summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorvarac <varacanero@zeromail.org>2017-02-23 11:42:47 +0100
committervarac <varacanero@zeromail.org>2017-03-15 19:22:50 +0100
commitcce9af1fce42c29bf062cccfc46ef356d83a6328 (patch)
treeb7f6a7de0f11e9381eb833a09f1cc1175dbce9ca
parentbb4dd153bbf1174a95017d0046ea9e1320fd81a9 (diff)
[8144] Remove Haproxy
We used haproxy because we had multiple bigcouch nodes but now with a single couchdb node this is not needed anymore. - Resolves: #8144
-rwxr-xr-xbin/debug.sh5
-rw-r--r--lib/leap_cli/macros/haproxy.rb73
-rw-r--r--provider_base/services/mx.json6
-rw-r--r--provider_base/services/webapp.json6
-rw-r--r--puppet/modules/haproxy/.fixtures.yml5
-rw-r--r--puppet/modules/haproxy/.gemfile5
-rw-r--r--puppet/modules/haproxy/.gitrepo11
-rw-r--r--puppet/modules/haproxy/.travis.yml23
-rw-r--r--puppet/modules/haproxy/CHANGELOG5
-rw-r--r--puppet/modules/haproxy/Modulefile12
-rw-r--r--puppet/modules/haproxy/README.md87
-rw-r--r--puppet/modules/haproxy/Rakefile1
-rw-r--r--puppet/modules/haproxy/manifests/balancermember.pp95
-rw-r--r--puppet/modules/haproxy/manifests/init.pp149
-rw-r--r--puppet/modules/haproxy/manifests/listen.pp95
-rw-r--r--puppet/modules/haproxy/manifests/params.pp65
-rw-r--r--puppet/modules/haproxy/spec/classes/haproxy_spec.rb138
-rw-r--r--puppet/modules/haproxy/spec/defines/balancermember_spec.rb82
-rw-r--r--puppet/modules/haproxy/spec/defines/listen_spec.rb53
-rw-r--r--puppet/modules/haproxy/spec/spec.opts6
-rw-r--r--puppet/modules/haproxy/spec/spec_helper.rb1
-rw-r--r--puppet/modules/haproxy/templates/haproxy-base.cfg.erb21
-rw-r--r--puppet/modules/haproxy/templates/haproxy_balancermember.erb3
-rw-r--r--puppet/modules/haproxy/templates/haproxy_listen_block.erb10
-rw-r--r--puppet/modules/haproxy/tests/init.pp69
-rw-r--r--puppet/modules/site_check_mk/manifests/agent/haproxy.pp15
-rw-r--r--puppet/modules/site_config/manifests/remove/webapp.pp12
-rw-r--r--puppet/modules/site_haproxy/files/haproxy-stats.cfg6
-rw-r--r--puppet/modules/site_haproxy/manifests/init.pp41
-rw-r--r--puppet/modules/site_haproxy/templates/couch.erb32
-rw-r--r--puppet/modules/site_haproxy/templates/haproxy.cfg.erb11
-rw-r--r--puppet/modules/site_mx/manifests/init.pp1
-rw-r--r--puppet/modules/site_nickserver/manifests/init.pp10
-rw-r--r--puppet/modules/site_webapp/manifests/couchdb.pp4
-rw-r--r--puppet/modules/site_webapp/manifests/init.pp3
35 files changed, 21 insertions, 1140 deletions
diff --git a/bin/debug.sh b/bin/debug.sh
index d6f37542..35bcfa3e 100755
--- a/bin/debug.sh
+++ b/bin/debug.sh
@@ -2,7 +2,7 @@
# debug script to be run on remote servers
# called from leap_cli with the 'leap debug' cmd
-apps='(leap|pixelated|stunnel|couch|soledad|haproxy)'
+apps='(leap|pixelated|stunnel|couch|soledad)'
facts='(apt_running |^architecture |^augeasversion |^couchdb_.* |^debian_.* |^dhcp_enabled |^domain |^facterversion |^filesystems |^fqdn |^hardwaremodel |^hostname |^interface.* |^ipaddress.* |^is_pe |^is_virtual |^kernel.* |^lib |^lsb.* |^memory.* |^mtu_.* |^netmask.* |^network_.* |^operatingsystem |^os.* |^path |^physicalprocessorcount |^processor.* |^ps |^puppetversion |^root_home |^rsyslog_version |^rubysitedir |^rubyversion |^selinux |^ssh_version |^swapfree.* |^swapsize.* |^type |^virtual)'
@@ -24,6 +24,3 @@ ps aux|egrep "$apps"
echo -e '\n\n'
echo -e "Last deploy:\n"
tail -2 /var/log/leap/deploy-summary.log
-
-
-
diff --git a/lib/leap_cli/macros/haproxy.rb b/lib/leap_cli/macros/haproxy.rb
deleted file mode 100644
index 3fef24c4..00000000
--- a/lib/leap_cli/macros/haproxy.rb
+++ /dev/null
@@ -1,73 +0,0 @@
-# encoding: utf-8
-
-##
-## HAPROXY
-##
-
-module LeapCli
- module Macro
-
- #
- # creates a hash suitable for configuring haproxy. the key is the node name of the server we are proxying to.
- #
- # * node_list - a hash of nodes for the haproxy servers
- # * stunnel_client - contains the mappings to local ports for each server node.
- # * non_stunnel_port - in case self is included in node_list, the port to connect to.
- #
- # 1000 weight is used for nodes in the same location.
- # 100 otherwise.
- #
- def haproxy_servers(node_list, stunnel_clients, non_stunnel_port=nil)
- default_weight = 10
- local_weight = 100
-
- # record the hosts_file
- hostnames(node_list)
-
- # create a simple map for node name -> local stunnel accept port
- accept_ports = stunnel_clients.inject({}) do |hsh, stunnel_entry|
- name = stunnel_entry.first.sub(/_[0-9]+$/, '')
- hsh[name] = stunnel_entry.last['accept_port']
- hsh
- end
-
- # if one the nodes in the node list is ourself, then there will not be a stunnel to it,
- # but we need to include it anyway in the haproxy config.
