3 $password_seed = lookup("base_installation::puppet_pass_seed")
5 include "base_installation"
7 include "profile::tools"
8 include "profile::postgresql"
9 include "profile::apache"
11 ensure_packages(["npm"])
12 ensure_packages(["abiword"])
13 ensure_packages(["libreoffice-fresh", "libreoffice-fresh-fr", "java-runtime-common", "jre8-openjdk"])
14 ensure_packages(["tidy"])
15 aur::package { "etherpad-lite": }
16 -> patch::file { "/usr/share/etherpad-lite/src/node/utils/LibreOffice.js":
17 diff_source => "puppet:///modules/role/etherpad/libreoffice_patch.diff",
21 "ep_aa_file_menu_toolbar",
25 "ep_clear_formatting",
27 "ep_copy_paste_select_all",
39 "ep_set_title_on_pad",
40 "ep_subscript_and_superscript",
44 $modules.each |$module| {
45 exec { "npm_install_$module":
46 command => "/usr/bin/npm install $module",
47 unless => "/usr/bin/test -d /usr/share/etherpad-lite/node_modules/$module",
48 cwd => "/usr/share/etherpad-lite/",
49 environment => "HOME=/root",
50 require => Aur::Package["etherpad-lite"],
51 before => Service["etherpad-lite"],
52 notify => Service["etherpad-lite"],
55 file { "/usr/share/etherpad-lite/node_modules/$module/.ep_initialized":
58 before => Service["etherpad-lite"],
62 service { "etherpad-lite":
65 require => Aur::Package["etherpad-lite"],
66 subscribe => Aur::Package["etherpad-lite"],
69 $web_host = "outils-1.v.immae.eu"
70 $pg_db = "etherpad-lite"
71 $pg_user = "etherpad-lite"
72 $pg_password = generate_password(24, $password_seed, "postgres_etherpad")
74 file { "/var/lib/postgres/data/certs":
77 owner => $::profile::postgresql::pg_user,
78 group => $::profile::postgresql::pg_user,
79 require => File["/var/lib/postgres"],
82 file { "/var/lib/postgres/data/certs/cert.pem":
83 source => "file:///etc/letsencrypt/live/$web_host/cert.pem",
86 owner => $::profile::postgresql::pg_user,
87 group => $::profile::postgresql::pg_user,
88 require => [Letsencrypt::Certonly[$web_host], File["/var/lib/postgres/data/certs"]]
91 file { "/var/lib/postgres/data/certs/privkey.pem":
92 source => "file:///etc/letsencrypt/live/$web_host/privkey.pem",
95 owner => $::profile::postgresql::pg_user,
96 group => $::profile::postgresql::pg_user,
97 require => [Letsencrypt::Certonly[$web_host], File["/var/lib/postgres/data/certs"]]
100 postgresql::server::config_entry { "wal_level":
104 postgresql::server::config_entry { "ssl":
106 require => Letsencrypt::Certonly[$web_host],
109 postgresql::server::config_entry { "ssl_cert_file":
110 value => "/var/lib/postgres/data/certs/cert.pem",
111 require => Letsencrypt::Certonly[$web_host],
114 postgresql::server::config_entry { "ssl_key_file":
115 value => "/var/lib/postgres/data/certs/privkey.pem",
116 require => Letsencrypt::Certonly[$web_host],
119 postgresql::server::db { $pg_db:
121 password => postgresql_password($pg_user, $pg_password),
124 postgresql::server::pg_hba_rule { "allow local access to $pg_user user":
128 auth_method => 'ident',