/[adm]/puppet/modules/buildsystem/manifests/init.pp
ViewVC logotype

Contents of /puppet/modules/buildsystem/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2130 - (show annotations) (download)
Sat Jan 7 22:06:45 2012 UTC (12 years, 3 months ago) by misc
File size: 12796 byte(s) 
split signbot from the main module
1 class buildsystem {
2
3 class base {
4 $build_login = "iurt"
5 $build_home_dir = "/home/$build_login"
6 $sched_login = "schedbot"
7 $sched_home_dir = "/var/lib/$sched_login"
8 $packages_archivedir = "$sched_home_dir/old"
9 $repository_root = "/distrib/bootstrap"
10 $mirror_root = "/distrib/mirror"
11 $packagers_group = 'mga-packagers'
12 $packagers_committers_group = 'mga-packagers-committers'
13 $createsrpm_path = '/usr/share/mgarepo/create-srpm'
14
15 include ssh::auth
16 ssh::auth::key { $build_login: # declare a key for build bot: RSA, 2048 bits
17 home => $build_home_dir,
18 }
19 ssh::auth::key { $sched_login: # declare a key for sched bot: RSA, 2048 bits
20 home => $sched_home_dir,
21 }
22 }
23
24 class mainnode inherits base {
25 include iurtuser
26
27 sshuser { $sched_login:
28 homedir => $sched_home_dir,
29 comment => "System user used to schedule builds",
30 }
31
32 ssh::auth::client { $sched_login: }
33 ssh::auth::server { $sched_login: }
34 ssh::auth::server { $build_login: }
35
36 # FIXME Add again task-bs-cluster-main when it will require mgarepo instead of repsys
37 $package_list = ['iurt']
38 package { $package_list:
39 ensure => "installed"
40 }
41
42 apache::vhost_other_app { "repository.$domain":
43 vhost_file => "buildsystem/vhost_repository.conf",
44 }
45
46 $location = "/var/www/bs"
47 file { "$location":
48 ensure => directory,
49 }
50
51 file { "$location/data":
52 ensure => directory,
53 require => File[$location],
54 }
55
56 apache::vhost_base { "pkgsubmit.$domain":
57 aliases => { "/uploads" => "$sched_home_dir/uploads" },
58 location => $location,
59 content => template("buildsystem/vhost_pkgsubmit.conf"),
60 }
61
62 subversion::snapshot { $location:
63 source => "svn://svn.$domain/soft/buildsystem/web/",
64 }
65
66 file { "$repository_root/distrib/cauldron/i586/media/media_info/media.cfg":
67 ensure => present,
68 owner => $sched_login,
69 group => $sched_login,
70 mode => 644,
71 source => "puppet:///modules/buildsystem/i586/media.cfg",
72 }
73
74 file { "$repository_root/distrib/cauldron/x86_64/media/media_info/media.cfg":
75 ensure => present,
76 owner => $sched_login,
77 group => $sched_login,
78 mode => 644,
79 source => "puppet:///modules/buildsystem/x86_64/media.cfg",
80 }
81
82 include scheduler
83 include gatherer
84 include buildsystem::mgarepo
85 include youri_submit
86 include buildsystem::check_missing_deps
87 include buildsystem::signbot
88 }
89
90 class buildnode inherits base {
91 include iurt
92 }
93
94 class scheduler {
95 # ulri
96 include iurtupload
97 }
98
99 class gatherer {
100 # emi
101 include iurtupload
102 }
103
104 class iurtupload {
105 file { "/etc/iurt/upload.conf":
106 ensure => present,
107 owner => $build_login,
108 group => $build_login,
109 mode => 644,
110 require => File["/etc/iurt"],
111 content => template("buildsystem/upload.conf")
112 }
113 }
114
115 class maintdb inherits base {
116 include sudo
117 $maintdb_login = "maintdb"
118 $maintdb_homedir = "/var/lib/maintdb"
119 $maintdb_dbdir = "$maintdb_homedir/db"
120 $maintdb_binpath = "/usr/local/sbin/maintdb"
121 $maintdb_wrappath = "/usr/local/bin/wrapper.maintdb"
122 $maintdb_dump = "/var/www/bs/data/maintdb.txt"
123 $maintdb_unmaintained = "/var/www/bs/data/unmaintained.txt"
124
125 user {"$maintdb_login":
126 ensure => present,
127 comment => "Maintainers database",
128 managehome => true,
129 shell => "/bin/bash",
130 home => "$maintdb_homedir",
131 }
132
133 file { "$maintdb_homedir":
134 ensure => directory,
135 owner => "$maintdb_login",
136 group => "$maintdb_login",
137 mode => 711,
138 require => User["$maintdb_login"],
139 }
140
141 file { "$maintdb_dbdir":
142 ensure => directory,
143 owner => "$maintdb_login",