- if node_list[self.name] && non_stunnel_port
- accept_ports[self.name] = non_stunnel_port
- end
-
- # create the first pass of the servers hash
- servers = node_list.values.inject(Config::ObjectList.new) do |hsh, node|
- # make sure we have a port to talk to
- unless accept_ports[node.name]
- error "haproxy needs a local port to talk to when connecting to #{node.name}"
- end
- weight = default_weight
- try {
- weight = local_weight if self.location.name == node.location.name
- }
- hsh[node.name] = Config::Object[
- 'backup', false,
- 'host', 'localhost',
- 'port', accept_ports[node.name],
- 'weight', weight
- ]
- if node.services.include?('couchdb')
- hsh[node.name]['writable'] = node.couch.mode != 'mirror'
- end
- hsh
- end
-
- # if there are some local servers, make the others backup
- if servers.detect{|k,v| v.weight == local_weight}
- servers.each do |k,server|
- server['backup'] = server['weight'] == default_weight
- end
- end
-
- return servers
- end
-
- end
-end
diff --git a/provider_base/services/mx.json b/provider_base/services/mx.json
index 334e40de..17861d18 100644
--- a/provider_base/services/mx.json
+++ b/provider_base/services/mx.json
@@ -19,12 +19,6 @@
"couch_client": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.port)"
}
},
- "haproxy": {
- "couch": {
- "listen_port": 4096,
- "servers": "= haproxy_servers(nodes_like_me[:services => :couchdb], stunnel.clients.couch_client, global.services[:couchdb].couch.port)"
- }
- },
"couchdb_leap_mx_user": {
"username": "= global.services[:couchdb].couch.users[:leap_mx].username",
"password": "= secret :couch_leap_mx_password",
diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json
index feca9524..0fd62795 100644
--- a/provider_base/services/webapp.json
+++ b/provider_base/services/webapp.json
@@ -45,12 +45,6 @@
"couch_client": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.port)"
}
},
- "haproxy": {
- "couch": {
- "listen_port": 4096,
- "servers": "= haproxy_servers(nodes_like_me[:services => :couchdb], stunnel.clients.couch_client, global.services[:couchdb].couch.port)"
- }
- },
"definition_files": {
"provider": "= file :provider_json_template",
"eip_service": "= file [:eip_service_json_template, 'v'+webapp.api_version.to_s]",
diff --git a/puppet/modules/haproxy/.fixtures.yml b/puppet/modules/haproxy/.fixtures.yml
deleted file mode 100644
index 8d6f22d6..00000000
--- a/puppet/modules/haproxy/.fixtures.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-fixtures:
- repositories:
- concat: "git://github.com/ripienaar/puppet-concat.git"
- symlinks:
- haproxy: "#{source_dir}"
diff --git a/puppet/modules/haproxy/.gemfile b/puppet/modules/haproxy/.gemfile
deleted file mode 100644
index 9aad840c..00000000
--- a/puppet/modules/haproxy/.gemfile
+++ /dev/null
@@ -1,5 +0,0 @@
-source :rubygems
-
-puppetversion = ENV.key?('PUPPET_VERSION') ? "= #{ENV['PUPPET_VERSION']}" : ['>= 2.7']
-gem 'puppet', puppetversion
-gem 'puppetlabs_spec_helper', '>= 0.1.0'
diff --git a/puppet/modules/haproxy/.gitrepo b/puppet/modules/haproxy/.gitrepo
deleted file mode 100644
index ed92831a..00000000
--- a/puppet/modules/haproxy/.gitrepo
+++ /dev/null
@@ -1,11 +0,0 @@
-; DO NOT EDIT (unless you know what you are doing)
-;
-; This subdirectory is a git "subrepo", and this file is maintained by the
-; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme
-;
-[subrepo]
- remote = https://leap.se/git/puppet_haproxy
- branch = master
- commit = af322a73c013f80a958ab7d5d31d0c75cf6d0523
- parent = 04279dd8d1390d61d696d2c14817199304ccd4d8
- cmdver = 0.3.0
diff --git a/puppet/modules/haproxy/.travis.yml b/puppet/modules/haproxy/.travis.yml
deleted file mode 100644
index fdbc95dc..00000000
--- a/puppet/modules/haproxy/.travis.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-language: ruby
-rvm:
- - 1.8.7
- - 1.9.3
-script: "rake spec"
-branches:
- only:
- - master
-env:
- - PUPPET_VERSION=2.6.17
- - PUPPET_VERSION=2.7.19
- #- PUPPET_VERSION=3.0.1 # Breaks due to rodjek/rspec-puppet#58
-notifications:
- email: false
-gemfile: .gemfile
-matrix:
- exclude:
- - rvm: 1.9.3
- gemfile: .gemfile
- env: PUPPET_VERSION=2.6.17
- - rvm: 1.8.7
- gemfile: .gemfile
- env: PUPPET_VERSION=3.0.1
diff --git a/puppet/modules/haproxy/CHANGELOG b/puppet/modules/haproxy/CHANGELOG
deleted file mode 100644
index 0b6d670f..00000000
--- a/puppet/modules/haproxy/CHANGELOG
+++ /dev/null
@@ -1,5 +0,0 @@
-2012-10-12 - Version 0.2.0
-- Initial public release
-- Backwards incompatible changes all around
-- No longer needs ordering passed for more than one listener
-- Accepts multiple listen ips/ports/server_names
diff --git a/puppet/modules/haproxy/Modulefile b/puppet/modules/haproxy/Modulefile
deleted file mode 100644
index e729739b..00000000
--- a/puppet/modules/haproxy/Modulefile
+++ /dev/null
@@ -1,12 +0,0 @@
-name 'puppetlabs-haproxy'
-version '0.2.0'
-source 'git://github.com/puppetlabs/puppetlabs-haproxy'
-author 'Puppet Labs'
-license 'Apache License, Version 2.0'
-summary 'Haproxy Module'
-description 'An Haproxy module for Redhat family OSes using Storeconfigs'
-project_page 'http://github.com/puppetlabs/puppetlabs-haproxy'
-
-## Add dependencies, if any:
-# dependency 'username/name', '>= 1.2.0'
-dependency 'ripienaar/concat', '>= 0.1.0'
diff --git a/puppet/modules/haproxy/README.md b/puppet/modules/haproxy/README.md
deleted file mode 100644
index d209e9ab..00000000
--- a/puppet/modules/haproxy/README.md
+++ /dev/null
@@ -1,87 +0,0 @@
-PuppetLabs Module for haproxy
-=============================
-
-HAProxy is an HA proxying daemon for load-balancing to clustered services. It
-can proxy TCP directly, or other kinds of traffic such as HTTP.
-
-Dependencies
-------------
-
-Tested and built on Debian, Ubuntu and CentOS
-
-Currently requires the ripienaar/concat module on the Puppet Forge and uses storeconfigs on the Puppet Master to export/collect resources
-from all balancer members.
-
-Basic Usage
------------
-
-This haproxy uses storeconfigs to collect and realize balancer member servers
-on a load balancer server.
