summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--puppet/modules/site_couchdb/manifests/init.pp51
1 files changed, 29 insertions, 22 deletions
diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp
index e4d97e34..30ce7f54 100644
--- a/puppet/modules/site_couchdb/manifests/init.pp
+++ b/puppet/modules/site_couchdb/manifests/init.pp
@@ -1,28 +1,33 @@
class site_couchdb {
- $x509 = hiera('x509')
- $key = $x509['key']
- $cert = $x509['cert']
- $adminpw = hiera('couchdb_adminpw')
- $couchdb_leap_web_user = hiera('couchdb_leap_web_user')
- $couchdb_leap_web_username = $couchdb_leap_web_user['user']
- $couchdb_leap_web_pw = $couchdb_leap_web_user['pw']
- $couchdb_leap_ca_user = hiera('couchdb_leap_ca_user')
- $couchdb_leap_ca_username = $couchdb_leap_ca_user['user']
- $couchdb_leap_ca_pw = $couchdb_leap_ca_user['pw']
- $couchdb_host = "admin:$adminpw@127.0.0.1:5984"
+ $x509 = hiera('x509')
+ $key = $x509['key']
+ $cert = $x509['cert']
+ $couchdb_config = hiera('couch')
+ $couchdb_users = $couchdb_config['users']
+ $couchdb_admin = $couchdb_users['admin']
+ $couchdb_admin_user = $couchdb_admin['username']
+ $couchdb_admin_pw = $couchdb_admin['password']
+ $couchdb_webapp = $couchdb_users['webapp']
+ $couchdb_webapp_user = $couchdb_webapp['username']
+ $couchdb_webapp_pw = $couchdb_webapp['password']
+ $couchdb_ca_daemon = $couchdb_users['ca_daemon']
+ $couchdb_ca_daemon_user = $couchdb_ca_daemon['username']
+ $couchdb_ca_daemon_pw = $couchdb_ca_daemon['password']
Class['site_couchdb::package']
-> Package ['couchdb']
-> File['/etc/init.d/couchdb']
-> File['/etc/couchdb/local.ini']
-> File['/etc/couchdb/local.d/admin.ini']
+ -> File['/etc/couchdb/couchdb.netrc']
-> Couchdb::Create_db[leap_web]
-> Couchdb::Create_db[leap_ca]
- -> Couchdb::Add_user[leap_web]
- -> Couchdb::Add_user[leap_ca]
+ -> Couchdb::Add_user[$couchdb_webapp_user]
+ -> Couchdb::Add_user[$couchdb_ca_daemon_user]
-> Site_couchdb::Apache_ssl_proxy['apache_ssl_proxy']
+ # Setup couchdb
include site_couchdb::package
include site_couchdb::configure
include couchdb::deploy_config
@@ -32,25 +37,27 @@ class site_couchdb {
cert => $cert
}
- couchdb::add_user { $couchdb_leap_web_username:
- host => $couchdb_host,
+ couchdb::query::setup { 'localhost':
+ user => $couchdb_admin_user,
+ pw => $couchdb_admin_pw
+ }
+
+ # Populate couchdb
+ couchdb::add_user { $couchdb_webapp_user:
roles => '["certs"]',
- pw => $couchdb_leap_web_pw
+ pw => $couchdb_webapp_pw
}
- couchdb::add_user { $couchdb_leap_ca_username:
- host => $couchdb_host,
+ couchdb::add_user { $couchdb_ca_daemon_user:
roles => '["certs"]',
- pw => $couchdb_leap_ca_pw
+ pw => $couchdb_ca_daemon_pw
}
couchdb::create_db { 'leap_web':
- host => $couchdb_host,
- readers => "{ \"names\": [\"leap_web\"], \"roles\": [] }"
+ readers => "{ \"names\": [\"$couchdb_webapp_user\"], \"roles\": [] }"
}
couchdb::create_db { 'leap_ca':
- host => $couchdb_host,
readers => "{ \"names\": [], \"roles\": [\"certs\"] }"
}
}