Clean up puppet (deploy LAMP / setup app config)
Implements: blueprint openid-oauth2-infra-implementation-puppet-script Prepares a raw server with all software stack needed to run openstackid project: * installs PHP * installs Apache * installs Redis Server * creates a initial environment configuration for laravel application (using *.erb templates) Change-Id: If6216da0d70a45609076e8111a67055dbc87c9e4
This commit is contained in:
parent
522f4a2ded
commit
b7ce8e9533
@ -739,8 +739,11 @@ node 'openstackid-dev.openstack.org' {
|
|||||||
class { 'openstack_project::openstackid_dev':
|
class { 'openstack_project::openstackid_dev':
|
||||||
sysadmins => hiera('sysadmins'),
|
sysadmins => hiera('sysadmins'),
|
||||||
site_admin_password => hiera('openstackid_dev_site_admin_password'),
|
site_admin_password => hiera('openstackid_dev_site_admin_password'),
|
||||||
mysql_host => hiera('openstackid_dev_mysql_host'),
|
id_mysql_host => hiera('openstackid_dev_id_mysql_host'),
|
||||||
mysql_password => hiera('openstackid_dev_mysql_password'),
|
id_mysql_password => hiera('openstackid_dev_id_mysql_password'),
|
||||||
|
ss_mysql_host => hiera('openstackid_dev_ss_mysql_host'),
|
||||||
|
ss_mysql_password => hiera('openstackid_dev_ss_mysql_password'),
|
||||||
|
redis_password => hiera('openstackid_dev_redis_password'),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -17,14 +17,24 @@
|
|||||||
class openstack_project::openstackid_dev (
|
class openstack_project::openstackid_dev (
|
||||||
$sysadmins = [],
|
$sysadmins = [],
|
||||||
$site_admin_password = '',
|
$site_admin_password = '',
|
||||||
$mysql_host = '',
|
$id_mysql_host = '',
|
||||||
$mysql_user = 'openstackid',
|
$id_mysql_user = 'openstackid',
|
||||||
$mysql_password = '',
|
$id_mysql_password = '',
|
||||||
$id_db_name = 'openstackid_openid_dev',
|
$id_db_name = 'openstackid_openid_dev',
|
||||||
|
$ss_mysql_host = '',
|
||||||
|
$ss_mysql_user = 'openstackid',
|
||||||
|
$ss_mysql_password = '',
|
||||||
$ss_db_name = 'openstackid_silverstripe_dev',
|
$ss_db_name = 'openstackid_silverstripe_dev',
|
||||||
$redis_port = '6378',
|
$redis_port = '6378',
|
||||||
$redis_max_memory = '1gb',
|
$redis_max_memory = '1gb',
|
||||||
$redis_bind = '127.0.0.1'
|
$redis_bind = '127.0.0.1',
|
||||||
|
$redis_password = '',
|
||||||
|
$id_recaptcha_public_key = '',
|
||||||
|
$id_recaptcha_private_key = '',
|
||||||
|
$id_recaptcha_template = '',
|
||||||
|
$id_log_error_to_email = '',
|
||||||
|
$id_log_error_from_email = '',
|
||||||
|
$id_environment = 'dev',
|
||||||
) {
|
) {
|
||||||
|
|
||||||
realize (
|
realize (
|
||||||
@ -37,14 +47,24 @@ class openstack_project::openstackid_dev (
|
|||||||
}
|
}
|
||||||
|
|
||||||
class { 'openstackid':
|
class { 'openstackid':
|
||||||
site_admin_password => $site_admin_password,
|
site_admin_password => $site_admin_password,
|
||||||
mysql_host => $mysql_host,
|
id_mysql_host => $id_mysql_host,
|
||||||
mysql_user => $mysql_user,
|
id_mysql_user => $id_mysql_user,
|
||||||
mysql_password => $mysql_password,
|
id_mysql_password => $id_mysql_password,
|
||||||
id_db_name => $id_db_name,
|
id_db_name => $id_db_name,
|
||||||
ss_db_name => $ss_db_name,
|
ss_mysql_host => $ss_mysql_host,
|
||||||
redis_port => $redis_port,
|
ss_mysql_user => $ss_mysql_user,
|
||||||
redis_host => $redis_bind,
|
ss_mysql_password => $ss_mysql_password,
|
||||||
|
ss_db_name => $ss_db_name,
|
||||||
|
redis_port => $redis_port,
|
||||||
|
redis_host => $redis_bind,
|
||||||
|
redis_password => $redis_password,
|
||||||
|
id_recaptcha_public_key => $id_recaptcha_public_key,
|
||||||
|
id_recaptcha_private_key => $id_recaptcha_private_key,
|
||||||
|
id_recaptcha_template => $id_recaptcha_template,
|
||||||
|
id_log_error_to_email => $id_log_error_to_email,
|
||||||
|
id_log_error_from_email => $id_log_error_from_email,
|
||||||
|
id_environment => $id_environment,
|
||||||
}
|
}
|
||||||
|
|
||||||
# redis (custom module written by tipit)
|
# redis (custom module written by tipit)
|
||||||
@ -52,6 +72,7 @@ class openstack_project::openstackid_dev (
|
|||||||
redis_port => $redis_port,
|
redis_port => $redis_port,
|
||||||
redis_max_memory => $redis_max_memory,
|
redis_max_memory => $redis_max_memory,
|
||||||
redis_bind => $redis_bind,
|
redis_bind => $redis_bind,
|
||||||
|
redis_password => $redis_password,
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
39
modules/openstackid/files/deploy.sh
Normal file
39
modules/openstackid/files/deploy.sh
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
#!/bin/bash -e
|
||||||
|
#
|
||||||
|
# Site deployment tool
|
||||||
|
#
|
||||||
|
# Commands:
|
||||||
|
# init @sitealias http://example.com/source.tar.gz
|
||||||
|
# status @sitealias
|
||||||
|
# update @sitelias http://example.com/source.tar.gz
|
||||||
|
# rollback @sitealias
|