-
-*To install and configure HAProxy server listening on port 8140*
-
-```puppet
-node 'haproxy-server' {
- class { 'haproxy': }
- haproxy::listen { 'puppet00':
- ipaddress => $::ipaddress,
- ports => '8140',
- }
-}
-```
-
-*To add backend loadbalance members*
-
-```puppet
-node 'webserver01' {
- @@haproxy::balancermember { $fqdn:
- listening_service => 'puppet00',
- server_names => $::hostname,
- ipaddresses => $::ipaddress,
- ports => '8140',
- options => 'check'
- }
-}
-```
-
-Configuring haproxy options
----------------------------
-
-The base `haproxy` class can accept two parameters which will configure basic
-behaviour of the haproxy server daemon:
-
-- `global_options` to configure the `global` section in `haproxy.cfg`
-- `defaults_options` to configure the `defaults` section in `haproxy.cfg`
-
-Configuring haproxy daemon listener
------------------------------------
-
-One `haproxy::listen` defined resource should be defined for each HAProxy loadbalanced set of backend servers. The title of the `haproxy::listen` resource is the key to which balancer members will be proxied to. The `ipaddress` field should be the public ip address which the loadbalancer will be contacted on. The `ports` attribute can accept an array or comma-separated list of ports which should be proxied to the `haproxy::balancermemeber` nodes.
-
-Configuring haproxy loadbalanced member nodes
----------------------------------------------
-
-The `haproxy::balacemember` defined resource should be exported from each node
-which is serving loadbalanced traffic. the `listening_service` attribute will
-associate it with `haproxy::listen` directives on the haproxy node.
-`ipaddresses` and `ports` will be assigned to the member to be contacted on. If an array of `ipaddresses` and `server_names` are provided then they will be added to the config in lock-step.
-
-
-Copyright and License
----------------------
-
-Copyright (C) 2012 [Puppet Labs](https://www.puppetlabs.com/) Inc
-
-Puppet Labs can be contacted at: info@puppetlabs.com
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
diff --git a/puppet/modules/haproxy/Rakefile b/puppet/modules/haproxy/Rakefile
deleted file mode 100644
index cd3d3799..00000000
--- a/puppet/modules/haproxy/Rakefile
+++ /dev/null
@@ -1 +0,0 @@
-require 'puppetlabs_spec_helper/rake_tasks'
diff --git a/puppet/modules/haproxy/manifests/balancermember.pp b/puppet/modules/haproxy/manifests/balancermember.pp
deleted file mode 100644
index a0e27539..00000000
--- a/puppet/modules/haproxy/manifests/balancermember.pp
+++ /dev/null
@@ -1,95 +0,0 @@
-# == Define Resource Type: haproxy::balancermember
-#
-# This type will setup a balancer member inside a listening service
-# configuration block in /etc/haproxy/haproxy.cfg on the load balancer.
-# currently it only has the ability to specify the instance name,
-# ip address, port, and whether or not it is a backup. More features
-# can be added as needed. The best way to implement this is to export
-# this resource for all haproxy balancer member servers, and then collect
-# them on the main haproxy load balancer.
-#
-# === Requirement/Dependencies:
-#
-# Currently requires the ripienaar/concat module on the Puppet Forge and
-# uses storeconfigs on the Puppet Master to export/collect resources
-# from all balancer members.
-#
-# === Parameters
-#
-# [*name*]
-# The title of the resource is arbitrary and only utilized in the concat
-# fragment name.
-#
-# [*listening_service*]
-# The haproxy service's instance name (or, the title of the
-# haproxy::listen resource). This must match up with a declared
-# haproxy::listen resource.
-#
-# [*ports*]
-# An array or commas-separated list of ports for which the balancer member
-# will accept connections from the load balancer. Note that cookie values
-# aren't yet supported, but shouldn't be difficult to add to the
-# configuration. If you use an array in server_names and ipaddresses, the
-# same port is used for all balancermembers.
-#
-# [*server_names*]
-# The name of the balancer member server as known to haproxy in the
-# listening service's configuration block. This defaults to the
-# hostname. Can be an array of the same length as ipaddresses,
-# in which case a balancermember is created for each pair of
-# server_names and ipaddresses (in lockstep).
-#
-# [*ipaddresses*]
-# The ip address used to contact the balancer member server.
-# Can be an array, see documentation to server_names.
-#
-# [*options*]
-# An array of options to be specified after the server declaration
-# in the listening service's configuration block.
-#
-#
-# === Examples
-#
-# Exporting the resource for a balancer member:
-#
-# @@haproxy::balancermember { 'haproxy':
-# listening_service => 'puppet00',
-# ports => '8140',
-# server_names => $::hostname,
-# ipaddresses => $::ipaddress,
-# options => 'check',
-# }
-#
-#
-# Collecting the resource on a load balancer
-#
-# Haproxy::Balancermember <<| listening_service == 'puppet00' |>>
-#
-# Creating the resource for multiple balancer members at once
-# (for single-pass installation of haproxy without requiring a first
-# pass to export the resources if you know the members in advance):
-#
-# haproxy::balancermember { 'haproxy':
-# listening_service => 'puppet00',
-# ports => '8140',
-# server_names => ['server01', 'server02'],
-# ipaddresses => ['192.168.56.200', '192.168.56.201'],
-# options => 'check',
-# }
-#
-# (this resource can be declared anywhere)
-#
-define haproxy::balancermember (
- $listening_service,
- $ports,
- $server_names = $::hostname,
- $ipaddresses = $::ipaddress,
- $options = ''
-) {
- # Template uses $ipaddresses, $server_name, $ports, $option
- concat::fragment { "${listening_service}_balancermember_${name}":
- order => "20-${listening_service}-${name}",
- target => '/etc/haproxy/haproxy.cfg',
- content => template('haproxy/haproxy_balancermember.erb'),
- }
-}
diff --git a/puppet/modules/haproxy/manifests/init.pp b/puppet/modules/haproxy/manifests/init.pp
deleted file mode 100644
index b91591a3..00000000
--- a/puppet/modules/haproxy/manifests/init.pp
+++ /dev/null
@@ -1,149 +0,0 @@
-# == Class: haproxy
-#
-# A Puppet module, using storeconfigs, to model an haproxy configuration.
-# Currently VERY limited - Pull requests accepted!
-#
-# === Requirement/Dependencies:
-#
-# Currently requires the ripienaar/concat module on the Puppet Forge and
-# uses storeconfigs on the Puppet Master to export/collect resources
-# from all balancer members.
-#
-# === Parameters
-#
-# [*enable*]
-# Chooses whether haproxy should be installed or ensured absent.
-# Currently ONLY accepts valid boolean true/false values.
-#
-# [*version*]
-# Allows you to specify what version of the package to install.
-# Default is simply 'present'
-#
-# [*global_options*]
-# A hash of all the haproxy global options. If you want to specify more
-# than one option (i.e. multiple timeout or stats options), pass those
-# options as an array and you will get a line for each of them in the
-# resultant haproxy.cfg file.
