Use split-out storyboard module
This uses the source install modules functionality to grab the storyboard module. It pins to the commit hash right now so we will need to update that periodically. This removes the storyboard module directory entirely since we no longer need it. Change-Id: Iceab5501fa0c177f55db1a6b723b6b215fca9ed0
This commit is contained in:
parent
2fa821d2ce
commit
74bd3d233e
@ -57,6 +57,7 @@ MODULES["stankevich-python"]="1.6.6"
|
||||
MODULES["example42-puppi"]="2.1.9"
|
||||
|
||||
SOURCE_MODULES["https://github.com/nibalizer/puppet-module-puppetboard"]="2.4.0"
|
||||
SOURCE_MODULES["https://git.openstack.org/openstack-infra/puppet-storyboard"]="e4857b1a70d697cca2e8eedeb626a4422c705bdf"
|
||||
|
||||
MODULE_LIST=`puppet module list`
|
||||
|
||||
|
@ -1,15 +0,0 @@
|
||||
name 'openstack-storyboard'
|
||||
version '0.0.1'
|
||||
source 'git://git.openstack.org/openstack-infra/puppet-storyboard.git'
|
||||
author 'openstackci'
|
||||
license 'Apache 2.0'
|
||||
summary 'Puppet module for the OpenStack StoryBoard'
|
||||
description 'This module configures StoryBoard either as a standalone, localhost instance or as a fully configurable WSGI app.'
|
||||
project_page 'https://github.com/openstack-ci/puppet-storyboard'
|
||||
|
||||
## Add dependencies, if any:
|
||||
dependency 'puppetlabs/mysql', '= 0.6.1'
|
||||
dependency 'puppetlabs/apache', '= 0.0.4'
|
||||
dependency 'example42/puppi', '= 2.1.9'
|
||||
dependency 'openstackci/vcsrepo', '= 0.0.8'
|
||||
dependency 'stankevich/python', '= 1.6.6'
|
@ -1,168 +0,0 @@
|
||||
# OpenStack StoryBoard Module
|
||||
|
||||
Michael Krotscheck <krotscheck@gmail.com>
|
||||
|
||||
This module manages and installs OpenStack StoryBoard. It can be installed
|
||||
either as a standalone instance with all dependencies included, or
|
||||
buffet-style per component.
|
||||
|
||||
# Quick Start
|
||||
|
||||
To install StoryBoard and configure it with sane defaults, include the
|
||||
following in your site.pp file:
|
||||
|
||||
node default {
|
||||
include storyboard
|
||||
}
|
||||
|
||||
# Configuration
|
||||
|
||||
The StoryBoard puppet module is separated into individual components which
|
||||
StoryBoard needs to run. These can either be installed independently with
|
||||
their own configurations, or with the centralized configuration provided by
|
||||
the storyboard module. For specific configuration options, please see the
|
||||
appropriate section.
|
||||
|
||||
## ::storyboard
|
||||
A module that installs a standalone instance of StoryBoard.
|
||||
|
||||
The standalone StoryBoard module will install a fully functional, independent
|
||||
instance of StoryBoard on your node. It includes a local instance of mysql,
|
||||
an HTTPS vhost using the apache snakeoil certificates, and an automatic
|
||||
redirect from http://$hostname to https://$hostname/.
|
||||
|
||||
node default {
|
||||
class { 'storyboard':
|
||||
mysql_database => 'storyboard',
|
||||
mysql_user => 'storyboard',
|
||||
mysql_user_password => 'changeme',
|
||||
hostname => ::fqdn,
|
||||
openid_url => 'https://login.launchpad.net/+openid',
|
||||
ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem',
|
||||
ssl_cert_content => undef,
|
||||
ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key',
|
||||
ssl_key_content => undef,
|
||||
ssl_ca_file => undef,
|
||||
ssl_ca_content => undef
|
||||
}
|
||||
}
|
||||
|
||||
NOTE: If you don't want an SSL host, set all of the ssl_* parameters to
|
||||
undef.
|
||||
|
||||
## ::storyboard::mysql
|
||||
A module that installs a local mysql database for StoryBoard
|
||||
|
||||
This module installs a standalone mysql instance with a StoryBoard database
|
||||
and a user that is able to access. It is used by the
|
||||
<code>::storyboard</code> to provide the database, and may be used for minor
|
||||
customizations of a standalone-like install.