||||||
|
#
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
TOP_DIR=$(cd $(dirname "$0") && pwd)
|
||||||
|
source $TOP_DIR/functions
|
||||||
|
|
||||||
|
if [ ! -r $TOP_DIR/deployrc ]; then
|
||||||
|
echo "ERROR: missing deployrc - did you grab more than just deploy.sh?"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
source $TOP_DIR/deployrc
|
||||||
|
|
||||||
|
command="${1}"
|
||||||
|
case $command in
|
||||||
|
init)
|
||||||
|
site_init ${2}
|
||||||
|
;;
|
||||||
|
status)
|
||||||
|
site_status ${2}
|
||||||
|
;;
|
||||||
|
update)
|
||||||
|
site_update ${2}
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
print_help
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
8
modules/openstackid/files/deployrc
Normal file
8
modules/openstackid/files/deployrc
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
CONF_DIR=$TOP_DIR
|
||||||
|
FILE_OWNER=root
|
||||||
|
FILE_GROUP=www-data
|
||||||
|
|
||||||
|
# allow local overrides of env variables
|
||||||
|
if [ -f $TOP_DIR/localrc ]; then
|
||||||
|
. $TOP_DIR/localrc
|
||||||
|
fi
|
150
modules/openstackid/files/functions
Normal file
150
modules/openstackid/files/functions
Normal file
@ -0,0 +1,150 @@
|
|||||||
|
function print_help() {
|
||||||
|
echo "Usage: `basename $0` command [options]"
|
||||||
|
echo ""
|
||||||
|
echo "Commands:"
|
||||||
|
echo " status [site] return status information about site configurations"
|
||||||
|
echo " init <site> initialize site structure"
|
||||||
|
echo " update <site> update to new version"
|
||||||
|
echo ""
|
||||||
|
}
|
||||||
|
|
||||||
|
function site_init() {
|
||||||
|
if [ ! $1 ]; then
|
||||||
|
echo "ERROR: site parameter mandatory"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
CONF_PATH="$CONF_DIR/conf.d/$1.conf"
|
||||||
|
if [ ! -f $CONF_PATH ]; then
|
||||||
|
echo "Site configuration not found: " $1
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
source $CONF_PATH
|
||||||
|
if [ -f "$SITE_ROOT/w/public/index.php" ]; then
|
||||||
|
echo "Cannot override an existing deployment: $SITE_ROOT/w"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
# cleanup previous broken deployment
|
||||||
|
rm -rf $SITE_ROOT/slot0
|
||||||
|
# create directory structure
|
||||||
|
for dir in slot0 slot1; do
|
||||||
|
mkdir -p $SITE_ROOT/$dir
|
||||||
|
chown $FILE_OWNER:$FILE_GROUP $SITE_ROOT/$dir
|
||||||
|
done
|
||||||
|
target_dir="$SITE_ROOT/slot0"
|
||||||
|
# fetch and extract release tarball
|
||||||
|
umask 0027
|
||||||
|
if [[ $SOURCE_TARBALL == http* ]]; then
|
||||||
|
echo "Download from http!"
|
||||||
|
curl $SOURCE_TARBALL | tar -xzv -C $target_dir --strip-components 1 --no-same-permissions
|
||||||
|
else
|
||||||
|
echo "extract from local file system"
|
||||||
|
if [ ! -f $SOURCE_TARBALL ]; then
|
||||||
|
echo "Source tarball not found: $SOURCE_TARBALL"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
tar -xzvf $SOURCE_TARBALL -C $target_dir --strip-components 1 --no-same-permissions
|
||||||
|
fi
|
||||||
|
chown -R $FILE_OWNER:$FILE_GROUP $target_dir
|
||||||
|
umask 0022
|
||||||
|
# link configuration files managed by puppet
|
||||||
|
ln -s /etc/openstackid/environment.php $target_dir/bootstrap/environment.php
|
||||||
|
ln -s /etc/openstackid/recaptcha.php $target_dir/app/config/packages/greggilbert/recaptcha/$LARAVEL_ENV/config.php
|
||||||
|
ln -s /etc/openstackid/database.php $target_dir/app/config/$LARAVEL_ENV/database.php
|
||||||
|
ln -s /etc/openstackid/log.php $target_dir/app/config/$LARAVEL_ENV/log.php
|
||||||
|
# convert app/storage into symlink and set permissions
|
||||||
|
mv $target_dir/app/storage $SITE_ROOT/
|
||||||
|
chmod 02770 $SITE_ROOT/storage
|
||||||
|
find $SITE_ROOT/storage/ -type d -exec chmod 0775 {} \;
|
||||||
|
find $SITE_ROOT/storage/ -type f -exec chmod 0664 {} \;
|
||||||
|
rm -rf $target_dir/app/storage
|
||||||
|
ln -s $SITE_ROOT/storage $target_dir/app
|
||||||
|
# populate application database
|
||||||
|
cd $target_dir
|
||||||
|
php artisan migrate --env=$LARAVEL_ENV
|
||||||
|
php artisan db:seed --env=$LARAVEL_ENV
|
||||||
|
# activate site
|
||||||
|
rm -rf $SITE_ROOT/w
|
||||||
|
ln -s $SITE_ROOT/slot0 $SITE_ROOT/w
|
||||||
|
}
|
||||||
|
|
||||||
|
function site_status() {
|
||||||
|
if [ ! $1 ]; then
|
||||||
|
echo "ERROR: site parameter mandatory"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
CONF_PATH="$CONF_DIR/conf.d/$1.conf"
|
||||||
|
if [ ! -f $CONF_PATH ]; then
|
||||||
|
echo "Site configuration not found: $1"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
source $CONF_PATH
|
||||||
|
if [ ! -f "$SITE_ROOT/w/public/index.php" ]; then
|
||||||
|
if [ -d "$SITE_ROOT/slot0" ]; then
|
||||||
|
echo "PENDING"
|
||||||
|
else
|
||||||
|
echo "N/A"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "INSTALLED"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function site_update() {