-#
-# [*defaults_options*]
-# A hash of all the haproxy defaults options. If you want to specify more
-# than one option (i.e. multiple timeout or stats options), pass those
-# options as an array and you will get a line for each of them in the
-# resultant haproxy.cfg file.
-#
-#
-# === Examples
-#
-# class { 'haproxy':
-# enable => true,
-# global_options => {
-# 'log' => "${::ipaddress} local0",
-# 'chroot' => '/var/lib/haproxy',
-# 'pidfile' => '/var/run/haproxy.pid',
-# 'maxconn' => '4000',
-# 'user' => 'haproxy',
-# 'group' => 'haproxy',
-# 'daemon' => '',
-# 'stats' => 'socket /var/lib/haproxy/stats'
-# },
-# defaults_options => {
-# 'log' => 'global',
-# 'stats' => 'enable',
-# 'option' => 'redispatch',
-# 'retries' => '3',
-# 'timeout' => [
-# 'http-request 10s',
-# 'queue 1m',
-# 'connect 10s',
-# 'client 1m',
-# 'server 1m',
-# 'check 10s'
-# ],
-# 'maxconn' => '8000'
-# },
-# }
-#
-class haproxy (
- $manage_service = true,
- $enable = true,
- $version = 'present',
- $global_options = $haproxy::params::global_options,
- $defaults_options = $haproxy::params::defaults_options
-) inherits haproxy::params {
- include concat::setup
-
- package { 'haproxy':
- ensure => $enable ? {
- true => $version,
- false => absent,
- },
- name => 'haproxy',
- }
-
- if $enable {
- concat { '/etc/haproxy/haproxy.cfg':
- owner => '0',
- group => '0',
- mode => '0644',
- require => Package['haproxy'],
- notify => $manage_service ? {
- true => Service['haproxy'],
- false => undef,
- },
- }
-
- # Simple Header
- concat::fragment { '00-header':
- target => '/etc/haproxy/haproxy.cfg',
- order => '01',
- content => "# This file managed by Puppet\n",
- }
-
- # Template uses $global_options, $defaults_options
- concat::fragment { 'haproxy-base':
- target => '/etc/haproxy/haproxy.cfg',
- order => '10',
- content => template('haproxy/haproxy-base.cfg.erb'),
- }
-
- if ($::osfamily == 'Debian') {
- file { '/etc/default/haproxy':
- content => 'ENABLED=1',
- require => Package['haproxy'],
- before => $manage_service ? {
- true => Service['haproxy'],
- false => undef,
- },
- }
- }
-
- file { $global_options['chroot']:
- ensure => directory,
- owner => $global_options['user'],
- group => $global_options['group'],
- mode => '0550',
- require => Package['haproxy']
- }
-
- }
-
- if $manage_service {
- service { 'haproxy':
- ensure => $enable ? {
- true => running,
- false => stopped,
- },
- enable => $enable ? {
- true => true,
- false => false,
- },
- name => 'haproxy',
- hasrestart => true,
- hasstatus => true,
- require => [
- Concat['/etc/haproxy/haproxy.cfg'],
- File[$global_options['chroot']],
- ],
- }
- }
-}
diff --git a/puppet/modules/haproxy/manifests/listen.pp b/puppet/modules/haproxy/manifests/listen.pp
deleted file mode 100644
index 00636e3d..00000000
--- a/puppet/modules/haproxy/manifests/listen.pp
+++ /dev/null
@@ -1,95 +0,0 @@
-# == Define Resource Type: haproxy::listen
-#
-# This type will setup a listening service configuration block inside
-# the haproxy.cfg file on an haproxy load balancer. Each listening service
-# configuration needs one or more load balancer member server (that can be
-# declared with the haproxy::balancermember defined resource type). Using
-# storeconfigs, you can export the haproxy::balancermember resources on all
-# load balancer member servers, and then collect them on a single haproxy
-# load balancer server.
-#
-# === Requirement/Dependencies:
-#
-# Currently requires the ripienaar/concat module on the Puppet Forge and
-# uses storeconfigs on the Puppet Master to export/collect resources
-# from all balancer members.
-#
-# === Parameters
-#
-# [*name*]
-# The namevar of the defined resource type is the listening service's name.
-# This name goes right after the 'listen' statement in haproxy.cfg
-#
-# [*ports*]
-# Ports on which the proxy will listen for connections on the ip address
-# specified in the virtual_ip parameter. Accepts either a single
-# comma-separated string or an array of strings which may be ports or
-# hyphenated port ranges.
-#
-# [*ipaddress*]
-# The ip address the proxy binds to. Empty addresses, '*', and '0.0.0.0'
-# mean that the proxy listens to all valid addresses on the system.
-#
-# [*mode*]
-# The mode of operation for the listening service. Valid values are 'tcp',
-# HTTP', and 'health'.
-#
-# [*options*]
-# A hash of options that are inserted into the listening service
-# configuration block.
-#
-# [*collect_exported*]
-# Boolean, default 'true'. True means 'collect exported @@balancermember resources'
-# (for the case when every balancermember node exports itself), false means
-# 'rely on the existing declared balancermember resources' (for the case when you
-# know the full set of balancermembers in advance and use haproxy::balancermember
-# with array arguments, which allows you to deploy everything in 1 run)
-#
-#
-# === Examples
-#
-# Exporting the resource for a balancer member:
-#
-# haproxy::listen { 'puppet00':
-# ipaddress => $::ipaddress,
-# ports => '18140',
-# mode => 'tcp',
-# options => {
-# 'option' => [
-# 'tcplog',
-# 'ssl-hello-chk'
-# ],
-# 'balance' => 'roundrobin'
-# },
-# }
-#
-# === Authors
-#
-# Gary Larizza <gary@puppetlabs.com>
-#
-define haproxy::listen (
- $ports,
- $ipaddress = [$::ipaddress],
- $mode = 'tcp',
- $collect_exported = true,
- $options = {
- 'option' => [
- 'tcplog',
- 'ssl-hello-chk'
- ],
- 'balance' => 'roundrobin'
- }
-) {
- # Template uses: $name, $ipaddress, $ports, $options
- concat::fragment { "${name}_listen_block":
- order => "20-${name}-00",
- target => '/etc/haproxy/haproxy.cfg',
- content => template('haproxy/haproxy_listen_block.erb'),
- }
-
- if $collect_exported {
- Haproxy::Balancermember <<| listening_service == $name |>>
- }
- # else: the resources have been created and they introduced their
- # concat fragments. We don't have to do anything about them.
