1 |
dmorgan |
234 |
class sympa { |
2 |
misc |
562 |
class variable { |
3 |
|
|
$vhost = "ml.$domain" |
4 |
|
|
} |
5 |
|
|
|
6 |
|
|
class server inherits variable { |
7 |
misc |
551 |
# perl-CGI-Fast is needed for fast cgi |
8 |
|
|
# perl-Socket6 is required by perl-IO-Socket-SSL |
9 |
|
|
# (optional requirement) |
10 |
|
|
$package_list = ['sympa', 'sympa-www', 'perl-CGI-Fast', |
11 |
|
|
'perl-Socket6'] |
12 |
misc |
533 |
|
13 |
misc |
551 |
package { $package_list: |
14 |
|
|
ensure => installed; |
15 |
|
|
} |
16 |
|
|
|
17 |
|
|
# sympa script start 5 differents script, I am not |
18 |
|
|
# sure that puppet will correctly handle this |
19 |
|
|
service { "sympa": |
20 |
|
|
ensure => running, |
21 |
|
|
hasstatus => true, |
22 |
misc |
566 |
subscribe => [ Package["sympa"], File['/etc/sympa/sympa.conf']] |
23 |
misc |
551 |
} |
24 |
|
|
|
25 |
misc |
624 |
$pgsql_password = extlookup("sympa_pgsql",'x') |
26 |
|
|
$ldap_password = extlookup("sympa_ldap",'x') |
27 |
misc |
551 |
|
28 |
misc |
1281 |
postgresql::remote_user { 'sympa': |
29 |
misc |
624 |
password => $pgsql_password, |
30 |
misc |
551 |
} |
31 |
|
|
|
32 |
|
|
file { '/etc/sympa/sympa.conf': |
33 |
|
|
ensure => present, |
34 |
|
|
# should be cleaner to have it root owned, but puppet do not support acl |
35 |
|
|
# and in any case, config will be reset if it change |
36 |
|
|
owner => sympa, |
37 |
|
|
group => apache, |
38 |
|
|
mode => 640, |
39 |
|
|
content => template("sympa/sympa.conf") |
40 |
|
|
} |
41 |
|
|
|
42 |
|
|
file { '/etc/sympa/auth.conf': |
43 |
|
|
ensure => present, |
44 |
|
|
owner => root, |
45 |
|
|
group => root, |
46 |
|
|
mode => 644, |
47 |
misc |
571 |
content => template("sympa/auth.conf"), |
48 |
|
|
notify => Service['httpd'] |
49 |
misc |
551 |
} |
50 |
|
|
|
51 |
|
|
|
52 |
|
|
include apache::mod_fcgid |
53 |
|
|
apache::webapp_other{"sympa": |
54 |
misc |
560 |
webapp_file => "sympa/webapp_sympa.conf", |
55 |
misc |
551 |
} |
56 |
misc |
560 |
|
57 |
misc |
562 |
apache::vhost_redirect_ssl { "$vhost": } |
58 |
misc |
560 |
|
59 |
boklm |
1235 |
apache::vhost_base { "$vhost": |
60 |
|
|
use_ssl => true, |
61 |
|
|
content => template("sympa/vhost_ml.conf"), |
62 |
misc |
551 |
} |
63 |
misc |
560 |
|
64 |
misc |
1281 |
postgresql::remote_database { 'sympa': |
65 |
misc |
551 |
description => "Sympa database", |
66 |
|
|
user => "sympa", |
67 |
|
|
} |
68 |
|
|
|
69 |
|
|
subversion::snapshot { "/etc/sympa/web_tt2": |
70 |
|
|
source => "svn://svn.mageia.org/svn/web/templates/sympa/trunk" |
71 |
|
|
} |
72 |
misc |
553 |
|
73 |
misc |
576 |
file { ["/etc/sympa/lists_xml/", |
74 |
misc |
578 |
"/etc/sympa/scenari/", |
75 |
misc |
576 |
"/etc/sympa/data_sources/", |
76 |
|
|
"/etc/sympa/search_filters/"]: |
77 |
misc |
553 |
ensure => directory, |
78 |
|
|
owner => root, |
79 |
|
|
group => root, |
80 |
|
|
mode => 755, |
81 |
misc |
635 |
purge => true, |
82 |
|
|
recurse => true, |
83 |
|
|
force => true, |
84 |
misc |
553 |
} |
85 |
misc |
569 |
|
86 |
misc |
588 |
file { ["/etc/sympa/scenari/subscribe.open_web_only_notify", |
87 |
|
|
"/etc/sympa/scenari/unsubscribe.open_web_only_notify"]: |
88 |
|
|
ensure => present, |
89 |
|
|
owner => root, |
90 |
|
|
group => root, |
91 |
|
|
mode => 755, |
92 |
|
|
source => "puppet:///modules/sympa/scenari/open_web_only_notify", |
93 |
|
|
} |
94 |
|
|
|
95 |
misc |
611 |
file { ["/etc/sympa/scenari/send.subscriber_moderated"]: |
