From d6d496a7ab3d01550f25e48581ae7e53e559f42d Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Mon, 30 Mar 2015 17:19:16 +0200 Subject: Added more docker images to sto-tug-kvm2. --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index a519ccf..b4ea64d 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -698,6 +698,8 @@ node 'cdr1.sunet.se' { node 'sto-tug-kvm2.swamid.se' { docker::image {'docker.sunet.se/flog/postgresql-9.3': } + docker::image {'docker.sunet.se/flog/nginx': } + docker::image {'docker.sunet.se/flog/flog_app': } file {'/opt/docker/postgresql_data': ensure => 'directory', } @@ -708,6 +710,19 @@ node 'sto-tug-kvm2.swamid.se' { image => 'docker.sunet.se/flog/postgresql-9.3', use_name => true, volumes => ['/opt/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], + } -> + docker::run {'flog_app': + image => 'docker.sunet.se/flog/flog_app', + use_name => true, + links => ['flog_db:flog_db'], + volumes => ['/opt/flog/dotenv:/opt/flog/.env','/var/log/flog/:/opt/flog/logs/'], + } -> + docker::run {'flog_nginx': + image => 'docker.sunet.se/flog/nginx', + use_name => true, + ports => ['80:80', '443:443'], + links => ['flog_app:flog_app'], + volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'], } } -- cgit v1.1 From d8a536feeec9a5fcebfaa5f587dbf87dcdee76a3 Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 10:38:57 +0200 Subject: Trying to use dns instead of link --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index b4ea64d..11e8287 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -697,16 +697,15 @@ node 'cdr1.sunet.se' { } node 'sto-tug-kvm2.swamid.se' { - docker::image {'docker.sunet.se/flog/postgresql-9.3': } - docker::image {'docker.sunet.se/flog/nginx': } - docker::image {'docker.sunet.se/flog/flog_app': } + #class { 'fail2ban': } file {'/opt/docker/postgresql_data': - ensure => 'directory', - } + ensure => 'directory', + } -> file {'/var/log/flog_db': ensure => 'directory', - } - docker::run {'flog_db': + } -> + class { 'sunet::dockerhost': } -> + sunet::docker_run {'flog_db': image => 'docker.sunet.se/flog/postgresql-9.3', use_name => true, volumes => ['/opt/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], @@ -714,14 +713,12 @@ node 'sto-tug-kvm2.swamid.se' { docker::run {'flog_app': image => 'docker.sunet.se/flog/flog_app', use_name => true, - links => ['flog_db:flog_db'], volumes => ['/opt/flog/dotenv:/opt/flog/.env','/var/log/flog/:/opt/flog/logs/'], } -> docker::run {'flog_nginx': image => 'docker.sunet.se/flog/nginx', use_name => true, ports => ['80:80', '443:443'], - links => ['flog_app:flog_app'], volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'], } } -- cgit v1.1 From 64d24f65a2efb1e81225fe289701d24bfe9aa11c Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 10:40:36 +0200 Subject: Invalid parameter use_name --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 3 --- 1 file changed, 3 deletions(-) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 11e8287..942ac77 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -707,17 +707,14 @@ node 'sto-tug-kvm2.swamid.se' { class { 'sunet::dockerhost': } -> sunet::docker_run {'flog_db': image => 'docker.sunet.se/flog/postgresql-9.3', - use_name => true, volumes => ['/opt/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], } -> docker::run {'flog_app': image => 'docker.sunet.se/flog/flog_app', - use_name => true, volumes => ['/opt/flog/dotenv:/opt/flog/.env','/var/log/flog/:/opt/flog/logs/'], } -> docker::run {'flog_nginx': image => 'docker.sunet.se/flog/nginx', - use_name => true, ports => ['80:80', '443:443'], volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'], } -- cgit v1.1 From e83523095a7f01d554becadf129bb4d35e1ad471 Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 10:53:34 +0200 Subject: Changed to sunet::dockerhost for kvm2 --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 942ac77..2c2eb32 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -704,16 +704,15 @@ node 'sto-tug-kvm2.swamid.se' { file {'/var/log/flog_db': ensure => 'directory', } -> - class { 'sunet::dockerhost': } -> sunet::docker_run {'flog_db': image => 'docker.sunet.se/flog/postgresql-9.3', volumes => ['/opt/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], } -> - docker::run {'flog_app': + sunet::docker_run {'flog_app': image => 'docker.sunet.se/flog/flog_app', volumes => ['/opt/flog/dotenv:/opt/flog/.env','/var/log/flog/:/opt/flog/logs/'], } -> - docker::run {'flog_nginx': + sunet::docker_run {'flog_nginx': image => 'docker.sunet.se/flog/nginx', ports => ['80:80', '443:443'], volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'], -- cgit v1.1 From 68251025dd8c8c10b81978e41a069afd7b49bfd5 Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 13:32:52 +0200 Subject: Adding postgres user to sto-tug-kvm2. --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 2c2eb32..3f2c9af 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -697,12 +697,24 @@ node 'cdr1.sunet.se' { } node 'sto-tug-kvm2.swamid.se' { - #class { 'fail2ban': } + #class { 'fail2ban': } + sunet::system_user {'postgres-system-user': + username => 'postgres', + group => 'postgres', + } -> + sunet::add_user_to_group { 'postgres_ssl_cert_access': + username => 'postgres', + group => 'ssl-cert', + } -> file {'/opt/docker/postgresql_data': ensure => 'directory', + owner => 'postgres', + group => 'postgres', } -> file {'/var/log/flog_db': ensure => 'directory', + owner => 'postgres', + group => 'postgres', } -> sunet::docker_run {'flog_db': image => 'docker.sunet.se/flog/postgresql-9.3', -- cgit v1.1 From 183ad5993ec59d0125917df77ab170f8ed5e5b09 Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 13:49:14 +0200 Subject: Changed permissions for postgres data dir --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 3f2c9af..54c8efa 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -710,11 +710,13 @@ node 'sto-tug-kvm2.swamid.se' { ensure => 'directory', owner => 'postgres', group => 'postgres', + mode => '0700', } -> file {'/var/log/flog_db': ensure => 'directory', - owner => 'postgres', + owner => 'root', group => 'postgres', + mode => '1775', } -> sunet::docker_run {'flog_db': image => 'docker.sunet.se/flog/postgresql-9.3', -- cgit v1.1 From 3c9f29b23f3bf1dd01aa97ad1950b00aa4f6f255 Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 14:03:46 +0200 Subject: Added missing docker dir. --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 3 +++ 1 file changed, 3 insertions(+) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 54c8efa..c196c1e 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -698,6 +698,9 @@ node 'cdr1.sunet.se' { node 'sto-tug-kvm2.swamid.se' { #class { 'fail2ban': } + file {'/opt/docker': + ensure => 'directory', + } -> sunet::system_user {'postgres-system-user': username => 'postgres', group => 'postgres', -- cgit v1.1 From 2a0d8e2d857eababf821581c829633e0acb03474 Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 14:56:49 +0200 Subject: Mixed up opt and var. --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index c196c1e..e37fbb0 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -698,7 +698,7 @@ node 'cdr1.sunet.se' { node 'sto-tug-kvm2.swamid.se' { #class { 'fail2ban': } - file {'/opt/docker': + file {'/var/docker': ensure => 'directory', } -> sunet::system_user {'postgres-system-user': @@ -709,7 +709,7 @@ node 'sto-tug-kvm2.swamid.se' { username => 'postgres', group => 'ssl-cert', } -> - file {'/opt/docker/postgresql_data': + file {'/var/docker/postgresql_data': ensure => 'directory', owner => 'postgres', group => 'postgres', @@ -723,7 +723,7 @@ node 'sto-tug-kvm2.swamid.se' { } -> sunet::docker_run {'flog_db': image => 'docker.sunet.se/flog/postgresql-9.3', - volumes => ['/opt/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], + volumes => ['/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], } -> sunet::docker_run {'flog_app': image => 'docker.sunet.se/flog/flog_app', -- cgit v1.1 From 587c21016484d3f6cb1a4792238937908de120b7 Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 15:48:37 +0200 Subject: Changed location of ssl certs for postgres --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index e37fbb0..5aa1fe7 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -723,7 +723,7 @@ node 'sto-tug-kvm2.swamid.se' { } -> sunet::docker_run {'flog_db': image => 'docker.sunet.se/flog/postgresql-9.3', - volumes => ['/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], + volumes => ['/opt/flog/postgres/ssl/ssl-cert-snakeoil.pem:/etc/ssl/cert.pem', '/opt/flog/postgres/ssl/ssl-cert-snakeoil.key:/etc/ssl/cert.key', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], } -> sunet::docker_run {'flog_app': image => 'docker.sunet.se/flog/flog_app', -- cgit v1.1 From 614f6719f6fb9570dfc38411d4b6bd2ade947ffc Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 17:05:47 +0200 Subject: Fix log and cert permissions. --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 5aa1fe7..f6d3ba8 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -709,6 +709,10 @@ node 'sto-tug-kvm2.swamid.se' { username => 'postgres', group => 'ssl-cert', } -> + sunet::system_user {'www-data-system-user': + username => 'www-data', + group => 'www-data', + } -> file {'/var/docker/postgresql_data': ensure => 'directory', owner => 'postgres', @@ -721,9 +725,21 @@ node 'sto-tug-kvm2.swamid.se' { group => 'postgres', mode => '1775', } -> + file {'/var/log/flog_app': + ensure => 'directory', + owner => 'root', + group => 'www-data', + mode => '1775', + } -> + file {'/var/log/flog_cron': + ensure => 'directory', + owner => 'root', + group => 'www-data', + mode => '1775', + } -> sunet::docker_run {'flog_db': image => 'docker.sunet.se/flog/postgresql-9.3', - volumes => ['/opt/flog/postgres/ssl/ssl-cert-snakeoil.pem:/etc/ssl/cert.pem', '/opt/flog/postgres/ssl/ssl-cert-snakeoil.key:/etc/ssl/cert.key', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], + volumes => ['/opt/flog/postgres/ssl:/etc/ssl', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'], } -> sunet::docker_run {'flog_app': image => 'docker.sunet.se/flog/flog_app', -- cgit v1.1 From 5cb9279fd0472bec59f5430786a6c684854bcf6f Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Tue, 31 Mar 2015 18:23:49 +0200 Subject: Add postgres backup dir. --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'global/overlay/etc/puppet/manifests') diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index f6d3ba8..92e3804 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -725,6 +725,12 @@ node 'sto-tug-kvm2.swamid.se' { group => 'postgres', mode => '1775', } -> + file {'/var/postgresbackup': + ensure => 'directory', + owner => 'root', + group => 'postgres', + mode => '1775', + } -> file {'/var/log/flog_app': ensure => 'directory', owner => 'root', -- cgit v1.1