-}
diff --git a/puppet/modules/haproxy/manifests/params.pp b/puppet/modules/haproxy/manifests/params.pp
deleted file mode 100644
index 53442ddc..00000000
--- a/puppet/modules/haproxy/manifests/params.pp
+++ /dev/null
@@ -1,65 +0,0 @@
-# == Class: haproxy::params
-#
-# This is a container class holding default parameters for for haproxy class.
-# currently, only the Redhat family is supported, but this can be easily
-# extended by changing package names and configuration file paths.
-#
-class haproxy::params {
- case $osfamily {
- Redhat: {
- $global_options = {
- 'log' => "${::ipaddress} local0",
- 'chroot' => '/var/lib/haproxy',
- 'pidfile' => '/var/run/haproxy.pid',
- 'maxconn' => '4000',
- 'user' => 'haproxy',
- 'group' => 'haproxy',
- 'daemon' => '',
- 'stats' => 'socket /var/lib/haproxy/stats'
- }
- $defaults_options = {
- 'log' => 'global',
- 'stats' => 'enable',
- 'option' => 'redispatch',
- 'retries' => '3',
- 'timeout' => [
- 'http-request 10s',
- 'queue 1m',
- 'connect 10s',
- 'client 1m',
- 'server 1m',
- 'check 10s',
- ],
- 'maxconn' => '8000'
- }
- }
- Debian: {
- $global_options = {
- 'log' => "${::ipaddress} local0",
- 'chroot' => '/var/lib/haproxy',
- 'pidfile' => '/var/run/haproxy.pid',
- 'maxconn' => '4000',
- 'user' => 'haproxy',
- 'group' => 'haproxy',
- 'daemon' => '',
- 'stats' => 'socket /var/lib/haproxy/stats'
- }
- $defaults_options = {
- 'log' => 'global',
- 'stats' => 'enable',
- 'option' => 'redispatch',
- 'retries' => '3',
- 'timeout' => [
- 'http-request 10s',
- 'queue 1m',
- 'connect 10s',
- 'client 1m',
- 'server 1m',
- 'check 10s',
- ],
- 'maxconn' => '8000'
- }
- }
- default: { fail("The $::osfamily operating system is not supported with the haproxy module") }
- }
-}
diff --git a/puppet/modules/haproxy/spec/classes/haproxy_spec.rb b/puppet/modules/haproxy/spec/classes/haproxy_spec.rb
deleted file mode 100644
index 4b5902ce..00000000
--- a/puppet/modules/haproxy/spec/classes/haproxy_spec.rb
+++ /dev/null
@@ -1,138 +0,0 @@
-require 'spec_helper'
-
-describe 'haproxy', :type => :class do
- let(:default_facts) do
- {
- :concat_basedir => '/dne',
- :ipaddress => '10.10.10.10'
- }
- end
- context 'on supported platforms' do
- describe 'for OS-agnostic configuration' do
- ['Debian', 'RedHat'].each do |osfamily|
- context "on #{osfamily} family operatingsystems" do
- let(:facts) do
- { :osfamily => osfamily }.merge default_facts
- end
- let(:params) do
- {'enable' => true}
- end
- it { should include_class('concat::setup') }
- it 'should install the haproxy package' do
- subject.should contain_package('haproxy').with(
- 'ensure' => 'present'
- )
- end
- it 'should install the haproxy service' do
- subject.should contain_service('haproxy').with(
- 'ensure' => 'running',
- 'enable' => 'true',
- 'hasrestart' => 'true',
- 'hasstatus' => 'true',
- 'require' => [
- 'Concat[/etc/haproxy/haproxy.cfg]',
- 'File[/var/lib/haproxy]'
- ]
- )
- end
- it 'should set up /etc/haproxy/haproxy.cfg as a concat resource' do
- subject.should contain_concat('/etc/haproxy/haproxy.cfg').with(
- 'owner' => '0',
- 'group' => '0',
- 'mode' => '0644'
- )
- end
- it 'should manage the chroot directory' do
- subject.should contain_file('/var/lib/haproxy').with(
- 'ensure' => 'directory'
- )
- end
- it 'should contain a header concat fragment' do
- subject.should contain_concat__fragment('00-header').with(
- 'target' => '/etc/haproxy/haproxy.cfg',
- 'order' => '01',
- 'content' => "# This file managed by Puppet\n"
- )
- end
- it 'should contain a haproxy-base concat fragment' do
- subject.should contain_concat__fragment('haproxy-base').with(
- 'target' => '/etc/haproxy/haproxy.cfg',
- 'order' => '10'
- )
- end
- describe 'Base concat fragment contents' do
- let(:contents) { param_value(subject, 'concat::fragment', 'haproxy-base', 'content').split("\n") }
- it 'should contain global and defaults sections' do
- contents.should include('global')
- contents.should include('defaults')
- end
- it 'should log to an ip address for local0' do
- contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ }
- end
- it 'should specify the default chroot' do
- contents.should include(' chroot /var/lib/haproxy')
- end
- it 'should specify the correct user' do
- contents.should include(' user haproxy')
- end
- it 'should specify the correct group' do
- contents.should include(' group haproxy')
- end
- it 'should specify the correct pidfile' do
- contents.should include(' pidfile /var/run/haproxy.pid')
- end
- end
- end
- context "on #{osfamily} family operatingsystems without managing the service" do
- let(:facts) do
- { :osfamily => osfamily }.merge default_facts
- end
- let(:params) do
- {
- 'enable' => true,
- 'manage_service' => false,
- }
- end
- it { should include_class('concat::setup') }
- it 'should install the haproxy package' do
- subject.should contain_package('haproxy').with(
- 'ensure' => 'present'
- )
- end
- it 'should install the haproxy service' do
- subject.should_not contain_service('haproxy')
- end
- end
- end
- end
- describe 'for OS-specific configuration' do
- context 'only on Debian family operatingsystems' do
- let(:facts) do
- { :osfamily => 'Debian' }.merge default_facts
- end
- it 'should manage haproxy service defaults' do
- subject.should contain_file('/etc/default/haproxy').with(
- 'before' => 'Service[haproxy]',
- 'require' => 'Package[haproxy]'
- )
- verify_contents(subject, '/etc/default/haproxy', ['ENABLED=1'])
- end
- end
- context 'only on RedHat family operatingsystems' do
- let(:facts) do
- { :osfamily => 'RedHat' }.merge default_facts
- end
- end
- end
- end
- context 'on unsupported operatingsystems' do
- let(:facts) do
- { :osfamily => 'RainbowUnicorn' }.merge default_facts
- end
- it do
- expect {
- should contain_service('haproxy')
- }.to raise_error(Puppet::Error, /operating system is not supported with the haproxy module/)
- end
- end
-end
