diff options
Diffstat (limited to 'puppet/modules/site_mx')
| -rw-r--r-- | puppet/modules/site_mx/manifests/couchdb.pp | 35 | ||||
| -rw-r--r-- | puppet/modules/site_mx/manifests/haproxy.pp | 14 | ||||
| -rw-r--r-- | puppet/modules/site_mx/manifests/init.pp | 10 |
3 files changed, 59 insertions, 0 deletions
diff --git a/puppet/modules/site_mx/manifests/couchdb.pp b/puppet/modules/site_mx/manifests/couchdb.pp new file mode 100644 index 00000000..f842ceab --- /dev/null +++ b/puppet/modules/site_mx/manifests/couchdb.pp @@ -0,0 +1,35 @@ +class site_mx::couchdb { + + $stunnel = hiera('stunnel') + $couch_client = $stunnel['couch_client'] + $couch_client_connect = $couch_client['connect'] + + include x509::variables + $x509 = hiera('x509') + $key = $x509['key'] + $cert = $x509['cert'] + $ca = $x509['ca_cert'] + $cert_name = 'leap_couchdb' + $ca_name = 'leap_ca' + $ca_path = "${x509::variables::local_CAs}/${ca_name}.crt" + $cert_path = "${x509::variables::certs}/${cert_name}.crt" + $key_path = "${x509::variables::keys}/${cert_name}.key" + + class { 'site_stunnel::setup': + cert_name => $cert_name, + key => $key, + cert => $cert, + ca_name => $ca_name, + ca => $ca + } + + $couchdb_stunnel_client_defaults = { + 'connect_port' => $couch_client_connect, + 'client' => true, + 'cafile' => $ca_path, + 'key' => $key_path, + 'cert' => $cert_path, + } + + create_resources(site_stunnel::clients, $couch_client, $couchdb_stunnel_client_defaults) +} diff --git a/puppet/modules/site_mx/manifests/haproxy.pp b/puppet/modules/site_mx/manifests/haproxy.pp new file mode 100644 index 00000000..988eeaf3 --- /dev/null +++ b/puppet/modules/site_mx/manifests/haproxy.pp @@ -0,0 +1,14 @@ +class site_mx::haproxy { + + include site_haproxy + + $haproxy = hiera('haproxy') + $local_ports = $haproxy['local_ports'] + + # Template uses $global_options, $defaults_options + concat::fragment { 'leap_haproxy_webapp_couchdb': + target => '/etc/haproxy/haproxy.cfg', + order => '20', + content => template('site_webapp/haproxy_couchdb.cfg.erb'), + } +} diff --git a/puppet/modules/site_mx/manifests/init.pp b/puppet/modules/site_mx/manifests/init.pp new file mode 100644 index 00000000..4cf3f41a --- /dev/null +++ b/puppet/modules/site_mx/manifests/init.pp @@ -0,0 +1,10 @@ +class site_mx { + tag 'leap_service' + + include site_postfix::mx + include site_mx::haproxy + include site_shorewall::mx + include site_shorewall::service::smtp + include site_mx::couchdb + include leap_mx +} |