summaryrefslogtreecommitdiff
path: root/puppet/modules/soledad/manifests/server.pp
blob: 1113bd86f93fdd7c133a2e0d45a6ba9cfa5b16bf (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# setup soledad-server
class soledad::server {
  tag 'leap_service'
  include soledad
  include site_apt::preferences::twisted

  $soledad              = hiera('soledad')
  $couchdb_user         = $soledad['couchdb_soledad_user']['username']
  $couchdb_password     = $soledad['couchdb_soledad_user']['password']
  $couchdb_leap_mx_user = $soledad['couchdb_leap_mx_user']['username']

  $couchdb_host = 'localhost'
  $couchdb_port = '5984'

  $soledad_port = $soledad['port']

  $sources      = hiera('sources')

  include site_config::x509::cert
  include site_config::x509::key
  include site_config::x509::ca

  #
  # SOLEDAD CONFIG
  #

  file {
    '/etc/soledad':
      ensure => directory,
      owner  => 'root',
      group  => 'root',
      mode   => '0755';
    '/etc/soledad/soledad-server.conf':
      content => template('soledad/soledad-server.conf.erb'),
      owner   => 'soledad',
      group   => 'soledad',
      mode    => '0640',
      notify  => Service['soledad-server'],
      require => Class['soledad'];
  }

  package { $sources['soledad']['package']:
    ensure  => $sources['soledad']['revision'],
    require => [
      Class['site_apt::preferences::twisted'],
      Class['site_apt::leap_repo'] ];
  }

  file { '/etc/default/soledad':
    content => template('soledad/default-soledad.erb'),
    owner   => 'soledad',
    group   => 'soledad',
    mode    => '0600',
    notify  => Service['soledad-server'],
    require => Class['soledad'];
  }

  service { 'soledad-server':
    ensure     => running,
    enable     => true,
    hasstatus  => true,
    hasrestart => true,
    require    => Class['soledad'],
    subscribe  => [
      Package['soledad-server'],
      Class['Site_config::X509::Key'],
      Class['Site_config::X509::Cert'],
      Class['Site_config::X509::Ca'] ];
  }

  include site_shorewall::soledad
  include site_check_mk::agent::soledad
}