1 |
class sympa { |
2 |
class variable { |
3 |
$vhost = "ml.$domain" |
4 |
} |
5 |
|
6 |
class server inherits variable { |
7 |
# perl-CGI-Fast is needed for fast cgi |
8 |
# perl-Socket6 is required by perl-IO-Socket-SSL |
9 |
# (optional requirement) |
10 |
package { ['sympa', 'sympa-www', 'perl-CGI-Fast', |
11 |
'perl-Socket6']: } |
12 |
|
13 |
# sympa script start 5 differents script, I am not |
14 |
# sure that puppet will correctly handle this |
15 |
service { "sympa": |
16 |
subscribe => [ Package["sympa"], File['/etc/sympa/sympa.conf']] |
17 |
} |
18 |
|
19 |
$pgsql_password = extlookup("sympa_pgsql",'x') |
20 |
$ldap_password = extlookup("sympa_ldap",'x') |
21 |
|
22 |
postgresql::remote_db_and_user { 'sympa': |
23 |
password => $pgsql_password, |
24 |
description => "Sympa database", |
25 |
} |
26 |
|
27 |
File { |
28 |
require => Package['sympa'], |
29 |
} |
30 |
|
31 |
file { '/etc/sympa/sympa.conf': |
32 |
# should be cleaner to have it root owned, but puppet do not support acl |
33 |
# and in any case, config will be reset if it change |
34 |
owner => sympa, |
35 |
group => apache, |
36 |
mode => 640, |
37 |
content => template("sympa/sympa.conf"), |
38 |
} |
39 |
|
40 |
file { '/etc/sympa/auth.conf': |
41 |
content => template("sympa/auth.conf"), |
42 |
notify => Service['httpd'], |
43 |
} |
44 |
|
45 |
|
46 |
include apache::mod_fcgid |
47 |
apache::webapp_other{"sympa": |
48 |
webapp_file => "sympa/webapp_sympa.conf", |
49 |
} |
50 |
|
51 |
apache::vhost_redirect_ssl { "$vhost": } |
52 |
|
53 |
apache::vhost_base { "$vhost": |
54 |
use_ssl => true, |
55 |
content => template("sympa/vhost_ml.conf"), |
56 |
} |
57 |
|
58 |
subversion::snapshot { "/etc/sympa/web_tt2": |
59 |
source => "svn://svn.mageia.org/svn/web/templates/sympa/trunk" |
60 |
} |
61 |
|
62 |
file { ["/etc/sympa/lists_xml/", |
63 |
"/etc/sympa/scenari/", |
64 |
"/etc/sympa/data_sources/", |
65 |
"/etc/sympa/search_filters/"]: |
66 |
ensure => directory, |
67 |
purge => true, |
68 |
recurse => true, |
69 |
force => true, |
70 |
} |
71 |
|
72 |
file { ["/etc/sympa/scenari/subscribe.open_web_only_notify", |
73 |
"/etc/sympa/scenari/unsubscribe.open_web_only_notify"]: |
74 |
source => "puppet:///modules/sympa/scenari/open_web_only_notify", |
75 |
} |
76 |
|
77 |
file { ["/etc/sympa/scenari/send.subscriber_moderated"]: |
78 |
source => "puppet:///modules/sympa/scenari/subscriber_moderated", |
79 |
} |
80 |
|
81 |
file { ["/etc/sympa/scenari/create_list.forbidden"]: |
82 |
source => "puppet:///modules/sympa/scenari/forbidden", |
83 |
} |
84 |
|
85 |
|
86 |
file { ["/etc/sympa/topics.conf"]: |
87 |
source => "puppet:///modules/sympa/topics.conf", |
88 |
} |
89 |
|
90 |
define ldap_search_filter { |
91 |
file { "/etc/sympa/search_filters/$name.ldap": |
92 |
content => template('sympa/search_filters/group.ldap') |
93 |
} |
94 |
} |
95 |
|
96 |
define ldap_group_datasource { |
97 |
file { "/etc/sympa/data_sources/$name.incl": |
98 |
content => template('sympa/data_sources/ldap_group.incl') |
99 |
} |
100 |
} |
101 |
|
102 |
define scenario_sender_ldap_group { |
103 |
file { "/etc/sympa/scenari/send.restricted_$name": |
104 |
content => template('sympa/scenari/sender.ldap_group') |
105 |
} |
106 |
} |
107 |
|
108 |
define scenario_sender_email { |
109 |
$sender_email_file = regsubst($name,'\@','-at-') |
110 |
file { "/etc/sympa/scenari/send.restricted_$sender_email_file": |
