diff --git a/manifests/site.pp b/manifests/site.pp index 2fd71eb75e..8b94f66c48 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -739,8 +739,11 @@ class { 'openstack_project::openstackid_dev': sysadmins => hiera('sysadmins'), site_admin_password => hiera('openstackid_dev_site_admin_password'), - mysql_host => hiera('openstackid_dev_mysql_host'), - mysql_password => hiera('openstackid_dev_mysql_password'), + id_mysql_host => hiera('openstackid_dev_id_mysql_host'), + id_mysql_password => hiera('openstackid_dev_id_mysql_password'), + ss_mysql_host => hiera('openstackid_dev_ss_mysql_host'), + ss_mysql_password => hiera('openstackid_dev_ss_mysql_password'), + redis_password => hiera('openstackid_dev_redis_password'), } } diff --git a/modules/openstack_project/manifests/openstackid_dev.pp b/modules/openstack_project/manifests/openstackid_dev.pp index dbdec647fc..575a860e60 100644 --- a/modules/openstack_project/manifests/openstackid_dev.pp +++ b/modules/openstack_project/manifests/openstackid_dev.pp @@ -17,14 +17,24 @@ class openstack_project::openstackid_dev ( $sysadmins = [], $site_admin_password = '', - $mysql_host = '', - $mysql_user = 'openstackid', - $mysql_password = '', + $id_mysql_host = '', + $id_mysql_user = 'openstackid', + $id_mysql_password = '', $id_db_name = 'openstackid_openid_dev', + $ss_mysql_host = '', + $ss_mysql_user = 'openstackid', + $ss_mysql_password = '', $ss_db_name = 'openstackid_silverstripe_dev', $redis_port = '6378', $redis_max_memory = '1gb', - $redis_bind = '127.0.0.1' + $redis_bind = '127.0.0.1', + $redis_password = '', + $id_recaptcha_public_key = '', + $id_recaptcha_private_key = '', + $id_recaptcha_template = '', + $id_log_error_to_email = '', + $id_log_error_from_email = '', + $id_environment = 'dev', ) { realize ( @@ -37,14 +47,24 @@ } class { 'openstackid': - site_admin_password => $site_admin_password, - mysql_host => $mysql_host, - mysql_user => $mysql_user, - mysql_password => $mysql_password, - id_db_name => $id_db_name, - ss_db_name => $ss_db_name, - redis_port => $redis_port, - redis_host => $redis_bind, + site_admin_password => $site_admin_password, + id_mysql_host => $id_mysql_host, + id_mysql_user => $id_mysql_user, + id_mysql_password => $id_mysql_password, + id_db_name => $id_db_name, + ss_mysql_host => $ss_mysql_host, + ss_mysql_user => $ss_mysql_user, + ss_mysql_password => $ss_mysql_password, + ss_db_name => $ss_db_name, + redis_port => $redis_port, + redis_host => $redis_bind, + redis_password => $redis_password, + id_recaptcha_public_key => $id_recaptcha_public_key, + id_recaptcha_private_key => $id_recaptcha_private_key, + id_recaptcha_template => $id_recaptcha_template, + id_log_error_to_email => $id_log_error_to_email, + id_log_error_from_email => $id_log_error_from_email, + id_environment => $id_environment, } # redis (custom module written by tipit) @@ -52,6 +72,7 @@ redis_port => $redis_port, redis_max_memory => $redis_max_memory, redis_bind => $redis_bind, + redis_password => $redis_password, } } diff --git a/modules/openstackid/files/deploy.sh b/modules/openstackid/files/deploy.sh new file mode 100644 index 0000000000..890a86889d --- /dev/null +++ b/modules/openstackid/files/deploy.sh @@ -0,0 +1,39 @@ +#!