X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Frole%2Fmanifests%2Fcaldance.pp;h=5bc39120841621630e5bd2ee78b975a773eb3983;hb=c4d8476be02b98c00f74f14839656bcf15df2454;hp=1cda69cf516c3180a08fd11bd19353763864e9da;hpb=a25b5f82989b0e1c4abbfe0feca7f836a608c7e6;p=perso%2FImmae%2FProjets%2FPuppet.git diff --git a/modules/role/manifests/caldance.pp b/modules/role/manifests/caldance.pp index 1cda69c..5bc3912 100644 --- a/modules/role/manifests/caldance.pp +++ b/modules/role/manifests/caldance.pp @@ -12,11 +12,12 @@ class role::caldance ( Optional[String] $pg_port = "5432", Optional[String] $caldance_version = undef, Optional[String] $caldance_sha256 = undef, + Optional[Array] $cron_pip = [], ) { $password_seed = lookup("base_installation::puppet_pass_seed") - $web_home = "/home/simon_descarpentries" include "base_installation" + include "profile::mail" include "profile::tools" include "profile::postgresql" include "profile::apache" @@ -26,6 +27,34 @@ class role::caldance ( ensure_packages(["python-pip", "python-virtualenv", "python-django"]) $caldance_app = "${home}/app" + $pg_password = generate_password(24, $password_seed, "postgres_caldance") + $secret_key = generate_password(24, $password_seed, "secret_key_caldance") + + $environment = { + "DB_NAME" => $pg_db, + "DB_USER" => $pg_user, + "DB_PASSWORD" => $pg_password, + "DB_HOST" => $pg_hostname, + "DB_PORT" => $pg_port, + "SECRET_KEY" => $secret_key, + "DEBUG" => "False", + "LOG_FILE" => "$home/caldev_django.log", + "MEDIA_ROOT" => "$home/media", + "FROM_EMAIL" => $mail_from, + "EMAIL_HOST" => $smtp_host, + "EMAIL_PORT" => $smtp_port, + } + $shell_env = $environment.map |$key, $value| { "$key=$value" } + $apache_env = $environment.map |$key, $value| { "CALDANCE_$key $value" } + + file { $home: + mode => "0755", + } + file { "${home}/caldev_django.log": + mode => "0664", + owner => $user, + group => "http", + } file { $caldance_app: ensure => "directory", @@ -33,6 +62,12 @@ class role::caldance ( owner => $user, group => $group, require => User["$user:"], + } -> + file { "${home}/media": + ensure => "directory", + mode => "0755", + owner => "http", + group => "http", } exec { "initialize_venv": @@ -58,46 +93,33 @@ class role::caldance ( exec { "py-requirements": cwd => $caldance_app, user => $user, - environment => ["HOME=${home}"], - command => "${home}/virtualenv/bin/pip install -r requirements.txt", + environment => concat(["HOME=${home}"], $shell_env), + command => "/usr/bin/sed -i -e '/GDAL/d' requirements.txt && ${home}/virtualenv/bin/pip install -r requirements.txt --upgrade", require => User["$user:"], refreshonly => true, } ~> exec { "py-migrate": cwd => $caldance_app, user => $user, - environment => ["HOME=${home}"], + environment => concat(["HOME=${home}"], $shell_env), command => "$caldance_app/manage.py migrate", - require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]], + require => [User["$user:"], File["$caldance_app/manage.py"]], refreshonly => true, } ~> exec { "py-static": cwd => $caldance_app, user => $user, - environment => ["HOME=${home}"], + environment => concat(["HOME=${home}"], $shell_env), command => "$caldance_app/manage.py collectstatic --no-input", - require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]], + require => [User["$user:"], File["$caldance_app/manage.py"]], refreshonly => true, } ~> exec { "reload httpd": command => "/usr/bin/systemctl reload httpd", - require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]], + require => [User["$user:"], File["$caldance_app/manage.py"]], refreshonly => true, } - $pg_password = generate_password(24, $password_seed, "postgres_caldance") - $secret_key = generate_password(24, $password_seed, "secret_key_caldance") - file { "$caldance_app/main_app/local_settings.py": - owner => $user, - group => $group, - mode => "0644", - content => template("role/caldance/local_settings.py.erb"), - require => [ - User["$user:"], - Archive[ "${home}/caldance_${caldance_version}.tar.gz"], - ], - } - $python_path = "${home}/virtualenv/bin/python" file { "$caldance_app/manage.py": owner => $user, @@ -140,8 +162,8 @@ class role::caldance ( ensure_packages(["mod_wsgi"]) class { 'apache::mod::wsgi': - wsgi_python_home => "$web_home/caldev_virtualenv", - wsgi_python_path => "$web_home/caldev/www.cal-dance.com/", + wsgi_python_home => "${home}/virtualenv", + wsgi_python_path => $caldance_app, require => Package["mod_wsgi"], } class { 'apache::mod::authn_file': } @@ -160,11 +182,11 @@ class role::caldance ( require => Letsencrypt::Certonly[$web_host], directories => [ { - path => "$web_home/caldev/www.cal-dance.com/main_app", + path => "$caldance_app/main_app", require => "all granted", }, { - path => "$web_home/caldev/www.cal-dance.com/www/static", + path => "$caldance_app/www/static", require => "all granted", }, { @@ -173,16 +195,28 @@ class role::caldance ( require => "valid-user", auth_type => "Basic", auth_name => "Authentification requise", - auth_user_file => "$web_home/caldev/.htpasswd", + auth_user_file => "$home/htpasswd", }, ], aliases => [ { alias => "/static/", - path => "$web_home/caldev/www.cal-dance.com/www/static/", + path => "$caldance_app/www/static/", }, ], - wsgi_script_aliases => { "/" => "$web_home/caldev/www.cal-dance.com/main_app/wsgi.py" }; + setenv => $apache_env, + wsgi_script_aliases => { "/" => "$caldance_app/main_app/wsgi.py" }; default: * => $::profile::apache::apache_vhost_default; } + + $mailtos = join($cron_pip, ",") + cron::job { "list_outdated_pip_packages": + ensure => present, + user => $user, + environment => concat(["HOME=${home}","MAILTO=${mailtos}"], $shell_env), + command => "${home}/virtualenv/bin/pip list --outdated", + minute => "15", + hour => "0", + require => Exec["initialize_venv"], + } }