diff options
author | Johan Lundberg <lundberg@nordu.net> | 2015-04-28 14:27:05 +0200 |
---|---|---|
committer | Johan Lundberg <lundberg@nordu.net> | 2015-04-28 14:27:05 +0200 |
commit | f70844e7a5a04d0afa3ee8dbb00ce5fda40923da (patch) | |
tree | 0892b407f6e23761f8129f2f3b9ba19f0795810a /global/overlay/etc/puppet/modules/sunet/manifests/flog.pp | |
parent | 7df7ccdec3f0367c93c54b5c69b877291975b0d2 (diff) |
Moved flog conf to own class.sunet-ops-2015-04-28-v08
Diffstat (limited to 'global/overlay/etc/puppet/modules/sunet/manifests/flog.pp')
-rw-r--r-- | global/overlay/etc/puppet/modules/sunet/manifests/flog.pp | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/flog.pp b/global/overlay/etc/puppet/modules/sunet/manifests/flog.pp new file mode 100644 index 0000000..fb002d0 --- /dev/null +++ b/global/overlay/etc/puppet/modules/sunet/manifests/flog.pp @@ -0,0 +1,82 @@ +class sunet::flog { + + $postgres_password = hiera('flog_postgres_password', 'NOT_SET_IN_HIERA'), + + file {'/var/docker': + ensure => 'directory', + } -> + sunet::system_user {'postgres-system-user': + username => 'postgres', + group => 'postgres', + } -> + sunet::add_user_to_group { 'postgres_ssl_cert_access': + username => 'postgres', + group => 'ssl-cert', + } -> + sunet::system_user {'www-data-system-user': + username => 'www-data', + group => 'www-data', + } -> + sunet::system_user {'memcache-system-user': + username => 'memcache', + group => 'memcache', + } -> + file {'/var/docker/postgresql_data': + ensure => 'directory', + owner => 'postgres', + group => 'root', + mode => '0770', + } -> + file {'/var/docker/postgresql_data/backup': + ensure => 'directory', + owner => 'postgres', + group => 'root', + mode => '0770', + } -> + file {'/var/log/flog_db': + ensure => 'directory', + owner => 'root', + group => 'postgres', + mode => '1775', + } -> + file {'/var/log/flog_app': + ensure => 'directory', + owner => 'root', + group => 'www-data', + mode => '1775', + } -> + file {'/var/log/flog_cron': + ensure => 'directory', + owner => 'root', + group => 'www-data', + mode => '1775', + } -> + file { "/opt/flog/nginx/certs/flog.sunet.se.key": + ensure => file, + path => "/opt/flog/nginx/certs/flog.sunet.se.key", + mode => '0640', + content => hiera('server_cert_key', 'NOT_SET_IN_HIERA'), + } -> + file { "/opt/flog/dotenv": + ensure => file, + path => "/opt/flog/dotenv", + mode => '0640', + content => template('sunet/flog/dotenv.erb'), + } -> + sunet::docker_run {'flog_db': + image => 'docker.sunet.se/flog/postgresql-9.3', + volumes => ['/opt/flog/postgres/ssl:/etc/ssl', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], + } -> + sunet::docker_run {'flog_app': + image => 'docker.sunet.se/flog/flog_app', + volumes => ['/opt/flog/dotenv:/opt/flog/.env','/var/log/flog/:/opt/flog/logs/'], + } -> + sunet::docker_run {'memcached': + image => 'docker.sunet.se/library/memcached', + } -> + sunet::docker_run {'flog_nginx': + image => 'docker.sunet.se/flog/nginx', + ports => ['80:80', '443:443'], + volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'], + } +} |