1 |
class sympa { |
2 |
class variable { |
3 |
$vhost = "ml.$domain" |
4 |
} |
5 |
|
6 |
class server inherits variable { |
7 |
# perl-CGI-Fast is needed for fast cgi |
8 |
# perl-Socket6 is required by perl-IO-Socket-SSL |
9 |
# (optional requirement) |
10 |
package { ['sympa', 'sympa-www', 'perl-CGI-Fast', |
11 |
'perl-Socket6']: } |
12 |
|
13 |
# sympa script start 5 differents script, I am not |
14 |
# sure that puppet will correctly handle this |
15 |
service { "sympa": |
16 |
subscribe => [ Package["sympa"], File['/etc/sympa/sympa.conf']] |
17 |
} |
18 |
|
19 |
$pgsql_password = extlookup("sympa_pgsql",'x') |
20 |
$ldap_password = extlookup("sympa_ldap",'x') |
21 |
|
22 |
postgresql::remote_db_and_user { 'sympa': |
23 |
password => $pgsql_password, |
24 |
description => "Sympa database", |
25 |
} |
26 |
|
27 |
File { |
28 |
require => Package['sympa'], |
29 |
} |
30 |
|
31 |
file { '/etc/sympa/sympa.conf': |
32 |
# should be cleaner to have it root owned, but puppet do not support acl |
33 |
# and in any case, config will be reset if it change |
34 |
owner => sympa, |
35 |
group => apache, |
36 |
mode => 640, |
37 |
content => template("sympa/sympa.conf"), |
38 |
} |
39 |
|
40 |
file { '/etc/sympa/auth.conf': |
41 |
content => template("sympa/auth.conf"), |
42 |
notify => Service['httpd'], |
43 |
} |
44 |
|
45 |
|
46 |
include apache::mod_fcgid |
47 |
apache::webapp_other{"sympa": |
48 |
webapp_file => "sympa/webapp_sympa.conf", |
49 |
} |
50 |
|
51 |
apache::vhost_redirect_ssl { "$vhost": } |
52 |
|
53 |
apache::vhost_base { "$vhost": |
54 |
use_ssl => true, |
55 |
content => template("sympa/vhost_ml.conf"), |
56 |
} |
57 |
|
58 |
subversion::snapshot { "/etc/sympa/web_tt2": |
59 |
source => "svn://svn.mageia.org/svn/web/templates/sympa/trunk" |
60 |
} |
61 |
|
62 |
file { ["/etc/sympa/lists_xml/", |
63 |
"/etc/sympa/scenari/", |
64 |
"/etc/sympa/data_sources/", |
65 |
"/etc/sympa/search_filters/"]: |
66 |
ensure => directory, |
67 |
purge => true, |
68 |
recurse => true, |
69 |
force => true, |
70 |
} |
71 |
|
72 |
file { |
73 |
"/etc/sympa/scenari/subscribe.open_web_only_notify": |
74 |
source => "puppet:///modules/sympa/scenari/open_web_only_notify"; |
75 |
"/etc/sympa/scenari/unsubscribe.open_web_only_notify": |
76 |
source => "puppet:///modules/sympa/scenari/open_web_only_notify"; |
77 |
"/etc/sympa/scenari/send.subscriber_moderated": |
78 |
source => "puppet:///modules/sympa/scenari/subscriber_moderated"; |
79 |
"/etc/sympa/scenari/create_list.forbidden": |
80 |
source => "puppet:///modules/sympa/scenari/forbidden"; |
81 |
"/etc/sympa/topics.conf": |
82 |
source => "puppet:///modules/sympa/topics.conf"; |
83 |
} |
84 |
|
85 |
define ldap_search_filter { |
86 |
file { "/etc/sympa/search_filters/$name.ldap": |
87 |
content => template('sympa/search_filters/group.ldap') |
88 |
} |
89 |
} |
90 |
|
91 |
define ldap_group_datasource { |
92 |
file { "/etc/sympa/data_sources/$name.incl": |
93 |
content => template('sympa/data_sources/ldap_group.incl') |
94 |
} |
95 |
} |
96 |
|
97 |
define scenario_sender_ldap_group { |
98 |
file { "/etc/sympa/scenari/send.restricted_$name": |
99 |
content => template('sympa/scenari/sender.ldap_group') |
100 |
} |
101 |
} |
102 |
|
103 |
define scenario_sender_email { |
104 |
$sender_email_file = regsubst($name,'\@','-at-') |
105 |
file { "/etc/sympa/scenari/send.restricted_$sender_email_file": |
106 |
content => template('sympa/scenari/sender.email') |
107 |
} |
108 |
} |
109 |
|
110 |
# add each group that could be used in a sympa ml either as |
111 |
# - owner |
112 |
# - editor ( moderation ) |
113 |
ldap_group_datasource { "mga-sysadmin": } |
114 |
ldap_group_datasource { "mga-ml_moderators": } |
115 |
|
116 |
|
117 |
# directory that will hold the list data |
118 |
# i am not sure of the name ( misc, 09/12/10 ) |
119 |
file { "/var/lib/sympa/expl/": |
120 |
ensure => directory, |
121 |
owner => sympa, |
122 |
} |
123 |
} |
124 |
|
125 |
define list($subject, |
126 |
$profile = false, |
127 |
$language = 'en', |
128 |
$topics = false, |
129 |
$reply_to = false, |
130 |
$sender_email = false, |
131 |
$sender_ldap_group = false, |
132 |
$subscriber_ldap_group = false, |
133 |
$public_archive = true, |
134 |
$subscription_open = false) { |
135 |
|
136 |
include sympa::variable |
137 |
$ldap_password = extlookup("sympa_ldap",'x') |
138 |
$custom_subject = $name |
139 |
|
140 |
$xml_file = "/etc/sympa/lists_xml/$name.xml" |
141 |
|
142 |
if $sender_email { |
143 |
$sender_email_file = regsubst($sender_email,'\@','-at-') |
144 |
} else { |
145 |
$sender_email_file = '' |
146 |
} |
147 |
|
148 |
