| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 | # configure couchdb
class couchdb::base {
  if $::couchdb::bigcouch == true {
    $couchdb_user = 'bigcouch'
    include couchdb::bigcouch
  } else {
    $couchdb_user = 'couchdb'
  }
  # we use package{} here because bigcouch.pp overwrites it and
  # this won't work with ensure_packages()
  package {'couchdb':
    ensure => installed
  }
  service { 'couchdb':
    ensure    => running,
    hasstatus => true,
    enable    => true,
    require   => Package['couchdb']
  }
  # todo: make host/port configurable
  exec { 'wait_for_couchdb':
    command => 'wget --retry-connrefused --tries 10 --quiet "http://127.0.0.1:5984" -O /dev/null',
    require => Service['couchdb']
  }
  # couchrest gem is required for couch-doc-update script,
  # and it needs the ruby-dev package installed to build
  if versioncmp($::operatingsystemrelease, '8') < 0 {
    $couchrest_version = '1.2'
  }
  else {
    # couchrest v1.2.1 doesn't build with default debian jessie rake version
    # shipped as debian package (10.3.2)
    # see https://leap.se/code/issues/7754
    $couchrest_version = '1.2.0'
  }
  ensure_packages('ruby-dev')
  ensure_packages('couchrest', {
    provider => 'gem',
    ensure   => $couchrest_version,
    require  => Package['ruby-dev']
  })
  File['/usr/local/bin/couch-doc-update'] ->  Couchdb::Update <| |>
  File['/usr/local/bin/couch-doc-diff'] ->  Couchdb::Update <| |>
  Couchdb::Update <| |> -> Couchdb::Document <| |>
  file {
    '/usr/local/bin/couch-doc-update':
      source  => 'puppet:///modules/couchdb/couch-doc-update',
      mode    => '0755',
      owner   => 'root',
      group   => 'root',
      require => Package['couchrest'];
    '/usr/local/bin/couch-doc-diff':
      source  => 'puppet:///modules/couchdb/couch-doc-diff',
      mode    => '0755',
      owner   => 'root',
      group   => 'root',
      require => Package['couchrest'];
    '/etc/couchdb/local.ini':
      source  => [ "puppet:///modules/site_couchdb/${::fqdn}/local.ini",
                  'puppet:///modules/site_couchdb/local.ini',
                  'puppet:///modules/couchdb/local.ini' ],
      notify  => Service[couchdb],
      owner   => $couchdb_user,
      group   => $couchdb_user,
      mode    => '0660',
      require => Package['couchdb'];
    '/etc/couchdb/local.d':
      ensure  => directory,
      require => Package['couchdb'];
  }
  $alg  = $::couchdb::pwhash_alg
  $salt = $::couchdb::admin_salt
  case $alg {
    'sha1': {
      # str_and_salt2sha1 is a function from leap's stdlib module
      $pw_and_salt = [ $::couchdb::admin_pw, $salt ]
      $sha1        = str_and_salt2sha1($pw_and_salt)
      $admin_hash  = "-hashed-${sha1},${salt}"
    }
    'pbkdf2': {
      $pbkdf2      = pbkdf2($::couchdb::admin_pw, $::couchdb::admin_salt, 10)
      $sha1        = $pbkdf2['sha1']
      $admin_hash  = "-pbkdf2-${sha1},${salt},10"
    }
    default:  { fail ("Unknown fact couchdb_pwhash_alg ${::couchdb_pwhash_alg} - Exiting.") }
  }
  file { '/etc/couchdb/local.d/admin.ini':
    content => template('couchdb/admin.ini.erb'),
    mode    => '0600',
    owner   => $couchdb_user,
    group   => $couchdb_user,
    notify  => Service[couchdb],
    require => File['/etc/couchdb/local.d'];
  }
  case $::couchdb::bigcouch {
    true: { $restart_command = '/etc/init.d/bigcouch restart; sleep 6' }
    default: { $restart_command = '/etc/init.d/couchdb restart; sleep 6' }
  }
  exec { 'couchdb_restart':
    command     => $restart_command,
    path        => ['/bin', '/usr/bin',],
    subscribe   => File['/etc/couchdb/local.d/admin.ini',
                        '/etc/couchdb/local.ini'],
    refreshonly => true
  }
}
 |