111 |
content => template('sympa/scenari/sender.email') |
112 |
} |
113 |
} |
114 |
|
115 |
# add each group that could be used in a sympa ml either as |
116 |
# - owner |
117 |
# - editor ( moderation ) |
118 |
ldap_group_datasource { "mga-sysadmin": } |
119 |
ldap_group_datasource { "mga-ml_moderators": } |
120 |
|
121 |
|
122 |
# directory that will hold the list data |
123 |
# i am not sure of the name ( misc, 09/12/10 ) |
124 |
file { "/var/lib/sympa/expl/": |
125 |
ensure => directory, |
126 |
owner => sympa, |
127 |
} |
128 |
} |
129 |
|
130 |
define list($subject, |
131 |
$profile = false, |
132 |
$language = 'en', |
133 |
$topics = false, |
134 |
$reply_to = false, |
135 |
$sender_email = false, |
136 |
$sender_ldap_group = false, |
137 |
$subscriber_ldap_group = false, |
138 |
$public_archive = true, |
139 |
$subscription_open = false) { |
140 |
|
141 |
include sympa::variable |
142 |
$ldap_password = extlookup("sympa_ldap",'x') |
143 |
$custom_subject = $name |
144 |
|
145 |
$xml_file = "/etc/sympa/lists_xml/$name.xml" |
146 |
|
147 |
if $sender_email { |
148 |
$sender_email_file = regsubst($sender_email,'\@','-at-') |
149 |
} else { |
150 |
$sender_email_file = '' |
151 |
} |
152 |
|
153 |
file { "$xml_file": |
154 |
content => template('sympa/list.xml'), |
155 |
require => Package[sympa], |
156 |
} |
157 |
|
158 |
exec { "sympa.pl --create_list --robot=$sympa::variable::vhost --input_file=$xml_file": |
159 |
require => File["$xml_file"], |
160 |
creates => "/var/lib/sympa/expl/$name", |
161 |
before => File["/var/lib/sympa/expl/$name/config"], |
162 |
} |
163 |
|
164 |
file { "/var/lib/sympa/expl/$name/config": |
165 |
owner => sympa, |
166 |
group => sympa, |
167 |
mode => 750, |
168 |
content => template("sympa/config"), |
169 |
notify => Service['sympa'], |
170 |
} |
171 |
|
172 |
if $sender_ldap_group { |
173 |
if ! defined(Sympa::Server::Scenario_sender_ldap_group[$sender_ldap_group]) { |
174 |
sympa::server::scenario_sender_ldap_group { $sender_ldap_group: } |
175 |
} |
176 |
} |
177 |
|
178 |
if $sender_email { |
179 |
if ! defined(Sympa::Server::Scenario_sender_email[$sender_email]) { |
180 |
sympa::server::scenario_sender_email { $sender_email: } |
181 |
} |
182 |
} |
183 |
|
184 |
if $subscriber_ldap_group { |
185 |
if ! defined(Sympa::Server::Ldap_search_filter[$subscriber_ldap_group]) { |
186 |
sympa::server::ldap_search_filter { $subscriber_ldap_group: } |
187 |
} |
188 |
} |
189 |
} |
190 |
|
191 |
# |
192 |
# various types of list that can be directly used |
193 |
# |
194 |
# |
195 |
|
196 |
# public discussion list |
197 |
# reply_to is set to the list |
198 |
define public_list($subject, $language = 'en', $topics = false) { |
199 |
include sympa::variable |
200 |
list { $name: |
201 |
subject => $subject, |
202 |
# profile => "public", |
203 |
language => $language, |
204 |
topics => $topics, |
205 |
reply_to => "$name@$sympa::variable::vhost", |
206 |
} |
207 |
} |
208 |
|
209 |
# list where announce are sent by member of ldap_group |
210 |
# reply_to is set to $reply_to |
211 |
define announce_list_group($subject, $reply_to, $sender_ldap_group, $language = 'en', $topics = false) { |
212 |
# profile + scenario |
213 |
list{ $name: |
214 |
subject => $subject, |
215 |
profile => "", |
216 |
language => $language, |
217 |
topics => $topics, |
218 |
reply_to => $reply_to, |
219 |
sender_ldap_group => $sender_ldap_group, |