96 |
|
|
ensure => present, |
97 |
|
|
owner => root, |
98 |
|
|
group => root, |
99 |
|
|
mode => 755, |
100 |
|
|
source => "puppet:///modules/sympa/scenari/subscriber_moderated", |
101 |
|
|
} |
102 |
|
|
|
103 |
misc |
690 |
file { ["/etc/sympa/scenari/create_list.forbidden"]: |
104 |
|
|
ensure => present, |
105 |
|
|
owner => root, |
106 |
|
|
group => root, |
107 |
|
|
mode => 755, |
108 |
|
|
source => "puppet:///modules/sympa/scenari/forbidden", |
109 |
|
|
} |
110 |
|
|
|
111 |
|
|
|
112 |
misc |
643 |
file { ["/etc/sympa/topics.conf"]: |
113 |
|
|
ensure => present, |
114 |
|
|
owner => root, |
115 |
|
|
group => root, |
116 |
|
|
mode => 755, |
117 |
|
|
source => "puppet:///modules/sympa/topics.conf", |
118 |
|
|
} |
119 |
|
|
|
120 |
misc |
576 |
define ldap_search_filter { |
121 |
misc |
604 |
file { "/etc/sympa/search_filters/$name.ldap": |
122 |
misc |
576 |
ensure => present, |
123 |
|
|
owner => root, |
124 |
|
|
group => root, |
125 |
|
|
mode => 755, |
126 |
misc |
587 |
content => template('sympa/search_filters/group.ldap') |
127 |
misc |
576 |
} |
128 |
|
|
} |
129 |
|
|
|
130 |
misc |
574 |
define ldap_group_datasource { |
131 |
misc |
598 |
file { "/etc/sympa/data_sources/$name.incl": |
132 |
misc |
574 |
ensure => present, |
133 |
|
|
owner => root, |
134 |
|
|
group => root, |
135 |
|
|
mode => 755, |
136 |
misc |
587 |
content => template('sympa/data_sources/ldap_group.incl') |
137 |
misc |
574 |
} |
138 |
|
|
} |
139 |
misc |
581 |
|
140 |
|
|
define scenario_sender_ldap_group { |
141 |
misc |
606 |
file { "/etc/sympa/scenari/send.restricted_$name": |
142 |
misc |
589 |
ensure => present, |
143 |
|
|
owner => root, |
144 |
|
|
group => root, |
145 |
|
|
mode => 755, |
146 |
|
|
content => template('sympa/scenari/sender.ldap_group') |
147 |
|
|
} |
148 |
misc |
581 |
} |
149 |
|
|
|
150 |
|
|
define scenario_sender_email { |
151 |
misc |
758 |
$sender_email_file = regsubst($name,'\@','-at-') |
152 |
|
|
file { "/etc/sympa/scenari/send.restricted_$sender_email_file": |
153 |
misc |
589 |
ensure => present, |
154 |
|
|
owner => root, |
155 |
|
|
group => root, |
156 |
|
|
mode => 755, |
157 |
|
|
content => template('sympa/scenari/sender.email') |
158 |
|
|
} |
159 |
misc |
581 |
} |
160 |
|
|
|
161 |
misc |
574 |
# add each group that could be used in a sympa ml either as |
162 |
|
|
# - owner |
163 |
|
|
# - editor ( moderation ) |
164 |
misc |
602 |
ldap_group_datasource { "mga-sysadmin": } |
165 |
misc |
574 |
ldap_group_datasource { "mga-ml_moderators": } |
166 |
|
|
|
167 |
misc |
576 |
|
168 |
misc |
569 |
# directory that will hold the list data |
169 |
|
|
# i am not sure of the name ( misc, 09/12/10 ) |
170 |
|
|
file { "/var/lib/sympa/expl/": |
171 |
|
|
ensure => directory, |
172 |
|
|
owner => sympa, |
173 |
|
|
group => root, |
174 |
|
|
mode => 755, |
175 |
|
|
} |
176 |
dmorgan |
234 |
} |
177 |
misc |
557 |
|
178 |
misc |
580 |
define list($subject, |
179 |
|
|
$profile = false, |
180 |
|
|
$language = 'en', |
181 |
misc |
644 |
$topics = false, |
182 |
misc |
580 |
$reply_to = false, |
183 |
|
|
$sender_email = false, |
184 |
|
|
$sender_ldap_group = false, |
185 |
|
|
$subscriber_ldap_group = false, |
186 |
misc |
1344 |
$public_archive = true, |
187 |
|
|
$subscription_open = false ) { |
188 |
misc |
557 |
|
189 |
misc |
562 |
include sympa::variable |
190 |
|
|
|
191 |
misc |