/bin/bash -e +# +# Site deployment tool +# +# Commands: +# init @sitealias http://example.com/source.tar.gz +# status @sitealias +# update @sitelias http://example.com/source.tar.gz +# rollback @sitealias +# +# + + + +TOP_DIR=$(cd $(dirname "$0") && pwd) +source $TOP_DIR/functions + +if [ ! -r $TOP_DIR/deployrc ]; then + echo "ERROR: missing deployrc - did you grab more than just deploy.sh?" + exit 1 +fi +source $TOP_DIR/deployrc + +command="${1}" +case $command in + init) + site_init ${2} + ;; + status) + site_status ${2} + ;; + update) + site_update ${2} + ;; + *) + print_help + exit 1 + ;; +esac \ No newline at end of file diff --git a/modules/openstackid/files/deployrc b/modules/openstackid/files/deployrc new file mode 100644 index 0000000000..fc81527da1 --- /dev/null +++ b/modules/openstackid/files/deployrc @@ -0,0 +1,8 @@ +CONF_DIR=$TOP_DIR +FILE_OWNER=root +FILE_GROUP=www-data + +# allow local overrides of env variables +if [ -f $TOP_DIR/localrc ]; then + . $TOP_DIR/localrc +fi \ No newline at end of file diff --git a/modules/openstackid/files/functions b/modules/openstackid/files/functions new file mode 100644 index 0000000000..282e86f58a --- /dev/null +++ b/modules/openstackid/files/functions @@ -0,0 +1,150 @@ +function print_help() { + echo "Usage: `basename $0` command [options]" + echo "" + echo "Commands:" + echo " status [site] return status information about site configurations" + echo " init initialize site structure" + echo " update update to new version" + echo "" +} + +function site_init() { + if [ ! $1 ]; then + echo "ERROR: site parameter mandatory" + exit 1 + fi + CONF_PATH="$CONF_DIR/conf.d/$1.conf" + if [ ! -f $CONF_PATH ]; then + echo "Site configuration not found: " $1 + exit 1 + fi + source $CONF_PATH + if [ -f "$SITE_ROOT/w/public/index.php" ]; then + echo "Cannot override an existing deployment: $SITE_ROOT/w" + exit 1 + fi + # cleanup previous broken deployment + rm -rf $SITE_ROOT/slot0 + # create directory structure + for dir in slot0 slot1; do + mkdir -p $SITE_ROOT/$dir + chown $FILE_OWNER:$FILE_GROUP $SITE_ROOT/$dir + done + target_dir="$SITE_ROOT/slot0" + # fetch and extract release tarball + umask 0027 + if [[ $SOURCE_TARBALL == http* ]]; then + echo "Download from http!" + curl $SOURCE_TARBALL | tar -xzv -C $target_dir --strip-components 1 --no-same-permissions + else + echo "extract from local file system" + if [ ! -f $SOURCE_TARBALL ]; then + echo "Source tarball not found: $SOURCE_TARBALL" + exit 1 + fi + tar -xzvf $SOURCE_TARBALL -C $target_dir --strip-components 1 --no-same-permissions + fi + chown -R $FILE_OWNER:$FILE_GROUP $target_dir + umask 0022 + # link configuration files managed by puppet + ln -s /etc/openstackid/environment.php $target_dir/bootstrap/environment.php + ln -s /etc/openstackid/recaptcha.php $target_dir/app/config/packages/greggilbert/recaptcha/$LARAVEL_ENV/config.php + ln -s /etc/openstackid/database.php $target_dir/app/config/$LARAVEL_ENV/database.php + ln -s /etc/openstackid/log.php $target_dir/app/config/$LARAVEL_ENV/log.php + # convert app/storage into symlink and set permissions + mv $target_dir/app/storage $SITE_ROOT/ + chmod 02770 $SITE_ROOT/storage + find $SITE_ROOT/storage/ -type d -exec chmod 0775 {} \; + find $SITE_ROOT/storage/ -type f -exec chmod 0664 {} \; + rm -rf $target_dir/app/storage + ln -s $SITE_ROOT/storage $target_dir/app + # populate application database + cd $target_dir + php artisan migrate --env=$LARAVEL_ENV + php artisan db:seed --env=$LARAVEL_ENV + # activate site + rm -rf $SITE_ROOT/w + ln -s $SITE_ROOT/slot0 $SITE_ROOT/w +} + +function site_status() { + if [ ! $1 ]; then + echo "ERROR: site parameter mandatory" + exit 1 + fi + CONF_PATH="$CONF_DIR/conf.d/$1.conf" + if [ ! -f $CONF_PATH ]; then + echo "Site configuration not found: $1" + exit 0 + fi + source $CONF_PATH + if [ ! -f "$SITE_ROOT/w/public/index.php" ]; then + if [ -d "$SITE_ROOT/slot0" ]; then + echo "PENDING" + else + echo "N/A" + exit 1 + fi + else + echo "INSTALLED" + fi +} + +function site_update() { + if [ ! $1 ]; then + echo "ERROR: missing site parameter" + exit 1 + fi + CONF_PATH="$CONF_DIR/conf.d/$1.conf" + if [ ! -f $CONF_PATH ]; then + echo "Site configuration not found: $1" + exit 0 + fi + source $CONF_PATH + SITE_LINK=`readlink -f $SITE_ROOT/w` + ACTIVE_SLOT=`basename $SITE_LINK` + case $ACTIVE_SLOT in + slot0) + TARGET_SLOT='slot1' + ;; + slot1) + TARGET_SLOT='slot0' + ;; + *) + echo "Invalid active slot" + exit 1 + esac + echo "Target slot: $TARGET_SLOT" + target_dir="$SITE_ROOT/$TARGET_SLOT" + rm -rf $target_dir + mkdir $target_dir + # fetch and extract release tarball + umask 0027 + if [[ $SOURCE_TARBALL == http* ]]; then + echo "Download from http!" + curl $SOURCE_TARBALL | tar -xzv -C $target_dir --strip-components 1 --no-same-permissions + else + echo "extract from local file system" + if [ ! -f $SOURCE_TARBALL ]; then + echo "Source tarball not found: $SOURCE_TARBALL" + exit 1 + fi + tar -xzvf $SOURCE_TARBALL -C $target_dir --strip-components 1 --no-same-permissions + fi + chown -R $FILE_OWNER:$FILE_GROUP $target_dir + umask 0022 + # link configuration files managed by puppet + ln -s /etc/openstackid/environment.php $target_dir/bootstrap/environment.php + ln -s /etc/openstackid/recaptcha.php $target_dir/app/config/packages/greggilbert/recaptcha/$LARAVEL_ENV/config.php + ln -s /etc/openstackid/database.php $target_dir/app/config/$LARAVEL_ENV/database.php + ln -s /etc/openstackid/log.php $target_dir/app/config/$LARAVEL_ENV/log.php + # link shared app/storage directory + rm -rf $target_dir/app/storage + ln -s $SITE_ROOT/storage $target_dir/app + # populate application database + cd $target_dir + php artisan migrate --env=$LARAVEL_ENV + # activate site + rm -rf $SITE_ROOT/w + ln -s $target_dir $SITE_ROOT/w +} diff --git a/modules/openstackid/manifests/deploy.pp b/modules/openstackid/manifests/deploy.pp new file mode 100644 index 0000000000..adff643066 --- /dev/null +++ b/modules/openstackid/manifests/deploy.pp @@ -0,0 +1,53 @@ +# Copyright 2013 OpenStack Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Define: deploy +# +# deployment tool for laravel framework/php site management +# +define openstackid::deploy ( +) { + $deploy_dirs = [ '/opt/deploy', '/opt/deploy/conf.d' ] + + file { $deploy_dirs: + ensure => directory, + owner => 'root', + group => 'root', + mode => '0755', + } + + file { '/opt/deploy/deploy.sh': + source => 'puppet:///modules/openstackid/deploy.sh', + owner => 'root', + group => 'root', + mode => '0755', + require => File[$deploy_dirs], + } + + file { '/opt/deploy/functions': + source => 'puppet:///modules/openstackid/functions', + owner => 'root', + group => 'root', + mode => '0644', + require => File[$deploy_dirs], + } + + file { '/opt/deploy/deployrc': + source => 'puppet:///modules/openstackid/deployrc', + owner => 'root', + group => 'root', + mode => '0644', + require => File[$deploy_dirs], + } +} \ No newline at end of file diff --git a/modules/openstackid/manifests/init.pp b/modules/openstackid/manifests/init.pp index 5e0f595432..edd90f6e4f 100644 --- a/modules/openstackid/manifests/init.pp +++ b/modules/openstackid/manifests/init.pp @@ -19,13 +19,17 @@ class openstackid ( $git_source_repo = 'https://git.openstack.org/openstack-infra/openstackid', $site_admin_password = '', - $mysql_host = '', - $mysql_user = '', - $mysql_password = '', + $id_mysql_host = '', + $id_mysql_user = '', + $id_mysql_password = '', $id_db_name = '', + $ss_mysql_host = '', + $ss_mysql_user = '', + $ss_mysql_password = '', $ss_db_name = '', $redis_port = '', $redis_host = '', + $redis_password = '', $vhost_name = $::fqdn, $robots_txt_source = '', $serveradmin = "webmaster@${::fqdn}", @@ -37,29 +41,26 @@ $ssl_key_file_contents = '', # If left empty puppet will not create file. $ssl_chain_file_contents = '', # If left empty puppet will not create