|
||||
|
||||
node default {
|
||||
class { 'storyboard::mysql':
|
||||
mysql_database => 'storyboard',
|
||||
mysql_user => 'storyboard',
|
||||
mysql_user_password => 'changeme'
|
||||
}
|
||||
}
|
||||
|
||||
## ::storyboard::cert
|
||||
A module that installs an ssl certificate chain for StoryBoard
|
||||
|
||||
This module can be used if you want to add SSL/TLS support to the apache
|
||||
instance that is hosting StoryBoard. Simply tell it where it should read
|
||||
the contents of the various certificates and keys from, and it will move
|
||||
them into the correct place for StoryBoard.
|
||||
|
||||
Note that this module supports both string content certificates or file
|
||||
references. To pick one over the other, make sure that the undesired method
|
||||
is set to <code>undef</code>. You can also customize where the certificate
|
||||
will be saved, however that's not strictly necessary.
|
||||
|
||||
node default {
|
||||
class { 'storyboard::cert':
|
||||
$ssl_cert_file = undef,
|
||||
$ssl_cert_content = undef,
|
||||
$ssl_cert = '/etc/ssl/certs/storyboard.openstack.org.pem',
|
||||
|
||||
$ssl_key_file = undef,
|
||||
$ssl_key_content = undef,
|
||||
$ssl_key = '/etc/ssl/private/storyboard.openstack.org.key',
|
||||
|
||||
$ssl_ca_file = undef,
|
||||
$ssl_ca_content = undef,
|
||||
$ssl_ca = '/etc/ssl/certs/ca.pem'
|
||||
}
|
||||
}
|
||||
|
||||
## ::storyboard::application
|
||||
A module that installs the storyboard webclient and API.
|
||||
|
||||
This module can be used if you want to provide your own database, and only
|
||||
want the API, webclient, and storyboard configuration managed on your node.
|
||||
It will automatically detect the existence of <code>storyboard::cert</code>,
|
||||
and adjust the apache vhost accordingly.
|
||||
|
||||
node default {
|
||||
class { 'storyboard::application':
|
||||
# Installation parameters
|
||||
www_root => '/var/lib/storyboard/www',
|
||||
server_admin => undef,
|
||||
hostname => ::fqdn,
|
||||
|
||||
# storyboard.conf parameters
|
||||
access_token_ttl => 3600,
|
||||
refresh_token_ttl => 604800,
|
||||
openid_url => 'https://login.launchpad.net/+openid',
|
||||
mysql_host => 'localhost',
|
||||
mysql_port => 3306,
|
||||
mysql_database => 'storyboard',
|
||||
mysql_user => 'storyboard',
|
||||
mysql_user_password => 'changeme'
|
||||
}
|
||||
}
|
||||
|
||||
## ::storyboard::load_projects
|
||||
A module that seeds the database with a predefined list of projects.
|
||||
|
||||
This module will maintain the list of projects in the storyboard database,
|
||||
and keep it up to date with the content of the provided configuration file.
|
||||
Projects not found in the file will be deleted, projects not found in the
|
||||
database will be added. Note that the 'use-storyboard' flag MUST be set.
|
||||
|
||||
node default {
|
||||
class { 'storyboard::load_projects':
|
||||
source => 'puppet:///modules/openstack_project/projects.yaml'
|
||||
}
|
||||
}
|
||||
|
||||
File content format:
|
||||
|
||||
- project: openstack/storyboard
|
||||
description: The StoryBoard API
|
||||
use-storyboard: true
|
||||
- project: openstack/storyboard-webclient
|
||||
description: The StoryBoard HTTP client
|
||||
use-storyboard: true
|
||||
|
||||
## ::storyboard::load_superusers
|
||||
A module that maintains the list of superusers.
|
||||
|
||||
This module will maintain the list of superusers (administrators) in the
|
||||
storyboard database, and keep it up to date with the content of the provided
|
||||
configuration file. Users are referenced by openID and keyed by email
|
||||
address, however all other information will be persisted from the
|
||||
OpenID provider.
