From 3224a73ec6b2f06cf4c43f86d5b7673e442043dd Mon Sep 17 00:00:00 2001 From: ankonym Date: Mon, 28 Sep 2015 15:42:08 +0200 Subject: Create invite code db and design docs --- puppet/modules/site_couchdb/manifests/create_dbs.pp | 9 +++++++++ puppet/modules/site_couchdb/manifests/designs.pp | 13 +++++++------ 2 files changed, 16 insertions(+), 6 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/create_dbs.pp b/puppet/modules/site_couchdb/manifests/create_dbs.pp index eea4bbf5..a2d1c655 100644 --- a/puppet/modules/site_couchdb/manifests/create_dbs.pp +++ b/puppet/modules/site_couchdb/manifests/create_dbs.pp @@ -90,4 +90,13 @@ class site_couchdb::create_dbs { members => "{ \"names\": [\"${site_couchdb::couchdb_webapp_user}\"], \"roles\": [\"replication\"] }", require => Couchdb::Query::Setup['localhost'] } + + ## invite_codes db + ## store invite codes for new signups + ## r/w: webapp + couchdb::create_db { 'invite_codes': + members => "{ \"names\": [\"${site_couchdb::couchdb_webapp_user}\"], \"roles\": [\"replication\"] }", + require => Couchdb::Query::Setup['localhost'] + } + } diff --git a/puppet/modules/site_couchdb/manifests/designs.pp b/puppet/modules/site_couchdb/manifests/designs.pp index 1ab1c6a1..e5fd94c6 100644 --- a/puppet/modules/site_couchdb/manifests/designs.pp +++ b/puppet/modules/site_couchdb/manifests/designs.pp @@ -12,12 +12,13 @@ class site_couchdb::designs { } site_couchdb::upload_design { - 'customers': design => 'customers/Customer.json'; - 'identities': design => 'identities/Identity.json'; - 'tickets': design => 'tickets/Ticket.json'; - 'messages': design => 'messages/Message.json'; - 'users': design => 'users/User.json'; - 'tmp_users': design => 'users/User.json'; + 'customers': design => 'customers/Customer.json'; + 'identities': design => 'identities/Identity.json'; + 'tickets': design => 'tickets/Ticket.json'; + 'messages': design => 'messages/Message.json'; + 'users': design => 'users/User.json'; + 'tmp_users': design => 'users/User.json'; + 'invite_codes': design => 'invite_codes/InviteCode.json'; 'shared_docs': db => 'shared', design => 'shared/docs.json'; -- cgit v1.2.3 From 4fc7419598a3baf564f063b7330b9cf9115420b5 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 1 Oct 2015 12:06:02 +0200 Subject: [feat] Create-user-db: use couchdb admin rights - create soledad-admin user - deploy netrc file for userdb creation - Move soledad-server.conf from /etc/leap to /etc/soledad - make soledad-server.conf group-accessible for the soledad group, so the soledad-admin user can read it - Resolves: #7502 --- puppet/modules/site_couchdb/manifests/setup.pp | 35 ++++++++++++++++++-------- 1 file changed, 24 insertions(+), 11 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/setup.pp b/puppet/modules/site_couchdb/manifests/setup.pp index 69bd1c6a..fef48505 100644 --- a/puppet/modules/site_couchdb/manifests/setup.pp +++ b/puppet/modules/site_couchdb/manifests/setup.pp @@ -12,27 +12,40 @@ class site_couchdb::setup { $user = $site_couchdb::couchdb_admin_user - # /etc/couchdb/couchdb-admin.netrc is deployed by couchdb::query::setup - # we symlink to couchdb.netrc for puppet commands. - # we symlink this to /root/.netrc for couchdb_scripts (eg. backup) - # and makes life easier for the admin (i.e. using curl/wget without - # passing credentials) + # setup /etc/couchdb/couchdb-admin.netrc for couchdb admin access + couchdb::query::setup { 'localhost': + user => $user, + pw => $site_couchdb::couchdb_admin_pw + } + + # We symlink /etc/couchdb/couchdb-admin.netrc to /etc/couchdb/couchdb.netrc + # for puppet commands, and to to /root/.netrc for couchdb_scripts + # (eg. backup) and to makes life easier for the admin on the command line + # (i.e. using curl/wget without passing credentials) file { '/etc/couchdb/couchdb.netrc': ensure => link, target => "/etc/couchdb/couchdb-${user}.netrc"; - '/root/.netrc': ensure => link, target => '/etc/couchdb/couchdb.netrc'; + } - '/srv/leap/couchdb': - ensure => directory + # setup /etc/couchdb/couchdb-soledad-admin.netrc file for couchdb admin + # access, accessible only for the soledad-admin user to create soledad + # userdbs + file { '/etc/couchdb/couchdb-soledad-admin.netrc': + content => "machine localhost login ${user} password ${site_couchdb::couchdb_admin_pw}", + mode => '0400', + owner => 'soledad-admin', + group => 'root', + require => [ Package['couchdb'], User['soledad-admin'] ]; } - couchdb::query::setup { 'localhost': - user => $user, - pw => $site_couchdb::couchdb_admin_pw, + # Checkout couchdb_scripts repo + file { + '/srv/leap/couchdb': + ensure => directory } vcsrepo { '/srv/leap/couchdb/scripts': -- cgit v1.2.3 From 276b77cdcc0d169b84e046afe8763e2c52ff76fb Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 5 Oct 2015 15:22:25 +0200 Subject: [feat] remove tapicero leftovers Soledad now creates user-dbs, which has been done by tapicero in the past. we need to remove any leftovers from tapicero. --- puppet/modules/site_couchdb/manifests/add_users.pp | 11 +---------- puppet/modules/site_couchdb/manifests/init.pp | 6 ------ 2 files changed, 1 insertion(+), 16 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/add_users.pp b/puppet/modules/site_couchdb/manifests/add_users.pp index 2f734ed4..c905316b 100644 --- a/puppet/modules/site_couchdb/manifests/add_users.pp +++ b/puppet/modules/site_couchdb/manifests/add_users.pp @@ -1,3 +1,4 @@ +# add couchdb users for all services class site_couchdb::add_users { Class['site_couchdb::create_dbs'] @@ -35,16 +36,6 @@ class site_couchdb::add_users { require => Couchdb::Query::Setup['localhost'] } - ### tapicero couchdb user - ### admin: needs to be able to create user- databases - ### read: users - couchdb::add_user { $site_couchdb::couchdb_tapicero_user: - roles => '["users"]', - pw => $site_couchdb::couchdb_tapicero_pw, - salt => $site_couchdb::couchdb_tapicero_salt, - require => Couchdb::Query::Setup['localhost'] - } - ## webapp couchdb user ## read/write: users, tokens, sessions, tickets, identities, customer couchdb::add_user { $site_couchdb::couchdb_webapp_user: diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 6b6ddd3a..1ec15f00 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -26,11 +26,6 @@ class site_couchdb { $couchdb_soledad_pw = $couchdb_soledad['password'] $couchdb_soledad_salt = $couchdb_soledad['salt'] - $couchdb_tapicero = $couchdb_users['tapicero'] - $couchdb_tapicero_user = $couchdb_tapicero['username'] - $couchdb_tapicero_pw = $couchdb_tapicero['password'] - $couchdb_tapicero_salt = $couchdb_tapicero['salt'] - $couchdb_webapp = $couchdb_users['webapp'] $couchdb_webapp_user = $couchdb_webapp['username'] $couchdb_webapp_pw = $couchdb_webapp['password'] @@ -66,6 +61,5 @@ class site_couchdb { if $couchdb_backup { include site_couchdb::backup } include site_check_mk::agent::couchdb - include site_check_mk::agent::tapicero } -- cgit v1.2.3 From 19e5d23e3fe34199265117e033acfabc3cff9109 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 12 Oct 2015 16:30:58 +0200 Subject: [feat] Remove tapicero couchdb user - Resolves: #7514 --- puppet/modules/site_couchdb/manifests/init.pp | 3 +++ 1 file changed, 3 insertions(+) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 1ec15f00..61aa887e 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -62,4 +62,7 @@ class site_couchdb { include site_check_mk::agent::couchdb + # remove tapicero leftovers on couchdb nodes + include site_config::remove::tapicero + } -- cgit v1.2.3 From cfbe272d17a21c4bff088a87865cbcbefc837e39 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 30 Oct 2015 11:23:40 +0100 Subject: [feat] Remove bigcouch nagios leftovers When migrating from bigcouch to couchdb, we need to remove leftover nagios tests for bigcouch. - Added new classes: site_check_mk::agent::couchdb::bigcouch and site_check_mk::agent::couchdb::master - Tested: unstable.pixelated-project.org - Resolves: https://github.com/pixelated/pixelated-platform/issues/126 --- puppet/modules/site_couchdb/manifests/bigcouch.pp | 3 +++ puppet/modules/site_couchdb/manifests/master.pp | 2 ++ 2 files changed, 5 insertions(+) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/bigcouch.pp b/puppet/modules/site_couchdb/manifests/bigcouch.pp index 469a2783..2de3d4d0 100644 --- a/puppet/modules/site_couchdb/manifests/bigcouch.pp +++ b/puppet/modules/site_couchdb/manifests/bigcouch.pp @@ -44,4 +44,7 @@ class site_couchdb::bigcouch { require => Package['couchdb'], notify => Service['couchdb'] } + + include site_check_mk::agent::couchdb::bigcouch + } diff --git a/puppet/modules/site_couchdb/manifests/master.pp b/puppet/modules/site_couchdb/manifests/master.pp index c28eee7d..5dab6325 100644 --- a/puppet/modules/site_couchdb/manifests/master.pp +++ b/puppet/modules/site_couchdb/manifests/master.pp @@ -6,4 +6,6 @@ class site_couchdb::master { chttpd_bind_address => '127.0.0.1', pwhash_alg => $site_couchdb::couchdb_pwhash_alg } + + include site_check_mk::agent::couchdb::master } -- cgit v1.2.3 From 02b1b484ad9a5d065ceac72b8263b7bcc112c923 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 3 Nov 2015 19:12:59 +0100 Subject: [feat] install couchdb from unstable on jessie - Related: #6920 --- puppet/modules/site_couchdb/manifests/master.pp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/master.pp b/puppet/modules/site_couchdb/manifests/master.pp index 5dab6325..c50ed364 100644 --- a/puppet/modules/site_couchdb/manifests/master.pp +++ b/puppet/modules/site_couchdb/manifests/master.pp @@ -7,5 +7,10 @@ class site_couchdb::master { pwhash_alg => $site_couchdb::couchdb_pwhash_alg } + # couchdb is not available in jessie, and the + # leap deb repo only hosts a wheeyz version. + # we install it therefore from unstable + include site_apt::sid_repo + include site_check_mk::agent::couchdb::master } -- cgit v1.2.3 From 20b2b4cc8ee1e85cf1bc8dfaa4db9fb70dcac72b Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 30 Nov 2015 15:36:41 +0100 Subject: Revert "[feat] install couchdb from unstable on jessie" This reverts commit 02b1b484ad9a5d065ceac72b8263b7bcc112c923. Now that we have a proper couchdb jessie package we don't need to install it from Debian unstable. --- puppet/modules/site_couchdb/manifests/master.pp | 5 ----- 1 file changed, 5 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/master.pp b/puppet/modules/site_couchdb/manifests/master.pp index c50ed364..5dab6325 100644 --- a/puppet/modules/site_couchdb/manifests/master.pp +++ b/puppet/modules/site_couchdb/manifests/master.pp @@ -7,10 +7,5 @@ class site_couchdb::master { pwhash_alg => $site_couchdb::couchdb_pwhash_alg } - # couchdb is not available in jessie, and the - # leap deb repo only hosts a wheeyz version. - # we install it therefore from unstable - include site_apt::sid_repo - include site_check_mk::agent::couchdb::master } -- cgit v1.2.3 From 150579fb14716892cc3e4d7d9c0f81b30d56f03a Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 13 Apr 2015 23:16:00 +0200 Subject: restructured site.pp, now only one class gets included in site.pp per service (Bug #6851) Also, moved global Exec{} defaults to site.pp Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd --- puppet/modules/site_couchdb/manifests/init.