/[adm]/puppet/modules/buildsystem/manifests/init.pp
ViewVC logotype

Annotation of /puppet/modules/buildsystem/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1390 - (hide annotations) (download)
Thu Mar 24 22:10:55 2011 UTC (13 years ago) by pterjan
File size: 11223 byte(s)
Stop using mdv-youri-core
1 misc 213 class buildsystem {
2 dmorgan 86
3 boklm 356 class base {
4     $build_login = "iurt"
5 blino 387 $build_home_dir = "/home/$build_login"
6 blino 397 $sched_login = "schedbot"
7 boklm 917 $sched_home_dir = "/var/lib/$sched_login"
8 boklm 1223 $packages_archivedir = "$sched_home_dir/old"
9 boklm 861 $sign_login = "signbot"
10     $sign_home_dir = "/var/lib/$sign_login"
11 boklm 969 $sign_keydir = "$sign_home_dir/keys"
12     # FIXME: maybe keyid should be defined at an other place
13     $sign_keyid = "80420F66"
14 blino 545 $repository_root = "/distrib/bootstrap"
15 boklm 1388 $maintdb_url = 'http://www.maintdb2.mageia.org.uk/maintainers_packages/create'
16 boklm 1384 # FIXME: Test password. Real password should be in extdata.
17     $maintdb_key = 'm1g234'
18 boklm 817 $packagers_group = 'mga-packagers'
19     $createsrpm_path = '/usr/share/repsys/create-srpm'
20 blino 366
21     include ssh::auth
22 boklm 918 ssh::auth::key { $build_login: # declare a key for build bot: RSA, 2048 bits
23     home => $build_home_dir,
24     }
25     ssh::auth::key { $sched_login: # declare a key for sched bot: RSA, 2048 bits
26     home => $sched_home_dir,
27     }
28 boklm 356 }
29 boklm 355
30 boklm 356 class mainnode inherits base {
31 blino 381 include iurtuser
32 blino 353
33 blino 395 sshuser { $sched_login:
34     homedir => $sched_home_dir,
35     comment => "System user used to schedule builds",
36     }
37    
38 blino 399 ssh::auth::client { $sched_login: }
39 blino 573 ssh::auth::server { $sched_login: }
40 blino 399 ssh::auth::server { $build_login: }
41    
42 pterjan 703 # FIXME Add again task-bs-cluster-main when it will require mgarepo instead of repsys
43     $package_list = ['iurt']
44 blino 398 package { $package_list:
45 blino 350 ensure => "installed"
46     }
47 blino 403
48     apache::vhost_other_app { "repository.$domain":
49 blino 404 vhost_file => "buildsystem/vhost_repository.conf",
50 blino 403 }
51    
52 misc 1284 $location = "/var/www/bs"
53 misc 1283 apache::vhost_base { "pkgsubmit.$domain":
54     aliases => { "/uploads" => "$sched_home_dir/uploads" },
55 misc 1284 location => $location,
56 boklm 1300 content => template("buildsystem/vhost_pkgsubmit.conf"),
57 blino 466 }
58    
59 misc 1284 subversion::snapshot { $location:
60     source => "svn://svn.$domain/soft/buildsystem/web/",
61     }
62    
63 blino 430 include scheduler
64 blino 431 include gatherer
65 pterjan 700 include mgarepo
66 blino 517 include youri_submit
67 misc 860 include check_missing_deps
68 boklm 964 include signbot
69 blino 350 }
70    
71 boklm 356 class buildnode inherits base {
72 misc 213 include iurt
73 dmorgan 86 }
74    
75 boklm 964 class signbot {
76     sshuser { $sign_login:
77     homedir => $sign_home_dir,
78     comment => "System user used to sign packages",
79     groups => [$sched_login],
80     }
81    
82     gnupg::keys{"packages":
83     email => "packages@$domain",
84     #FIXME there should be a variable somewhere to change the name of the distribution
85     key_name => 'Mageia Packages',
86     login => $sign_login,
87     batchdir => "$sign_home_dir/batches",
88 boklm 969 keydir => $sign_keydir,
89 boklm 964 }
90 boklm 966
91     sudo::sudoers_config { "signpackage":
92     content => template("buildsystem/sudoers.signpackage")
93     }
94 boklm 976
95     file { "$sign_home_dir/.rpmmacros":
96     ensure => present,
97     owner => root,
98     group => root,
99     mode => 644,
100     content => template("buildsystem/signbot-rpmmacros")
101     }
102 boklm 1023
103     file { "/usr/local/bin/sign-check-package":
104     ensure => present,
105     owner => root,
106     group => root,
107     mode => 755,
108     content => template("buildsystem/sign-check-package")
109     }
110 boklm 964 }
111    
112 misc 265 class scheduler {
113     # ulri
114 blino 430 include iurtupload
115 misc 265 }
116    
117 blino 431 class gatherer {
118 misc 265 # emi
