3 files changed, 212 insertions, 0 deletions
diff --git a/modules/role/files/etherpad/libreoffice_patch.diff b/modules/role/files/etherpad/libreoffice_patch.diff
new file mode 100644
index 0000000..dbfdf1a
--- /dev/null
+++ b/modules/role/files/etherpad/libreoffice_patch.diff
@@ -0,0 +1,11 @@
+--- a/LibreOffice.js      2018-06-18 09:54:15.087161212 +0200
+++ b/LibreOffice.js    2018-06-18 10:33:27.534055021 +0200
+@@ -63,6 +63,7 @@
+         '--invisible',
+         '--nologo',
+         '--nolockcheck',
+        '-env:UserInstallation=file:///tmp/',
+         '--convert-to', task.type,
+         task.srcFile,
+         '--outdir', tmpDir
diff --git a/modules/role/manifests/etherpad.pp b/modules/role/manifests/etherpad.pp
new file mode 100644
index 0000000..109da96
--- /dev/null
+++ b/modules/role/manifests/etherpad.pp
@@ -0,0 +1,108 @@
+class role::etherpad (
+) {
+  $password_seed = lookup("base_installation::puppet_pass_seed")
+  $web_host    = lookup("base_installation::real_hostname")
+  $web_listen  = "0.0.0.0"
+  $web_port    = 18000
+  $pg_db       = "etherpad-lite"
+  $pg_user     = "etherpad-lite"
+  $pg_password = generate_password(24, $password_seed, "postgres_etherpad")
+  $ldap_server = lookup("base_installation::ldap_server")
+  $ldap_base   = lookup("base_installation::ldap_base")
+  $ldap_dn     = lookup("base_installation::ldap_dn")
+  $ldap_account_pattern = "(&(memberOf=cn=users,cn=etherpad,ou=services,dc=immae,dc=eu)(uid={{username}}))"
+  $ldap_group_pattern = "(memberOf=cn=groups,cn=etherpad,ou=services,dc=immae,dc=eu)"
+  $ldap_password = generate_password(24, $password_seed, "ldap")
+  include "base_installation"
+  include "profile::tools"
+  include "profile::postgresql"
+  include "profile::apache"
+  ensure_packages(["npm"])
+  ensure_packages(["abiword"])
+  ensure_packages(["libreoffice-fresh", "libreoffice-fresh-fr", "java-runtime-common", "jre8-openjdk"])
+  ensure_packages(["tidy"])
+  aur::package { "etherpad-lite": }
+  -> patch::file { "/usr/share/etherpad-lite/src/node/utils/LibreOffice.js":
+    diff_source => "puppet:///modules/role/etherpad/libreoffice_patch.diff",
+  }
+  -> file { "/etc/etherpad-lite/settings.json":
+    ensure  => present,
+    owner   => "etherpad-lite",
+    group   => "etherpad-lite",
+    notify  => Service["etherpad-lite"],
+    content => template("role/etherpad/settings.json.erb"),
+  }
+  $modules = [
+    "ep_aa_file_menu_toolbar",
+    "ep_adminpads",
+    "ep_align",
+    "ep_bookmark",
+    "ep_clear_formatting",
+    "ep_colors",
+    "ep_copy_paste_select_all",
+    "ep_cursortrace",
+    "ep_embedmedia",
+    "ep_font_family",
+    "ep_font_size",
+    "ep_headings2",
+    "ep_ldapauth",
+    "ep_line_height",
+    "ep_markdown",
+    "ep_previewimages",
+    "ep_ruler",
+    "ep_scrollto",
+    "ep_set_title_on_pad",
+    "ep_subscript_and_superscript",
+    "ep_timesliderdiff"
+    ]
+  $modules.each |$module| {
+    exec { "npm_install_$module":
+      command     => "/usr/bin/npm install $module",
+      unless      => "/usr/bin/test -d /usr/share/etherpad-lite/node_modules/$module",
+      cwd         => "/usr/share/etherpad-lite/",
+      environment => "HOME=/root",
+      require     => Aur::Package["etherpad-lite"],
+      before      => Service["etherpad-lite"],
+      notify      => Service["etherpad-lite"],
+    }
+    ->
+    file { "/usr/share/etherpad-lite/node_modules/$module/.ep_initialized":
+      ensure => present,
+      mode   => "0644",
+      before => Service["etherpad-lite"],
