From 69e626d819317ce977007571714dd7a2f1235492 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 20 Nov 2013 13:13:36 -0500 Subject: initial tapicero configuration Change-Id: Ie53b09df0758ba01b30ed658bee04682bc180b01 --- .../modules/tapicero/templates/tapicero.yaml.erb | 36 ++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 puppet/modules/tapicero/templates/tapicero.yaml.erb (limited to 'puppet/modules/tapicero/templates') diff --git a/puppet/modules/tapicero/templates/tapicero.yaml.erb b/puppet/modules/tapicero/templates/tapicero.yaml.erb new file mode 100644 index 00000000..75b8d5f6 --- /dev/null +++ b/puppet/modules/tapicero/templates/tapicero.yaml.erb @@ -0,0 +1,36 @@ +# +# Default configuration options for Tapicero +# + +# database to observe for changes: +users_db_name: "users" + +# prefix for per user databases: +db_prefix: "user-" + +# couch connection configuration +couch_connection: + protocol: "http" + host: "localhost" + port: <%= @couchdb_port %> + username: <%= @couchdb_admin_user %> + password: <%= @couchdb_admin_password %> + +# security settings to be used for the per user databases +security: + admins: + names: [] + roles: [] + readers: + names: + - <%= @couchdb_soledad_user %> + - <%= @couchdb_leap_mx_user %> + roles: [] + +# file to store the last processed user record in so we can resume after +# a restart: +seq_file: "/var/lib/leap/tapicero/tapicero.seq" + +# Configure log_file like this if you want to log to a file instead of syslog: +# log_file: "/var/leap/log/tapicero.log" +log_level: info -- cgit v1.2.3 From 3accc19120285c9f518c830100d97f5bba91d3ec Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 27 Nov 2013 13:15:03 -0500 Subject: explicitly set the admin user as having access to the per-user databases, even though it is probably not needed Change-Id: I2f9e751570190f7358332404ae734ae850f92b9f --- puppet/modules/tapicero/templates/tapicero.yaml.erb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'puppet/modules/tapicero/templates') diff --git a/puppet/modules/tapicero/templates/tapicero.yaml.erb b/puppet/modules/tapicero/templates/tapicero.yaml.erb index 75b8d5f6..098f95bd 100644 --- a/puppet/modules/tapicero/templates/tapicero.yaml.erb +++ b/puppet/modules/tapicero/templates/tapicero.yaml.erb @@ -19,7 +19,11 @@ couch_connection: # security settings to be used for the per user databases security: admins: - names: [] + names: + # We explicitly allow the admin user to access per user databases, even + # though admin access ignores per database security we just do this to be + # explicit about this + - <%= @couchdb_admin_user %> roles: [] readers: names: -- cgit v1.2.3 From ecb537042e73934d508377280254dc18f8180a41 Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 20 Dec 2013 15:48:21 +0100 Subject: Adopt tapicero config file to tapicero > 0.2.0 In order to reuse the couch changes observer for key uploads I extracted it from tapicero and made the configuration more generic. This results in some changes to the config file format. When deploying tapicero >= 0.2.0 this config file format should be used instead. Also set log_level to debug by default. We can reduce this later but it might be useful for now. --- .../modules/tapicero/templates/tapicero.yaml.erb | 48 +++++++++++----------- 1 file changed, 25 insertions(+), 23 deletions(-) (limited to 'puppet/modules/tapicero/templates') diff --git a/puppet/modules/tapicero/templates/tapicero.yaml.erb b/puppet/modules/tapicero/templates/tapicero.yaml.erb index 098f95bd..cfc02c5c 100644 --- a/puppet/modules/tapicero/templates/tapicero.yaml.erb +++ b/puppet/modules/tapicero/templates/tapicero.yaml.erb @@ -2,34 +2,15 @@ # Default configuration options for Tapicero # -# database to observe for changes: -users_db_name: "users" - -# prefix for per user databases: -db_prefix: "user-" - # couch connection configuration -couch_connection: +connection: protocol: "http" host: "localhost" port: <%= @couchdb_port %> username: <%= @couchdb_admin_user %> password: <%= @couchdb_admin_password %> - -# security settings to be used for the per user databases -security: - admins: - names: - # We explicitly allow the admin user to access per user databases, even - # though admin access ignores per database security we just do this to be - # explicit about this - - <%= @couchdb_admin_user %> - roles: [] - readers: - names: - - <%= @couchdb_soledad_user %> - - <%= @couchdb_leap_mx_user %> - roles: [] + prefix : "" + suffix : "" # file to store the last processed user record in so we can resume after # a restart: @@ -37,4 +18,25 @@ seq_file: "/var/lib/leap/tapicero/tapicero.seq" # Configure log_file like this if you want to log to a file instead of syslog: # log_file: "/var/leap/log/tapicero.log" -log_level: info +log_level: debug + +# tapicero specific options +options: + # prefix for per user databases: + db_prefix: "user-" + + # security settings to be used for the per user databases + security: + admins: + names: + # We explicitly allow the admin user to access per user databases, even + # though admin access ignores per database security we just do this to be + # explicit about this + - <%= @couchdb_admin_user %> + roles: [] + readers: + names: + - <%= @couchdb_soledad_user %> + - <%= @couchdb_leap_mx_user %> + roles: [] + -- cgit v1.2.3 From 43c7680458664c12b788e490ce4f194a3313265c Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 3 Jan 2014 14:52:50 +0100 Subject: reduce tapicero log level. Debug is becoming quite verbose with the backtraces. Info should suffice as a default. --- puppet/modules/tapicero/templates/tapicero.yaml.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/tapicero/templates') diff --git a/puppet/modules/tapicero/templates/tapicero.yaml.erb b/puppet/modules/tapicero/templates/tapicero.yaml.erb index cfc02c5c..8e19b22f 100644 --- a/puppet/modules/tapicero/templates/tapicero.yaml.erb +++ b/puppet/modules/tapicero/templates/tapicero.yaml.erb @@ -18,7 +18,7 @@ seq_file: "/var/lib/leap/tapicero/tapicero.seq" # Configure log_file like this if you want to log to a file instead of syslog: # log_file: "/var/leap/log/tapicero.log" -log_level: debug +log_level: info # tapicero specific options options: -- cgit v1.2.3