2 files changed, 54 insertions, 28 deletions

diff --git a/puppet/modules/site_apt/manifests/preferences/twisted.pp b/puppet/modules/site_apt/manifests/preferences/twisted.pp
new file mode 100644
index 00000000..a3fa0950
--- /dev/null
+++ b/puppet/modules/site_apt/manifests/preferences/twisted.pp
@@ -0,0 +1,11 @@
+# Pin twisted to jessie-backports in order to
+# use 16.2.0 for i.e. soledad
+class site_apt::preferences::twisted {
+
+  apt::preferences_snippet { 'twisted':
+    package  => 'python-twisted*',
+    release  => "${::lsbdistcodename}-backports",
+    priority => 999;
+  }
+
+}
diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp
index 15925aba..83cf99a9 100644
--- a/puppet/modules/site_webapp/manifests/init.pp
+++ b/puppet/modules/site_webapp/manifests/init.pp
@@ -16,21 +16,22 @@ class site_webapp {
 
   Class['site_config::default'] -> Class['site_webapp']
 
-  include site_config::ruby::dev
-  include site_webapp::apache
-  include site_webapp::couchdb
-  include site_haproxy
-  include site_webapp::cron
-  include site_config::default
-  include site_config::x509::cert
-  include site_config::x509::key
-  include site_config::x509::ca
-  include site_config::x509::client_ca::ca
-  include site_config::x509::client_ca::key
-  include site_nickserver
+  include ::site_config::ruby::dev
+  include ::site_webapp::apache
+  include ::site_webapp::couchdb
+  include ::site_haproxy
+  include ::site_webapp::cron
+  include ::site_config::default
+  include ::site_config::x509::cert
+  include ::site_config::x509::key
+  include ::site_config::x509::ca
+  include ::site_config::x509::client_ca::ca
+  include ::site_config::x509::client_ca::key
+  include ::site_nickserver
+  include ::site_apt::preferences::twisted
 
   # remove leftovers from previous installations on webapp nodes
-  include site_config::remove::webapp
+  include ::site_config::remove::webapp
 
   group { 'leap-webapp':
     ensure    => present,
@@ -91,12 +92,16 @@ class site_webapp {
     '/srv/leap/webapp/config/provider':
       ensure  => directory,
       require => Vcsrepo['/srv/leap/webapp'],
-      owner   => leap-webapp, group => leap-webapp, mode => '0755';
+      owner   => 'leap-webapp',
+      group   => 'leap-webapp',
+      mode    => '0755';
 
     '/srv/leap/webapp/config/provider/provider.json':
       content => $provider,
       require => Vcsrepo['/srv/leap/webapp'],
-      owner   => leap-webapp, group => leap-webapp, mode => '0644';
+      owner   => 'leap-webapp',
+      group   => 'leap-webapp',
+      mode    => '0644';
 
     '/srv/leap/webapp/public/ca.crt':
       ensure  => link,
@@ -106,27 +111,37 @@ class site_webapp {
     "/srv/leap/webapp/public/${api_version}":
       ensure  => directory,
       require => Vcsrepo['/srv/leap/webapp'],
-      owner   => leap-webapp, group => leap-webapp, mode => '0755';
+      owner   => 'leap-webapp',
+      group   => 'leap-webapp',
+      mode    => '0755';
 
     "/srv/leap/webapp/public/${api_version}/config/":
       ensure  => directory,
       require => Vcsrepo['/srv/leap/webapp'],
-      owner   => leap-webapp, group => leap-webapp, mode => '0755';
+      owner   => 'leap-webapp',
+      group   => 'leap-webapp',
+      mode    => '0755';
 
     "/srv/leap/webapp/public/${api_version}/config/eip-service.json":
       content => $eip_service,
       require => Vcsrepo['/srv/leap/webapp'],
-      owner   => leap-webapp, group => leap-webapp, mode => '0644';
+      owner   => 'leap-webapp',
+      group   => 'leap-webapp',
+      mode    => '0644';
 
     "/srv/leap/webapp/public/${api_version}/config/soledad-service.json":
       content => $soledad_service,
       require => Vcsrepo['/srv/leap/webapp'],
-      owner   => leap-webapp, group => leap-webapp, mode => '0644';
+      owner   => 'leap-webapp',
+      group   => 'leap-webapp',
+      mode    => '0644';
 
     "/srv/leap/webapp/public/${api_version}/config/smtp-service.json":
       content => $smtp_service,
       require => Vcsrepo['/srv/leap/webapp'],
-      owner   => leap-webapp, group => leap-webapp, mode => '0644';
+      owner   => 'leap-webapp',
+      group   => 'leap-webapp',
+      mode    => '0644';
   }
 
   try::file {
@@ -135,8 +150,8 @@ class site_webapp {
       recurse => true,
       purge   => true,
       force   => true,
-      owner   => leap-webapp,
-      group   => leap-webapp,
+      owner   => 'leap-webapp',
+      group   => 'leap-webapp',
       mode    => 'u=rwX,go=rX',
       require => Vcsrepo['/srv/leap/webapp'],
       notify  => Exec['compile_assets'],
@@ -153,8 +168,8 @@ class site_webapp {
   file {
     '/srv/leap/webapp/config/config.yml':
       content => template('site_webapp/config.yml.erb'),
-      owner   => leap-webapp,
-      group   => leap-webapp,
+      owner   => 'leap-webapp',
+      group   => 'leap-webapp',
       mode    => '0600',
       require => Vcsrepo['/srv/leap/webapp'],
       notify  => Service['apache'];
@@ -163,17 +178,17 @@ class site_webapp {
   if $tor {
     $hidden_service = $tor['hidden_service']
     if $hidden_service['active'] {
-      include site_webapp::hidden_service
+      include ::site_webapp::hidden_service
     }
   }
 
 
   # needed for the soledad-sync check which is run on the
   # webapp node
-  include soledad::client
+  include ::soledad::client
 
   leap::logfile { 'webapp': }
 
-  include site_shorewall::webapp
-  include site_check_mk::agent::webapp
+  include ::site_shorewall::webapp
+  include ::site_check_mk::agent::webapp
 }