+    }
+  }
+  service { "etherpad-lite":
+    enable    => true,
+    ensure    => "running",
+    require   => Aur::Package["etherpad-lite"],
+    subscribe => Aur::Package["etherpad-lite"],
+  }
+  profile::postgresql_master { "postgresql master for etherpad":
+    letsencrypt_host => $web_host,
+    backup_hosts     => ["backup-1"],
+  }
+  postgresql::server::db { $pg_db:
+    user     =>  $pg_user,
+    password =>  postgresql_password($pg_user, $pg_password),
+  }
+  postgresql::server::pg_hba_rule { "allow local access to $pg_user user":
+    type        => 'local',
+    database    => $pg_db,
+    user        => $pg_user,
+    auth_method => 'ident',
+    order       => "05-01",
+  }
+}
diff --git a/modules/role/templates/etherpad/settings.json.erb b/modules/role/templates/etherpad/settings.json.erb
new file mode 100644
index 0000000..dfd69c1
--- /dev/null
+++ b/modules/role/templates/etherpad/settings.json.erb
@@ -0,0 +1,93 @@
+{
+  "title": "Etherpad",
+  "favicon": "favicon.ico",
+  "ip": "<%= @web_listen %>",
+  "port" : <%= @web_port %>,
+  "showSettingsInAdminPage" : false,
+  "dbType" : "postgres",
+  "dbSettings" : {
+    "user"    : "<%= @pg_user %>",
+    "host"    : "/run/postgresql",
+    "password": "",
+    "database": "<%= @pg_db %>",
+    "charset" : "utf8mb4"
+  },
+  "defaultPadText" : "Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at http:\/\/etherpad.org\n",
+  "padOptions": {
+    "noColors": false,
+    "showControls": true,
+    "showChat": true,
+    "showLineNumbers": true,
+    "useMonospaceFont": false,
+    "userName": false,
+    "userColor": false,
+    "rtl": false,
+    "alwaysShowChat": false,
+    "chatAndUsers": false,
+    "lang": "en-gb"
+  },
+  "suppressErrorsInPadText" : false,
+  "requireSession" : false,
+  "editOnly" : false,
+  "sessionNoPassword" : false,
+  "minify" : true,
+  "maxAge" : 21600,
+  "abiword" : "/usr/bin/abiword",
+  "soffice" : "/usr/bin/soffice",
+  "tidyHtml" : "/usr/bin/tidy",
+  "allowUnknownFileEnds" : true,
+  "requireAuthentication" : false,
+  "requireAuthorization" : false,
+  "trustProxy" : false,
+  "disableIPlogging" : false,
+  "automaticReconnectionTimeout" : 0,
+  "scrollWhenFocusLineIsOutOfViewport": {
+    "percentage": {
+      "editionAboveViewport": 0,
+      "editionBelowViewport": 0
+    },
+    "duration": 0,
+    "scrollWhenCaretIsInTheLastLineOfViewport": false,
+    "percentageToScrollWhenUserPressesArrowUp": 0
+  },
+  "users": {
+    "ldapauth": {
+      "url": "ldaps://<%= @ldap_server %>",
+      "accountBase": "<%= @ldap_base %>",
+      "accountPattern": "<%= @ldap_account_pattern %>",
+      "displayNameAttribute": "cn",
+      "searchDN": "<%= @ldap_dn %>",
+      "searchPWD": "<%= @ldap_password %>",
+      "groupSearchBase": "<%= @ldap_base %>",
+      "groupAttribute": "member",
+      "groupAttributeIsDN": true,
+      "searchScope": "sub",
+      "groupSearch": "<%= @ldap_group_pattern %>",
+      "anonymousReadonly": false
+    }
+  },
+  "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
+  "loadTest": false,
+  "indentationOnNewLine": false,
+  "toolbar": {
+    "left": [
+      ["bold", "italic", "underline", "strikethrough"],
+      ["orderedlist", "unorderedlist", "indent", "outdent"],
+      ["undo", "redo"],
+      ["clearauthorship"]
+    ],
+    "right": [
+      ["importexport", "timeslider", "savedrevision"],
+      ["settings", "embed"],
+      ["showusers"]
+    ],
+    "timeslider": [
+      ["timeslider_export", "timeslider_returnToPad"]
