From ddd6fd82cc9e81d7ff912e390d956d6b2d958d8d Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 20 Nov 2012 21:20:52 -0500 Subject: add bundler, ruby, rubygems and vcsrepo submodules --- puppet/modules/bundler | 1 + puppet/modules/ruby | 1 + puppet/modules/rubygems | 1 + puppet/modules/vcsrepo | 1 + 4 files changed, 4 insertions(+) create mode 160000 puppet/modules/bundler create mode 160000 puppet/modules/ruby create mode 160000 puppet/modules/rubygems create mode 160000 puppet/modules/vcsrepo (limited to 'puppet/modules') diff --git a/puppet/modules/bundler b/puppet/modules/bundler new file mode 160000 index 00000000..b91d6abf --- /dev/null +++ b/puppet/modules/bundler @@ -0,0 +1 @@ +Subproject commit b91d6abfa931b8ef63594092d841701d3ee23280 diff --git a/puppet/modules/ruby b/puppet/modules/ruby new file mode 160000 index 00000000..e4de25d7 --- /dev/null +++ b/puppet/modules/ruby @@ -0,0 +1 @@ +Subproject commit e4de25d78eefc7df70a35dee22a3e0dc1b7e1d0b diff --git a/puppet/modules/rubygems b/puppet/modules/rubygems new file mode 160000 index 00000000..1e5ed3db --- /dev/null +++ b/puppet/modules/rubygems @@ -0,0 +1 @@ +Subproject commit 1e5ed3dbef9381bb9d5e2a7b4957bb3f5288d6a8 diff --git a/puppet/modules/vcsrepo b/puppet/modules/vcsrepo new file mode 160000 index 00000000..04851c28 --- /dev/null +++ b/puppet/modules/vcsrepo @@ -0,0 +1 @@ +Subproject commit 04851c28b12973c679fc9f234fd0f5a193df9d7a -- cgit v1.2.3 From 515ca5ce0d19ac29fff6397c7b146ddabc123f05 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 20 Nov 2012 16:24:38 -0500 Subject: add initial site_webapp module --- puppet/modules/site_webapp/manifests/init.pp | 50 ++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 puppet/modules/site_webapp/manifests/init.pp (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp new file mode 100644 index 00000000..107aa617 --- /dev/null +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -0,0 +1,50 @@ +class site_webapp { + + Class[Ruby] -> Class[rubygems] -> Class[bundler::install] + + class { 'ruby': ruby_version => '1.9.3' } + + include rubygems + + class { 'bundler::install': install_method => '' } + + group { 'leap-webapp': + ensure => present, + allowdupe => false; + } + + user { 'leap-webapp': + ensure => present, + allowdupe => false, + gid => 'leap-webapp', + home => '/srv/leap-webapp', + require => [ Group['leap-webapp'] ]; + } + + file { '/srv/leap-webapp': + ensure => present, + owner => 'leap-webapp', + group => 'leap-webapp', + require => User['leap-webapp']; + } + + vcsrepo { '/srv/leap-webapp': + ensure => present, + revision => 'master', + provider => git, + source => 'git://code.leap.se/leap_web', + owner => 'leap-webapp', + group => 'leap-webapp', + require => [ User['leap-webapp'], Group['leap-webapp'] ], + notify => Exec['bundler_update'] + } + + exec { 'bundler_update': + cwd => '/srv/leap-webapp', + command => '/bin/bash -c \"/usr/bin/bundle check || /usr/bin/bundle install\"', + unless => '/usr/bin/bundle check', + require => [ Class['bundler::install'], Vcsrepo['/srv/leap-webapp'] ]; + } +} + + -- cgit v1.2.3 From 0d1ac3dc005721858623ca2e9f0a1d4bf50fff42 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 22 Nov 2012 11:06:26 -0500 Subject: remove escaping double-quotes, it turns out these are passed directly to the command causing it to fail --- puppet/modules/site_webapp/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index 107aa617..b44ef01a 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -41,7 +41,7 @@ class site_webapp { exec { 'bundler_update': cwd => '/srv/leap-webapp', - command => '/bin/bash -c \"/usr/bin/bundle check || /usr/bin/bundle install\"', + command => '/bin/bash -c "/usr/bin/bundle check || /usr/bin/bundle