modules/updateserver/manifests/init.pp - Issue 5071748311547904: Issue 1094 - Generate update manifests on the update server

Side by Side Diff: modules/updateserver/manifests/init.pp

Issue 5071748311547904: Issue 1094 - Generate update manifests on the update server (Closed)

Patch Set: Created July 24, 2014, 2:16 p.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View unified diff | Download patch

« no previous file with comments | « modules/updateserver/files/sitescripts ('k') | modules/updateserver/templates/update_update_manifests.erb » ('j') | modules/updateserver/templates/update_update_manifests.erb » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 class updateserver(	1 class updateserver(

2 $domain,	2 $domain,

3 $certificate,	3 $certificate,

4 $private_key,	4 $private_key,

5 $is_default=false	5 $is_default=false

6 ) {	6 ) {

7 class {'nginx':	7 class {'nginx':

8 worker_processes => 2,	8 worker_processes => 2,

9 worker_connections => 4000,	9 worker_connections => 4000,

10 ssl_session_cache => off,	10 ssl_session_cache => off,

11 }	11 }

12	12

13 File {	13 File {

14 owner => root,	14 owner => root,

15 group => root	15 group => root

16 }	16 }

17	17

18 file {'/var/www':	18 file {'/var/www':

19 ensure => directory,	19 ensure => directory,

20 mode => 0755,	20 mode => 0755,

21 require => Package['nginx']	21 require => Package['nginx']

22 }	22 }

23	23

24 file {'/var/www/update':	24 file {'/var/www/update':

25 ensure => directory,	25 ensure => directory,

26 mode => 0755	26 mode => 0755

27 }	27 }

28	28

	29 $update_manifest_dirs = ['/var/www/update/adblockplus',
	mathias 2014/07/25 07:04:28 Now that /var/www/update is used over and over, I' Now that /var/www/update is used over and over, I'd prefer using a variable for this prefix, much like $base_dir below. Felix Dahlke 2014/07/25 07:17:45 Done. Show quoted text On 2014/07/25 07:04:28, matze wrote: > Now that /var/www/update is used over and over, I'd prefer using a variable for > this prefix, much like $base_dir below. Done.
	30 '/var/www/update/adblockplusandroid',

	31 '/var/www/update/adblockplussafari']

	32

	33 file {$update_manifest_dirs:

	34 ensure => directory,

	35 mode => 0755

	36 }

	37

29 file {'/var/www/update/adblockplusie':	38 file {'/var/www/update/adblockplusie':
	mathias 2014/07/25 07:04:28 I assume it's intentional that adblockplusie is no I assume it's intentional that adblockplusie is not included in the $update_manifest_dirs? (I don't know these parts of our infrastructure, software and requirements well enough yet to answer that myself..) Felix Dahlke 2014/07/25 07:17:45 Yup, we can't generate that one yet with how thing Show quoted text On 2014/07/25 07:04:28, matze wrote: > I assume it's intentional that adblockplusie is not included in the > $update_manifest_dirs? (I don't know these parts of our infrastructure, software > and requirements well enough yet to answer that myself..) Yup, we can't generate that one yet with how things currently are in sitescripts. Working on that in parallel, will be a separate patch.
30 ensure => directory,	39 ensure => directory,

31 mode => 0755	40 mode => 0755

32 }	41 }

33	42

34 file {'/var/www/update/adblockplusie/update.json':	43 file {'/var/www/update/adblockplusie/update.json':

35 ensure => file,	44 ensure => file,

36 source => 'puppet:///modules/updateserver/adblockplusie/update.json',	45 source => 'puppet:///modules/updateserver/adblockplusie/update.json',

37 mode => 0644	46 mode => 0644

38 }	47 }

39	48

40 nginx::hostconfig{$domain:	49 nginx::hostconfig{$domain:

41 source => 'puppet:///modules/updateserver/site.conf',	50 source => 'puppet:///modules/updateserver/site.conf',

42 is_default => $is_default,	51 is_default => $is_default,

43 certificate => $certificate,	52 certificate => $certificate,

44 private_key => $private_key,	53 private_key => $private_key,

45 log => 'access_log_update'	54 log => 'access_log_update'

46 }	55 }

	56

	57 class {'sitescripts':

	58 sitescriptsini_source => 'puppet:///modules/updateserver/sitescripts'

	59 }

	60

	61 $base_dir = '/var/lib/adblockplus'

