Left: | ||
Right: |
LEFT | RIGHT |
---|---|
1 class trac( | 1 class trac( |
2 $domain, | 2 $domain, |
3 $certificate, | 3 $certificate, |
4 $private_key, | 4 $private_key, |
5 $fcgi_config_dir = '/etc/nginx/trac.d', | 5 $fcgi_config_dir = '/etc/nginx/trac.d', |
Wladimir Palant
2014/07/31 09:46:53
This path is hardcoded in the site.conf, no point
mathias
2014/08/01 13:59:46
Well, since the site.conf is just one line, I remo
| |
6 $is_default = false) inherits private::trac { | 6 $is_default = false) inherits private::trac { |
7 | 7 |
8 package {['python-mysqldb','python-pip','subversion', 'tofrodos', 'graphviz']: | 8 package {['python-mysqldb','python-pip','subversion', 'tofrodos', 'graphviz']: |
9 ensure => present | 9 ensure => present |
10 } | 10 } |
11 | 11 |
12 include nginx, spawn-fcgi | 12 include nginx, spawn-fcgi |
13 | 13 |
14 file {$fcgi_config_dir: | 14 file {$fcgi_config_dir: |
15 ensure => directory, | 15 ensure => directory, |
16 owner => 'root', | 16 owner => 'root', |
17 mode => 755, | 17 mode => 755, |
18 require => Package['nginx'], | 18 require => Package['nginx'], |
19 } | 19 } |
20 | 20 |
21 nginx::hostconfig {$domain: | 21 nginx::hostconfig {$domain: |
22 source => 'puppet:///modules/trac/site.conf', | 22 content => "include $fcgi_config_dir/*;", |
23 is_default => $is_default, | 23 is_default => $is_default, |
24 certificate => $certificate, | 24 certificate => $certificate, |
25 private_key => $private_key, | 25 private_key => $private_key, |
26 log => 'access_log_trac', | 26 log => 'access_log_trac', |
27 require => File[$fcgi_config_dir], | 27 require => File[$fcgi_config_dir], |
28 } | 28 } |
29 | 29 |
30 user {'trac': | 30 user {'trac': |
31 ensure => present, | 31 ensure => present, |
32 comment => 'User of the trac installation', | 32 comment => 'User of the trac installation', |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
110 | 110 |
111 exec { 'install_Tractags': | 111 exec { 'install_Tractags': |
112 command => "pip install svn+http://trac-hacks.org/svn/tagsplugin/tags/0.7/", | 112 command => "pip install svn+http://trac-hacks.org/svn/tagsplugin/tags/0.7/", |
113 require => Package['python-pip'], | 113 require => Package['python-pip'], |
114 unless => "python -c 'import tractags'", | 114 unless => "python -c 'import tractags'", |
115 } | 115 } |
116 | 116 |
117 exec { 'install_PrivateTickets': | 117 exec { 'install_PrivateTickets': |
118 command => "pip install svn+http://trac-hacks.org/svn/privateticketsplugin/t ags/2.0.2/", | 118 command => "pip install svn+http://trac-hacks.org/svn/privateticketsplugin/t ags/2.0.2/", |
119 require => Package['subversion', 'python-pip'], | 119 require => Package['subversion', 'python-pip'], |
120 unless => "python -c 'import privateticketsplugin'", | 120 unless => "python -c 'import privatetickets'", |
121 } | 121 } |
122 | 122 |
123 file { '/home/trac/trac.ini': | 123 file { '/home/trac/trac.ini': |
124 ensure => present, | 124 ensure => present, |
125 source => 'puppet:///modules/trac/trac.ini', | 125 source => 'puppet:///modules/trac/trac.ini', |
