From a5b8f30cdb68997e523c0f9fac65d894acddf40f Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 6 Nov 2012 10:36:45 +0100 Subject: adopt new hiera creditials --- puppet/modules/site_couchdb/manifests/init.pp | 51 +++++++++++++++------------ 1 file changed, 29 insertions(+), 22 deletions(-) diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index e4d97e34..30ce7f54 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -1,28 +1,33 @@ class site_couchdb { - $x509 = hiera('x509') - $key = $x509['key'] - $cert = $x509['cert'] - $adminpw = hiera('couchdb_adminpw') - $couchdb_leap_web_user = hiera('couchdb_leap_web_user') - $couchdb_leap_web_username = $couchdb_leap_web_user['user'] - $couchdb_leap_web_pw = $couchdb_leap_web_user['pw'] - $couchdb_leap_ca_user = hiera('couchdb_leap_ca_user') - $couchdb_leap_ca_username = $couchdb_leap_ca_user['user'] - $couchdb_leap_ca_pw = $couchdb_leap_ca_user['pw'] - $couchdb_host = "admin:$adminpw@127.0.0.1:5984" + $x509 = hiera('x509') + $key = $x509['key'] + $cert = $x509['cert'] + $couchdb_config = hiera('couch') + $couchdb_users = $couchdb_config['users'] + $couchdb_admin = $couchdb_users['admin'] + $couchdb_admin_user = $couchdb_admin['username'] + $couchdb_admin_pw = $couchdb_admin['password'] + $couchdb_webapp = $couchdb_users['webapp'] + $couchdb_webapp_user = $couchdb_webapp['username'] + $couchdb_webapp_pw = $couchdb_webapp['password'] + $couchdb_ca_daemon = $couchdb_users['ca_daemon'] + $couchdb_ca_daemon_user = $couchdb_ca_daemon['username'] + $couchdb_ca_daemon_pw = $couchdb_ca_daemon['password'] Class['site_couchdb::package'] -> Package ['couchdb'] -> File['/etc/init.d/couchdb'] -> File['/etc/couchdb/local.ini'] -> File['/etc/couchdb/local.d/admin.ini'] + -> File['/etc/couchdb/couchdb.netrc'] -> Couchdb::Create_db[leap_web] -> Couchdb::Create_db[leap_ca] - -> Couchdb::Add_user[leap_web] - -> Couchdb::Add_user[leap_ca] + -> Couchdb::Add_user[$couchdb_webapp_user] + -> Couchdb::Add_user[$couchdb_ca_daemon_user] -> Site_couchdb::Apache_ssl_proxy['apache_ssl_proxy'] + # Setup couchdb include site_couchdb::package include site_couchdb::configure include couchdb::deploy_config @@ -32,25 +37,27 @@ class site_couchdb { cert => $cert } - couchdb::add_user { $couchdb_leap_web_username: - host => $couchdb_host, + couchdb::query::setup { 'localhost': + user => $couchdb_admin_user, + pw => $couchdb_admin_pw + } + + # Populate couchdb + couchdb::add_user { $couchdb_webapp_user: roles => '["certs"]', - pw => $couchdb_leap_web_pw + pw => $couchdb_webapp_pw } - couchdb::add_user { $couchdb_leap_ca_username: - host => $couchdb_host, + couchdb::add_user { $couchdb_ca_daemon_user: roles => '["certs"]', - pw => $couchdb_leap_ca_pw + pw => $couchdb_ca_daemon_pw } couchdb::create_db { 'leap_web': - host => $couchdb_host, - readers => "{ \"names\": [\"leap_web\"], \"roles\": [] }" + readers => "{ \"names\": [\"$couchdb_webapp_user\"], \"roles\": [] }" } couchdb::create_db { 'leap_ca': - host => $couchdb_host, readers => "{ \"names\": [], \"roles\": [\"certs\"] }" } } -- cgit v1.2.3