From 8fd247acc3370fc6c89411659c7e56dc8b3520fd Mon Sep 17 00:00:00 2001 From: Elizabeth Krumbach Date: Mon, 4 Feb 2013 14:25:02 -0800 Subject: [PATCH] Add puppet files for reviewday Initial add of puppet files so reviewday can be deployed on the static webserver. Fixes: bug #1082785 Change-Id: Ie5516e82bfc9dfea95b53285c46aa881d5c05f32 Reviewed-on: https://review.openstack.org/21158 Reviewed-by: James E. Blair Approved: Jeremy Stanley Reviewed-by: Jeremy Stanley Tested-by: Jenkins --- manifests/site.pp | 5 +- modules/openstack_project/manifests/static.pp | 13 +++ modules/reviewday/manifests/init.pp | 90 +++++++++++++++++++ modules/reviewday/manifests/site.pp | 60 +++++++++++++ .../reviewday/templates/reviewday.vhost.erb | 10 +++ modules/reviewday/templates/ssh_config.erb | 6 ++ 6 files changed, 183 insertions(+), 1 deletion(-) create mode 100644 modules/reviewday/manifests/init.pp create mode 100644 modules/reviewday/manifests/site.pp create mode 100644 modules/reviewday/templates/reviewday.vhost.erb create mode 100644 modules/reviewday/templates/ssh_config.erb diff --git a/manifests/site.pp b/manifests/site.pp index 926fac8cca..da9fd7d3a3 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -199,7 +199,10 @@ node 'summit.openstack.org' { # A machine to serve static content. node 'static.openstack.org' { class { 'openstack_project::static': - sysadmins => hiera('sysadmins'), + sysadmins => hiera('sysadmins'), + reviewday_rsa_key_contents => hiera('reviewday_rsa_key_contents'), + reviewday_rsa_pubkey_contents => hiera('reviewday_rsa_pubkey_contents'), + reviewday_gerrit_ssh_key => hiera('gerrit_ssh_rsa_pubkey_contents'), } } diff --git a/modules/openstack_project/manifests/static.pp b/modules/openstack_project/manifests/static.pp index c824641b7f..478fb82236 100644 --- a/modules/openstack_project/manifests/static.pp +++ b/modules/openstack_project/manifests/static.pp @@ -127,4 +127,17 @@ class openstack_project::static ( command => 'sleep $((RANDOM\%600)) && flock -n /var/run/gziplogs.lock find /srv/static/logs/ -type f -not -name robots.txt -not -name \*.gz \( -name \*.txt -or -name \*.html -or -name tmp\* \) -exec gzip \{\} \;', environment => 'PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin', } + + include ::reviewday + + reviewday::site { 'reviewday.openstack.org': + git_url => 'https://github.com/openstack-infra/reviewday.git', + serveradmin => 'webmaster@openstack.org', + httproot => "/srv/static/${name}", + } + reviewday::init { 'reviewday.openstack.org': + gerrit_url => 'review.openstack.org', + gerrit_port => '29418', + gerrit_user => 'reviewday', + } } diff --git a/modules/reviewday/manifests/init.pp b/modules/reviewday/manifests/init.pp new file mode 100644 index 0000000000..2fa07c3afd --- /dev/null +++ b/modules/reviewday/manifests/init.pp @@ -0,0 +1,90 @@ +# Copyright 2013 Hewlett-Packard Development Company, L.P. