modules/hgweb/manifests/init.pp - Issue 29323409: Issue 2867 - Introduce module hgweb and corresponding server role

Side by Side Diff: modules/hgweb/manifests/init.pp

Issue 29323409: Issue 2867 - Introduce module hgweb and corresponding server role (Closed)

Patch Set: Issue 2867 - Fixes for issues discovered during test + merge with upstream Created Aug. 17, 2015, 10:50 a.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 # == Class: hgweb

	2 #

	3 # A hgweb server setup.

	4 #

	5 # === Parameters:

	6 #

	7 # [domain]

	8 # The auhority part of the URL the instance is associated with.

	9 #

	10 # [is_default]

	11 # Whether the $domain shall become set up as default (or fallback)

	12 # within the HTTP daemon.

	13 #

	14 # [certificate]

	15 # The name of the SSL certificate file within modules/private/files, if

	16 # any. Requires a private_key as well.

	17 #

	18 # [private_key]

	19 # The name of the private key file within modules/private/files, if any.

	20 # Requires a certificate as well.

	21 #

	22 # [hgaccess]

	23 # A prototype directory source for the hgaccess repository.

	24 #

	25 # === Examples:

	26 #

	27 # class {'hgweb':

	28 # domain => 'localhost',

	29 # }

	30 #

	31 class hgweb(

	32 $domain,

	33 $is_default = false,

	34 $certificate = hiera('hgweb::certificate', 'undef'),

	35 $private_key = hiera('hgweb::private_key', 'undef'),

	36 $hgaccess = 'puppet:///modules/hgweb/hgaccess',

	37 ) {

	38

	39 include ssh, nginx

	40

	41 $required_packages = ['mercurial-common', 'python-flup', 'spawn-fcgi']

	42 ensure_packages($required_packages)

	43

	44 class {'sitescripts':

	45 sitescriptsini_content => template('hgweb/sitescripts.ini.erb'),

	46 }

	47

	48

	49 user {'hg':

	50 comment => 'hgweb',

	51 groups => ['www-data'],

	52 home => '/home/hg',

	53 managehome => true,

	54 shell => '/bin/bash',

	55 }

	56

	57

	58 file {'/home/hg/.ssh':

	59 ensure => 'directory',

	60 group => 'hg',

	61 mode => 0750,

	62 owner => 'hg',

	63 require => User['hg'],

	64 }

	65

	66 file {'/home/hg/web':

	67 ensure => 'directory',

	68 group => 'hg',

	69 mode => 0755,

	70 owner => 'hg',

	71 require => User['hg'],

	72 }

	73

	74 file {'/home/hg/web/hgaccess':

	75 ensure => 'directory',

	76 group => 'hg',

	77 mode => 0644,

	78 owner => 'hg',

	79 recurse => true,

	80 replace => false,

	81 require => File['/home/hg/web'],

	82 source => $hgaccess,

	83 }

	84

	85 file {'/home/hg/web/hgaccess/.hg/hgrc':

	86 content => template('hgweb/hgrc.erb'),

	87 group => 'hg',

	88 mode => 0644,

	89 owner => 'hg',

	90 require => [

	91 Class['sitescripts'],

	92 Exec['hgaccess_init'],

	93 ],

	94 }

	95

	96

	97 exec {'hgaccess_init':

	98 command => 'hg init .',

	99 creates => '/home/hg/web/hgaccess/.hg',

	100 cwd => '/home/hg/web/hgaccess',

	101 logoutput => true,

	102 path => '/usr/local/bin:/usr/bin:/bin',

	103 require => File['/home/hg/web/hgaccess'],

	104 user => 'hg',

	105 }

	106

	107 exec {'hgaccess_commit':

	108 command => 'hg add . && hg commit -u Puppet -m "Initial commit"',

	109 creates => '/home/hg/.ssh/authorized_keys',

	110 cwd => '/home/hg/web/hgaccess',

	111 environment => ['PYTHONPATH=/opt/sitescripts'],

	112 logoutput => true,

	113 path => '/usr/local/bin:/usr/bin:/bin',

	114 require => [

	115 File['/home/hg/web/hgaccess/.hg/hgrc'],

	116 File['/home/hg/.ssh'],

	117 ],

	118 user => 'hg',

	119 }

	120

	121
	Felix Dahlke 2015/08/17 18:05:03 Nit: Superfluous empty line? Can't tell if it's de Nit: Superfluous empty line? Can't tell if it's deliberate. mathias 2015/08/17 18:16:45 It isn't. Wasn't. Show quoted text On 2015/08/17 18:05:03, Felix Dahlke wrote: > Nit: Superfluous empty line? Can't tell if it's deliberate. It isn't. Wasn't.
	122 concat::fragment {'sshd_user_hg':

	123 content => 'Match User hg

	124 AllowTcpForwarding no

	125 X11Forwarding no

	126 AllowAgentForwarding no

	127 GatewayPorts no

	128 ForceCommand cd ~/web && PYTHONPATH=/opt/sitescripts hg-ssh $HGREPOS

	129 ',

	130 order => '99',

	131 target => 'sshd_config',

	132 }

	133

	134

	135 file {'/etc/hgweb.ini':

	136 mode => 644,

	137 require => Package[$required_packages],

	138 source => 'puppet:///modules/hgweb/hgweb.ini',

	139 }

	140

	141 file {'/opt/hgweb.fcgi':

	142 mode => 755,

	143 require => File['/etc/hgweb.ini'],

	144 source => 'puppet:///modules/hgweb/hgweb.fcgi',

	145 }

	146

	147 file {'/etc/init.d/hgweb':

	148 mode => 755,

	149 require => File['/opt/hgweb.fcgi'],

	150 source => 'puppet:///modules/hgweb/hgweb.sh',

	151 }

	152

	153 file {'/home/hg/web/robots.txt':

	154 group => 'hg',

	155 mode => 0644,

	156 owner => 'hg',

	157 require => File['/home/hg/web'],

	158 source => 'puppet:///modules/hgweb/robots.txt',

	159 }

	160

	161 service {'hgweb':

	162 enable => true,

	163 ensure => 'running',

	164 hasrestart => true,

	165 hasstatus => false,

	166 pattern => 'hgweb.fcgi',

	167 require => File['/etc/init.d/hgweb'],

	168 subscribe => File['/etc/hgweb.ini'],

	169 }

	170

	171 nginx::hostconfig {$domain:

	172 certificate => $certificate ? {

	173 'undef' => undef,

	174 default => $certificate,

	175 },

	176 source => 'puppet:///modules/hgweb/nginx.conf',

	177 is_default => $is_default,

	178 log => 'access_log_hg',

	179 private_key => $private_key ? {

	180 'undef' => undef,

	181 default => $private_key,

	182 },

	183 }

	184 }

OLD	NEW

« modules/hgweb/files/hgaccess/repos/hgaccess ('K') | « modules/hgweb/files/robots.txt ('k') | modules/hgweb/templates/hgrc.erb » ('j') | no next file with comments »