/[adm]/puppet/modules/sympa/manifests/init.pp
ViewVC logotype

Annotation of /puppet/modules/sympa/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 690 - (hide annotations) (download)
Fri Jan 7 02:15:53 2011 UTC (13 years, 2 months ago) by misc
File size: 11095 byte(s)
- disable list creation request by the web interface, as this would bypass puppet
completly
1 dmorgan 234 class sympa {
2 misc 562 class variable {
3     $vhost = "ml.$domain"
4     }
5    
6     class server inherits variable {
7 misc 551 # perl-CGI-Fast is needed for fast cgi
8     # perl-Socket6 is required by perl-IO-Socket-SSL
9     # (optional requirement)
10     $package_list = ['sympa', 'sympa-www', 'perl-CGI-Fast',
11     'perl-Socket6']
12 misc 533
13 misc 551 package { $package_list:
14     ensure => installed;
15     }
16    
17     # sympa script start 5 differents script, I am not
18     # sure that puppet will correctly handle this
19     service { "sympa":
20     ensure => running,
21     hasstatus => true,
22 misc 566 subscribe => [ Package["sympa"], File['/etc/sympa/sympa.conf']]
23 misc 551 }
24    
25 misc 624 $pgsql_password = extlookup("sympa_pgsql",'x')
26     $ldap_password = extlookup("sympa_ldap",'x')
27 misc 551
28     @@postgresql::user { 'sympa':
29 misc 624 password => $pgsql_password,
30 misc 551 }
31    
32     file { '/etc/sympa/sympa.conf':
33     ensure => present,
34     # should be cleaner to have it root owned, but puppet do not support acl
35     # and in any case, config will be reset if it change
36     owner => sympa,
37     group => apache,
38     mode => 640,
39     content => template("sympa/sympa.conf")
40     }
41    
42     file { '/etc/sympa/auth.conf':
43     ensure => present,
44     owner => root,
45     group => root,
46     mode => 644,
47 misc 571 content => template("sympa/auth.conf"),
48     notify => Service['httpd']
49 misc 551 }
50    
51    
52     include apache::mod_fcgid
53     apache::webapp_other{"sympa":
54 misc 560 webapp_file => "sympa/webapp_sympa.conf",
55 misc 551 }
56 misc 560
57 misc 562 apache::vhost_redirect_ssl { "$vhost": }
58 misc 560
59 misc 562 apache::vhost_other_app { "$vhost":
60 misc 551 vhost_file => "sympa/vhost_ml.conf",
61     }
62 misc 560
63 misc 562 openssl::self_signed_cert{ "$vhost":
64 misc 560 directory => "/etc/ssl/apache/"
65     }
66 misc 551
67 misc 560
68 misc 551 @@postgresql::database { 'sympa':
69     description => "Sympa database",
70     user => "sympa",
71     require => Postgresql::User["sympa"]
72     }
73    
74     subversion::snapshot { "/etc/sympa/web_tt2":
75     source => "svn://svn.mageia.org/svn/web/templates/sympa/trunk"
76     }
77 misc 553
78 misc 576 file { ["/etc/sympa/lists_xml/",
79 misc 578 "/etc/sympa/scenari/",
80 misc 576 "/etc/sympa/data_sources/",
81     "/etc/sympa/search_filters/"]:
82 misc 553 ensure => directory,
83     owner => root,
84     group => root,
85     mode => 755,
86 misc 635 purge => true,
87     recurse => true,
88     force => true,
89 misc 553 }
90 misc 569
91 misc 588 file { ["/etc/sympa/scenari/subscribe.open_web_only_notify",
92     "/etc/sympa/scenari/unsubscribe.open_web_only_notify"]:
93     ensure => present,
94     owner => root,
95     group => root,
96     mode => 755,
97     source => "puppet:///modules/sympa/scenari/open_web_only_notify",
98     }
99    
100 misc 611 file { ["/etc/sympa/scenari/send.subscriber_moderated"]:
101     ensure => present,
102     owner => root,
103     group => root,
104     mode => 755,
105     source => "puppet:///modules/sympa/scenari/subscriber_moderated",
106     }
107    
108 misc 690 file { ["/etc/sympa/scenari/create_list.forbidden"]:
109     ensure => present,
110     owner => root,
111     group => root,
112     mode => 755,
113     source => "puppet:///modules/sympa/scenari/forbidden",
114     }
115    
116    
