puppet-httpd is the openstack-infra version of puppetlabs-apache
(0.0.4) release.
This patchset will remove the puppetlabs-apache namespace from -infra
allowing for possible future patchsets to use newer puppetlabs-apache
modules.
Change-Id: I45be21c08d5ccdccbf0a8c386b794e2d75cdff45
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
The http://ci.openstack.org/ documentation site has been deprecated,
replaced by redirects to corresponding paths within
http://docs.openstack.org/infra/ where other Project Infrastructure
documentation already resides.
Change-Id: I08724d74336c71e9fb2951f0d50dcbb6a40d30f4
Updating the robots.txt in the etherpad vcsrepo makes it hard to manage
that repo properly. Solve this by serving the static robots.txt file
directly from apache rather than via etherpad service. Use a mod_rewrite
since we are already using that to set up the proxying.
Change-Id: Iccccf1ef194060490512e6550c22bdb9d3478ba8
If the vcsrepo is set to 'ensure => present' then local changes will
prevent the repo from updating, but if we 'ensure => latest' then local
changes will be overwritten when updating to the latest revision.
Change-Id: Ie560a00e70e428b46ac431975caa74d7d05fcad4
This change allows Apache servers with mod_proxy_wstunnel enabled
to pass thru Websocket connections to Etherpad, providing the
browser supports that.
Change-Id: I4f595f456e0d280c6f05958a36552213dd6cf1e2
The content of this project is Apache 2 licensed, but we should
include a standard LICENSE file just to be clear about that.
Change-Id: Iee6320b9d7e35fbe8d3b0a9794f3e485c18ef2c8
This change enables this manifest on Ubuntu Trusty, as it comes
with Apache 2.4 by default and there's no longer conf.d folder, it
is split on conf.available/conf.enable.
Change-Id: I7986e3f3be97f3448b743789a2c4fdacd07a20a8
This can enhance the user experience, as most modern web browsers
are capable of using Websockets.
Due to SocketIO fallback mechanism, if Websocket is not available
the next transport in the list will be used, so this change would
still work like before where Websockets is not possible.
Please note that Apache must be able to pass thru websockets to
the Etherpad nodejs server, the module mod_proxy_wstunnel is
needed for that, but it's only available as a package for
Apache 2.4.
I will create another change for etherpad-dev that adds
that module and sync up with infra root members to upgrade the server
to Trusty (it comes with Apache 2.4, Precise still comes with 2.2).
Change-Id: I30f425f7bf7dfeec1a2128e2caf7253459bccc21
Now that this module has been split out into its own project, add some
boilerplate for the project.
Change-Id: Ie919681cb0f72eb1cf2373efa1460667985548c0
According to https://wiki.apache.org/httpd/CommonMisconfigurations
is is wrong to specify server name in opening tag. ServerName
should be used instead.
Indentations also fixed in some files.
Change-Id: Id9d20a672103221efa01be61a174b62706036e57
It turns out that specifying the ciphers we want to use leads to
breakage. So instead we'll explicitly tell Apache which ciphers
we don't want to use.
Change-Id: I0f8211533495a6a4340c01dadb8069ccf9be429c
The poodle SSLv3 vulnerability is a good reason to stop using SSLv3.
Switch to TLS everywhere in our apache vhost configs.
Change-Id: If7b18174253b6f185e029f97bfa77d8ad4941385
The etherpad lite vhost template expects a server admin variable in the
etherpad_lite::apache manifest. Add one with a default of
webmaster@$fqdn.
Change-Id: Id974496ec330fa1453bc60d65518f4264f107da7
This reverts commit 3afc75132aa3a7d3cae911ae5e7166383b9ee4ba.
The new apache module has started managing /etc/httpd/conf/httpd.conf
with a template that has some significant differences than our template
in the cgit module.
Change-Id: I99795d35596f35dfc34e89891155dd2b83e465fe
This reverts commit 7b9ea298cf4ae941af74381925b17a4b29337eb9.
