11 Optional[String] $pg_hostname = "/run/postgresql",
12 Optional[String] $pg_port = "5432",
13 Optional[String] $caldance_version = undef,
14 Optional[String] $caldance_sha256 = undef,
16 $password_seed = lookup("base_installation::puppet_pass_seed")
17 $web_home = "/home/simon_descarpentries"
18 include "base_installation"
20 include "profile::tools"
21 include "profile::postgresql"
22 include "profile::apache"
23 include "profile::redis"
24 include "profile::monitoring"
26 ensure_packages(["python-pip", "python-virtualenv", "python-django"])
28 $caldance_app = "${home}/app"
31 ensure => "directory",
35 require => User["$user:"],
38 exec { "initialize_venv":
40 require => User["$user:"],
41 command => "/usr/bin/virtualenv ${home}/virtualenv",
42 creates => "${home}/virtualenv",
45 archive { "${home}/caldance_${caldance_version}.tar.gz":
46 path => "${home}/caldance_${caldance_version}.tar.gz",
47 source => "https://release.immae.eu/caldance/caldance_${caldance_version}.tar.gz",
48 checksum_type => "sha256",
49 checksum => $caldance_sha256,
53 username => lookup("base_installation::ldap_cn"),
54 password => generate_password(24, $password_seed, "ldap"),
55 extract_path => $caldance_app,
56 require => [User["$user:"], File[$caldance_app]],
58 exec { "py-requirements":
61 environment => ["HOME=${home}"],
62 command => "${home}/virtualenv/bin/pip install -r requirements.txt",
63 require => User["$user:"],
69 environment => ["HOME=${home}"],
70 command => "$caldance_app/manage.py migrate",
71 require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]],
77 environment => ["HOME=${home}"],
78 command => "$caldance_app/manage.py collectstatic --no-input",
79 require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]],
82 exec { "reload httpd":
83 command => "/usr/bin/systemctl reload httpd",
84 require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]],
88 $pg_password = generate_password(24, $password_seed, "postgres_caldance")
89 $secret_key = generate_password(24, $password_seed, "secret_key_caldance")
90 file { "$caldance_app/main_app/local_settings.py":
94 content => template("role/caldance/local_settings.py.erb"),
97 Archive[ "${home}/caldance_${caldance_version}.tar.gz"],
101 $python_path = "${home}/virtualenv/bin/python"
102 file { "$caldance_app/manage.py":
106 content => template("role/caldance/manage.py.erb"),
109 Archive[ "${home}/caldance_${caldance_version}.tar.gz"],
113 profile::postgresql::master { "postgresql master for caldance":
114 letsencrypt_host => $web_host,
115 backup_hosts => ["backup-1"],
118 postgresql::server::db { $pg_db:
120 password => postgresql_password($pg_user, $pg_password),
123 # pour le script de génération de mdp
124 ensure_packages(["perl-digest-sha1"])
126 ensure_packages(["postgis", "python-gdal", "ripgrep"])
127 file { "/usr/local/bin/ldap_ssha":
131 source => "puppet:///modules/base_installation/scripts/ldap_ssha",
132 require => Package["perl-digest-sha1"],
135 sudo::conf { 'wheel_nopasswd':
137 content => "%wheel ALL=(ALL) NOPASSWD: ALL",
138 require => Package["sudo"],
141 ensure_packages(["mod_wsgi"])
142 class { 'apache::mod::wsgi':
143 wsgi_python_home => "$web_home/caldev_virtualenv",
144 wsgi_python_path => "$web_home/caldev/www.cal-dance.com/",
145 require => Package["mod_wsgi"],
147 class { 'apache::mod::authn_file': }
148 class { 'apache::mod::authn_core': }
149 class { 'apache::mod::authz_user': }
150 class { 'apache::mod::auth_basic': }
152 apache::vhost { $web_host:
155 manage_docroot => false,
157 ssl_cert => "/etc/letsencrypt/live/$web_host/cert.pem",
158 ssl_key => "/etc/letsencrypt/live/$web_host/privkey.pem",
159 ssl_chain => "/etc/letsencrypt/live/$web_host/chain.pem",
160 require => Letsencrypt::Certonly[$web_host],
163 path => "$web_home/caldev/www.cal-dance.com/main_app",
164 require => "all granted",
167 path => "$web_home/caldev/www.cal-dance.com/www/static",
168 require => "all granted",
172 provider => "location",
173 require => "valid-user",
174 auth_type => "Basic",
175 auth_name => "Authentification requise",
176 auth_user_file => "$web_home/caldev/.htpasswd",
182 path => "$web_home/caldev/www.cal-dance.com/www/static/",
185 wsgi_script_aliases => { "/" => "$web_home/caldev/www.cal-dance.com/main_app/wsgi.py" };
186 default: * => $::profile::apache::apache_vhost_default;