X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Ftracker.pp;h=d29655f7a190b2502ff9ef5aaf0f92ac8b593bff;hb=HEAD;hp=6bc351161d52f60e67ae5782e51e3265c2948543;hpb=c6a3917f4c9c7a1826578a908db9626290e92af0;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/tracker.pp b/modules/roles/manifests/tracker.pp
index 6bc351161..d29655f7a 100644
--- a/modules/roles/manifests/tracker.pp
+++ b/modules/roles/manifests/tracker.pp
@@ -1,7 +1,36 @@
-class roles::tracker {
-	ssl::service { 'tracker.debian.org':
-		notify  => Exec['service apache2 reload'],
-		key => true,
-	}
-	onion::service { 'tracker.debian.org': port => 80, target_address => 'tracker.debian.org', target_port => 80, direct => true }
+# tracker.debian.org service
+#
+# @param db_address     hostname of the postgres server for this service
+# @param db_port        port of the postgres server for this service
+class roles::tracker (
+  String  $db_address,
+  Integer $db_port,
+) {
+  include apache2
+  include roles::sso_rp
+
+  package { 'libapache2-mod-wsgi-py3': ensure => installed, }
+  apache2::module { 'wsgi': require => Package['libapache2-mod-wsgi-py3'] }
+  ssl::service { 'tracker.debian.org':
+    notify => Exec['service apache2 reload'],
+    key    => true,
+  }
+  onion::service { 'tracker.debian.org': port => 80, target_address => 'tracker.debian.org', target_port => 80, direct => true }
+
+  # tell the mail-relays to forward this domain to us
+  exim::manualroute{ 'tracker.debian.org': }
+  # and then handle it locally
+  # Note that there is also role specific config in exim4.conf
+  exim::vdomain { 'tracker.debian.org':
+    owner => 'qa',
+    group => 'qa',
+  }
+
+  @@postgres::cluster::hba_entry { "tracker-${::fqdn}":
+    tag      => "postgres::cluster::${db_port}::hba::${db_address}",
+    pg_port  => $db_port,
+    database => ['tracker', 'tracker-test'],
+    user     => 'qa',
+    address  => $base::public_addresses,
+  }
 }