file. $httpd_acceptorthreads = '', + $id_log_error_to_email = '', + $id_log_error_from_email = '', + $id_environment = 'dev', + $id_hostname = $::fqdn, + $id_recaptcha_public_key = '', + $id_recaptcha_private_key = '', + $id_recaptcha_template = '', ) { - vcsrepo { '/opt/openstackid': - ensure => latest, - provider => git, - revision => 'master', - source => $git_source_repo, - } - - # we need PHP 5.4 or greather - include apt - apt::ppa { 'ppa:ondrej/php5-oldstable': } - # php packages needed for openid server - package { - [ + $php5_packages = [ 'php5-common', 'php5-curl', 'php5-cli', 'php5-json', 'php5-mcrypt', 'php5-mysql', - ]: + ] + + package { $php5_packages: require => Exec[apt_update], } @@ -87,60 +88,54 @@ ensure => present, content => template('openstackid/database.php.erb'), owner => 'root', - group => 'openstackid', + group => 'www-data', mode => '0640', require => [ File['/etc/openstackid'], - Group['openstackid'], ] } - file { '/srv/openstackid': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - } - - file { '/srv/openstackid/app': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - require => File['/srv/openstackid'], + file { '/etc/openstackid/log.php': + ensure => present, + content => template('openstackid/log.php.erb'), + owner => 'root', + group => 'www-data', + mode => '0640', + require => [ + File['/etc/openstackid'], + ] } - file { '/srv/openstackid/app/config': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - require => File['/srv/openstackid/app'], + file { '/etc/openstackid/environment.php': + ensure => present, + content => template('openstackid/environment.php.erb'), + owner => 'root', + group => 'www-data', + mode => '0640', + require => [ + File['/etc/openstackid'], + ] } - file { '/srv/openstackid/app/config/dev': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - require => File['/srv/openstackid/app/config'], + file { '/etc/openstackid/recaptcha.php': + ensure => present, + content => template('openstackid/recaptcha.php.erb'), + owner => 'root', + group => 'www-data', + mode => '0640', + require => [ + File['/etc/openstackid'], + ] } - file { '/srv/openstackid/app/config/dev/database.php': - ensure => link, - target => '/etc/openstackid/database.php', - require => [ - File['/srv/openstackid/app/config/dev'], - File['/etc/openstackid/database.php'], - ], - } + $docroot_dirs = [ '/srv/openstackid', '/srv/openstackid/w', + '/srv/openstackid/w/public'] - file { '/srv/openstackid/public': + file { $docroot_dirs: ensure => directory, owner => 'root', group => 'root', mode => '0755', - require => File['/srv/openstackid'], } include apache @@ -148,11 +143,11 @@ include apache::php apache::vhost { $vhost_name: port => 443, - docroot => '/srv/openstackid/public', + docroot => '/srv/openstackid/w/public', priority => '50', template => 'openstackid/vhost.erb', ssl => true, - require => File['/srv/openstackid/public'], + require => File[$docroot_dirs], } a2mod { 'rewrite': ensure => present, @@ -194,14 +189,29 @@ } } - if $robots_txt_source != '' { - file { '/srv/openstackid/public/robots.txt': - owner => 'root', - group => 'root', - mode => '0644', - source => $robots_txt_source, - require => File['/srv/openstackid/public'], - } + deploy { 'deploytool': + } + + file { '/opt/deploy/conf.d/openstackid.conf': + content => template('openstackid/openstackid.conf.erb'), + owner => 'root', + group => 'root', + mode => '0644', + require => Deploy['deploytool'], + } + + exec { 'deploy-site': + path => '/usr/bin:/bin:/usr/local/bin', + command => '/opt/deploy/deploy.sh init openstackid', + onlyif => '/opt/deploy/deploy.sh status openstackid | grep N/A', + logoutput => on_failure, + require => [ + File['/opt/deploy/conf.d/openstackid.conf'], + Apache::Vhost[$vhost_name], + File['/etc/openstackid/recaptcha.php'], + File['/etc/openstackid/database.php'], + File['/etc/openstackid/log.php'], + Package[$php5_packages] ], } } diff --git a/modules/openstackid/templates/database.php.erb b/modules/openstackid/templates/database.php.erb index e7b6c6a9c0..e358bc2826 100644 --- a/modules/openstackid/templates/database.php.erb +++ b/modules/openstackid/templates/database.php.erb @@ -1,107 +1,94 @@ PDO::FETCH_CLASS, - - /* - |-------------------------------------------------------------------------- - | Default Database Connection Name - |-------------------------------------------------------------------------- - | - | Here you may specify which of the database connections below you wish - | to use as your default connection for all database work. Of course - | you may use many connections at once using the Database library. - | - */ - - 'default' => 'mysql', - - /* - |-------------------------------------------------------------------------- - | Database Connections - |-------------------------------------------------------------------------- - | - | Here are each of the database connections setup for your application. - | Of course, examples of configuring each database platform that is - | supported by Laravel is shown below to make development simple. - | - | - | All database work in Laravel is done through the PHP PDO facilities - | so make sure you have the driver for your particular database of - | choice installed on your machine before you begin development. - | - */ - - 'connections' => array( - /* OpenID IDP database */ - 'mysql' => array( - 'driver' => 'mysql', - 'host' => '<%= mysql_host %>', - 'database' => '<%= id_db_name %>', - 'username' => '<%= mysql_user %>', - 'password' => '<%= mysql_password %>', - 'charset' => 'utf8', - 'collation' => 'utf8_unicode_ci', - 'prefix' => '', - ), - /* Silverstripe database */ - 'mysql_external' => array( - 'driver' => 'mysql', - 'host' => '<%= mysql_host %>', - 'database' => '<%= ss_db_name %>', - 'username' => '<%= mysql_user %>', - 'password' => '<%= mysql_password %>', - 'charset' => 'utf8', - 'collation' => 'utf8_unicode_ci', - 'prefix' => '', - ), + /* + |-------------------------------------------------------------------------- + | PDO Fetch Style + |-------------------------------------------------------------------------- + | + | By default, database results will be returned as instances of the PHP + | stdClass object; however, you may desire to retrieve records in an + | array format for simplicity. Here you can tweak the fetch style. + | + */ + 'fetch' => PDO::FETCH_CLASS, + /* + |-------------------------------------------------------------------------- + | Default Database Connection Name + |-------------------------------------------------------------------------- + | + | Here you may specify which of the database connections below you wish + | to use as your default connection for all database work. Of course + | you may use many connections at once using the Database library. + | + */ + 'default' => 'openstackid', + /* + |-------------------------------------------------------------------------- + | Database Connections + |-------------------------------------------------------------------------- + | + | Here are each of the database connections setup for your application. + | Of course, examples of configuring each database platform that is + | supported by Laravel is shown below to make development simple. + | + | + | All database work in Laravel is done through the PHP PDO facilities + | so make sure you have the driver for your particular database of + | choice installed on your