|
||||
|
||||
node default {
|
||||
class { 'storyboard::load_superusers':
|
||||
source => 'puppet:///modules/openstack_project/superusers.yaml'
|
||||
}
|
||||
}
|
||||
|
||||
File content format:
|
||||
|
||||
- openid: https://login.launchpad.net/+id/some_openid
|
||||
email: your_email@some_email_host.com
|
||||
- openid: https://login.launchpad.net/+id/some_other_id
|
||||
email: admin_email@some_email_host.com
|
@ -1,183 +0,0 @@
|
||||
# Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# == Class: storyboard::application
|
||||
#
|
||||
# This module installs the storyboard webclient and the api onto the current
|
||||
# host. If storyboard::cert is defined, it will use a https vhost, otherwise
|
||||
# it'll just use http.
|
||||
#
|
||||
class storyboard::application (
|
||||
|
||||
# Installation parameters
|
||||
$www_root = '/var/lib/storyboard/www',
|
||||
$server_admin = undef,
|
||||
$hostname = $::fqdn,
|
||||
|
||||
# storyboard.conf parameters
|
||||
$access_token_ttl = 3600,
|
||||
$refresh_token_ttl = 604800,
|
||||
$openid_url,
|
||||
$mysql_host = 'localhost',
|
||||
$mysql_port = 3306,
|
||||
$mysql_database = 'storyboard',
|
||||
$mysql_user = 'storyboard',
|
||||
$mysql_user_password = 'changeme',
|
||||
) {
|
||||
|
||||
# Dependencies
|
||||
require storyboard::params
|
||||
include apache
|
||||
include apache::mod::wsgi
|
||||
|
||||
class { 'python':
|
||||
pip => true,
|
||||
dev => true,
|
||||
}
|
||||
include python::install
|
||||
include mysql::python
|
||||
|
||||
if !defined(Package['git']) {
|
||||
package { 'git':
|
||||
ensure => present
|
||||
}
|
||||
}
|
||||
|
||||
# Create the storyboard configuration directory.
|
||||
file { '/etc/storyboard':
|
||||
ensure => directory,
|
||||
owner => $storyboard::params::user,
|
||||
group => $storyboard::params::group,
|
||||
mode => '0700',
|
||||
}
|
||||
|
||||
# Configure the StoryBoard API
|
||||
file { '/etc/storyboard/storyboard.conf':
|
||||
ensure => present,
|
||||
owner => $storyboard::params::user,
|
||||
group => $storyboard::params::group,
|
||||
mode => '0400',
|
||||
content => template('storyboard/storyboard.conf.erb'),
|
||||
notify => Service['httpd'],
|
||||
require => [
|
||||
Class['apache::params'],
|
||||
File['/etc/storyboard']
|
||||
]
|
||||
}
|
||||
|
||||
# Download the latest StoryBoard Source
|
||||
vcsrepo { '/opt/storyboard':
|
||||
ensure => latest,
|
||||
provider => git,
|
||||
revision => 'master',
|
||||
source => 'https://git.openstack.org/openstack-infra/storyboard/',
|
||||
require => Package['git']
|
||||
}
|
||||
|
||||
# Run pip
|
||||
exec { 'install-storyboard' :
|
||||
command => 'pip install /opt/storyboard',
|
||||
path => '/usr/local/bin:/usr/bin:/bin/',
|
||||
refreshonly => true,
|
||||
subscribe => Vcsrepo['/opt/storyboard'],
|
||||
notify => Service['httpd'],
|
||||
require => [
|
||||
Class['apache::params'],
|
||||
Class['python::install'],
|
||||
]
|
||||
}
|
||||
|
||||
# Create the root dir
|
||||
file { '/var/lib/storyboard':
|
||||
ensure => directory,
|
||||
owner => $storyboard::params::user,
|
||||
group => $storyboard::params::group,
|
||||
}
|
||||
|
||||
# Create the log dir
|
||||
file { '/var/log/storyboard':
|
||||
ensure => directory,
|
||||
owner => $storyboard::params::user,
|
||||
group => $storyboard::params::group,
|
||||
}
|
||||
|
||||
# Install the wsgi app
|
||||
file { '/var/lib/storyboard/storyboard.wsgi':
|
||||
source => '/opt/storyboard/storyboard/api/app.wsgi',
|
||||
owner => $storyboard::params::user,
|
||||
group => $storyboard::params::group,
|
||||
require => [
|
||||
File['/var/lib/storyboard'],
|
||||
Exec['install-storyboard'],
|
||||
],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
# Migrate the database
|
||||
exec { 'migrate-storyboard-db':
|
||||
command => 'storyboard-db-manage --config-file /etc/storyboard/storyboard.conf upgrade head',
|
||||