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 61aa887e..ea02d1f4 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -50,6 +50,7 @@ class site_couchdb { -> Class['couchdb'] -> Class['site_couchdb::setup'] + include ::site_config::default include site_stunnel include site_couchdb::setup -- cgit v1.2.3 From 982f8b6ce9c470366f967f3ad8fece2a673db59d Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 25 Jan 2016 12:07:11 +0100 Subject: [feat] Move bigcouch removals to own class We now include "site_config::remove::bigcouch" in class "site_couchdb::master", which sets up plain couchdb. --- puppet/modules/site_couchdb/manifests/master.pp | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/master.pp b/puppet/modules/site_couchdb/manifests/master.pp index 5dab6325..49d90f2f 100644 --- a/puppet/modules/site_couchdb/manifests/master.pp +++ b/puppet/modules/site_couchdb/manifests/master.pp @@ -8,4 +8,8 @@ class site_couchdb::master { } include site_check_mk::agent::couchdb::master + + # remove bigcouch leftovers from previous installations + include ::site_config::remove::bigcouch + } -- cgit v1.2.3 From 01b05ec8453b44d93780e04dd832b9a0e7b3cd48 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 25 Jan 2016 17:27:48 +0100 Subject: [feat] Cronjob to delete orphaned userdbs - Resolves: #7418 --- puppet/modules/site_couchdb/manifests/init.pp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index ea02d1f4..8d79ae75 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -66,4 +66,13 @@ class site_couchdb { # remove tapicero leftovers on couchdb nodes include site_config::remove::tapicero + # Destroy every per-user storage database + # where the corresponding user record does not exist. + cron { 'cleanup_stale_userdbs': + command => '(/bin/date; /srv/leap/couchdb/scripts/cleanup-user-dbs) >> /var/log/leap/couchdb-cleanup.log', + user => 'root', + hour => 4, + minute => 7; + } + } -- cgit v1.2.3 From da2c743faaccd26604c4c26fbb1557934688eb4a Mon Sep 17 00:00:00 2001 From: elijah Date: Mon, 1 Feb 2016 15:56:41 -0800 Subject: default to plain couchdb, unless otherwise specified. # Conflicts: # puppet/modules/site_couchdb/manifests/plain.pp --- puppet/modules/site_couchdb/manifests/init.pp | 4 ++-- puppet/modules/site_couchdb/manifests/master.pp | 15 --------------- puppet/modules/site_couchdb/manifests/plain.pp | 15 +++++++++++++++ 3 files changed, 17 insertions(+), 17 deletions(-) delete mode 100644 puppet/modules/site_couchdb/manifests/master.pp create mode 100644 puppet/modules/site_couchdb/manifests/plain.pp (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 8d79ae75..0c126f0c 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -41,8 +41,8 @@ class site_couchdb { $couchdb_pwhash_alg = $couchdb_config['pwhash_alg'] if $couchdb_mode == 'multimaster' { include site_couchdb::bigcouch } - if $couchdb_mode == 'master' { include site_couchdb::master } - if $couchdb_mode == 'mirror' { include site_couchdb::mirror } + if $couchdb_mode == 'plain' { include site_couchdb::plain } + # if $couchdb_mode == 'mirror' { include site_couchdb::mirror } Class['site_config::default'] -> Service['shorewall'] diff --git a/puppet/modules/site_couchdb/manifests/master.pp b/puppet/modules/site_couchdb/manifests/master.pp deleted file mode 100644 index 49d90f2f..00000000 --- a/puppet/modules/site_couchdb/manifests/master.pp +++ /dev/null @@ -1,15 +0,0 @@ -# this class sets up a single, plain couchdb node -class site_couchdb::master { - class { 'couchdb': - admin_pw => $site_couchdb::couchdb_admin_pw, - admin_salt => $site_couchdb::couchdb_admin_salt, - chttpd_bind_address => '127.0.0.1', - pwhash_alg => $site_couchdb::couchdb_pwhash_alg - } - - include site_check_mk::agent::couchdb::master - - # remove bigcouch leftovers from previous installations - include ::site_config::remove::bigcouch - -} diff --git a/puppet/modules/site_couchdb/manifests/plain.pp b/puppet/modules/site_couchdb/manifests/plain.pp new file mode 100644 index 00000000..64209142 --- /dev/null +++ b/puppet/modules/site_couchdb/manifests/plain.pp @@ -0,0 +1,15 @@ +# this class sets up a single, plain couchdb node +class site_couchdb::plain { + class { 'couchdb': + admin_pw => $site_couchdb::couchdb_admin_pw, + admin_salt => $site_couchdb::couchdb_admin_salt, + chttpd_bind_address => '127.0.0.1', + pwhash_alg => $site_couchdb::couchdb_pwhash_alg + } + + include site_check_mk::agent::couchdb::plain + + # remove bigcouch leftovers from previous installations + include ::site_config::remove::bigcouch + +} -- cgit v1.2.3 From e5ecf06ef15637cb52f65424d6d7d889731c68a9 Mon Sep 17 00:00:00 2001 From: elijah Date: Thu, 11 Feb 2016 15:35:54 -0800 Subject: use pbkdf2 pwhash for plain couch. --- puppet/modules/site_couchdb/manifests/plain.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/plain.pp b/puppet/modules/site_couchdb/manifests/plain.pp index 64209142..9338e56a 100644 --- a/puppet/modules/site_couchdb/manifests/plain.pp +++ b/puppet/modules/site_couchdb/manifests/plain.pp @@ -4,7 +4,7 @@ class site_couchdb::plain { admin_pw => $site_couchdb::couchdb_admin_pw, admin_salt => $site_couchdb::couchdb_admin_salt, chttpd_bind_address => '127.0.0.1', - pwhash_alg => $site_couchdb::couchdb_pwhash_alg + pwhash_alg => 'pbkdf2' } include site_check_mk::agent::couchdb::plain -- cgit v1.2.3 From 70df05dce934a3d3803ea78e39200c37215cad04 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 24 Feb 2016 11:22:53 +0100 Subject: Use site_couchdb::plain even when couch.master is set top "master" --- puppet/modules/site_couchdb/manifests/init.pp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 0c126f0c..0c282e1c 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -40,8 +40,9 @@ class site_couchdb { $couchdb_mode = $couchdb_config['mode'] $couchdb_pwhash_alg = $couchdb_config['pwhash_alg'] - if $couchdb_mode == 'multimaster' { include site_couchdb::bigcouch } - if $couchdb_mode == 'plain' { include site_couchdb::plain } + if $couchdb_mode == 'multimaster' { include site_couchdb::bigcouch } + if $couchdb_mode =~ /^(plain|master)$/ { include site_couchdb::plain } + # if $couchdb_mode == 'mirror' { include site_couchdb::mirror } Class['site_config::default'] -- cgit v1.2.3 From a33a7d634ab33f46814bd154882f3b1c9b3b3978 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 15:59:55 +0100 Subject: remove couchdb_pwhash_alg leftover --- puppet/modules/site_couchdb/manifests/init.pp | 1 - 1 file changed, 1 deletion(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 0c282e1c..b3d9fdf0 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -38,7 +38,6 @@ class site_couchdb { $couchdb_backup = $couchdb_config['backup'] $couchdb_mode = $couchdb_config['mode'] - $couchdb_pwhash_alg = $couchdb_config['pwhash_alg'] if $couchdb_mode == 'multimaster' { include site_couchdb::bigcouch } if $couchdb_mode =~ /^(plain|master)$/ { include site_couchdb::plain } -- cgit v1.2.3 From c6e45bc1097ed0a9dc7cb33898ea0b4e60635983 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 16:08:32 +0100 Subject: couchdb module uses pbkdf2 as default pwhash algor. now --- puppet/modules/site_couchdb/manifests/plain.