opendev/system-config
Code Issues Proposed changes

Clean up puppet (deploy LAMP / setup app config)

Browse Source 
Implements: blueprint openid-oauth2-infra-implementation-puppet-script

Prepares a raw server with all software stack needed to run
openstackid project:

* installs PHP
* installs Apache
* installs Redis Server
* creates a initial environment configuration for laravel application
  (using *.erb templates)

Change-Id: If6216da0d70a45609076e8111a67055dbc87c9e4
This commit is contained in:
smarcet 2014-01-28 13:03:39 -03:00 committed by Sebastian Marcet
parent 522f4a2ded
commit b7ce8e9533
17 changed files with 529 additions and 264 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
manifests/site.pp
View File

@ -739,8 +739,11 @@ node 'openstackid-dev.openstack.org' {
class { 'openstack_project::openstackid_dev': class { 'openstack_project::openstackid_dev':
sysadmins => hiera('sysadmins'), sysadmins => hiera('sysadmins'),
site_admin_password => hiera('openstackid_dev_site_admin_password'), site_admin_password => hiera('openstackid_dev_site_admin_password'),
mysql_host => hiera('openstackid_dev_mysql_host'), id_mysql_host => hiera('openstackid_dev_id_mysql_host'),
mysql_password => hiera('openstackid_dev_mysql_password'), id_mysql_password => hiera('openstackid_dev_id_mysql_password'),
ss_mysql_host => hiera('openstackid_dev_ss_mysql_host'),
ss_mysql_password => hiera('openstackid_dev_ss_mysql_password'),
redis_password => hiera('openstackid_dev_redis_password'),
} }
} }

35
modules/openstack_project/manifests/openstackid_dev.pp
View File

@ -17,14 +17,24 @@
class openstack_project::openstackid_dev ( class openstack_project::openstackid_dev (
$sysadmins = [], $sysadmins = [],
$site_admin_password = '', $site_admin_password = '',
$mysql_host = '', $id_mysql_host = '',
$mysql_user = 'openstackid', $id_mysql_user = 'openstackid',
$mysql_password = '', $id_mysql_password = '',
$id_db_name = 'openstackid_openid_dev', $id_db_name = 'openstackid_openid_dev',
$ss_mysql_host = '',
$ss_mysql_user = 'openstackid',
$ss_mysql_password = '',
$ss_db_name = 'openstackid_silverstripe_dev', $ss_db_name = 'openstackid_silverstripe_dev',
$redis_port = '6378', $redis_port = '6378',
$redis_max_memory = '1gb', $redis_max_memory = '1gb',
$redis_bind = '127.0.0.1' $redis_bind = '127.0.0.1',
$redis_password = '',
$id_recaptcha_public_key = '',
$id_recaptcha_private_key = '',
$id_recaptcha_template = '',
$id_log_error_to_email = '',
$id_log_error_from_email = '',
$id_environment = 'dev',
) { ) {
realize ( realize (
@ -38,13 +48,23 @@ class openstack_project::openstackid_dev (
class { 'openstackid': class { 'openstackid':
site_admin_password => $site_admin_password, site_admin_password => $site_admin_password,
mysql_host => $mysql_host, id_mysql_host => $id_mysql_host,
mysql_user => $mysql_user, id_mysql_user => $id_mysql_user,
mysql_password => $mysql_password, id_mysql_password => $id_mysql_password,
id_db_name => $id_db_name, id_db_name => $id_db_name,
ss_mysql_host => $ss_mysql_host,
ss_mysql_user => $ss_mysql_user,
ss_mysql_password => $ss_mysql_password,
ss_db_name => $ss_db_name, ss_db_name => $ss_db_name,
redis_port => $redis_port, redis_port => $redis_port,
redis_host => $redis_bind, redis_host => $redis_bind,
redis_password => $redis_password,
id_recaptcha_public_key => $id_recaptcha_public_key,
id_recaptcha_private_key => $id_recaptcha_private_key,
id_recaptcha_template => $id_recaptcha_template,
id_log_error_to_email => $id_log_error_to_email,
id_log_error_from_email => $id_log_error_from_email,
id_environment => $id_environment,
} }
# redis (custom module written by tipit) # redis (custom module written by tipit)
@ -52,6 +72,7 @@ class openstack_project::openstackid_dev (
redis_port => $redis_port, redis_port => $redis_port,
redis_max_memory => $redis_max_memory, redis_max_memory => $redis_max_memory,
redis_bind => $redis_bind, redis_bind => $redis_bind,
redis_password => $redis_password,
} }
} }