119 blino 430 include iurtupload
120 misc 265 }
121 blino 430
122     class iurtupload {
123 blino 432 file { "/etc/iurt/upload.conf":
124 blino 430 ensure => present,
125     owner => $build_login,
126     group => $build_login,
127     mode => 644,
128     require => File["/etc/iurt"],
129     content => template("buildsystem/upload.conf")
130     }
131     }
132 misc 265
133 pterjan 700 class mgarepo {
134     package { 'mgarepo':
135 misc 265
136     }
137    
138 blino 505 package { 'rpm-build':
139     }
140    
141 blino 500 file { "repsys.conf":
142     path => "/etc/repsys.conf",
143     owner => root,
144     group => root,
145     mode => 644,
146     content => template("buildsystem/repsys.conf")
147     }
148 blino 502
149 boklm 1223 file { "$packages_archivedir":
150     ensure => "directory",
151     owner => $sched_login,
152     require => File[$sched_home_dir],
153     }
154    
155 blino 502 file { "$sched_home_dir/repsys":
156     ensure => "directory",
157 blino 508 owner => $sched_login,
158 blino 502 require => File[$sched_home_dir],
159     }
160    
161     file { "$sched_home_dir/repsys/tmp":
162     ensure => "directory",
163 blino 508 owner => $sched_login,
164 boklm 512 group => "mga-packagers",
165 boklm 510 mode => 1775,
166 blino 502 require => File["$sched_home_dir/repsys"],
167     }
168    
169     file { "$sched_home_dir/repsys/srpms":
170     ensure => "directory",
171 blino 508 owner => $sched_login,
172 boklm 512 group => "mga-packagers",
173 boklm 510 mode => 1775,
174 blino 502 require => File["$sched_home_dir/repsys"],
175     }
176 blino 885
177 boklm 915 # FIXME: disabled temporarly as upload dir is a symlink to /var/lib/repsys/uploads
178     #file { "$sched_home_dir/uploads":
179     # ensure => "directory",
180     # owner => $sched_login,
181     # require => File[$sched_home_dir],
182     #}
183 misc 886
184     # too tedious to create everything by hand
185     # so I prefered to used some puppet ruby module
186     # the exact content and directory name should IMHO be consolidated somewhere
187     import "create_upload_dir.rb"
188 boklm 915 create_upload_dir { "$sched_home_dir/uploads":
189     owner => $sched_login,
190 boklm 968 group => $sched_login,
191 boklm 915 }
192 pterjan 1224
193     tidy { "$packages_archivedir":
194 pterjan 1225 age => "1w",
195 pterjan 1224 matches => "*.rpm",
196     recurse => true,
197 pterjan 1226 type => "ctime",
198 pterjan 1224 }
199 misc 265 }
200    
201 blino 516 class youri_submit {
202 boklm 522 include sudo
203    
204 blino 516 file { "/usr/local/bin/mdv-youri-submit":
205     owner => root,
206     group => root,
207     mode => 755,
208     content => template("buildsystem/mdv-youri-submit")
209     }
210    
211     file { "/usr/local/bin/mdv-youri-submit.wrapper":
212     owner => root,
213     group => root,
214     mode => 755,
215     content => template("buildsystem/mdv-youri-submit.wrapper")
216     }
217    
218 boklm 770 sudo::sudoers_config { "mdv-youri-submit":
219 blino 516 content => template("buildsystem/sudoers.youri")
220     }
221 blino 543
222     file { "/etc/youri":
223     ensure => "directory",
224     }
225    
226     file { "/etc/youri/submit-todo.conf":
227     ensure => present,
228     mode => 644,
229     require => File["/etc/youri"],
230     content => template("buildsystem/submit-todo.conf")
231     }
232 pterjan 682
233 pterjan 685 file { "/etc/youri/submit-upload.conf":
234 pterjan 682 ensure => present,
235     mode => 644,
236     require => File["/etc/youri"],
237 pterjan 685 content => template("buildsystem/submit-upload.conf")
238 pterjan 682 }
239 boklm 772
240     file { "/etc/youri/acl.conf":
241     ensure => present,
242     mode => 644,
243     require => File["/etc/youri"],
244     content => template("buildsystem/youri_acl.conf")
245     }
246 boklm 817
247     file { '/usr/local/bin/submit_package':
248     ensure => present,
249     mode => 755,
250     content => template('buildsystem/submit_package')
251     }
252 pterjan 1390
253     # FIXME use the correct perl directory
254     file { "/usr/lib/perl5/site_perl/5.10.1/Youri/Repository":
255     ensure => "directory",
256     }
257    
258     file { '/usr/lib/perl5/site_perl/5.10.1/Youri/Repository/Mageia.pm':