144 group => "$maintdb_login",
145 mode => 711,
146 require => User["$maintdb_login"],
147 }
148
149 file { "$maintdb_binpath":
150 ensure => present,
151 owner => root,
152 group => root,
153 mode => 755,
154 content => template("buildsystem/maintdb")
155 }
156
157 file { "$maintdb_wrappath":
158 ensure => present,
159 owner => root,
160 group => root,
161 mode => 755,
162 content => template("buildsystem/wrapper.maintdb")
163 }
164
165 sudo::sudoers_config { "maintdb":
166 content => template("buildsystem/sudoers.maintdb")
167 }
168
169 file { "$maintdb_dump":
170 ensure => present,
171 owner => $maintdb_login,
172 mode => 644,
173 require => File["/var/www/bs/data"],
174 }
175
176 cron { "update maintdb export":
177 user => $maintdb_login,
178 command => "$maintdb_binpath root get > $maintdb_dump.new; mv -f $maintdb_dump.new $maintdb_dump; grep ' nobody\$' $maintdb_dump | sed 's/ nobody\$//' > $maintdb_unmaintained.new; mv -f $maintdb_unmaintained.new $maintdb_unmaintained",
179 minute => "*/30",
180 require => User[$maintdb_login],
181 }
182
183 apache::vhost_base { "maintdb.$domain":
184 location => $maintdb_dbdir,
185 content => template("buildsystem/vhost_maintdb.conf"),
186 }
187 }
188
189 class binrepo inherits base {
190 include sudo
191 $binrepo_login = "binrepo"
192 $binrepo_homedir = "/var/lib/$binrepo_login"
193 $binrepodir = "$binrepo_homedir/data"
194 $uploadinfosdir = "$binrepo_homedir/infos"
195 $uploadbinpath = '/usr/local/bin/upload-bin'
196 $uploadbinpathwrapper = '/usr/local/bin/wrapper.upload-bin'
197 $uploadmail_from = "root@$domain"
198 $uploadmail_to = "packages-commits@ml.$domain"
199
200 user {"$binrepo_login":
201 ensure => present,
202 comment => "Binary files repository",
203 managehome => true,
204 shell => "/bin/bash",
205 home => "$binrepo_homedir",
206 }
207
208 file { $binrepodir:
209 ensure => directory,
210 owner => $binrepo_login,
211 group => $binrepo_login,
212 mode => 755,
213 }
214
215 file { $uploadinfosdir:
216 ensure => directory,
217 owner => $binrepo_login,
218 group => $binrepo_login,
219 mode => 755,
220 }
221
222 file { $uploadbinpath:
223 ensure => present,
224 owner => root,
225 group => root,
226 mode => 755,
227 content => template('buildsystem/upload-bin'),
228 }
229
230 file { $uploadbinpathwrapper:
231 ensure => present,
232 owner => root,
233 group => root,
234 mode => 755,
235 content => template('buildsystem/wrapper.upload-bin'),
236 }
237
238 sudo::sudoers_config { "binrepo":
239 content => template("buildsystem/sudoers.binrepo")
240 }
241
242 apache::vhost_base { "binrepo.$domain":
243 location => $binrepodir,
244 content => template("buildsystem/vhost_binrepo.conf"),
245 }
246 }
247
248 class youri_submit {
249 include sudo
250
251 file { "/usr/local/bin/mga-youri-submit":
252 owner => root,
253 group => root,
254 mode => 755,
255 content => template("buildsystem/mga-youri-submit")
256 }
257
258 file { "/usr/local/bin/mga-youri-submit.wrapper":
259 owner => root,
260 group => root,
261 mode => 755,
262 content => template("buildsystem/mga-youri-submit.wrapper")
263 }
264
265 sudo::sudoers_config { "mga-youri-submit":
266 content => template("buildsystem/sudoers.youri")
267 }
268
269 package { "rpmlint": }
270
271 file { "/etc/rpmlint/config":
272 ensure => present,
273 mode => 644,
274 require => Package['rpmlint'],
275 content => template("buildsystem/rpmlint.conf")
276 }
277
278 # directory that hold configuration auto extracted after upload
279 # of the rpmlint policy
280 file { "/etc/rpmlint/extracted.d/":
281 ensure => directory,
282 require => Package['rpmlint'],
283 owner => $sched_login,
284 }
285
286 file { "/etc/youri":
287 ensure => "directory",
288 }
289
290 file { "/etc/youri/submit-todo.conf":
291 ensure => present,
292 mode => 644,
293 require => File["/etc/youri"],
294 content => template("buildsystem/submit-todo.conf")
295 }
296
297 file { "/etc/youri/submit-upload.conf":
298 ensure => present,
299 mode => 644,
300 require => File["/etc/youri"],
301 content => template("buildsystem/submit-upload.conf")