39
modules/openstackid/files/deploy.sh Normal file
View File

@ -0,0 +1,39 @@
#!/bin/bash -e
#
# Site deployment tool
#
# Commands:
# init @sitealias http://example.com/source.tar.gz
# status @sitealias
# update @sitelias http://example.com/source.tar.gz
# rollback @sitealias
#
#
TOP_DIR=$(cd $(dirname "$0") && pwd)
source $TOP_DIR/functions
if [ ! -r $TOP_DIR/deployrc ]; then
echo "ERROR: missing deployrc - did you grab more than just deploy.sh?"
exit 1
fi
source $TOP_DIR/deployrc
command="${1}"
case $command in
init)
site_init ${2}
;;
status)
site_status ${2}
;;
update)
site_update ${2}
;;
*)
print_help
exit 1
;;
esac

8
modules/openstackid/files/deployrc Normal file
View File

@ -0,0 +1,8 @@
CONF_DIR=$TOP_DIR
FILE_OWNER=root
FILE_GROUP=www-data
# allow local overrides of env variables
if [ -f $TOP_DIR/localrc ]; then
. $TOP_DIR/localrc
fi

150
modules/openstackid/files/functions Normal file
View File

@ -0,0 +1,150 @@
function print_help() {
echo "Usage: `basename $0` command [options]"
echo ""
echo "Commands:"
echo " status [site] return status information about site configurations"
echo " init <site> initialize site structure"
echo " update <site> update to new version"
echo ""
}
function site_init() {
if [ ! $1 ]; then
echo "ERROR: site parameter mandatory"
exit 1
fi
CONF_PATH="$CONF_DIR/conf.d/$1.conf"
if [ ! -f $CONF_PATH ]; then
echo "Site configuration not found: " $1
exit 1
fi
source $CONF_PATH
if [ -f "$SITE_ROOT/w/public/index.php" ]; then
echo "Cannot override an existing deployment: $SITE_ROOT/w"
exit 1
fi
# cleanup previous broken deployment
rm -rf $SITE_ROOT/slot0
# create directory structure
for dir in slot0 slot1; do
mkdir -p $SITE_ROOT/$dir
chown $FILE_OWNER:$FILE_GROUP $SITE_ROOT/$dir
done
target_dir="$SITE_ROOT/slot0"
# fetch and extract release tarball
umask 0027
if [[ $SOURCE_TARBALL == http* ]]; then
echo "Download from http!"
curl $SOURCE_TARBALL | tar -xzv -C $target_dir --strip-components 1 --no-same-permissions
else
echo "extract from local file system"
if [ ! -f $SOURCE_TARBALL ]; then
echo "Source tarball not found: $SOURCE_TARBALL"
exit 1
fi
tar -xzvf $SOURCE_TARBALL -C $target_dir --strip-components 1 --no-same-permissions
fi
chown -R $FILE_OWNER:$FILE_GROUP $target_dir
umask 0022
# link configuration files managed by puppet
ln -s /etc/openstackid/environment.php $target_dir/bootstrap/environment.php
ln -s /etc/openstackid/recaptcha.php $target_dir/app/config/packages/greggilbert/recaptcha/$LARAVEL_ENV/config.php
ln -s /etc/openstackid/database.php $target_dir/app/config/$LARAVEL_ENV/database.php
ln -s /etc/openstackid/log.php $target_dir/app/config/$LARAVEL_ENV/log.php
# convert app/storage into symlink and set permissions
mv $target_dir/app/storage $SITE_ROOT/
chmod 02770 $SITE_ROOT/storage
find $SITE_ROOT/storage/ -type d -exec chmod 0775 {} \;
find $SITE_ROOT/storage/ -type f -exec chmod 0664 {} \;
rm -rf $target_dir/app/storage
ln -s $SITE_ROOT/storage $target_dir/app
# populate application database
cd $target_dir
php artisan migrate --env=$LARAVEL_ENV
