From 031cc983dc4957787f6d75de91c850fb28a4473a Mon Sep 17 00:00:00 2001
From: Clark Boylan <clark.boylan@gmail.com>
Date: Mon, 7 May 2012 16:03:24 +0000
Subject: [PATCH] Puppet Module to install etherpad-lite.

Part of the work necessary for bug #995248

Puppet module to do a basic install of etherpad-lite. Currently
installs etherpad-lite and node.js. Configures etherpad-lite to use
mysql for its DB backend and sets up nginx to reverse proxy
etherpad-lite.

Change-Id: I3ee1ce4594fcf2a27b520a3ad7a024318f69111a
---
 modules/etherpad_lite/files/pad.js          |   7 +
 modules/etherpad_lite/manifests/init.pp     | 178 ++++++++++++++++++++
 modules/etherpad_lite/manifests/mysql.pp    |  37 ++++
 modules/etherpad_lite/manifests/nginx.pp    |  31 ++++
 modules/etherpad_lite/manifests/site.pp     |  41 +++++
 modules/etherpad_lite/templates/nginx.erb   |  29 ++++
 modules/etherpad_lite/templates/upstart.erb |  26 +++
 7 files changed, 349 insertions(+)
 create mode 100644 modules/etherpad_lite/files/pad.js
 create mode 100644 modules/etherpad_lite/manifests/init.pp
 create mode 100644 modules/etherpad_lite/manifests/mysql.pp
 create mode 100644 modules/etherpad_lite/manifests/nginx.pp
 create mode 100644 modules/etherpad_lite/manifests/site.pp
 create mode 100644 modules/etherpad_lite/templates/nginx.erb
 create mode 100644 modules/etherpad_lite/templates/upstart.erb

diff --git a/modules/etherpad_lite/files/pad.js b/modules/etherpad_lite/files/pad.js
new file mode 100644
index 0000000000..1fe0210987
--- /dev/null
+++ b/modules/etherpad_lite/files/pad.js
@@ -0,0 +1,7 @@
+function customStart()
+{
+  //define your javascript here
+  //jquery is available - except index.js
+  //you can load extra scripts with $.getScript http://api.jquery.com/jQuery.getScript/
+  chat.stickToScreen(true);
+}
diff --git a/modules/etherpad_lite/manifests/init.pp b/modules/etherpad_lite/manifests/init.pp
new file mode 100644
index 0000000000..82d99fd23f
--- /dev/null
+++ b/modules/etherpad_lite/manifests/init.pp
@@ -0,0 +1,178 @@
+# define to manage a git repo (should replace with vcsrepo module)
+define git_repo (
+  $repo,
+  $dest,
+  $user   = 'root',
+  $branch = 'master'
+) {
+
+# if we already have the git repo the pull updates
+  exec { "update_${title}":
+    command => "git pull --ff-only origin ${branch}",
+    cwd     => $dest,
+    path    => '/bin:/usr/bin',
+    user    => $user,
+    onlyif  => "test -d ${dest}",
+    before  => Exec["clone_${title}"],
+  }
+
+# otherwise get a new clone of it
+  exec { "clone_${title}":
+    command => "git clone ${repo} ${dest}",
+    path    => '/bin:/usr/bin',
+    user    => $user,
+    onlyif  => "test ! -d ${dest}",
+  } ->
+
+  exec { "checkout_${title}_${branch}":
+    command => "git checkout ${branch}",
+    path    => '/bin:/usr/bin',
+    cwd     => $dest,
+    user    => $user,
+    subscribe => Exec["clone_${title}"],
+    refreshonly => true,
+    onlyif  => "test -d ${dest}"
+  }
+
+}
+
+# define to build from source using ./configure && make && make install.