path => '/usr/local/bin:/usr/bin:/bin/',
|
||||
refreshonly => true,
|
||||
subscribe => [
|
||||
Exec['install-storyboard'],
|
||||
File['/etc/storyboard/storyboard.conf'],
|
||||
],
|
||||
require => [
|
||||
Class['mysql::python'],
|
||||
File['/etc/storyboard/storyboard.conf'],
|
||||
],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
# Download the latest storyboard-webclient
|
||||
puppi::netinstall { 'storyboard-webclient':
|
||||
url => 'http://tarballs.openstack.org/storyboard-webclient/storyboard-webclient-latest.tar.gz',
|
||||
destination_dir => '/opt/storyboard-webclient',
|
||||
extracted_dir => 'dist',
|
||||
}
|
||||
|
||||
# Copy the downloaded source into the configured www_root
|
||||
file { $www_root:
|
||||
ensure => directory,
|
||||
owner => $storyboard::params::user,
|
||||
group => $storyboard::params::group,
|
||||
require => Puppi::Netinstall['storyboard-webclient'],
|
||||
source => '/opt/storyboard-webclient/dist',
|
||||
recurse => true,
|
||||
purge => true,
|
||||
force => true,
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
# Are we setting up TLS or non-TLS?
|
||||
if defined(Class['storyboard::cert']) {
|
||||
# Set up storyboard as HTTPS
|
||||
apache::vhost { $hostname:
|
||||
port => 443,
|
||||
docroot => $www_root,
|
||||
priority => '50',
|
||||
template => 'storyboard/storyboard_https.vhost.erb',
|
||||
ssl => true,
|
||||
}
|
||||
} else {
|
||||
# Set up storyboard as HTTPS
|
||||
apache::vhost { $hostname:
|
||||
port => 80,
|
||||
docroot => $www_root,
|
||||
priority => '50',
|
||||
template => 'storyboard/storyboard_http.vhost.erb',
|
||||
ssl => false,
|
||||
}
|
||||
}
|
||||
}
|
@ -1,112 +0,0 @@
|
||||
# Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# == Class: storyboard::cert
|
||||
#
|
||||
# This module sets up the SSL certificate for storyboard, sourcing the content of the
|
||||
# certificates either from a file or from a string. If included,
|
||||
# it will be automatically detected within storyboard::application and the
|
||||
# application will be hosted over https rather than http.
|
||||
#
|
||||
class storyboard::cert (
|
||||
$ssl_cert_file = undef,
|
||||
$ssl_cert_content = undef,
|
||||
$ssl_cert = '/etc/ssl/certs/storyboard.pem',
|
||||
|
||||
$ssl_key_file = undef,
|
||||
$ssl_key_content = undef,
|
||||
$ssl_key = '/etc/ssl/private/storyboard.key',
|
||||
|
||||
$ssl_ca_file = undef,
|
||||
$ssl_ca_content = undef,
|
||||
$ssl_ca = undef, # '/etc/ssl/certs/ca.pem'
|
||||
) {
|
||||
|
||||
if $ssl_cert_file != undef {
|
||||
file { $ssl_cert:
|
||||
owner => 'root',
|
||||
group => 'ssl-cert',
|
||||
mode => '0640',
|
||||
source => $ssl_cert_file,
|
||||
before => Class['storyboard::application'],
|
||||
notify => Class['storyboard::application'],
|
||||
}
|
||||
}
|
||||
elsif $ssl_cert_content != undef {
|
||||
file { $ssl_cert:
|
||||
owner => 'root',
|
||||
group => 'ssl-cert',
|
||||
mode => '0640',
|
||||
content => $ssl_cert_content,
|
||||
before => Class['storyboard::application'],
|
||||
notify => Class['storyboard::application'],
|
||||
}
|
||||
}
|
||||
else {
|
||||
fail('When including storyboard::cert, you must define either $ssl_cert_file or $ssl_cert_content')
|
||||
}
|
||||
|
||||
if $ssl_key_file != undef {
|
||||
file { $ssl_key:
|
||||
owner => 'root',
|
||||
group => 'ssl-cert',
|
||||
mode => '0640',
|
||||
source => $ssl_key_file,
|
||||
before => Class['storyboard::application'],
|
||||
notify => Class['storyboard::application'],
|
||||
}
|
||||
}
|
||||
elsif $ssl_key_content != undef {
|
||||
file { $ssl_key:
|
||||
owner => 'root',
|
||||
group => 'ssl-cert',
|
||||
mode => '0640',
|
||||
content => $ssl_key_content,
|
||||
before => Class['storyboard::application'],
|
||||
notify => Class['storyboard::application'],
|
||||
}
|
||||
}
|
||||
else {
|
||||
fail('When including storyboard::cert, you must define either $ssl_key_file or $ssl_key_content')