+    ]
+  },
+  "loglevel": "INFO",
+  "logconfig" : { "appenders": [ { "type": "console" } ] }
+}

diff --git a/modules/role/files/etherpad/libreoffice_patch.diff b/modules/role/files/etherpad/libreoffice_patch.diff new file mode 100644 index 0000000..dbfdf1a --- /dev/null +++ b/modules/role/files/etherpad/libreoffice_patch.diff
@@ -0,0 +1,11 @@
	1	--- a/LibreOffice.js 2018-06-18 09:54:15.087161212 +0200
	2	+++ b/LibreOffice.js 2018-06-18 10:33:27.534055021 +0200
	3	@@ -63,6 +63,7 @@
	4	'--invisible',
	5	'--nologo',
	6	'--nolockcheck',
	7	+ '-env:UserInstallation=file:///tmp/',
	8	'--convert-to', task.type,
	9	task.srcFile,
	10	'--outdir', tmpDir
	11


diff --git a/modules/role/manifests/etherpad.pp b/modules/role/manifests/etherpad.pp new file mode 100644 index 0000000..109da96 --- /dev/null +++ b/modules/role/manifests/etherpad.pp
@@ -0,0 +1,108 @@
	1	class role::etherpad (
	2	) {
	3	$password_seed = lookup("base_installation::puppet_pass_seed")
	4	$web_host = lookup("base_installation::real_hostname")
	5	$web_listen = "0.0.0.0"
	6	$web_port = 18000
	7	$pg_db = "etherpad-lite"
	8	$pg_user = "etherpad-lite"
	9	$pg_password = generate_password(24, $password_seed, "postgres_etherpad")
	10
	11	$ldap_server = lookup("base_installation::ldap_server")
	12	$ldap_base = lookup("base_installation::ldap_base")
	13	$ldap_dn = lookup("base_installation::ldap_dn")
	14	$ldap_account_pattern = "(&(memberOf=cn=users,cn=etherpad,ou=services,dc=immae,dc=eu)(uid={{username}}))"
	15	$ldap_group_pattern = "(memberOf=cn=groups,cn=etherpad,ou=services,dc=immae,dc=eu)"
	16	$ldap_password = generate_password(24, $password_seed, "ldap")
	17
	18
	19	include "base_installation"
	20
	21	include "profile::tools"
	22	include "profile::postgresql"
	23	include "profile::apache"
	24
	25	ensure_packages(["npm"])
	26	ensure_packages(["abiword"])
	27	ensure_packages(["libreoffice-fresh", "libreoffice-fresh-fr", "java-runtime-common", "jre8-openjdk"])
	28	ensure_packages(["tidy"])
	29	aur::package { "etherpad-lite": }
	30	-> patch::file { "/usr/share/etherpad-lite/src/node/utils/LibreOffice.js":
	31	diff_source => "puppet:///modules/role/etherpad/libreoffice_patch.diff",
	32	}
	33	-> file { "/etc/etherpad-lite/settings.json":
	34	ensure => present,
	35	owner => "etherpad-lite",
	36	group => "etherpad-lite",
	37	notify => Service["etherpad-lite"],
	38	content => template("role/etherpad/settings.json.erb"),
	39	}
	40
	41	$modules = [
	42	"ep_aa_file_menu_toolbar",
	43	"ep_adminpads",
	44	"ep_align",
	45	"ep_bookmark",
	46	"ep_clear_formatting",
	47	"ep_colors",
	48	"ep_copy_paste_select_all",
	49	"ep_cursortrace",
	50	"ep_embedmedia",
	51	"ep_font_family",
	52	"ep_font_size",
	53	"ep_headings2",
	54	"ep_ldapauth",
	55	"ep_line_height",
	56	"ep_markdown",
	57	"ep_previewimages",
	58	"ep_ruler",
	59	"ep_scrollto",
	60	"ep_set_title_on_pad",
	61	"ep_subscript_and_superscript",
	62	"ep_timesliderdiff"
	63	]
	64
	65	$modules.each \|$module\| {
	66	exec { "npm_install_$module":
	67	command => "/usr/bin/npm install $module",
	68	unless => "/usr/bin/test -d /usr/share/etherpad-lite/node_modules/$module",
	69	cwd => "/usr/share/etherpad-lite/",
	70	environment => "HOME=/root",
	71	require => Aur::Package["etherpad-lite"],
	72	before => Service["etherpad-lite"],
	73	notify => Service["etherpad-lite"],
	74	}
	75	->
	76	file { "/usr/share/etherpad-lite/node_modules/$module/.ep_initialized":
	77	ensure => present,
	78	mode => "0644",
	79	before => Service["etherpad-lite"],
	80	}
	81	}
	82
	83	service { "etherpad-lite":