Upgrading puppetlabs-apache to version 0.4.0 will give us important
variables in apache::params (specifically $conf_dir and $vdir) which
will allow us to modify the cgit module to run on both Debuntu and RHEL
systems -- which is useful because test.sh should be testing all modules
on both systems.
Of the two issues that 7b9ea298 addresses, I believe that our Oneiric
hosts have all gone the way of the dinosaur and we can work around the
docroot check by replacing 'MEANINGLESS ARGUMENT' with
'/tmp/meaningless_docroot'.
Conflicts:
install_modules.sh
Change-Id: I7c08f85db6810ab28fa044f1923833359271e8ec
Node was running into stack size limit errors at the Atlanta Juno
Summit. The default value for the stack size limit is 984 kBytes double
this value to 1968 kBytes to hopefully make etherpad-lite more stable.
Change-Id: Ib644e68689e9f6b1e00cb959ff7cf4e5dc553cf6
The general etherpad_lite module should not contain OpenStack as
a hardcoded title. Parameterize it.
Change-Id: I473720d9566233ab4c8d2081c9835b42ddfcb94e
* modules/etherpad_lite/manifests/apache.pp: Install apache etherpad
lite connection tuning config file.
* modules/etherpad_lite/files/apache-connection-tuning: Configure the
Apache MPM Worker module to run up to 64 processes with 32 threads each
for a grand total of 2048 client connections maximum. This should be
relatively safe as etherpad connections are not very heavy. Most
connections come from users that lurk, they don't provide any input
that creates writes to the database. For example at a design summit we
may have 8 design room seach with an etherpad open, in each room there
may be 20 people connected to the etherpad but only 2-4 writing to it.
Change-Id: I3f406af1204b993d2b083180f17cafcf4f62f5bc
* manifests/site.pp: Pass new mysql DB variables to
openstack::etherpad*.
* modules/etherpad_lite/manifests/apache.pp: Fix broken /etc/ssl/certs
permissions (0700 -> 0755).
* modules/etherpad_lite/manifests/init.pp: Update default nodejs and
etherpad versions. Remove ep_headings plugin install. New plugin define
should be used for this instead. Stop making the etherpad-lite ref to
checkout optional (defaults to develop). Note these changes are probably
not going to be backward compat.
* modules/etherpad_lite/manifests/plugin.pp: Define to install etherpad
lite plugins.
* modules/etherpad_lite/manifests/site.pp: Simplify DB support and
remove support for the dirty DB type.
* modules/etherpad_lite/templates/etherpad-lite_settings.json.erb: Bring
settings erb up to par with latest template.
* modules/etherpad_lite/templates/etherpadlite.vhost.erb: Update rewrite
rules for new etherpad. Instead of allowing nice pad urls rooted at /
redirect these url to /p/padname. Etherpad does not deal well with a
change in root path as /p/ is hardcoded in many places.
* modules/openstack_project/manifests/etherpad.pp
* modules/openstack_project/manifests/etherpad_dev.pp:
Update to use new etherpad module setup. MySQL DBs are now externally
managed, pass in needed connection info.
* modules/mysql_backup/manifests/backup_remote.pp: New define to backup
remote DB servers.
* modules/mysql_backup/templates/my.cnf.erb: Template for a my.cnf to be
used by the cron in backup_remote.pp. Allows for easy connectivity from
server using MySQL DB as root.
Change-Id: I1250297674b91e81d59cd28c07c52e09967ca548
Make it possible to optionally install ep_headings on an etherpad
environment. This makes it easy to enable this on some environments,
but not all. Default to 'false', but set 'true' for etherpad_dev.
on my environment I also had the installation of ep_fintest, because
plugins didn't seem to work until I did this. Testing that.
Change-Id: Ia1ee0fd7b51e88f639de5350f124f1a95405cabf
Reviewed-on: https://review.openstack.org/26422
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
Make it possible to optionally install ep_headings on an etherpad
environment. This makes it easy to enable this on some environments,
but not all. Default to 'false', but set 'true' for etherpad_dev.