install"', unless => '/usr/bin/bundle check', require => [ Class['bundler::install'], Vcsrepo['/srv/leap-webapp'] ]; } -- cgit v1.2.3 From 2944b31e5cd4203938317076c895f0500f7bcf62 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 22 Nov 2012 11:26:50 -0500 Subject: switch to the develop branch for the webapp git repository for deployment/testing. when released, this should track a stable release --- puppet/modules/site_webapp/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index b44ef01a..de8c070a 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -30,7 +30,7 @@ class site_webapp { vcsrepo { '/srv/leap-webapp': ensure => present, - revision => 'master', + revision => 'develop', provider => git, source => 'git://code.leap.se/leap_web', owner => 'leap-webapp', -- cgit v1.2.3 From 74600045dacbdcfc3479f566e997320db5443908 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 22 Nov 2012 20:07:31 +0100 Subject: use origin/develop instead of develop as revision --- puppet/modules/site_webapp/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index de8c070a..99f6df6c 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -30,7 +30,7 @@ class site_webapp { vcsrepo { '/srv/leap-webapp': ensure => present, - revision => 'develop', + revision => 'origin/develop', provider => git, source => 'git://code.leap.se/leap_web', owner => 'leap-webapp', -- cgit v1.2.3 From d5596882123891ea1b3e3c9ddc1a1f683f213771 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 12:17:00 -0500 Subject: add passenger and x509 submodules --- puppet/modules/passenger | 1 + puppet/modules/x509 | 1 + 2 files changed, 2 insertions(+) create mode 160000 puppet/modules/passenger create mode 160000 puppet/modules/x509 (limited to 'puppet/modules') diff --git a/puppet/modules/passenger b/puppet/modules/passenger new file mode 160000 index 00000000..d1b46de8 --- /dev/null +++ b/puppet/modules/passenger @@ -0,0 +1 @@ +Subproject commit d1b46de84acf4d9e3582b64e019935fb1125f9bb diff --git a/puppet/modules/x509 b/puppet/modules/x509 new file mode 160000 index 00000000..d7a252b7 --- /dev/null +++ b/puppet/modules/x509 @@ -0,0 +1 @@ +Subproject commit d7a252b77db843e800ed9fc92a56d5214f432026 -- cgit v1.2.3 From da0d9f3c407ffdae0d7583ef148d7e37cbbc20ad Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 11:12:17 -0500 Subject: add hiera keys for provider include site_webapp::apache --- puppet/modules/site_webapp/manifests/init.pp | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index 99f6df6c..08b7f92c 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -1,13 +1,17 @@ class site_webapp { + $definition_files = hiera('definition_files') + $provider = $definition_files['provider'] + Class[Ruby] -> Class[rubygems] -> Class[bundler::install] class { 'ruby': ruby_version => '1.9.3' } - include rubygems - class { 'bundler::install': install_method => '' } + include rubygems + include site_webapp::apache + group { 'leap-webapp': ensure => present, allowdupe => false; @@ -46,5 +50,3 @@ class site_webapp { require => [ Class['bundler::install'], Vcsrepo['/srv/leap-webapp'] ]; } } - - -- cgit v1.2.3 From a2e2f558bcfc4b35c7d81f282d73e06f78590113 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 11:12:43 -0500 Subject: place the provider.json and ca.crt in the webroot --- puppet/modules/site_webapp/manifests/init.pp | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index 08b7f92c..22f69e7a 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -49,4 +49,15 @@ class site_webapp { unless => '/usr/bin/bundle check', require => [ Class['bundler::install'], Vcsrepo['/srv/leap-webapp'] ]; } + + file { + '/srv/leap-webapp/public/provider.json': + content => $provider, + owner => leap-webapp, group => leap-webapp, mode => '0644'; + + '/srv/leap-webapp/public/ca.crt': + content => $cert_root, + owner => leap-webapp, group => leap-webapp, mode => '0644'; + } + } -- cgit v1.2.3 From 0876cc7c712f273991cbb1177d7416afd0a1462d Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 11:49:08 -0500 Subject: add site_webapp class to install the certs/keys/CAs and virtual host configurations --- .../site_apache/templates/vhosts.d/api.conf.erb | 36 +++++++++++++ .../templates/vhosts.d/leap_webapp.conf.erb | 39 ++++++++++++++ puppet/modules/site_webapp/manifests/apache.pp | 61 ++++++++++++++++++++++ 3 files changed, 136 insertions(+) create mode 100644 puppet/modules/site_apache/templates/vhosts.d/api.conf.erb create mode 100644 puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb create mode 100644 puppet/modules/site_webapp/manifests/apache.pp (limited to 'puppet/modules') diff --git a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb new file mode 100644 index 00000000..fc26190c --- /dev/null +++ b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb @@ -0,0 +1,36 @@ + + ServerName <%= api_domain %> + RewriteEngine On + RewriteRule ^.*$ https://<%= api_domain -%>%{REQUEST_URI} [R=permanent,L] + + + + ServerName <%= api_domain %> + + SSLEngine on + SSLProtocol -all +SSLv3 +TLSv1 + SSLCipherSuite HIGH:MEDIUM:!aNULL:!SSLv2:!MD5:@STRENGTH + SSLHonorCipherOrder on + + SSLCACertificatePath /etc/ssl/certs + SSLCertificateChainFile /etc/ssl/certs/leap_api.crt + SSLCertificateKeyFile /etc/x509/keys/leap_api.key + SSLCertificateFile /etc/x509/certs/leap_api.crt + + RequestHeader set X_FORWARDED_PROTO 'https' + + DocumentRoot /srv/leap_webapp/public + + # Check for maintenance file and redirect all requests + RewriteEngine On + RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f + RewriteCond %{SCRIPT_FILENAME} !maintenance.html + RewriteCond %{REQUEST_URI} !/images/maintenance.jpg + RewriteRule ^.*$ %{DOCUMENT_ROOT}/system/maintenance.html [L] + + # http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerallowencodedslashes_lt_on_off_gt + AllowEncodedSlashes on + PassengerAllowEncodedSlashes on + PassengerFriendlyErrorPages off + SetEnv TMPDIR /var/tmp + diff --git a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb new file mode 100644 index 00000000..bb035cd2 --- /dev/null +++ b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb @@ -0,0 +1,39 @@ + + ServerName <%= domain %> + ServerAlias www.<%= domain %> + RewriteEngine On + RewriteRule ^.*$ https://<%= domain -%>%{REQUEST_URI} [R=permanent,L] + + + + ServerName <%= domain %> + ServerAlias www.<%= domain %> + + SSLEngine on + SSLProtocol -all +SSLv3 +TLSv1 + SSLCipherSuite HIGH:MEDIUM:!aNULL:!SSLv2:!MD5:@STRENGTH + SSLHonorCipherOrder on + + SSLCACertificatePath /etc/ssl/certs + SSLCertificateChainFile /etc/ssl/certs/leap_webapp.crt + SSLCertificateKeyFile /etc/x509/keys/leap_webapp.key + SSLCertificateFile /etc/x509/certs/leap_webapp.crt + + RequestHeader set X_FORWARDED_PROTO 'https' + + DocumentRoot /srv/leap_webapp/public + + # Check for maintenance file and redirect all requests + RewriteEngine On + RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f + RewriteCond %{SCRIPT_FILENAME} !maintenance.html + RewriteCond %{REQUEST_URI} !/images/maintenance.jpg + RewriteRule ^.