projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Enable lingering for the contributors user
[mirror/dsa-puppet.git] / modules / roles / manifests / debconf_wafer.pp
diff --git a/modules/roles/manifests/debconf_wafer.pp b/modules/roles/manifests/debconf_wafer.pp
index d03bafc..b0c2c5e 100644 (file)
--- a/modules/roles/manifests/debconf_wafer.pp
+++ b/modules/roles/manifests/debconf_wafer.pp
@@ -1,35 +1,63 @@
-class roles::debconf_wafer {
-       include apache2::ssl
-       include apache2::expires
-
-       package { 'libapache2-mod-wsgi-py3': ensure => installed, }
-       apache2::module { 'wsgi': require => Package['libapache2-mod-wsgi-py3'] }
-
-       ssl::service { 'wafertest.debconf.org':
-               notify  => Exec['service apache2 reload'],
-               key => true,
-       }
-       apache2::site { '010-wafertest.debconf.org':
-               site    => 'wafertest.debconf.org',
-               source => 'puppet:///modules/roles/debconf_wafer/wafertest.debconf.org',
-       }
-
-       ssl::service { 'debconf18.debconf.org':
-               notify  => Exec['service apache2 reload'],
-               key => true,
-       }
-       apache2::site { '010-debconf18.debconf.org':
-               site    => 'debconf18.debconf.org',
-               source => 'puppet:///modules/roles/debconf_wafer/debconf18.debconf.org',
-       }
-
-       ssl::service { 'debconf19.debconf.org':
-               notify  => Exec['service apache2 reload'],
-               key => true,
-       }
-       apache2::site { '010-debconf19.debconf.org':
-               site    => 'debconf19.debconf.org',
-               source => 'puppet:///modules/roles/debconf_wafer/debconf19.debconf.org',
-       }
+# debconf's wafer role
+
+# @param db_address     hostname of the postgres server for this service
+# @param db_port        port of the postgres server for this service
+class roles::debconf_wafer (
+  String  $db_address,
+  Integer $db_port,
+) {
+  include apache2
+  include apache2::ssl
+  include apache2::expires
+
+  include roles::sso_rp
+
+  package { 'libapache2-mod-wsgi-py3': ensure => installed, }
+  apache2::module { 'wsgi': require => Package['libapache2-mod-wsgi-py3'] }
+
+  ssl::service { 'wafertest.debconf.org':
+    notify => Exec['service apache2 reload'],
+    key    => true,
+  }
+  apache2::site { '010-wafertest.debconf.org':
+    site   => 'wafertest.debconf.org',
+    source => 'puppet:///modules/roles/debconf_wafer/wafertest.debconf.org',
+  }
+
+  ssl::service { 'debconf18.debconf.org':
+    ensure => absent,
+    notify => Exec['service apache2 reload'],
+    key    => true,
+  }
+  apache2::site { '010-debconf18.debconf.org':
+    ensure => absent,
+    site   => 'debconf18.debconf.org',
+  }
+
+  ssl::service { 'debconf19.debconf.org':
+    notify => Exec['service apache2 reload'],
+    key    => true,
+  }
+  apache2::site { '010-debconf19.debconf.org':
+    site   => 'debconf19.debconf.org',
+    source => 'puppet:///modules/roles/debconf_wafer/debconf19.debconf.org',
+  }
+
+  ssl::service { 'debconf20.debconf.org':
+    notify => Exec['service apache2 reload'],
+    key    => true,
+  }
+  apache2::site { '010-debconf20.debconf.org':
+    site   => 'debconf20.debconf.org',
+    source => 'puppet:///modules/roles/debconf_wafer/debconf20.debconf.org',
+  }
+
+  @@postgres::cluster::hba_entry { "debconf-wafer-${::fqdn}":
+    tag      => "postgres::cluster::${db_port}::hba::${db_address}",
+    pg_port  => $db_port,
+    user     => ['debconf18', 'debconf19', 'debconf20', 'wafertest'],
+    database => 'sameuser',
+    address  => $base::public_addresses,
+  }
 }
 
Unnamed repository; edit this file 'description' to name the repository.