diff options
Diffstat (limited to 'puppet/modules/site_couchdb')
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp | 33 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/configure.pp | 5 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/init.pp | 16 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/package.pp | 13 |
4 files changed, 18 insertions, 49 deletions
diff --git a/puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp b/puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp index 92170780..02aae0c3 100644 --- a/puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp +++ b/puppet/modules/site_couchdb/manifests/apache_ssl_proxy.pp @@ -1,36 +1,25 @@ define site_couchdb::apache_ssl_proxy ($key, $cert) { $apache_no_default_site = true - include apache::ssl + include apache apache::module { - 'rewrite': ensure => present; 'proxy': ensure => present; 'proxy_http': ensure => present; + 'rewrite': ensure => present; + 'ssl': ensure => present; } apache::vhost::file { 'couchdb_proxy': } - # prevent 0-default.conf and 0-default_ssl.conf from apache module - # from starting on port 80 / 443 - file { '/etc/apache2/ports.conf': - content => '', - mode => '0644', - owner => 'root', - group => 'root', - } - file { '/etc/couchdb/server_cert.pem': - mode => '0644', - owner => 'couchdb', - group => 'couchdb', - content => $cert, - notify => Service[apache], + x509::key { + 'leap_couchdb': + content => $x509['key'], + notify => Service[apache]; } - file { '/etc/couchdb/server_key.pem': - mode => '0600', - owner => 'couchdb', - group => 'couchdb', - content => $key, - notify => Service[apache], + x509::cert { + 'leap_couchdb': + content => $x509['cert'], + notify => Service[apache]; } } diff --git a/puppet/modules/site_couchdb/manifests/configure.pp b/puppet/modules/site_couchdb/manifests/configure.pp index 25ea7a0b..333511b5 100644 --- a/puppet/modules/site_couchdb/manifests/configure.pp +++ b/puppet/modules/site_couchdb/manifests/configure.pp @@ -1,9 +1,4 @@ class site_couchdb::configure { - Class[site_couchdb::package] -> Class[couchdb] - - class { 'couchdb': - require => Class['site_couchdb::package'], } - file { '/etc/init.d/couchdb': source => 'puppet:///modules/site_couchdb/couchdb', diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 10408094..04f2ca1a 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -1,5 +1,7 @@ class site_couchdb { + include couchdb + $x509 = hiera('x509') $key = $x509['key'] $cert = $x509['cert'] @@ -15,21 +17,17 @@ class site_couchdb { $couchdb_ca_daemon_user = $couchdb_ca_daemon['username'] $couchdb_ca_daemon_pw = $couchdb_ca_daemon['password'] - Class['site_couchdb::package'] - -> Exec['refresh_apt'] - -> Package ['couchdb'] + Package ['couchdb'] -> File['/etc/init.d/couchdb'] -> File['/etc/couchdb/local.ini'] -> File['/etc/couchdb/local.d/admin.ini'] -> File['/etc/couchdb/couchdb.netrc'] - -> Couchdb::Create_db[leap_web] - -> Couchdb::Create_db[leap_ca] + -> Couchdb::Create_db['users'] + -> Couchdb::Create_db['client_certificates'] -> Couchdb::Add_user[$couchdb_webapp_user] -> Couchdb::Add_user[$couchdb_ca_daemon_user] -> Site_couchdb::Apache_ssl_proxy['apache_ssl_proxy'] - # Setup couchdb - include site_couchdb::package include site_couchdb::configure include couchdb::deploy_config @@ -54,11 +52,11 @@ class site_couchdb { pw => $couchdb_ca_daemon_pw } - couchdb::create_db { 'leap_web': + couchdb::create_db { 'users': readers => "{ \"names\": [\"$couchdb_webapp_user\"], \"roles\": [] }" } - couchdb::create_db { 'leap_ca': + couchdb::create_db { 'client_certificates': readers => "{ \"names\": [], \"roles\": [\"certs\"] }" } } diff --git a/puppet/modules/site_couchdb/manifests/package.pp b/puppet/modules/site_couchdb/manifests/package.pp deleted file mode 100644 index c091316a..00000000 --- a/puppet/modules/site_couchdb/manifests/package.pp +++ /dev/null @@ -1,13 +0,0 @@ -class site_couchdb::package { - - # for now, we need to install couchdb from unstable, - # because of this bug while installing: - # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681549 - # can be removed when couchdb/1.2.0-2 is integrated into testing - apt::sources_list { 'unstable.list': - source => [ 'puppet:///modules/site_apt/unstable.list'], - } - apt::preferences_snippet{ - 'couchdb': release => 'unstable', priority => 999; - } -} |