]> git.immae.eu Git - perso/Immae/Projets/Puppet.git/blob - modules/role/manifests/cryptoportfolio/front.pp
Merge branch 'dev'
[perso/Immae/Projets/Puppet.git] / modules / role / manifests / cryptoportfolio / front.pp
1 class role::cryptoportfolio::front inherits role::cryptoportfolio {
2 ensure_resource('exec', 'systemctl daemon-reload', {
3 command => '/usr/bin/systemctl daemon-reload',
4 refreshonly => true
5 })
6
7 $password_seed = lookup("base_installation::puppet_pass_seed")
8
9 $cf_front_app = "${home}/go/src/git.immae.eu/Cryptoportfolio/Front"
10 $cf_front_app_api_workdir = "${cf_front_app}/cmd/app"
11 $cf_front_app_api_bin = "${cf_front_app_api_workdir}/cryptoportfolio-app"
12 $cf_front_app_api_conf = "${home}/conf.toml"
13 $cf_front_app_api_secret = generate_password(24, $password_seed, "cryptoportfolio_api_secret")
14
15 $cf_front_app_password_reset_secret = generate_password(24, $password_seed, "cryptoportfolio_api_password_reset_secret")
16 $cf_front_app_free_sms_user = lookup("role::cryptoportfolio::front::free_sms_user")
17 $cf_front_app_free_sms_pass = lookup("role::cryptoportfolio::front::free_sms_pass")
18
19 $cf_front_app_static_conf = "${cf_front_app}/cmd/web/env/prod.env"
20
21 ensure_packages(["go", "npm", "nodejs", "yarn"])
22
23 file { [
24 "${home}/go/",
25 "${home}/go/src",
26 "${home}/go/src/git.immae.eu",
27 "${home}/go/src/git.immae.eu/Cryptoportfolio",
28 $cf_front_app]:
29 ensure => "directory",
30 mode => "0700",
31 owner => $user,
32 group => $group,
33 require => User["$user:"],
34 }
35
36 file { "${home}/front":
37 ensure => "link",
38 target => $cf_front_app,
39 before => File[$cf_front_app],
40 }
41
42 file { "/etc/systemd/system/cryptoportfolio-app.service":
43 mode => "0644",
44 owner => "root",
45 group => "root",
46 content => template("role/cryptoportfolio/cryptoportfolio-app.service.erb"),
47 notify => Exec["systemctl daemon-reload"],
48 }
49
50 service { 'cryptoportfolio-app':
51 enable => true,
52 ensure => "running",
53 subscribe => [File[$cf_front_app_api_conf], Exec["go-cryptoportfolio-app"], Exec["web-cryptoportfolio-build"]],
54 require => [
55 File["/etc/systemd/system/cryptoportfolio-app.service"],
56 Postgresql::Server::Db[$pg_db]
57 ],
58 } ~>
59 exec { "dump $pg_db structure":
60 refreshonly => true,
61 user => $::profile::postgresql::pg_user,
62 group => $::profile::postgresql::pg_user,
63 command => "/usr/bin/pg_dump --schema-only --clean --no-publications $pg_db > /var/lib/postgres/${pg_db}.schema",
64 }
65
66 archive { "${home}/front_${front_version}.tar.gz":
67 path => "${home}/front_${front_version}.tar.gz",
68 source => "https://release.immae.eu/cryptoportfolio/front/front_${front_version}.tar.gz",
69 checksum_type => "sha256",
70 checksum => $front_sha256,
71 cleanup => false,
72 extract => true,
73 user => $user,
74 username => lookup("base_installation::ldap_cn"),
75 password => generate_password(24, $password_seed, "ldap"),
76 extract_path => $cf_front_app,
77 require => [User["$user:"], File[$cf_front_app]],
78 notify => [
79 Exec["web-cryptoportfolio-dependencies"],
80 Exec["go-get-dep"],
81 ]
82 }
83
84 # Api
85 $pg_password = generate_password(24, $password_seed, "postgres_cryptoportfolio")
86 $pg_host = "${pg_hostname}:${pg_port}"
87 file { $cf_front_app_api_conf:
88 owner => $user,
89 group => $group,
90 mode => "0600",
