summaryrefslogtreecommitdiff
path: root/global/overlay/etc/puppet/modules/sunet/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'global/overlay/etc/puppet/modules/sunet/manifests')
-rw-r--r--global/overlay/etc/puppet/modules/sunet/manifests/flog.pp82
1 files changed, 82 insertions, 0 deletions
diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/flog.pp b/global/overlay/etc/puppet/modules/sunet/manifests/flog.pp
new file mode 100644
index 0000000..fb002d0
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/sunet/manifests/flog.pp
@@ -0,0 +1,82 @@
+class sunet::flog {
+
+ $postgres_password = hiera('flog_postgres_password', 'NOT_SET_IN_HIERA'),
+
+ file {'/var/docker':
+ ensure => 'directory',
+ } ->
+ sunet::system_user {'postgres-system-user':
+ username => 'postgres',
+ group => 'postgres',
+ } ->
+ sunet::add_user_to_group { 'postgres_ssl_cert_access':
+ username => 'postgres',
+ group => 'ssl-cert',
+ } ->
+ sunet::system_user {'www-data-system-user':
+ username => 'www-data',
+ group => 'www-data',
+ } ->
+ sunet::system_user {'memcache-system-user':
+ username => 'memcache',
+ group => 'memcache',
+ } ->
+ file {'/var/docker/postgresql_data':
+ ensure => 'directory',
+ owner => 'postgres',
+ group => 'root',
+ mode => '0770',
+ } ->
+ file {'/var/docker/postgresql_data/backup':
+ ensure => 'directory',
+ owner => 'postgres',
+ group => 'root',
+ mode => '0770',
+ } ->
+ file {'/var/log/flog_db':
+ ensure => 'directory',
+ owner => 'root',
+ group => 'postgres',
+ mode => '1775',
+ } ->
+ file {'/var/log/flog_app':
+ ensure => 'directory',
+ owner => 'root',
+ group => 'www-data',
+ mode => '1775',
+ } ->
+ file {'/var/log/flog_cron':
+ ensure => 'directory',
+ owner => 'root',
+ group => 'www-data',
+ mode => '1775',
+ } ->
+ file { "/opt/flog/nginx/certs/flog.sunet.se.key":
+ ensure => file,
+ path => "/opt/flog/nginx/certs/flog.sunet.se.key",
+ mode => '0640',
+ content => hiera('server_cert_key', 'NOT_SET_IN_HIERA'),
+ } ->
+ file { "/opt/flog/dotenv":
+ ensure => file,
+ path => "/opt/flog/dotenv",
+ mode => '0640',
+ content => template('sunet/flog/dotenv.erb'),
+ } ->
+ sunet::docker_run {'flog_db':
+ image => 'docker.sunet.se/flog/postgresql-9.3',
+ volumes => ['/opt/flog/postgres/ssl:/etc/ssl', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'],
+ } ->
+ sunet::docker_run {'flog_app':
+ image => 'docker.sunet.se/flog/flog_app',
+ volumes => ['/opt/flog/dotenv:/opt/flog/.env','/var/log/flog/:/opt/flog/logs/'],
+ } ->
+ sunet::docker_run {'memcached':
+ image => 'docker.sunet.se/library/memcached',
+ } ->
+ sunet::docker_run {'flog_nginx':
+ image => 'docker.sunet.se/flog/nginx',
+ ports => ['80:80', '443:443'],
+ volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'],
+ }
+}