Side by Side Diff: manifests/issuesserver.pp
Issue 5735669590654976:
#753 - set up an order system to let eyeo employees file order requests (Closed)
Patch Set: #753 - set up an order system to let eyeo employees file order requests
Created Aug. 1, 2014, 4:25 p.m.
| Left: | ||
| Right: |
Use n/p to move between diff chunks;
N/P to move between comments.
« no previous file with comments
|
« no previous file
|
modules/trac/files/eyeo_logo.png » ('j')
|
no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| OLD | NEW |
|---|---|
| 1 node 'issues1' { | 1 node 'issues1' { |
| 2 include base | 2 |
| 3 include base, private::trac | |
| 3 | 4 |
| 4 class {'trac': | 5 class {'trac': |
| 5 domain => 'issues.adblockplus.org', | 6 domain => 'issues.adblockplus.org', |
| 6 certificate => 'issues.adblockplus.org_sslcert.pem', | 7 certificate => 'issues.adblockplus.org_sslcert.pem', |
| 7 private_key => 'issues.adblockplus.org_sslcert.key', | 8 private_key => 'issues.adblockplus.org_sslcert.key', |
| 8 is_default => true, | 9 is_default => true, |
| 9 } | 10 } |
| 10 | 11 |
| 12 trac::instance {'issues': | |
| 13 config => 'trac/trac.ini.erb', | |
| 14 description => 'Adblock Plus Issue Tracker', | |
| 15 location => '/', | |
| 16 logo => 'puppet:///modules/trac/adblockplus_logo.png', | |
| 17 database => 'trac', | |
| 18 permissions => "puppet:///modules/trac/permissions.csv", | |
| 19 } | |
| 20 | |
| 21 trac::instance {'orders': | |
| 22 config => 'trac/orders.ini.erb', | |
| 23 description => 'Eyeo Order System', | |
| 24 location => '/orders', | |
| 25 logo => 'puppet:///modules/trac/eyeo_logo.png', | |
| 26 database => 'trac_orders', | |
| 27 permissions => "puppet:///modules/trac/order-permissions.csv", | |
| 28 } | |
| 29 | |
| 30 # Transforming the auth_cookie table of the "new" Trac project into an | |
| 31 # insertable view for the "old" project's table of the same name avoids | |
| 32 # the need to convert the entire auth to htpasswd-file handling, which | |
| 33 # would be the official way to go for achieving a shared authentication. | |
| 34 exec { 'trac_auth_cookie_view': | |
| 35 command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' | |
| 36 DROP TABLE IF EXISTS auth_cookie; | |
| 37 CREATE VIEW auth_cookie AS SELECT * FROM trac.auth_cookie;'", | |
| 38 unless => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' | |
| 39 SHOW CREATE VIEW auth_cookie'", | |
| 40 path => "/usr/bin:/usr/sbin:/bin:/usr/local/bin", | |
| 41 require => [ | |
| 42 Exec["deploy_issues"], | |
| 43 Exec["deploy_orders"], | |
| 44 ], | |
| 45 } | |
| 46 | |
| 47 # Synchronizing e-mail and password information between the project | |
| 48 # allows for logging in from any entry point - whilst maintaining a | |
| 49 # registration form (and process) in one project only. | |
| 50 cron {'trac_session_attribute_sync': | |
| 51 ensure => present, | |
| 52 user => trac, | |
| 53 minute => '*/30', | |
| 54 command => "mysql -utrac -p'${private::trac::database_password}' trac_orders --execute ' \ | |
| 55 INSERT INTO session_attribute (sid, authenticated, name, value) SELECT sid , authenticated, name, value \ | |
| 56 FROM trac.session_attribute WHERE authenticated = 1 AND name IN (\"email\" , \"password\") \ | |
| 57 ON DUPLICATE KEY UPDATE value=VALUES(value) ' >/dev/null | |
| 58 ", | |
| 59 require => Exec['trac_auth_cookie_view'], | |
| 60 } | |
| 61 | |
| 62 # This directive is required due to legacy issues, where only one trac | |
| 63 # project was configured. Now we want to have more verbose names, e.g. | |
| 64 # tracd_issues and tracd_orders, but the spawn-fcgi module doesn't remove | |
| 65 # unmentioned former setups. So, in order to avoid conflicts or manual | |
| 66 # intervention during rollout, we must keep this statement here and never | |
| 67 # re-use the name again. Ugly, but neccessary. | |
| 68 spawn-fcgi::pool {"tracd": | |
| 69 ensure => absent, | |
| 70 require => Exec['tracd_kludge'], | |
| 71 } | |
| 72 | |
| 73 # Unfortunately, the spawn-fcgi module is not capable of stopping the | |
| 74 # processes of pools that are changed to absent - simply because it removes | |
| 75 # the configuration file and the subsequent reload or restart does not | |
| 76 # recognize the pool any more. Thus, we have to ensure that the service is | |
| 77 # stopped before: | |
| 78 exec { 'tracd_kludge': | |
| 79 command => 'service spawn-fcgi stop', | |
| 80 onlyif => 'service spawn-fcgi status', | |
| 81 path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', | |
| 82 } | |
| 83 | |
| 84 # Pretty similar to the "tracd" pool issue above: The trac-admin initenv | |
| 85 # command would fail for environment-issues after creation of the directory | |
| 86 # structure, when it comes to the database setup (which already exists), | |
| 87 # if we do not handle the existing resources manually.. | |
| 88 exec { 'trac_env_issues_kludge': | |
| 89 command => 'ln -s environment /home/trac/environment-issues', | |
| 90 before => Exec['trac_env_issues'], | |
| 91 path => "/usr/bin:/bin", | |
| 92 user => trac, | |
| 93 onlyif => 'test -d /home/trac/environment', | |
| 94 require => User['trac'], | |
| 95 } | |
| 96 | |
| 11 class {'nagios::client': | 97 class {'nagios::client': |
| 12 server_address => 'monitoring.adblockplus.org' | 98 server_address => 'monitoring.adblockplus.org' |
| 13 } | 99 } |
| 14 } | 100 } |
| OLD | NEW |
« no previous file with comments
|
« no previous file
|
modules/trac/files/eyeo_logo.png » ('j')
|
no next file with comments »
