sreview, veyepar -> hiera role
[mirror/dsa-puppet.git] / modules / roles / manifests / pubsub / entities.pp
1 # = Class: roles::pubsub::entities
2 #
3 # MQ users, vhosts, policies, and permissions for pubsub hosts
4 #
5 # == Sample Usage:
6 #
7 #   include roles::pubsub::entities
8 #
9 class roles::pubsub::entities {
10         include roles::pubsub::params
11
12         $admin_password   = $roles::pubsub::params::admin_password
13         $ftp_password     = $roles::pubsub::params::ftp_password
14         $buildd_password  = $roles::pubsub::params::buildd_password
15         $wbadm_password   = $roles::pubsub::params::wbadm_password
16         $mailadm_password = $roles::pubsub::params::mailadm_password
17         $mailly_password  = $roles::pubsub::params::mailly_password
18         $muffat_password  = $roles::pubsub::params::muffat_password
19         $pet_password     = $roles::pubsub::params::pet_password
20
21         rabbitmq_user { 'admin':
22                 admin    => true,
23                 password => $admin_password,
24         }
25
26         rabbitmq_user { 'ftpteam':
27                 admin    => false,
28                 password => $ftp_password,
29         }
30
31         rabbitmq_user { 'buildd':
32                 admin    => false,
33                 password => $buildd_password,
34         }
35
36         rabbitmq_user { 'wbadm':
37                 admin    => false,
38                 password => $wbadm_password,
39         }
40
41         rabbitmq_user { 'mailadm':
42                 admin    => false,
43                 password => $mailadm_password,
44         }
45
46         rabbitmq_user { 'mailly':
47                 admin    => false,
48                 password => $mailly_password,
49         }
50
51         rabbitmq_user { 'muffat':
52                 admin    => false,
53                 password => $muffat_password,
54         }
55
56         rabbitmq_user { 'pet-devel':
57                 admin    => false,
58                 password => $pet_password,
59         }
60
61         $do_hosts = keys($deprecated::localinfo)
62
63         pubsub::autouser { $do_hosts: }
64
65         rabbitmq_vhost { 'packages':
66                 ensure   => present,
67         }
68
69         rabbitmq_vhost { 'buildd':
70                 ensure   => present,
71         }
72
73         rabbitmq_vhost { 'dsa':
74                 ensure   => present,
75         }
76
77         rabbitmq_vhost { 'pet':
78                 ensure   => present,
79         }
80
81         rabbitmq_user_permissions { 'admin@/':
82                 configure_permission => '.*',
83                 read_permission      => '.*',
84                 write_permission     => '.*',
85         }
86
87         rabbitmq_user_permissions { 'admin@buildd':
88                 configure_permission => '.*',
89                 read_permission      => '.*',
90                 write_permission     => '.*',
91         }
92
93         rabbitmq_user_permissions { 'admin@dsa':
94                 configure_permission => '.*',
95                 read_permission      => '.*',
96                 write_permission     => '.*',
97         }
98
99         rabbitmq_user_permissions { 'admin@packages':
100                 configure_permission => '.*',
101                 read_permission      => '.*',
102                 write_permission     => '.*',
103         }
104
105         rabbitmq_user_permissions { 'admin@pet':
106                 configure_permission => '.*',
107                 read_permission      => '.*',
108                 write_permission     => '.*',
109         }
110
111         rabbitmq_user_permissions { 'ftpteam@packages':
112                 configure_permission => '.*',
113                 read_permission      => '.*',
114                 write_permission     => '.*',
115         }
116
117         rabbitmq_user_permissions { 'wbadm@packages':
118                 read_permission  => 'unchecked',
119                 write_permission => 'wbadm',
120         }
121
122         rabbitmq_user_permissions { 'buildd@buildd':
123                 configure_permission => '.*',
124                 read_permission      => '.*',
125                 write_permission     => '.*',
126         }
127
128         rabbitmq_user_permissions { 'wbadm@buildd':
129                 configure_permission => '.*',
130                 read_permission      => '.*',
131                 write_permission     => '.*',
132         }
133
134         rabbitmq_user_permissions { 'mailadm@dsa':
135                 configure_permission => '.*',
136                 read_permission      => '.*',
137                 write_permission     => '.*',
138         }
139
140         rabbitmq_user_permissions { 'pet-devel@pet':
141                 configure_permission => '.*',
142                 read_permission      => '.*',
143                 write_permission     => '.*',
144         }
145
146         rabbitmq_policy { 'mirror-dsa@dsa':
147                 pattern    => '.*',
148                 priority   => 0,
149                 applyto    => 'all',
150                 definition => {
151                         'ha-mode'      => 'all',
152                         'ha-sync-mode' => 'automatic',
153                 },
154         }
155
156         rabbitmq_policy { 'mirror-buildd@buildd':
157                 pattern    => '.*',
158                 priority   => 0,
159                 applyto    => 'all',
160                 definition => {
161                         'ha-mode'      => 'all',
162                         'ha-sync-mode' => 'automatic',
163                 },
164         }
165
166         rabbitmq_policy { 'mirror-packages@packages':
167                 pattern    => '.*',
168                 priority   => 0,
169                 applyto    => 'all',
170                 definition => {
171                         'ha-mode'      => 'all',
172                         'ha-sync-mode' => 'automatic',
173                 },
174         }
175
176         rabbitmq_policy { 'mirror_pet@pet':
177                 pattern    => '.*',
178                 priority   => 0,
179                 applyto    => 'all',
180                 definition => {
181                         'ha-mode'      => 'all',
182                         'ha-sync-mode' => 'automatic',
183                 },
184         }
185
186         rabbitmq_plugin { 'rabbitmq_management_agent':
187                 ensure   => present,
188         }
189         rabbitmq_plugin { 'rabbitmq_tracing':
190                 ensure   => present,
191         }
192         rabbitmq_plugin { 'rabbitmq_management_visualiser':
193                 ensure   => present,
194         }
195
196 }