*$ %{DOCUMENT_ROOT}/system/maintenance.html [L] + + # http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerallowencodedslashes_lt_on_off_gt + AllowEncodedSlashes on + PassengerAllowEncodedSlashes on + PassengerFriendlyErrorPages off + SetEnv TMPDIR /var/tmp + + diff --git a/puppet/modules/site_webapp/manifests/apache.pp b/puppet/modules/site_webapp/manifests/apache.pp new file mode 100644 index 00000000..d6470186 --- /dev/null +++ b/puppet/modules/site_webapp/manifests/apache.pp @@ -0,0 +1,61 @@ +class site_webapp::apache { + + $api_domain = hiera('api_domain') + $x509 = hiera('x509') + $commercial_key = $x509['commercial_key'] + $commercial_cert = $x509['commercial_cert'] + $commercial_root = $x509['commercial_ca_cert'] + $api_key = $x509['key'] + $api_cert = $x509['cert'] + $api_root = $x509['ca_cert'] + + $apache_no_default_site = true + include apache::ssl + + apache::module { + 'rewrite': ensure => present; + 'headers': ensure => present; + } + + class { 'passenger': use_munin => false } + + apache::vhost::file { + 'leap_webapp': + content => template('site_apache/vhosts.d/leap_webapp.conf.erb') + } + + apache::vhost::file { + 'api': + content => template('site_apache/vhosts.d/api.conf.erb') + } + + x509::key { + 'leap_webapp': + content => $commercial_key, + notify => Service[apache]; + + 'leap_api': + content => $api_key, + notify => Service[apache]; + } + + x509::cert { + 'leap_webapp': + content => $commercial_cert, + notify => Service[apache]; + + 'leap_api': + content => $api_cert, + notify => Service[apache]; + } + + x509::ca { + 'leap_webapp': + content => $commercial_root, + notify => Service[apache]; + + 'leap_api': + content => $api_root, + notify => Service[apache]; + } +} -- cgit v1.2.3 From e49f4038b9a5c6b8b0d3f0eed8735abf5ef54c0e Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 14:40:10 -0500 Subject: map /1 -> document root --- puppet/modules/site_apache/templates/vhosts.d/api.conf.erb | 1 + puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb | 3 ++- puppet/modules/site_webapp/manifests/apache.pp | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb index fc26190c..49bd5c79 100644 --- a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb +++ b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb @@ -20,6 +20,7 @@ RequestHeader set X_FORWARDED_PROTO 'https' DocumentRoot /srv/leap_webapp/public + Alias /1 /srv/leap_webapp/public # Check for maintenance file and redirect all requests RewriteEngine On diff --git a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb index bb035cd2..f2b43928 100644 --- a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb +++ b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb @@ -22,9 +22,10 @@ RequestHeader set X_FORWARDED_PROTO 'https' DocumentRoot /srv/leap_webapp/public + Alias /1 /srv/leap_webapp/public - # Check for maintenance file and redirect all requests RewriteEngine On + # Check for maintenance file and redirect all requests RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f RewriteCond %{SCRIPT_FILENAME} !maintenance.html RewriteCond %{REQUEST_URI} !/images/maintenance.jpg diff --git a/puppet/modules/site_webapp/manifests/apache.pp b/puppet/modules/site_webapp/manifests/apache.pp index d6470186..8532cc38 100644 --- a/puppet/modules/site_webapp/manifests/apache.pp +++ b/puppet/modules/site_webapp/manifests/apache.pp @@ -13,6 +13,7 @@ class site_webapp::apache { include apache::ssl apache::module { + 'alias': ensure => present; 'rewrite': ensure => present; 'headers': ensure => present; } -- cgit v1.2.3 From 140975a265b971b14805370dc704e5a10806cd5f Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 15:26:58 -0500 Subject: make sure the webapp/public/config directory exists and the eip-service.json is provided there --- puppet/modules/site_webapp/manifests/init.pp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index 22f69e7a..5eaf9dc1 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -2,6 +2,7 @@ class site_webapp { $definition_files = hiera('definition_files') $provider = $definition_files['provider'] + $eap_service = $definition_files['eap_service'] Class[Ruby] -> Class[rubygems] -> Class[bundler::install] @@ -58,6 +59,14 @@ class site_webapp { '/srv/leap-webapp/public/ca.crt': content => $cert_root, owner => leap-webapp, group => leap-webapp, mode => '0644'; + + '/srv/leap-webapp/public/config': + ensure => directory, + owner => leap-webapp, group => leap-webapp, mode => '0755'; + + '/srv/leap-webapp/public/config/eip-service.json': + content => $eap_service, + owner => leap-webapp, group => leap-webapp, mode => '0644'; } } -- cgit v1.2.3 From 6272b9f72808afc4f5b93616df313d079580fbf7 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 15:27:43 -0500 Subject: setup the couchdb class to provide the couchdb connection parameters --- puppet/modules/site_webapp/manifests/couchdb.pp | 16 ++++++++++++++++ puppet/modules/site_webapp/manifests/init.pp | 1 + 2 files changed, 17 insertions(+) create mode 100644 puppet/modules/site_webapp/manifests/couchdb.pp (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/couchdb.pp b/puppet/modules/site_webapp/manifests/couchdb.pp new file mode 100644 index 00000000..caa4f19b --- /dev/null +++ b/puppet/modules/site_webapp/manifests/couchdb.pp @@ -0,0 +1,16 @@ +class site_webapp::couchdb { + + $webapp = hiera_array('webapp') + $couchdb_host = $webapp['couchdb_hosts'] + $couchdb_user = $webapp['couchdb_user']['username'] + $couchdb_password = $webapp['couchdb_user']['password'] + + file { + '/srv/leap-webapp/config/couchdb.yml': + content => template('couchdb.yml.erb'), + owner => leap-webapp, + group => leap-webapp, + mode => '0600'; + } + +} diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index 5eaf9dc1..3c374d93 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -12,6 +12,7 @@ class site_webapp { include rubygems include site_webapp::apache + include site_webapp::couchdb group { 'leap-webapp': ensure => present, -- cgit v1.2.3 From e47e7fc15183a5ba4f879c2046ab29515f528903 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 15:34:22 -0500 Subject: add the couchdb configuration template --- puppet/modules/site_webapp/templates/couchdb.yml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 puppet/modules/site_webapp/templates/couchdb.yml (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/templates/couchdb.yml b/puppet/modules/site_webapp/templates/couchdb.yml new file mode 100644 index 00000000..f5132599 --- /dev/null +++ b/puppet/modules/site_webapp/templates/couchdb.yml @@ -0,0 +1,7 @@ +production: + protocol: 'https' + host: <%= couchdb_host %> + port: 443 + username: <%= couchdb_user %> + password: <%= couchdb_password %> + -- cgit v1.2.3 From c1bc263947c3265d4e9e5b2780765351036f756a Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 16:01:40 -0500 Subject: fix name of couchdb.yml template --- puppet/modules/site_webapp/templates/couchdb.yml | 7 ------- puppet/modules/site_webapp/templates/couchdb.yml.erb | 7 +++++++ 2 files changed, 7 insertions(+), 7 deletions(-) delete mode 100644 puppet/modules/site_webapp/templates/couchdb.yml create mode 100644 puppet/modules/site_webapp/templates/couchdb.yml.erb (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/templates/couchdb.yml b/puppet/modules/site_webapp/templates/couchdb.yml deleted file mode 100644 index f5132599..00000000 --- a/puppet/modules/site_webapp/templates/couchdb.yml +++ /dev/null @@ -1,7 +0,0 @@ -production: - protocol: 'https' - host: <%= couchdb_host %> - port: 443 - username: <%= couchdb_user %> - password: <%= couchdb_password %> - diff --git a/puppet/modules/site_webapp/templates/couchdb.yml.erb b/puppet/modules/site_webapp/templates/couchdb.yml.erb new file mode 100644 index 00000000..f5132599 --- /dev/null +++ b/puppet/modules/site_webapp/templates/couchdb.yml.erb @@ -0,0 +1,7 @@ +production: + protocol: 'https' + host: <%= couchdb_host %> + port: 443 + username: <%= couchdb_user %> + password: <%= couchdb_password %> + -- cgit v1.2.3 From 77368affb8773cf91755f47e25c378c7472fb50b Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 16:02:05 -0500 Subject: fix name of eip_service --- puppet/modules/site_webapp/manifests/init.