+define buildsource(
+  $dir  = $title,
+  $user = 'root'
+) {
+
+  exec { "./configure in ${dir}":
+    command => './configure',
+    path    => "/usr/bin:/bin:/usr/local/bin:${dir}",
+    user    => $user,
+    cwd     => $dir,
+  } ->
+
+  exec { "make in ${dir}":
+    command => 'make',
+    path    => '/usr/bin:/bin',
+    user    => $user,
+    cwd     => $dir,
+  } ->
+
+  exec { "make install in ${dir}":
+    command => 'make install',
+    path    => '/usr/bin:/bin',
+    user    => $user,
+    cwd     => $dir,
+  }
+
+}
+
+# Class to install etherpad lite. Puppet acts a lot like a package manager
+# through this class.
+#
+# To use etherpad lite you will want the following includes:
+# include etherpad_lite
+# include etherpad_lite::mysql # necessary to use mysql as the backend
+# include etherpad_lite::site # configures etherpad lite instance
+# include etherpad_lite::nginx # will add reverse proxy on localhost
+# The defaults for all the classes should just work (tm)
+#
+# You will need to have a file at
+# /root/secret-files/etherpad-lite_settings.json on the host that is puppet
+# master or running puppet apply. This file should contain the settings for
+# etherpad-lite. A template for that settings file can be found at:
+# https://raw.github.com/Pita/etherpad-lite/master/settings.json.template
+#
+class etherpad_lite (
+  $ep_user          = 'eplite',
+  $base_log_dir     = '/var/log',
+  $base_install_dir = '/opt/etherpad-lite'
+) {
+
+  user { $ep_user:
+    shell   => '/sbin/nologin',
+    home    => "${base_log_dir}/${ep_user}",
+    system  => true,
+    gid     => $ep_user,
+    require => Group[$ep_user]
+  }
+
+  group { $ep_user:
+    ensure => present
+  }
+
+  # Below is what happens when you treat puppet as a package manager.
+  # This is probably bad, but it works and you don't need to roll .debs.
+  file { "${base_install_dir}":
+    ensure => directory,
+    group  => $ep_user,
+    mode   => 0664,
+  }
+
+  package { 'git':
+    ensure => present
+  }
+
+  git_repo { 'nodejs_repo':
+    repo    => 'https://github.com/joyent/node.git',
+    dest    => "${base_install_dir}/nodejs",
+    branch  => 'v0.6.16-release',
+    require => Package['git']
+  }
+
+  package { ['gzip',
+             'curl',
+             'python',
+             'libssl-dev',
+             'pkg-config',
+             'abiword',
+             'build-essential',]:
+    ensure => present
+  }
+
+  buildsource { "${base_install_dir}/nodejs":
+    require => [Package['gzip'],
+                Package['curl'],
+                Package['python'],
+                Package['libssl-dev'],
+                Package['pkg-config'],
+                Package['build-essential'],
+                Git_repo['nodejs_repo']]
+  }
+
+  git_repo { 'etherpad_repo':
+    repo    => 'https://github.com/Pita/etherpad-lite.git',
+    dest    => "${base_install_dir}/etherpad-lite",
+    user    => $ep_user,
+    require => Package['git']
+  }
+
+  exec { 'install_etherpad_dependencies':
+    command     => './bin/installDeps.sh',
+    path        => "/usr/bin:/bin:/usr/local/bin:${base_install_dir}/etherpad-lite",
+    user        => $ep_user,
+    cwd         => "${base_install_dir}/etherpad-lite",
+    environment => "HOME=${base_log_dir}/${ep_user}",
+    creates     => "${base_install_dir}/etherpad-lite/node_modules",
