diff options
| -rw-r--r-- | puppet/modules/site_apache/files/vhosts.d/couchdb_proxy.conf | 10 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp | 30 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/init.pp | 7 |
3 files changed, 11 insertions, 36 deletions
diff --git a/puppet/modules/site_apache/files/vhosts.d/couchdb_proxy.conf b/puppet/modules/site_apache/files/vhosts.d/couchdb_proxy.conf deleted file mode 100644 index 0dff2cd6..00000000 --- a/puppet/modules/site_apache/files/vhosts.d/couchdb_proxy.conf +++ /dev/null @@ -1,10 +0,0 @@ -Listen 0.0.0.0:6984 - -<VirtualHost *:6984> - SSLEngine On - SSLProxyEngine On - SSLCertificateKeyFile /etc/x509/keys/leap_couchdb.key - SSLCertificateFile /etc/x509/certs/leap_couchdb.crt - ProxyPass / http://127.0.0.1:5984/ - ProxyPassReverse / http://127.0.0.1:5984/ -</VirtualHost> diff --git a/puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp b/puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp index 7739473e..536dd8db 100644 --- a/puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp +++ b/puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp @@ -1,25 +1,13 @@ -define site_couchdb::apache_ssl_proxy ($key, $cert) { +class site_couchdb::apache_ssl_proxy { - $apache_no_default_site = true - include apache - apache::module { - 'proxy': ensure => present; - 'proxy_http': ensure => present; - 'rewrite': ensure => present; - 'ssl': ensure => present; - } - apache::vhost::file { 'couchdb_proxy': } +# This is here to disable the previously configured apache ssl proxy +# we were using this, but have switched to stunnel instead. +# +# Unfortunately, the current apache shared module doesn't handle +# ensure=>absent, so this is going to be done the crude way, and will only +# work for debian+derivitives, which is fine for now, but not good for the +# future - x509::key { - 'leap_couchdb': - content => $key, - notify => Service[apache]; - } - - x509::cert { - 'leap_couchdb': - content => $cert, - notify => Service[apache]; - } + package { 'apache2': ensure => absent } } diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 25956938..6f648c51 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -30,12 +30,9 @@ class site_couchdb ( $bigcouch = false ) { -> Couchdb::Create_db['client_certificates'] -> Couchdb::Add_user[$couchdb_webapp_user] -> Couchdb::Add_user[$couchdb_ca_daemon_user] - -> Site_couchdb::Apache_ssl_proxy['apache_ssl_proxy'] - site_couchdb::apache_ssl_proxy { 'apache_ssl_proxy': - key => $key, - cert => $cert - } + # this is here to disable and remove the proxy + include site_couchdb::apache_ssl_proxy couchdb::query::setup { 'localhost': user => $couchdb_admin_user, |