From 0aeac8e91dbdf8d3c5a35db715bab797f1163303 Mon Sep 17 00:00:00 2001 From: "James E. Blair" Date: Thu, 15 Sep 2016 09:35:03 -0700 Subject: [PATCH] Add files01.openstack.org Change-Id: Ia2f5e365621e0bef65863b7b15daebb207e42493 --- hiera/common.yaml | 1 + manifests/site.pp | 16 ++++++ modules/openstack_project/manifests/files.pp | 52 +++++++++++++++++++ .../templates/files.vhost.erb | 31 +++++++++++ 4 files changed, 100 insertions(+) create mode 100644 modules/openstack_project/manifests/files.pp create mode 100644 modules/openstack_project/templates/files.vhost.erb diff --git a/hiera/common.yaml b/hiera/common.yaml index 35213d6e7f..1b4c97b075 100644 --- a/hiera/common.yaml +++ b/hiera/common.yaml @@ -289,6 +289,7 @@ cacti_hosts: - elasticsearch07.openstack.org - etherpad-dev.openstack.org - etherpad.openstack.org +- files01.openstack.org - firehose01.openstack.org - git.openstack.org - git01.openstack.org diff --git a/manifests/site.pp b/manifests/site.pp index d3702124eb..6ef3d4faec 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -601,6 +601,22 @@ node 'design-summit-prep.openstack.org' { } } +# Serve static AFS content for docs and other sites. +# Node-OS: trusty +node 'files01.openstack.org' { + class { 'openstack_project::server': + iptables_public_tcp_ports => [22, 80], + sysadmins => hiera('sysadmins', []), + afs => true, + afs_cache_size => 10000000, # 10GB + } + + class { 'openstack_project::files': + vhost_name => 'files.openstack.org', + require => Class['Openstack_project::Server'], + } +} + # Node-OS: trusty node 'refstack.openstack.org' { class { 'openstack_project::server': diff --git a/modules/openstack_project/manifests/files.pp b/modules/openstack_project/manifests/files.pp new file mode 100644 index 0000000000..22ee6b2695 --- /dev/null +++ b/modules/openstack_project/manifests/files.pp @@ -0,0 +1,52 @@ +# == Class: openstack_project::files +# +class openstack_project::files ( + $vhost_name = $::fqdn, +) { + + $afs_root = '/afs/openstack.org/' + $www_base = '/var/www' + + ##################################################### + # Build Apache Webroot + file { "${www_base}": + ensure => directory, + owner => root, + group => root, + } + + file { "${www_base}/robots.txt": + ensure => present, + owner => 'root', + group => 'root', + mode => '0444', + source => 'puppet:///modules/openstack_project/disallow_robots.txt', + require => File["${www_base}"], + } + + ##################################################### + # Build VHost + include ::httpd + + ::httpd::vhost { $vhost_name: + port => 80, + priority => '50', + docroot => "${afs_root}", + template => 'openstack_project/files.vhost.erb', + require => [ + File["${www_base}"], + ] + } + + class { '::httpd::logrotate': + options => [ + 'daily', + 'missingok', + 'rotate 7', + 'compress', + 'delaycompress', + 'notifempty', + 'create 640 root adm', + ], + } +} diff --git a/modules/openstack_project/templates/files.vhost.erb b/modules/openstack_project/templates/files.vhost.erb new file mode 100644 index 0000000000..b163b26c1e --- /dev/null +++ b/modules/openstack_project/templates/files.vhost.erb @@ -0,0 +1,31 @@ +# ************************************ +# Managed by Puppet +# ************************************ + +NameVirtualHost <%= @vhost_name %>:<%= @port %> +:<%= @port %>> + ServerName <%= @srvname %> + <% if @serveraliases.is_a? Array -%> + <% @serveraliases.each do |name| -%><%= " ServerAlias #{name}\n" %><% end -%> + <% elsif @serveraliases != nil -%> + <%= " ServerAlias #{@serveraliases}" -%> + <% end -%> + + DocumentRoot <%= @docroot %> + > + Satisfy any + Require all granted + + + Alias /robots.txt /var/www/robots.txt + + Require all granted + + + RewriteEngine On + + ErrorLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/<%= @name %>_error.log + LogLevel warn + CustomLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/<%= @name %>_access.log combined + ServerSignature Off +