+    require     => [Git_repo['etherpad_repo'],
+                    Buildsource["${base_install_dir}/nodejs"]],
+    before      => File["${base_install_dir}/etherpad-lite/settings.json"]
+  }
+
+  file { '/etc/init/etherpad-lite.conf':
+    ensure  => 'present',
+    content => template('etherpad_lite/upstart.erb'),
+    replace => 'true',
+    owner   => 'root',
+  }
+
+  file { '/etc/init.d/etherpad-lite':
+    ensure => link,
+    target => '/lib/init/upstart-job'
+  }
+
+  file { "${base_log_dir}/${ep_user}":
+    ensure => directory,
+    owner  => $ep_user,
+  }
+  # end package management ugliness
+
+}
diff --git a/modules/etherpad_lite/manifests/mysql.pp b/modules/etherpad_lite/manifests/mysql.pp
new file mode 100644
index 0000000000..508c51e7df
--- /dev/null
+++ b/modules/etherpad_lite/manifests/mysql.pp
@@ -0,0 +1,37 @@
+class etherpad_lite::mysql {
+
+  include etherpad_lite
+
+  package { 'mysql-server':
+    ensure => present
+  }
+
+  package { 'mysql-client':
+    ensure => present
+  }
+
+  service { "mysql":
+    enable     => true,
+    ensure     => running,
+    hasrestart => true,
+    require    => [Package['mysql-server'],
+                   Package['mysql-client']]
+  }
+
+  exec { "create-etherpad-lite-db":
+    unless  => 'mysql --defaults-file=/etc/mysql/debian.cnf etherpad-lite',
+    path    => ['/bin', '/usr/bin'],
+    command => "mysql --defaults-file=/etc/mysql/debian.cnf -e \"create database \`etherpad-lite\` CHARACTER SET utf8 COLLATE utf8_bin;\"",
+    require => [Service['mysql'],
+                File["${etherpad_lite::base_install_dir}/etherpad-lite/settings.json"]]
+  } ->
+
+  exec { "grant-etherpad-lite-db":
+    unless  => "mysql -ueplite -p'`grep password ${etherpad_lite::base_install_dir}/etherpad-lite/settings.json | cut -d: -f2 | sed -e 's/.*\"\(.*\)\".*/\1/'`' etherpad-lite",
+    path    => ['/bin', '/usr/bin'],
+    command => "mysql --defaults-file=/etc/mysql/debian.cnf -e \"grant all on \`etherpad-lite\`.* to 'eplite'@'localhost' identified by '`grep password ${etherpad_lite::base_install_dir}/etherpad-lite/settings.json | cut -d: -f2 | sed -e 's/.*\"\(.*\)\".*/\1/'`';\" mysql",
+    require => [Service['mysql'],
+                File["${etherpad_lite::base_install_dir}/etherpad-lite/settings.json"]]
+  }
+
+}
diff --git a/modules/etherpad_lite/manifests/nginx.pp b/modules/etherpad_lite/manifests/nginx.pp
new file mode 100644
index 0000000000..506891e660
--- /dev/null
+++ b/modules/etherpad_lite/manifests/nginx.pp
@@ -0,0 +1,31 @@
+class etherpad_lite::nginx (
+  $default_server = 'default_server',
+  $server_name    = 'localhost'
+) {
+
+  package { 'nginx':
+    ensure => present
+  }
+
+  file { '/etc/nginx/sites-enabled/default':
+    ensure  => absent,
+    require => Package['nginx'],
+    notify  => Service['nginx']
+  }
+
+  file { '/etc/nginx/sites-enabled/etherpad-lite':
+    ensure  => present,
+    content => template('etherpad_lite/nginx.erb'),
+    replace => 'true',
+    owner   => 'root',
+    require => Package['nginx'],
+    notify  => Service['nginx']
+  }
+
+  service { 'nginx':
+    enable     => true,
+    ensure     => running,
+    hasrestart => true
+  }
+
+}
diff --git a/modules/etherpad_lite/manifests/site.pp b/modules/etherpad_lite/manifests/site.pp
new file mode 100644
index 0000000000..d4527b1552
--- /dev/null
+++ b/modules/etherpad_lite/manifests/site.pp
