summaryrefslogtreecommitdiff
path: root/global/overlay/etc/puppet/modules/catlfish/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'global/overlay/etc/puppet/modules/catlfish/manifests')
-rw-r--r--global/overlay/etc/puppet/modules/catlfish/manifests/frontend.pp43
-rw-r--r--global/overlay/etc/puppet/modules/catlfish/manifests/init.pp1
-rw-r--r--global/overlay/etc/puppet/modules/catlfish/manifests/merge.pp18
-rw-r--r--global/overlay/etc/puppet/modules/catlfish/manifests/signing.pp18
-rw-r--r--global/overlay/etc/puppet/modules/catlfish/manifests/storage.pp22
5 files changed, 102 insertions, 0 deletions
diff --git a/global/overlay/etc/puppet/modules/catlfish/manifests/frontend.pp b/global/overlay/etc/puppet/modules/catlfish/manifests/frontend.pp
new file mode 100644
index 0000000..c9ef122
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/catlfish/manifests/frontend.pp
@@ -0,0 +1,43 @@
+define catlfish::frontend(
+ $logname = undef,
+ $image = 'docker.sunet.se/ctct/catlfish-dev',
+ $version = 'latest'
+)
+{
+ $base = '/var/local/db'
+ $db = ""${base}/${logname}"
+ file {$base: ensure => directory } ->
+ file {$db: ensure => directory } ->
+ sunet::docker_run{"${name}_varnish":
+ image => "docker.sunet.se/varnish",
+ imagetag => "latest",
+ env => ["BACKEND_PORT=tcp://${name}_frontend.docker:8080"],
+ ports => ["80:80"],
+ } ->
+ sunet::docker_run{"${name}_stud":
+ image => "docker.sunet.se/stud",
+ imagetag => "latest",
+ volumes => ["/etc/ssl:/etc/ssl"],
+ env => ["BACKEND_PORT=tcp://${name}_varnish.docker:80"],
+ ports => ["443:443"]
+ } ->
+ sunet::docker_run {"${name}_catlfish":
+ image => $image,
+ imagetag => $version,
+ ports => ["8080:8080","8082:8082"],
+ volumes => ["/usr/local/etc/catlfish:/usr/local/etc/catlfish:ro","${db}:/var/local/db/catlfish"],
+ command => ["frontend ${name} ${logname}"]
+ } ->
+ ufw::allow { "${name}-allow-http":
+ ip => 'any',
+ port => 80
+ } ->
+ ufw::allow { "${name}-allow-https":
+ ip => 'any',
+ port => 443
+ } ->
+ ufw:allow { "${name}-allow-8082-acl0":
+ ip => '130.242.125.0/24',
+ port => 8082
+ }
+}
diff --git a/global/overlay/etc/puppet/modules/catlfish/manifests/init.pp b/global/overlay/etc/puppet/modules/catlfish/manifests/init.pp
new file mode 100644
index 0000000..bb74f74
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/catlfish/manifests/init.pp
@@ -0,0 +1 @@
+class catlfish {}
diff --git a/global/overlay/etc/puppet/modules/catlfish/manifests/merge.pp b/global/overlay/etc/puppet/modules/catlfish/manifests/merge.pp
new file mode 100644
index 0000000..2a54724
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/catlfish/manifests/merge.pp
@@ -0,0 +1,18 @@
+define catlfish::merge(
+ $logname = undef,
+ $image = 'docker.sunet.se/ctct/catlfish-dev',
+ $version = 'latest'
+)
+{
+ $base = '/var/local/db'
+ $db = ""${base}/${logname}"
+ file {$base: ensure => directory } ->
+ file {$db: ensure => directory } ->
+ sunet::docker_run {"${name}_catlfish":
+ image => $image,
+ env => ["MERGE_EXTRA_ARGS=--timing","MERGE_DB_DIR=/var/local/db/catlfish"],
+ imagetag => $version,
+ volumes => ["/usr/local/etc/catlfish/${name}:/usr/local/etc/catlfish:ro","${db}:/var/local/db/catlfish"],
+ command => ["merge ${name} ${logname}"]
+ }
+}
diff --git a/global/overlay/etc/puppet/modules/catlfish/manifests/signing.pp b/global/overlay/etc/puppet/modules/catlfish/manifests/signing.pp
new file mode 100644
index 0000000..70f1d87
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/catlfish/manifests/signing.pp
@@ -0,0 +1,18 @@
+define catlfish::signing(
+ $logname = undef,
+ $image = 'docker.sunet.se/ctct/catlfish-dev-lunahsm',
+ $version = 'latest'
+)
+{
+ sunet::docker_run {"${name}_catlfish":
+ image => $image,
+ imagetag => $version,
+ volumes => ["/usr/local/etc/catlfish:/usr/local/etc/catlfish:ro"],
+ ports => ["8188:8188"],
+ command => ["signing ${name} ${logname}"]
+ }
+ ufw:allow { "${name}-allow-8188-acl0":
+ ip => '130.242.125.0/24',
+ port => 8081
+ }
+}
diff --git a/global/overlay/etc/puppet/modules/catlfish/manifests/storage.pp b/global/overlay/etc/puppet/modules/catlfish/manifests/storage.pp
new file mode 100644
index 0000000..f7b7de5
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/catlfish/manifests/storage.pp
@@ -0,0 +1,22 @@
+define catlfish::storage(
+ $logname = undef,
+ $image = 'docker.sunet.se/ctct/catlfish-dev',
+ $version = 'latest'
+)
+{
+ $base = '/var/local/db'
+ $db = "${base}/${logname}"
+ file {$base: ensure => directory } ->
+ file {$db: ensure => directory } ->
+ sunet::docker_run {"${name}_catlfish":
+ image => $image,
+ imagetag => $version,
+ volumes => ["/usr/local/etc/catlfish:/usr/local/etc/catlfish:ro","${db}:/var/local/db/catlfish"],
+ ports => ["8081:8081"],
+ command => ["storage ${name} ${logname}"]
+ }
+ ufw:allow { "${name}-allow-8081-acl0":
+ ip => '130.242.125.0/24',
+ port => 8081
+ }
+}