117 misc 643 file { ["/etc/sympa/topics.conf"]:
118     ensure => present,
119     owner => root,
120     group => root,
121     mode => 755,
122     source => "puppet:///modules/sympa/topics.conf",
123     }
124    
125 misc 576 define ldap_search_filter {
126 misc 604 file { "/etc/sympa/search_filters/$name.ldap":
127 misc 576 ensure => present,
128     owner => root,
129     group => root,
130     mode => 755,
131 misc 587 content => template('sympa/search_filters/group.ldap')
132 misc 576 }
133     }
134    
135 misc 574 define ldap_group_datasource {
136 misc 598 file { "/etc/sympa/data_sources/$name.incl":
137 misc 574 ensure => present,
138     owner => root,
139     group => root,
140     mode => 755,
141 misc 587 content => template('sympa/data_sources/ldap_group.incl')
142 misc 574 }
143     }
144 misc 581
145     define scenario_sender_ldap_group {
146 misc 606 file { "/etc/sympa/scenari/send.restricted_$name":
147 misc 589 ensure => present,
148     owner => root,
149     group => root,
150     mode => 755,
151     content => template('sympa/scenari/sender.ldap_group')
152     }
153 misc 581 }
154    
155     define scenario_sender_email {
156 misc 606 file { "/etc/sympa/scenari/send.restricted_$name":
157 misc 589 ensure => present,
158     owner => root,
159     group => root,
160     mode => 755,
161     content => template('sympa/scenari/sender.email')
162     }
163 misc 581 }
164    
165 misc 574 # add each group that could be used in a sympa ml either as
166     # - owner
167     # - editor ( moderation )
168 misc 602 ldap_group_datasource { "mga-sysadmin": }
169 misc 574 ldap_group_datasource { "mga-ml_moderators": }
170    
171 misc 576
172 misc 569 # directory that will hold the list data
173     # i am not sure of the name ( misc, 09/12/10 )
174     file { "/var/lib/sympa/expl/":
175     ensure => directory,
176     owner => sympa,
177     group => root,
178     mode => 755,
179     }
180 dmorgan 234 }
181 misc 557
182 misc 580 define list($subject,
183     $profile = false,
184     $language = 'en',
185 misc 644 $topics = false,
186 misc 580 $reply_to = false,
187     $sender_email = false,
188     $sender_ldap_group = false,
189     $subscriber_ldap_group = false,
190     $public_archive = true ) {
191 misc 557
192 misc 562 include sympa::variable
193    
194 misc 557 $xml_file = "/etc/sympa/lists_xml/$name.xml"
195    
196 misc 607 if $sender_email {
197     $sender_email_file = regsubst($sender_email,'\@','-at-')
198     } else {
199     $sender_email_file = ''
200     }
201    
202 misc 557 file { "$xml_file":
203     owner => root,
204     group => root,
205     content => template('sympa/list.xml')
206     }
207    
208 misc 562 exec { "sympa.pl --create_list --robot=$sympa::variable::vhost --input_file=$xml_file":
209 misc 590 require => File["$xml_file"],
210 misc 592 creates => "/var/lib/sympa/expl/$name",
211 misc 580 before => File["/var/lib/sympa/expl/$name/config"],
212 misc 557 }
213 misc 580
214     file { "/var/lib/sympa/expl/$name/config":
215     ensure => present,
216     owner => sympa,
217     group => sympa,
218     mode => 750,
219     content => template("sympa/config"),
220 misc 645 notify => Service['sympa'],
221 misc 580 }
222 misc 581
223     if $sender_ldap_group {
224     if ! defined(Sympa::Server::Scenario_sender_ldap_group[$sender_ldap_group]) {
225     sympa::server::scenario_sender_ldap_group { $sender_ldap_group: }
226     }
227     }
228    
229     if $sender_email {
230 misc 607 if ! defined(Sympa::Server::Scenario_sender_email[$sender_email_file]) {
231     sympa::server::scenario_sender_email { $sender_email_file: }
232 misc 581 }
233     }
234    
235     if $subscriber_ldap_group {
236     if ! defined(Sympa::Server::Ldap_search_filter[$subscriber_ldap_group]) {
237     sympa::server::ldap_search_filter { $subscriber_ldap_group: }
238     }
239     }
