Clean up puppet (deploy LAMP / setup app config)

Implements: blueprint openid-oauth2-infra-implementation-puppet-script Prepares a raw server with all software stack needed to run openstackid project: * installs PHP * installs Apache * installs Redis Server * creates a initial environment configuration for laravel application (using *.erb templates) Change-Id: If6216da0d70a45609076e8111a67055dbc87c9e4
openstack-infra · Feb 21, 2014 · b7ce8e9 · b7ce8e9
1 parent 522f4a2
commit b7ce8e9
Show file tree

Hide file tree

Showing 17 changed files with 524 additions and 259 deletions.
diff --git a/manifests/site.pp b/manifests/site.pp
@@ -739,8 +739,11 @@
   class { 'openstack_project::openstackid_dev':
     sysadmins            => hiera('sysadmins'),
     site_admin_password  => hiera('openstackid_dev_site_admin_password'),
-    mysql_host           => hiera('openstackid_dev_mysql_host'),
-    mysql_password       => hiera('openstackid_dev_mysql_password'),
+    id_mysql_host        => hiera('openstackid_dev_id_mysql_host'),
+    id_mysql_password    => hiera('openstackid_dev_id_mysql_password'),
+    ss_mysql_host        => hiera('openstackid_dev_ss_mysql_host'),
+    ss_mysql_password    => hiera('openstackid_dev_ss_mysql_password'),
+    redis_password       => hiera('openstackid_dev_redis_password'),
   }
 }
 

diff --git a/modules/openstack_project/manifests/openstackid_dev.pp b/modules/openstack_project/manifests/openstackid_dev.pp
@@ -17,14 +17,24 @@
 class openstack_project::openstackid_dev (
   $sysadmins = [],
   $site_admin_password = '',
-  $mysql_host = '',
-  $mysql_user = 'openstackid',
-  $mysql_password = '',
+  $id_mysql_host = '',
+  $id_mysql_user = 'openstackid',
+  $id_mysql_password = '',
   $id_db_name = 'openstackid_openid_dev',
+  $ss_mysql_host = '',
+  $ss_mysql_user = 'openstackid',
+  $ss_mysql_password = '',
   $ss_db_name = 'openstackid_silverstripe_dev',
   $redis_port = '6378',
   $redis_max_memory = '1gb',
-  $redis_bind = '127.0.0.1'
+  $redis_bind = '127.0.0.1',
+  $redis_password = '',
+  $id_recaptcha_public_key = '',
+  $id_recaptcha_private_key = '',
+  $id_recaptcha_template = '',
+  $id_log_error_to_email = '',
+  $id_log_error_from_email = '',
+  $id_environment = 'dev',
 ) {
 
   realize (
@@ -37,21 +47,32 @@
   }
 
   class { 'openstackid':
-    site_admin_password => $site_admin_password,
-    mysql_host          => $mysql_host,
-    mysql_user          => $mysql_user,
-    mysql_password      => $mysql_password,
-    id_db_name          => $id_db_name,
-    ss_db_name          => $ss_db_name,
-    redis_port          => $redis_port,
-    redis_host          => $redis_bind,
+    site_admin_password      => $site_admin_password,
+    id_mysql_host            => $id_mysql_host,
+    id_mysql_user            => $id_mysql_user,
+    id_mysql_password        => $id_mysql_password,
+    id_db_name               => $id_db_name,
+    ss_mysql_host            => $ss_mysql_host,
+    ss_mysql_user            => $ss_mysql_user,
+    ss_mysql_password        => $ss_mysql_password,
+    ss_db_name               => $ss_db_name,
+    redis_port               => $redis_port,
+    redis_host               => $redis_bind,
+    redis_password           => $redis_password,
+    id_recaptcha_public_key  => $id_recaptcha_public_key,
+    id_recaptcha_private_key => $id_recaptcha_private_key,
+    id_recaptcha_template    => $id_recaptcha_template,
+    id_log_error_to_email    => $id_log_error_to_email,
+    id_log_error_from_email  => $id_log_error_from_email,
+    id_environment           => $id_environment,
   }
 
   # redis (custom module written by tipit)
   class { 'redis':
     redis_port       => $redis_port,
     redis_max_memory => $redis_max_memory,
     redis_bind       => $redis_bind,
+    redis_password   => $redis_password,
   }
 
