aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--environments/global/roles/etherpad.yaml2
-rw-r--r--modules/role/manifests/etherpad.pp22
2 files changed, 21 insertions, 3 deletions
diff --git a/environments/global/roles/etherpad.yaml b/environments/global/roles/etherpad.yaml
index f8781e1..6210fcf 100644
--- a/environments/global/roles/etherpad.yaml
+++ b/environments/global/roles/etherpad.yaml
@@ -1,3 +1,5 @@
1--- 1---
2classes: 2classes:
3 role::etherpad: ~ 3 role::etherpad: ~
4letsencrypt::hosts: "ether.%{lookup('base_installation::real_hostname')}"
5role::etherpad::web_host: "ether.%{lookup('base_installation::real_hostname')}"
diff --git a/modules/role/manifests/etherpad.pp b/modules/role/manifests/etherpad.pp
index 1d9a8ff..5ab5023 100644
--- a/modules/role/manifests/etherpad.pp
+++ b/modules/role/manifests/etherpad.pp
@@ -1,8 +1,9 @@
1class role::etherpad ( 1class role::etherpad (
2 String $web_host,
2) { 3) {
3 $password_seed = lookup("base_installation::puppet_pass_seed") 4 $password_seed = lookup("base_installation::puppet_pass_seed")
4 $web_host = lookup("base_installation::real_hostname") 5 $real_host = lookup("base_installation::real_hostname")
5 $web_listen = "0.0.0.0" 6 $web_listen = "127.0.0.1"
6 $web_port = 18000 7 $web_port = 18000
7 $pg_db = "etherpad-lite" 8 $pg_db = "etherpad-lite"
8 $pg_user = "etherpad-lite" 9 $pg_user = "etherpad-lite"
@@ -88,7 +89,7 @@ class role::etherpad (
88 } 89 }
89 90
90 profile::postgresql::master { "postgresql master for etherpad": 91 profile::postgresql::master { "postgresql master for etherpad":
91 letsencrypt_host => $web_host, 92 letsencrypt_host => $real_host,
92 backup_hosts => ["backup-1"], 93 backup_hosts => ["backup-1"],
93 } 94 }
94 95
@@ -105,4 +106,19 @@ class role::etherpad (
105 order => "05-01", 106 order => "05-01",
106 } 107 }
107 108
109 class { 'apache::mod::headers': }
110 apache::vhost { $web_host:
111 port => '443',
112 docroot => false,
113 manage_docroot => false,
114 proxy_dest => "http://localhost:18000",
115 request_headers => 'set X-Forwarded-Proto "https"',
116 ssl => true,
117 ssl_cert => "/etc/letsencrypt/live/$web_host/cert.pem",
118 ssl_key => "/etc/letsencrypt/live/$web_host/privkey.pem",
119 ssl_chain => "/etc/letsencrypt/live/$web_host/chain.pem",
120 require => Letsencrypt::Certonly[$web_host],
121 proxy_preserve_host => true;
122 default: * => $::profile::apache::apache_vhost_default;
123 }
108} 124}