diff options
Diffstat (limited to 'puppet/modules/site_nickserver')
-rw-r--r-- | puppet/modules/site_nickserver/manifests/init.pp | 22 | ||||
-rw-r--r-- | puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb | 1 |
2 files changed, 15 insertions, 8 deletions
diff --git a/puppet/modules/site_nickserver/manifests/init.pp b/puppet/modules/site_nickserver/manifests/init.pp index c2deab0f..eb4415e7 100644 --- a/puppet/modules/site_nickserver/manifests/init.pp +++ b/puppet/modules/site_nickserver/manifests/init.pp @@ -61,13 +61,6 @@ class site_nickserver { require => Group['nickserver']; } - # - # NICKSERVER CODE NOTE: in order to support TLS, libssl-dev must be installed - # before EventMachine gem is built/installed. - # - - package { 'libssl-dev': ensure => installed } - vcsrepo { '/srv/leap/nickserver': ensure => present, revision => $sources['nickserver']['revision'], @@ -122,6 +115,20 @@ class site_nickserver { require => Vcsrepo['/srv/leap/nickserver']; } + # register initscript at systemd on nodes newer than wheezy + # see https://leap.se/code/issues/7614 + case $::operatingsystemrelease { + /^7.*/: { } + default: { + exec { 'register_systemd_nickserver': + refreshonly => true, + command => '/bin/systemctl enable nickserver', + subscribe => File['/etc/init.d/nickserver'], + before => Service['nickserver']; + } + } + } + service { 'nickserver': ensure => running, enable => true, @@ -129,6 +136,7 @@ class site_nickserver { hasstatus => true, require => [ File['/etc/init.d/nickserver'], + File['/usr/bin/nickserver'], Class['Site_config::X509::Key'], Class['Site_config::X509::Cert'], Class['Site_config::X509::Ca'] ]; diff --git a/puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb b/puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb index d4e734c3..8f59fe38 100644 --- a/puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb +++ b/puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb @@ -9,7 +9,6 @@ Listen 0.0.0.0:<%= @nickserver_port -%> ServerAlias <%= @address_domain %> SSLCACertificatePath /etc/ssl/certs - SSLCertificateChainFile <%= scope.lookupvar('x509::variables::local_CAs') %>/<%= scope.lookupvar('site_config::params::ca_name') %>.crt SSLCertificateKeyFile <%= scope.lookupvar('x509::variables::keys') %>/<%= scope.lookupvar('site_config::params::cert_name') %>.key SSLCertificateFile <%= scope.lookupvar('x509::variables::certs') %>/<%= scope.lookupvar('site_config::params::cert_name') %>.crt |