manifests/issuesserver.pp - Issue 5735669590654976: #753 - set up an order system to let eyeo employees file order requests

Unified Diff: manifests/issuesserver.pp

Issue 5735669590654976: #753 - set up an order system to let eyeo employees file order requests (Closed)

Patch Set: #753 - set up an order system to let eyeo employees file order requests Created July 22, 2014, 12:47 a.m.

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: manifests/issuesserver.pp

===================================================================

--- a/manifests/issuesserver.pp

+++ b/manifests/issuesserver.pp

@@ -1,5 +1,6 @@

node 'issues1' {

- include base

+ include base, private::trac

class {'trac':

domain => 'issues.adblockplus.org',

@@ -8,6 +9,60 @@

is_default => true,

}

+ trac::instance {'trac':

+ config => 'trac/trac.ini.erb',

+ description => 'Adblock Plus Issue Tracker',

+ environment => 'environment',

+ location => '/',

+ logo => 'adblockplus_logo.png',

+ database => 'trac',

+ }

+ trac::instance {'orders':

+ config => 'trac/orders.ini.erb',

+ description => 'Eyeo Order System',

+ environment => 'environment-orders',

+ location => '/orders/',

+ logo => 'eyeo_logo.png',

+ database => 'trac_orders',

+ }

+ # Transforming the auth_cookie table of the "new" Trac project into a

+ # federated uplink for the "old" project's table of the same name avoids

+ # the need to convert the entire auth to htpasswd-file handling, which

+ # would be the official way to go for achieving a shared authentication.

+ exec { 'trac_auth_cookie_federated':

+ command => "mysql -utrac -p'${private::trac::database_password}' trac --execute 'SHOW CREATE TABLE auth_cookie' -N \

+ | cut -d' ' -f2 \

+ | sed -e 's/auth_cookie/auth_cookie_federated/' -e 's/\\\\n//g' \

+ -e 's/ENGINE=[A-Za-z]\\+/ENGINE=FEDERATED/' \

+ -e 's/$/ CONNECTION=\"mysql:\\/\\/trac:${private::trac::database_password}@localhost\\/trac\\/auth_cookie\";/' \

+ -e 's/$/ RENAME TABLE auth_cookie TO auth_cookie_original, auth_cookie_federated TO auth_cookie;/' \

+ | mysql -utrac -p'${private::trac::database_password}' trac_orders

+ ",

+ unless => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute 'SHOW CREATE TABLE auth_cookie' | grep FEDERATED",

Wladimir Palant 2014/07/22 13:52:24 This is quite complex, and there are lots of warni

mathias 2014/07/24 16:36:49 Sure, it does. Yet it does not allow to move to a

+ path => "/usr/bin:/usr/sbin:/bin:/usr/local/bin",

+ require => [

+ Exec["deploy_trac"],

+ Exec["deploy_orders"],

+ ],

+ }

+ # Synchronizing e-mail and password information between the project

+ # allows for logging in from any entry point - whilst maintaining a

+ # registration form (and process) in one project only.

Wladimir Palant 2014/07/22 13:52:24 Why do we want this table to be synced (rather inf

mathias 2014/07/24 16:36:49 Because the Trac software also stores other inform

+ cron {'trac_session_attribute_sync':

+ ensure => present,

+ user => trac,

+ minute => '*/30',

+ command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' \

+ INSERT INTO session_attribute (sid, authenticated, name, value) SELECT sid, authenticated, name, value \

+ FROM trac.session_attribute WHERE authenticated = 1 AND name IN (\"email\", \"password\") \

+ ON DUPLICATE KEY UPDATE value=VALUES(value) ' >/dev/null

+ ",

+ require => Exec['trac_auth_cookie_federated'],

+ }

class {'nagios::client':

server_address => 'monitoring.adblockplus.org'

}

« no previous file with comments | « no previous file | manifests/nodes.pp » ('j') | modules/trac/files/order-permissions.csv » ('J')