System configuration for OpenStack Infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

379 lines
8.2KB

  1. # == Class: openstack_project::mirror
  2. #
  3. class openstack_project::mirror (
  4. $vhost_name = $::fqdn,
  5. ) {
  6. # Some hosts are mirror01, but we need the host to respond to
  7. # "mirror." Re-evaluate this if we end up doing multiple
  8. # mirrors/load balancing etc.
  9. $alias_name = regsubst($vhost_name, 'mirror\d*\.', 'mirror.')
  10. if $alias_name != $vhost_name {
  11. $serveraliases = [$alias_name]
  12. } else {
  13. $serveraliases = undef
  14. }
  15. $mirror_root = '/afs/openstack.org/mirror'
  16. $wheel_root = "${mirror_root}/wheel"
  17. $ceph_deb_hammer_root = "${mirror_root}/ceph-deb-hammer"
  18. $ceph_deb_jewel_root = "${mirror_root}/ceph-deb-jewel"
  19. $ceph_deb_luminous_root = "${mirror_root}/ceph-deb-luminous"
  20. $ceph_deb_mimic_root = "${mirror_root}/ceph-deb-mimic"
  21. $ceph_deb_nautilus_root = "${mirror_root}/ceph-deb-nautilus"
  22. $gem_root = "${mirror_root}/gem"
  23. $www_base = '/var/www'
  24. $www_root = "${www_base}/mirror"
  25. #####################################################
  26. # Build Apache Webroot
  27. file { "${www_base}":
  28. ensure => directory,
  29. owner => root,
  30. group => root,
  31. }
  32. file { "${www_root}":
  33. ensure => directory,
  34. owner => root,
  35. group => root,
  36. require => [
  37. File["${www_base}"],
  38. ]
  39. }
  40. # Create the symlink to pypi.
  41. # NOTE(ianw) : retired 2018-11-22; see
  42. # https://review.opendev.org/#/c/618326/
  43. file { "${www_root}/pypi":
  44. ensure => absent,
  45. }
  46. # Create the symlink to wheel.
  47. file { "${www_root}/wheel":
  48. ensure => link,
  49. target => "${wheel_root}",
  50. owner => root,
  51. group => root,
  52. require => [
  53. File["${www_root}"],
  54. ]
  55. }
  56. # Create the symlink to centos
  57. file { "${www_root}/centos":
  58. ensure => link,
  59. target => "${mirror_root}/centos",
  60. owner => root,
  61. group => root,
  62. require => [
  63. File["${www_root}"],
  64. ]
  65. }
  66. # Create the symlink to debian
  67. file { "${www_root}/debian":
  68. ensure => link,
  69. target => "${mirror_root}/debian",
  70. owner => root,
  71. group => root,
  72. require => [
  73. File["${www_root}"],
  74. ]
  75. }
  76. # Create the symlink to debian-security
  77. file { "${www_root}/debian-security":
  78. ensure => link,
  79. target => "${mirror_root}/debian-security",
  80. owner => root,
  81. group => root,
  82. require => [
  83. File["${www_root}"],
  84. ]
  85. }
  86. # Create the symlink to Debian OpenStack Packaging Team reprepro.
  87. file { "${www_root}/debian-openstack":
  88. ensure => link,
  89. target => "${mirror_root}/debian-openstack",
  90. owner => root,
  91. group => root,
  92. require => [
  93. File["${www_root}"],
  94. ]
  95. }
  96. # Create the symlink to rdo
  97. file { "${www_root}/rdo":
  98. ensure => absent,
  99. }
  100. # Create the symlink to epel
  101. file { "${www_root}/epel":
  102. ensure => link,
  103. target => "${mirror_root}/epel",
  104. owner => root,
  105. group => root,
  106. require => [
  107. File["${www_root}"],
  108. ]
  109. }
  110. # Create the symlink to yum-puppetlabs
  111. file { "${www_root}/yum-puppetlabs":
  112. ensure => link,
  113. target => "${mirror_root}/yum-puppetlabs",
  114. owner => root,
  115. group => root,
  116. require => [
  117. File["${www_root}"],
  118. ]
  119. }
  120. # Create the symlink to fedora
  121. file { "${www_root}/fedora":
  122. ensure => link,
  123. target => "${mirror_root}/fedora",
  124. owner => root,
  125. group => root,
  126. require => [
  127. File["${www_root}"],
  128. ]
  129. }
  130. # Create the symlink to openSUSE
  131. file { "${www_root}/opensuse":
  132. ensure => link,
  133. target => "${mirror_root}/opensuse",
  134. owner => root,
  135. group => root,
  136. require => [
  137. File["${www_root}"],
  138. ]
  139. }
  140. # Create the symlink to Ubuntu
  141. file { "${www_root}/ubuntu":
  142. ensure => link,
  143. target => "${mirror_root}/ubuntu",
  144. owner => root,
  145. group => root,
  146. require => [
  147. File["${www_root}"],
  148. ]
  149. }
  150. # Create the symlink to Ubuntu ports
  151. file { "${www_root}/ubuntu-ports":
  152. ensure => link,
  153. target => "${mirror_root}/ubuntu-ports",
  154. owner => root,
  155. group => root,
  156. require => [
  157. File["${www_root}"],
  158. ]
  159. }
  160. # Create the symlink to ceph-deb-hammer.
