1 |
class transifex { |
2 |
include django_application |
3 |
package { 'transifex': |
4 |
ensure => installed |
5 |
} |
6 |
|
7 |
$pgsql_password = extlookup("transifex_pgsql",'x') |
8 |
$ldap_password = extlookup("transifex_ldap",'x') |
9 |
|
10 |
$templates_dir = "/var/lib/transifex/templates" |
11 |
|
12 |
@@postgresql::user { 'transifex': |
13 |
password => $pgsql_password, |
14 |
} |
15 |
|
16 |
@@postgresql::database { 'transifex': |
17 |
description => "Transifex database", |
18 |
user => "transifex", |
19 |
require => Postgresql::User['transifex'] |
20 |
} |
21 |
|
22 |
file { "20-engines.conf": |
23 |
path => "/etc/transifex/20-engines.conf", |
24 |
ensure => present, |
25 |
owner => root, |
26 |
group => apache, |
27 |
mode => 640, |
28 |
content => template("transifex/20-engines.conf"), |
29 |
require => Package['transifex'], |
30 |
notify => Service['apache'] |
31 |
} |
32 |
|
33 |
file { "30-site.conf": |
34 |
path => "/etc/transifex/30-site.conf", |
35 |
ensure => present, |
36 |
owner => root, |
37 |
group => root, |
38 |
mode => 644, |
39 |
content => template("transifex/30-site.conf"), |
40 |
require => Package['transifex'], |
41 |
notify => Service['apache'] |
42 |
} |
43 |
|
44 |
file { "40-apps.conf": |
45 |
path => "/etc/transifex/40-apps.conf", |
46 |
ensure => present, |
47 |
owner => root, |
48 |
group => root, |
49 |
mode => 644, |
50 |
content => template("transifex/40-apps.conf"), |
51 |
require => Package['transifex'], |
52 |
notify => Service['apache'] |
53 |
} |
54 |
|
55 |
file { "45-ldap.conf": |
56 |
path => "/etc/transifex/45-ldap.conf", |
57 |
ensure => present, |
58 |
owner => root, |
59 |
group => root, |
60 |
mode => 644, |
61 |
content => template("transifex/45-ldap.conf"), |
62 |
require => Package['transifex'], |
63 |
notify => Service['apache'] |
64 |
} |
65 |
|
66 |
file { "50-project.conf": |
67 |
path => "/etc/transifex/50-project.conf", |
68 |
ensure => present, |
69 |
owner => root, |
70 |
group => root, |
71 |
mode => 644, |
72 |
content => template("transifex/50-project.conf"), |
73 |
require => Package['transifex'], |
74 |
notify => Service['apache'] |
75 |
} |
76 |
|
77 |
subversion::snapshot { $templates_dir: |
78 |
source => "svn://svn.mageia.org/svn/web/templates/transifex/trunk" |
79 |
} |
80 |
|
81 |
apache::vhost_django_app { "transifex.$domain": |
82 |
module => "transifex", |
83 |
use_ssl => true, |
84 |
module_path => ["/usr/share/transifex","/usr/share","/usr/local/lib/"], |
85 |
aliases => { "/site_media/static/admin/" => "/usr/lib/python2.6/site-packages/django/contrib/admin/media/", }, |
86 |
} |
87 |
|
88 |
apache::vhost_redirect_ssl { "transifex.$domain": } |
89 |
|
90 |
# the group are mapped from ldap, since AUTH_LDAP_FIND_GROUP_PERMS is set to yes |
91 |
# but the group need to exist in django first |
92 |
django_application::create_group { ["mga-i18n","mga-i18n-committers"]: |
93 |
module => "transifex", |
94 |
path => "/usr/share/transifex:/usr/share", |
95 |
} |
96 |
|
97 |
# allow the people in mga-i18n-committers to : |
98 |
# - manage projects |
99 |
# - manage ressources |
100 |
define committers_permission($app='') |
101 |
{ |
102 |
django_application::add_permission_to_group { $name: |
103 |
app => $app, |
104 |
group => 'mga-i18n-committers', |
105 |
module => "transifex", |
106 |
path => "/usr/share/transifex:/usr/share", |
107 |
require => Django_application::Create_group['mga-i18n-committers'], |
108 |
} |
109 |
} |
110 |
|
111 |
committers_permission { ['add_project', |
112 |
'change_project', |
113 |
'delete_project']: } |
114 |
|
115 |
committers_permission { [ 'add_resource', |
116 |
'change_resource', |
117 |
'delete_resource']: |
118 |
app => "resources", |
119 |
} |
120 |
} |