Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Unified Diff: modules/adblockplus/manifests/web/static.pp

Issue 29733731: #7320 - Introduce helpcenter role (Closed)
Patch Set: For comments 8 and 9 Created April 17, 2018, 6:02 p.m.
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: modules/adblockplus/manifests/web/static.pp
===================================================================
new file mode 100644
--- /dev/null
+++ b/modules/adblockplus/manifests/web/static.pp
@@ -0,0 +1,117 @@
+# == Class: adblockplus::web::static
+#
+# Manage a simple Nginx-based webserver for static content
+# that uses a customizable deployment script to e.g. fetch the content
+# from a repository server (ref. http://hub.eyeo.com/issues/4523)
+#
+# === Parameters:
+#
+# [*domain*]
+# The domain name for the website.
+#
+# [*ssl_certificate*]
+# The name of the SSL certificate file within modules/private/files, if any.
+# Requires a private_key as well.
+#
+# [*ssl_private_key*]
+# The name of the private key file within modules/private/files, if any.
+# Requires a certificate as well.
+#
+# [*ensure*]
+# Whether to set up the website or not, e.g. "asbsent" or "present".
+#
+# [*deploy_user*]
+# User that will be used to issue commands.
+#
+# [*deploy_user_authorized_keys*]
+# Array of public keys that will have access to ssh commands
+#
+# [*hooks*]
+# Hash of adblockplus::web::static::hook items to set up in this context.
+#
+# === Examples:
+#
+# class {'adblockplus::web::static':
+# domain => 'help.eyeo.com',
+# hooks => {
+# own-uname => {
+# file => {
+# content => 'uname -a',
+# }
+# }
+# },
+# }
+#
+class adblockplus::web::static (
+ $domain,
+ $ssl_certificate = undef,
+ $ssl_private_key = undef,
+ $ensure = 'present',
+ $deploy_user = 'web-deploy',
+ $deploy_user_authorized_keys = [],
+ $hooks = {},
+) {
+
+ include adblockplus::web
+ include nginx
+ include ssh
+
+ File {
+ mode => '0755',
+ owner => $deploy_user,
+ group => $deploy_user,
+ }
+
+ ensure_resource('file', "/var/www/$domain", {
+ ensure => ensure_directory_state($ensure),
+ owner => 'www-data',
+ group => 'www-data',
+ })
+
+ ensure_resource('nginx::hostconfig', $title, {
+ content => template('adblockplus/web/static.conf.erb'),
+ certificate => $ssl_certificate,
+ domain => $domain,
+ is_default => true,
+ private_key => $ssl_private_key,
+ log => 'web.access.log',
+ })
+
+ $content = [
+ "Match User ${deploy_user}",
+ 'AllowTcpForwarding no',
+ 'X11Forwarding no',
+ 'AllowAgentForwarding no',
+ 'GatewayPorts no',
+ 'ForceCommand /usr/local/bin/hooks_wrapper $SSH_ORIGINAL_COMMAND',
+ ]
+
+ ensure_resource('concat::fragment', 'helpcenter', {
+ content => join($content, "\n\t"),
+ ensure => 'present',
+ target => 'sshd_config',
+ order => '20',
+ })
+
+ ensure_resource('adblockplus::user', $deploy_user, {
+ authorized_keys => $deploy_user_authorized_keys,
+ ensure => $ensure,
+ shell => '/bin/bash',
+ groups => ['www-data'],
+ })
+
+ $wrapper_path = "/home/${deploy_user}/bin"
+ ensure_resource('file', 'commands_dir', {
+ path => $wrapper_path,
+ ensure => ensure_directory_state($ensure),
+ })
+
+ ensure_resource('file', '/usr/local/bin/hooks_wrapper', {
+ ensure => ensure_file_state($ensure),
+ content => template('adblockplus/web/hooks_wrapper.sh.erb'),
+ })
+
+ # https://docs.puppet.com/puppet/latest/function.html#createresources
+ create_resources('adblockplus::web::static::hook', $hooks)
+}
+

Powered by Google App Engine
This is Rietveld