  161. file { "${www_root}/ceph-deb-hammer":
  162. ensure => link,
  163. target => "${ceph_deb_hammer_root}",
  164. owner => root,
  165. group => root,
  166. require => [
  167. File["${www_root}"],
  168. ]
  169. }
  170. # Create the symlink to ceph-deb-jewel.
  171. file { "${www_root}/ceph-deb-jewel":
  172. ensure => link,
  173. target => "${ceph_deb_jewel_root}",
  174. owner => root,
  175. group => root,
  176. require => [
  177. File["${www_root}"],
  178. ]
  179. }
  180. # Create the symlink to ceph-deb-luminous.
  181. file { "${www_root}/ceph-deb-luminous":
  182. ensure => link,
  183. target => "${ceph_deb_luminous_root}",
  184. owner => root,
  185. group => root,
  186. require => [
  187. File["${www_root}"],
  188. ]
  189. }
  190. # Create the symlink to ceph-deb-mimic.
  191. file { "${www_root}/ceph-deb-mimic":
  192. ensure => link,
  193. target => "${ceph_deb_mimic_root}",
  194. owner => root,
  195. group => root,
  196. require => [
  197. File["${www_root}"],
  198. ]
  199. }
  200. # Create the symlink to ceph-deb-nautilus.
  201. file { "${www_root}/ceph-deb-nautilus":
  202. ensure => link,
  203. target => "${ceph_deb_nautilus_root}",
  204. owner => root,
  205. group => root,
  206. require => [
  207. File["${www_root}"],
  208. ]
  209. }
  210. # Create the symlink to Ubuntu Cloud Archive.
  211. file { "${www_root}/ubuntu-cloud-archive":
  212. ensure => link,
  213. target => "${mirror_root}/ubuntu-cloud-archive",
  214. owner => root,
  215. group => root,
  216. require => [
  217. File["${www_root}"],
  218. ]
  219. }
  220. # Create the symlink to deb-docker.
  221. file { "${www_root}/deb-docker":
  222. ensure => link,
  223. target => "${mirror_root}/deb-docker",
  224. owner => root,
  225. group => root,
  226. require => [
  227. File["${www_root}"],
  228. ]
  229. }
  230. # Create the symlink to Ubuntu Puppetlabs.
  231. file { "${www_root}/apt-puppetlabs":
  232. ensure => link,
  233. target => "${mirror_root}/apt-puppetlabs",
  234. owner => root,
  235. group => root,
  236. require => [
  237. File["${www_root}"],
  238. ]
  239. }
  240. file { "${www_root}/gem":
  241. ensure => link,
  242. target => "${gem_root}",
  243. owner => root,
  244. group => root,
  245. require => [
  246. File["${www_root}"],
  247. ]
  248. }
  249. file { "${www_root}/robots.txt":
  250. ensure => present,
  251. owner => 'root',
  252. group => 'root',
  253. mode => '0444',
  254. source => 'puppet:///modules/openstack_project/disallow_robots.txt',
  255. require => File["${www_root}"],
  256. }
  257. #####################################################
  258. # Build VHost
  259. include ::httpd
  260. file { '/opt/apache_cache':
  261. ensure => absent,
  262. force => true,
  263. }
  264. file { '/var/cache/apache2/proxy':
  265. ensure => directory,
  266. owner => 'www-data',
  267. group => 'www-data',
  268. mode => '0755',
  269. require => Class['httpd']
  270. }
  271. if ! defined(Httpd::Mod['rewrite']) {
  272. httpd::mod { 'rewrite':
  273. ensure => present,
  274. }
  275. }
  276. if ! defined(Httpd::Mod['substitute']) {
  277. httpd::mod { 'substitute':
  278. ensure => present,
  279. }
  280. }
  281. if ! defined(Httpd::Mod['cache']) {
  282. httpd::mod { 'cache':
  283. ensure => present,
  284. }
  285. }
  286. if ! defined(Httpd::Mod['cache_disk']) {
  287. httpd::mod { 'cache_disk':
  288. ensure => present,
  289. }
  290. }
  291. if ! defined(Httpd::Mod['proxy']) {
  292. httpd::mod { 'proxy':
  293. ensure => present,
  294. }
  295. }
  296. if ! defined(Httpd::Mod['proxy_http']) {
  297. httpd::mod { 'proxy_http':
  298. ensure => present,
  299. }
  300. }
  301. ::httpd::vhost { $vhost_name:
  302. port => 80,
  303. priority => '50',
  304. docroot => "${www_root}",
  305. template => 'openstack_project/mirror.vhost.erb',
  306. serveraliases => $serveraliases,
  307. require => [
  308. File["${www_root}"],
  309. ]
  310. }
  311. # Cache cleanup
  312. package { 'apache2-utils':
  313. ensure => present,
  314. }
  315. cron { 'apache-cache-cleanup':
  316. # Clean apache cache once an hour, keep size down to 70GiB.
  317. minute => '0',
  318. hour => '*',
  319. command => 'flock -n /var/run/htcacheclean.lock htcacheclean -n -p /var/cache/apache2/proxy -t -l 70200M > /dev/null',
  320. environment => 'PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin',
  321. require => [
  322. File['/var/cache/apache2/proxy'],
  323. Package['apache2-utils'],
  324. ],
  325. }
  326. class { '::httpd::logrotate':
  327. options => [
  328. 'daily',
  329. 'missingok',
  330. 'rotate 7',
  331. 'compress',
  332. 'delaycompress',
  333. 'notifempty',
  334. 'create 640 root adm',
  335. ],
  336. }
  337. }