Delta Between Two Patch Sets: modules/adblockplus/manifests/web/fileserver.pp
Issue 29551585:
#2317 - provide role fileserver for eyeofiles.com (Closed)
Base URL: https://hg1/infrastructure
Left Patch Set: move into adblockplus::web namespace and other improvements
Created Sept. 21, 2017, 8:37 p.m.
Right Patch Set: more flexible resource definitions
Created Sept. 25, 2017, 9:18 p.m.
| Left: | ||
| Right: |
Use n/p to move between diff chunks;
N/P to move between comments.
« no previous file with change/comment
|
« modules/adblockplus/files/nginx/fileserver.conf ('k')
|
modules/adblockplus/manifests/web/fileserver/repository.pp » ('j')
|
no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| LEFT | RIGHT |
|---|---|
| 1 # == Class: adblockplus::web::fileserver | 1 # == Class: adblockplus::web::fileserver |
| 2 # | 2 # |
| 3 # Serves files for different repositories over https. | 3 # A fileserver serves multiple file repositories. |
| 4 # | 4 # |
| 5 # === Parameters: | 5 # === Parameters: |
| 6 # | 6 # |
| 7 # [*domain*] | 7 # [*domain*] |
| 8 # A string for the domain serving traffic. | 8 # A string which is the name of the fileserver domain, under which |
| 9 # each repository has a subdomain. | |
| 9 # | 10 # |
| 10 # [*certificate*] | 11 # [*certificate*] |
| 11 # The name of the SSL certificate file within modules/private/files, if any. | 12 # The name of the SSL certificate file within modules/private/files, if any. |
| 12 # Requires a private_key as well. | 13 # Requires a private_key as well. |
| 13 # | 14 # |
| 14 # [*private_key*] | 15 # [*private_key*] |
| 15 # The name of the private key file within modules/private/files, if any. | 16 # The name of the private key file within modules/private/files, if any. |
| 16 # Requires a certificate as well. | 17 # Requires a certificate as well. |
| 17 # | 18 # |
| 18 # [*is_default*] | 19 # [*is_default*] |
| 19 # Passed on to nginx (whether or not the site config should be default). | 20 # Passed on to nginx (whether or not the site config should be default). |
| 20 # | 21 # |
| 21 # [*repository*] | 22 # [*repositories*] |
| 22 # A string that is the name of the repository to serve. A repository | 23 # A collection (hash) of repositories to serve. |
| 23 # is a collection of files uploaded by a group of users. | 24 # The contents of a repository is served on a subdomain of the fileserver. |
| 24 # | |
| 25 # TODO Convert this into a collection of *repositories* | |
| 26 # | 25 # |
| 27 class adblockplus::web::fileserver( | 26 class adblockplus::web::fileserver( |
| 27 $ensure = 'present', | |
| 28 $domain, | 28 $domain, |
| 29 $certificate, | 29 $certificate = undef, |
| 30 $private_key, | 30 $private_key = undef, |
| 31 $is_default=false, | 31 $repositories={}, |
| 32 $repository='v8', | |
| 33 ){ | 32 ){ |
| 34 | 33 |
| 35 include nginx | 34 include nginx |
| 36 include adblockplus | 35 include adblockplus |
| 37 include adblockplus::web | 36 include adblockplus::web |
| 38 | 37 |
| 39 nginx::hostconfig{$domain: | |
| 40 source => 'puppet:///modules/adblockplus/nginx/fileserver.conf', | |
| 41 is_default => $is_default, | |
| 42 certificate => $certificate, | |
| 43 private_key => $private_key, | |
| 44 log => 'access_log_files' | |
| 45 } | |
| 46 | |
| 47 # Root directory for serving repositories | |
| 48 realize(File[$adblockplus::directory]) | 38 realize(File[$adblockplus::directory]) |
| 49 | 39 |
| 50 | 40 file {"$adblockplus::directory/fileserver": |
| 51 file {[ | |
| 52 "$adblockplus::directory/fileserver", | |
| 53 "$adblockplus::directory/fileserver/repositories" | |
| 54 ]: | |
| 55 ensure => directory, | 41 ensure => directory, |
| 56 } | 42 } |
| 57 | 43 |
| 58 $repositories_directory = "$adblockplus::directory/fileserver/repositories" | 44 ensure_resources('adblockplus::web::fileserver::repository', $repositories, { |
| 45 ensure => 'present', | |
| 46 }) | |
| 59 | 47 |
| 60 # TODO Base these entries on a map of directories and members: $repositories | 48 nginx::hostconfig{ "$domain": |
| 61 # For each entry in repositories, (1) create the group , (2) folder and (3) sy mlink into /var/www/ | 49 source => 'puppet:///modules/adblockplus/nginx/fileserver.conf', |
| 62 # as is done below for the example 'v8': | 50 is_default => true, |
| 63 | 51 certificate => $certificate, |
| 64 # (1) Create the group | 52 private_key => $private_key, |
| 65 group {"www-$repository": | 53 log => 'access_log_fileserver', |
| 66 ensure => present, | |
| 67 # TODO Members are handled manually on the target server for now. Should go into configuration. | |
| 68 } | 54 } |
| 69 | |
| 70 # (2) create the repository folder | |
| 71 file {"$repositories_directory/$repository": | |
| 72 ensure => directory, | |
| 73 group => "www-$repository", | |
| 74 mode => '0775', | |
| 75 require => [ | |
| 76 File["$repositories_directory"], | |
| 77 Group["www-$repository"], | |
| 78 ], | |
| 79 } | |
| 80 | |
| 81 # (3) symlink the repository into www: | |
| 82 file {"/var/www/$repository": | |
| 83 ensure => link, | |
| 84 target => "$repositories_directory/$repository", | |
| 85 require => [ | |
| 86 File["$repositories_directory/$repository"], | |
| 87 Package['nginx'], | |
| 88 ], | |
| 89 } | |
| 90 | |
| 91 } | 55 } |
| 92 | 56 |
| LEFT | RIGHT |
« modules/adblockplus/files/nginx/fileserver.conf ('k')
|
modules/adblockplus/manifests/web/fileserver/repository.pp » ('j')
|
Toggle Intra-line Diffs ('i')
|
Expand Comments ('e')
|
Collapse Comments ('c')
|
Toggle Comments ('s')