126 owner => 'trac', | 126 owner => 'trac', |
127 mode => 644, | 127 mode => 644, |
128 } | 128 } |
129 | 129 |
130 define instance ( | 130 define instance ( |
131 $config = 'trac/trac.ini.erb', | 131 $config = 'trac/trac.ini.erb', |
132 $description = 'Issue Tracker', | 132 $description = 'Issue Tracker', |
133 $environment = 'environment', | |
Wladimir Palant
2014/07/31 09:46:53
It's probably better to just set environment based
mathias
2014/08/01 13:59:46
Sure, but there's another but: This will cause the
| |
134 $location = '/', | 133 $location = '/', |
135 $logo = 'eyeo_logo.png', | 134 $logo = 'puppet:///modules/trac/logo.png', |
136 $database = 'trac', | 135 $database = 'trac', |
137 $permissions = 'puppet:///modules/trac/permissions.csv', | 136 $permissions = 'puppet:///modules/trac/permissions.csv', |
138 $theme = 'puppet:///modules/trac/theme.css') { | 137 $theme = 'puppet:///modules/trac/theme.css') { |
139 | 138 |
140 $database_password = $private::trac::database_password | 139 $database_password = $private::trac::database_password |
140 $environment = "environment-$name" | |
141 | 141 |
142 mysql::db {$database: | 142 mysql::db {$database: |
143 user => 'trac', | 143 user => 'trac', |
144 password => $database_password, | 144 password => $database_password, |
145 host => 'localhost', | 145 host => 'localhost', |
146 grant => ['all'], | 146 grant => ['all'], |
147 charset => 'utf8', | 147 charset => 'utf8', |
148 collate => 'utf8_bin', | 148 collate => 'utf8_bin', |
149 require => Class['mysql::server'], | 149 require => Class['mysql::server'], |
150 } | 150 } |
151 | 151 |
152 $location_base = $location ? { | 152 $location_base = regsubst($location, '/+$', '') |
153 '/' => '', | |
154 default => $location, | |
155 } | |
Wladimir Palant
2014/07/31 09:46:53
I think what you really want here is removing trai
mathias
2014/08/01 13:59:46
Makes sense, done.
| |
156 | 153 |
157 file {"${trac::fcgi_config_dir}/${name}.conf": | 154 file {"${trac::fcgi_config_dir}/${name}.conf": |
158 ensure => file, | 155 ensure => file, |
159 owner => 'root', | 156 owner => 'root', |
160 mode => 644, | 157 mode => 644, |
161 content => " | 158 content => template('trac/fcgi.conf.erb'), |
162 location $location_base/ | |
163 { | |
164 fastcgi_pass unix:/tmp/${name}-fastcgi.sock; | |
165 fastcgi_split_path_info ^(${location_base})(.*)\$; | |
166 include /etc/nginx/fastcgi_params; | |
167 fastcgi_param SCRIPT_NAME \$fastcgi_script_name; | |
168 fastcgi_param PATH_INFO \$fastcgi_path_info; | |
169 client_max_body_size 20m; | |
170 } | |
171 location $location_base/chrome/ | |
172 { | |
173 alias /home/trac/htdocs-$name/htdocs/; | |
174 }", | |
Wladimir Palant
2014/07/31 09:46:53
I'd rather go with a template here, having nginx c
mathias
2014/08/01 13:59:46
Done.
| |
175 require => File[$trac::fcgi_config_dir], | 159 require => File[$trac::fcgi_config_dir], |
160 notify => Service['nginx'], | |
176 } | 161 } |
Wladimir Palant
2014/07/31 09:46:53
This needs:
notify => Service['nginx']
Otherwi
mathias
2014/08/01 13:59:46
Done.