|
||||||
|
if [ ! $1 ]; then
|
||||||
|
echo "ERROR: missing site parameter"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
CONF_PATH="$CONF_DIR/conf.d/$1.conf"
|
||||||
|
if [ ! -f $CONF_PATH ]; then
|
||||||
|
echo "Site configuration not found: $1"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
source $CONF_PATH
|
||||||
|
SITE_LINK=`readlink -f $SITE_ROOT/w`
|
||||||
|
ACTIVE_SLOT=`basename $SITE_LINK`
|
||||||
|
case $ACTIVE_SLOT in
|
||||||
|
slot0)
|
||||||
|
TARGET_SLOT='slot1'
|
||||||
|
;;
|
||||||
|
slot1)
|
||||||
|
TARGET_SLOT='slot0'
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Invalid active slot"
|
||||||
|
exit 1
|
||||||
|
esac
|
||||||
|
echo "Target slot: $TARGET_SLOT"
|
||||||
|
target_dir="$SITE_ROOT/$TARGET_SLOT"
|
||||||
|
rm -rf $target_dir
|
||||||
|
mkdir $target_dir
|
||||||
|
# fetch and extract release tarball
|
||||||
|
umask 0027
|
||||||
|
if [[ $SOURCE_TARBALL == http* ]]; then
|
||||||
|
echo "Download from http!"
|
||||||
|
curl $SOURCE_TARBALL | tar -xzv -C $target_dir --strip-components 1 --no-same-permissions
|
||||||
|
else
|
||||||
|
echo "extract from local file system"
|
||||||
|
if [ ! -f $SOURCE_TARBALL ]; then
|
||||||
|
echo "Source tarball not found: $SOURCE_TARBALL"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
tar -xzvf $SOURCE_TARBALL -C $target_dir --strip-components 1 --no-same-permissions
|
||||||
|
fi
|
||||||
|
chown -R $FILE_OWNER:$FILE_GROUP $target_dir
|
||||||
|
umask 0022
|
||||||
|
# link configuration files managed by puppet
|
||||||
|
ln -s /etc/openstackid/environment.php $target_dir/bootstrap/environment.php
|
||||||
|
ln -s /etc/openstackid/recaptcha.php $target_dir/app/config/packages/greggilbert/recaptcha/$LARAVEL_ENV/config.php
|
||||||
|
ln -s /etc/openstackid/database.php $target_dir/app/config/$LARAVEL_ENV/database.php
|
||||||
|
ln -s /etc/openstackid/log.php $target_dir/app/config/$LARAVEL_ENV/log.php
|
||||||
|
# link shared app/storage directory
|
||||||
|
rm -rf $target_dir/app/storage
|
||||||
|
ln -s $SITE_ROOT/storage $target_dir/app
|
||||||
|
# populate application database
|
||||||
|
cd $target_dir
|
||||||
|
php artisan migrate --env=$LARAVEL_ENV
|
||||||
|
# activate site
|
||||||
|
rm -rf $SITE_ROOT/w
|
||||||
|
ln -s $target_dir $SITE_ROOT/w
|
||||||
|
}
|
53
modules/openstackid/manifests/deploy.pp
Normal file
53
modules/openstackid/manifests/deploy.pp
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
# Copyright 2013 OpenStack Foundation
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
#
|
||||||
|
# == Define: deploy
|
||||||
|
#
|
||||||
|
# deployment tool for laravel framework/php site management
|
||||||
|
#
|
||||||
|
define openstackid::deploy (
|
||||||
|
) {
|
||||||
|
$deploy_dirs = [ '/opt/deploy', '/opt/deploy/conf.d' ]
|
||||||
|
|
||||||
|
file { $deploy_dirs:
|
||||||
|
ensure => directory,
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0755',
|
||||||
|
}
|
||||||
|
|
||||||
|
file { '/opt/deploy/deploy.sh':
|
||||||
|
source => 'puppet:///modules/openstackid/deploy.sh',
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0755',
|
||||||
|
require => File[$deploy_dirs],
|
||||||
|
}
|
||||||
|
|
||||||
|
file { '/opt/deploy/functions':
|
||||||
|
source => 'puppet:///modules/openstackid/functions',
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0644',
|
||||||
|
require => File[$deploy_dirs],
|
||||||
|
}
|
||||||
|
|
||||||
|
file { '/opt/deploy/deployrc':
|
||||||
|
source => 'puppet:///modules/openstackid/deployrc',
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0644',
|
||||||
|
require => File[$deploy_dirs],
|
||||||
|
}
|
||||||
|
}
|
@ -19,13 +19,17 @@
|
|||||||
class openstackid (
|
class openstackid (
|
||||||
$git_source_repo = 'https://git.openstack.org/openstack-infra/openstackid',
|
$git_source_repo = 'https://git.openstack.org/openstack-infra/openstackid',
|
||||||
$site_admin_password = '',
|
$site_admin_password = '',
|
||||||
$mysql_host = '',
|
$id_mysql_host = '',
|
||||||
$mysql_user = '',
|
$id_mysql_user = '',
|
||||||
$mysql_password = '',
|
$id_mysql_password = '',
|
||||||
$id_db_name = '',
|
$id_db_name = '',
|
||||||
|
$ss_mysql_host = '',
|
||||||
|
$ss_mysql_user = '',
|
||||||
|
$ss_mysql_password = '',
|
||||||
$ss_db_name = '',
|
$ss_db_name = '',
|
||||||
$redis_port = '',
|
$redis_port = '',
|
||||||
$redis_host = '',
|
$redis_host = '',
|
||||||
|
$redis_password = '',
|
||||||
$vhost_name = $::fqdn,
|
$vhost_name = $::fqdn,
|
||||||
$robots_txt_source = '',
|
$robots_txt_source = '',
|
||||||
$serveradmin = "webmaster@${::fqdn}",
|
$serveradmin = "webmaster@${::fqdn}",
|
||||||
@ -37,29 +41,26 @@ class openstackid (
|
|||||||
$ssl_key_file_contents = '', # If left empty puppet will not create file.
