 require => Exec['trac_auth_cookie_federated'], 59 require => Exec['trac_auth_cookie_view'],
60 }
61
62 # This directive is required due to legacy issues, where only one trac
63 # project was configured. Now we want to have more verbose names, e.g.
64 # tracd_issues and tracd_orders, but the spawn-fcgi module doesn't remove
65 # unmentioned former setups. So, in order to avoid conflicts or manual
66 # intervention during rollout, we must keep this statement here and never
67 # re-use the name again. Ugly, but neccessary.
68 spawn-fcgi::pool {"tracd":
69 ensure => absent,
70 require => Exec['tracd_kludge'],
71 }
72
73 # Unfortunately, the spawn-fcgi module is not capable of stopping the
74 # processes of pools that are changed to absent - simply because it removes
75 # the configuration file and the subsequent reload or restart does not
76 # recognize the pool any more. Thus, we have to ensure that the service is
77 # stopped before:
78 exec { 'tracd_kludge':
79 command => 'service spawn-fcgi stop',
80 onlyif => 'service spawn-fcgi status',
81 path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
82 notify => Service['spawn-fcgi'],
83 }
84
85 # Pretty similar to the "tracd" pool issue above: The trac-admin initenv
86 # command would fail for environment-issues after creation of the directory
87 # structure, when it comes to the database setup (which already exists),
88 # if we do not handle the existing resources manually..
89 exec { 'trac_env_issues_kludge':
90 command => 'ln -s environment /home/trac/environment-issues',
91 before => Exec['trac_env_issues'],
92 path => "/usr/bin:/bin",
93 user => trac,
94 onlyif => 'test -d /home/trac/environment && \
95 test ! -e /home/trac/environment-issues',
96 require => User['trac'],
64 } 97 }
65 98
66 class {'nagios::client': 99 class {'nagios::client':
67 server_address => 'monitoring.adblockplus.org' 100 server_address => 'monitoring.adblockplus.org'
68 } 101 }
69 } 102 }
LEFTRIGHT

Powered by Google App Engine
This is Rietveld