259     ensure => present,
260     mode => 644,
261     require => File["/usr/lib/perl5/site_perl/5.10.1/Youri/Repository"],
262     source => "puppet:///modules/buildsystem/Mageia.pm",
263     }
264    
265     $package_list = ['perl-SVN', 'mdv-distrib-tools', 'perl-Youri-Media',
266     'perl-Youri-Package', 'perl-Youri-Repository',
267     'perl-Youri-Utils', 'perl-Youri-Config']
268    
269     package { $package_list:
270     ensure => installed;
271     }
272 blino 516 }
273    
274 boklm 862 # $groups: array of secondary groups (only local groups, no ldap)
275     define sshuser($homedir, $comment, $groups = []) {
276 blino 394 group {"$title":
277 blino 351 ensure => present,
278     }
279    
280 blino 394 user {"$title":
281 blino 351 ensure => present,
282 blino 393 comment => $comment,
283 blino 351 managehome => true,
284 boklm 916 home => $homedir,
285 blino 394 gid => $title,
286 boklm 862 groups => $groups,
287 blino 351 shell => "/bin/bash",
288 blino 394 notify => Exec["unlock$title"],
289 blino 424 require => Group[$title],
290 blino 351 }
291 blino 372
292 blino 386 # set password to * to unlock the account but forbid login through login
293 blino 394 exec { "unlock$title":
294     command => "usermod -p '*' $title",
295 blino 386 refreshonly => true,
296     }
297    
298 blino 393 file { $homedir:
299 blino 383 ensure => "directory",
300 blino 423 require => User[$title],
301 blino 383 }
302    
303 blino 393 file { "$homedir/.ssh":
304 blino 372 ensure => "directory",
305     mode => 600,
306 blino 394 owner => $title,
307     group => $title,
308 blino 423 require => File[$homedir],
309 blino 372 }
310 blino 351 }
311    
312 blino 393 class iurtuser {
313 blino 394 sshuser { $build_login:
314     homedir => $build_home_dir,
315     comment => "System user used to run build bots",
316     }
317 blino 429
318     file { "/etc/iurt":
319     ensure => "directory",
320     }
321 blino 393 }
322    
323 misc 213 class iurt {
324 boklm 216 include sudo
325 blino 381 include iurtuser
326 blino 366 ssh::auth::client { $build_login: }
327 blino 396 ssh::auth::server { $sched_login: user => $build_login }
328 misc 213
329     # build node common settings
330     # we could have the following skip list to use less space:
331     # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
332     $package_list = ['task-bs-cluster-chroot', 'iurt']
333     package { $package_list:
334     ensure => installed;
335     }
336    
337 blino 426 file { "/etc/iurt/build":
338     ensure => "directory",
339 blino 428 require => File["/etc/iurt"],
340 blino 426 }
341    
342 blino 425 file { "/etc/iurt/build/cauldron.conf":
343 misc 213 ensure => present,
344     owner => $build_login,
345     group => $build_login,
346     mode => 644,
347 blino 426 require => File["/etc/iurt/build"],
348 boklm 218 content => template("buildsystem/iurt.cauldron.conf")
349 misc 213 }
350    
351 boklm 648 file { "/etc/iurt/build/mandriva2010.1.conf":
352     ensure => present,
353     owner => $build_login,
354     group => $build_login,
355     mode => 644,
356     require => File["/etc/iurt/build"],
357     content => template("buildsystem/iurt.mandriva2010.1.conf")
358     }
359    
360 boklm 770 sudo::sudoers_config { "iurt":
361 boklm 218 content => template("buildsystem/sudoers.iurt")
362 boklm 216 }
363 dmorgan 86 }
364 boklm 696
365     # temporary script to create home dir with ssh key
366     # taking login and url as arguments
367     class mgacreatehome {
368     file { "/usr/local/sbin/mgacreatehome":
369     ensure => present,
370     owner => root,
371     group => root,
372     mode => 700,
373     content => template("buildsystem/mgacreatehome")
374     }
375     }
376 misc 859
377     class check_missing_deps {
378     file { "/usr/local/bin/missing-deps.sh":
379     ensure => present,
380     owner => root,
381     group => root,
382 boklm 869 mode => 755,
383 boklm 868 source => "puppet:///modules/buildsystem/missing-deps.sh",
384 misc 859 }
385    
386     # FIXME hardcoded path
387     cron { "check missing deps":
388     command => "cd /var/www/bs/data && /usr/local/bin/missing-deps.sh",
389     minute => "*/15",
390     }
391     }
392 dmorgan 86 }

  ViewVC Help
Powered by ViewVC 1.1.30