@@ -0,0 +1,41 @@
+class etherpad_lite::site (
+  $dbType = 'mysql'
+) {
+
+  include etherpad_lite
+
+  if $dbType == 'mysql' {
+    service { 'etherpad-lite':
+      enable    => true,
+      ensure    => running,
+      subscribe => File["${etherpad_lite::base_install_dir}/etherpad-lite/settings.json"],
+      require   => Class['etherpad_lite::mysql'],
+    }
+  }
+  else {
+    service { 'etherpad-lite':
+      enable    => true,
+      ensure    => running,
+      subscribe => File["${etherpad_lite::base_install_dir}/etherpad-lite/settings.json"],
+    }
+  }
+
+  file { "${etherpad_lite::base_install_dir}/etherpad-lite/settings.json":
+    ensure  => 'present',
+    source  => 'file:///root/secret-files/etherpad-lite_settings.json',
+    replace => true,
+    owner   => $etherpad_lite::ep_user,
+    group   => $etherpad_lite::ep_user,
+    mode    => 0600,
+    require => Class['etherpad_lite']
+  }
+
+  file { "${etherpad_lite::base_install_dir}/etherpad-lite/static/custom/pad.js":
+    ensure  => 'present',
+    source  => 'puppet:///modules/etherpad_lite/pad.js',
+    owner   => $etherpad_lite::ep_user,
+    group   => $etherpad_lite::ep_user,
+    require => Class['etherpad_lite']
+  }
+
+}
diff --git a/modules/etherpad_lite/templates/nginx.erb b/modules/etherpad_lite/templates/nginx.erb
new file mode 100644
index 0000000000..8554ec0715
--- /dev/null
+++ b/modules/etherpad_lite/templates/nginx.erb
@@ -0,0 +1,29 @@
+server {
+        listen       443 <%= default_server %>;
+        server_name  <%= server_name %>;
+
+        access_log  /var/log/nginx/eplite.access.log;
+        error_log   /var/log/nginx/eplite.error.log;
+
+        ssl                  on;
+        ssl_certificate      /etc/nginx/ssl/eplite.crt;
+        ssl_certificate_key  /etc/nginx/ssl/eplite.key;
+
+        ssl_session_timeout  5m;
+
+        ssl_protocols  SSLv2 SSLv3 TLSv1;
+        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
+        ssl_prefer_server_ciphers   on;
+
+        location / {
+            proxy_pass             http://localhost:9001/;
+            proxy_set_header       Host $host;
+            proxy_buffering off;
+        }
+}
+
+#server {
+#    listen       80 <%= default_server %>;
+#    server_name  <%= server_name %>;
+#    rewrite     ^(.*)   https://$server_name$1 permanent;
+#}
diff --git a/modules/etherpad_lite/templates/upstart.erb b/modules/etherpad_lite/templates/upstart.erb
new file mode 100644
index 0000000000..5a3ddb1264
--- /dev/null
+++ b/modules/etherpad_lite/templates/upstart.erb
@@ -0,0 +1,26 @@
+description "etherpad-lite"
+
+start on started networking
+stop on runlevel [!2345]
+
+env EPHOME=<%= base_install_dir %>/etherpad-lite
+env EPLOGS=<%= base_log_dir %>/<%= ep_user %>
+env EPUSER=<%= ep_user %>
+
+respawn
+
+pre-start script
+    chdir $EPHOME
+    mkdir $EPLOGS                              ||true
+    chown $EPUSER:admin $EPLOGS                ||true
+    chmod 0755 $EPLOGS                         ||true
+    chown -R $EPUSER:admin $EPHOME/var         ||true
+    bin/installDeps.sh >> $EPLOGS/error.log || { stop; exit 1; }
+end script
+
+script
+  cd $EPHOME/node
+  exec su -s /bin/sh -c 'exec "$0" "$@"' $EPUSER -- /usr/local/bin/node server.js \
+                        >> $EPLOGS/access.log \
+                        2>> $EPLOGS/error.log
+end script