|
$ssl_key_file_contents = '', # If left empty puppet will not create file.
|
||||||
$ssl_chain_file_contents = '', # If left empty puppet will not create file.
|
$ssl_chain_file_contents = '', # If left empty puppet will not create file.
|
||||||
$httpd_acceptorthreads = '',
|
$httpd_acceptorthreads = '',
|
||||||
|
$id_log_error_to_email = '',
|
||||||
|
$id_log_error_from_email = '',
|
||||||
|
$id_environment = 'dev',
|
||||||
|
$id_hostname = $::fqdn,
|
||||||
|
$id_recaptcha_public_key = '',
|
||||||
|
$id_recaptcha_private_key = '',
|
||||||
|
$id_recaptcha_template = '',
|
||||||
) {
|
) {
|
||||||
|
|
||||||
vcsrepo { '/opt/openstackid':
|
|
||||||
ensure => latest,
|
|
||||||
provider => git,
|
|
||||||
revision => 'master',
|
|
||||||
source => $git_source_repo,
|
|
||||||
}
|
|
||||||
|
|
||||||
# we need PHP 5.4 or greather
|
|
||||||
include apt
|
|
||||||
apt::ppa { 'ppa:ondrej/php5-oldstable': }
|
|
||||||
|
|
||||||
# php packages needed for openid server
|
# php packages needed for openid server
|
||||||
package {
|
$php5_packages = [
|
||||||
[
|
|
||||||
'php5-common',
|
'php5-common',
|
||||||
'php5-curl',
|
'php5-curl',
|
||||||
'php5-cli',
|
'php5-cli',
|
||||||
'php5-json',
|
'php5-json',
|
||||||
'php5-mcrypt',
|
'php5-mcrypt',
|
||||||
'php5-mysql',
|
'php5-mysql',
|
||||||
]:
|
]
|
||||||
|
|
||||||
|
package { $php5_packages:
|
||||||
require => Exec[apt_update],
|
require => Exec[apt_update],
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -87,60 +88,54 @@ class openstackid (
|
|||||||
ensure => present,
|
ensure => present,
|
||||||
content => template('openstackid/database.php.erb'),
|
content => template('openstackid/database.php.erb'),
|
||||||
owner => 'root',
|
owner => 'root',
|
||||||
group => 'openstackid',
|
group => 'www-data',
|
||||||
mode => '0640',
|
mode => '0640',
|
||||||
require => [
|
require => [
|
||||||
File['/etc/openstackid'],
|
File['/etc/openstackid'],
|
||||||
Group['openstackid'],
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
file { '/srv/openstackid':
|
file { '/etc/openstackid/log.php':
|
||||||
ensure => directory,
|
ensure => present,
|
||||||
owner => 'root',
|
content => template('openstackid/log.php.erb'),
|
||||||
group => 'root',
|
owner => 'root',
|
||||||
mode => '0755',
|
group => 'www-data',
|
||||||
|
mode => '0640',
|
||||||
|
require => [
|
||||||
|
File['/etc/openstackid'],
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
file { '/srv/openstackid/app':
|
file { '/etc/openstackid/environment.php':
|
||||||
|
ensure => present,
|
||||||
|
content => template('openstackid/environment.php.erb'),
|
||||||
|
owner => 'root',
|
||||||
|
group => 'www-data',
|
||||||
|
mode => '0640',
|
||||||
|
require => [
|
||||||
|
File['/etc/openstackid'],
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
file { '/etc/openstackid/recaptcha.php':
|
||||||
|
ensure => present,
|
||||||
|
content => template('openstackid/recaptcha.php.erb'),
|
||||||
|
owner => 'root',
|
||||||
|
group => 'www-data',
|
||||||
|
mode => '0640',
|
||||||
|
require => [
|
||||||
|
File['/etc/openstackid'],
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
$docroot_dirs = [ '/srv/openstackid', '/srv/openstackid/w',
|
||||||
|
'/srv/openstackid/w/public']
|
||||||
|
|
||||||
|
file { $docroot_dirs:
|
||||||
ensure => directory,
|
ensure => directory,
|
||||||
owner => 'root',
|
owner => 'root',
|
||||||
group => 'root',
|
group => 'root',
|
||||||
mode => '0755',
|
mode => '0755',
|
||||||
require => File['/srv/openstackid'],
|
|
||||||
}
|
|
||||||
|
|
||||||
file { '/srv/openstackid/app/config':
|
|
||||||
ensure => directory,
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
mode => '0755',
|
|
||||||
require => File['/srv/openstackid/app'],
|
|
||||||
}
|
|
||||||
|
|
||||||
file { '/srv/openstackid/app/config/dev':
|
|
||||||
ensure => directory,
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
mode => '0755',
|
|
||||||
require => File['/srv/openstackid/app/config'],
|
|
||||||
}
|
|
||||||
|
|
||||||
file { '/srv/openstackid/app/config/dev/database.php':
|
|
||||||
ensure => link,
|
|
||||||
target => '/etc/openstackid/database.php',
|
|
||||||
require => [
|
|
||||||
