opendev/system-config
Code Issues Proposed changes

Update eplite module for new version of eplite.

Browse Source 
Etherpad lite has changed their source tree slightly. This has
required a few updates to the etherpad lite puppet module. The
custom pad.js needs to go in a different directory and the upstart
conf file needs a couple updated paths.

In addition to the fixes a couple things have been cleaned up. Now
define an etherpadlite.openstack.org node in site.pp and copy SSL
certs from /root/secret-files.

Change-Id: I312b419aa98212b6db68232c672bc4d75f23777f
This commit is contained in:
Clark Boylan 2012-05-31 23:16:57 +00:00
parent 2286237a10
commit 04dad8bf96
7 changed files with 52 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
doc/puppet_modules.rst
View File

@ -364,10 +364,11 @@ Nginx
The reverse proxy is configured to talk to Etherpad Lite over localhost:9001. The reverse proxy is configured to talk to Etherpad Lite over localhost:9001.
Nginx listens on TCP 443 for HTTPS connections. Because HTTPS is used you will Nginx listens on TCP 443 for HTTPS connections. Because HTTPS is used you will
need SSL certificates (again not managed by Puppet because of the sensitive need SSL certificates. These files are not directly managed by Puppet (again
nature of these files). Nginx expects your certificate file to be at because of the sensitive nature of these files), but Puppet will look for
``/etc/nginx/ssl/eplite.crt`` and your certificate key file to be at ``/root/secret-files/eplite.crt`` and ``/root/secret-files/eplite.key`` and
``/etc/nginx/ssl/eplite.key``. copy them to ``/etc/nginx/ssl/eplite.crt`` and ``/etc/nginx/ssl/eplite.key``,
which is where Nginx expects them to be.
MySQL MySQL
^^^^^ ^^^^^

14
manifests/site.pp
View File

@ -383,6 +383,20 @@ node "pypi.openstack.org" {
} }
} }
node 'etherpadlite.openstack.org' {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => [22, 80, 443]
}
include etherpad_lite
class { 'etherpad_lite::nginx':
server_name => 'etherpadlite.openstack.org'
}
include etherpad_lite::site
include etherpad_lite::mysql
}
# A bare machine, but with a jenkins user # A bare machine, but with a jenkins user
node /^.*\.template\.openstack\.org$/ { node /^.*\.template\.openstack\.org$/ {
class { 'openstack_template': class { 'openstack_template':

5
modules/etherpad_lite/manifests/init.pp
View File

@ -107,10 +107,6 @@ class etherpad_lite (
mode => 0664, mode => 0664,
} }
package { 'git':
ensure => present
}
git_repo { 'nodejs_repo': git_repo { 'nodejs_repo':
repo => 'https://github.com/joyent/node.git', repo => 'https://github.com/joyent/node.git',
dest => "${base_install_dir}/nodejs", dest => "${base_install_dir}/nodejs",
@ -151,7 +147,6 @@ class etherpad_lite (
user => $ep_user, user => $ep_user,
cwd => "${base_install_dir}/etherpad-lite", cwd => "${base_install_dir}/etherpad-lite",
environment => "HOME=${base_log_dir}/${ep_user}", environment => "HOME=${base_log_dir}/${ep_user}",
creates => "${base_install_dir}/etherpad-lite/node_modules",
require => [Git_repo['etherpad_repo'], require => [Git_repo['etherpad_repo'],
Buildsource["${base_install_dir}/nodejs"]], Buildsource["${base_install_dir}/nodejs"]],
before => File["${base_install_dir}/etherpad-lite/settings.json"] before => File["${base_install_dir}/etherpad-lite/settings.json"]

26
modules/etherpad_lite/manifests/nginx.pp
View File

@ -18,10 +18,34 @@ class etherpad_lite::nginx (
content => template('etherpad_lite/nginx.erb'), content => template('etherpad_lite/nginx.erb'),
replace => 'true', replace => 'true',
owner => 'root', owner => 'root',
require => Package['nginx'], require => File['/etc/nginx/ssl/eplite.crt', '/etc/nginx/ssl/eplite.key'],
notify => Service['nginx'] notify => Service['nginx']
} }
file { '/etc/nginx/ssl':
ensure => directory,
owner => 'root',
mode => 0700,
}
file { '/etc/nginx/ssl/eplite.crt':
ensure => present,
replace => true,
owner => 'root',
mode => 0600,
source => 'file:///root/secret-files/eplite.crt',
require => Package['nginx'],
}
file { '/etc/nginx/ssl/eplite.key':
ensure => present,
replace => true,
owner => 'root',
mode => 0600,
source => 'file:///root/secret-files/eplite.key',
require => Package['nginx'],
}
service { 'nginx': service { 'nginx':
enable => true, enable => true,
ensure => running, ensure => running,

2
modules/etherpad_lite/manifests/site.pp
View File

@ -30,7 +30,7 @@ class etherpad_lite::site (
require => Class['etherpad_lite'] require => Class['etherpad_lite']
} }
file { "${etherpad_lite::base_install_dir}/etherpad-lite/static/custom/pad.js": file { "${etherpad_lite::base_install_dir}/etherpad-lite/src/static/custom/pad.js":
ensure => 'present', ensure => 'present',
source => 'puppet:///modules/etherpad_lite/pad.js', source => 'puppet:///modules/etherpad_lite/pad.js',
owner => $etherpad_lite::ep_user, owner => $etherpad_lite::ep_user,

10
modules/etherpad_lite/templates/nginx.erb
View File

@ -22,8 +22,8 @@ server {
} }
} }
#server { server {
# listen 80 <%= default_server %>; listen 80 <%= default_server %>;
# server_name <%= server_name %>; server_name <%= server_name %>;
# rewrite ^(.*) https://$server_name$1 permanent; rewrite ^(.*) https://$server_name$1 permanent;
#} }

4
modules/etherpad_lite/templates/upstart.erb
View File

@ -19,8 +19,8 @@ pre-start script
end script end script
script script
cd $EPHOME/node cd $EPHOME
exec su -s /bin/sh -c 'exec "$0" "$@"' $EPUSER -- /usr/local/bin/node server.js \ exec su -s /bin/sh -c 'exec "$0" "$@"' $EPUSER -- /usr/local/bin/node node_modules/ep_etherpad-lite/node/server.js \
>> $EPLOGS/access.log \ >> $EPLOGS/access.log \
2>> $EPLOGS/error.log 2>> $EPLOGS/error.log
end script end script