|
||||
}
|
||||
|
||||
# CA file needs special treatment, since we want the path variable
|
||||
# to be undef in some cases.
|
||||
if ($ssl_ca_file != undef or $ssl_ca_content != undef) and $ssl_ca == undef {
|
||||
$resolved_ssl_ca = '/etc/ssl/certs/storyboard.ca.pem'
|
||||
} else {
|
||||
$resolved_ssl_ca = $ssl_ca
|
||||
}
|
||||
|
||||
if $ssl_ca_file != undef {
|
||||
file { $resolved_ssl_ca:
|
||||
owner => 'root',
|
||||
group => 'ssl-cert',
|
||||
mode => '0640',
|
||||
source => $ssl_ca_file,
|
||||
before => Class['storyboard::application'],
|
||||
notify => Class['storyboard::application'],
|
||||
}
|
||||
}
|
||||
elsif $ssl_ca_content != undef {
|
||||
file { $resolved_ssl_ca:
|
||||
owner => 'root',
|
||||
group => 'ssl-cert',
|
||||
mode => '0640',
|
||||
content => $ssl_ca_content,
|
||||
before => Class['storyboard::application'],
|
||||
notify => Class['storyboard::application'],
|
||||
}
|
||||
}
|
||||
}
|
@ -1,61 +0,0 @@
|
||||
# Copyright (c) 2014 Mirantis Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# == Class: storyboard
|
||||
#
|
||||
# This class will install a fully functional standalone instance of
|
||||
# storyboard on the current instance. It includes database setup and
|
||||
# a set of sane configuration defaults. For more precise configuration,
|
||||
# please use individual submodules.
|
||||
#
|
||||
class storyboard (
|
||||
$mysql_database = 'storyboard',
|
||||
$mysql_user = 'storyboard',
|
||||
$mysql_user_password = 'changeme',
|
||||
$hostname = $::fqdn,
|
||||
$openid_url = 'https://login.launchpad.net/+openid',
|
||||
|
||||
$ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem',
|
||||
$ssl_cert_content = undef,
|
||||
$ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key',
|
||||
$ssl_key_content = undef,
|
||||
$ssl_ca_file = undef,
|
||||
$ssl_ca_content = undef,
|
||||
) {
|
||||
|
||||
class { '::storyboard::cert':
|
||||
ssl_cert_file => $ssl_cert_file,
|
||||
ssl_cert_content => $ssl_cert_content,
|
||||
ssl_key_file => $ssl_key_file,
|
||||
ssl_key_content => $ssl_key_content,
|
||||
ssl_ca_file => $ssl_ca_file,
|
||||
ssl_ca_content => $ssl_ca_content,
|
||||
}
|
||||
|
||||
class { '::storyboard::mysql':
|
||||
mysql_database => $mysql_database,
|
||||
mysql_user => $mysql_user,
|
||||
mysql_user_password => $mysql_user_password,
|
||||
}
|
||||
|
||||
class { '::storyboard::application':
|
||||
hostname => $hostname,
|
||||
openid_url => $openid_url,
|
||||
mysql_host => 'localhost',
|
||||
mysql_port => 3306,
|
||||
mysql_database => $mysql_database,
|
||||
mysql_user => $mysql_user,
|
||||
mysql_user_password => $mysql_user_password,
|
||||
}
|
||||
}
|
@ -1,56 +0,0 @@
|
||||
# Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# == Class: storyboard::load_projects