240 misc 557 }
241 misc 582
242     #
243     # various types of list that can be directly used
244     #
245     #
246 misc 644 define public_list($subject, $language = 'en', $topics = false) {
247 misc 582 list { $name:
248     subject => $subject,
249     # profile => "public",
250     language => $language,
251 misc 675 topics => $topics,
252 misc 582 }
253     }
254    
255     # list where announce are sent by member of ldap_group
256     # reply_to is set to $reply_to
257 misc 644 define announce_list_group($subject, $reply_to, $sender_ldap_group, $language = 'en', $topics = false) {
258 misc 582 # profile + scenario
259     list{ $name:
260     subject => $subject,
261     profile => "",
262     language => $language,
263 misc 675 topics => $topics,
264 misc 582 reply_to => $reply_to,
265     sender_ldap_group => $sender_ldap_group,
266     }
267     }
268    
269    
270     # list where announce are sent by $email only
271     # reply_to is set to $reply_to
272 misc 644 define announce_list_email($subject, $reply_to, $sender_email, $language = 'en', $topics = false) {
273 misc 582 list{ $name:
274     subject => $subject,
275     profile => "",
276     language => $language,
277 misc 675 topics => $topics,
278 misc 582 reply_to => $reply_to,
279     sender_email => $sender_email,
280     }
281     }
282    
283     # list where people cannot subscribe, where people from $ldap_group receive
284     # mail, with public archive
285 misc 644 define restricted_list($subject, $subscriber_ldap_group, $language = 'en', $topics = false) {
286 misc 582 list{ $name:
287     subject => $subject,
288     profile => "",
289 misc 675 topics => $topics,
290 misc 582 language => $language,
291     subscriber_ldap_group => $subscriber_ldap_group,
292     sender_ldap_group => $subscriber_ldap_group,
293     }
294     }
295    
296     # same as restricted list, but anybody can post
297 misc 644 define restricted_list_open($subject, $subscriber_ldap_group, $language = 'en', $topics = false) {
298 misc 582 list{ $name:
299     subject => $subject,
300     profile => "",
301     language => $language,
302 misc 675 topics => $topics,
303 misc 582 subscriber_ldap_group => $subscriber_ldap_group,
304     sender_ldap_group => $subscriber_ldap_group,
305     }
306     }
307    
308     # list with private archive, restricted to member of $ldap_group
309 misc 644 define private_list($subject, $subscriber_ldap_group, $language ='en', $topics = false) {
310 misc 582 list{ $name:
311     subject => $subject,
312     profile => "",
313     language => $language,
314 misc 675 topics => $topics,
315 misc 582 subscriber_ldap_group => $subscriber_ldap_group,
316     sender_ldap_group => $subscriber_ldap_group,
317     public_archive => false,
318     }
319     }
320    
321     # list with private archive, restricted to member of $ldap_group
322     # everybody can post
323     # used for contact alias
324 misc 644 define private_list_open($subject, $subscriber_ldap_group, $language ='en', $topics = false) {
325 misc 582 list{ $name:
326     subject => $subject,
327     profile => "",
328     language => $language,
329 misc 675 topics => $topics,
330 misc 582 subscriber_ldap_group => $subscriber_ldap_group,
331     public_archive => false,
332     }
333     }
334    
335     # same as private_list, but post are restricted to $email
336     # ( scripting )
337 misc 644 define private_list_email($subject, $subscriber_ldap_group, $sender_email, $language ='en', $topics = false) {
338 misc 582 list{ $name:
339     subject => $subject,
340     profile => "",
341     language => $language,
342 misc 675 topics => $topics,
343 misc 582 subscriber_ldap_group => $subscriber_ldap_group,
344     sender_email => $sender_email,
345     public_archive => false,
346     }
347     }
348 dmorgan 234 }
349    

  ViewVC Help
Powered by ViewVC 1.1.30