 }
diff --git a/modules/openstackid/files/deploy.sh b/modules/openstackid/files/deploy.sh
@@ -0,0 +1,39 @@
+#!/bin/bash -e
+#
+# Site deployment tool
+#
+# Commands:
+#   init @sitealias http://example.com/source.tar.gz
+#   status @sitealias
+#   update @sitelias http://example.com/source.tar.gz
+#   rollback @sitealias
+#
+#
+
+
+
+TOP_DIR=$(cd $(dirname "$0") && pwd)
+source $TOP_DIR/functions
+
+if [ ! -r $TOP_DIR/deployrc ]; then
+    echo "ERROR: missing deployrc - did you grab more than just deploy.sh?"
+    exit 1
+fi
+source $TOP_DIR/deployrc
+
+command="${1}"
+case $command in
+  init)
+    site_init ${2}
+    ;;
+  status)
+    site_status ${2}
+    ;;
+  update)
+    site_update ${2}
+    ;;
+  *)
+    print_help
+    exit 1
+    ;;
+esac
diff --git a/modules/openstackid/files/deployrc b/modules/openstackid/files/deployrc
@@ -0,0 +1,8 @@
+CONF_DIR=$TOP_DIR
+FILE_OWNER=root
+FILE_GROUP=www-data
+
+# allow local overrides of env variables
+if [ -f $TOP_DIR/localrc ]; then
+    . $TOP_DIR/localrc
+fi
diff --git a/modules/openstackid/files/functions b/modules/openstackid/files/functions
@@ -0,0 +1,150 @@
+function print_help() {
+  echo "Usage: `basename $0` command [options]"
+  echo ""
+  echo "Commands:"
+  echo "  status [site]    return status information about site configurations"
+  echo "  init <site>      initialize site structure"
+  echo "  update <site>    update to new version"
+  echo ""
+}
+
+function site_init() {
+  if [ ! $1 ]; then
+    echo "ERROR: site parameter mandatory"
+    exit 1
+  fi
+  CONF_PATH="$CONF_DIR/conf.d/$1.conf"
+  if [ ! -f $CONF_PATH ]; then
+    echo "Site configuration not found: " $1
+    exit 1
+  fi
+  source $CONF_PATH
+  if [ -f "$SITE_ROOT/w/public/index.php" ]; then
+    echo "Cannot override an existing deployment: $SITE_ROOT/w"
+    exit 1
+  fi
+  # cleanup previous broken deployment
+  rm -rf $SITE_ROOT/slot0
+  # create directory structure
+  for dir in slot0 slot1; do
+    mkdir -p $SITE_ROOT/$dir
+    chown $FILE_OWNER:$FILE_GROUP $SITE_ROOT/$dir
+  done
+  target_dir="$SITE_ROOT/slot0"
+  # fetch and extract release tarball
+  umask 0027
+  if [[ $SOURCE_TARBALL == http* ]]; then
+    echo "Download from http!"
+    curl $SOURCE_TARBALL | tar -xzv -C $target_dir --strip-components 1 --no-same-permissions
+  else
+    echo "extract from local file system"
+    if [ ! -f $SOURCE_TARBALL ]; then
+      echo "Source tarball not found: $SOURCE_TARBALL"
+      exit 1
+    fi
+    tar -xzvf $SOURCE_TARBALL -C $target_dir --strip-components 1 --no-same-permissions
+  fi
+  chown -R $FILE_OWNER:$FILE_GROUP $target_dir
+  umask 0022
+  # link configuration files managed by puppet
+  ln -s /etc/openstackid/environment.php $target_dir/bootstrap/environment.php
+  ln -s /etc/openstackid/recaptcha.php $target_dir/app/config/packages/greggilbert/recaptcha/$LARAVEL_ENV/config.php
+  ln -s /etc/openstackid/database.php $target_dir/app/config/$LARAVEL_ENV/database.php
+  ln -s /etc/openstackid/log.php $target_dir/app/config/$LARAVEL_ENV/log.php
+  # convert app/storage into symlink and set permissions
+  mv $target_dir/app/storage $SITE_ROOT/
+  chmod 02770 $SITE_ROOT/storage
+  find $SITE_ROOT/storage/ -type d -exec chmod 0775 {} \;
+  find $SITE_ROOT/storage/ -type f -exec chmod 0664 {} \;
+  rm -rf $target_dir/app/storage
+  ln -s $SITE_ROOT/storage $target_dir/app
+  # populate application database
+  cd $target_dir
+  php artisan migrate --env=$LARAVEL_ENV
+  php artisan db:seed --env=$LARAVEL_ENV