file { "$xml_file": |
149 |
content => template('sympa/list.xml'), |
150 |
require => Package[sympa], |
151 |
} |
152 |
|
153 |
exec { "sympa.pl --create_list --robot=$sympa::variable::vhost --input_file=$xml_file": |
154 |
require => File["$xml_file"], |
155 |
creates => "/var/lib/sympa/expl/$name", |
156 |
before => File["/var/lib/sympa/expl/$name/config"], |
157 |
} |
158 |
|
159 |
file { "/var/lib/sympa/expl/$name/config": |
160 |
owner => sympa, |
161 |
group => sympa, |
162 |
mode => 750, |
163 |
content => template("sympa/config"), |
164 |
notify => Service['sympa'], |
165 |
} |
166 |
|
167 |
if $sender_ldap_group { |
168 |
if ! defined(Sympa::Server::Scenario_sender_ldap_group[$sender_ldap_group]) { |
169 |
sympa::server::scenario_sender_ldap_group { $sender_ldap_group: } |
170 |
} |
171 |
} |
172 |
|
173 |
if $sender_email { |
174 |
if ! defined(Sympa::Server::Scenario_sender_email[$sender_email]) { |
175 |
sympa::server::scenario_sender_email { $sender_email: } |
176 |
} |
177 |
} |
178 |
|
179 |
if $subscriber_ldap_group { |
180 |
if ! defined(Sympa::Server::Ldap_search_filter[$subscriber_ldap_group]) { |
181 |
sympa::server::ldap_search_filter { $subscriber_ldap_group: } |
182 |
} |
183 |
} |
184 |
} |
185 |
|
186 |
# |
187 |
# various types of list that can be directly used |
188 |
# |
189 |
# |
190 |
|
191 |
# public discussion list |
192 |
# reply_to is set to the list |
193 |
define public_list($subject, $language = 'en', $topics = false) { |
194 |
include sympa::variable |
195 |
list { $name: |
196 |
subject => $subject, |
197 |
# profile => "public", |
198 |
language => $language, |
199 |
topics => $topics, |
200 |
reply_to => "$name@$sympa::variable::vhost", |
201 |
} |
202 |
} |
203 |
|
204 |
# list where announce are sent by member of ldap_group |
205 |
# reply_to is set to $reply_to |
206 |
define announce_list_group($subject, $reply_to, $sender_ldap_group, $language = 'en', $topics = false) { |
207 |
# profile + scenario |
208 |
list{ $name: |
209 |
subject => $subject, |
210 |
profile => "", |
211 |
language => $language, |
212 |
topics => $topics, |
213 |
reply_to => $reply_to, |
214 |
sender_ldap_group => $sender_ldap_group, |
215 |
} |
216 |
} |
217 |
|
218 |
|
219 |
# list where announce are sent by $email only |
220 |
# reply_to is set to $reply_to |
221 |
define announce_list_email($subject, $reply_to, $sender_email, $language = 'en', $topics = false) { |
222 |
list{ $name: |
223 |
subject => $subject, |
224 |
profile => "", |
225 |
language => $language, |
226 |
topics => $topics, |
227 |
reply_to => $reply_to, |
228 |
sender_email => $sender_email, |
229 |
} |
230 |
} |
231 |
|
232 |
# list where people cannot subscribe, where people from $ldap_group receive |
233 |
# mail, with public archive |
234 |
define restricted_list($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { |
235 |
list{ $name: |
236 |
subject => $subject, |
237 |
profile => "", |
238 |
topics => $topics, |
239 |
language => $language, |
240 |
subscriber_ldap_group => $subscriber_ldap_group, |
241 |
sender_ldap_group => $subscriber_ldap_group, |
242 |
} |
243 |
} |
244 |
|
245 |
# list where only people from the ldap_group can post, ad where they are subscribe |
246 |
# by default, but anybody else can subscribe to read and receive messages |
247 |
define public_restricted_list($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { |
248 |
list{ $name: |
249 |
subject => $subject, |
250 |
profile => "", |
251 |
topics => $topics, |
252 |
language => $language, |
253 |
subscriber_ldap_group => $subscriber_ldap_group, |
254 |
sender_ldap_group => $subscriber_ldap_group, |
255 |
subscription_open => true, |
256 |
} |
257 |
} |
258 |
|
259 |
|
260 |
# same as restricted list, but anybody can post |
261 |
define restricted_list_open($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { |
262 |
list{ $name: |
263 |
subject => $subject, |
264 |
profile => "", |
265 |
language => $language, |
266 |
topics => $topics, |
267 |
subscriber_ldap_group => $subscriber_ldap_group, |
268 |
sender_ldap_group => $subscriber_ldap_group, |
269 |
} |
270 |
} |
271 |
|
272 |
# list with private archive, restricted to member of $ldap_group |
273 |
define private_list($subject, $subscriber_ldap_group, $language ='en', $topics = false) { |
274 |
list{ $name: |
275 |
subject => $subject, |
276 |
profile => "", |
277 |
language => $language, |
278 |
topics => $topics, |
279 |
subscriber_ldap_group => $subscriber_ldap_group, |
280 |
sender_ldap_group => $subscriber_ldap_group, |
281 |
public_archive => false, |
282 |
} |
283 |
} |
284 |
|
285 |
} |
286 |
|