|
||||
#
|
||||
# This module will preload a batch of projects into the storyboard database.
|
||||
# The file should be formatted as yaml, with each entry similar to the
|
||||
# following:
|
||||
#
|
||||
# - project: openstack/storyboard
|
||||
# description: The StoryBoard API
|
||||
# use-storyboard: true
|
||||
# - project: openstack/storyboard-webclient
|
||||
# description: The StoryBoard HTTP client
|
||||
# use-storyboard: true
|
||||
#
|
||||
class storyboard::load_projects (
|
||||
$source,
|
||||
) {
|
||||
|
||||
include storyboard::params
|
||||
include storyboard::application
|
||||
|
||||
$project_file_path = '/var/lib/storyboard/projects.yaml'
|
||||
|
||||
file { $project_file_path:
|
||||
ensure => present,
|
||||
owner => $storyboard::params::user,
|
||||
group => $storyboard::params::group,
|
||||
mode => '0400',
|
||||
source => $source,
|
||||
replace => true,
|
||||
require => [
|
||||
Class['storyboard::application'],
|
||||
]
|
||||
}
|
||||
|
||||
exec { 'load-projects-yaml':
|
||||
command => "storyboard-db-manage --config-file /etc/storyboard/storyboard.conf load_projects ${project_file_path}",
|
||||
path => '/usr/local/bin:/usr/bin:/bin/',
|
||||
refreshonly => true,
|
||||
subscribe => File[$project_file_path],
|
||||
require => File[$project_file_path],
|
||||
}
|
||||
}
|
@ -1,52 +0,0 @@
|
||||
# Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# == Class: storyboard::load_superusers
|
||||
#
|
||||
# This module will load a batch of superusers into the storyboard database.
|
||||
# The file should be formatted as yaml, with each entry similar to the
|
||||
# following:
|
||||
#
|
||||
# - openid: https://login.launchpad.net/+id/some_openid
|
||||
# email: your_email@some_email_host.com
|
||||
#
|
||||
class storyboard::load_superusers (
|
||||
$source,
|
||||
) {
|
||||
|
||||
include storyboard::params
|
||||
include storyboard::application
|
||||
|
||||
$superuser_file_path = '/var/lib/storyboard/superusers.yaml'
|
||||
|
||||
file { $superuser_file_path:
|
||||
ensure => present,
|
||||
owner => $storyboard::params::user,
|
||||
group => $storyboard::params::group,
|
||||
mode => '0400',
|
||||
source => $source,
|
||||
replace => true,
|
||||
require => [
|
||||
Class['storyboard::application'],
|
||||
]
|
||||
}
|
||||
|
||||
exec { 'load-superusers-yaml':
|
||||
command => "storyboard-db-manage --config-file /etc/storyboard/storyboard.conf load_superusers ${superuser_file_path}",
|
||||
path => '/usr/local/bin:/usr/bin:/bin/',
|
||||
refreshonly => true,
|
||||
subscribe => File[$superuser_file_path],
|
||||
require => File[$superuser_file_path],
|
||||
}
|
||||
}
|
@ -1,36 +0,0 @@
|
||||
# Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# == Class: storyboard::mysql
|
||||
#
|
||||
# The StoryBoard MySQL manifest will install a standalone, localhost instance
|
||||
# of mysql for storyboard to connect to.
|
||||
#
|
||||
class storyboard::mysql (
|
||||
$mysql_database = 'storyboard',
|
||||
$mysql_user = 'storyboard',
|
||||
$mysql_user_password = 'changeme',
|
||||
) {
|
||||
|
||||
# Install MySQL
|
||||
include mysql::server
|
||||
|
||||
# Add the storyboard database.
|
||||
mysql::db { $mysql_database:
|
||||
user => $mysql_user,
|
||||
password => $mysql_user_password,
|
||||
host => 'localhost',
|
||||
grant => ['all'],
|
||||
}
|
||||
}
|
@ -1,34 +0,0 @@
|
||||
# Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# == Class: storyboard::params
|
||||
#
|
||||
# Centralized configuration management for the storyboard module.
|
||||
#
|
||||
class storyboard::params () {
|
||||
|
||||
include apache::params
|
||||
|
||||
$user = $apache::params::user
|
||||
$group = $apache::params::group
|
||||
|
||||
case $::osfamily {
|
||||
'Debian': {
|
||||
# Do nothing, since all the defaults are debian-specific.
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily: ${::osfamily} The 'storyboard' module only supports osfamily Debian.")