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index 3c374d93..c5f33b5a 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -2,7 +2,7 @@ class site_webapp { $definition_files = hiera('definition_files') $provider = $definition_files['provider'] - $eap_service = $definition_files['eap_service'] + $eip_service = $definition_files['eip_service'] Class[Ruby] -> Class[rubygems] -> Class[bundler::install] @@ -66,7 +66,7 @@ class site_webapp { owner => leap-webapp, group => leap-webapp, mode => '0755'; '/srv/leap-webapp/public/config/eip-service.json': - content => $eap_service, + content => $eip_service, owner => leap-webapp, group => leap-webapp, mode => '0644'; } -- cgit v1.2.3 From a706fff9f79d6f57eff4ec238c3f316c33ae278a Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 16:02:44 -0500 Subject: fix location of couchdb.yml template --- puppet/modules/site_webapp/manifests/couchdb.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/couchdb.pp b/puppet/modules/site_webapp/manifests/couchdb.pp index caa4f19b..38057bf6 100644 --- a/puppet/modules/site_webapp/manifests/couchdb.pp +++ b/puppet/modules/site_webapp/manifests/couchdb.pp @@ -7,7 +7,7 @@ class site_webapp::couchdb { file { '/srv/leap-webapp/config/couchdb.yml': - content => template('couchdb.yml.erb'), + content => template('site_webapp/couchdb.yml.erb'), owner => leap-webapp, group => leap-webapp, mode => '0600'; -- cgit v1.2.3 From 6f7f760f7f17da7cb0ff362eac3f78ab042f132d Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 16:02:56 -0500 Subject: switch from hiera_array to just hiera --- puppet/modules/site_webapp/manifests/couchdb.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/couchdb.pp b/puppet/modules/site_webapp/manifests/couchdb.pp index 38057bf6..6cac666f 100644 --- a/puppet/modules/site_webapp/manifests/couchdb.pp +++ b/puppet/modules/site_webapp/manifests/couchdb.pp @@ -1,6 +1,6 @@ class site_webapp::couchdb { - $webapp = hiera_array('webapp') + $webapp = hiera('webapp') $couchdb_host = $webapp['couchdb_hosts'] $couchdb_user = $webapp['couchdb_user']['username'] $couchdb_password = $webapp['couchdb_user']['password'] -- cgit v1.2.3 From ea60af41f4a5a7bdd67fd7da129716c8f698cf1a Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Nov 2012 16:03:16 -0500 Subject: fix location of SSLCertificateChainFile location --- puppet/modules/site_apache/templates/vhosts.d/api.conf.erb | 2 +- puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb index 49bd5c79..37c4a727 100644 --- a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb +++ b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb @@ -13,7 +13,7 @@ SSLHonorCipherOrder on SSLCACertificatePath /etc/ssl/certs - SSLCertificateChainFile /etc/ssl/certs/leap_api.crt + SSLCertificateChainFile /etc/ssl/certs/leap_api.pem SSLCertificateKeyFile /etc/x509/keys/leap_api.key SSLCertificateFile /etc/x509/certs/leap_api.crt diff --git a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb index f2b43928..85e7289b 100644 --- a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb +++ b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb @@ -15,7 +15,7 @@ SSLHonorCipherOrder on SSLCACertificatePath /etc/ssl/certs - SSLCertificateChainFile /etc/ssl/certs/leap_webapp.crt + SSLCertificateChainFile /etc/ssl/certs/leap_webapp.pem SSLCertificateKeyFile /etc/x509/keys/leap_webapp.key SSLCertificateFile /etc/x509/certs/leap_webapp.crt -- cgit v1.2.3