Merge "Openstackid.org openid instance"

manifests/site.pp

@@ -628,6 +628,26 @@ node 'pypi.slave.openstack.org' {
   }
 }
 
+# Node-OS: precise
+node 'openstackid.org' {
+  class { 'openstack_project::openstackid_prod':
+    sysadmins               => hiera('sysadmins', []),
+    site_admin_password     => hiera('openstackid_site_admin_password', 'XXX'),
+    id_mysql_host           => hiera('openstackid_id_mysql_host', 'localhost'),
+    id_mysql_password       => hiera('openstackid_id_mysql_password', 'XXX'),
+    id_mysql_user           => hiera('openstackid_id_mysql_user', 'username'),
+    id_db_name              => hiera('openstackid_id_db_name', 'XXX'),
+    ss_mysql_host           => hiera('openstackid_ss_mysql_host', 'localhost'),
+    ss_mysql_password       => hiera('openstackid_ss_mysql_password', 'XXX'),
+    ss_mysql_user           => hiera('openstackid_ss_mysql_user', 'username'),
+    ss_db_name              => hiera('openstackid_ss_db_name', 'username'),
+    redis_password          => hiera('openstackid_redis_password', 'XXX'),
+    ssl_cert_file_contents  => hiera('openstackid_ssl_cert_file_contents', 'XXX'),
+    ssl_key_file_contents   => hiera('openstackid_ssl_key_file_contents', 'XXX'),
+    ssl_chain_file_contents => hiera('openstackid_ssl_chain_file_contents', 'XXX'),
+  }
+}
+
 # Node-OS: precise
 node 'openstackid-dev.openstack.org' {
   class { 'openstack_project::openstackid_dev':

modules/openstack_project/manifests/openstackid_prod.pp

@@ -0,0 +1,85 @@
+# Copyright 2013  OpenStack Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# openstackid idp(sso-openid) server
+#
+class openstack_project::openstackid_prod (
+  $sysadmins = [],
+  $site_admin_password = '',
+  $id_mysql_host = '',
+  $id_mysql_user = '',
+  $id_mysql_password = '',
+  $id_db_name = '',
+  $ss_mysql_host = '',
+  $ss_mysql_user = '',
+  $ss_mysql_password = '',
+  $ss_db_name = '',
+  $redis_port = '6378',
+  $redis_max_memory = '1gb',
+  $redis_bind = '127.0.0.1',
+  $redis_password = '',
+  $id_recaptcha_public_key = '',
+  $id_recaptcha_private_key = '',
+  $id_recaptcha_template = '',
+  $id_log_error_to_email = '',
+  $id_log_error_from_email = '',
+  $id_environment = 'dev',
+  $ssl_cert_file_contents = '',
+  $ssl_key_file_contents = '',
+  $ssl_chain_file_contents = '',
+  $release = '1.0.2',
+) {
+
+  class { 'openstack_project::server':
+    iptables_public_tcp_ports => [80, 443],
+    sysadmins                 => $sysadmins,
+  }
+
+  class { 'openstackid':
+    site_admin_password      => $site_admin_password,
+    id_mysql_host            => $id_mysql_host,
+    id_mysql_user            => $id_mysql_user,
+    id_mysql_password        => $id_mysql_password,
+    id_db_name               => $id_db_name,
+    ss_mysql_host            => $ss_mysql_host,
+    ss_mysql_user            => $ss_mysql_user,
+    ss_mysql_password        => $ss_mysql_password,
+    ss_db_name               => $ss_db_name,
+    redis_port               => $redis_port,
+    redis_host               => $redis_bind,
+    redis_password           => $redis_password,
+    id_recaptcha_public_key  => $id_recaptcha_public_key,
+    id_recaptcha_private_key => $id_recaptcha_private_key,
+    id_recaptcha_template    => $id_recaptcha_template,
+    id_log_error_to_email    => $id_log_error_to_email,
+    id_log_error_from_email  => $id_log_error_from_email,
+    id_environment           => $id_environment,
+    ssl_cert_file            => "/etc/ssl/certs/${::fqdn}.pem",
+    ssl_key_file             => "/etc/ssl/private/${::fqdn}.key",
+    ssl_chain_file           => '/etc/ssl/certs/intermediate.pem',
+    ssl_cert_file_contents   => $ssl_cert_file_contents,
+    ssl_key_file_contents    => $ssl_key_file_contents,
+    ssl_chain_file_contents  => $ssl_chain_file_contents,
+    openstackid_release      => $release,
+  }
+
+  # redis (custom module written by tipit)
+  class { 'redis':
+    redis_port       => $redis_port,
+    redis_max_memory => $redis_max_memory,
+    redis_bind       => $redis_bind,
+    redis_password   => $redis_password,
+  }
+
+}

modules/openstackid/manifests/init.pp

@@ -48,6 +48,7 @@ class openstackid (
   $id_recaptcha_public_key = '',
   $id_recaptcha_private_key = '',
   $id_recaptcha_template = '',
+  $openstackid_release = 'latest',
 ) {
 
   # php packages needed for openid server

modules/openstackid/templates/openstackid.conf.erb

@@ -1,5 +1,5 @@
 SITE_ROOT=/srv/openstackid
-SOURCE_TARBALL=http://tarballs.openstack.org/openstackid/openstackid-latest.tar.gz
+SOURCE_TARBALL=http://tarballs.openstack.org/openstackid/openstackid-<%= @openstackid_release %>.tar.gz
 LARAVEL_ENV=dev
-RELEASE_NAME=openstackid-latest.tar.gz
+RELEASE_NAME=openstackid-<%= @openstackid_release %>.tar.gz
 SOURCE_ROOT=http://tarballs.openstack.org/openstackid/