|
||||
}
|
||||
}
|
||||
}
|
@ -1,87 +0,0 @@
|
||||
[DEFAULT]
|
||||
# Default log level is INFO
|
||||
# verbose and debug has the same result.
|
||||
# One of them will set DEBUG log level output
|
||||
# debug = False
|
||||
# verbose = False
|
||||
|
||||
# Where to store lock files
|
||||
lock_path = $state_path/lock
|
||||
|
||||
# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s
|
||||
# log_date_format = %Y-%m-%d %H:%M:%S
|
||||
|
||||
# use_syslog -> syslog
|
||||
# log_file and log_dir -> log_dir/log_file
|
||||
# (not log_file) and log_dir -> log_dir/{binary_name}.log
|
||||
# use_stderr -> stderr
|
||||
# (not user_stderr) and (not log_file) -> stdout
|
||||
# publish_errors -> notification system
|
||||
|
||||
# use_syslog = False
|
||||
# syslog_log_facility = LOG_USER
|
||||
|
||||
# use_stderr = True
|
||||
# log_file =
|
||||
# log_dir =
|
||||
|
||||
# publish_errors = False
|
||||
|
||||
# Address to bind the API server
|
||||
# bind_host = 0.0.0.0
|
||||
|
||||
# Port the bind the API server to
|
||||
# bind_port = 8080
|
||||
|
||||
# OpenId Authentication endpoint
|
||||
openid_url = <%= @openid_url %>
|
||||
|
||||
# Time in seconds before an access_token expires
|
||||
access_token_ttl = <%= @access_token_ttl %>
|
||||
|
||||
# Time in seconds before an refresh_token expires
|
||||
refresh_token_ttl = <%= @refresh_token_ttl %>
|
||||
|
||||
# List paging configuration options.
|
||||
# page_size_maximum = 500
|
||||
# page_size_default = 20
|
||||
|
||||
[database]
|
||||
# This line MUST be changed to actually run storyboard
|
||||
# Example:
|
||||
# connection = mysql://root:pass@127.0.0.1:3306/storyboard
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main storyboard server. (Leave it as is if the database runs on this host.)
|
||||
connection=mysql://<%= @mysql_user %>:<%= @mysql_user_password %>@<%= @mysql_host %>:<%= @mysql_port %>/<%= @mysql_database %>
|
||||
|
||||
# The SQLAlchemy connection string used to connect to the slave database
|
||||
# slave_connection =
|
||||
|
||||
# Database reconnection retry times - in event connectivity is lost
|
||||
# set to -1 implies an infinite retry count
|
||||
# max_retries = 10
|
||||
|
||||
# Database reconnection interval in seconds - if the initial connection to the
|
||||
# database fails
|
||||
# retry_interval = 10
|
||||
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# min_pool_size = 1
|
||||
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# max_pool_size = 10
|
||||
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# idle_timeout = 3600
|
||||
|
||||
# If set, use this value for max_overflow with sqlalchemy
|
||||
# max_overflow = 20
|
||||
|
||||
# Verbosity of SQL debugging information. 0=None, 100=Everything
|
||||
# connection_debug = 0
|
||||
|
||||
# Add python stack traces to SQL as comment strings
|
||||
# connection_trace = False
|
||||
|
||||
# If set, use this value for pool_timeout with sqlalchemy
|
||||
# pool_timeout = 10
|
@ -1,17 +0,0 @@
|
||||
<VirtualHost <%= scope.lookupvar("storyboard::application::hostname") %>:80>
|
||||
<% if scope.lookupvar("storyboard::application::serveradmin") %>
|
||||
ServerAdmin <%= scope.lookupvar("storyboard::application::serveradmin") %>
|
