diff options
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/stunnel.pp | 12 | ||||
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/couchdb.pp | 16 | 
2 files changed, 27 insertions, 1 deletions
| diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp index 1afe25a4..2133d6da 100644 --- a/puppet/modules/site_couchdb/manifests/stunnel.pp +++ b/puppet/modules/site_couchdb/manifests/stunnel.pp @@ -39,5 +39,17 @@ class site_couchdb::stunnel ($key, $cert, $ca) {      rndfile    => '/var/lib/stunnel4/.rnd',      debuglevel => '4'    } +  stunnel::service { 'bigcouch': +    accept     => '6984', +    connect    => '127.0.0.1:5984', +    client     => false, +    cafile     => $ca_path, +    key        => $key_path, +    cert       => $cert_path, +    verify     => '2', +    pid        => '/var/run/stunnel4/couchdb.pid', +    rndfile    => '/var/lib/stunnel4/.rnd', +    debuglevel => '4' +  }  } diff --git a/puppet/modules/site_shorewall/manifests/couchdb.pp b/puppet/modules/site_shorewall/manifests/couchdb.pp index 9fa59569..5fa1861b 100644 --- a/puppet/modules/site_shorewall/manifests/couchdb.pp +++ b/puppet/modules/site_shorewall/manifests/couchdb.pp @@ -3,10 +3,13 @@ class site_shorewall::couchdb {    include site_shorewall::defaults    $couchdb_port = '6984' +  # Erlang Port Mapper daemon, used for communication between +  # bigcouch cluster nodes +  $portmapper_port = '5369'    # define macro for incoming services    file { '/etc/shorewall/macro.leap_couchdb': -    content => "PARAM   -       -       tcp    $couchdb_port", +    content => "PARAM   -       -       tcp    $couchdb_port $portmapper_port",      notify  => Service['shorewall'],      require => Package['shorewall']    } @@ -20,4 +23,15 @@ class site_shorewall::couchdb {          order       => 200;    } +  shorewall::rule { +    'dnat-bigcouch-clustering-to-stunnel': +      destination     => "net:${::ipaddress}:8080", +      destinationport => $portmapper_port, +      source          => '$FW', +      proto           => 'tcp', +      order           => 200, +      action          => 'DNAT'; +  } + +  } | 