	62

	63 file {$base_dir:

	64 ensure => directory,

	65 mode => 0755

	66 }

	67

	68 $safari_certificate_path = "${base_dir}/adblockplussafari.pem"

	69

	70 file {$safari_certificate_path:

	71 source => 'puppet:///modules/private/adblockplussafari.pem'

	72 }

	73

	74 $repositories_to_sync = ['downloads', 'adblockplus', 'adblockplusandroid',

	75 'adblockpluschrome', 'elemhidehelper', 'abpwatcher',

	76 'abpcustomization', 'urlfixer']

	77

	78 define fetch_repository() {

	79 $repository_path = "${updateserver::base_dir}/${title}"

	80 exec {"fetch_repository_${title}":

	81 command => "hg clone https://hg.adblockplus.org/${title} ${repository_path }",

	82 path => '/usr/bin',
	mathias 2014/07/25 07:04:28 Are you sure that hg(1) is available in /usr/bin? Are you sure that hg(1) is available in /usr/bin? Felix Dahlke 2014/07/25 07:17:45 Yes. Show quoted text On 2014/07/25 07:04:28, matze wrote: > Are you sure that hg(1) is available in /usr/bin? Yes. Wladimir Palant 2014/07/25 09:54:39 Thinking a bit more about it - this does look like Show quoted text On 2014/07/25 07:17:45, Felix H. Dahlke wrote: > On 2014/07/25 07:04:28, matze wrote: > > Are you sure that hg(1) is available in /usr/bin? > > Yes. Thinking a bit more about it - this does look like a bad assumption. What if we at some point decide to install Mercurial via pip? I'd rather go with a standard search path like '/bin:/usr/bin:/usr/sbin:/usr/local/bin'. Felix Dahlke 2014/07/25 10:31:15 Done. Left sbin out since I really wouldn't expect Show quoted text On 2014/07/25 09:54:39, Wladimir Palant wrote: > On 2014/07/25 07:17:45, Felix H. Dahlke wrote: > > On 2014/07/25 07:04:28, matze wrote: > > > Are you sure that hg(1) is available in /usr/bin? > > > > Yes. > > Thinking a bit more about it - this does look like a bad assumption. What if we > at some point decide to install Mercurial via pip? I'd rather go with a standard > search path like '/bin:/usr/bin:/usr/sbin:/usr/local/bin'. Done. Left sbin out since I really wouldn't expect hg there.
	83 timeout => 0,

	84 onlyif => "test ! -d ${repository_path}",

	85 require => [Package['mercurial'], File[$updateserver::base_dir]]

	86 }

	87 }

	88

	89 fetch_repository {$repositories_to_sync: }

	90

	91 $update_update_manifests_script = '/usr/local/bin/update_update_manifests'
	mathias 2014/07/25 07:04:28 Is the update_update prefix intentional? Is the update_update prefix intentional? Felix Dahlke 2014/07/25 07:17:45 Yes, we're updating update manifests here. Show quoted text On 2014/07/25 07:04:28, matze wrote: > Is the update_update prefix intentional? Yes, we're updating update manifests here.
	92

	93 file {$update_update_manifests_script:

	94 mode => '0755',

	95 content => template('updateserver/update_update_manifests.erb')

	96 }

	97

	98 $update_update_manifests_dependencies = ['python-m2crypto', 'python-jinja2']
	mathias 2014/07/25 07:04:28 Is the update_update prefix intentional? Is the update_update prefix intentional? Felix Dahlke 2014/07/25 07:17:45 Yes. Show quoted text On 2014/07/25 07:04:28, matze wrote: > Is the update_update prefix intentional? Yes.
	99

	100 package {$update_update_manifests_dependencies:}

	101

	102 exec {'update_update_manifests':

	103 command => $update_update_manifests_script,

	104 timeout => 0,

	105 require => [Exec['fetch_sitescripts'],

	106 Fetch_repository[$repositories_to_sync],

	107 File[$update_update_manifests_script],

	108 File[$update_manifest_dirs], File[$safari_certificate_path],

	109 Package[$update_update_manifests_dependencies]]

	110 }

	111

	112 cron {'update_update_manifests':

	113 ensure => present,

	114 environment => ['MAILTO=admins@adblockplus.org'],

	115 command => $update_update_manifests_script,

	116 minute => '*/10',

	117 require => Exec['update_update_manifests']

	118 }

47 }	119 }

OLD	NEW