php artisan db:seed --env=$LARAVEL_ENV
# activate site
rm -rf $SITE_ROOT/w
ln -s $SITE_ROOT/slot0 $SITE_ROOT/w
}
function site_status() {
if [ ! $1 ]; then
echo "ERROR: site parameter mandatory"
exit 1
fi
CONF_PATH="$CONF_DIR/conf.d/$1.conf"
if [ ! -f $CONF_PATH ]; then
echo "Site configuration not found: $1"
exit 0
fi
source $CONF_PATH
if [ ! -f "$SITE_ROOT/w/public/index.php" ]; then
if [ -d "$SITE_ROOT/slot0" ]; then
echo "PENDING"
else
echo "N/A"
exit 1
fi
else
echo "INSTALLED"
fi
}
function site_update() {
if [ ! $1 ]; then
echo "ERROR: missing site parameter"
exit 1
fi
CONF_PATH="$CONF_DIR/conf.d/$1.conf"
if [ ! -f $CONF_PATH ]; then
echo "Site configuration not found: $1"
exit 0
fi
source $CONF_PATH
SITE_LINK=`readlink -f $SITE_ROOT/w`
ACTIVE_SLOT=`basename $SITE_LINK`
case $ACTIVE_SLOT in
slot0)
TARGET_SLOT='slot1'
;;
slot1)
TARGET_SLOT='slot0'
;;
*)
echo "Invalid active slot"
exit 1
esac
echo "Target slot: $TARGET_SLOT"
target_dir="$SITE_ROOT/$TARGET_SLOT"
rm -rf $target_dir
mkdir $target_dir
# fetch and extract release tarball
umask 0027
if [[ $SOURCE_TARBALL == http* ]]; then
echo "Download from http!"
curl $SOURCE_TARBALL | tar -xzv -C $target_dir --strip-components 1 --no-same-permissions
else
echo "extract from local file system"
if [ ! -f $SOURCE_TARBALL ]; then
echo "Source tarball not found: $SOURCE_TARBALL"
exit 1
fi
tar -xzvf $SOURCE_TARBALL -C $target_dir --strip-components 1 --no-same-permissions
fi
chown -R $FILE_OWNER:$FILE_GROUP $target_dir
umask 0022
# link configuration files managed by puppet
ln -s /etc/openstackid/environment.php $target_dir/bootstrap/environment.php
ln -s /etc/openstackid/recaptcha.php $target_dir/app/config/packages/greggilbert/recaptcha/$LARAVEL_ENV/config.php
ln -s /etc/openstackid/database.php $target_dir/app/config/$LARAVEL_ENV/database.php
ln -s /etc/openstackid/log.php $target_dir/app/config/$LARAVEL_ENV/log.php
# link shared app/storage directory
rm -rf $target_dir/app/storage
ln -s $SITE_ROOT/storage $target_dir/app
# populate application database
cd $target_dir
php artisan migrate --env=$LARAVEL_ENV
# activate site
rm -rf $SITE_ROOT/w
ln -s $target_dir $SITE_ROOT/w
}

53
modules/openstackid/manifests/deploy.pp Normal file
View File

@ -0,0 +1,53 @@
# Copyright 2013 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Define: deploy
#
# deployment tool for laravel framework/php site management
#
define openstackid::deploy (
) {
$deploy_dirs = [ '/opt/deploy', '/opt/deploy/conf.d' ]
file { $deploy_dirs:
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
file { '/opt/deploy/deploy.sh':
source => 'puppet:///modules/openstackid/deploy.sh',
owner => 'root',
group => 'root',
mode => '0755',
require => File[$deploy_dirs],
}
file { '/opt/deploy/functions':
source => 'puppet:///modules/openstackid/functions',
owner => 'root',
group => 'root',
mode => '0644',
require => File[$deploy_dirs],
}
file { '/opt/deploy/deployrc':
source => 'puppet:///modules/openstackid/deployrc',
owner => 'root',
group => 'root',
mode => '0644',
require => File[$deploy_dirs],
}
}