diff --git a/puppet/modules/haproxy/spec/defines/balancermember_spec.rb b/puppet/modules/haproxy/spec/defines/balancermember_spec.rb
deleted file mode 100644
index 74bc7a8b..00000000
--- a/puppet/modules/haproxy/spec/defines/balancermember_spec.rb
+++ /dev/null
@@ -1,82 +0,0 @@
-require 'spec_helper'
-
-describe 'haproxy::balancermember' do
- let(:title) { 'tyler' }
- let(:facts) do
- {
- :ipaddress => '1.1.1.1',
- :hostname => 'dero'
- }
- end
-
- context 'with a single balancermember option' do
- let(:params) do
- {
- :name => 'tyler',
- :listening_service => 'croy',
- :ports => '18140',
- :options => 'check'
- }
- end
-
- it { should contain_concat__fragment('croy_balancermember_tyler').with(
- 'order' => '20-croy-tyler',
- 'target' => '/etc/haproxy/haproxy.cfg',
- 'content' => " server dero 1.1.1.1:18140 check\n\n"
- ) }
- end
-
- context 'with multiple balancermember options' do
- let(:params) do
- {
- :name => 'tyler',
- :listening_service => 'croy',
- :ports => '18140',
- :options => ['check', 'close']
- }
- end
-
- it { should contain_concat__fragment('croy_balancermember_tyler').with(
- 'order' => '20-croy-tyler',
- 'target' => '/etc/haproxy/haproxy.cfg',
- 'content' => " server dero 1.1.1.1:18140 check close\n\n"
- ) }
- end
-
- context 'with multiple servers' do
- let(:params) do
- {
- :name => 'tyler',
- :listening_service => 'croy',
- :ports => '18140',
- :server_names => ['server01', 'server02'],
- :ipaddresses => ['192.168.56.200', '192.168.56.201'],
- :options => ['check']
- }
- end
-
- it { should contain_concat__fragment('croy_balancermember_tyler').with(
- 'order' => '20-croy-tyler',
- 'target' => '/etc/haproxy/haproxy.cfg',
- 'content' => " server server01 192.168.56.200:18140 check\n server server02 192.168.56.201:18140 check\n\n"
- ) }
- end
- context 'with multiple servers and multiple ports' do
- let(:params) do
- {
- :name => 'tyler',
- :listening_service => 'croy',
- :ports => ['18140','18150'],
- :server_names => ['server01', 'server02'],
- :ipaddresses => ['192.168.56.200', '192.168.56.201'],
- :options => ['check']
- }
- end
-
- it { should contain_concat__fragment('croy_balancermember_tyler').with(
- 'order' => '20-croy-tyler',
- 'target' => '/etc/haproxy/haproxy.cfg',
- 'content' => " server server01 192.168.56.200:18140,192.168.56.200:18150 check\n server server02 192.168.56.201:18140,192.168.56.201:18150 check\n\n"
- ) }
- end
-end
diff --git a/puppet/modules/haproxy/spec/defines/listen_spec.rb b/puppet/modules/haproxy/spec/defines/listen_spec.rb
deleted file mode 100644
index 31dd4c85..00000000
--- a/puppet/modules/haproxy/spec/defines/listen_spec.rb
+++ /dev/null
@@ -1,53 +0,0 @@
-require 'spec_helper'
-
-describe 'haproxy::listen' do
- let(:title) { 'tyler' }
- let(:facts) {{ :ipaddress => '1.1.1.1' }}
- context "when only one port is provided" do
- let(:params) do
- {
- :name => 'croy',
- :ports => '18140'
- }
- end
-
- it { should contain_concat__fragment('croy_listen_block').with(
- 'order' => '20-croy-00',
- 'target' => '/etc/haproxy/haproxy.cfg',
- 'content' => "listen croy\n\n bind 1.1.1.1:18140\n\n balance roundrobin\n option tcplog\n option ssl-hello-chk\n"
- ) }
- end
- context "when an array of ports is provided" do
- let(:params) do
- {
- :name => 'apache',
- :ipaddress => '23.23.23.23',
- :ports => [
- '80',
- '443',
- ]
- }
- end
-
- it { should contain_concat__fragment('apache_listen_block').with(
- 'order' => '20-apache-00',
- 'target' => '/etc/haproxy/haproxy.cfg',
- 'content' => "listen apache\n\n bind 23.23.23.23:80\n\n bind 23.23.23.23:443\n\n balance roundrobin\n option tcplog\n option ssl-hello-chk\n"
- ) }
- end
- context "when a comma-separated list of ports is provided" do
- let(:params) do
- {
- :name => 'apache',
- :ipaddress => '23.23.23.23',
- :ports => '80,443'
- }
- end
-
- it { should contain_concat__fragment('apache_listen_block').with(
- 'order' => '20-apache-00',
- 'target' => '/etc/haproxy/haproxy.cfg',
- 'content' => "listen apache\n\n bind 23.23.23.23:80\n\n bind 23.23.23.23:443\n\n balance roundrobin\n option tcplog\n option ssl-hello-chk\n"
- ) }
- end
-end
diff --git a/puppet/modules/haproxy/spec/spec.opts b/puppet/modules/haproxy/spec/spec.opts
deleted file mode 100644
index 91cd6427..00000000
--- a/puppet/modules/haproxy/spec/spec.opts
+++ /dev/null
@@ -1,6 +0,0 @@
---format
-s
---colour
---loadby
-mtime
---backtrace
diff --git a/puppet/modules/haproxy/spec/spec_helper.rb b/puppet/modules/haproxy/spec/spec_helper.rb
deleted file mode 100644
index 2c6f5664..00000000
--- a/puppet/modules/haproxy/spec/spec_helper.rb
+++ /dev/null
@@ -1 +0,0 @@
-require 'puppetlabs_spec_helper/module_spec_helper'
diff --git a/puppet/modules/haproxy/templates/haproxy-base.cfg.erb b/puppet/modules/haproxy/templates/haproxy-base.cfg.erb
deleted file mode 100644
index f25d5c34..00000000
--- a/puppet/modules/haproxy/templates/haproxy-base.cfg.erb
+++ /dev/null
@@ -1,21 +0,0 @@
-global
-<% @global_options.sort.each do |key,val| -%>
-<% if val.is_a?(Array) -%>
-<% val.each do |item| -%>
- <%= key %> <%= item %>
-<% end -%>
-<% else -%>
- <%= key %> <%= val %>
-<% end -%>
-<% end -%>
-
-defaults
-<% @defaults_options.sort.each do |key,val| -%>
-<% if val.is_a?(Array) -%>
-<% val.each do |item| -%>
- <%= key %> <%= item %>
-<% end -%>
-<% else -%>
- <%= key %> <%= val %>
-<% end -%>
-<% end -%>
diff --git a/puppet/modules/haproxy/templates/haproxy_balancermember.erb b/puppet/modules/haproxy/templates/haproxy_balancermember.erb
deleted file mode 100644
index 1d03f565..00000000
--- a/puppet/modules/haproxy/templates/haproxy_balancermember.erb
+++ /dev/null
@@ -1,3 +0,0 @@
-<% Array(ipaddresses).zip(Array(server_names)).each do |ipaddress,host| -%>
- server <%= host %> <%= ipaddress %>:<%= Array(ports).collect {|x|x.split(',')}.flatten.join(",#{ipaddress}:") %> <%= Array(options).join(" ") %>
-<% end %>
