diff options
-rw-r--r-- | global/overlay/etc/puppet/manifests/cosmos-site.pp | 82 | ||||
-rw-r--r-- | global/overlay/etc/puppet/modules/sunet/manifests/flog.pp | 82 |
2 files changed, 83 insertions, 81 deletions
diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index c3f9291..a59b881 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -698,87 +698,7 @@ node 'cdr1.sunet.se' { node 'sto-tug-kvm2.swamid.se' { class { 'sunet::nagios': } - file {'/var/docker': - ensure => 'directory', - } -> - sunet::system_user {'postgres-system-user': - username => 'postgres', - group => 'postgres', - } -> - sunet::add_user_to_group { 'postgres_ssl_cert_access': - username => 'postgres', - group => 'ssl-cert', - } -> - sunet::system_user {'www-data-system-user': - username => 'www-data', - group => 'www-data', - } -> - sunet::system_user {'memcache-system-user': - username => 'memcache', - group => 'memcache', - } -> - file {'/var/docker/postgresql_data': - ensure => 'directory', - owner => 'postgres', - group => 'root', - mode => '0770', - } -> - file {'/var/docker/postgresql_data/backup': - ensure => 'directory', - owner => 'postgres', - group => 'root', - mode => '0770', - } -> - file {'/var/log/flog_db': - ensure => 'directory', - owner => 'root', - group => 'postgres', - mode => '1775', - } -> - file {'/var/log/flog_app': - ensure => 'directory', - owner => 'root', - group => 'www-data', - mode => '1775', - } -> - file {'/var/log/flog_cron': - ensure => 'directory', - owner => 'root', - group => 'www-data', - mode => '1775', - } -> - file { "/opt/flog/nginx/certs/flog.sunet.se.key": - ensure => file, - path => "/opt/flog/nginx/certs/flog.sunet.se.key", - mode => '0640', - content => hiera('server_cert_key', 'NOT_SET_IN_HIERA'), - } - define flog::config( - $postgres_password = hiera('flog_postgres_password', 'NOT_SET_IN_HIERA'), - ) { - file { "/opt/flog/dotenv": - ensure => file, - path => "/opt/flog/dotenv", - mode => '0640', - content => template('sunet/flog/dotenv.erb'), - } - } - sunet::docker_run {'flog_db': - image => 'docker.sunet.se/flog/postgresql-9.3', - volumes => ['/opt/flog/postgres/ssl:/etc/ssl', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], - } -> - sunet::docker_run {'flog_app': - image => 'docker.sunet.se/flog/flog_app', - volumes => ['/opt/flog/dotenv:/opt/flog/.env','/var/log/flog/:/opt/flog/logs/'], - } -> - sunet::docker_run {'memcached': - image => 'docker.sunet.se/library/memcached', - } -> - sunet::docker_run {'flog_nginx': - image => 'docker.sunet.se/flog/nginx', - ports => ['80:80', '443:443'], - volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'], - } + class { 'sunet:flog': } } class sunet-cdr { diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/flog.pp b/global/overlay/etc/puppet/modules/sunet/manifests/flog.pp new file mode 100644 index 0000000..fb002d0 --- /dev/null +++ b/global/overlay/etc/puppet/modules/sunet/manifests/flog.pp @@ -0,0 +1,82 @@ +class sunet::flog { + + $postgres_password = hiera('flog_postgres_password', 'NOT_SET_IN_HIERA'), + + file {'/var/docker': + ensure => 'directory', + } -> + sunet::system_user {'postgres-system-user': + username => 'postgres', + group => 'postgres', + } -> + sunet::add_user_to_group { 'postgres_ssl_cert_access': + username => 'postgres', + group => 'ssl-cert', + } -> + sunet::system_user {'www-data-system-user': + username => 'www-data', + group => 'www-data', + } -> + sunet::system_user {'memcache-system-user': + username => 'memcache', + group => 'memcache', + } -> + file {'/var/docker/postgresql_data': + ensure => 'directory', + owner => 'postgres', + group => 'root', + mode => '0770', + } -> + file {'/var/docker/postgresql_data/backup': + ensure => 'directory', + owner => 'postgres', + group => 'root', + mode => '0770', + } -> + file {'/var/log/flog_db': + ensure => 'directory', + owner => 'root', + group => 'postgres', + mode => '1775', + } -> + file {'/var/log/flog_app': + ensure => 'directory', + owner => 'root', + group => 'www-data', + mode => '1775', + } -> + file {'/var/log/flog_cron': + ensure => 'directory', + owner => 'root', + group => 'www-data', + mode => '1775', + } -> + file { "/opt/flog/nginx/certs/flog.sunet.se.key": + ensure => file, + path => "/opt/flog/nginx/certs/flog.sunet.se.key", + mode => '0640', + content => hiera('server_cert_key', 'NOT_SET_IN_HIERA'), + } -> + file { "/opt/flog/dotenv": + ensure => file, + path => "/opt/flog/dotenv", + mode => '0640', + content => template('sunet/flog/dotenv.erb'), + } -> + sunet::docker_run {'flog_db': + image => 'docker.sunet.se/flog/postgresql-9.3', + volumes => ['/opt/flog/postgres/ssl:/etc/ssl', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], + } -> + sunet::docker_run {'flog_app': + image => 'docker.sunet.se/flog/flog_app', + volumes => ['/opt/flog/dotenv:/opt/flog/.env','/var/log/flog/:/opt/flog/logs/'], + } -> + sunet::docker_run {'memcached': + image => 'docker.sunet.se/library/memcached', + } -> + sunet::docker_run {'flog_nginx': + image => 'docker.sunet.se/flog/nginx', + ports => ['80:80', '443:443'], + volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'], + } +} |