summaryrefslogtreecommitdiff
path: root/files/puppet/modules/pixelated/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'files/puppet/modules/pixelated/manifests')
-rw-r--r--files/puppet/modules/pixelated/manifests/agent.pp81
-rw-r--r--files/puppet/modules/pixelated/manifests/apt.pp21
-rw-r--r--files/puppet/modules/pixelated/manifests/apt/preferences.pp18
-rw-r--r--files/puppet/modules/pixelated/manifests/init.pp5
-rw-r--r--files/puppet/modules/pixelated/manifests/remove.pp9
-rw-r--r--files/puppet/modules/pixelated/manifests/syslog.pp18
-rw-r--r--files/puppet/modules/pixelated/manifests/tests.pp57
-rw-r--r--files/puppet/modules/pixelated/manifests/unattended_upgrades.pp10
8 files changed, 219 insertions, 0 deletions
diff --git a/files/puppet/modules/pixelated/manifests/agent.pp b/files/puppet/modules/pixelated/manifests/agent.pp
new file mode 100644
index 0000000..c689799
--- /dev/null
+++ b/files/puppet/modules/pixelated/manifests/agent.pp
@@ -0,0 +1,81 @@
+# configure and install the pixelated user agent
+class pixelated::agent {
+ include ::pixelated::apt
+ include ::pixelated::apt::preferences
+ include ::pixelated::unattended_upgrades
+ include ::pixelated::syslog
+ include ::pixelated::tests
+
+ $domain_hash = hiera('domain')
+ $domain = $domain_hash['full_suffix']
+ $services = hiera('services')
+ $default_file = '/etc/default/pixelated-server'
+
+ package { 'pixelated-server':
+ ensure => installed,
+ }
+
+ service { 'pixelated-server':
+ ensure => running,
+ require => Package['pixelated-server'],
+ }
+
+ file { $default_file:
+ content => template('pixelated/pixelated-server-default'),
+ mode => '0644',
+ owner => 'root',
+ group => 'root',
+ notify => Service['pixelated-server'],
+ require => Package['pixelated-server'],
+ }
+
+ # make pixelated accessible at https://mail.domain/
+ apache::vhost::file { 'pixelated':
+ content => template('pixelated/pixelated-apache.conf.erb'),
+ mod_security => false,
+ }
+
+ # Allow traffic from outside to pixelated
+ file { '/etc/shorewall/macro.pixelated_user_agent':
+ content => 'PARAM - - tcp 8080',
+ notify => Service['shorewall'],
+ require => Package['shorewall']
+ }
+
+ shorewall::rule {
+ 'net2fw-pixelated-user-agent':
+ source => 'net',
+ destination => '$FW',
+ action => 'pixelated_user_agent(ACCEPT)',
+ order => 200;
+ }
+
+
+ # webapp customizations
+ file{ ['/srv/leap/webapp/config/customization/locales/','/srv/leap/webapp/config/customization/views','/srv/leap/webapp/config/customization/views/common','/srv/leap/webapp/config/customization/views/users']:
+ ensure => directory,
+ owner => 'leap-webapp',
+ group => 'leap-webapp',
+ require => Vcsrepo['/srv/leap/webapp'],
+ }
+ file{ '/srv/leap/webapp/config/customization/views/common/_download_button.html.haml':
+ source => 'puppet:///modules/pixelated/webapp/views/common/_download_button.html.haml',
+ owner => 'leap-webapp',
+ group => 'leap-webapp',
+ require => File['/srv/leap/webapp/config/customization/views/common'],
+ }
+ file{ '/srv/leap/webapp/config/customization/locales/en.yml':
+ source => 'puppet:///modules/pixelated/webapp/locales/en.yml',
+ owner => 'leap-webapp',
+ group => 'leap-webapp',
+ require => File['/srv/leap/webapp/config/customization/views/common'],
+ }
+ file{ '/srv/leap/webapp/config/customization/views/users/show.html.haml':
+ content => template('pixelated/webapp/show.html.haml.erb'),
+ owner => 'leap-webapp',
+ group => 'leap-webapp',
+ require => File['/srv/leap/webapp/config/customization/views/common'],
+ }
+
+}
+
diff --git a/files/puppet/modules/pixelated/manifests/apt.pp b/files/puppet/modules/pixelated/manifests/apt.pp
new file mode 100644
index 0000000..2de5112
--- /dev/null
+++ b/files/puppet/modules/pixelated/manifests/apt.pp
@@ -0,0 +1,21 @@
+# add the pixelated sources and the signing key
+class pixelated::apt {
+
+ include apt
+
+ apt::sources_list { 'pixelated.list':
+ content => "deb [arch=amd64] http://packages.pixelated-project.org/debian ${::lsbdistcodename}-snapshots main\ndeb [arch=amd64] http://packages.pixelated-project.org/debian ${::lsbdistcodename} main\n",
+ require => Exec[add_pixelated_key],
+ notify => Exec[refresh_apt],
+ }
+
+ file { '/srv/leap/0x287A1542472DC0E3_packages@pixelated-project.org.asc':
+ source => 'puppet:///modules/pixelated/0x287A1542472DC0E3_packages@pixelated-project.org.asc',
+ notify => Exec['add_pixelated_key']
+ }
+ exec{'add_pixelated_key':
+ command => '/usr/bin/apt-key add /srv/leap/0x287A1542472DC0E3_packages@pixelated-project.org.asc',
+ refreshonly => true,
+ require => File['/srv/leap/0x287A1542472DC0E3_packages@pixelated-project.org.asc'],
+ }
+}