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/plain.pp b/puppet/modules/site_couchdb/manifests/plain.pp index 9338e56a..b40fc100 100644 --- a/puppet/modules/site_couchdb/manifests/plain.pp +++ b/puppet/modules/site_couchdb/manifests/plain.pp @@ -3,8 +3,7 @@ class site_couchdb::plain { class { 'couchdb': admin_pw => $site_couchdb::couchdb_admin_pw, admin_salt => $site_couchdb::couchdb_admin_salt, - chttpd_bind_address => '127.0.0.1', - pwhash_alg => 'pbkdf2' + chttpd_bind_address => '127.0.0.1' } include site_check_mk::agent::couchdb::plain -- cgit v1.2.3 From 89a3cd71f50a383a5f85510193087446da0e661f Mon Sep 17 00:00:00 2001 From: elijah Date: Fri, 26 Feb 2016 01:44:48 -0800 Subject: plain couchdb now required, bigcouch support disabled. --- puppet/modules/site_couchdb/manifests/init.pp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 0c282e1c..3f670ed2 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -40,10 +40,13 @@ class site_couchdb { $couchdb_mode = $couchdb_config['mode'] $couchdb_pwhash_alg = $couchdb_config['pwhash_alg'] - if $couchdb_mode == 'multimaster' { include site_couchdb::bigcouch } - if $couchdb_mode =~ /^(plain|master)$/ { include site_couchdb::plain } + # ensure bigcouch has been purged from the system: + # TODO: remove this check in 0.9 release + if file('/opt/bigcouch/bin/bigcouch', '/dev/null') != '' { + fail 'ERROR: BigCouch appears to be installed. Make sure you have migrated to CouchDB before proceeding. See https://leap.se/upgrade-0-8' + } - # if $couchdb_mode == 'mirror' { include site_couchdb::mirror } + include site_couchdb::plain Class['site_config::default'] -> Service['shorewall'] -- cgit v1.2.3 From f73c3d220769faf4dce5e8582fe8cd655f50c996 Mon Sep 17 00:00:00 2001 From: elijah Date: Fri, 4 Mar 2016 13:59:13 -0800 Subject: only not create soledad admin .netrc file if soledad is enabled --- puppet/modules/site_couchdb/manifests/setup.pp | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/setup.pp b/puppet/modules/site_couchdb/manifests/setup.pp index fef48505..710d3c1c 100644 --- a/puppet/modules/site_couchdb/manifests/setup.pp +++ b/puppet/modules/site_couchdb/manifests/setup.pp @@ -34,12 +34,14 @@ class site_couchdb::setup { # setup /etc/couchdb/couchdb-soledad-admin.netrc file for couchdb admin # access, accessible only for the soledad-admin user to create soledad # userdbs - file { '/etc/couchdb/couchdb-soledad-admin.netrc': - content => "machine localhost login ${user} password ${site_couchdb::couchdb_admin_pw}", - mode => '0400', - owner => 'soledad-admin', - group => 'root', - require => [ Package['couchdb'], User['soledad-admin'] ]; + if member(hiera('services', []), 'soledad') { + file { '/etc/couchdb/couchdb-soledad-admin.netrc': + content => "machine localhost login ${user} password ${site_couchdb::couchdb_admin_pw}", + mode => '0400', + owner => 'soledad-admin', + group => 'root', + require => [ Package['couchdb'], User['soledad-admin'] ]; + } } # Checkout couchdb_scripts repo -- cgit v1.2.3 From 22b788920defdd42b4abda144afd8ca69d0a9d37 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 18 Apr 2016 18:19:44 +0200 Subject: [style] lint some custom manifests I used `puppet-lint -f FILE` to fix most issues, while finishing with manual intervention. --- puppet/modules/site_couchdb/manifests/mirror.pp | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/mirror.pp b/puppet/modules/site_couchdb/manifests/mirror.pp index abe35c4c..a69f3964 100644 --- a/puppet/modules/site_couchdb/manifests/mirror.pp +++ b/puppet/modules/site_couchdb/manifests/mirror.pp @@ -22,55 +22,55 @@ class site_couchdb::mirror { ### customer database couchdb::mirror_db { 'customers': - from => $from, + from => $from, require => Couchdb::Query::Setup['localhost'] } ## identities database couchdb::mirror_db { 'identities': - from => $from, + from => $from, require => Couchdb::Query::Setup['localhost'] } ## keycache database couchdb::mirror_db { 'keycache': - from => $from, + from => $from, require => Couchdb::Query::Setup['localhost'] } ## sessions database couchdb::mirror_db { 'sessions': - from => $from, + from => $from, require => Couchdb::Query::Setup['localhost'] } ## shared database couchdb::mirror_db { 'shared': - from => $from, + from => $from, require => Couchdb::Query::Setup['localhost'] } ## tickets database couchdb::mirror_db { 'tickets': - from => $from, + from => $from, require => Couchdb::Query::Setup['localhost'] } ## tokens database couchdb::mirror_db { 'tokens': - from => $from, + from => $from, require => Couchdb::Query::Setup['localhost'] } ## users database couchdb::mirror_db { 'users': - from => $from, + from => $from, require => Couchdb::Query::Setup['localhost'] } ## messages db couchdb::mirror_db { 'messages': - from => $from, + from => $from, require => Couchdb::Query::Setup['localhost'] } -- cgit v1.2.3 From 8370875d608ebddae09fcd05741bb77e0e31c122 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 18 Apr 2016 18:28:29 +0200 Subject: [style] more manual linting for custom manifests --- puppet/modules/site_couchdb/manifests/logrotate.pp | 10 ++++++---- puppet/modules/site_couchdb/manifests/mirror.pp | 1 + puppet/modules/site_couchdb/manifests/upload_design.pp | 3 ++- 3 files changed, 9 insertions(+), 5 deletions(-) (limited to 'puppet/modules/site_couchdb/manifests') diff --git a/puppet/modules/site_couchdb/manifests/logrotate.pp b/puppet/modules/site_couchdb/manifests/logrotate.pp index e1039d49..bb8843bb 100644 --- a/puppet/modules/site_couchdb/manifests/logrotate.pp +++ b/puppet/modules/site_couchdb/manifests/logrotate.pp @@ -1,12 +1,14 @@ +# configure couchdb logrotation class site_couchdb::logrotate { augeas { 'logrotate_bigcouch': context => '/files/etc/logrotate.d/bigcouch/rule', - changes => [ 'set file /opt/bigcouch/var/log/*.log', 'set rotate 7', - 'set schedule daily', 'set compress compress', - 'set missingok missingok', 'set ifempty notifempty', - 'set copytruncate copytruncate' ] + changes => [ + 'set file /opt/bigcouch/var/log/*.log', 'set rotate 7', + 'set schedule daily', 'set compress compress', + 'set missingok missingok', 'set ifempty notifempty', + 'set copytruncate copytruncate' ] } } diff --git a/puppet/modules/site_couchdb/manifests/mirror.pp b/puppet/modules/site_couchdb/manifests/mirror.pp index a69f3964..fb82b897 100644 --- a/puppet/modules/site_couchdb/manifests/mirror.pp +++ b/puppet/modules/site_couchdb/manifests/mirror.pp @@ -1,3 +1,4 @@ +# configure mirroring of couch nodes class site_couchdb::mirror { Class['site_couchdb::add_users'] diff --git a/puppet/modules/site_couchdb/manifests/upload_design.pp b/puppet/modules/site_couchdb/manifests/upload_design.pp index 7b0cabd7..bd73ebf2 100644 --- a/puppet/modules/site_couchdb/manifests/upload_design.pp +++ b/puppet/modules/site_couchdb/manifests/upload_design.pp @@ -1,4 +1,5 @@ -define site_couchdb::upload_design($db = $title, $design) { +# upload a design doc to a db +define site_couchdb::upload_design($design, $db = $title) { $design_name = regsubst($design, '^.*\/(.*)\.json$', '\1') $id = "_design/${design_name}" $file = "/srv/leap/couchdb/designs/${design}" -- cgit v1.2.3