302 }
303
304 file { "/etc/youri/acl.conf":
305 ensure => present,
306 mode => 644,
307 require => File["/etc/youri"],
308 content => template("buildsystem/youri_acl.conf")
309 }
310
311 file { '/usr/local/bin/submit_package':
312 ensure => present,
313 mode => 755,
314 content => template('buildsystem/submit_package.pl')
315 }
316
317 # FIXME use the correct perl directory
318 file { "/usr/lib/perl5/site_perl/5.10.1/Youri/Repository":
319 ensure => "directory",
320 }
321
322 file { '/usr/lib/perl5/site_perl/5.10.1/Youri/Repository/Mageia.pm':
323 ensure => present,
324 mode => 644,
325 require => File["/usr/lib/perl5/site_perl/5.10.1/Youri/Repository"],
326 source => "puppet:///modules/buildsystem/Mageia.pm",
327 }
328
329 $package_list = ['perl-SVN', 'mdv-distrib-tools', 'perl-Youri-Media',
330 'perl-Youri-Package', 'perl-Youri-Repository',
331 'perl-Youri-Utils', 'perl-Youri-Config', 'mga-youri-submit']
332
333 package { $package_list:
334 ensure => installed;
335 }
336 }
337
338 # $groups: array of secondary groups (only local groups, no ldap)
339 define sshuser($homedir, $comment, $groups = []) {
340 group {"$title":
341 ensure => present,
342 }
343
344 user {"$title":
345 ensure => present,
346 comment => $comment,
347 managehome => true,
348 home => $homedir,
349 gid => $title,
350 groups => $groups,
351 shell => "/bin/bash",
352 notify => Exec["unlock$title"],
353 require => Group[$title],
354 }
355
356 # set password to * to unlock the account but forbid login through login
357 exec { "unlock$title":
358 command => "usermod -p '*' $title",
359 refreshonly => true,
360 }
361
362 file { $homedir:
363 ensure => "directory",
364 require => User[$title],
365 }
366
367 file { "$homedir/.ssh":
368 ensure => "directory",
369 mode => 600,
370 owner => $title,
371 group => $title,
372 require => File[$homedir],
373 }
374 }
375
376 class iurtuser {
377 sshuser { $build_login:
378 homedir => $build_home_dir,
379 comment => "System user used to run build bots",
380 }
381
382 file { "/etc/iurt":
383 ensure => "directory",
384 }
385 }
386
387 class iurt {
388 include sudo
389 include iurtuser
390 ssh::auth::client { $build_login: }
391 ssh::auth::server { $sched_login: user => $build_login }
392
393 $tidy_age = "8w"
394 # remove old build directory
395 tidy { "$build_home_dir/iurt":
396 age => $tidy_age,
397 recurse => true,
398 matches => ['[0-9][0-9].*\..*\..*\.[0-9]*',"log","*.rpm","*.log","*.mga[0-9]+"],
399 rmdirs => true,
400 }
401
402 # build node common settings
403 # we could have the following skip list to use less space:
404 # '/(drakx-installer-binaries|drakx-installer-advertising|gfxboot|drakx-installer-stage2|mandriva-theme)/'
405 $package_list = ['task-bs-cluster-chroot', 'iurt']
406 package { $package_list:
407 ensure => installed;
408 }
409
410 file { "/etc/iurt/build":
411 ensure => "directory",
412 require => File["/etc/iurt"],
413 }
414
415 define iurt_config() {
416
417 $distribution = $name
418 file { "/etc/iurt/build/$distribution.conf":
419 ensure => present,
420 owner => $build_login,
421 group => $build_login,
422 mode => 644,
423 require => File["/etc/iurt/build"],
424 content => template("buildsystem/iurt.$distribution.conf")
425 }
426 }
427
428 iurt_config { "1": }
429 iurt_config { "mandriva2010.1": }
430 iurt_config { "cauldron": }
431
432 sudo::sudoers_config { "iurt":
433 content => template("buildsystem/sudoers.iurt")
434 }
435 }
436
437 # A script to copy on valstar the 2010.1 rpms built on jonund
438 class sync20101 inherits base {
439 file { "/usr/local/bin/sync2010.1":
440 ensure => present,
441 owner => root,
442 group => root,
443 mode => 755,
444 content => template("buildsystem/sync2010.1"),
445 }
446 }
447
448 # a script to build 2010.1 packages. used on jonund
449 class iurt20101 inherits base {
450 file { "/usr/local/bin/iurt2010.1":
451 ensure => present,
452 owner => root,
453 group => root,
454 mode => 755,
455 content => template("buildsystem/iurt2010.1"),
456 }
457 }
458 }
  ViewVC Help
Powered by ViewVC 1.1.30