opendev
/
puppet-refstack
Code Issues Proposed changes
puppet-refstack/manifests/apache/https.pp

113 lines
3.5 KiB
Puppet
Raw Blame History

# Copyright (c) 2015 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# == Class: refstack::apache::https
#
# This module installs RefStack onto the current host using an the https
# protocol.
#
class refstack::apache::https () {
require ::refstack::params
require ::refstack::api
require ::refstack::app
# Pull various variables into this module, for slightly saner templates.
$install_api_root = $::refstack::params::install_api_root
$install_www_root = $::refstack::params::install_www_root
$src_www_root = $::refstack::params::src_www_root
$hostname = $::refstack::params::hostname
$user = $::refstack::params::user
$group = $::refstack::params::group
$server_admin = $::refstack::params::server_admin
$python_version = $::refstack::params::python_version
$ssl_cert_content = $::refstack::params::ssl_cert_content
$ssl_cert = $::refstack::params::ssl_cert
$ssl_key_content = $::refstack::params::ssl_key_content
$ssl_key = $::refstack::params::ssl_key
$ssl_ca_content = $::refstack::params::ssl_ca_content
$resolved_ssl_ca = $::refstack::params::resolved_ssl_ca
# Install apache
include ::apache
include ::apache::params
include ::apache::mod::wsgi
# Create a copy of the wsgi file with apache user permissions.
file { '/etc/refstack/app.wsgi':
ensure => present,
owner => $::apache::params::user,
group => $::apache::params::group,
mode => '0644',
source => "${src_www_root}/refstack/api/app.wsgi",
require => [
Class['refstack::api']
],
notify => Service['httpd'],
}
if $ssl_cert_content != undef {
file { $ssl_cert:
owner => 'root',
group => 'ssl-cert',
mode => '0640',
content => $ssl_cert_content,
notify => Service['httpd'],
}
}
if $ssl_key_content != undef {
file { $ssl_key:
owner => 'root',
group => 'ssl-cert',
mode => '0640',
content => $ssl_key_content,
notify => Service['httpd'],
}
}
if $ssl_ca_content != undef {
file { $resolved_ssl_ca:
owner => 'root',
group => 'ssl-cert',
mode => '0640',
content => $ssl_ca_content,
notify => Service['httpd'],
}
}
# Synchronize the app directory and the apache directory.
file { $install_www_root:
ensure => directory,
owner => $::apache::params::user,
group => $::apache::params::group,
source => "${src_www_root}/refstack-ui/app",
recurse => true,
purge => true,
force => true,
notify => Service['httpd'],
}
# Set up RefStack as HTTPS.
apache::vhost { $hostname:
port => 443,
docroot => $install_www_root,
priority => '50',
template => 'refstack/refstack_https.vhost.erb',
ssl => true,
notify => Service['httpd'],
require => File['/etc/refstack/app.wsgi'],
}
}
View Git Blame Copy Permalink