| |
177 | 162 |
178 exec {"trac_env_${name}": | 163 exec {"trac_env_${name}": |
179 command => shellquote( | 164 command => shellquote( |
180 'trac-admin', "/home/trac/$environment", 'initenv', $description, | 165 'trac-admin', "/home/trac/$environment", 'initenv', $description, |
181 "mysql://trac:${database_password}@localhost:3306/$database"), | 166 "mysql://trac:${database_password}@localhost:3306/$database"), |
167 logoutput => true, | |
182 path => '/usr/bin:/usr/sbin:/bin:/usr/local/bin', | 168 path => '/usr/bin:/usr/sbin:/bin:/usr/local/bin', |
183 require => [ | 169 require => [ |
184 Exec['install_trac'], | 170 Exec['install_trac'], |
185 Mysql_grant["trac@localhost/${database}.*"]], | 171 Mysql_grant["trac@localhost/${database}.*"]], |
186 user => trac, | 172 user => trac, |
187 unless => "test -d /home/trac/$environment" | 173 unless => "test -d /home/trac/$environment", |
188 } | 174 } |
189 | 175 |
190 file {"/home/trac/${environment}/conf/permissions.csv": | 176 file {"/home/trac/${environment}/conf/permissions.csv": |
191 ensure => present, | 177 ensure => present, |
192 owner => trac, | 178 owner => trac, |
193 source => $permissions, | 179 source => $permissions, |
194 require => Exec["trac_env_$name"], | 180 require => Exec["trac_env_$name"], |
195 } | 181 } |
196 | 182 |
197 file {"/home/trac/$environment/conf/trac.ini": | 183 file {"/home/trac/$environment/conf/trac.ini": |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
232 deploy /home/trac/htdocs-$name \ | 218 deploy /home/trac/htdocs-$name \ |
233 && fromdos /home/trac/htdocs-$name/cgi-bin/trac.fcgi \ | 219 && fromdos /home/trac/htdocs-$name/cgi-bin/trac.fcgi \ |
234 && chmod 755 /home/trac/htdocs-$name/cgi-bin/trac.fcgi", | 220 && chmod 755 /home/trac/htdocs-$name/cgi-bin/trac.fcgi", |
235 user => trac, | 221 user => trac, |
236 path => '/usr/bin:/usr/sbin:/bin:/usr/local/bin', | 222 path => '/usr/bin:/usr/sbin:/bin:/usr/local/bin', |
237 require => [ | 223 require => [ |
238 Exec["update_env_$name"], | 224 Exec["update_env_$name"], |
239 Package["tofrodos"]], | 225 Package["tofrodos"]], |
240 } | 226 } |
241 | 227 |
242 file {"/home/trac/htdocs-$name/htdocs/common/$logo": | 228 file {"/home/trac/htdocs-$name/htdocs/common/logo.png": |
Wladimir Palant
2014/07/31 09:46:53
Feel free to always name that file logo.png (namin
mathias
2014/08/01 13:59:46
Done.
| |
243 ensure => present, | 229 ensure => present, |
244 source => "puppet:///modules/trac/$logo", | 230 source => $logo, |
245 owner => trac, | 231 owner => trac, |
246 require => Exec["deploy_$name"], | 232 require => Exec["deploy_$name"], |
247 } | 233 } |
248 | 234 |
249 spawn-fcgi::pool {"${name}d": | 235 spawn-fcgi::pool {"tracd_${name}": |
Wladimir Palant
2014/07/31 09:46:53
I think "tracd_$name" was a better name for the se
mathias
2014/08/01 13:59:46
Sure, I think so too. But I've had a hard time try
| |
250 ensure => present, | 236 ensure => present, |
251 fcgi_app => "/home/trac/htdocs-$name/cgi-bin/trac.fcgi", | 237 fcgi_app => "/home/trac/htdocs-$name/cgi-bin/trac.fcgi", |
252 socket => "/tmp/${name}-fastcgi.sock", | 238 socket => "/tmp/${name}-fastcgi.sock", |
253 mode => "0666", | 239 mode => "0666", |
254 user => trac, | 240 user => trac, |
255 children => 1, | 241 children => 1, |
256 require => Exec["deploy_$name"], | 242 require => Exec["deploy_$name"], |
257 notify => Service['nginx'], | |
Wladimir Palant
2014/07/31 09:46:53
This one is pointless - nginx doesn't care whether
mathias
2014/08/01 13:59:46
Not quite correct, I believe. It's the file descri
Wladimir Palant
2014/08/01 14:11:13
We had FCGI processes crash often enough that I kn
mathias
2014/08/01 16:25:03
Indeed, Nginx will re-open the descriptor - after
| |
258 } | 243 } |
259 } | 244 } |
260 } | 245 } |
261 | 246 |
LEFT | RIGHT |