summaryrefslogtreecommitdiff
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
l---------puppet/modules/site_couchdb/files/designs/tmp_users/User.json1
-rw-r--r--puppet/modules/site_couchdb/manifests/create_dbs.pp7
-rw-r--r--puppet/modules/site_webapp/manifests/couchdb.pp9
-rw-r--r--puppet/modules/site_webapp/manifests/cron.pp12
-rw-r--r--puppet/modules/site_webapp/manifests/init.pp15
-rw-r--r--puppet/modules/site_webapp/templates/couchdb.admin.yml.erb9
6 files changed, 52 insertions, 1 deletions
diff --git a/puppet/modules/site_couchdb/files/designs/tmp_users/User.json b/puppet/modules/site_couchdb/files/designs/tmp_users/User.json
new file mode 120000
index 00000000..ed3d0af9
--- /dev/null
+++ b/puppet/modules/site_couchdb/files/designs/tmp_users/User.json
@@ -0,0 +1 @@
+../users/User.json \ No newline at end of file
diff --git a/puppet/modules/site_couchdb/manifests/create_dbs.pp b/puppet/modules/site_couchdb/manifests/create_dbs.pp
index 40148b8e..f9a08807 100644
--- a/puppet/modules/site_couchdb/manifests/create_dbs.pp
+++ b/puppet/modules/site_couchdb/manifests/create_dbs.pp
@@ -64,6 +64,13 @@ class site_couchdb::create_dbs {
require => Couchdb::Query::Setup['localhost']
}
+ ## tmp_users database
+ ## r/w: webapp
+ couchdb::create_db { 'tmp_users':
+ members => "{ \"names\": [], \"roles\": [\"replication\", \"users\"] }",
+ require => Couchdb::Query::Setup['localhost']
+ }
+
## messages db
## store messages to the clients such as payment reminders
## r/w: webapp
diff --git a/puppet/modules/site_webapp/manifests/couchdb.pp b/puppet/modules/site_webapp/manifests/couchdb.pp
index 3ae4d266..1dbc745d 100644
--- a/puppet/modules/site_webapp/manifests/couchdb.pp
+++ b/puppet/modules/site_webapp/manifests/couchdb.pp
@@ -6,6 +6,8 @@ class site_webapp::couchdb {
$couchdb_port = '4096'
$couchdb_webapp_user = $webapp['couchdb_webapp_user']['username']
$couchdb_webapp_password = $webapp['couchdb_webapp_user']['password']
+ $couchdb_admin_user = $webapp['couchdb_admin_user']['username']
+ $couchdb_admin_password = $webapp['couchdb_admin_user']['password']
include x509::variables
@@ -17,6 +19,13 @@ class site_webapp::couchdb {
mode => '0600',
require => Vcsrepo['/srv/leap/webapp'];
+ '/srv/leap/webapp/config/couchdb.admin.yml':
+ content => template('site_webapp/couchdb.admin.yml.erb'),
+ owner => leap-webapp,
+ group => leap-webapp,
+ mode => '0600',
+ require => Vcsrepo['/srv/leap/webapp'];
+
'/srv/leap/webapp/log':
ensure => directory,
owner => leap-webapp,
diff --git a/puppet/modules/site_webapp/manifests/cron.pp b/puppet/modules/site_webapp/manifests/cron.pp
index 811ad11d..bdf0fb74 100644
--- a/puppet/modules/site_webapp/manifests/cron.pp
+++ b/puppet/modules/site_webapp/manifests/cron.pp
@@ -2,6 +2,18 @@ class site_webapp::cron {
# cron tasks that need to be performed to cleanup the database
cron {
+ 'rotate_databases':
+ command => 'cd /srv/leap/webapp && bundle exec rake db:rotate',
+ environment => 'RAILS_ENV=production',
+ hour => [0,6,12,18],
+ minute => 0;
+
+ 'delete_tmp_databases':
+ command => 'cd /srv/leap/webapp && bundle exec rake db:deletetmp',
+ environment => 'RAILS_ENV=production',
+ hour => 1,
+ minute => 1;
+
'remove_expired_sessions':
command => 'cd /srv/leap/webapp && bundle exec rake cleanup:sessions',
environment => 'RAILS_ENV=production',
diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp
index ea64048b..5071d9bc 100644
--- a/puppet/modules/site_webapp/manifests/init.pp
+++ b/puppet/modules/site_webapp/manifests/init.pp
@@ -50,7 +50,7 @@ class site_webapp {
owner => 'leap-webapp',
group => 'leap-webapp',
require => [ User['leap-webapp'], Group['leap-webapp'] ],
- notify => Exec['bundler_update']
+ notify => [ Exec['bundler_update'], Exec['rotate_dbs'] ]
}
exec { 'bundler_update':
@@ -67,6 +67,19 @@ class site_webapp {
notify => Service['apache'];
}
+ # this only needs to be called before the first time the web app is run.
+ # after that, the cron job will take care of running db:rotate regularly.
+ exec { 'rotate_dbs':
+ cwd => '/srv/leap/webapp',
+ command => '/bin/bash -c "RAILS_ENV=production /usr/bin/bundle exec rake db:rotate"',
+ user => 'leap-webapp',
+ timeout => 600,
+ refreshonly => true,
+ require => [
+ Vcsrepo['/srv/leap/webapp'],
+ Class['site_config::ruby::dev']];
+ }
+
#
# NOTE: in order to support a webapp that is running on a subpath and not the
# root of the domain assets:precompile needs to be run with
diff --git a/puppet/modules/site_webapp/templates/couchdb.admin.yml.erb b/puppet/modules/site_webapp/templates/couchdb.admin.yml.erb
new file mode 100644
index 00000000..a0921add
--- /dev/null
+++ b/puppet/modules/site_webapp/templates/couchdb.admin.yml.erb
@@ -0,0 +1,9 @@
+production:
+ prefix: ""
+ protocol: 'http'
+ host: <%= @couchdb_host %>
+ port: <%= @couchdb_port %>
+ auto_update_design_doc: false
+ username: <%= @couchdb_admin_user %>
+ password: <%= @couchdb_admin_password %>
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 04:14:17 +0000