Move hiera calls into site.pp.
Secret info should be parameters to modules. It makes for easier testing. Change-Id: I66034387094b2a24c6fae57fec3af1dae3dd1d3a
This commit is contained in:
Monty Taylor
parent
c50e983a02
commit
3fd190ed4e
@ -11,17 +11,28 @@ node default {
|
|||||||
#
|
#
|
||||||
node "review.openstack.org" {
|
node "review.openstack.org" {
|
||||||
include openstack_project::remove_cron
|
include openstack_project::remove_cron
|
||||||
include openstack_project::review
|
class { 'openstack_project::review':
|
||||||
|
github_oauth_token => hiera('gerrit_github_token'),
|
||||||
|
mysql_password => hiera('gerrit_mysql_password'),
|
||||||
|
email_private_key => hiera('gerrit_email_private_key'),
|
||||||
|
gerritbot_password => hiera('gerrit_gerritbot_password'),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
node "gerrit-dev.openstack.org", "review-dev.openstack.org" {
|
node "gerrit-dev.openstack.org", "review-dev.openstack.org" {
|
||||||
include openstack_project::remove_cron
|
include openstack_project::remove_cron
|
||||||
include openstack_project::review_dev
|
class { 'openstack_project::review_dev':
|
||||||
|
github_oauth_token => hiera('gerrit_dev_github_token'),
|
||||||
|
mysql_password => hiera('gerrit_dev_mysql_password'),
|
||||||
|
email_private_key => hiera('gerrit_dev_email_private_key')
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
node "jenkins.openstack.org" {
|
node "jenkins.openstack.org" {
|
||||||
include openstack_project::remove_cron
|
include openstack_project::remove_cron
|
||||||
include openstack_project::jenkins
|
class { 'openstack_project::jenkins':
|
||||||
|
jenkins_jobs_password => hiera('jenkins_jobs_password'),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
node "jenkins-dev.openstack.org" {
|
node "jenkins-dev.openstack.org" {
|
||||||
@ -41,7 +52,9 @@ node "ci-puppetmaster.openstack.org" {
|
|||||||
|
|
||||||
node "lists.openstack.org" {
|
node "lists.openstack.org" {
|
||||||
include openstack_project::remove_cron
|
include openstack_project::remove_cron
|
||||||
include openstack_project::lists
|
class { 'openstack_project::lists':
|
||||||
|
listadmins => hiera('listadmins'),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
node "paste.openstack.org" {
|
node "paste.openstack.org" {
|
||||||
@ -56,7 +69,9 @@ node "planet.openstack.org" {
|
|||||||
|
|
||||||
node "eavesdrop.openstack.org" {
|
node "eavesdrop.openstack.org" {
|
||||||
include openstack_project::remove_cron
|
include openstack_project::remove_cron
|
||||||
include openstack_project::eavesdrop
|
class { 'openstack_project::eavesdrop':
|
||||||
|
nickpass => hiera('openstack_meetbot_password'),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
node "pypi.openstack.org" {
|
node "pypi.openstack.org" {
|
||||||
@ -66,7 +81,11 @@ node "pypi.openstack.org" {
|
|||||||
|
|
||||||
node 'etherpad.openstack.org' {
|
node 'etherpad.openstack.org' {
|
||||||
include openstack_project::remove_cron
|
include openstack_project::remove_cron
|
||||||
include openstack_project::etherpad
|
class { 'openstack_project::etherpad':
|
||||||
|