	84	enable => true,
	85	ensure => "running",
	86	require => Aur::Package["etherpad-lite"],
	87	subscribe => Aur::Package["etherpad-lite"],
	88	}
	89
	90	profile::postgresql_master { "postgresql master for etherpad":
	91	letsencrypt_host => $web_host,
	92	backup_hosts => ["backup-1"],
	93	}
	94
	95	postgresql::server::db { $pg_db:
	96	user => $pg_user,
	97	password => postgresql_password($pg_user, $pg_password),
	98	}
	99
	100	postgresql::server::pg_hba_rule { "allow local access to $pg_user user":
	101	type => 'local',
	102	database => $pg_db,
	103	user => $pg_user,
	104	auth_method => 'ident',
	105	order => "05-01",
	106	}
	107
	108	}


diff --git a/modules/role/templates/etherpad/settings.json.erb b/modules/role/templates/etherpad/settings.json.erb new file mode 100644 index 0000000..dfd69c1 --- /dev/null +++ b/modules/role/templates/etherpad/settings.json.erb
@@ -0,0 +1,93 @@
	1	{
	2	"title": "Etherpad",
	3	"favicon": "favicon.ico",
	4
	5	"ip": "<%= @web_listen %>",
	6	"port" : <%= @web_port %>,
	7	"showSettingsInAdminPage" : false,
	8	"dbType" : "postgres",
	9	"dbSettings" : {
	10	"user" : "<%= @pg_user %>",
	11	"host" : "/run/postgresql",
	12	"password": "",
	13	"database": "<%= @pg_db %>",
	14	"charset" : "utf8mb4"
	15	},
	16
	17	"defaultPadText" : "Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at http:\/\/etherpad.org\n",
	18	"padOptions": {
	19	"noColors": false,
	20	"showControls": true,
	21	"showChat": true,
	22	"showLineNumbers": true,
	23	"useMonospaceFont": false,
	24	"userName": false,
	25	"userColor": false,
	26	"rtl": false,
	27	"alwaysShowChat": false,
	28	"chatAndUsers": false,
	29	"lang": "en-gb"
	30	},
	31
	32	"suppressErrorsInPadText" : false,
	33	"requireSession" : false,
	34	"editOnly" : false,
	35	"sessionNoPassword" : false,
	36	"minify" : true,
	37	"maxAge" : 21600,
	38	"abiword" : "/usr/bin/abiword",
	39	"soffice" : "/usr/bin/soffice",
	40	"tidyHtml" : "/usr/bin/tidy",
	41	"allowUnknownFileEnds" : true,
	42	"requireAuthentication" : false,
	43	"requireAuthorization" : false,
	44	"trustProxy" : false,
	45	"disableIPlogging" : false,
	46	"automaticReconnectionTimeout" : 0,
	47	"scrollWhenFocusLineIsOutOfViewport": {
	48	"percentage": {
	49	"editionAboveViewport": 0,
	50	"editionBelowViewport": 0
	51	},
	52	"duration": 0,
	53	"scrollWhenCaretIsInTheLastLineOfViewport": false,
	54	"percentageToScrollWhenUserPressesArrowUp": 0
	55	},
	56	"users": {
	57	"ldapauth": {
	58	"url": "ldaps://<%= @ldap_server %>",
	59	"accountBase": "<%= @ldap_base %>",
	60	"accountPattern": "<%= @ldap_account_pattern %>",
	61	"displayNameAttribute": "cn",
	62	"searchDN": "<%= @ldap_dn %>",
	63	"searchPWD": "<%= @ldap_password %>",
	64	"groupSearchBase": "<%= @ldap_base %>",
	65	"groupAttribute": "member",
	66	"groupAttributeIsDN": true,
	67	"searchScope": "sub",
	68	"groupSearch": "<%= @ldap_group_pattern %>",
	69	"anonymousReadonly": false
	70	}
	71	},
	72	"socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
	73	"loadTest": false,
	74	"indentationOnNewLine": false,
	75	"toolbar": {
	76	"left": [
	77	["bold", "italic", "underline", "strikethrough"],
	78	["orderedlist", "unorderedlist", "indent", "outdent"],
	79	["undo", "redo"],
	80	["clearauthorship"]
	81	],
	82	"right": [
	83	["importexport", "timeslider", "savedrevision"],
	84	["settings", "embed"],
	85	["showusers"]
	86	],
	87	"timeslider": [
	88	["timeslider_export", "timeslider_returnToPad"]
	89	]
	90	},
	91	"loglevel": "INFO",
	92	"logconfig" : { "appenders": [ { "type": "console" } ] }
	93	}