557 |
$xml_file = "/etc/sympa/lists_xml/$name.xml" |
192 |
|
|
|
193 |
misc |
607 |
if $sender_email { |
194 |
|
|
$sender_email_file = regsubst($sender_email,'\@','-at-') |
195 |
|
|
} else { |
196 |
|
|
$sender_email_file = '' |
197 |
|
|
} |
198 |
|
|
|
199 |
misc |
557 |
file { "$xml_file": |
200 |
|
|
owner => root, |
201 |
|
|
group => root, |
202 |
|
|
content => template('sympa/list.xml') |
203 |
|
|
} |
204 |
|
|
|
205 |
misc |
562 |
exec { "sympa.pl --create_list --robot=$sympa::variable::vhost --input_file=$xml_file": |
206 |
misc |
590 |
require => File["$xml_file"], |
207 |
misc |
592 |
creates => "/var/lib/sympa/expl/$name", |
208 |
misc |
580 |
before => File["/var/lib/sympa/expl/$name/config"], |
209 |
misc |
557 |
} |
210 |
misc |
580 |
|
211 |
|
|
file { "/var/lib/sympa/expl/$name/config": |
212 |
|
|
ensure => present, |
213 |
|
|
owner => sympa, |
214 |
|
|
group => sympa, |
215 |
|
|
mode => 750, |
216 |
|
|
content => template("sympa/config"), |
217 |
misc |
645 |
notify => Service['sympa'], |
218 |
misc |
580 |
} |
219 |
misc |
581 |
|
220 |
|
|
if $sender_ldap_group { |
221 |
|
|
if ! defined(Sympa::Server::Scenario_sender_ldap_group[$sender_ldap_group]) { |
222 |
|
|
sympa::server::scenario_sender_ldap_group { $sender_ldap_group: } |
223 |
|
|
} |
224 |
|
|
} |
225 |
|
|
|
226 |
|
|
if $sender_email { |
227 |
misc |
758 |
if ! defined(Sympa::Server::Scenario_sender_email[$sender_email]) { |
228 |
|
|
sympa::server::scenario_sender_email { $sender_email: } |
229 |
misc |
581 |
} |
230 |
|
|
} |
231 |
|
|
|
232 |
|
|
if $subscriber_ldap_group { |
233 |
|
|
if ! defined(Sympa::Server::Ldap_search_filter[$subscriber_ldap_group]) { |
234 |
|
|
sympa::server::ldap_search_filter { $subscriber_ldap_group: } |
235 |
|
|
} |
236 |
|
|
} |
237 |
misc |
557 |
} |
238 |
misc |
582 |
|
239 |
|
|
# |
240 |
|
|
# various types of list that can be directly used |
241 |
|
|
# |
242 |
|
|
# |
243 |
misc |
644 |
define public_list($subject, $language = 'en', $topics = false) { |
244 |
misc |
582 |
list { $name: |
245 |
|
|
subject => $subject, |
246 |
|
|
# profile => "public", |
247 |
|
|
language => $language, |
248 |
misc |
675 |
topics => $topics, |
249 |
misc |
582 |
} |
250 |
|
|
} |
251 |
|
|
|
252 |
|
|
# list where announce are sent by member of ldap_group |
253 |
|
|
# reply_to is set to $reply_to |
254 |
misc |
644 |
define announce_list_group($subject, $reply_to, $sender_ldap_group, $language = 'en', $topics = false) { |
255 |
misc |
582 |
# profile + scenario |
256 |
|
|
list{ $name: |
257 |
|
|
subject => $subject, |
258 |
|
|
profile => "", |
259 |
|
|
language => $language, |
260 |
misc |
675 |
topics => $topics, |
261 |
misc |
582 |
reply_to => $reply_to, |
262 |
|
|
sender_ldap_group => $sender_ldap_group, |
263 |
|
|
} |
264 |
|
|
} |
265 |
|
|
|
266 |
|
|
|
267 |
|
|
# list where announce are sent by $email only |
268 |
|
|
# reply_to is set to $reply_to |
269 |
misc |
644 |
define announce_list_email($subject, $reply_to, $sender_email, $language = 'en', $topics = false) { |
270 |
misc |
582 |
list{ $name: |
271 |
|
|
subject => $subject, |
272 |
|
|
profile => "", |
273 |
|
|
language => $language, |
274 |
misc |
675 |
topics => $topics, |
275 |
misc |
582 |
reply_to => $reply_to, |
276 |
|
|
sender_email => $sender_email, |
277 |
|
|
} |
278 |
|
|
} |
279 |
|
|
|
280 |
|
|
# list where people cannot subscribe, where people from $ldap_group receive |
281 |