220 |
} |
221 |
} |
222 |
|
223 |
|
224 |
# list where announce are sent by $email only |
225 |
# reply_to is set to $reply_to |
226 |
define announce_list_email($subject, $reply_to, $sender_email, $language = 'en', $topics = false) { |
227 |
list{ $name: |
228 |
subject => $subject, |
229 |
profile => "", |
230 |
language => $language, |
231 |
topics => $topics, |
232 |
reply_to => $reply_to, |
233 |
sender_email => $sender_email, |
234 |
} |
235 |
} |
236 |
|
237 |
# list where people cannot subscribe, where people from $ldap_group receive |
238 |
# mail, with public archive |
239 |
define restricted_list($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { |
240 |
list{ $name: |
241 |
subject => $subject, |
242 |
profile => "", |
243 |
topics => $topics, |
244 |
language => $language, |
245 |
subscriber_ldap_group => $subscriber_ldap_group, |
246 |
sender_ldap_group => $subscriber_ldap_group, |
247 |
} |
248 |
} |
249 |
|
250 |
# list where only people from the ldap_group can post, ad where they are subscribe |
251 |
# by default, but anybody else can subscribe to read and receive messages |
252 |
define public_restricted_list($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { |
253 |
list{ $name: |
254 |
subject => $subject, |
255 |
profile => "", |
256 |
topics => $topics, |
257 |
language => $language, |
258 |
subscriber_ldap_group => $subscriber_ldap_group, |
259 |
sender_ldap_group => $subscriber_ldap_group, |
260 |
subscription_open => true, |
261 |
} |
262 |
} |
263 |
|
264 |
|
265 |
# same as restricted list, but anybody can post |
266 |
define restricted_list_open($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { |
267 |
list{ $name: |
268 |
subject => $subject, |
269 |
profile => "", |
270 |
language => $language, |
271 |
topics => $topics, |
272 |
subscriber_ldap_group => $subscriber_ldap_group, |
273 |
sender_ldap_group => $subscriber_ldap_group, |
274 |
} |
275 |
} |
276 |
|
277 |
# list with private archive, restricted to member of $ldap_group |
278 |
define private_list($subject, $subscriber_ldap_group, $language ='en', $topics = false) { |
279 |
list{ $name: |
280 |
subject => $subject, |
281 |
profile => "", |
282 |
language => $language, |
283 |
topics => $topics, |
284 |
subscriber_ldap_group => $subscriber_ldap_group, |
285 |
sender_ldap_group => $subscriber_ldap_group, |
286 |
public_archive => false, |
287 |
} |
288 |
} |
289 |
|
290 |
# list with private archive, restricted to member of $ldap_group |
291 |
# everybody can post |
292 |
# used for contact alias |
293 |
define private_list_open($subject, $subscriber_ldap_group, $language ='en', $topics = false) { |
294 |
list{ $name: |
295 |
subject => $subject, |
296 |
profile => "", |
297 |
language => $language, |
298 |
topics => $topics, |
299 |
subscriber_ldap_group => $subscriber_ldap_group, |
300 |
public_archive => false, |
301 |
} |
302 |
} |
303 |
|
304 |
# same as private_list, but post are restricted to $email |
305 |
# ( scripting ) |
306 |
define private_list_email($subject, $subscriber_ldap_group, $sender_email, $language ='en', $topics = false) { |
307 |
list{ $name: |
308 |
subject => $subject, |
309 |
profile => "", |
310 |
language => $language, |
311 |
topics => $topics, |
312 |
subscriber_ldap_group => $subscriber_ldap_group, |
313 |
sender_email => $sender_email, |
314 |
public_archive => false, |
315 |
} |
316 |
} |
317 |
} |
318 |
|