File['/srv/openstackid/app/config/dev'],
|
|
||||||
File['/etc/openstackid/database.php'],
|
|
||||||
],
|
|
||||||
}
|
|
||||||
|
|
||||||
file { '/srv/openstackid/public':
|
|
||||||
ensure => directory,
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
mode => '0755',
|
|
||||||
require => File['/srv/openstackid'],
|
|
||||||
}
|
}
|
||||||
|
|
||||||
include apache
|
include apache
|
||||||
@ -148,11 +143,11 @@ class openstackid (
|
|||||||
include apache::php
|
include apache::php
|
||||||
apache::vhost { $vhost_name:
|
apache::vhost { $vhost_name:
|
||||||
port => 443,
|
port => 443,
|
||||||
docroot => '/srv/openstackid/public',
|
docroot => '/srv/openstackid/w/public',
|
||||||
priority => '50',
|
priority => '50',
|
||||||
template => 'openstackid/vhost.erb',
|
template => 'openstackid/vhost.erb',
|
||||||
ssl => true,
|
ssl => true,
|
||||||
require => File['/srv/openstackid/public'],
|
require => File[$docroot_dirs],
|
||||||
}
|
}
|
||||||
a2mod { 'rewrite':
|
a2mod { 'rewrite':
|
||||||
ensure => present,
|
ensure => present,
|
||||||
@ -194,14 +189,29 @@ class openstackid (
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if $robots_txt_source != '' {
|
deploy { 'deploytool':
|
||||||
file { '/srv/openstackid/public/robots.txt':
|
}
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
file { '/opt/deploy/conf.d/openstackid.conf':
|
||||||
mode => '0644',
|
content => template('openstackid/openstackid.conf.erb'),
|
||||||
source => $robots_txt_source,
|
owner => 'root',
|
||||||
require => File['/srv/openstackid/public'],
|
group => 'root',
|
||||||
}
|
mode => '0644',
|
||||||
|
require => Deploy['deploytool'],
|
||||||
|
}
|
||||||
|
|
||||||
|
exec { 'deploy-site':
|
||||||
|
path => '/usr/bin:/bin:/usr/local/bin',
|
||||||
|
command => '/opt/deploy/deploy.sh init openstackid',
|
||||||
|
onlyif => '/opt/deploy/deploy.sh status openstackid | grep N/A',
|
||||||
|
logoutput => on_failure,
|
||||||
|
require => [
|
||||||
|
File['/opt/deploy/conf.d/openstackid.conf'],
|
||||||
|
Apache::Vhost[$vhost_name],
|
||||||
|
File['/etc/openstackid/recaptcha.php'],
|
||||||
|
File['/etc/openstackid/database.php'],
|
||||||
|
File['/etc/openstackid/log.php'],
|
||||||
|
Package[$php5_packages] ],
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -1,107 +1,94 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
|
/*
|
||||||
/*
|
|--------------------------------------------------------------------------
|
||||||
|--------------------------------------------------------------------------
|
| PDO Fetch Style
|
||||||
| PDO Fetch Style
|
|--------------------------------------------------------------------------
|
||||||
|--------------------------------------------------------------------------
|
|
|
||||||
|
|
| By default, database results will be returned as instances of the PHP
|
||||||
| By default, database results will be returned as instances of the PHP
|
| stdClass object; however, you may desire to retrieve records in an
|
||||||
| stdClass object; however, you may desire to retrieve records in an
|
| array format for simplicity. Here you can tweak the fetch style.
|
||||||
| array format for simplicity. Here you can tweak the fetch style.
|
|
|
||||||
|
|
*/
|
||||||
*/
|
'fetch' => PDO::FETCH_CLASS,
|
||||||
|
/*
|
||||||
'fetch' => PDO::FETCH_CLASS,
|
|--------------------------------------------------------------------------
|
||||||
|
| Default Database Connection Name
|
||||||
/*
|
|--------------------------------------------------------------------------
|
||||||
|--------------------------------------------------------------------------
|
|
|
||||||
| Default Database Connection Name
|
| Here you may specify which of the database connections below you wish
|
||||||
|--------------------------------------------------------------------------
|
| to use as your default connection for all database work. Of course
|
||||||
|
|
| you may use many connections at once using the Database library.
|
||||||
| Here you may specify which of the database connections below you wish
|
|
|
||||||
| to use as your default connection for all database work. Of course
|
*/
|
||||||
| you may use many connections at once using the Database library.