With summit coming up, it would be nice to have ep_headings in the
etherpads, makes them a lot easier to read.
fix puppet lint issue with all the equals signs not lining up.
Change-Id: I8cfa12480aed0b351012161c2cdbc406c0f52e7a
Reviewed-on: https://review.openstack.org/26380
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Cleanup warnings for missing '$' in class parameter definitions and for
non upper cased requirements.
Change-Id: I5fe04a304b084f4c6d09cfb23a9dfae2548a8e22
Reviewed-on: https://review.openstack.org/18704
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
etherpad-lite moved their upstream git repo to
https://github.com/ether/etherpad-lite.git. Update the vcsrepo source
for etherpad-lite when giving vcsrepo a specific version of
etherpad-lite. Do not update the source for the versionless vcsrepo
resource.
This allows us to leave etherpad.o.o alone while we install
etherpad-dev.o.o. Once etherpad-dev.o.o is working and we have tested an
upgrade to latest eplite and new node we can flip etherpad.o.o to the
new source.
Change-Id: I7cb9aaa5211f57c84698887500f519f92c514e91
Reviewed-on: https://review.openstack.org/17566
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
Change-Id: I6e5fa77a301eec30cff8e16bad33a91bfd95b13f
Signed-off-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-on: https://review.openstack.org/17176
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
Mostly documentation and parameterised class parameter complaints.
Change-Id: I5b3ffa4ad3f707f385165c2d86c891c6bd4c1ae0
Reviewed-on: https://review.openstack.org/16901
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
Also, seperate out the buildsource defined resource from init.pp
Change-Id: I9fe46ad31943f667ebe8bb6b01a2007e0b3cf022
Reviewed-on: https://review.openstack.org/15061
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
Two problems installing node.js for etherpad lite on a new host:
1. Install may be attempted before repository is properly cloned.
2. Installing node from source may take longer than the default exec
timeout.
Fix this by adding more order requirements and increase the exec timeout
when running make on node.js.
Change-Id: I74c225ee725e6e67b54dbf8ba7795d28e82c66e3
Reviewed-on: https://review.openstack.org/16013
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
We now host etherpad.openstack.org. To properly test upgrades and things
add a proper etherpad-dev host to puppet. Currently the configuration is
set to mimic that which is on etherpad.o.o. Once the -dev host is up and
running it will be used to test upgrades to more modern etherpad lite
and node.js version.
Also at some point we will probably want to use the puppetlabs-mysql
module to manage the mysql instances for etherpad. This dev host makes
that easier.
Change-Id: I63500026a1a38d7c4dd5b00cc869586eb2483497
Reviewed-on: https://review.openstack.org/14861
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
Etherpad lite previously attempted to manage its cert files in two
different ways. This created a conflict and puppet would not run
successfully. Remove the old way of managing the cert files.
Change-Id: I9336c6f97d455917f4680bfdfd5543283714fe34
Reviewed-on: https://review.openstack.org/14584
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
As copied from jenkins. Both old and new names for the
cert contents are in hiera.
Change-Id: Ic6d8258479c260ac37346c49c1ecde8339c96a37
Reviewed-on: https://review.openstack.org/14432
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Add a robots.txt file for etherpad lite. Disallow / because we are using
the pretty URLs.
Change-Id: Ic589923d142fe8c950534c4419582502bde98a3a
Reviewed-on: https://review.openstack.org/14422
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Also, actually redirect on incorrect hostnames.
Change-Id: I4e0981e45ed119eff02027e90a6a983ddeb6138b
Reviewed-on: https://review.openstack.org/14420
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Yet another bunch of puppet-lint fixes.
Change-Id: I9574cf1c5e35620b12e4d5e2bd6b2eb4d320c935
Signed-off-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-on: https://review.openstack.org/13988
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Change-Id: Ia0f3acd50aab07cc83d13cd12c8f7fc67f1c697d
Reviewed-on: https://review.openstack.org/10832
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