etherpad_crt => hiera('etherpad_crt'),
|
||||||
|
etherpad_key => hiera('etherpad_key'),
|
||||||
|
database_password => hiera('etherpad_db_password'),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
node 'wiki.openstack.org' {
|
node 'wiki.openstack.org' {
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
class openstack_project::eavesdrop {
|
class openstack_project::eavesdrop($nickpass) {
|
||||||
class { 'openstack_project::server':
|
class { 'openstack_project::server':
|
||||||
|
|
||||||
iptables_public_tcp_ports => [80]
|
iptables_public_tcp_ports => [80]
|
||||||
@ -7,7 +7,7 @@ class openstack_project::eavesdrop {
|
|||||||
|
|
||||||
meetbot::site { "openstack":
|
meetbot::site { "openstack":
|
||||||
nick => "openstack",
|
nick => "openstack",
|
||||||
nickpass => hiera('openstack_meetbot_password'),
|
nickpass => $nickpass,
|
||||||
network => "FreeNode",
|
network => "FreeNode",
|
||||||
server => "chat.us.freenode.net:7000",
|
server => "chat.us.freenode.net:7000",
|
||||||
channels => "#openstack #openstack-dev #openstack-meeting",
|
channels => "#openstack #openstack-dev #openstack-meeting",
|
||||||
|
|||||||
@ -1,18 +1,21 @@
|
|||||||
class openstack_project::etherpad {
|
class openstack_project::etherpad(
|
||||||
|
$etherpad_crt,
|
||||||
|
$etherpad_key,
|
||||||
|
$database_password) {
|
||||||
class { 'openstack_project::server':
|
class { 'openstack_project::server':
|
||||||
iptables_public_tcp_ports => [22, 80, 443]
|
iptables_public_tcp_ports => [22, 80, 443]
|
||||||
}
|
}
|
||||||
|
|
||||||
include etherpad_lite
|
include etherpad_lite
|
||||||
class { 'etherpad_lite::nginx':
|
class { 'etherpad_lite::nginx':
|
||||||
etherpad_crt => hiera('etherpad_crt'),
|
etherpad_crt => $etherpad_crt,
|
||||||
etherpad_key => hiera('etherpad_key')
|
etherpad_key => $etherpad_key,
|
||||||
}
|
}
|
||||||
class { 'etherpad_lite::site':
|
class { 'etherpad_lite::site':
|
||||||
database_password => hiera('etherpad_db_password'),
|
database_password => $database_password,
|
||||||
}
|
}
|
||||||
class { 'etherpad_lite::mysql':
|
class { 'etherpad_lite::mysql':
|
||||||
database_password => hiera('etherpad_db_password'),
|
database_password => $database_password,
|
||||||
}
|
}
|
||||||
include etherpad_lite::backup
|
include etherpad_lite::backup
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
class openstack_project::jenkins {
|
class openstack_project::jenkins($jenkins_jobs_password) {
|
||||||
include openstack_project::zuul_config
|
include openstack_project::zuul_config
|
||||||
|
|
||||||
class { 'openstack_project::server':
|
class { 'openstack_project::server':
|
||||||
@ -15,7 +15,7 @@ class openstack_project::jenkins {
|
|||||||
class { "jenkins_jobs":
|
class { "jenkins_jobs":
|
||||||
url => "https://jenkins.openstack.org/",
|
url => "https://jenkins.openstack.org/",
|
||||||
username => "gerrig",
|
username => "gerrig",
|
||||||
password => hiera('jenkins_jobs_password'),
|
password => $jenkins_jobs_password,
|
||||||
site => "openstack",
|
site => "openstack",
|
||||||
}
|
}
|
||||||
file { "/etc/default/jenkins":
|
file { "/etc/default/jenkins":