||||
<% end %>
|
||||
ServerName <%= scope.lookupvar("storyboard::application::hostname") %>
|
||||
|
||||
DocumentRoot <%= scope.lookupvar("storyboard::application::www_root") %>
|
||||
|
||||
WSGIDaemonProcess storyboard user=<%= scope.lookupvar("storyboard::params::user") %> group=<%= scope.lookupvar("storyboard::params::group") %> threads=5 python-path=/usr/local/lib/python2.7/dist-packages
|
||||
WSGIScriptAlias /api /var/lib/storyboard/storyboard.wsgi
|
||||
WSGIPassAuthorization On
|
||||
|
||||
LogLevel warn
|
||||
ErrorLog ${APACHE_LOG_DIR}/storyboard-error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/storyboard-access.log combined
|
||||
|
||||
</VirtualHost>
|
@ -1,54 +0,0 @@
|
||||
<VirtualHost <%= scope.lookupvar("storyboard::application::hostname") %>:80>
|
||||
<% if (scope.lookupvar("storyboard::application::serveradmin") != :undefined) %>
|
||||
ServerAdmin <%= scope.lookupvar("storyboard::application::serveradmin") %>
|
||||
<% end %>
|
||||
ServerName <%= scope.lookupvar("storyboard::application::hostname") %>
|
||||
|
||||
DocumentRoot <%= scope.lookupvar("storyboard::application::www_root") %>
|
||||
|
||||
Redirect / https://<%= scope.lookupvar("storyboard::application::hostname") %>/
|
||||
|
||||
LogLevel warn
|
||||
ErrorLog ${APACHE_LOG_DIR}/storyboard-error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/storyboard-access.log combined
|
||||
|
||||
</VirtualHost>
|
||||
<IfModule mod_ssl.c>
|
||||
<VirtualHost <%= scope.lookupvar("storyboard::application::hostname") %>:443>
|
||||
<% if (scope.lookupvar("storyboard::application::serveradmin") != :undefined) %>
|
||||
ServerAdmin <%= scope.lookupvar("storyboard::application::serveradmin") %>
|
||||
<% end %>
|
||||
ServerName <%= scope.lookupvar("storyboard::application::hostname") %>
|
||||
|
||||
LogLevel warn
|
||||
ErrorLog ${APACHE_LOG_DIR}/storyboard-ssl-error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/storyboard-ssl-access.log combined
|
||||
|
||||
SSLEngine on
|
||||
|
||||
SSLCertificateFile <%= scope.lookupvar("storyboard::cert::ssl_cert") %>
|
||||
SSLCertificateKeyFile <%= scope.lookupvar("storyboard::cert::ssl_key") %>
|
||||
<% if scope.lookupvar("storyboard::cert::ssl_ca") != :undef %>
|
||||
SSLCertificateChainFile <%= scope.lookupvar("storyboard::cert::ssl_ca") %>
|
||||
<% end %>
|
||||
|
||||
<FilesMatch "\.(cgi|shtml|phtml|php)$">
|
||||
SSLOptions +StdEnvVars
|
||||
</FilesMatch>
|
||||
<Directory /usr/lib/cgi-bin>
|
||||
SSLOptions +StdEnvVars
|
||||
</Directory>
|
||||
|
||||
BrowserMatch "MSIE [2-6]" \
|
||||
nokeepalive ssl-unclean-shutdown \
|
||||
downgrade-1.0 force-response-1.0
|
||||
# MSIE 7 and newer should be able to use keepalive
|
||||
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
|
||||
|
||||
DocumentRoot <%= scope.lookupvar("storyboard::application::www_root") %>
|
||||
|
||||
WSGIDaemonProcess storyboard user=<%= scope.lookupvar("storyboard::params::user") %> group=<%= scope.lookupvar("storyboard::params::group") %> threads=5 python-path=/usr/local/lib/python2.7/dist-packages
|
||||
WSGIScriptAlias /api /var/lib/storyboard/storyboard.wsgi
|
||||
WSGIPassAuthorization On
|
||||
</VirtualHost>
|
||||
</IfModule>
|
Loading…
Reference in New Issue
Block a user