summaryrefslogtreecommitdiff
path: root/puppet/modules/site_nickserver
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/site_nickserver')
-rw-r--r--puppet/modules/site_nickserver/manifests/init.pp22
-rw-r--r--puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb1
2 files changed, 15 insertions, 8 deletions
diff --git a/puppet/modules/site_nickserver/manifests/init.pp b/puppet/modules/site_nickserver/manifests/init.pp
index c2deab0f..eb4415e7 100644
--- a/puppet/modules/site_nickserver/manifests/init.pp
+++ b/puppet/modules/site_nickserver/manifests/init.pp
@@ -61,13 +61,6 @@ class site_nickserver {
require => Group['nickserver'];
}
- #
- # NICKSERVER CODE NOTE: in order to support TLS, libssl-dev must be installed
- # before EventMachine gem is built/installed.
- #
-
- package { 'libssl-dev': ensure => installed }
-
vcsrepo { '/srv/leap/nickserver':
ensure => present,
revision => $sources['nickserver']['revision'],
@@ -122,6 +115,20 @@ class site_nickserver {
require => Vcsrepo['/srv/leap/nickserver'];
}
+ # register initscript at systemd on nodes newer than wheezy
+ # see https://leap.se/code/issues/7614
+ case $::operatingsystemrelease {
+ /^7.*/: { }
+ default: {
+ exec { 'register_systemd_nickserver':
+ refreshonly => true,
+ command => '/bin/systemctl enable nickserver',
+ subscribe => File['/etc/init.d/nickserver'],
+ before => Service['nickserver'];
+ }
+ }
+ }
+
service { 'nickserver':
ensure => running,
enable => true,
@@ -129,6 +136,7 @@ class site_nickserver {
hasstatus => true,
require => [
File['/etc/init.d/nickserver'],
+ File['/usr/bin/nickserver'],
Class['Site_config::X509::Key'],
Class['Site_config::X509::Cert'],
Class['Site_config::X509::Ca'] ];
diff --git a/puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb b/puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb
index d4e734c3..8f59fe38 100644
--- a/puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb
+++ b/puppet/modules/site_nickserver/templates/nickserver-proxy.conf.erb
@@ -9,7 +9,6 @@ Listen 0.0.0.0:<%= @nickserver_port -%>
ServerAlias <%= @address_domain %>
SSLCACertificatePath /etc/ssl/certs
- SSLCertificateChainFile <%= scope.lookupvar('x509::variables::local_CAs') %>/<%= scope.lookupvar('site_config::params::ca_name') %>.crt
SSLCertificateKeyFile <%= scope.lookupvar('x509::variables::keys') %>/<%= scope.lookupvar('site_config::params::cert_name') %>.key
SSLCertificateFile <%= scope.lookupvar('x509::variables::certs') %>/<%= scope.lookupvar('site_config::params::cert_name') %>.crt