summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--platform.rb3
-rw-r--r--provider_base/common.json6
-rw-r--r--provider_base/files/service-definitions/provider.json.erb2
-rw-r--r--provider_base/provider.json18
-rw-r--r--provider_base/services/openvpn.json10
-rw-r--r--provider_base/services/tor.json2
-rw-r--r--provider_base/services/webapp.json10
-rw-r--r--provider_base/tags/development.json4
-rw-r--r--puppet/modules/site_couchdb/manifests/bigcouch/compaction.pp8
-rw-r--r--puppet/modules/site_couchdb/manifests/init.pp6
-rw-r--r--tests/order.rb15
11 files changed, 57 insertions, 27 deletions
diff --git a/platform.rb b/platform.rb
index 54590f4b..3882ed8d 100644
--- a/platform.rb
+++ b/platform.rb
@@ -4,7 +4,7 @@
Leap::Platform.define do
self.version = "0.4.0"
- self.compatible_cli = "1.4.0".."1.99"
+ self.compatible_cli = "1.5.0".."1.99"
#
# the facter facts that should be gathered
@@ -26,6 +26,7 @@ Leap::Platform.define do
# input config files
:common_config => 'common.json',
:provider_config => 'provider.json',
+ :provider_env_config => 'provider.#{arg}.json',
:secrets_config => 'secrets.json',
:node_config => 'nodes/#{arg}.json',
:service_config => 'services/#{arg}.json',
diff --git a/provider_base/common.json b/provider_base/common.json
index 07a58bba..a4d9c5f2 100644
--- a/provider_base/common.json
+++ b/provider_base/common.json
@@ -3,10 +3,10 @@
"environment": null,
"services": [],
"tags": [],
- "contacts": "= global.provider.contacts.default",
+ "contacts": "= provider.contacts.default",
"domain": {
- "full_suffix": "= global.provider.domain",
- "internal_suffix": "= global.provider.domain_internal",
+ "full_suffix": "= provider.domain",
+ "internal_suffix": "= provider.domain_internal",
"full": "= node.name + '.' + domain.full_suffix",
"internal": "= node.name + '.' + domain.internal_suffix",
"name": "= node.name + '.' + (dns.public ? domain.full_suffix : domain.internal_suffix)"
diff --git a/provider_base/files/service-definitions/provider.json.erb b/provider_base/files/service-definitions/provider.json.erb
index 5d4c63a0..97454f81 100644
--- a/provider_base/files/service-definitions/provider.json.erb
+++ b/provider_base/files/service-definitions/provider.json.erb
@@ -1,6 +1,6 @@
<%=
# grab some fields from provider.json
- hsh = global.provider.pick(
+ hsh = provider.pick(
:languages, :description, :name,
:enrollment_policy, :default_language, :service
)
diff --git a/provider_base/provider.json b/provider_base/provider.json
index 8864e24d..fa69318b 100644
--- a/provider_base/provider.json
+++ b/provider_base/provider.json
@@ -23,17 +23,17 @@
],
"default_service_level": 1,
"bandwidth_limit": 102400,
- "allow_free": "= global.provider.service.levels.select {|l| l['rate'].nil?}.any?",
- "allow_paid": "= global.provider.service.levels.select {|l| !l['rate'].nil?}.any?",
- "allow_anonymous": "= global.provider.service.levels.select {|l| l['name'] == 'anonymous'}.any?",
- "allow_registration": "= global.provider.service.levels.select {|l| l['name'] != 'anonymous'}.any?",
- "allow_limited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'] == 'limited'}.any?",
- "allow_unlimited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'].nil?}.any?"
+ "allow_free": "= provider.service.levels.select {|l| l['rate'].nil?}.any?",
+ "allow_paid": "= provider.service.levels.select {|l| !l['rate'].nil?}.any?",
+ "allow_anonymous": "= provider.service.levels.select {|l| l['name'] == 'anonymous'}.any?",
+ "allow_registration": "= provider.service.levels.select {|l| l['name'] != 'anonymous'}.any?",
+ "allow_limited_bandwidth": "= provider.service.levels.select {|l| l['bandwidth'] == 'limited'}.any?",
+ "allow_unlimited_bandwidth": "= provider.service.levels.select {|l| l['bandwidth'].nil?}.any?"