136
modules/openstackid/manifests/init.pp
View File

@ -19,13 +19,17 @@
class openstackid ( class openstackid (
$git_source_repo = 'https://git.openstack.org/openstack-infra/openstackid', $git_source_repo = 'https://git.openstack.org/openstack-infra/openstackid',
$site_admin_password = '', $site_admin_password = '',
$mysql_host = '', $id_mysql_host = '',
$mysql_user = '', $id_mysql_user = '',
$mysql_password = '', $id_mysql_password = '',
$id_db_name = '', $id_db_name = '',
$ss_mysql_host = '',
$ss_mysql_user = '',
$ss_mysql_password = '',
$ss_db_name = '', $ss_db_name = '',
$redis_port = '', $redis_port = '',
$redis_host = '', $redis_host = '',
$redis_password = '',
$vhost_name = $::fqdn, $vhost_name = $::fqdn,
$robots_txt_source = '', $robots_txt_source = '',
$serveradmin = "webmaster@${::fqdn}", $serveradmin = "webmaster@${::fqdn}",
@ -37,29 +41,26 @@ class openstackid (
$ssl_key_file_contents = '', # If left empty puppet will not create file. $ssl_key_file_contents = '', # If left empty puppet will not create file.
$ssl_chain_file_contents = '', # If left empty puppet will not create file. $ssl_chain_file_contents = '', # If left empty puppet will not create file.
$httpd_acceptorthreads = '', $httpd_acceptorthreads = '',
$id_log_error_to_email = '',
$id_log_error_from_email = '',
$id_environment = 'dev',
$id_hostname = $::fqdn,
$id_recaptcha_public_key = '',
$id_recaptcha_private_key = '',
$id_recaptcha_template = '',
) { ) {
vcsrepo { '/opt/openstackid':
ensure => latest,
provider => git,
revision => 'master',
source => $git_source_repo,
}
# we need PHP 5.4 or greather
include apt
apt::ppa { 'ppa:ondrej/php5-oldstable': }
# php packages needed for openid server # php packages needed for openid server
package { $php5_packages = [
[
'php5-common', 'php5-common',
'php5-curl', 'php5-curl',
'php5-cli', 'php5-cli',
'php5-json', 'php5-json',
'php5-mcrypt', 'php5-mcrypt',
'php5-mysql', 'php5-mysql',
]: ]
package { $php5_packages:
require => Exec[apt_update], require => Exec[apt_update],
} }
@ -87,60 +88,54 @@ class openstackid (
ensure => present, ensure => present,
content => template('openstackid/database.php.erb'), content => template('openstackid/database.php.erb'),
owner => 'root', owner => 'root',
group => 'openstackid', group => 'www-data',
mode => '0640', mode => '0640',
require => [ require => [
File['/etc/openstackid'], File['/etc/openstackid'],
Group['openstackid'],
] ]
} }
file { '/srv/openstackid': file { '/etc/openstackid/log.php':
ensure => directory, ensure => present,
content => template('openstackid/log.php.erb'),
owner => 'root', owner => 'root',
group => 'root', group => 'www-data',
mode => '0755', mode => '0640',
}
file { '/srv/openstackid/app':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
require => File['/srv/openstackid'],
}
file { '/srv/openstackid/app/config':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
require => File['/srv/openstackid/app'],
}
file { '/srv/openstackid/app/config/dev':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
require => File['/srv/openstackid/app/config'],
}
file { '/srv/openstackid/app/config/dev/database.php':
ensure => link,
target => '/etc/openstackid/database.php',
require => [ require => [
File['/srv/openstackid/app/config/dev'], File['/etc/openstackid'],
File['/etc/openstackid/database.php'], ]
],
} }
file { '/srv/openstackid/public': file { '/etc/openstackid/environment.php':
ensure => present,
content => template('openstackid/environment.php.erb'),
owner => 'root',
group => 'www-data',
mode => '0640',
require => [
File['/etc/openstackid'],
]
}
file { '/etc/openstackid/recaptcha.php':
ensure => present,
content => template('openstackid/recaptcha.php.erb'),
owner => 'root',
group => 'www-data',
mode => '0640',
require => [
File['/etc/openstackid'],
]
}
$docroot_dirs = [ '/srv/openstackid', '/srv/openstackid/w',
'/srv/openstackid/w/public']
file { $docroot_dirs:
ensure => directory, ensure => directory,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => '0755', mode => '0755',
require => File['/srv/openstackid'],
} }
include apache include apache
@ -148,11 +143,11 @@ class openstackid (
include apache::php include apache::php
apache::vhost { $vhost_name: apache::vhost { $vhost_name:
port => 443, port => 443,
docroot => '/srv/openstackid/public', docroot => '/srv/openstackid/w/public',
priority => '50', priority => '50',
template => 'openstackid/vhost.erb', template => 'openstackid/vhost.erb',
ssl => true, ssl => true,
require => File['/srv/openstackid/public'], require => File[$docroot_dirs],
} }
a2mod { 'rewrite': a2mod { 'rewrite':
ensure => present, ensure => present,
@ -194,14 +189,29 @@ class openstackid (
} }
} }
if $robots_txt_source != '' { deploy { 'deploytool':
file { '/srv/openstackid/public/robots.txt': }
file { '/opt/deploy/conf.d/openstackid.conf':
content => template('openstackid/openstackid.conf.erb'),
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => '0644', mode => '0644',
source => $robots_txt_source, require => Deploy['deploytool'],
require => File['/srv/openstackid/public'],
} }
exec { 'deploy-site':
path => '/usr/bin:/bin:/usr/local/bin',
command => '/opt/deploy/deploy.sh init openstackid',
onlyif => '/opt/deploy/deploy.sh status openstackid | grep N/A',
logoutput => on_failure,
require => [
File['/opt/deploy/conf.d/openstackid.conf'],
Apache::Vhost[$vhost_name],
File['/etc/openstackid/recaptcha.php'],
File['/etc/openstackid/database.php'],
File['/etc/openstackid/log.php'],
Package[$php5_packages] ],
} }
} }

