From bc8279c3faa52104904b1d0574af81a10a763d15 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Wed, 22 Apr 2020 08:57:00 -0500 Subject: [PATCH] Retire repo Depends-On: https://review.opendev.org/720892 Change-Id: Ie299fa63ab86bb04652424167f81840494473299 --- .gitignore | 3 - Gemfile | 15 -- README.rst | 51 +---- Rakefile | 8 - manifests/certificates.pp | 140 ------------- manifests/httpd.pp | 46 ----- manifests/init.pp | 90 -------- manifests/install.pp | 195 ------------------ manifests/mysql.pp | 54 ----- manifests/vars.pp | 47 ----- spec/acceptance/nodesets/default.yml | 11 - spec/acceptance/nodesets/nodepool-centos7.yml | 10 - spec/acceptance/nodesets/nodepool-trusty.yml | 10 - spec/acceptance/nodesets/nodepool-xenial.yml | 10 - templates/local.json.erb | 57 ----- templates/set-auth_providerconfig.sql.erb | 19 -- templates/vhost.erb | 70 ------- 17 files changed, 7 insertions(+), 829 deletions(-) delete mode 100644 .gitignore delete mode 100644 Gemfile delete mode 100644 Rakefile delete mode 100644 manifests/certificates.pp delete mode 100644 manifests/httpd.pp delete mode 100644 manifests/init.pp delete mode 100644 manifests/install.pp delete mode 100644 manifests/mysql.pp delete mode 100644 manifests/vars.pp delete mode 100644 spec/acceptance/nodesets/default.yml delete mode 100644 spec/acceptance/nodesets/nodepool-centos7.yml delete mode 100644 spec/acceptance/nodesets/nodepool-trusty.yml delete mode 100644 spec/acceptance/nodesets/nodepool-xenial.yml delete mode 100644 templates/local.json.erb delete mode 100644 templates/set-auth_providerconfig.sql.erb delete mode 100644 templates/vhost.erb diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 20e461c..0000000 --- a/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -Gemfile.lock -.bundled_gems/ -.vagrant diff --git a/Gemfile b/Gemfile deleted file mode 100644 index 019213a..0000000 --- a/Gemfile +++ /dev/null @@ -1,15 +0,0 @@ -source 'https://rubygems.org' - -if File.exists?('/home/zuul/src/git.openstack.org/openstack-infra/puppet-openstack_infra_spec_helper') - gem_checkout_method = {:path => '/home/zuul/src/git.openstack.org/openstack-infra/puppet-openstack_infra_spec_helper'} -else - gem_checkout_method = {:git => 'https://git.openstack.org/openstack-infra/puppet-openstack_infra_spec_helper'} -end -gem_checkout_method[:require] = false - -group :development, :test, :system_tests do - gem 'puppet-openstack_infra_spec_helper', - gem_checkout_method -end - -# vim:ft=ruby diff --git a/README.rst b/README.rst index 90cf88a..c4ba6c6 100644 --- a/README.rst +++ b/README.rst @@ -1,46 +1,9 @@ -puppet-phabricator -================= +This project is no longer maintained. -A puppet module for installing and managing a phabricator instance. This is -derived greatly from http://github.com/bloomberg/phabricator-tools +The contents of this repository are still available in the Git +source code management system. To see the contents of this +repository before it reached its end of life, please check out the +previous commit with "git checkout HEAD^1". -some notes for now: - -This module should not manage a MySQL or a mail server itself - it should -assume that those have been set up by other modules. - -We want to put all config customizations into local.json and not into the -database. - -The initial.db file is from bloomberg, I'm not sure it's all that useful -to folks. - -We still need to do this in my.cnf :: - - sql_mode=STRICT_ALL_TABLES - ft_stopword_file=/phabricator/instances/dev/phabricator/resources/sql/stopwords.txt - ft_min_word_len=3 - ft_boolean_syntax=' |-><()~*:""&^' - innodb_buffer_pool_size=600M - -then do:: - - REPAIR