diff --git a/puppet/modules/haproxy/templates/haproxy_listen_block.erb b/puppet/modules/haproxy/templates/haproxy_listen_block.erb
deleted file mode 100644
index 129313f1..00000000
--- a/puppet/modules/haproxy/templates/haproxy_listen_block.erb
+++ /dev/null
@@ -1,10 +0,0 @@
-listen <%= name %>
- mode <%= mode %>
-<% Array(ipaddress).uniq.each do |virtual_ip| (ports.is_a?(Array) ? ports : Array(ports.split(","))).each do |port| %>
- bind <%= virtual_ip %>:<%= port %>
-<% end end %>
-<% options.sort.each do |key, val| -%>
-<% Array(val).each do |item| -%>
- <%= key %> <%= item %>
-<% end -%>
-<% end -%>
diff --git a/puppet/modules/haproxy/tests/init.pp b/puppet/modules/haproxy/tests/init.pp
deleted file mode 100644
index 77590ac8..00000000
--- a/puppet/modules/haproxy/tests/init.pp
+++ /dev/null
@@ -1,69 +0,0 @@
-# Declare haproxy base class with configuration options
-class { 'haproxy':
- enable => true,
- global_options => {
- 'log' => "${::ipaddress} local0",
- 'chroot' => '/var/lib/haproxy',
- 'pidfile' => '/var/run/haproxy.pid',
- 'maxconn' => '4000',
- 'user' => 'haproxy',
- 'group' => 'haproxy',
- 'daemon' => '',
- 'stats' => 'socket /var/lib/haproxy/stats',
- },
- defaults_options => {
- 'log' => 'global',
- 'stats' => 'enable',
- 'option' => 'redispatch',
- 'retries' => '3',
- 'timeout' => [
- 'http-request 10s',
- 'queue 1m',
- 'connect 10s',
- 'client 1m',
- 'server 1m',
- 'check 10s',
- ],
- 'maxconn' => '8000',
- },
-}
-
-# Export a balancermember server, note that the listening_service parameter
-# will/must correlate with an haproxy::listen defined resource type.
-@@haproxy::balancermember { $fqdn:
- order => '21',
- listening_service => 'puppet00',
- server_name => $::hostname,
- balancer_ip => $::ipaddress,
- balancer_port => '8140',
- balancermember_options => 'check'
-}
-
-# Declare a couple of Listening Services for haproxy.cfg
-# Note that the balancermember server resources are being collected in
-# the haproxy::config defined resource type with the following line:
-# Haproxy::Balancermember <<| listening_service == $name |>>
-haproxy::listen { 'puppet00':
- order => '20',
- ipaddress => $::ipaddress,
- ports => '18140',
- options => {
- 'option' => [
- 'tcplog',
- 'ssl-hello-chk',
- ],
- 'balance' => 'roundrobin',
- },
-}
-haproxy::listen { 'stats':
- order => '30',
- ipaddress => '',
- ports => '9090',
- options => {
- 'mode' => 'http',
- 'stats' => [
- 'uri /',
- 'auth puppet:puppet'
- ],
- },
-}
diff --git a/puppet/modules/site_check_mk/manifests/agent/haproxy.pp b/puppet/modules/site_check_mk/manifests/agent/haproxy.pp
deleted file mode 100644
index 6d52efba..00000000
--- a/puppet/modules/site_check_mk/manifests/agent/haproxy.pp
+++ /dev/null
@@ -1,15 +0,0 @@
-class site_check_mk::agent::haproxy {
-
- include site_check_mk::agent::package::nagios_plugins_contrib
-
- # local nagios plugin checks via mrpe
- augeas { 'haproxy':
- incl => '/etc/check_mk/mrpe.cfg',
- lens => 'Spacevars.lns',
- changes => [
- 'rm /files/etc/check_mk/mrpe.cfg/Haproxy',
- 'set Haproxy \'/usr/lib/nagios/plugins/check_haproxy -u "http://localhost:8000/haproxy;csv"\'' ],
- require => File['/etc/check_mk/mrpe.cfg'];
- }
-
-}
diff --git a/puppet/modules/site_config/manifests/remove/webapp.pp b/puppet/modules/site_config/manifests/remove/webapp.pp
index 58f59815..963eb705 100644
--- a/puppet/modules/site_config/manifests/remove/webapp.pp
+++ b/puppet/modules/site_config/manifests/remove/webapp.pp
@@ -4,4 +4,16 @@ class site_config::remove::webapp {
'/etc/apache/sites-enabled/leap_webapp.conf':
notify => Service['apache'];
}
+
+ # Ensure haproxy is removed
+ package { 'haproxy':
+ ensure => purged,
+ }
+ augeas { 'haproxy':
+ incl => '/etc/check_mk/mrpe.cfg',
+ lens => 'Spacevars.lns',
+ changes => [ 'rm /files/etc/check_mk/mrpe.cfg/Haproxy' ],
+ require => File['/etc/check_mk/mrpe.cfg'];
+ }
+
}
diff --git a/puppet/modules/site_haproxy/files/haproxy-stats.cfg b/puppet/modules/site_haproxy/files/haproxy-stats.cfg
deleted file mode 100644
index e6335ba2..00000000
--- a/puppet/modules/site_haproxy/files/haproxy-stats.cfg
+++ /dev/null
@@ -1,6 +0,0 @@
-# provide access to stats for the nagios plugin
-listen stats 127.0.0.1:8000
- mode http
- stats enable
- stats uri /haproxy
-
diff --git a/puppet/modules/site_haproxy/manifests/init.pp b/puppet/modules/site_haproxy/manifests/init.pp
deleted file mode 100644
index b28ce80e..00000000
--- a/puppet/modules/site_haproxy/manifests/init.pp
+++ /dev/null
@@ -1,41 +0,0 @@
-class site_haproxy {
- $haproxy = hiera('haproxy')
-
- class { 'haproxy':
- enable => true,
- manage_service => true,
- global_options => {
- 'log' => '127.0.0.1 local0',
- 'maxconn' => '4096',
- 'stats' => 'socket /var/run/haproxy.sock user haproxy group haproxy',
- 'chroot' => '/usr/share/haproxy',
- 'user' => 'haproxy',
- 'group' => 'haproxy',
- 'daemon' => ''
- },
- defaults_options => {
- 'log' => 'global',
- 'retries' => '3',
- 'option' => 'redispatch',
- 'timeout connect' => '4000',
- 'timeout client' => '20000',
- 'timeout server' => '20000'
- }
- }
-
- # monitor haproxy
- concat::fragment { 'stats':
- target => '/etc/haproxy/haproxy.cfg',
- order => '90',
- source => 'puppet:///modules/site_haproxy/haproxy-stats.cfg';
- }
-
- # Template uses $haproxy
- concat::fragment { 'leap_haproxy_webapp_couchdb':
- target => '/etc/haproxy/haproxy.cfg',
- order => '20',
- content => template('site_haproxy/haproxy.cfg.erb'),
- }
-
- include site_check_mk::agent::haproxy
-}
diff --git a/puppet/modules/site_haproxy/templates/couch.erb b/puppet/modules/site_haproxy/templates/couch.erb
deleted file mode 100644
index f42e8368..00000000
--- a/puppet/modules/site_haproxy/templates/couch.erb
+++ /dev/null
@@ -1,32 +0,0 @@
-frontend couch
- bind localhost:<%= @listen_port %>
- mode http
- option httplog
- option dontlognull
- option http-server-close # use client keep-alive, but close server connection.