41
modules/openstackid/templates/database.php.erb
View File

@ -1,7 +1,5 @@
<?php <?php
return array( return array(
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| PDO Fetch Style | PDO Fetch Style
@ -12,9 +10,7 @@ return array(
| array format for simplicity. Here you can tweak the fetch style. | array format for simplicity. Here you can tweak the fetch style.
| |
*/ */
'fetch' => PDO::FETCH_CLASS, 'fetch' => PDO::FETCH_CLASS,
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Default Database Connection Name | Default Database Connection Name
@ -25,9 +21,7 @@ return array(
| you may use many connections at once using the Database library. | you may use many connections at once using the Database library.
| |
*/ */
'default' => 'openstackid',
'default' => 'mysql',
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Database Connections | Database Connections
@ -43,32 +37,30 @@ return array(
| choice installed on your machine before you begin development. | choice installed on your machine before you begin development.
| |
*/ */
'connections' => array( 'connections' => array(
/* OpenID IDP database */ //primary DB
'mysql' => array( 'openstackid' => array(
'driver' => 'mysql', 'driver' => 'mysql',
'host' => '<%= mysql_host %>', 'host' => '<%= id_mysql_host %>',
'database' => '<%= id_db_name %>', 'database' => '<%= id_db_name %>',
'username' => '<%= mysql_user %>', 'username' => '<%= id_mysql_user %>',
'password' => '<%= mysql_password %>', 'password' => '<%= id_mysql_password %>',
'charset' => 'utf8', 'charset' => 'utf8',
'collation' => 'utf8_unicode_ci', 'collation' => 'utf8_unicode_ci',
'prefix' => '', 'prefix' => '',
), ),
/* Silverstripe database */ //secondary DB (OS Membership)
'mysql_external' => array( 'os_members' => array(
'driver' => 'mysql', 'driver' => 'mysql',
'host' => '<%= mysql_host %>', 'host' => '<%= ss_mysql_host %>',
'database' => '<%= ss_db_name %>', 'database' => '<%= ss_db_name %>',
'username' => '<%= mysql_user %>', 'username' => '<%= ss_mysql_user %>',
'password' => '<%= mysql_password %>', 'password' => '<%= ss_mysql_password %>',
'charset' => 'utf8', 'charset' => 'utf8',
'collation' => 'utf8_unicode_ci', 'collation' => 'utf8_unicode_ci',
'prefix' => '', 'prefix' => '',
), ),
), ),
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Migration Repository Table | Migration Repository Table
@ -79,9 +71,7 @@ return array(
| the migrations on disk have not actually be run in the databases. | the migrations on disk have not actually be run in the databases.
| |
*/ */
'migrations' => 'migrations', 'migrations' => 'migrations',
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Redis Databases | Redis Databases
@ -92,16 +82,13 @@ return array(
| such as APC or Memcached. Laravel makes it easy to dig right in. | such as APC or Memcached. Laravel makes it easy to dig right in.
| |
*/ */
'redis' => array( 'redis' => array(
'cluster' => false,
'cluster' => true,
'default' => array( 'default' => array(
'host' => '<%= redis_host %>', 'host' => '<%= redis_host %>',
'port' => <%= redis_port %>, 'port' => <%= redis_port %>,
'database' => 0,
'password' => '<%= redis_password %>'
), ),
), ),
); );

