re-organizedct-ops-2015-05-26-v04

1 files changed, 43 insertions, 0 deletions

diff --git a/global/overlay/etc/puppet/modules/catlfish/manifests/frontend.pp b/global/overlay/etc/puppet/modules/catlfish/manifests/frontend.pp
new file mode 100644
index 0000000..c9ef122
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/catlfish/manifests/frontend.pp
@@ -0,0 +1,43 @@
+define catlfish::frontend(
+      $logname  = undef,
+      $image    = 'docker.sunet.se/ctct/catlfish-dev',
+      $version  = 'latest'
+)
+{
+   $base = '/var/local/db'
+   $db = ""${base}/${logname}"
+   file {$base: ensure => directory } ->
+   file {$db: ensure => directory } ->
+   sunet::docker_run{"${name}_varnish":
+      image    => "docker.sunet.se/varnish",
+      imagetag => "latest",
+      env      => ["BACKEND_PORT=tcp://${name}_frontend.docker:8080"],
+      ports    => ["80:80"],
+   } ->
+   sunet::docker_run{"${name}_stud":
+      image    => "docker.sunet.se/stud",
+      imagetag => "latest",
+      volumes  => ["/etc/ssl:/etc/ssl"],
+      env      => ["BACKEND_PORT=tcp://${name}_varnish.docker:80"],
+      ports    => ["443:443"]
+   } ->
+   sunet::docker_run {"${name}_catlfish":
+       image    => $image,
+       imagetag => $version,
+       ports    => ["8080:8080","8082:8082"],
+       volumes  => ["/usr/local/etc/catlfish:/usr/local/etc/catlfish:ro","${db}:/var/local/db/catlfish"],
+       command  => ["frontend ${name} ${logname}"]
+   } ->
+   ufw::allow { "${name}-allow-http":
+      ip   => 'any',
+      port => 80
+   } ->
+   ufw::allow { "${name}-allow-https":
+      ip   => 'any',
+      port => 443
+   } ->
+   ufw:allow { "${name}-allow-8082-acl0":
+      ip     => '130.242.125.0/24',
+      port   => 8082
+   }
+}