From 5fbd43d5a948ac7773955a26c1d0cb0db42252d9 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 6 Sep 2016 13:59:05 +0200 Subject: git subrepo clone https://github.com/pixelated/puppet-pixelated.git files/puppet/modules/pixelated subrepo: subdir: "files/puppet/modules/pixelated" merged: "6086b94" upstream: origin: "https://github.com/pixelated/puppet-pixelated.git" branch: "master" commit: "6086b94" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo.git" commit: "1e79595" --- files/puppet/modules/pixelated/manifests/agent.pp | 81 ++++++++++++++++++++++ files/puppet/modules/pixelated/manifests/apt.pp | 21 ++++++ .../modules/pixelated/manifests/apt/preferences.pp | 18 +++++ files/puppet/modules/pixelated/manifests/init.pp | 5 ++ files/puppet/modules/pixelated/manifests/remove.pp | 9 +++ files/puppet/modules/pixelated/manifests/syslog.pp | 18 +++++ files/puppet/modules/pixelated/manifests/tests.pp | 57 +++++++++++++++ .../pixelated/manifests/unattended_upgrades.pp | 10 +++ 8 files changed, 219 insertions(+) create mode 100644 files/puppet/modules/pixelated/manifests/agent.pp create mode 100644 files/puppet/modules/pixelated/manifests/apt.pp create mode 100644 files/puppet/modules/pixelated/manifests/apt/preferences.pp create mode 100644 files/puppet/modules/pixelated/manifests/init.pp create mode 100644 files/puppet/modules/pixelated/manifests/remove.pp create mode 100644 files/puppet/modules/pixelated/manifests/syslog.pp create mode 100644 files/puppet/modules/pixelated/manifests/tests.pp create mode 100644 files/puppet/modules/pixelated/manifests/unattended_upgrades.pp (limited to 'files/puppet/modules/pixelated/manifests') diff --git a/files/puppet/modules/pixelated/manifests/agent.pp b/files/puppet/modules/pixelated/manifests/agent.pp new file mode 100644 index 0000000..c689799 --- /dev/null +++ b/files/puppet/modules/pixelated/manifests/agent.pp @@ -0,0 +1,81 @@ +# configure and install the pixelated user agent +class pixelated::agent { + include ::pixelated::apt + include ::pixelated::apt::preferences + include ::pixelated::unattended_upgrades + include ::pixelated::syslog + include ::pixelated::tests + + $domain_hash = hiera('domain') + $domain = $domain_hash['full_suffix'] + $services = hiera('services') + $default_file = '/etc/default/pixelated-server' + + package { 'pixelated-server': + ensure => installed, + } + + service { 'pixelated-server': + ensure => running, + require => Package['pixelated-server'], + } + + file { $default_file: + content => template('pixelated/pixelated-server-default'), + mode => '0644', + owner => 'root', + group => 'root', + notify => Service['pixelated-server'], + require => Package['pixelated-server'], + } + + # make pixelated accessible at https://mail.domain/ + apache::vhost::file { 'pixelated': + content => template('pixelated/pixelated-apache.conf.erb'), + mod_security => false, + } + + # Allow traffic from outside to pixelated + file { '/etc/shorewall/macro.pixelated_user_agent': + content => 'PARAM - - tcp 8080', + notify => Service['shorewall'], + require => Package['shorewall'] + } + + shorewall::rule { + 'net2fw-pixelated-user-agent': + source => 'net', + destination => '$FW', + action => 'pixelated_user_agent(ACCEPT)', + order => 200; + } + + + # webapp customizations + file{ ['/srv/leap/webapp/config/customization/locales/','/srv/leap/webapp/config/customization/views','/srv/leap/webapp/config/customization/views/common','/srv/leap/webapp/config/customization/views/users']: + ensure => directory, + owner => 'leap-webapp', + group => 'leap-webapp', + require => Vcsrepo['/srv/leap/webapp'], + } + file{ '/srv/leap/webapp/config/customization/views/common/_download_button.html.haml': + source => 'puppet:///modules/pixelated/webapp/views/common/_download_button.html.haml', + owner => 'leap-webapp', + group => 'leap-webapp', + require => File['/srv/leap/webapp/config/customization/views/common'], + } + file{ '/srv/leap/webapp/config/customization/locales/en.yml': + source => 'puppet:///modules/pixelated/webapp/locales/en.yml', + owner => 'leap-webapp', + group => 'leap-webapp', + require => File['/srv/leap/webapp/config/customization/views/common'], + } + file{ '/srv/leap/webapp/config/customization/views/users/show.html.haml': + content => template('pixelated/webapp/show.html.haml.erb'), + owner => 'leap-webapp', + group => 'leap-webapp', + require => File['/srv/leap/webapp/config/customization/views/common'], + } + +} + diff --git a/files/puppet/modules/pixelated/manifests/apt.pp b/files/puppet/modules/pixelated/manifests/apt.pp new file mode 100644 index 0000000..2de5112 --- /dev/null +++ b/files/puppet/modules/pixelated/manifests/apt.pp @@ -0,0 +1,21 @@ +# add the pixelated sources and the signing key +class pixelated::apt { + + include apt + + apt::sources_list { 'pixelated.list': + content => "deb [arch=amd64] http://packages.pixelated-project.org/debian ${::lsbdistcodename}-snapshots main\ndeb [arch=amd64] http://packages.pixelated-project.org/debian ${::lsbdistcodename} main\n", + require => Exec[add_pixelated_key], + notify => Exec[refresh_apt], + } + + file { '/srv/leap/0x287A1542472DC0E3_packages@pixelated-project.org.asc': + source => 'puppet:///modules/pixelated/0x287A1542472DC0E3_packages@pixelated-project.org.asc', + notify => Exec['add_pixelated_key'] + } + exec{'add_pixelated_key': + command => '/usr/bin/apt-key add /srv/leap/0x287A1542472DC0E3_packages@pixelated-project.org.asc', + refreshonly => true, + require => File['/srv/leap/0x287A1542472DC0E3_packages@pixelated-project.org.asc'], + } +} diff --git a/files/puppet/modules/pixelated/manifests/apt/preferences.pp b/files/puppet/modules/pixelated/manifests/apt/preferences.pp new file mode 100644 index 0000000..719117b --- /dev/null +++ b/files/puppet/modules/pixelated/manifests/apt/preferences.pp @@ -0,0 +1,18 @@ +# pin packages so they have precedence over those from the leap repo +class pixelated::apt::preferences { + + apt::preferences_snippet { ['python-urllib3', 'python-requests','python-six']: + release => "${::lsbdistcodename}-backports", + priority => 999 + } + + apt::preferences_snippet { ['soledad-server', + 'soledad-common', + 'soledad-client', + 'leap-keymanager', + 'leap-auth']: + pin => 'release o=pixelated', + priority => 999, + } + +} diff --git a/files/puppet/modules/pixelated/manifests/init.pp b/files/puppet/modules/pixelated/manifests/init.pp new file mode 100644 index 0000000..6d31f68 --- /dev/null +++ b/files/puppet/modules/pixelated/manifests/init.pp @@ -0,0 +1,5 @@ +# setup pixelated +class pixelated { + include pixelated::agent +} + diff --git a/files/puppet/modules/pixelated/manifests/remove.pp b/files/puppet/modules/pixelated/manifests/remove.pp new file mode 100644 index 0000000..4fcfc9f --- /dev/null +++ b/files/puppet/modules/pixelated/manifests/remove.pp @@ -0,0 +1,9 @@ +# remove obsolent stuff we deployed by earlier versions of +# this module + +# +class pixelated::remove { + tidy { + ['/etc/apt/preferences.d/leap-mx','/etc/apt/preferences.d/python-leap-common']:; + } +} diff --git a/files/puppet/modules/pixelated/manifests/syslog.pp b/files/puppet/modules/pixelated/manifests/syslog.pp new file mode 100644 index 0000000..1695a6f --- /dev/null +++ b/files/puppet/modules/pixelated/manifests/syslog.pp @@ -0,0 +1,18 @@ +# +class pixelated::syslog { + File { + owner => root, + group => root, + mode => '0644', + } + + rsyslog::snippet { '05-pixelated': + content => template('pixelated/05-pixelated.conf.erb'), + } + + file { '/etc/logrotate.d/pixelated': + ensure => present, + source => 'puppet:///modules/pixelated/syslog/pixelated', + } + +} diff --git a/files/puppet/modules/pixelated/manifests/tests.pp b/files/puppet/modules/pixelated/manifests/tests.pp new file mode 100644 index 0000000..a0264ae --- /dev/null +++ b/files/puppet/modules/pixelated/manifests/tests.pp @@ -0,0 +1,57 @@ +# Install functional test for Pixelated based on bahave and phantomjs +# The tetst are integrated in 'leap test' +class pixelated::tests { + include stdlib + $webapp = hiera('webapp') + $invite = $webapp['invite_required'] + File { + owner => root, + group => root, + mode => '0644', + } + + file { '/srv/leap/tests_custom': + ensure => directory, + mode => '0755', + } + file { '/srv/leap/tests_custom/pixelated.rb': + source => 'puppet:///modules/pixelated/leap_test.rb', + owner => 'root', + group => 'root', + mode => '0755', + } + + ensure_packages(['python-pip', 'curl', 'bzip2', 'python-enum','python-pycurl']) + + package{['behave','selenium']: + ensure => installed, + provider => 'pip', + require => Package['python-pip'], + } + + file{'/usr/local/bin/phantomjs': + source => 'puppet:///modules/pixelated/phantomjs', + owner => 'root', + group => 'root', + mode => '0755', + } + + file{'/srv/leap/tests_custom/functional-tests': + ensure => directory, + recurse => true, + purge => true, + source => 'puppet:///modules/pixelated/functional-tests', + } + cron {'run_functional_tests': + command => "(date; INVITE_CODE_ENABLED=$invite /usr/bin/mk-job pixelated-functional-tests /usr/local/bin/behave --tags @staging --tags ~@wip --no-capture -k /srv/leap/tests_custom/functional-tests/) >> /var/log/check_mk_jobs.log 2>&1", + environment => 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + user => 'root', + minute => 27, + notify => Exec['dummy_register_job'], + } + exec {'dummy_register_job': + command => '/usr/bin/mk-job pixelated-functional-tests /bin/true', + require => Class['::check_mk::agent::install'], + refreshonly => true, + } +} diff --git a/files/puppet/modules/pixelated/manifests/unattended_upgrades.pp b/files/puppet/modules/pixelated/manifests/unattended_upgrades.pp new file mode 100644 index 0000000..dc50c26 --- /dev/null +++ b/files/puppet/modules/pixelated/manifests/unattended_upgrades.pp @@ -0,0 +1,10 @@ +# enable unattended upgrades for pixelated platform +class pixelated::unattended_upgrades { + apt::apt_conf { '51unattended-upgrades_pixelated': + source => [ + "puppet:///modules/pixelated/${::lsbdistid}/51unattended-upgrades_pixelated.${::lsbdistcodename}", + "puppet:///modules/pixelated/${::lsbdistid}/51unattended-upgrades_pixelated"], + require => Package['unattended-upgrades'], + refresh_apt => false, + } +} -- cgit v1.2.3