]>
Commit | Line | Data |
---|---|---|
c230c663 | 1 | class role::etherpad ( |
c6709846 | 2 | String $web_host, |
c230c663 IB |
3 | ) { |
4 | $password_seed = lookup("base_installation::puppet_pass_seed") | |
c6709846 IB |
5 | $real_host = lookup("base_installation::real_hostname") |
6 | $web_listen = "127.0.0.1" | |
580bd7fc IB |
7 | $web_port = 18000 |
8 | $pg_db = "etherpad-lite" | |
9 | $pg_user = "etherpad-lite" | |
10 | $pg_password = generate_password(24, $password_seed, "postgres_etherpad") | |
11 | ||
12 | $ldap_server = lookup("base_installation::ldap_server") | |
13 | $ldap_base = lookup("base_installation::ldap_base") | |
14 | $ldap_dn = lookup("base_installation::ldap_dn") | |
15 | $ldap_account_pattern = "(&(memberOf=cn=users,cn=etherpad,ou=services,dc=immae,dc=eu)(uid={{username}}))" | |
16 | $ldap_group_pattern = "(memberOf=cn=groups,cn=etherpad,ou=services,dc=immae,dc=eu)" | |
17 | $ldap_password = generate_password(24, $password_seed, "ldap") | |
18 | ||
c230c663 IB |
19 | |
20 | include "base_installation" | |
21 | ||
22 | include "profile::tools" | |
23 | include "profile::postgresql" | |
24 | include "profile::apache" | |
a0df248a | 25 | include "profile::monitoring" |
c230c663 IB |
26 | |
27 | ensure_packages(["npm"]) | |
28 | ensure_packages(["abiword"]) | |
29 | ensure_packages(["libreoffice-fresh", "libreoffice-fresh-fr", "java-runtime-common", "jre8-openjdk"]) | |
30 | ensure_packages(["tidy"]) | |
31 | aur::package { "etherpad-lite": } | |
a1c31465 IB |
32 | -> patch::file { "/usr/share/etherpad-lite/src/node/utils/LibreOffice.js": |
33 | diff_source => "puppet:///modules/role/etherpad/libreoffice_patch.diff", | |
34 | } | |
580bd7fc IB |
35 | -> file { "/etc/etherpad-lite/settings.json": |
36 | ensure => present, | |
37 | owner => "etherpad-lite", | |
38 | group => "etherpad-lite", | |
39 | notify => Service["etherpad-lite"], | |
40 | content => template("role/etherpad/settings.json.erb"), | |
41 | } | |
c230c663 IB |
42 | |
43 | $modules = [ | |
44 | "ep_aa_file_menu_toolbar", | |
45 | "ep_adminpads", | |
46 | "ep_align", | |
47 | "ep_bookmark", | |
48 | "ep_clear_formatting", | |
49 | "ep_colors", | |
50 | "ep_copy_paste_select_all", | |
51 | "ep_cursortrace", | |
52 | "ep_embedmedia", | |
53 | "ep_font_family", | |
54 | "ep_font_size", | |
55 | "ep_headings2", | |
56 | "ep_ldapauth", | |
57 | "ep_line_height", | |
58 | "ep_markdown", | |
59 | "ep_previewimages", | |
60 | "ep_ruler", | |
61 | "ep_scrollto", | |
62 | "ep_set_title_on_pad", | |
63 | "ep_subscript_and_superscript", | |
64 | "ep_timesliderdiff" | |
65 | ] | |
66 | ||
67 | $modules.each |$module| { | |
68 | exec { "npm_install_$module": | |
69 | command => "/usr/bin/npm install $module", | |
70 | unless => "/usr/bin/test -d /usr/share/etherpad-lite/node_modules/$module", | |
71 | cwd => "/usr/share/etherpad-lite/", | |
72 | environment => "HOME=/root", | |
73 | require => Aur::Package["etherpad-lite"], | |
74 | before => Service["etherpad-lite"], | |
75 | notify => Service["etherpad-lite"], | |
76 | } | |
77 | -> | |
78 | file { "/usr/share/etherpad-lite/node_modules/$module/.ep_initialized": | |
79 | ensure => present, | |
80 | mode => "0644", | |
81 | before => Service["etherpad-lite"], | |
82 | } | |
83 | } | |
84 | ||
85 | service { "etherpad-lite": | |
86 | enable => true, | |
87 | ensure => "running", | |
7485fdca | 88 | require => [Aur::Package["etherpad-lite"], Service["postgresql"]], |
c230c663 IB |
89 | subscribe => Aur::Package["etherpad-lite"], |
90 | } | |
91 | ||
436cae5e | 92 | profile::postgresql::master { "postgresql master for etherpad": |
c6709846 | 93 | letsencrypt_host => $real_host, |
f568173a | 94 | backup_hosts => ["backup-1"], |
c230c663 IB |
95 | } |
96 | ||
97 | postgresql::server::db { $pg_db: | |
98 | user => $pg_user, | |
99 | password => postgresql_password($pg_user, $pg_password), | |
100 | } | |
101 | ||
102 | postgresql::server::pg_hba_rule { "allow local access to $pg_user user": | |
103 | type => 'local', | |
104 | database => $pg_db, | |
105 | user => $pg_user, | |
106 | auth_method => 'ident', | |
107 | order => "05-01", | |
108 | } | |
109 | ||
c6709846 IB |
110 | class { 'apache::mod::headers': } |
111 | apache::vhost { $web_host: | |
112 | port => '443', | |
113 | docroot => false, | |
114 | manage_docroot => false, | |
115 | proxy_dest => "http://localhost:18000", | |
116 | request_headers => 'set X-Forwarded-Proto "https"', | |
117 | ssl => true, | |
118 | ssl_cert => "/etc/letsencrypt/live/$web_host/cert.pem", | |
119 | ssl_key => "/etc/letsencrypt/live/$web_host/privkey.pem", | |
120 | ssl_chain => "/etc/letsencrypt/live/$web_host/chain.pem", | |
121 | require => Letsencrypt::Certonly[$web_host], | |
122 | proxy_preserve_host => true; | |
123 | default: * => $::profile::apache::apache_vhost_default; | |
124 | } | |
c230c663 | 125 | } |