4 $password_seed = lookup("base_installation::puppet_pass_seed")
5 $real_host = lookup("base_installation::real_hostname")
6 $web_listen = "127.0.0.1"
8 $pg_db = "etherpad-lite"
9 $pg_user = "etherpad-lite"
10 $pg_password = generate_password(24, $password_seed, "postgres_etherpad")
12 $ldap_server = lookup("base_installation::ldap_server")
13 $ldap_base = lookup("base_installation::ldap_base")
14 $ldap_dn = lookup("base_installation::ldap_dn")
15 $ldap_account_pattern = "(&(memberOf=cn=users,cn=etherpad,ou=services,dc=immae,dc=eu)(uid={{username}}))"
16 $ldap_group_pattern = "(memberOf=cn=groups,cn=etherpad,ou=services,dc=immae,dc=eu)"
17 $ldap_password = generate_password(24, $password_seed, "ldap")
20 include "base_installation"
22 include "profile::tools"
23 include "profile::postgresql"
24 include "profile::apache"
26 ensure_packages(["npm"])
27 ensure_packages(["abiword"])
28 ensure_packages(["libreoffice-fresh", "libreoffice-fresh-fr", "java-runtime-common", "jre8-openjdk"])
29 ensure_packages(["tidy"])
30 aur::package { "etherpad-lite": }
31 -> patch::file { "/usr/share/etherpad-lite/src/node/utils/LibreOffice.js":
32 diff_source => "puppet:///modules/role/etherpad/libreoffice_patch.diff",
34 -> file { "/etc/etherpad-lite/settings.json":
36 owner => "etherpad-lite",
37 group => "etherpad-lite",
38 notify => Service["etherpad-lite"],
39 content => template("role/etherpad/settings.json.erb"),
43 "ep_aa_file_menu_toolbar",
47 "ep_clear_formatting",
49 "ep_copy_paste_select_all",
61 "ep_set_title_on_pad",
62 "ep_subscript_and_superscript",
66 $modules.each |$module| {
67 exec { "npm_install_$module":
68 command => "/usr/bin/npm install $module",
69 unless => "/usr/bin/test -d /usr/share/etherpad-lite/node_modules/$module",
70 cwd => "/usr/share/etherpad-lite/",
71 environment => "HOME=/root",
72 require => Aur::Package["etherpad-lite"],
73 before => Service["etherpad-lite"],
74 notify => Service["etherpad-lite"],
77 file { "/usr/share/etherpad-lite/node_modules/$module/.ep_initialized":
80 before => Service["etherpad-lite"],
84 service { "etherpad-lite":
87 require => [Aur::Package["etherpad-lite"], Service["postgresql"]],
88 subscribe => Aur::Package["etherpad-lite"],
91 profile::postgresql::master { "postgresql master for etherpad":
92 letsencrypt_host => $real_host,
93 backup_hosts => ["backup-1"],
96 postgresql::server::db { $pg_db:
98 password => postgresql_password($pg_user, $pg_password),
101 postgresql::server::pg_hba_rule { "allow local access to $pg_user user":
105 auth_method => 'ident',
109 class { 'apache::mod::headers': }
110 apache::vhost { $web_host:
113 manage_docroot => false,
114 proxy_dest => "http://localhost:18000",
115 request_headers => 'set X-Forwarded-Proto "https"',
117 ssl_cert => "/etc/letsencrypt/live/$web_host/cert.pem",
118 ssl_key => "/etc/letsencrypt/live/$web_host/privkey.pem",
119 ssl_chain => "/etc/letsencrypt/live/$web_host/chain.pem",
120 require => Letsencrypt::Certonly[$web_host],
121 proxy_preserve_host => true;
122 default: * => $::profile::apache::apache_vhost_default;