4 files changed, 58 insertions, 54 deletions

diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json
index a26579c8..95ab75f1 100644
--- a/provider_base/services/couchdb.json
+++ b/provider_base/services/couchdb.json
@@ -1,38 +1,38 @@
 {
-  "x509": {
-    "use": true
-  },
-  "stunnel": {
-    "couch_server": "= stunnel_server(couch.port)",
-    "epmd_server": "= stunnel_server(couch.bigcouch.epmd_port)",
-    "epmd_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.epmd_port)",
-    "ednp_server": "= stunnel_server(couch.bigcouch.ednp_port)",
-    "ednp_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.ednp_port)"
-  },
-  "couch": {
-    "port": 5984,
-    "bigcouch": {
-      "epmd_port": 4369,
-      "ednp_port": 9002,
-      "cookie": "= secret :bigcouch_cookie",
-      "neighbors": "= nodes_like_me[:services => :couchdb].exclude(self).field('domain.full')"
+    "x509": {
+        "use": true
     },
-    "users": {
-      "admin": {
-        "username": "admin",
-        "password": "= secret :couch_admin_password",
-        "salt": "= hex_secret :couch_admin_password_salt, 128"
-      },
-      "webapp": {
-        "username": "webapp",
-        "password": "= secret :couch_webapp_password",
-        "salt": "= hex_secret :couch_webapp_password_salt, 128"
-      },
-      "soledad": {
-        "username": "soledad",
-        "password": "= secret :couch_soledad_password",
-        "salt": "= hex_secret :couch_soledad_password_salt, 128"
-      }
+    "stunnel": {
+        "couch_server": "= stunnel_server(couch.port)",
+        "epmd_server": "= stunnel_server(couch.bigcouch.epmd_port)",
+        "epmd_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.epmd_port)",
+        "ednp_server": "= stunnel_server(couch.bigcouch.ednp_port)",
+        "ednp_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.ednp_port)"
+    },
+    "couch": {
+        "port": 5984,
+        "bigcouch": {
+            "epmd_port": 4369,
+            "ednp_port": 9002,
+            "cookie": "= secret :bigcouch_cookie",
+            "neighbors": "= nodes_like_me[:services => :couchdb].exclude(self).field('domain.full')"
+        },
+        "users": {
+            "admin": {
+                "username": "admin",
+                "password": "= secret :couch_admin_password",
+                "salt": "= hex_secret :couch_admin_password_salt, 128"
+            },
+            "soledad": {
+                "username": "soledad",
+                "password": "= secret :couch_soledad_password",
+                "salt": "= hex_secret :couch_soledad_password_salt, 128"
+            },
+            "webapp": {
+                "username": "webapp",
+                "password": "= secret :couch_webapp_password",
+                "salt": "= hex_secret :couch_webapp_password_salt, 128"
+            }
+        }
     }
-  }
 }
diff --git a/puppet/modules/site_couchdb/manifests/add_users.pp b/puppet/modules/site_couchdb/manifests/add_users.pp
index e9d3da78..b9304a97 100644
--- a/puppet/modules/site_couchdb/manifests/add_users.pp
+++ b/puppet/modules/site_couchdb/manifests/add_users.pp
@@ -1,12 +1,6 @@
 class site_couchdb::add_users {
 
   # Populate couchdb
-  couchdb::add_user { $site_couchdb::couchdb_webapp_user:
-    roles   => '["auth"]',
-    pw      => $site_couchdb::couchdb_webapp_pw,
-    salt    => $site_couchdb::couchdb_webapp_salt,
-    require => Couchdb::Query::Setup['localhost']
-  }
 
   couchdb::add_user { $site_couchdb::couchdb_soledad_user:
     roles   => '["auth"]',
@@ -14,4 +8,12 @@ class site_couchdb::add_users {
     salt    => $site_couchdb::couchdb_soledad_salt,
     require => Couchdb::Query::Setup['localhost']
   }
+
+  couchdb::add_user { $site_couchdb::couchdb_webapp_user:
+    roles   => '["auth"]',
+    pw      => $site_couchdb::couchdb_webapp_pw,
+    salt    => $site_couchdb::couchdb_webapp_salt,
+    require => Couchdb::Query::Setup['localhost']
+  }
+
 }
diff --git a/puppet/modules/site_couchdb/manifests/create_dbs.pp b/puppet/modules/site_couchdb/manifests/create_dbs.pp
index 2dca51c1..b5404231 100644
--- a/puppet/modules/site_couchdb/manifests/create_dbs.pp
+++ b/puppet/modules/site_couchdb/manifests/create_dbs.pp
@@ -1,11 +1,9 @@
 class site_couchdb::create_dbs {
 
-  couchdb::create_db { 'users':
-    members => "{ \"names\": [\"$site_couchdb::couchdb_webapp_user\"], \"roles\": [] }",
-    require => Couchdb::Query::Setup['localhost']
-  }
-
-  couchdb::create_db { 'tokens':
+  # leap_mx will want access to this. Granting access to the soledad user
+  # via the auth group for now.
+  # leap_mx could use that for a start.
+  couchdb::create_db { 'identities':
     members => "{ \"names\": [], \"roles\": [\"auth\"] }",
     require => Couchdb::Query::Setup['localhost']
   }
@@ -20,12 +18,13 @@ class site_couchdb::create_dbs {
     require => Couchdb::Query::Setup['localhost']
   }
 
-  # leap_mx will want access to this. Granting access to the soledad user
-  # via the auth group for now.
-  # leap_mx could use that for a start.
-  couchdb::create_db { 'identities':
+  couchdb::create_db { 'tokens':
     members => "{ \"names\": [], \"roles\": [\"auth\"] }",
     require => Couchdb::Query::Setup['localhost']
   }
 
+  couchdb::create_db { 'users':
+    members => "{ \"names\": [\"$site_couchdb::couchdb_webapp_user\"], \"roles\": [] }",
+    require => Couchdb::Query::Setup['localhost']
+  }
 }
diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp
index 0f839997..82f2befb 100644
--- a/puppet/modules/site_couchdb/manifests/init.pp
+++ b/puppet/modules/site_couchdb/manifests/init.pp
@@ -3,19 +3,22 @@ class site_couchdb {
 
   $couchdb_config         = hiera('couch')
   $couchdb_users          = $couchdb_config['users']
+
   $couchdb_admin          = $couchdb_users['admin']
   $couchdb_admin_user     = $couchdb_admin['username']
   $couchdb_admin_pw       = $couchdb_admin['password']
   $couchdb_admin_salt     = $couchdb_admin['salt']
-  $couchdb_webapp         = $couchdb_users['webapp']
-  $couchdb_webapp_user    = $couchdb_webapp['username']
-  $couchdb_webapp_pw      = $couchdb_webapp['password']
-  $couchdb_webapp_salt    = $couchdb_webapp['salt']
+
   $couchdb_soledad        = $couchdb_users['soledad']
   $couchdb_soledad_user   = $couchdb_soledad['username']
   $couchdb_soledad_pw     = $couchdb_soledad['password']
   $couchdb_soledad_salt   = $couchdb_soledad['salt']
 
+  $couchdb_webapp         = $couchdb_users['webapp']
+  $couchdb_webapp_user    = $couchdb_webapp['username']
+  $couchdb_webapp_pw      = $couchdb_webapp['password']
+  $couchdb_webapp_salt    = $couchdb_webapp['salt']
+
   $couchdb_backup         = $couchdb_config['backup']
 
   $bigcouch_config        = $couchdb_config['bigcouch']