diff options
-rw-r--r-- | platform.rb | 3 | ||||
-rw-r--r-- | provider_base/common.json | 6 | ||||
-rw-r--r-- | provider_base/files/service-definitions/provider.json.erb | 2 | ||||
-rw-r--r-- | provider_base/provider.json | 18 | ||||
-rw-r--r-- | provider_base/services/openvpn.json | 10 | ||||
-rw-r--r-- | provider_base/services/tor.json | 2 | ||||
-rw-r--r-- | provider_base/services/webapp.json | 10 | ||||
-rw-r--r-- | provider_base/tags/development.json | 4 | ||||
-rw-r--r-- | puppet/modules/site_couchdb/manifests/bigcouch/compaction.pp | 8 | ||||
-rw-r--r-- | puppet/modules/site_couchdb/manifests/init.pp | 6 | ||||
-rw-r--r-- | tests/order.rb | 15 |
11 files changed, 57 insertions, 27 deletions
diff --git a/platform.rb b/platform.rb index 54590f4b..3882ed8d 100644 --- a/platform.rb +++ b/platform.rb @@ -4,7 +4,7 @@ Leap::Platform.define do self.version = "0.4.0" - self.compatible_cli = "1.4.0".."1.99" + self.compatible_cli = "1.5.0".."1.99" # # the facter facts that should be gathered @@ -26,6 +26,7 @@ Leap::Platform.define do # input config files :common_config => 'common.json', :provider_config => 'provider.json', + :provider_env_config => 'provider.#{arg}.json', :secrets_config => 'secrets.json', :node_config => 'nodes/#{arg}.json', :service_config => 'services/#{arg}.json', diff --git a/provider_base/common.json b/provider_base/common.json index 07a58bba..a4d9c5f2 100644 --- a/provider_base/common.json +++ b/provider_base/common.json @@ -3,10 +3,10 @@ "environment": null, "services": [], "tags": [], - "contacts": "= global.provider.contacts.default", + "contacts": "= provider.contacts.default", "domain": { - "full_suffix": "= global.provider.domain", - "internal_suffix": "= global.provider.domain_internal", + "full_suffix": "= provider.domain", + "internal_suffix": "= provider.domain_internal", "full": "= node.name + '.' + domain.full_suffix", "internal": "= node.name + '.' + domain.internal_suffix", "name": "= node.name + '.' + (dns.public ? domain.full_suffix : domain.internal_suffix)" diff --git a/provider_base/files/service-definitions/provider.json.erb b/provider_base/files/service-definitions/provider.json.erb index 5d4c63a0..97454f81 100644 --- a/provider_base/files/service-definitions/provider.json.erb +++ b/provider_base/files/service-definitions/provider.json.erb @@ -1,6 +1,6 @@ <%= # grab some fields from provider.json - hsh = global.provider.pick( + hsh = provider.pick( :languages, :description, :name, :enrollment_policy, :default_language, :service ) diff --git a/provider_base/provider.json b/provider_base/provider.json index 8864e24d..fa69318b 100644 --- a/provider_base/provider.json +++ b/provider_base/provider.json @@ -23,17 +23,17 @@ ], "default_service_level": 1, "bandwidth_limit": 102400, - "allow_free": "= global.provider.service.levels.select {|l| l['rate'].nil?}.any?", - "allow_paid": "= global.provider.service.levels.select {|l| !l['rate'].nil?}.any?", - "allow_anonymous": "= global.provider.service.levels.select {|l| l['name'] == 'anonymous'}.any?", - "allow_registration": "= global.provider.service.levels.select {|l| l['name'] != 'anonymous'}.any?", - "allow_limited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'] == 'limited'}.any?", - "allow_unlimited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'].nil?}.any?" + "allow_free": "= provider.service.levels.select {|l| l['rate'].nil?}.any?", + "allow_paid": "= provider.service.levels.select {|l| !l['rate'].nil?}.any?", + "allow_anonymous": "= provider.service.levels.select {|l| l['name'] == 'anonymous'}.any?", + "allow_registration": "= provider.service.levels.select {|l| l['name'] != 'anonymous'}.any?", + "allow_limited_bandwidth": "= provider.service.levels.select {|l| l['bandwidth'] == 'limited'}.any?", + "allow_unlimited_bandwidth": "= provider.service.levels.select {|l| l['bandwidth'].nil?}.any?" }, "ca": { - "name": "= global.provider.ca.organization + ' Root CA'", - "organization": "= global.provider.name[global.provider.default_language]", - "organizational_unit": "= 'https://' + global.provider.domain", + "name": "= provider.ca.organization + ' Root CA'", + "organization": "= provider.name[provider.default_language]", + "organizational_unit": "= 'https://' + provider.domain", "bit_size": 4096, "digest": "SHA256", "life_span": "10y", diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json index 5d77f946..5a87335b 100644 --- a/provider_base/services/openvpn.json +++ b/provider_base/services/openvpn.json @@ -14,10 +14,10 @@ "filter_dns": false, "adblock": false, "user_ips": false, - "allow_limited": "= global.provider.service.allow_limited_bandwidth", - "allow_unlimited": "= global.provider.service.allow_unlimited_bandwidth", - "limited_prefix": "= global.provider.ca.client_certificates.limited_prefix", - "unlimited_prefix": "= global.provider.ca.client_certificates.unlimited_prefix", - "rate_limit": "= openvpn.allow_limited ? global.provider.service.bandwidth_limit : nil" + "allow_limited": "= provider.service.allow_limited_bandwidth", + "allow_unlimited": "= provider.service.allow_unlimited_bandwidth", + "limited_prefix": "= provider.ca.client_certificates.limited_prefix", + "unlimited_prefix": "= provider.ca.client_certificates.unlimited_prefix", + "rate_limit": "= openvpn.allow_limited ? provider.service.bandwidth_limit : nil" } } diff --git a/provider_base/services/tor.json b/provider_base/services/tor.json index 9173b8d4..ed75285c 100644 --- a/provider_base/services/tor.json +++ b/provider_base/services/tor.json @@ -1,6 +1,6 @@ { "tor": { "bandwidth_rate": 6550, - "contacts": "= global.provider.contacts['tor'] || global.provider.contacts.default" + "contacts": "= provider.contacts['tor'] || provider.contacts.default" } } diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json index f7abdffd..29c0cbf9 100644 --- a/provider_base/services/webapp.json +++ b/provider_base/services/webapp.json @@ -8,10 +8,10 @@ "salt": "= hex_secret :couch_webapp_password_salt, 128" }, "customization_dir": "= file_path 'webapp'", - "client_certificates": "= global.provider.ca.client_certificates", - "allow_limited_certs": "= global.provider.service.allow_limited_bandwidth", - "allow_unlimited_certs": "= global.provider.service.allow_unlimited_bandwidth", - "allow_anonymous_certs": "= global.provider.service.allow_anonymous", + "client_certificates": "= provider.ca.client_certificates", + "allow_limited_certs": "= provider.service.allow_limited_bandwidth", + "allow_unlimited_certs": "= provider.service.allow_unlimited_bandwidth", + "allow_anonymous_certs": "= provider.service.allow_anonymous", "secret_token": "= secret :webapp_secret_token", "api_version": 1, "secure": false, @@ -19,7 +19,7 @@ "source": "https://leap.se/git/leap_web", "revision": "origin/master" }, - "client_version": "= global.provider.client_version", + "client_version": "= provider.client_version", "nagios_test_user": { "username": "nagios_test", "password": "= secret :nagios_test_password" diff --git a/provider_base/tags/development.json b/provider_base/tags/development.json index 6d4f9e25..d9c2c007 100644 --- a/provider_base/tags/development.json +++ b/provider_base/tags/development.json @@ -1,7 +1,7 @@ { "environment": "development", "domain": { - "full_suffix": "= 'dev.' + global.provider.domain", - "internal_suffix": "= 'dev.' + global.provider.domain_internal" + "full_suffix": "= 'dev.' + provider.domain", + "internal_suffix": "= 'dev.' + provider.domain_internal" } }
\ No newline at end of file diff --git a/puppet/modules/site_couchdb/manifests/bigcouch/compaction.pp b/puppet/modules/site_couchdb/manifests/bigcouch/compaction.pp new file mode 100644 index 00000000..84aab4ef --- /dev/null +++ b/puppet/modules/site_couchdb/manifests/bigcouch/compaction.pp @@ -0,0 +1,8 @@ +class site_couchdb::bigcouch::compaction { + cron { + 'compact_all_shards': + command => '/srv/leap/couchdb/scripts/bigcouch_compact_all_shards.sh >> /var/log/bigcouch/compaction.log', + hour => 3, + minute => 17; + } +} diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index e4c0211b..c67ce8c8 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -94,6 +94,7 @@ class site_couchdb { include site_couchdb::add_users include site_couchdb::designs include site_couchdb::logrotate + include site_couchdb::bigcouch::compaction include site_shorewall::couchdb include site_shorewall::couchdb::bigcouch @@ -110,4 +111,9 @@ class site_couchdb { include site_check_mk::agent::couchdb include site_check_mk::agent::tapicero + + file { '/var/log/bigcouch': + ensure => directory + } + } diff --git a/tests/order.rb b/tests/order.rb new file mode 100644 index 00000000..ffa6ae4e --- /dev/null +++ b/tests/order.rb @@ -0,0 +1,15 @@ +class LeapCli::Config::Node + # + # returns a list of node names that should be tested before this node. + # make sure to not return ourselves (please no dependency loops!). + # + def test_dependencies + dependents = LeapCli::Config::ObjectList.new + unless services.include?('couchdb') + if services.include?('webapp') || services.include?('mx') || services.include?('soledad') + dependents.merge! nodes_like_me[:services => 'couchdb'] + end + end + dependents.keys.delete_if {|name| self.name == name} + end +end
\ No newline at end of file |