diff --git a/files/puppet/modules/pixelated/manifests/apt/preferences.pp b/files/puppet/modules/pixelated/manifests/apt/preferences.pp
new file mode 100644
index 0000000..719117b
--- /dev/null
+++ b/files/puppet/modules/pixelated/manifests/apt/preferences.pp
@@ -0,0 +1,18 @@
+# pin packages so they have precedence over those from the leap repo
+class pixelated::apt::preferences {
+
+ apt::preferences_snippet { ['python-urllib3', 'python-requests','python-six']:
+ release => "${::lsbdistcodename}-backports",
+ priority => 999
+ }
+
+ apt::preferences_snippet { ['soledad-server',
+ 'soledad-common',
+ 'soledad-client',
+ 'leap-keymanager',
+ 'leap-auth']:
+ pin => 'release o=pixelated',
+ priority => 999,
+ }
+
+}
diff --git a/files/puppet/modules/pixelated/manifests/init.pp b/files/puppet/modules/pixelated/manifests/init.pp
new file mode 100644
index 0000000..6d31f68
--- /dev/null
+++ b/files/puppet/modules/pixelated/manifests/init.pp
@@ -0,0 +1,5 @@
+# setup pixelated
+class pixelated {
+ include pixelated::agent
+}
+
diff --git a/files/puppet/modules/pixelated/manifests/remove.pp b/files/puppet/modules/pixelated/manifests/remove.pp
new file mode 100644
index 0000000..4fcfc9f
--- /dev/null
+++ b/files/puppet/modules/pixelated/manifests/remove.pp
@@ -0,0 +1,9 @@
+# remove obsolent stuff we deployed by earlier versions of
+# this module
+
+#
+class pixelated::remove {
+ tidy {
+ ['/etc/apt/preferences.d/leap-mx','/etc/apt/preferences.d/python-leap-common']:;
+ }
+}
diff --git a/files/puppet/modules/pixelated/manifests/syslog.pp b/files/puppet/modules/pixelated/manifests/syslog.pp
new file mode 100644
index 0000000..1695a6f
--- /dev/null
+++ b/files/puppet/modules/pixelated/manifests/syslog.pp
@@ -0,0 +1,18 @@
+#
+class pixelated::syslog {
+ File {
+ owner => root,
+ group => root,
+ mode => '0644',
+ }
+
+ rsyslog::snippet { '05-pixelated':
+ content => template('pixelated/05-pixelated.conf.erb'),
+ }
+
+ file { '/etc/logrotate.d/pixelated':
+ ensure => present,
+ source => 'puppet:///modules/pixelated/syslog/pixelated',
+ }
+
+}
diff --git a/files/puppet/modules/pixelated/manifests/tests.pp b/files/puppet/modules/pixelated/manifests/tests.pp
new file mode 100644
index 0000000..a0264ae
--- /dev/null
+++ b/files/puppet/modules/pixelated/manifests/tests.pp
@@ -0,0 +1,57 @@
+# Install functional test for Pixelated based on bahave and phantomjs
+# The tetst are integrated in 'leap test'
+class pixelated::tests {
+ include stdlib
+ $webapp = hiera('webapp')
+ $invite = $webapp['invite_required']
+ File {
+ owner => root,
+ group => root,
+ mode => '0644',
+ }
+
+ file { '/srv/leap/tests_custom':
+ ensure => directory,
+ mode => '0755',
+ }
+ file { '/srv/leap/tests_custom/pixelated.rb':
+ source => 'puppet:///modules/pixelated/leap_test.rb',
+ owner => 'root',
+ group => 'root',
+ mode => '0755',
+ }
+
+ ensure_packages(['python-pip', 'curl', 'bzip2', 'python-enum','python-pycurl'])
+
+ package{['behave','selenium']:
+ ensure => installed,
+ provider => 'pip',
+ require => Package['python-pip'],
+ }
+
+ file{'/usr/local/bin/phantomjs':
+ source => 'puppet:///modules/pixelated/phantomjs',
+ owner => 'root',
+ group => 'root',
+ mode => '0755',
+ }
+
+ file{'/srv/leap/tests_custom/functional-tests':
+ ensure => directory,
+ recurse => true,
+ purge => true,
+ source => 'puppet:///modules/pixelated/functional-tests',
+ }
+ cron {'run_functional_tests':
+ command => "(date; INVITE_CODE_ENABLED=$invite /usr/bin/mk-job pixelated-functional-tests /usr/local/bin/behave --tags @staging --tags ~@wip --no-capture -k /srv/leap/tests_custom/functional-tests/) >> /var/log/check_mk_jobs.log 2>&1",
+ environment => 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
+ user => 'root',
+ minute => 27,
+ notify => Exec['dummy_register_job'],
+ }
+ exec {'dummy_register_job':
+ command => '/usr/bin/mk-job pixelated-functional-tests /bin/true',
+ require => Class['::check_mk::agent::install'],
+ refreshonly => true,
+ }
+}
diff --git a/files/puppet/modules/pixelated/manifests/unattended_upgrades.pp b/files/puppet/modules/pixelated/manifests/unattended_upgrades.pp
new file mode 100644
index 0000000..dc50c26
--- /dev/null
+++ b/files/puppet/modules/pixelated/manifests/unattended_upgrades.pp
@@ -0,0 +1,10 @@
+# enable unattended upgrades for pixelated platform
+class pixelated::unattended_upgrades {
+ apt::apt_conf { '51unattended-upgrades_pixelated':
+ source => [
+ "puppet:///modules/pixelated/${::lsbdistid}/51unattended-upgrades_pixelated.${::lsbdistcodename}",
+ "puppet:///modules/pixelated/${::lsbdistid}/51unattended-upgrades_pixelated"],
+ require => Package['unattended-upgrades'],
+ refresh_apt => false,
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 14:14:08 +0000