machine before you begin development. + | + */ + 'connections' => array( + //primary DB + 'openstackid' => array( + 'driver' => 'mysql', + 'host' => '<%= id_mysql_host %>', + 'database' => '<%= id_db_name %>', + 'username' => '<%= id_mysql_user %>', + 'password' => '<%= id_mysql_password %>', + 'charset' => 'utf8', + 'collation' => 'utf8_unicode_ci', + 'prefix' => '', + ), + //secondary DB (OS Membership) + 'os_members' => array( + 'driver' => 'mysql', + 'host' => '<%= ss_mysql_host %>', + 'database' => '<%= ss_db_name %>', + 'username' => '<%= ss_mysql_user %>', + 'password' => '<%= ss_mysql_password %>', + 'charset' => 'utf8', + 'collation' => 'utf8_unicode_ci', + 'prefix' => '', ), - - /* - |-------------------------------------------------------------------------- - | Migration Repository Table - |-------------------------------------------------------------------------- - | - | This table keeps track of all the migrations that have already run for - | your application. Using this information, we can determine which of - | the migrations on disk have not actually be run in the databases. - | - */ - - 'migrations' => 'migrations', - - /* - |-------------------------------------------------------------------------- - | Redis Databases - |-------------------------------------------------------------------------- - | - | Redis is an open source, fast, and advanced key-value store that also - | provides a richer set of commands than a typical key-value systems - | such as APC or Memcached. Laravel makes it easy to dig right in. - | - */ - - 'redis' => array( - - 'cluster' => true, - - 'default' => array( - 'host' => '<%= redis_host %>', - 'port' => <%= redis_port %>, - ), - + ), + /* + |-------------------------------------------------------------------------- + | Migration Repository Table + |-------------------------------------------------------------------------- + | + | This table keeps track of all the migrations that have already run for + | your application. Using this information, we can determine which of + | the migrations on disk have not actually be run in the databases. + | + */ + 'migrations' => 'migrations', + /* + |-------------------------------------------------------------------------- + | Redis Databases + |-------------------------------------------------------------------------- + | + | Redis is an open source, fast, and advanced key-value store that also + | provides a richer set of commands than a typical key-value systems + | such as APC or Memcached. Laravel makes it easy to dig right in. + | + */ + 'redis' => array( + 'cluster' => false, + 'default' => array( + 'host' => '<%= redis_host %>', + 'port' => <%= redis_port %>, + 'database' => 0, + 'password' => '<%= redis_password %>' ), - + ), ); diff --git a/modules/openstackid/templates/environment.php.erb b/modules/openstackid/templates/environment.php.erb new file mode 100644 index 0000000000..e3353e2539 --- /dev/null +++ b/modules/openstackid/templates/environment.php.erb @@ -0,0 +1,6 @@ +detectEnvironment(array( + '<%= id_environment %>' => array('<%= id_hostname %>') +)); + diff --git a/modules/openstackid/templates/log.php.erb b/modules/openstackid/templates/log.php.erb new file mode 100644 index 0000000000..90f952c7cb --- /dev/null +++ b/modules/openstackid/templates/log.php.erb @@ -0,0 +1,10 @@ + '<%= id_log_error_to_email %>', + //The sender of the mail + 'from_email' => '<%= id_log_error_from_email %>' +); diff --git a/modules/openstackid/templates/openstackid.conf.erb b/modules/openstackid/templates/openstackid.conf.erb new file mode 100644 index 0000000000..30e81c2f7d --- /dev/null +++ b/modules/openstackid/templates/openstackid.conf.erb @@ -0,0 +1,3 @@ +SITE_ROOT=/srv/openstackid +SOURCE_TARBALL=http://tarballs.openstack.org/openstackid/openstackid-latest.tar.gz +LARAVEL_ENV=dev \ No newline at end of file diff --git a/modules/openstackid/templates/recaptcha.php.erb b/modules/openstackid/templates/recaptcha.php.erb new file mode 100644 index 0000000000..d706ad89ab --- /dev/null +++ b/modules/openstackid/templates/recaptcha.php.erb @@ -0,0 +1,22 @@ + '<%= id_recaptcha_public_key %>', + 'private_key' => '<%= id_recaptcha_private_key %>', + /* + |-------------------------------------------------------------------------- + | Template + |-------------------------------------------------------------------------- + | + | Set a template to use if you don't want to use the standard one. + | + */ + 'template' => '<%= id_recaptcha_template %>' +); diff --git a/modules/redis/manifests/init.pp b/modules/redis/manifests/init.pp index 07ad604eaf..74b7aa28f4 100644 --- a/modules/redis/manifests/init.pp +++ b/modules/redis/manifests/init.pp @@ -18,14 +18,14 @@ class redis( $redis_port = '6379', - $redis_max_memory = '1gb', $redis_bind = '127.0.0.1', - $redis_bin_dir = '/usr/bin', + $redis_password = '', + $redis_max_memory = '1gb', $version = '2.2.12', ) { package {'redis-server': - ensure => installed, + ensure => present, } case $version { @@ -43,31 +43,20 @@ } } - file { '/etc/init.d/redis-server': - ensure => present, - owner => 'root', - group => 'root', - mode => '0755', - require => Package['redis-server'], - content => template('redis/init_script.erb'), - } - file { '/etc/redis/redis.conf': - ensure => present, - owner => 'root', - group => 'root', - mode => '0644', - content => template("redis/${redis_conf_file}"), - require => Package['redis-server'], - notify => Service['redis-server'], - } + ensure => present, + owner => 'root', + group => 'root', + mode => '0644', + replace => true, + content => template("redis/${redis_conf_file}"), + require => Package['redis-server'], + } - service { 'redis-server': - ensure => running, - enable => true, - hasstatus => true, - hasrestart => true, - require => [ File['/etc/redis/redis.conf'], File['/etc/init.d/redis-server'], Package['redis-server'] ], - } + service { 'redis-server': + ensure => running, + require => Package['redis-server'], + subscribe => File['/etc/redis/redis.conf'], + } -} +} \ No newline at end of file diff --git a/modules/redis/templates/init_script.erb b/modules/redis/templates/init_script.erb deleted file mode 100644 index 47d48ec68a..0000000000 --- a/modules/redis/templates/init_script.erb +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/sh -# -# Simple Redis init.d script conceived to work on Linux systems -# as it does use of the /proc filesystem. - -REDISPORT="<%= redis_port %>" -EXEC=<%= redis_bin_dir %>/redis-server -CLIEXEC=<%= redis_bin_dir %>/redis-cli - -PIDFILE=/var/run/redis.pid -CONF="/etc/redis/redis.conf" - -case "$1" in - start) - if [ -f $PIDFILE ] - then - echo "$PIDFILE exists, process is already running or crashed" - else - echo "Starting Redis server..." - $EXEC $CONF - fi - ;; - stop) - if [ ! -f $PIDFILE ] - then - echo "$PIDFILE does not exist, process is not running" - else - PID=$(cat $PIDFILE) - echo "Stopping ..." - $CLIEXEC -p $REDISPORT shutdown - while [ -x /proc/${PID} ] - do - echo "Waiting for Redis to shutdown ..." - sleep 1 - done - echo "Redis stopped" - fi - ;; - *) - echo "Please use start or stop as first argument" - ;; -esac diff --git a/modules/redis/templates/redis.2.2.conf.erb b/modules/redis/templates/redis.2.2.conf.erb index a5a4b11998..bbde00aba0 100644 --- a/modules/redis/templates/redis.2.2.conf.erb +++ b/modules/redis/templates/redis.2.2.conf.erb @@ -14,7 +14,7 @@ # By default Redis does not run as a daemon. Use 'yes' if you need it. # Note that Redis will write a pid file in /var/run/redis.pid when daemonized. -daemonize no +daemonize yes # When running daemonized, Redis writes a pid file in /var/run/redis.pid by # default. You can specify a custom pid file location here. @@ -49,7 +49,7 @@ loglevel verbose # Specify the log file name. Also 'stdout' can be used to force # Redis to log on the standard output. Note that if you use standard # output for logging but daemonize, logs will be sent to /dev/null -logfile stdout +logfile /var/log/redis/redis-server.log # To enable logging to the system logger, just set 'syslog-enabled' to yes, # and optionally update the other syslog parameters to suit your needs. @@ -147,7 +147,9 @@ slave-serve-stale-data yes # 150k passwords per second against a good box. This means that you should # use a very strong password otherwise it will be very easy to break. # -# requirepass foobared +<% if redis_password != "" %> +requirepass <%= redis_password %> +<% end %> # Command renaming. # diff --git a/modules/redis/templates/redis.2.4.conf.erb b/modules/redis/templates/redis.2.4.conf.erb index 1692a670f1..11c9190888 100644 --- a/modules/redis/templates/redis.2.4.conf.erb +++ b/modules/redis/templates/redis.2.4.conf.erb @@ -14,7 +14,7 @@ # By default Redis does not run as a daemon. Use 'yes' if you need it. # Note that Redis will write a pid file in /var/run/redis.pid when daemonized. -daemonize no +daemonize yes # When running daemonized, Redis writes a pid file in /var/run/redis.pid by # default. You can specify a custom pid file location here. @@ -50,7 +50,7 @@ loglevel verbose # Specify the log file name. Also 'stdout' can be used to force # Redis to log on the standard output. Note that if you use standard # output for logging but daemonize, logs will be sent to /dev/null -logfile stdout +logfile /var/log/redis/redis-server.log # To enable logging to the system logger, just set 'syslog-enabled' to yes, # and optionally update the other syslog parameters to suit your needs. @@ -178,7 +178,9 @@ slave-priority 100 # 150k passwords per second against a good box. This means that you should # use a very strong password otherwise it will be very easy to break. # -# requirepass foobared +<% if redis_password != "" %> +requirepass <%= redis_password %> +<% end %> # Command renaming. # diff --git a/modules/redis/templates/redis.2.6.conf.erb b/modules/redis/templates/redis.2.6.conf.erb index 92f1c6f3e0..2719e9498a 100644 --- a/modules/redis/templates/redis.2.6.conf.erb +++ b/modules/redis/templates/redis.2.6.conf.erb @@ -14,7 +14,7 @@ # By default Redis does not run as a daemon. Use 'yes' if you need it. # Note that Redis will write a pid file in /var/run/redis.pid when daemonized. -daemonize no +daemonize yes # When running daemonized, Redis writes a pid file in /var/run/redis.pid by # default. You can specify a custom pid file location here. @@ -61,7 +61,7 @@ tcp-keepalive 0 # verbose (many rarely useful info, but not a mess like the debug level) # notice (moderately verbose, what you want in production probably) # warning (only very important / critical messages are logged) -loglevel notice +logfile /var/log/redis/redis-server.log # Specify the log file name. Also 'stdout' can be used to force # Redis to log on the standard output. Note that if you use standard @@ -255,7 +255,9 @@ slave-priority 100 # 150k passwords per second against a good box. This means that you should # use a very strong password otherwise it will be very easy to break. # -# requirepass foobared +<% if redis_password != "" %> +requirepass <%= redis_password %> +<% end %> # Command renaming. #