|
'default' => 'openstackid',
|
||||||
|
|
/*
|
||||||
*/
|
|--------------------------------------------------------------------------
|
||||||
|
| Database Connections
|
||||||
'default' => 'mysql',
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
||||||
/*
|
| Here are each of the database connections setup for your application.
|
||||||
|--------------------------------------------------------------------------
|
| Of course, examples of configuring each database platform that is
|
||||||
| Database Connections
|
| supported by Laravel is shown below to make development simple.
|
||||||
|--------------------------------------------------------------------------
|
|
|
||||||
|
|
|
|
||||||
| Here are each of the database connections setup for your application.
|
| All database work in Laravel is done through the PHP PDO facilities
|
||||||
| Of course, examples of configuring each database platform that is
|
| so make sure you have the driver for your particular database of
|
||||||
| supported by Laravel is shown below to make development simple.
|
| choice installed on your machine before you begin development.
|
||||||
|
|
|
|
||||||
|
|
*/
|
||||||
| All database work in Laravel is done through the PHP PDO facilities
|
'connections' => array(
|
||||||
| so make sure you have the driver for your particular database of
|
//primary DB
|
||||||
| choice installed on your machine before you begin development.
|
'openstackid' => array(
|
||||||
|
|
'driver' => 'mysql',
|
||||||
*/
|
'host' => '<%= id_mysql_host %>',
|
||||||
|
'database' => '<%= id_db_name %>',
|
||||||
'connections' => array(
|
'username' => '<%= id_mysql_user %>',
|
||||||
/* OpenID IDP database */
|
'password' => '<%= id_mysql_password %>',
|
||||||
'mysql' => array(
|
'charset' => 'utf8',
|
||||||
'driver' => 'mysql',
|
'collation' => 'utf8_unicode_ci',
|
||||||
'host' => '<%= mysql_host %>',
|
'prefix' => '',
|
||||||
'database' => '<%= id_db_name %>',
|
),
|
||||||
'username' => '<%= mysql_user %>',
|
//secondary DB (OS Membership)
|
||||||
'password' => '<%= mysql_password %>',
|
'os_members' => array(
|
||||||
'charset' => 'utf8',
|
'driver' => 'mysql',
|
||||||
'collation' => 'utf8_unicode_ci',
|
'host' => '<%= ss_mysql_host %>',
|
||||||
'prefix' => '',
|
'database' => '<%= ss_db_name %>',
|
||||||
),
|
'username' => '<%= ss_mysql_user %>',
|
||||||
/* Silverstripe database */
|
'password' => '<%= ss_mysql_password %>',
|
||||||
'mysql_external' => array(
|
'charset' => 'utf8',
|
||||||
'driver' => 'mysql',
|
'collation' => 'utf8_unicode_ci',
|
||||||
'host' => '<%= mysql_host %>',
|
'prefix' => '',
|
||||||
'database' => '<%= ss_db_name %>',
|
|
||||||
'username' => '<%= mysql_user %>',
|
|
||||||
'password' => '<%= mysql_password %>',
|
|
||||||
'charset' => 'utf8',
|
|
||||||
'collation' => 'utf8_unicode_ci',
|
|
||||||
'prefix' => '',
|
|
||||||
),
|
|
||||||
),
|
),
|
||||||
|
),
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
| Migration Repository Table
|
| Migration Repository Table
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
|
||||||
| This table keeps track of all the migrations that have already run for
|
| This table keeps track of all the migrations that have already run for
|
||||||
| your application. Using this information, we can determine which of
|
| your application. Using this information, we can determine which of
|
||||||
| the migrations on disk have not actually be run in the databases.
|
| the migrations on disk have not actually be run in the databases.
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
|
'migrations' => 'migrations',
|
||||||
'migrations' => 'migrations',
|
/*
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
/*
|
| Redis Databases
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
| Redis Databases
|
|
|
||||||
|--------------------------------------------------------------------------
|
| Redis is an open source, fast, and advanced key-value store that also
|
||||||
|
|
| provides a richer set of commands than a typical key-value systems
|
||||||
| Redis is an open source, fast, and advanced key-value store that also
|
| such as APC or Memcached. Laravel makes it easy to dig right in.
|
||||||
| provides a richer set of commands than a typical key-value systems
|
|
|
||||||
| such as APC or Memcached. Laravel makes it easy to dig right in.
|
*/
|
||||||
|
|
'redis' => array(
|
||||||
*/
|
'cluster' => false,
|
||||||
|
'default' => array(
|
||||||
'redis' => array(
|
'host' => '<%= redis_host %>',
|
||||||
|
'port' => <%= redis_port %>,
|
||||||
'cluster' => true,
|
'database' => 0,
|
||||||
|
'password' => '<%= redis_password %>'
|
||||||
'default' => array(
|
|
||||||
'host' => '<%= redis_host %>',
|
|
||||||
'port' => <%= redis_port %>,
|
|
||||||
),
|
|
||||||
|
|
||||||
),
|
),
|
||||||
|
),
|
||||||
);
|
);
|
||||||
|
6
modules/openstackid/templates/environment.php.erb
Normal file
6
modules/openstackid/templates/environment.php.erb
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
$env = $app->detectEnvironment(array(
|
||||||
|
'<%= id_environment %>' => array('<%= id_hostname %>')
|
||||||
|
));
|
||||||
|
|
10
modules/openstackid/templates/log.php.erb
Normal file
10
modules/openstackid/templates/log.php.erb
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
<?php
|
||||||
|
return array(
|
||||||
|
/**
|
||||||
|
* EMAIL ERROR LOG CONFIGURATION
|
||||||
|
*/
|
||||||
|
//The receiver of the mail
|
||||||
|
'to_email' => '<%= id_log_error_to_email %>',
|
||||||
|
//The sender of the mail
|
||||||
|
'from_email' => '<%= id_log_error_from_email %>'
|
||||||
|
);
|
3
modules/openstackid/templates/openstackid.conf.erb
Normal file
3
modules/openstackid/templates/openstackid.conf.erb
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
SITE_ROOT=/srv/openstackid
|
||||||
|
SOURCE_TARBALL=http://tarballs.openstack.org/openstackid/openstackid-latest.tar.gz
|
||||||
|
LARAVEL_ENV=dev
|
22
modules/openstackid/templates/recaptcha.php.erb
Normal file
22
modules/openstackid/templates/recaptcha.php.erb
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
<?php
|
||||||
|
return array(
|
||||||
|
/*
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
| API Keys
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
||||||
|
| Set the public and private API keys as provided by reCAPTCHA.
