summaryrefslogtreecommitdiff
path: root/puppet/modules
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules')
-rw-r--r--puppet/modules/site_nickserver/manifests/init.pp41
1 files changed, 27 insertions, 14 deletions
diff --git a/puppet/modules/site_nickserver/manifests/init.pp b/puppet/modules/site_nickserver/manifests/init.pp
index 7dfa2603..a3368771 100644
--- a/puppet/modules/site_nickserver/manifests/init.pp
+++ b/puppet/modules/site_nickserver/manifests/init.pp
@@ -1,10 +1,12 @@
#
-# TODO: currently, this is dependent on some things that are set up in site_webapp
+# TODO: currently, this is dependent on some things that are set up in
+# site_webapp
#
# (1) HAProxy -> couchdb
# (2) Apache
#
-# It would be good in the future to make nickserver installable independently of site_webapp.
+# It would be good in the future to make nickserver installable independently of
+# site_webapp.
#
class site_nickserver {
@@ -16,14 +18,18 @@ class site_nickserver {
#
$nickserver = hiera('nickserver')
- $nickserver_port = $nickserver['port'] # the port that public connects to (should be 6425)
- $nickserver_local_port = '64250' # the port that nickserver is actually running on
+ # the port that public connects to (should be 6425)
+ $nickserver_port = $nickserver['port']
+ # the port that nickserver is actually running on
+ $nickserver_local_port = '64250'
$nickserver_domain = $nickserver['domain']
$couchdb_user = $nickserver['couchdb_user']['username']
$couchdb_password = $nickserver['couchdb_user']['password']
- $couchdb_host = 'localhost' # couchdb is available on localhost via haproxy, which is bound to 4096.
- $couchdb_port = '4096' # See site_webapp/templates/haproxy_couchdb.cfg.erg
+ # couchdb is available on localhost via haproxy, which is bound to 4096.
+ $couchdb_host = 'localhost'
+ # See site_webapp/templates/haproxy_couchdb.cfg.erg
+ $couchdb_port = '4096'
# temporarily for now:
$domain = hiera('domain')
@@ -41,6 +47,7 @@ class site_nickserver {
ensure => present,
allowdupe => false;
}
+
user { 'nickserver':
ensure => present,
allowdupe => false,
@@ -50,14 +57,14 @@ class site_nickserver {
}
#
- # NICKSERVER CODE
- # NOTE: in order to support TLS, libssl-dev must be installed before EventMachine gem
- # is built/installed.
+ # NICKSERVER CODE NOTE: in order to support TLS, libssl-dev must be installed
+ # before EventMachine gem is built/installed.
#
package {
'libssl-dev': ensure => installed;
}
+
vcsrepo { '/srv/leap/nickserver':
ensure => present,
revision => 'origin/master',
@@ -68,13 +75,15 @@ class site_nickserver {
require => [ User['nickserver'], Group['nickserver'] ],
notify => Exec['nickserver_bundler_update'];
}
+
exec { 'nickserver_bundler_update':
cwd => '/srv/leap/nickserver',
command => '/bin/bash -c "/usr/bin/bundle check || /usr/bin/bundle install --path vendor/bundle"',
unless => '/usr/bin/bundle check',
user => 'nickserver',
timeout => 600,
- require => [ Class['bundler::install'], Vcsrepo['/srv/leap/nickserver'], Package['libssl-dev'] ],
+ require => [ Class['bundler::install'], Vcsrepo['/srv/leap/nickserver'],
+ Package['libssl-dev'] ],
notify => Service['nickserver'];
}
@@ -99,8 +108,11 @@ class site_nickserver {
ensure => link,
target => '/srv/leap/nickserver/bin/nickserver',
require => Vcsrepo['/srv/leap/nickserver'];
+
'/etc/init.d/nickserver':
- owner => root, group => 0, mode => '0755',
+ owner => root,
+ group => 0,
+ mode => '0755',
source => '/srv/leap/nickserver/dist/debian-init-script',
require => Vcsrepo['/srv/leap/nickserver'];
}
@@ -119,7 +131,7 @@ class site_nickserver {
#
file { '/etc/shorewall/macro.nickserver':
- content => "PARAM - - tcp $nickserver_port",
+ content => "PARAM - - tcp ${nickserver_port}",
notify => Service['shorewall'],
require => Package['shorewall'];
}
@@ -142,7 +154,8 @@ class site_nickserver {
}
apache::vhost::file {
- 'nickserver': content => template('site_nickserver/nickserver-proxy.conf.erb')
+ 'nickserver':
+ content => template('site_nickserver/nickserver-proxy.conf.erb')
}
x509::key { 'nickserver':
@@ -159,4 +172,4 @@ class site_nickserver {
content => $x509_ca,
notify => Service[apache];
}
-} \ No newline at end of file
+}