TABLE phabricator_search.search_documentfield; - -I did not do: https://secure.phabricator.com/book/phabricator/article/configuring_file_domain/ yet, or really think about it. - -I also have not made puppet do anything with:: - - sudo /phabricator/instances/dev/phabricator/bin/phd start - -Which are the background daemons. - -storyboard migration --------------------- - -The data migration script assumes a storyboard schema in the same mysql server -as the phabricator schemas. It sets up users for everyone in storyboard -with a password of admin. We'll be doing openid/oauth eventually, so I didn't -spend a ton of time on that. - -The apps that are disabled are disabled on purpose. +For any further questions, please email +service-discuss@lists.opendev.org or join #opendev on Freenode. diff --git a/Rakefile b/Rakefile deleted file mode 100644 index ff1f0d7..0000000 --- a/Rakefile +++ /dev/null @@ -1,8 +0,0 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_autoloader_layout') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_class_parameter_defaults') diff --git a/manifests/certificates.pp b/manifests/certificates.pp deleted file mode 100644 index 6574d3e..0000000 --- a/manifests/certificates.pp +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 2016 Hewlett Packard Enterprise Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: phabricator::certificates -# -# Sets up SSL certificates for the module. -# -class phabricator::certificates ( - # SSL Certificates. - $ssl_cert_file = $phabricator::vars::ssl_cert_file, - $ssl_cert_file_contents = $phabricator::vars::ssl_cert_file_contents, - $ssl_chain_file = $phabricator::vars::ssl_chain_file, - $ssl_chain_file_contents = $phabricator::vars::ssl_chain_file_contents, - $ssl_key_file = $phabricator::vars::ssl_key_file, - $ssl_key_file_contents = $phabricator::vars::ssl_key_file_contents, -) { - - # To use the standard ssl-certs package snakeoil certificate, leave both - # $ssl_cert_file and $ssl_cert_file_contents empty. To use an existing - # certificate, specify its path for $ssl_cert_file and leave - # $ssl_cert_file_contents empty. To manage the certificate with puppet, - # provide $ssl_cert_file_contents and optionally specify the path to use for - # it in $ssl_cert_file. - if ($ssl_cert_file == undef) and ($ssl_cert_file_contents == undef) { - $cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem' - if ! defined(Package['ssl-cert']) { - package { 'ssl-cert': - ensure => present, - } - } - } else { - if $ssl_cert_file == undef { - $cert_file = "/etc/ssl/certs/${::fqdn}.pem" - if ! defined(File['/etc/ssl/certs']) { - file { '/etc/ssl/certs': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - before => File[$cert_file], - } - } - } else { - $cert_file = $ssl_cert_file - } - if $ssl_cert_file_contents != undef { - file { $cert_file: - ensure => present, - owner => 'root', - group => 'root', - mode => '0644', - content => $ssl_cert_file_contents, - } - } - } - - # To avoid using an intermediate certificate chain, leave both - # $ssl_chain_file and $ssl_chain_file_contents empty. To use an existing - # chain, specify its path for $ssl_chain_file and leave - # $ssl_chain_file_contents empty. To manage the chain with puppet, provide - # $ssl_chain_file_contents and optionally specify the path to use for it in - # $ssl_chain_file. - if ($ssl_chain_file == undef) and ($ssl_chain_file_contents == undef) { - $chain_file = undef - } else { - if $ssl_chain_file == undef { - $chain_file = "/etc/ssl/certs/${::fqdn}_intermediate.pem" - if ! defined(File['/etc/ssl/certs']) { - file { '/etc/ssl/certs': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - before => File[$chain_file], - } - } - } else { - $chain_file = $ssl_chain_file - } - if $ssl_chain_file_contents != undef { - file { $chain_file: - ensure => present, - owner => 'root', - group => 'root', - mode => '0644', - content => $ssl_chain_file_contents, - } - } - } - - # To use the standard ssl-certs package snakeoil key, leave both - # $ssl_key_file and $ssl_key_file_contents empty. To use an existing key, - # specify its path for $ssl_key_file and leave $ssl_key_file_contents empty. - # To manage the key with puppet, provide $ssl_key_file_contents and - # optionally specify the path to use for it in $ssl_key_file. - if ($ssl_key_file == undef) and ($ssl_key_file_contents == undef) { - $key_file = '/etc/ssl/private/ssl-cert-snakeoil.key' - if ! defined(Package['ssl-cert']) { - package { 'ssl-cert': - ensure => present, - } - } - } else { - if $ssl_key_file == undef { - $key_file = "/etc/ssl/private/${::fqdn}.key" - if ! defined(File['/etc/ssl/private']) { - file { '/etc/ssl/private': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0700', - before => File[$key_file], - } - } - } else { - $key_file = $ssl_key_file - } - if $ssl_key_file_contents != undef { - file { $key_file: - ensure => present, - owner => 'root', - group => 'root', - mode => '0600', - content => $ssl_key_file_contents, - } - } - } - -} diff --git a/manifests/httpd.pp b/manifests/httpd.pp deleted file mode 100644 index 69098c9..0000000 --- a/manifests/httpd.pp +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright 2016 Hewlett Packard Enterprise Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: phabricator::httpd -# -# Set up the virtual host for phabricator. -# -class phabricator::httpd ( - $httpd_vhost = $phabricator::vars::httpd_vhost, - $httpd_docroot = $phabricator::vars::httpd_docroot, -) { - include ::httpd - include ::httpd::ssl - include ::httpd::php - - httpd::mod { 'rewrite': - ensure => present, - } - - httpd::mod { 'auth_openid': - ensure => present, - } - - # Set up Phabricator as TLS. - if defined(Class['phabricator::certificates']) { - ::httpd::vhost { $httpd_vhost: - port => 443, # Is required despite not being used. - docroot => $httpd_docroot, - priority => '50', - template => 'phabricator/vhost.erb', - ssl => true, - vhost_name => $httpd_vhost, - } - } -} diff --git a/manifests/init.pp b/manifests/init.pp deleted file mode 100644 index 613d0d4..0000000 --- a/manifests/init.pp +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright 2016 Hewlett Packard Enterprise Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: phabricator -# -# Set up a full, standalone instance of phabricator. -# -class phabricator ( - # Database Configurations. - $mysql_user_password, - $mysql_root_password, - $mysql_database = 'phabricator', - $mysql_host = 'localhost', - $mysql_port = 3306, - $mysql_user = 'phabricator', - - # Phabricator working directory - $phabricator_dir = '/opt/phabricator', - - # OpenID configuration - $auth_location = '/auth/login/RemoteUser:self/', - $authopenidsingleidp = 'https://openstackid.org/', - - # SSL Certificates. - $ssl_cert_file = undef, - $ssl_cert_file_contents = undef, # If left empty puppet will not create file. - $ssl_chain_file = undef, - $ssl_chain_file_contents = undef, # If left empty puppet will not create file. - $ssl_key_file = undef, - $ssl_key_file_contents = undef, # If left empty puppet will not create file. - - # Httpd config. - $httpd_vhost = $::fqdn, - $httpd_admin_email = "webmaster@${::fqdn}", -) { - - # Set up the shared configuration. - class { '::phabricator::vars': - mysql_database => $mysql_database, - mysql_host => $mysql_host, - mysql_port => $mysql_port, - mysql_user => $mysql_user, - mysql_user_password => $mysql_user_password, - mysql_root_password => $mysql_root_password, - phabricator_dir => $phabricator_dir, - ssl_cert_file => $ssl_cert_file, - ssl_cert_file_contents => $ssl_cert_file_contents, - ssl_chain_file => $ssl_chain_file, - ssl_chain_file_contents => $ssl_chain_file_contents, - ssl_key_file => $ssl_key_file, - ssl_key_file_contents => $ssl_key_file_contents, - httpd_vhost => $httpd_vhost, - httpd_admin_email => $httpd_admin_email, - - before => [ - Class['Phabricator::Certificates'], - Class['Phabricator::Httpd'], - Class['Phabricator::Mysql'], - Class['Phabricator::Install'], - ] - } - - include ::phabricator::certificates - include ::phabricator::mysql - - class { '::phabricator::httpd': - require => [ - Class['phabricator::install'], - Class['phabricator::mysql'], - Class['phabricator::certificates'] - ] - } - - class { '::phabricator::install': - require => [ - Class['phabricator::mysql'], - ] - } -} diff --git a/manifests/install.pp b/manifests/install.pp deleted file mode 100644 index e89c8fb..0000000 --- a/manifests/install.pp +++ /dev/null @@ -1,195 +0,0 @@ -# Copyright 2016 Hewlett Packard Enterprise Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: phabricator::install -# -# Installation of phabricator itself. -# -class phabricator::install ( - $phabricator_dir = $phabricator::vars::phabricator_dir, - $mysql_database = $phabricator::vars::mysql_database, - $mysql_host = $phabricator::vars::mysql_host, - $mysql_port = $phabricator::vars::mysql_port, - $mysql_user = $phabricator::vars::mysql_user, - $mysql_user_password = $phabricator::vars::mysql_user_password, - $httpd_vhost = $phabricator::vars::httpd_vhost, -) { - - # Dependencies - package { [ - 'php5', - 'php5-mysql', - 'php5-gd', - 'php5-dev', - 'php5-curl', - 'php-apc', - 'php5-cli', - 'php5-json', - 'sendmail', - 'python-pygments']: - ensure => present, - } - if !defined(Package['git']) { - package { 'git': - ensure => present - } - } - if !defined(Package['libapache2-mod-auth-openid']) { - package { 'libapache2-mod-auth-openid': - ensure => present - } - } - - # Set "post_max_size" in your PHP configuration to at least 32MB to support - # large file uploads. - ini_setting { 'Increase post_max_size in php.ini': - ensure => present, - path => '/etc/php5/apache2/php.ini', - section => 'PHP', - setting => 'post_max_size', - value => '32M', - notify => Service['httpd'], - } - - # In production, OPcache should be configured to never revalidate code. This - # will slightly improve performance. To do this, disable - # "opcache.validate_timestamps" in your PHP configuration. - ini_setting { 'Set opcache.validate_timestamps in php.ini': - ensure => present, - path => '/etc/php5/apache2/php.ini', - section => 'opcache', - setting => 'opcache.validate_timestamps', - value => '0', - notify => Service['httpd'], - } - - # PHP setting "always_populate_raw_post_data" should be set to "-1" to avoid - # deprecation warnings. - ini_setting { 'Disable PHP always_populate_raw_post_data on php.ini': - ensure => present, - path => '/etc/php5/apache2/php.ini', - section => 'PHP', - setting => 'always_populate_raw_post_data', - value => '-1', - notify => Service['httpd'], - } - - file { [$phabricator_dir, "${phabricator_dir}/repo"]: - ensure => directory, - } - - vcsrepo { "${phabricator_dir}/phabricator": - ensure => latest, - provider => git, - source => 'https://github.com/phacility/phabricator.git', - revision => 'stable', - require => [ - File[$phabricator_dir], - Package['git'], - ] - } - - vcsrepo { "${phabricator_dir}/arcanist": - ensure => latest, - provider => git, - source => 'https://github.com/phacility/arcanist.git', - revision => 'stable', - require => [ - File[$phabricator_dir], - Package['git'], - ] - } - - vcsrepo { "${phabricator_dir}/libphutil": - ensure => latest, - provider => git, - source => 'https://github.com/phacility/libphutil.git', - revision => 'stable', - require => [ - File[$phabricator_dir], - Package['git'], - ] - } - - vcsrepo { "${phabricator_dir}/libphremoteuser": - ensure => latest, - provider => git, - source => 'https://github.com/psigen/libphremoteuser.git', - revision => 'master', - require => [ - File[$phabricator_dir], - Package['git', 'libapache2-mod-auth-openid'], - ] - } - - exec { 'Letting Phabricator know about libphremoteuser...': - command => "${phabricator_dir}/phabricator/bin/config set load-libraries '[\"libphremoteuser/src\"]'", - subscribe => Vcsrepo["${phabricator_dir}/libphremoteuser"], - require => [ - Vcsrepo["${phabricator_dir}/arcanist"], - Vcsrepo["${phabricator_dir}/libphremoteuser"], - ] - } - - exec {'set-auth_providerconfig': - command => "/usr/bin/mysql -u ${mysql_user} -p${mysql_user_password} < ${phabricator_dir}/set-auth_providerconfig.sql", - subscribe => File['set-auth_providerconfig.sql'], - require => [ - Vcsrepo["${phabricator_dir}/phabricator"], - File['set-auth_providerconfig.sql'], - File[$phabricator_dir], - Service['Phabricator-daemons'] - ] - } - - file {'set-auth_providerconfig.sql': - ensure => present, - path => "${phabricator_dir}/set-auth_providerconfig.sql", - content => template('phabricator/set-auth_providerconfig.sql.erb'), - } - - file { 'local.json': - ensure => present, - path => "${phabricator_dir}/phabricator/conf/local/local.json", - content => template('phabricator/local.json.erb'), - require => Vcsrepo["${phabricator_dir}/phabricator"], - notify => Service['httpd'], - } - - exec { 'load-initial-db': - command => "${phabricator_dir}/phabricator/bin/storage upgrade --force", - onlyif => "${phabricator_dir}/phabricator/bin/storage status | grep -q 'Not Applied'", - require => [ - Vcsrepo["${phabricator_dir}/phabricator"], - Vcsrepo["${phabricator_dir}/libphutil"], - Vcsrepo["${phabricator_dir}/arcanist"], - ] - } - - service { 'Phabricator-daemons': - ensure => running, - provider => base, - start => "${phabricator_dir}/phabricator/bin/phd start", - stop => "${phabricator_dir}/phabricator/bin/phd stop", - restart => "${phabricator_dir}/phabricator/bin/phd restart", - status => "${phabricator_dir}/phabricator/bin/phd status", - subscribe => Vcsrepo["${phabricator_dir}/libphutil"], - require => [ - File[$phabricator_dir], - Vcsrepo["${phabricator_dir}/phabricator"], - Vcsrepo["${phabricator_dir}/libphutil"], - Vcsrepo["${phabricator_dir}/arcanist"], - ] - } -} diff --git a/manifests/mysql.pp b/manifests/mysql.pp deleted file mode 100644 index f5d3ab4..0000000 --- a/manifests/mysql.pp +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright 2016 Hewlett Packard Enterprise Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: phabricator::mysql -# -# Set up a mysql host for phabricator. -# -class phabricator::mysql( - $mysql_host = $phabricator::vars::mysql_host, - $mysql_port = $phabricator::vars::mysql_port, - $mysql_user = $phabricator::vars::mysql_user, - $mysql_user_password = $phabricator::vars::mysql_user_password, - $mysql_root_password = $phabricator::vars::mysql_root_password, -) { - - class { '::mysql::server': - root_password => $mysql_root_password, - remove_default_accounts => true, - override_options => { - mysqld => { - max_allowed_packet => '32M', - sql_mode => 'STRICT_ALL_TABLES', - ft_stopword_file => '/opt/phabricator/phabricator/resources/sql/stopwords.txt', - ft_min_word_len => 3, - ft_boolean_syntax => '\' |-><()~*:""&^\'', - innodb_buffer_pool_size => '1600M', - } - }, - } - - mysql_user { "${mysql_user}@${mysql_host}": - provider => 'mysql', - password_hash => mysql_password($mysql_user_password), - } - - # Phabricator creates a mess of tables. This ensures that we don't have - # to create ACL's for all of them. - mysql_grant { "${mysql_user}@${mysql_host}/phabricator%.