|
|
# mail, with public archive |
282 |
misc |
644 |
define restricted_list($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { |
283 |
misc |
582 |
list{ $name: |
284 |
|
|
subject => $subject, |
285 |
|
|
profile => "", |
286 |
misc |
675 |
topics => $topics, |
287 |
misc |
582 |
language => $language, |
288 |
|
|
subscriber_ldap_group => $subscriber_ldap_group, |
289 |
|
|
sender_ldap_group => $subscriber_ldap_group, |
290 |
|
|
} |
291 |
|
|
} |
292 |
|
|
|
293 |
misc |
1345 |
# list where only people from the ldap_group can post, ad where they are subscribe |
294 |
|
|
# by default, but anybody else can subscribe to read and receive messages |
295 |
|
|
define public_restricted_list($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { |
296 |
|
|
list{ $name: |
297 |
|
|
subject => $subject, |
298 |
|
|
profile => "", |
299 |
|
|
topics => $topics, |
300 |
|
|
language => $language, |
301 |
|
|
subscriber_ldap_group => $subscriber_ldap_group, |
302 |
|
|
sender_ldap_group => $subscriber_ldap_group, |
303 |
|
|
subscription_open => true, |
304 |
|
|
} |
305 |
|
|
} |
306 |
|
|
|
307 |
|
|
|
308 |
misc |
582 |
# same as restricted list, but anybody can post |
309 |
misc |
644 |
define restricted_list_open($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { |
310 |
misc |
582 |
list{ $name: |
311 |
|
|
subject => $subject, |
312 |
|
|
profile => "", |
313 |
|
|
language => $language, |
314 |
misc |
675 |
topics => $topics, |
315 |
misc |
582 |
subscriber_ldap_group => $subscriber_ldap_group, |
316 |
|
|
sender_ldap_group => $subscriber_ldap_group, |
317 |
|
|
} |
318 |
|
|
} |
319 |
|
|
|
320 |
|
|
# list with private archive, restricted to member of $ldap_group |
321 |
misc |
644 |
define private_list($subject, $subscriber_ldap_group, $language ='en', $topics = false) { |
322 |
misc |
582 |
list{ $name: |
323 |
|
|
subject => $subject, |
324 |
|
|
profile => "", |
325 |
|
|
language => $language, |
326 |
misc |
675 |
topics => $topics, |
327 |
misc |
582 |
subscriber_ldap_group => $subscriber_ldap_group, |
328 |
|
|
sender_ldap_group => $subscriber_ldap_group, |
329 |
|
|
public_archive => false, |
330 |
|
|
} |
331 |
|
|
} |
332 |
|
|
|
333 |
|
|
# list with private archive, restricted to member of $ldap_group |
334 |
|
|
# everybody can post |
335 |
|
|
# used for contact alias |
336 |
misc |
644 |
define private_list_open($subject, $subscriber_ldap_group, $language ='en', $topics = false) { |
337 |
misc |
582 |
list{ $name: |
338 |
|
|
subject => $subject, |
339 |
|
|
profile => "", |
340 |
|
|
language => $language, |
341 |
misc |
675 |
topics => $topics, |
342 |
misc |
582 |
subscriber_ldap_group => $subscriber_ldap_group, |
343 |
|
|
public_archive => false, |
344 |
|
|
} |
345 |
|
|
} |
346 |
|
|
|
347 |
|
|
# same as private_list, but post are restricted to $email |
348 |
|
|
# ( scripting ) |
349 |
misc |
644 |
define private_list_email($subject, $subscriber_ldap_group, $sender_email, $language ='en', $topics = false) { |
350 |
misc |
582 |
list{ $name: |
351 |
|
|
subject => $subject, |
352 |
|
|
profile => "", |
353 |
|
|
language => $language, |
354 |
misc |
675 |
topics => $topics, |
355 |
misc |
582 |
subscriber_ldap_group => $subscriber_ldap_group, |
356 |
|
|
sender_email => $sender_email, |
357 |
|
|
public_archive => false, |
358 |
|
|
} |
359 |
|
|
} |
360 |
dmorgan |
234 |
} |
361 |
|
|
|