diff options
Diffstat (limited to 'puppet/modules/site_webapp/manifests/couchdb.pp')
| -rw-r--r-- | puppet/modules/site_webapp/manifests/couchdb.pp | 53 |
1 files changed, 12 insertions, 41 deletions
diff --git a/puppet/modules/site_webapp/manifests/couchdb.pp b/puppet/modules/site_webapp/manifests/couchdb.pp index b4ef0980..ff743fba 100644 --- a/puppet/modules/site_webapp/manifests/couchdb.pp +++ b/puppet/modules/site_webapp/manifests/couchdb.pp @@ -4,8 +4,6 @@ class site_webapp::couchdb { # haproxy listener on port localhost:4096, see site_webapp::haproxy $couchdb_host = 'localhost' $couchdb_port = '4096' - $couchdb_admin_user = $webapp['couchdb_admin_user']['username'] - $couchdb_admin_password = $webapp['couchdb_admin_user']['password'] $couchdb_webapp_user = $webapp['couchdb_webapp_user']['username'] $couchdb_webapp_password = $webapp['couchdb_webapp_user']['password'] @@ -14,65 +12,38 @@ class site_webapp::couchdb { $couch_client_connect = $couch_client['connect'] include x509::variables - $x509 = hiera('x509') - $key = $x509['key'] - $cert = $x509['cert'] - $ca = $x509['ca_cert'] - $cert_name = 'leap_couchdb' - $ca_name = 'leap_ca' - $ca_path = "${x509::variables::local_CAs}/${ca_name}.crt" - $cert_path = "${x509::variables::certs}/${cert_name}.crt" - $key_path = "${x509::variables::keys}/${cert_name}.key" file { - '/srv/leap/webapp/config/couchdb.yml.admin': - content => template('site_webapp/couchdb.yml.admin.erb'), + '/srv/leap/webapp/config/couchdb.yml': + content => template('site_webapp/couchdb.yml.erb'), owner => leap-webapp, group => leap-webapp, mode => '0600', require => Vcsrepo['/srv/leap/webapp']; - '/srv/leap/webapp/config/couchdb.yml.webapp': - content => template('site_webapp/couchdb.yml.erb'), + '/srv/leap/webapp/log': + ensure => directory, owner => leap-webapp, group => leap-webapp, - mode => '0600', + mode => '0755', require => Vcsrepo['/srv/leap/webapp']; - '/srv/leap/webapp/logs/production.log': + '/srv/leap/webapp/log/production.log': + ensure => present, owner => leap-webapp, group => leap-webapp, mode => '0666', require => Vcsrepo['/srv/leap/webapp']; - - '/usr/local/sbin/migrate_design_documents': - source => 'puppet:///modules/site_webapp/migrate_design_documents', - owner => root, - group => root, - mode => '0744'; } - class { 'site_stunnel::setup': - cert_name => $cert_name, - key => $key, - cert => $cert, - ca_name => $ca_name, - ca => $ca - } - - exec { 'migrate_design_documents': - cwd => '/srv/leap/webapp', - command => '/usr/local/sbin/migrate_design_documents', - require => Exec['bundler_update'], - notify => Service['apache']; - } + include site_stunnel $couchdb_stunnel_client_defaults = { 'connect_port' => $couch_client_connect, - 'client' => true, - 'cafile' => $ca_path, - 'key' => $key_path, - 'cert' => $cert_path, + 'client' => true, + 'cafile' => "${x509::variables::local_CAs}/${site_config::params::ca_name}.crt", + 'key' => "${x509::variables::keys}/${site_config::params::cert_name}.key", + 'cert' => "${x509::variables::certs}/${site_config::params::cert_name}.crt", } create_resources(site_stunnel::clients, $couch_client, $couchdb_stunnel_client_defaults) |