- use_backend couch_read if METH_GET
- default_backend couch_write
-
-backend couch_write
- mode http
- balance roundrobin
- option httpchk GET / # health check using simple get to root
- option allbackups # balance among all backups, not just one.
- default-server inter 3000 fastinter 1000 downinter 1000 rise 2 fall 1
-<%- @servers.sort.each do |name,server| -%>
-<%- next unless server['writable'] -%>
- # <%=name%>
- server couchdb_<%=server['port']%> <%=server['host']%>:<%=server['port']%> <%='backup' if server['backup']%> weight <%=server['weight']%> check
-<%- end -%>
-
-backend couch_read
- mode http
- balance roundrobin
- option httpchk GET / # health check using simple get to root
- option allbackups # balance among all backups, not just one.
- default-server inter 3000 fastinter 1000 downinter 1000 rise 2 fall 1
-<%- @servers.sort.each do |name,server| -%>
- # <%=name%>
- server couchdb_<%=server['port']%> <%=server['host']%>:<%=server['port']%> <%='backup' if server['backup']%> weight <%=server['weight']%> check
-<%- end -%>
-
diff --git a/puppet/modules/site_haproxy/templates/haproxy.cfg.erb b/puppet/modules/site_haproxy/templates/haproxy.cfg.erb
deleted file mode 100644
index 8311b1a5..00000000
--- a/puppet/modules/site_haproxy/templates/haproxy.cfg.erb
+++ /dev/null
@@ -1,11 +0,0 @@
-<%- @haproxy.each do |frontend, options| -%>
-<%- if options['servers'] -%>
-
-##
-## <%= frontend %>
-##
-
-<%= scope.function_templatewlv(["site_haproxy/#{frontend}.erb", options]) %>
-<%- end -%>
-<%- end -%>
-
diff --git a/puppet/modules/site_mx/manifests/init.pp b/puppet/modules/site_mx/manifests/init.pp
index c910a45a..5876e555 100644
--- a/puppet/modules/site_mx/manifests/init.pp
+++ b/puppet/modules/site_mx/manifests/init.pp
@@ -13,7 +13,6 @@ class site_mx {
include ::site_stunnel
include ::site_postfix::mx
- include ::site_haproxy
include ::site_shorewall::mx
include ::site_shorewall::service::smtp
include ::leap_mx
diff --git a/puppet/modules/site_nickserver/manifests/init.pp b/puppet/modules/site_nickserver/manifests/init.pp
index 8ef47b07..cab13522 100644
--- a/puppet/modules/site_nickserver/manifests/init.pp
+++ b/puppet/modules/site_nickserver/manifests/init.pp
@@ -1,9 +1,8 @@
#
-# TODO: currently, this is dependent on some things that are set up in
+# TODO: currently, this is dependent on one thing that is set up in
# site_webapp
#
-# (1) HAProxy -> couchdb
-# (2) Apache
+# (1) Apache
#
# It would be good in the future to make nickserver installable independently of
# site_webapp.
@@ -29,10 +28,9 @@ class site_nickserver {
# the port that nickserver is actually running on
$nickserver_local_port = '64250'
- # couchdb is available on localhost via haproxy, which is bound to 4096.
+ # couchdb is available on localhost via stunnel, which is bound to 4000.
$couchdb_host = 'localhost'
- # See site_webapp/templates/haproxy_couchdb.cfg.erg
- $couchdb_port = '4096'
+ $couchdb_port = '4000'
$sources = hiera('sources')
diff --git a/puppet/modules/site_webapp/manifests/couchdb.pp b/puppet/modules/site_webapp/manifests/couchdb.pp
index 175255af..ffe364c6 100644
--- a/puppet/modules/site_webapp/manifests/couchdb.pp
+++ b/puppet/modules/site_webapp/manifests/couchdb.pp
@@ -2,9 +2,9 @@
class site_webapp::couchdb {
$webapp = hiera('webapp')
- # haproxy listener on port localhost:4096, see site_webapp::haproxy
+ # stunnel endpoint on port localhost:4000
$couchdb_host = 'localhost'
- $couchdb_port = '4096'
+ $couchdb_port = '4000'
$couchdb_webapp_user = $webapp['couchdb_webapp_user']['username']
$couchdb_webapp_password = $webapp['couchdb_webapp_user']['password']
$couchdb_admin_user = $webapp['couchdb_admin_user']['username']
diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp
index 83cf99a9..1ae80012 100644
--- a/puppet/modules/site_webapp/manifests/init.pp
+++ b/puppet/modules/site_webapp/manifests/init.pp
@@ -19,7 +19,6 @@ class site_webapp {
include ::site_config::ruby::dev
include ::site_webapp::apache
include ::site_webapp::couchdb
- include ::site_haproxy
include ::site_webapp::cron
include ::site_config::default
include ::site_config::x509::cert
@@ -106,7 +105,9 @@ class site_webapp {
'/srv/leap/webapp/public/ca.crt':
ensure => link,
require => Vcsrepo['/srv/leap/webapp'],
+ # lint:ignore:variable_is_lowercase
target => "${x509::variables::local_CAs}/${site_config::params::ca_name}.crt";
+ # lint:endignore
"/srv/leap/webapp/public/${api_version}":
ensure => directory,