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# Define: reviewday +# +define reviewday::init( + $gerrit_url = '', + $gerrit_port = '', + $gerrit_user = '', + $reviewday_rsa_key_contents = '', + $reviewday_rsa_pubkey_contents = '', + $reviewday_gerrit_ssh_key = '' +) { + if ! defined(Package['python-launchpadlib']) { + package { 'python-launchpadlib': + ensure => present, + } + } + package { 'python-cheetah': + ensure => present, + } + + group { 'reviewday': + ensure => present, + } + + user { 'reviewday': + ensure => present, + home => "/var/lib/${name}", + shell => '/bin/bash', + gid => 'reviewday', + managehome => true, + require => Group['reviewday'], + } + + file { "/var/lib/${name}/.ssh/": + ensure => directory, + owner => 'reviewday', + group => 'reviewday', + mode => '0700', + require => User['reviewday'], + } + + if $reviewday_rsa_key_contents != '' { + file { "/var/lib/${name}/.ssh/id_rsa": + owner => 'reviewday', + group => 'reviewday', + mode => '0600', + content => $reviewday_rsa_key_contents, + replace => true, + require => File["/var/lib/${name}/.ssh/"] + } + } + + if $reviewday_rsa_pubkey_contents != '' { + file { "/var/lib/${name}/.ssh/id_rsa.pub": + owner => 'reviewday', + group => 'reviewday', + mode => '0600', + content => $reviewday_rsa_pubkey_contents, + replace => true, + require => File["/var/lib/${name}/.ssh/"] + } + } + + if $reviewday_gerrit_ssh_key != '' { + file { "/var/lib/${name}/.ssh/known_hosts": + owner => 'reviewday', + group => 'reviewday', + mode => '0600', + content => $reviewday_gerrit_ssh_key, + replace => true, + require => File["/var/lib/${name}/.ssh/"] + } + } + +} + +# vim:sw=2:ts=2:expandtab:textwidth=79 diff --git a/modules/reviewday/manifests/site.pp b/modules/reviewday/manifests/site.pp new file mode 100644 index 0000000000..9581b455c1 --- /dev/null +++ b/modules/reviewday/manifests/site.pp @@ -0,0 +1,60 @@ +# Copyright 2013 Hewlett-Packard Development Company, L.P. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Define: reviewday +# +define reviewday::site( + $git_url = '', + $httproot = '', + $serveradmin = '', +) { + include apache + + vcsrepo { "/var/lib/${name}/reviewday": + ensure => present, + provider => git, + source => $git_url, + } + + apache::vhost { $name: + docroot => $httproot, + port => 80, + priority => '50', + require => File[$httproot], + template => 'reviewday.vhost.erb', + } + + file { $httproot: + ensure => directory, + owner => 'reviewday', + group => 'reviewday', + mode => '0644', + } + + file { "/var/lib/${name}/.ssh/config": + ensure => present, + content => template('ssh_config.erb'), + owner => reviewday, + group => reviewday, + mode => '0644', + } + + cron { "update ${name} reviewday": + command => "cd /var/lib/${name}/reviewday && PYTHONPATH=\$PWD python bin/reviewday -o /${httproot}", + minute => '*/15', + user => 'reviewday', + } +} + +# vim:sw=2:ts=2:expandtab:textwidth=79 diff --git a/modules/reviewday/templates/reviewday.vhost.erb b/modules/reviewday/templates/reviewday.vhost.erb new file mode 100644 index 0000000000..638f6b9c87 --- /dev/null +++ b/modules/reviewday/templates/reviewday.vhost.erb @@ -0,0 +1,10 @@ +:80> + ServerAdmin <%= serveradmin %> + DocumentRoot <%= httproot %> + + ErrorLog ${APACHE_LOG_DIR}/<%= name %>-error.log + + LogLevel warn + + CustomLog ${APACHE_LOG_DIR}/<%= name %>-access.log combined + diff --git a/modules/reviewday/templates/ssh_config.erb b/modules/reviewday/templates/ssh_config.erb new file mode 100644 index 0000000000..4a0a2249e9 --- /dev/null +++ b/modules/reviewday/templates/ssh_config.erb @@ -0,0 +1,6 @@ +Host review + Hostname <%= gerrit_url %> + Port <%= gerrit_port %> + User <%= gerrit_user %> + IdentityFile /var/lib/<%= name %>/.ssh/id_rsa + UserKnownHostsFile /var/lib/<%= name %>/.ssh/known_hosts