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
class openstack_project::lists {
|
class openstack_project::lists($listadmins) {
|
||||||
# Using openstack_project::template instead of openstack_project::server
|
# Using openstack_project::template instead of openstack_project::server
|
||||||
# because the exim config on this machine is almost certainly
|
# because the exim config on this machine is almost certainly
|
||||||
# going to be more complicated than normal.
|
# going to be more complicated than normal.
|
||||||
@ -7,7 +7,7 @@ class openstack_project::lists {
|
|||||||
}
|
}
|
||||||
|
|
||||||
class { 'exim':
|
class { 'exim':
|
||||||
sysadmin => hiera('listadmins'),
|
sysadmin => $listadmins,
|
||||||
mailman_domains => ['lists.openstack.org'],
|
mailman_domains => ['lists.openstack.org'],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -24,7 +24,11 @@
|
|||||||
# 12:08 <@spearce> to a method that accepts milliseconds
|
# 12:08 <@spearce> to a method that accepts milliseconds
|
||||||
# 12:09 <@spearce> so. you get 5 milliseconds before aborting
|
# 12:09 <@spearce> so. you get 5 milliseconds before aborting
|
||||||
# thus, set it to 5000minutes until the bug is fixed.
|
# thus, set it to 5000minutes until the bug is fixed.
|
||||||
class openstack_project::review {
|
class openstack_project::review(
|
||||||
|
$github_auth_token,
|
||||||
|
$mysql_password,
|
||||||
|
$email_private_key,
|
||||||
|
$gerritbot_password) {
|
||||||
include openstack_project
|
include openstack_project
|
||||||
class { 'openstack_project::gerrit':
|
class { 'openstack_project::gerrit':
|
||||||
ssl_cert_file => '/etc/ssl/certs/review.openstack.org.pem',
|
ssl_cert_file => '/etc/ssl/certs/review.openstack.org.pem',
|
||||||
@ -43,13 +47,13 @@ class openstack_project::review {
|
|||||||
script_key_file => '/home/gerrit2/.ssh/launchpadsync_rsa',
|
script_key_file => '/home/gerrit2/.ssh/launchpadsync_rsa',
|
||||||
github_projects => $openstack_project::project_list,
|
github_projects => $openstack_project::project_list,
|
||||||
github_username => 'openstack-gerrit',
|
github_username => 'openstack-gerrit',
|
||||||
github_oauth_token => hiera('gerrit_github_token'),
|
github_oauth_token => $github_oauth_token,
|
||||||
mysql_password => hiera('gerrit_mysql_password'),
|
mysql_password => $mysql_password,
|
||||||
email_private_key => hiera('gerrit_email_private_key'),
|
email_private_key => $email_private_key,
|
||||||
}
|
}
|
||||||
class { 'gerritbot':
|
class { 'gerritbot':
|
||||||
nick => 'openstackgerrit',
|
nick => 'openstackgerrit',
|
||||||
password => hiera('gerrit_gerritbot_password'),
|
password => $gerritbot_password,
|
||||||
server => 'irc.freenode.net',
|
server => 'irc.freenode.net',
|
||||||
user => 'gerritbot',
|
user => 'gerritbot',
|
||||||
virtual_hostname => $fqdn
|
virtual_hostname => $fqdn
|
||||||
|
|||||||
@ -1,4 +1,7 @@
|
|||||||
class openstack_project::review_dev {
|
class openstack_project::review_dev(
|
||||||
|
$github_auth_token,
|
||||||
|
$mysql_password,
|
||||||
|
$email_private_key) {
|
||||||
class { 'openstack_project::gerrit':
|
class { 'openstack_project::gerrit':
|
||||||
virtual_hostname => 'review-dev.openstack.org',
|
virtual_hostname => 'review-dev.openstack.org',
|
||||||
canonicalweburl => "https://review-dev.openstack.org/",
|
canonicalweburl => "https://review-dev.openstack.org/",
|
||||||
@ -14,8 +17,8 @@ class openstack_project::review_dev {
|
|||||||
close_pull => 'true'
|
close_pull => 'true'
|
||||||
} ],
|
} ],
|
||||||
github_username => 'openstack-gerrit-dev',
|
github_username => 'openstack-gerrit-dev',
|
||||||
github_oauth_token => hiera('gerrit_dev_github_token'),
|
github_oauth_token => $github_oauth_token,
|
||||||
mysql_password => hiera('gerrit_dev_mysql_password'),
|
mysql_password => $mysql_password,
|
||||||
email_private_key => hiera('gerrit_dev_email_private_key')
|
email_private_key => $email_private_key,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user