|
||||||
|
|
|
||||||
|
*/
|
||||||
|
'public_key' => '<%= id_recaptcha_public_key %>',
|
||||||
|
'private_key' => '<%= id_recaptcha_private_key %>',
|
||||||
|
/*
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
| Template
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
||||||
|
| Set a template to use if you don't want to use the standard one.
|
||||||
|
|
|
||||||
|
*/
|
||||||
|
'template' => '<%= id_recaptcha_template %>'
|
||||||
|
);
|
@ -18,14 +18,14 @@
|
|||||||
|
|
||||||
class redis(
|
class redis(
|
||||||
$redis_port = '6379',
|
$redis_port = '6379',
|
||||||
$redis_max_memory = '1gb',
|
|
||||||
$redis_bind = '127.0.0.1',
|
$redis_bind = '127.0.0.1',
|
||||||
$redis_bin_dir = '/usr/bin',
|
$redis_password = '',
|
||||||
|
$redis_max_memory = '1gb',
|
||||||
$version = '2.2.12',
|
$version = '2.2.12',
|
||||||
) {
|
) {
|
||||||
|
|
||||||
package {'redis-server':
|
package {'redis-server':
|
||||||
ensure => installed,
|
ensure => present,
|
||||||
}
|
}
|
||||||
|
|
||||||
case $version {
|
case $version {
|
||||||
@ -43,31 +43,20 @@ class redis(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
file { '/etc/init.d/redis-server':
|
|
||||||
ensure => present,
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
mode => '0755',
|
|
||||||
require => Package['redis-server'],
|
|
||||||
content => template('redis/init_script.erb'),
|
|
||||||
}
|
|
||||||
|
|
||||||
file { '/etc/redis/redis.conf':
|
file { '/etc/redis/redis.conf':
|
||||||
ensure => present,
|
ensure => present,
|
||||||
owner => 'root',
|
owner => 'root',
|
||||||
group => 'root',
|
group => 'root',
|
||||||
mode => '0644',
|
mode => '0644',
|
||||||
content => template("redis/${redis_conf_file}"),
|
replace => true,
|
||||||
require => Package['redis-server'],
|
content => template("redis/${redis_conf_file}"),
|
||||||
notify => Service['redis-server'],
|
require => Package['redis-server'],
|
||||||
}
|
}
|
||||||
|
|
||||||
service { 'redis-server':
|
service { 'redis-server':
|
||||||
ensure => running,
|
ensure => running,
|
||||||
enable => true,
|
require => Package['redis-server'],
|
||||||
hasstatus => true,
|
subscribe => File['/etc/redis/redis.conf'],
|
||||||
hasrestart => true,
|
}
|
||||||
require => [ File['/etc/redis/redis.conf'], File['/etc/init.d/redis-server'], Package['redis-server'] ],
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
@ -1,42 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
#
|
|
||||||
# Simple Redis init.d script conceived to work on Linux systems
|
|
||||||
# as it does use of the /proc filesystem.
|
|
||||||
|
|
||||||
REDISPORT="<%= redis_port %>"
|
|
||||||
EXEC=<%= redis_bin_dir %>/redis-server
|
|
||||||
CLIEXEC=<%= redis_bin_dir %>/redis-cli
|
|
||||||
|
|
||||||
PIDFILE=/var/run/redis.pid
|
|
||||||
CONF="/etc/redis/redis.conf"
|
|
||||||
|
|
||||||
case "$1" in
|
|
||||||
start)
|
|
||||||
if [ -f $PIDFILE ]
|
|
||||||
then
|
|
||||||
echo "$PIDFILE exists, process is already running or crashed"
|
|
||||||
else
|
|
||||||
echo "Starting Redis server..."
|
|
||||||
$EXEC $CONF
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
stop)
|
|
||||||
if [ ! -f $PIDFILE ]
|
|
||||||
then
|
|
||||||
echo "$PIDFILE does not exist, process is not running"
|
|
||||||
else
|
|
||||||
PID=$(cat $PIDFILE)
|
|
||||||
echo "Stopping ..."
|
|
||||||
$CLIEXEC -p $REDISPORT shutdown
|
|
||||||
while [ -x /proc/${PID} ]
|
|
||||||
do
|
|
||||||
echo "Waiting for Redis to shutdown ..."
