modules/role/manifests/cryptoportfolio.pp

   1 class role::cryptoportfolio {
   2   include "base_installation"
   3
   4   include "profile::postgresql"
   5
   6   $password_seed = lookup("base_installation::puppet_pass_seed") |$key| { {} }
   7
   8   postgresql::server::db { 'cryptoportfolio':
   9     user =>  'cryptoportfolio',
  10     password =>  postgresql_password('cryptoportfolio', generate_password(24, $password_seed, "postgres_cryptoportfolio")),
  11   }
  12
  13   postgresql::server::pg_hba_rule { 'allow localhost TCP access to cryptoportfolio user':
  14     type        => 'host',
  15     database    => 'cryptoportfolio',
  16     user        => 'cryptoportfolio',
  17     address     => '127.0.0.1/32',
  18     auth_method => 'md5',
  19     order       => "b0",
  20   }
  21   postgresql::server::pg_hba_rule { 'allow localhost ip6 TCP access to cryptoportfolio user':
  22     type        => 'host',
  23     database    => 'cryptoportfolio',
  24     user        => 'cryptoportfolio',
  25     address     => '::1/128',
  26     auth_method => 'md5',
  27     order       => "b0",
  28   }
  29
  30   class { 'nginx': }
  31
  32   nginx::resource::server { 'cryptoportfolio.immae.eu':
  33     listen_port => 80,
  34     proxy       => 'http://localhost:8000',
  35   }
  36
  37   ensure_packages(["go", "npm", "nodejs", "yarn"])
  38
  39   user { "cryptoportfolio":
  40     name       => "cryptoportfolio",
  41     ensure     => "present",
  42     managehome => true,
  43     home       => "/opt/cryptoportfolio",
  44     system     => true,
  45     password   => '!!',
  46   }
  47
  48   $front_version = lookup("cryptoportfolio::front_version") |$key| { {} }
  49   $front_sha256 = lookup("cryptoportfolio::front_sha256") |$key| { {} }
  50
  51   unless empty($front_version) {
  52     file { "/opt/cryptoportfolio/front":
  53       ensure => directory,
  54       mode   => "0700",
  55       owner  => "cryptoportfolio",
  56       group  => "cryptoportfolio",
  57     }
  58
  59     file { "/opt/cryptoportfolio/front/${front_version}":
  60       ensure  => directory,
  61       mode    => "0700",
  62       owner   => "cryptoportfolio",
  63       group   => "cryptoportfolio",
  64       require => File["/opt/cryptoportfolio/front"],
  65     }
  66
  67     archive { "/opt/cryptoportfolio/front/${front_version}.tar.gz":
  68       path          => "/opt/cryptoportfolio/front/${front_version}.tar.gz",
  69       source        => "https://git.immae.eu/releases/cryptoportfolio/front/front_${front_version}.tar.gz",
  70       creates       => "/opt/cryptoportfolio/front/${front_version}/README.md",
  71       checksum_type => "sha256",
  72       checksum      => $front_sha256,
  73       cleanup       => false,
  74       extract       => true,
  75       extract_path  => "/opt/cryptoportfolio/front/${front_version}",
  76       require       => File["/opt/cryptoportfolio/front/${front_version}"],
  77     }
  78
  79     file { "/opt/cryptoportfolio/front/current":
  80       ensure  => "link",
  81       target  => "/opt/cryptoportfolio/front/${front_version}",
  82       require => Archive["/opt/cryptoportfolio/front/${front_version}.tar.gz"]
  83     }
  84   }
  85
  86 }