Update eplite module for new version of eplite.

Etherpad lite has changed their source tree slightly. This has required a few updates to the etherpad lite puppet module. The custom pad.js needs to go in a different directory and the upstart conf file needs a couple updated paths. In addition to the fixes a couple things have been cleaned up. Now define an etherpadlite.openstack.org node in site.pp and copy SSL certs from /root/secret-files. Change-Id: I312b419aa98212b6db68232c672bc4d75f23777f
2012-05-31 23:16:57 +00:00 · 2012-05-31 23:16:57 +00:00 · 04dad8bf96
commit 04dad8bf96
parent 2286237a10
7 changed files with 52 additions and 18 deletions
--- a/doc/puppet_modules.rst
+++ b/doc/puppet_modules.rst
@ -364,10 +364,11 @@ Nginx

 The reverse proxy is configured to talk to Etherpad Lite over localhost:9001.
 Nginx listens on TCP 443 for HTTPS connections. Because HTTPS is used you will
-need SSL certificates (again not managed by Puppet because of the sensitive
-nature of these files). Nginx expects your certificate file to be at
-``/etc/nginx/ssl/eplite.crt`` and your certificate key file to be at
-``/etc/nginx/ssl/eplite.key``.
+need SSL certificates. These files are not directly managed by Puppet (again
+because of the sensitive nature of these files), but Puppet will look for
+``/root/secret-files/eplite.crt`` and ``/root/secret-files/eplite.key`` and 
+copy them to ``/etc/nginx/ssl/eplite.crt`` and ``/etc/nginx/ssl/eplite.key``,
+which is where Nginx expects them to be.

 MySQL
 ^^^^^
--- a/manifests/site.pp
+++ b/manifests/site.pp
@ -383,6 +383,20 @@ node "pypi.openstack.org" {
  }
 }

+node 'etherpadlite.openstack.org' {
+  include openstack_cron
+  class { 'openstack_server':
+    iptables_public_tcp_ports => [22, 80, 443]
+  }
+
+  include etherpad_lite
+  class { 'etherpad_lite::nginx':
+    server_name => 'etherpadlite.openstack.org'
+  }
+  include etherpad_lite::site
+  include etherpad_lite::mysql
+}
+
 # A bare machine, but with a jenkins user
 node /^.*\.template\.openstack\.org$/ {
  class { 'openstack_template':
--- a/modules/etherpad_lite/manifests/init.pp
+++ b/modules/etherpad_lite/manifests/init.pp
@ -107,10 +107,6 @@ class etherpad_lite (
    mode   => 0664,
  }

-  package { 'git':
-    ensure => present
-  }
-
  git_repo { 'nodejs_repo':
    repo    => 'https://github.com/joyent/node.git',
    dest    => "${base_install_dir}/nodejs",
@ -151,7 +147,6 @@ class etherpad_lite (
    user        => $ep_user,
    cwd         => "${base_install_dir}/etherpad-lite",
    environment => "HOME=${base_log_dir}/${ep_user}",
-    creates     => "${base_install_dir}/etherpad-lite/node_modules",
    require     => [Git_repo['etherpad_repo'],
                    Buildsource["${base_install_dir}/nodejs"]],
    before      => File["${base_install_dir}/etherpad-lite/settings.json"]
--- a/modules/etherpad_lite/manifests/nginx.pp
+++ b/modules/etherpad_lite/manifests/nginx.pp
@ -18,10 +18,34 @@ class etherpad_lite::nginx (
    content => template('etherpad_lite/nginx.erb'),
    replace => 'true',
    owner   => 'root',
-    require => Package['nginx'],
+    require => File['/etc/nginx/ssl/eplite.crt', '/etc/nginx/ssl/eplite.key'],
    notify  => Service['nginx']
  }

+  file { '/etc/nginx/ssl':
+    ensure => directory,
+    owner  => 'root',
+    mode   => 0700,
+  }
+
+  file { '/etc/nginx/ssl/eplite.crt':
+    ensure  => present,
+    replace => true,
+    owner   => 'root',
+    mode    => 0600,
+    source  => 'file:///root/secret-files/eplite.crt',
+    require => Package['nginx'],
+  }
+
+  file { '/etc/nginx/ssl/eplite.key':
+    ensure  => present,
+    replace => true,
+    owner   => 'root',
+    mode    => 0600,
+    source  => 'file:///root/secret-files/eplite.key',
+    require => Package['nginx'],
+  }
+
  service { 'nginx':
    enable     => true,
    ensure     => running,
--- a/modules/etherpad_lite/manifests/site.pp
+++ b/modules/etherpad_lite/manifests/site.pp
@ -30,7 +30,7 @@ class etherpad_lite::site (
    require => Class['etherpad_lite']
  }

-  file { "${etherpad_lite::base_install_dir}/etherpad-lite/static/custom/pad.js":
+  file { "${etherpad_lite::base_install_dir}/etherpad-lite/src/static/custom/pad.js":
    ensure  => 'present',
    source  => 'puppet:///modules/etherpad_lite/pad.js',
    owner   => $etherpad_lite::ep_user,
--- a/modules/etherpad_lite/templates/nginx.erb
+++ b/modules/etherpad_lite/templates/nginx.erb
@ -22,8 +22,8 @@ server {
        }
 }

-#server {
-#    listen       80 <%= default_server %>;
-#    server_name  <%= server_name %>;
-#    rewrite     ^(.*)   https://$server_name$1 permanent;
-#}
+server {
+    listen       80 <%= default_server %>;
+    server_name  <%= server_name %>;
+    rewrite     ^(.*)   https://$server_name$1 permanent;
+}
--- a/modules/etherpad_lite/templates/upstart.erb
+++ b/modules/etherpad_lite/templates/upstart.erb
@ -19,8 +19,8 @@ pre-start script
 end script

 script
-  cd $EPHOME/node
-  exec su -s /bin/sh -c 'exec "$0" "$@"' $EPUSER -- /usr/local/bin/node server.js \
+  cd $EPHOME
+  exec su -s /bin/sh -c 'exec "$0" "$@"' $EPUSER -- /usr/local/bin/node node_modules/ep_etherpad-lite/node/server.js \
                        >> $EPLOGS/access.log \
                        2>> $EPLOGS/error.log
 end script