|
|
||||||
sleep 1
|
|
||||||
done
|
|
||||||
echo "Redis stopped"
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Please use start or stop as first argument"
|
|
||||||
;;
|
|
||||||
esac
|
|
@ -14,7 +14,7 @@
|
|||||||
|
|
||||||
# By default Redis does not run as a daemon. Use 'yes' if you need it.
|
# By default Redis does not run as a daemon. Use 'yes' if you need it.
|
||||||
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
|
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
|
||||||
daemonize no
|
daemonize yes
|
||||||
|
|
||||||
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
|
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
|
||||||
# default. You can specify a custom pid file location here.
|
# default. You can specify a custom pid file location here.
|
||||||
@ -49,7 +49,7 @@ loglevel verbose
|
|||||||
# Specify the log file name. Also 'stdout' can be used to force
|
# Specify the log file name. Also 'stdout' can be used to force
|
||||||
# Redis to log on the standard output. Note that if you use standard
|
# Redis to log on the standard output. Note that if you use standard
|
||||||
# output for logging but daemonize, logs will be sent to /dev/null
|
# output for logging but daemonize, logs will be sent to /dev/null
|
||||||
logfile stdout
|
logfile /var/log/redis/redis-server.log
|
||||||
|
|
||||||
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
|
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
|
||||||
# and optionally update the other syslog parameters to suit your needs.
|
# and optionally update the other syslog parameters to suit your needs.
|
||||||
@ -147,7 +147,9 @@ slave-serve-stale-data yes
|
|||||||
# 150k passwords per second against a good box. This means that you should
|
# 150k passwords per second against a good box. This means that you should
|
||||||
# use a very strong password otherwise it will be very easy to break.
|
# use a very strong password otherwise it will be very easy to break.
|
||||||
#
|
#
|
||||||
# requirepass foobared
|
<% if redis_password != "" %>
|
||||||
|
requirepass <%= redis_password %>
|
||||||
|
<% end %>
|
||||||
|
|
||||||
# Command renaming.
|
# Command renaming.
|
||||||
#
|
#
|
||||||
|
@ -14,7 +14,7 @@
|
|||||||
|
|
||||||
# By default Redis does not run as a daemon. Use 'yes' if you need it.
|
# By default Redis does not run as a daemon. Use 'yes' if you need it.
|
||||||
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
|
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
|
||||||
daemonize no
|
daemonize yes
|
||||||
|
|
||||||
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
|
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
|
||||||
# default. You can specify a custom pid file location here.
|
# default. You can specify a custom pid file location here.
|
||||||
@ -50,7 +50,7 @@ loglevel verbose
|
|||||||
# Specify the log file name. Also 'stdout' can be used to force
|
# Specify the log file name. Also 'stdout' can be used to force
|
||||||
# Redis to log on the standard output. Note that if you use standard
|
# Redis to log on the standard output. Note that if you use standard
|
||||||
# output for logging but daemonize, logs will be sent to /dev/null
|
# output for logging but daemonize, logs will be sent to /dev/null
|
||||||
logfile stdout
|
logfile /var/log/redis/redis-server.log
|
||||||
|
|
||||||
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
|
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
|
||||||
# and optionally update the other syslog parameters to suit your needs.
|
# and optionally update the other syslog parameters to suit your needs.
|
||||||
@ -178,7 +178,9 @@ slave-priority 100
|
|||||||
# 150k passwords per second against a good box. This means that you should
|
# 150k passwords per second against a good box. This means that you should
|
||||||
# use a very strong password otherwise it will be very easy to break.
|
# use a very strong password otherwise it will be very easy to break.
|
||||||
#
|
#
|
||||||
# requirepass foobared
|
<% if redis_password != "" %>
|
||||||
|
requirepass <%= redis_password %>
|
||||||
|
<% end %>
|
||||||
|
|
||||||
# Command renaming.
|
# Command renaming.
|
||||||
#
|
#
|
||||||
|
@ -14,7 +14,7 @@
|
|||||||
|
|
||||||
# By default Redis does not run as a daemon. Use 'yes' if you need it.
|
# By default Redis does not run as a daemon. Use 'yes' if you need it.
|
||||||
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
|
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
|
||||||
daemonize no
|
daemonize yes
|
||||||
|
|
||||||
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
|
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
|
||||||
# default. You can specify a custom pid file location here.
|
# default. You can specify a custom pid file location here.
|
||||||
@ -61,7 +61,7 @@ tcp-keepalive 0
|
|||||||
# verbose (many rarely useful info, but not a mess like the debug level)
|
# verbose (many rarely useful info, but not a mess like the debug level)
|
||||||
# notice (moderately verbose, what you want in production probably)
|
# notice (moderately verbose, what you want in production probably)
|
||||||
# warning (only very important / critical messages are logged)
|
# warning (only very important / critical messages are logged)
|
||||||
loglevel notice
|
logfile /var/log/redis/redis-server.log
|
||||||
|
|
||||||
# Specify the log file name. Also 'stdout' can be used to force
|
# Specify the log file name. Also 'stdout' can be used to force
|
||||||
# Redis to log on the standard output. Note that if you use standard
|
# Redis to log on the standard output. Note that if you use standard
|
||||||
@ -255,7 +255,9 @@ slave-priority 100
|
|||||||
# 150k passwords per second against a good box. This means that you should
|
# 150k passwords per second against a good box. This means that you should
|
||||||
# use a very strong password otherwise it will be very easy to break.
|
# use a very strong password otherwise it will be very easy to break.
|
||||||
#
|
#
|
||||||
# requirepass foobared
|
<% if redis_password != "" %>
|
||||||
|
requirepass <%= redis_password %>
|
||||||
|
<% end %>
|
||||||
|
|
||||||
# Command renaming.
|
# Command renaming.
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user