91 content => template("role/cryptoportfolio/api_conf.toml.erb"),
92 before => Exec["go-cryptoportfolio-app"],
93 }
94
95 exec { "go-get-dep":
96 user => $user,
97 environment => ["HOME=${home}"],
98 creates => "${home}/go/bin/dep",
99 command => "/usr/bin/go get -u github.com/golang/dep/cmd/dep",
100 refreshonly => true,
101 } ~>
102 exec { "go-cryptoportfolio-dependencies":
103 cwd => $cf_front_app,
104 user => $user,
105 environment => ["HOME=${home}"],
106 command => "${home}/go/bin/dep ensure",
107 refreshonly => true,
108 } ~>
109 exec { "go-cryptoportfolio-app":
110 cwd => $cf_front_app_api_workdir,
111 user => $user,
112 environment => ["HOME=${home}"],
113 command => "/usr/bin/make build",
114 refreshonly => true,
115 }
116
117 # Static pages
118 file { $cf_front_app_static_conf:
119 owner => $user,
120 group => $group,
121 mode => "0600",
122 content => template("role/cryptoportfolio/static_conf.env.erb"),
123 before => Exec["web-cryptoportfolio-build"],
124 }
125
126 exec { "web-cryptoportfolio-dependencies":
127 cwd => "${cf_front_app}/cmd/web",
128 user => $user,
129 environment => ["HOME=${home}"],
130 command => "/usr/bin/make install",
131 refreshonly => true,
132 require => [Package["npm"], Package["nodejs"], Package["yarn"]]
133 } ~>
134 exec { "web-cryptoportfolio-build":
135 cwd => "${cf_front_app}/cmd/web",
136 user => $user,
137 environment => ["HOME=${home}"],
138 path => ["${cf_front_app}/cmd/web/node_modules/.bin/", "/usr/bin"],
139 command => "/usr/bin/make static ENV=${env}",
140 refreshonly => true,
141 }
142
143 # Slack logger
144 $slack_logger = lookup("role::cryptoportfolio::front::slack_logger")
145 $slack_logger_username = lookup("role::cryptoportfolio::front::slack_logger_username", { "default_value" => "Logger" })
146
147 unless empty($slack_logger) {
148 file { "/usr/local/bin/api_logger":
149 mode => "0755",
150 content => template("role/cryptoportfolio/api_logger.py.erb"),
151 notify => Service["cryptoportfolio-log"],
152 }
153 ->
154 file { "/etc/systemd/system/cryptoportfolio-log.service":
155 mode => "0644",
156 owner => "root",
157 group => "root",
158 content => template("role/cryptoportfolio/cryptoportfolio-log.service.erb"),
159 notify => [
160 Exec["systemctl daemon-reload"],
161 Service["cryptoportfolio-log"]
162 ]
163 }
164 ->
165 service { 'cryptoportfolio-log':
166 enable => true,
167 ensure => "running",
168 require => [
169 Service["cryptoportfolio-app"],
170 ],
171 }
172 }
173
174 unless empty($webhook_url) {
175 exec { "front-slack-notify":
176 refreshonly => true,
177 environment => [
178 "P_PROJECT=Front",
179 "P_WEBHOOK=${webhook_url}",
180 "P_VERSION=${front_version}",
181 "P_HOST=${web_host}",
182 "P_HTTPS=${web_ssl}",
183 ],
184 command => "/usr/local/bin/slack-notify",
185 require => File["/usr/local/bin/slack-notify"],
186 subscribe => [Exec["go-cryptoportfolio-app"], Exec["web-cryptoportfolio-build"]],
187 }
188 }
189
190 @profile::monitoring::external_service { "Cryptoportfolio website is running on $web_host":
191 type => "web",
192 master => {
193 check_command => "check_https!$web_host!/!<title>Cryptoportfolio"
194 }
195 }
196 @profile::monitoring::external_service { "$web_host ssl certificate is up to date":
197 type => "web",
198 master => {
199 check_command => "check_https_certificate!$web_host"
200 }
201 }
202 }