6
modules/openstackid/templates/environment.php.erb Normal file
View File

@ -0,0 +1,6 @@
<?php
$env = $app->detectEnvironment(array(
'<%= id_environment %>' => array('<%= id_hostname %>')
));

10
modules/openstackid/templates/log.php.erb Normal file
View File

@ -0,0 +1,10 @@
<?php
return array(
/**
* EMAIL ERROR LOG CONFIGURATION
*/
//The receiver of the mail
'to_email' => '<%= id_log_error_to_email %>',
//The sender of the mail
'from_email' => '<%= id_log_error_from_email %>'
);

3
modules/openstackid/templates/openstackid.conf.erb Normal file
View File

@ -0,0 +1,3 @@
SITE_ROOT=/srv/openstackid
SOURCE_TARBALL=http://tarballs.openstack.org/openstackid/openstackid-latest.tar.gz
LARAVEL_ENV=dev

22
modules/openstackid/templates/recaptcha.php.erb Normal file
View File

@ -0,0 +1,22 @@
<?php
return array(
/*
|--------------------------------------------------------------------------
| API Keys
|--------------------------------------------------------------------------
|
| Set the public and private API keys as provided by reCAPTCHA.
|
*/
'public_key' => '<%= id_recaptcha_public_key %>',
'private_key' => '<%= id_recaptcha_private_key %>',
/*
|--------------------------------------------------------------------------
| Template
|--------------------------------------------------------------------------
|
| Set a template to use if you don't want to use the standard one.
|
*/
'template' => '<%= id_recaptcha_template %>'
);

23
modules/redis/manifests/init.pp
View File

@ -18,14 +18,14 @@
class redis( class redis(
$redis_port = '6379', $redis_port = '6379',
$redis_max_memory = '1gb',
$redis_bind = '127.0.0.1', $redis_bind = '127.0.0.1',
$redis_bin_dir = '/usr/bin', $redis_password = '',
$redis_max_memory = '1gb',
$version = '2.2.12', $version = '2.2.12',
) { ) {
package {'redis-server': package {'redis-server':
ensure => installed, ensure => present,
} }
case $version { case $version {
@ -43,31 +43,20 @@ class redis(
} }
} }
file { '/etc/init.d/redis-server':
ensure => present,
owner => 'root',
group => 'root',
mode => '0755',
require => Package['redis-server'],
content => template('redis/init_script.erb'),
}
file { '/etc/redis/redis.conf': file { '/etc/redis/redis.conf':
ensure => present, ensure => present,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => '0644', mode => '0644',
replace => true,
content => template("redis/${redis_conf_file}"), content => template("redis/${redis_conf_file}"),
require => Package['redis-server'], require => Package['redis-server'],
notify => Service['redis-server'],
} }
service { 'redis-server': service { 'redis-server':
ensure => running, ensure => running,
enable => true, require => Package['redis-server'],
hasstatus => true, subscribe => File['/etc/redis/redis.conf'],
hasrestart => true,
require => [ File['/etc/redis/redis.conf'], File['/etc/init.d/redis-server'], Package['redis-server'] ],
} }
} }