},
"ca": {
- "name": "= global.provider.ca.organization + ' Root CA'",
- "organization": "= global.provider.name[global.provider.default_language]",
- "organizational_unit": "= 'https://' + global.provider.domain",
+ "name": "= provider.ca.organization + ' Root CA'",
+ "organization": "= provider.name[provider.default_language]",
+ "organizational_unit": "= 'https://' + provider.domain",
"bit_size": 4096,
"digest": "SHA256",
"life_span": "10y",
diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json
index 5d77f946..5a87335b 100644
--- a/provider_base/services/openvpn.json
+++ b/provider_base/services/openvpn.json
@@ -14,10 +14,10 @@
"filter_dns": false,
"adblock": false,
"user_ips": false,
- "allow_limited": "= global.provider.service.allow_limited_bandwidth",
- "allow_unlimited": "= global.provider.service.allow_unlimited_bandwidth",
- "limited_prefix": "= global.provider.ca.client_certificates.limited_prefix",
- "unlimited_prefix": "= global.provider.ca.client_certificates.unlimited_prefix",
- "rate_limit": "= openvpn.allow_limited ? global.provider.service.bandwidth_limit : nil"
+ "allow_limited": "= provider.service.allow_limited_bandwidth",
+ "allow_unlimited": "= provider.service.allow_unlimited_bandwidth",
+ "limited_prefix": "= provider.ca.client_certificates.limited_prefix",
+ "unlimited_prefix": "= provider.ca.client_certificates.unlimited_prefix",
+ "rate_limit": "= openvpn.allow_limited ? provider.service.bandwidth_limit : nil"
}
}
diff --git a/provider_base/services/tor.json b/provider_base/services/tor.json
index 9173b8d4..ed75285c 100644
--- a/provider_base/services/tor.json
+++ b/provider_base/services/tor.json
@@ -1,6 +1,6 @@
{
"tor": {
"bandwidth_rate": 6550,
- "contacts": "= global.provider.contacts['tor'] || global.provider.contacts.default"
+ "contacts": "= provider.contacts['tor'] || provider.contacts.default"
}
}
diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json
index f7abdffd..29c0cbf9 100644
--- a/provider_base/services/webapp.json
+++ b/provider_base/services/webapp.json
@@ -8,10 +8,10 @@
"salt": "= hex_secret :couch_webapp_password_salt, 128"
},
"customization_dir": "= file_path 'webapp'",
- "client_certificates": "= global.provider.ca.client_certificates",
- "allow_limited_certs": "= global.provider.service.allow_limited_bandwidth",
- "allow_unlimited_certs": "= global.provider.service.allow_unlimited_bandwidth",
- "allow_anonymous_certs": "= global.provider.service.allow_anonymous",
+ "client_certificates": "= provider.ca.client_certificates",
+ "allow_limited_certs": "= provider.service.allow_limited_bandwidth",
+ "allow_unlimited_certs": "= provider.service.allow_unlimited_bandwidth",
+ "allow_anonymous_certs": "= provider.service.allow_anonymous",
"secret_token": "= secret :webapp_secret_token",
"api_version": 1,
"secure": false,
@@ -19,7 +19,7 @@
"source": "https://leap.se/git/leap_web",
"revision": "origin/master"
},
- "client_version": "= global.provider.client_version",
+ "client_version": "= provider.client_version",
"nagios_test_user": {
"username": "nagios_test",
"password": "= secret :nagios_test_password"
diff --git a/provider_base/tags/development.json b/provider_base/tags/development.json
index 6d4f9e25..d9c2c007 100644
--- a/provider_base/tags/development.json
+++ b/provider_base/tags/development.json
@@ -1,7 +1,7 @@
{
"environment": "development",
"domain": {
- "full_suffix": "= 'dev.' + global.provider.domain",
- "internal_suffix": "= 'dev.' + global.provider.domain_internal"
+ "full_suffix": "= 'dev.' + provider.domain",
+ "internal_suffix": "= 'dev.' + provider.domain_internal"
}
} \ No newline at end of file
diff --git a/puppet/modules/site_couchdb/manifests/bigcouch/compaction.pp b/puppet/modules/site_couchdb/manifests/bigcouch/compaction.pp
new file mode 100644
index 00000000..84aab4ef
--- /dev/null
+++ b/puppet/modules/site_couchdb/manifests/bigcouch/compaction.pp
@@ -0,0 +1,8 @@
+class site_couchdb::bigcouch::compaction {
+ cron {
+ 'compact_all_shards':
+ command => '/srv/leap/couchdb/scripts/bigcouch_compact_all_shards.sh >> /var/log/bigcouch/compaction.log',
+ hour => 3,
+ minute => 17;
+ }
+}
diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp
index e4c0211b..c67ce8c8 100644
--- a/puppet/modules/site_couchdb/manifests/init.pp
+++ b/puppet/modules/site_couchdb/manifests/init.pp
@@ -94,6 +94,7 @@ class site_couchdb {
include site_couchdb::add_users
include site_couchdb::designs
include site_couchdb::logrotate
+ include site_couchdb::bigcouch::compaction
include site_shorewall::couchdb
include site_shorewall::couchdb::bigcouch
@@ -110,4 +111,9 @@ class site_couchdb {
include site_check_mk::agent::couchdb
include site_check_mk::agent::tapicero
+
+ file { '/var/log/bigcouch':
+ ensure => directory
+ }
+
}
diff --git a/tests/order.rb b/tests/order.rb
new file mode 100644
index 00000000..ffa6ae4e
--- /dev/null
+++ b/tests/order.rb
@@ -0,0 +1,15 @@
+class LeapCli::Config::Node
+ #
+ # returns a list of node names that should be tested before this node.
+ # make sure to not return ourselves (please no dependency loops!).
+ #
+ def test_dependencies
+ dependents = LeapCli::Config::ObjectList.new
+ unless services.include?('couchdb')
+ if services.include?('webapp') || services.include?('mx') || services.include?('soledad')
+ dependents.merge! nodes_like_me[:services => 'couchdb']
+ end
+ end
+ dependents.keys.delete_if {|name| self.name == name}
+ end
+end \ No newline at end of file