The name of the apache package and service are different on different
operating systems. Fortunately, the apache module populates a variable
with the correct name for us. This is also true of the apache ssl
package.
Change-Id: I7d93e56281f828cba9262c135b0beb43dce9748a
The gate-config-puppet-apply test will try to run everything on a
bare-precise node, so even though this doesn't occur in production it is
being tested.
Change-Id: I13b03a7476e30cbb26dc820bb4cf5b56c4018669
Allow for specifying ServerAlias entries in the apache
vhost for the cgit puppet module.
(vhost template section lifted from the puppetlabs-apache v0.0.4
vhost-default template).
Change-Id: If7c297247b9556458154e4d01a1e0165a25a14b5
* modules/openstack_project/manifests/git.pp: Give the haproxy stats
socket admin level permissions. Make the socket owned by user root and
group root with mode of 0600. This is necessary to provide instructions
to enable and disable backend servers through the stats socket. Also,
install socat on this server so that commands can be given through the
stats socket.
* modules/openstack_project/manifests/git.pp: Enable git-daemon service
so that it starts running at boot.
Change-Id: Ic38114bdbd9fd1e9ab711e636deaadb15f9c7fe3
* modules/cgit/manifests/init.pp: Add highlight package
dependency to cgit server
* modules/openstack_project/files/git/cgitrc: Enable syntax
highlighting option
* modules/openstack_project/files/git/openstack.css: Add basic
syntax highlighting, copied from CSS that used to ship with
cgit by default
Closes-Bug: #1228361
Change-Id: Ic496215b5782527ac8159dedf639e549debeed2b
The haproxy rsyslog config file was left in the cgit module despite
pulling the haproxy stuff out of cgit and putting it in
openstack_project. Move the rsyslog config file into the
openstack_project module where it belongs.
Change-Id: I0fc45f7497f0f2682bbc5c7ae0da546a71b67188
* manifests/site.pp: Use distinct manifests for git.o.o and git.o.o
backends. This allows for the haproxy server to not serve git content
and purely be a load balancer.
* modules/cgit/manifests/init.pp: Remove haproxy from cgit module.
Remove stale xinetd cleanup. Select git daemon port when selecting
HTTP(S) ports.
* modules/openstack_project/manifests/git.pp: Make git.pp a manifest to
load balance git servers with haproxy.
* modules/openstack_project/manifests/git_backend.pp: New manifest to
manage servers that actually serve git content. They sit behind a load
balancer.
* modules/openstack_project/manifests/review.pp: Stop replicating repos
to git load balancer.
Change-Id: I343a0d1e0a7b93874c2e2299ed974a3304957efb
* modules/cgit/manifests/init.pp: HTTP(S) access to the git cluster may
end up making connections to different node members potentially causing
fetches to fail when a ref is visible on one node but not on another.
Fix this by using the source balance method. Every request from a single
host will be served by one backend node unless nodes are added or
removed.
Change-Id: Iedca1938277020b837eb1607e43013f5feb2ed2d
* install_modules.sh: Add puppetlabs-haproxy forge module.
* modules/cgit/manifests/init.pp: Add haproxy config to load balance
https, https and git protocol git access. Each git server will host git
http on port 8080, https on port 4443 and git protocol on 29418. These
endpoints will then be load balanced by a single haproxy instance
listening on ports 80, 443 and 9418. The use of haproxy and having
services listen on offset ports to accomodate haproxy is toggleable
using the $balance_git and $behind_proxy boolean flags.
Additionally, configure rsyslog for haproxy.
* modules/cgit/files/rsyslog.haproxy.conf: Enable syslog over UDP on
port 514. This is needed by haproxy to perform logging. Send local0
messages to /var/log/haproxy.log.
* modules/cgit/templates/ssl.conf.erb: Make Apache https listen port
configurable. Remove default virtualhost.
* modules/cgit/templates/httpd.conf.erb: Make Apache http listen port
configurable.
* modules/cgit/templates/git.vhost..erb: Make Apache http(s) listen
ports configuruable. Allow http without redirecting to https as a
fallback option to accomodate CentOS clients.
* modules/openstack_project/manifests/git.pp: Pass load balancer
variables through to the cgit manifest.
* manifests/site.pp: Configure git.o.o to run the load balancer haproxy
and balance across the new gitXX.o.o nodes.
Change-Id: Icefc5923cff9a7c6ce62c1923ec2ea87ebc6474a
Add git-daemon init file to /etc/init.d and make sure the service
is started.
For transition, keep the git xinetd file and service defined but
switch git service to stopped, we can remove this later.
Change-Id: I0cf02c7292496e39695b80b00cdcb82ec7a61700
Create and define a static directory for cgit to use.
Add initial favicon and logo files and include in cgitrc.
Also include custom CSS and background image.
Change-Id: If1e20d8e62557cc90aafbf92f4291b964400e029
* modules/cgit/templates/git.vhost.erb: Add Apache aliases to the
git-http-backend CGI and static git files where possible. This makes
git clone, pull and fetch HTTPS URLs more consistent with their git
protocol counterparts.
* modules/openstack_project/files/git/cgitrc: Adjust the displayed
HTTPS clone URL in the WebUI to match.
Change-Id: Ibb4fd41191f33b615ed36f78e1951555a1c0dad1
Because of the way we're doing ssl on the centos, the ifmodule
statements evaluate to false. Remove them.
Change-Id: Iad771249c6dc5cf5ede493183f5cebb98c3deb69
The ${APACHE_LOG_DIR} isn't expanding as I had expected on
the CentOS server, updating to default CentOS apache log
directory.
Change-Id: I8fc6ee5084e2ef69be9e888473155c865bdbdfd0
* modules/cgit/files/git.xinetd: Configure git xinetd
* modules/cgit/manifests/init.pp: Install git xinetd file and make sure the
* service is running.
Change-Id: I7686b1cacd257e2aa519885b969272055a74e48e
Update the cgit Apache config to make requests to
http://git.openstack.org be rewritten to go to /cgit
Change-Id: I3589868e9cb202f4d4b89378ca5e38ec57869b2c
The restorecon command for selinux needed to require /var/lib/git
and the syntax is actually "File" rather than "Folder" here.
Also added refreshonly so it only runs when /var/lib/git changes.
Change-Id: I88f40dc3051d66ef9f9dc4d667474b8cc7d2a5f7
The cgit module is already calling the apache module which handles
making sure httpd is installed and running, pulling this from the
cgit module.
Change-Id: I51f724e7cf1e2b725c6af375fb1c8774045a0956