+  # activate site
+  rm -rf $SITE_ROOT/w
+  ln -s $SITE_ROOT/slot0 $SITE_ROOT/w
+}
+
+function site_status() {
+  if [ ! $1 ]; then
+    echo "ERROR: site parameter mandatory"
+    exit 1
+  fi
+  CONF_PATH="$CONF_DIR/conf.d/$1.conf"
+  if [ ! -f $CONF_PATH ]; then
+    echo "Site configuration not found: $1"
+    exit 0
+  fi
+  source $CONF_PATH
+  if [ ! -f "$SITE_ROOT/w/public/index.php" ]; then
+    if [ -d "$SITE_ROOT/slot0" ]; then
+      echo "PENDING"
+    else
+      echo "N/A"
+      exit 1
+    fi
+  else
+    echo "INSTALLED"
+  fi
+}
+
+function site_update() {
+  if [ ! $1 ]; then
+    echo "ERROR: missing site parameter"
+    exit 1
+  fi
+  CONF_PATH="$CONF_DIR/conf.d/$1.conf"
+  if [ ! -f $CONF_PATH ]; then
+    echo "Site configuration not found: $1"
+    exit 0
+  fi
+  source $CONF_PATH
+  SITE_LINK=`readlink -f $SITE_ROOT/w`
+  ACTIVE_SLOT=`basename $SITE_LINK`
+  case $ACTIVE_SLOT in
+    slot0)
+      TARGET_SLOT='slot1'
+      ;;
+    slot1)
+      TARGET_SLOT='slot0'
+      ;;
+    *)
+      echo "Invalid active slot"
+      exit 1
+  esac
+  echo "Target slot: $TARGET_SLOT"
+  target_dir="$SITE_ROOT/$TARGET_SLOT"
+  rm -rf $target_dir
+  mkdir $target_dir
+  # fetch and extract release tarball
+  umask 0027
+  if [[ $SOURCE_TARBALL == http* ]]; then
+    echo "Download from http!"
+    curl $SOURCE_TARBALL | tar -xzv -C $target_dir --strip-components 1 --no-same-permissions
+  else
+    echo "extract from local file system"
+    if [ ! -f $SOURCE_TARBALL ]; then
+      echo "Source tarball not found: $SOURCE_TARBALL"
+      exit 1
+    fi
+    tar -xzvf $SOURCE_TARBALL -C $target_dir --strip-components 1 --no-same-permissions
+  fi
+  chown -R $FILE_OWNER:$FILE_GROUP $target_dir
+  umask 0022
+  # link configuration files managed by puppet
+  ln -s /etc/openstackid/environment.php $target_dir/bootstrap/environment.php
+  ln -s /etc/openstackid/recaptcha.php $target_dir/app/config/packages/greggilbert/recaptcha/$LARAVEL_ENV/config.php
+  ln -s /etc/openstackid/database.php $target_dir/app/config/$LARAVEL_ENV/database.php
+  ln -s /etc/openstackid/log.php $target_dir/app/config/$LARAVEL_ENV/log.php
+  # link shared app/storage directory
+  rm -rf $target_dir/app/storage
+  ln -s $SITE_ROOT/storage $target_dir/app
+  # populate application database
+  cd $target_dir
+  php artisan migrate --env=$LARAVEL_ENV
+  # activate site
+  rm -rf $SITE_ROOT/w
+  ln -s $target_dir $SITE_ROOT/w
+}
diff --git a/modules/openstackid/manifests/deploy.pp b/modules/openstackid/manifests/deploy.pp
@@ -0,0 +1,53 @@
+# Copyright 2013  OpenStack Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Define: deploy
+#
+# deployment tool for laravel framework/php site management
+#
+define openstackid::deploy (
+) {
+  $deploy_dirs = [ '/opt/deploy', '/opt/deploy/conf.d' ]
+
+  file { $deploy_dirs:
+    ensure  => directory,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0755',
+  }
+
+  file { '/opt/deploy/deploy.sh':
+    source  => 'puppet:///modules/openstackid/deploy.sh',
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0755',
+    require => File[$deploy_dirs],
+  }
+
+  file { '/opt/deploy/functions':
+    source  => 'puppet:///modules/openstackid/functions',
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0644',
+    require => File[$deploy_dirs],
+  }
+
+  file { '/opt/deploy/deployrc':
+    source  => 'puppet:///modules/openstackid/deployrc',
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0644',
+    require => File[$deploy_dirs],
+  }
+}