42
modules/redis/templates/init_script.erb
View File

@ -1,42 +0,0 @@
#!/bin/sh
#
# Simple Redis init.d script conceived to work on Linux systems
# as it does use of the /proc filesystem.
REDISPORT="<%= redis_port %>"
EXEC=<%= redis_bin_dir %>/redis-server
CLIEXEC=<%= redis_bin_dir %>/redis-cli
PIDFILE=/var/run/redis.pid
CONF="/etc/redis/redis.conf"
case "$1" in
start)
if [ -f $PIDFILE ]
then
echo "$PIDFILE exists, process is already running or crashed"
else
echo "Starting Redis server..."
$EXEC $CONF
fi
;;
stop)
if [ ! -f $PIDFILE ]
then
echo "$PIDFILE does not exist, process is not running"
else
PID=$(cat $PIDFILE)
echo "Stopping ..."
$CLIEXEC -p $REDISPORT shutdown
while [ -x /proc/${PID} ]
do
echo "Waiting for Redis to shutdown ..."
sleep 1
done
echo "Redis stopped"
fi
;;
*)
echo "Please use start or stop as first argument"
;;
esac

8
modules/redis/templates/redis.2.2.conf.erb
View File

@ -14,7 +14,7 @@
# By default Redis does not run as a daemon. Use 'yes' if you need it. # By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. # Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
daemonize no daemonize yes
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by # When running daemonized, Redis writes a pid file in /var/run/redis.pid by
# default. You can specify a custom pid file location here. # default. You can specify a custom pid file location here.
@ -49,7 +49,7 @@ loglevel verbose
# Specify the log file name. Also 'stdout' can be used to force # Specify the log file name. Also 'stdout' can be used to force
# Redis to log on the standard output. Note that if you use standard # Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null # output for logging but daemonize, logs will be sent to /dev/null
logfile stdout logfile /var/log/redis/redis-server.log
# To enable logging to the system logger, just set 'syslog-enabled' to yes, # To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs. # and optionally update the other syslog parameters to suit your needs.
@ -147,7 +147,9 @@ slave-serve-stale-data yes
# 150k passwords per second against a good box. This means that you should # 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break. # use a very strong password otherwise it will be very easy to break.
# #
# requirepass foobared <% if redis_password != "" %>
requirepass <%= redis_password %>
<% end %>
# Command renaming. # Command renaming.
# #

8
modules/redis/templates/redis.2.4.conf.erb
View File

@ -14,7 +14,7 @@
# By default Redis does not run as a daemon. Use 'yes' if you need it. # By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. # Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
daemonize no daemonize yes
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by # When running daemonized, Redis writes a pid file in /var/run/redis.pid by
# default. You can specify a custom pid file location here. # default. You can specify a custom pid file location here.
@ -50,7 +50,7 @@ loglevel verbose
# Specify the log file name. Also 'stdout' can be used to force # Specify the log file name. Also 'stdout' can be used to force
# Redis to log on the standard output. Note that if you use standard # Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null # output for logging but daemonize, logs will be sent to /dev/null
logfile stdout logfile /var/log/redis/redis-server.log
# To enable logging to the system logger, just set 'syslog-enabled' to yes, # To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs. # and optionally update the other syslog parameters to suit your needs.
@ -178,7 +178,9 @@ slave-priority 100
# 150k passwords per second against a good box. This means that you should # 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break. # use a very strong password otherwise it will be very easy to break.
# #
# requirepass foobared <% if redis_password != "" %>
requirepass <%= redis_password %>
<% end %>
# Command renaming. # Command renaming.
# #

8
modules/redis/templates/redis.2.6.conf.erb
View File

@ -14,7 +14,7 @@
# By default Redis does not run as a daemon. Use 'yes' if you need it. # By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. # Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
daemonize no daemonize yes
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by # When running daemonized, Redis writes a pid file in /var/run/redis.pid by
# default. You can specify a custom pid file location here. # default. You can specify a custom pid file location here.
@ -61,7 +61,7 @@ tcp-keepalive 0
# verbose (many rarely useful info, but not a mess like the debug level) # verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably) # notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged) # warning (only very important / critical messages are logged)
loglevel notice logfile /var/log/redis/redis-server.log
# Specify the log file name. Also 'stdout' can be used to force # Specify the log file name. Also 'stdout' can be used to force
# Redis to log on the standard output. Note that if you use standard # Redis to log on the standard output. Note that if you use standard
@ -255,7 +255,9 @@ slave-priority 100
# 150k passwords per second against a good box. This means that you should # 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break. # use a very strong password otherwise it will be very easy to break.
# #
# requirepass foobared <% if redis_password != "" %>
requirepass <%= redis_password %>
<% end %>
# Command renaming. # Command renaming.
# #