*": - privileges => ['ALL'], - table => 'phabricator%.*', - user => "${mysql_user}@${mysql_host}", - } -} diff --git a/manifests/vars.pp b/manifests/vars.pp deleted file mode 100644 index baad02c..0000000 --- a/manifests/vars.pp +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 2016 Hewlett Packard Enterprise Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: phabricator::vars -# -# Variables, and their defaults, shared between all the submodules. This -# module is used as the source of all the shared default values. -# -class phabricator::vars ( - # Database Configurations. - $mysql_user_password, - $mysql_root_password, - $mysql_database = 'phabricator', - $mysql_host = 'localhost', - $mysql_port = 3306, - $mysql_user = 'phabricator', - - # Phabricator working directory - $phabricator_dir = '/opt/phabricator', - - # SSL Certificates. - $ssl_cert_file = undef, - $ssl_cert_file_contents = undef, # If left empty puppet will not create file. - $ssl_chain_file = undef, - $ssl_chain_file_contents = undef, # If left empty puppet will not create file. - $ssl_key_file = undef, - $ssl_key_file_contents = undef, # If left empty puppet will not create file. - - # Virtual host config. - $httpd_vhost = $::fqdn, - $httpd_admin_email = "webmaster@${::fqdn}", -) { - - # Non-configurable-options (derived) - $httpd_docroot = "${phabricator_dir}/phabricator/webroot" -} diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 3bb3e62..0000000 --- a/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: git diff --git a/spec/acceptance/nodesets/nodepool-centos7.yml b/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c552874..0000000 --- a/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/spec/acceptance/nodesets/nodepool-trusty.yml b/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e..0000000 --- a/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/spec/acceptance/nodesets/nodepool-xenial.yml b/spec/acceptance/nodesets/nodepool-xenial.yml deleted file mode 100644 index 99dd318..0000000 --- a/spec/acceptance/nodesets/nodepool-xenial.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-16.04-amd64: - roles: - - master - platform: ubuntu-16.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/templates/local.json.erb b/templates/local.json.erb deleted file mode 100644 index cd53d62..0000000 --- a/templates/local.json.erb +++ /dev/null @@ -1,57 +0,0 @@ -{ - "mysql.pass": "<%= @mysql_user_password %>", - "mysql.user": "<%= @mysql_user %>", - "mysql.host": "<%= @mysql_host %>", - "mysql.port": "<%= @mysql_port %>", - "config.ignore-issues": { - "security.security.alternate-file-domain": true - }, - "pygments.enabled": true, - "repository.default-local-path": "/opt/phabricator/repo", - "phabricator.serious-business": true, - "phabricator.base-uri": "https://<%= @httpd_vhost %>/", - "phabricator.uninstalled-applications": { - "PhabricatorDifferentialApplication": true, - "PhabricatorPhrictionApplication": true, - "PhabricatorDiffusionApplication": true, - "PhabricatorConpherenceApplication": true, - "PhabricatorAuditApplication": true, - "PhabricatorTokensApplication": true, - "PhabricatorLegalpadApplication": true - }, - "maniphest.statuses": { - "open": { - "name": "Open", - "special": "default" - }, - "inprogress": { - "name": "In Progress" - }, - "review": { - "name": "In Review" - }, - "merged": { - "name": "Merged", - "name.full": "Closed, Merged", - "closed": true, - "special": "closed" - }, - "invalid": { - "name": "Invalid", - "name.full": "Closed, Invalid", - "closed": true - }, - "duplicate": { - "name": "Duplicate", - "name.full": "Closed, Duplicate", - "transaction.icon": "fa-times", - "special": "duplicate", - "closed": true - } - }, - "phabricator.timezone": "UTC", - "auth.require-email-verification": false, - "auth.require-approval": false, - "policy.allow-public": true, - "security.require-https": true -} diff --git a/templates/set-auth_providerconfig.sql.erb b/templates/set-auth_providerconfig.sql.erb deleted file mode 100644 index 0dce575..0000000 --- a/templates/set-auth_providerconfig.sql.erb +++ /dev/null @@ -1,19 +0,0 @@ -DELETE FROM phabricator_auth.auth_providerconfig; - -INSERT INTO phabricator_auth.auth_providerconfig - SELECT - 1 as id, - "PHID-AUTH-7nztvra7ehvmx2xnmjgc" as phid, - "PhabricatorAuthProviderRemoteUser" as providerClass, - "RemoteUser" as providerType, - "self" as providerDomain, - 1 as isEnabled, - 1 as shouldAllowLogin, - 1 as shouldAllowRegistration, - 1 as shouldAllowLink, - 1 as shouldAllowUnlink, - 1 as shouldTrustEmails, - "[]" as properties, - 1469712430 as dateCreated, - 1469712430 as dateModified, - 0 as shouldAutoLogin; diff --git a/templates/vhost.erb b/templates/vhost.erb deleted file mode 100644 index 5bb8ce3..0000000 --- a/templates/vhost.erb +++ /dev/null @@ -1,70 +0,0 @@ -# ************************************ -# Managed by Puppet -# ************************************ - -# Unconditionally redirect all HTTP traffic for this vhost to HTTPS - - ServerName <%= @vhost_name %> - ServerAdmin <%= scope['phabricator::vars::httpd_admin_email'] %> - RewriteEngine On - RewriteRule ^/(.*) https://<%= @vhost_name %>/$1 [last,redirect=permanent] - LogLevel warn - ErrorLog /var/log/apache2/<%= @vhost_name %>_error.log - CustomLog /var/log/apache2/<%= @vhost_name %>_access.log combined - ServerSignature Off - - - - - ServerName <%= @vhost_name %> - ServerAdmin <%= scope['phabricator::vars::httpd_admin_email'] %> - - SSLEngine on - SSLProtocol All -SSLv2 -SSLv3 - # Once the machine is using something to terminate TLS that supports ECDHE - # then this should be edited to remove the RSA+AESGCM:RSA+AES so that PFS - # only is guaranteed. - SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP - SSLHonorCipherOrder on - SSLCertificateFile <%= scope['phabricator::certificates::cert_file'] %> - SSLCertificateKeyFile <%= scope['phabricator::certificates::key_file'] %> -<% unless [nil, :undef].include?(scope['phabricator::certificates::chain_file']) %> - SSLCertificateChainFile <%= scope['phabricator::certificates::chain_file'] %> -<% end %> - - DocumentRoot <%= @docroot %> - - Options FollowSymLinks - AllowOverride None - - > - Options Indexes FollowSymLinks MultiViews - AllowOverride None - Order allow,deny - Allow from all - Require all granted - - - > - AuthType OpenID - require valid-user - AuthOpenIDSingleIdP <%= scope['phabricator::authopenidsingleidp'] %> - - - RewriteEngine On - RewriteRule ^/rsrc/(.*) - [last,qsappend] - RewriteRule ^/favicon.ico - [last,qsappend] - RewriteRule ^(.*) /index.php?__path__=$1 [B,last,qsappend] - - SetEnv PHABRICATOR_ENV production - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - ErrorLog /var/log/apache2/<%= @vhost_name %>_error.log - CustomLog /var/log/apache2/<%= @vhost_name %>_access.log combined - - ServerSignature Off - -