f8d1a5c225
The IP address for review.openstack.org has changed, update the .ssh/known_hosts file for the Zuul user on the production server to reflect this in case of DNS problem. Change-Id: Ic416299cbde6aadfce357c0ab15a9db69aada4ba
112 lines
3.8 KiB
Puppet
112 lines
3.8 KiB
Puppet
# == Class: openstack_project::zuul_prod
|
|
#
|
|
class openstack_project::zuul_prod(
|
|
$vhost_name = $::fqdn,
|
|
$gearman_server = '127.0.0.1',
|
|
$gerrit_server = '',
|
|
$gerrit_user = '',
|
|
$gerrit_ssh_host_key = '',
|
|
$zuul_ssh_private_key = '',
|
|
$url_pattern = '',
|
|
$zuul_url = '',
|
|
$status_url = 'http://status.openstack.org/zuul/',
|
|
$swift_authurl = '',
|
|
$swift_auth_version = '',
|
|
$swift_user = '',
|
|
$swift_key = '',
|
|
$swift_tenant_name = '',
|
|
$swift_region_name = '',
|
|
$swift_default_container = '',
|
|
$swift_default_logserver_prefix = '',
|
|
$swift_default_expiry = 7200,
|
|
$proxy_ssl_cert_file_contents = '',
|
|
$proxy_ssl_key_file_contents = '',
|
|
$proxy_ssl_chain_file_contents = '',
|
|
$sysadmins = [],
|
|
$statsd_host = '',
|
|
$gearman_workers = [],
|
|
$project_config_repo = '',
|
|
) {
|
|
# Turn a list of hostnames into a list of iptables rules
|
|
$iptables_rules = regsubst ($gearman_workers, '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 4730 -s \1 -j ACCEPT')
|
|
|
|
class { 'openstack_project::server':
|
|
iptables_public_tcp_ports => [80, 443],
|
|
iptables_rules6 => $iptables_rules,
|
|
iptables_rules4 => $iptables_rules,
|
|
sysadmins => $sysadmins,
|
|
}
|
|
|
|
class { 'project_config':
|
|
url => $project_config_repo,
|
|
}
|
|
|
|
class { '::zuul':
|
|
vhost_name => $vhost_name,
|
|
gearman_server => $gearman_server,
|
|
gerrit_server => $gerrit_server,
|
|
gerrit_user => $gerrit_user,
|
|
zuul_ssh_private_key => $zuul_ssh_private_key,
|
|
url_pattern => $url_pattern,
|
|
zuul_url => $zuul_url,
|
|
job_name_in_report => true,
|
|
status_url => $status_url,
|
|
statsd_host => $statsd_host,
|
|
git_email => 'jenkins@openstack.org',
|
|
git_name => 'OpenStack Jenkins',
|
|
swift_authurl => $swift_authurl,
|
|
swift_auth_version => $swift_auth_version,
|
|
swift_user => $swift_user,
|
|
swift_key => $swift_key,
|
|
swift_tenant_name => $swift_tenant_name,
|
|
swift_region_name => $swift_region_name,
|
|
swift_default_container => $swift_default_container,
|
|
swift_default_logserver_prefix => $swift_default_logserver_prefix,
|
|
swift_default_expiry => $swift_default_expiry,
|
|
proxy_ssl_cert_file_contents => $proxy_ssl_cert_file_contents,
|
|
proxy_ssl_key_file_contents => $proxy_ssl_key_file_contents,
|
|
proxy_ssl_chain_file_contents => $proxy_ssl_chain_file_contents,
|
|
}
|
|
|
|
class { '::zuul::server':
|
|
layout_dir => $::project_config::zuul_layout_dir,
|
|
require => $::project_config::config_dir,
|
|
}
|
|
|
|
if $gerrit_ssh_host_key != '' {
|
|
file { '/home/zuul/.ssh':
|
|
ensure => directory,
|
|
owner => 'zuul',
|
|
group => 'zuul',
|
|
mode => '0700',
|
|
require => Class['::zuul'],
|
|
}
|
|
file { '/home/zuul/.ssh/known_hosts':
|
|
ensure => present,
|
|
owner => 'zuul',
|
|
group => 'zuul',
|
|
mode => '0600',
|
|
content => "review.openstack.org,104.130.159.134,2001:4800:7818:102:be76:4eff:fe05:9b12 ${gerrit_ssh_host_key}",
|
|
replace => true,
|
|
require => File['/home/zuul/.ssh'],
|
|
}
|
|
}
|
|
|
|
file { '/etc/zuul/logging.conf':
|
|
ensure => present,
|
|
source => 'puppet:///modules/openstack_project/zuul/logging.conf',
|
|
notify => Exec['zuul-reload'],
|
|
}
|
|
|
|
file { '/etc/zuul/gearman-logging.conf':
|
|
ensure => present,
|
|
source => 'puppet:///modules/openstack_project/zuul/gearman-logging.conf',
|
|
notify => Exec['zuul-reload'],
|
|
}
|
|
|
|
file { '/etc/zuul/merger-logging.conf':
|
|
ensure => present,
|
|
source => 'puppet:///modules/openstack_project/zuul/merger-logging.conf',
|
|
}
|
|
}
|