diff --git a/manifests/apache.pp b/manifests/apache.pp index 67cffeb..d5b2adb 100644 --- a/manifests/apache.pp +++ b/manifests/apache.pp @@ -34,7 +34,7 @@ class etherpad_lite::apache ( file { '/etc/ssl/certs': ensure => directory, owner => 'root', - mode => '0700', + mode => '0755', } file { '/etc/ssl/private': diff --git a/manifests/backup.pp b/manifests/backup.pp deleted file mode 100644 index 64450b1..0000000 --- a/manifests/backup.pp +++ /dev/null @@ -1,31 +0,0 @@ -# == Class: etherpad_lite::backup -# -class etherpad_lite::backup ( - $minute = '0', - $hour = '0', - $day = '*', - $dest = "${etherpad_lite::base_log_dir}/${etherpad_lite::ep_user}/db.sql.gz", - $rotation = 'daily', - $num_backups = '30' -) { - - cron { 'eplitedbbackup': - ensure => present, - command => "/usr/bin/mysqldump --defaults-file=/etc/mysql/debian.cnf --opt etherpad-lite | gzip -9 > ${dest}", - minute => $minute, - hour => $hour, - weekday => $day, - require => Package['mysql-server'], - } - - include logrotate - logrotate::file { 'eplitedb': - log => $dest, - options => [ - 'nocompress', - "rotate ${num_backups}", - $rotation, - ], - require => Cron['eplitedbbackup'], - } -} diff --git a/manifests/init.pp b/manifests/init.pp index ddd9456..1778990 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -15,9 +15,8 @@ class etherpad_lite ( $ep_user = 'eplite', $base_log_dir = '/var/log', $base_install_dir = '/opt/etherpad-lite', - $nodejs_version = 'v0.6.16', - $eplite_version = '', - $ep_headings = false + $nodejs_version = 'v0.10.20', + $eplite_version = 'develop' ) { # where the modules are, needed to easily install modules later @@ -85,25 +84,16 @@ class etherpad_lite ( ], } - # Allow existing install to exist without modifying its git repo. - # But give the option to specify versions for new installs. - if $eplite_version != '' { - vcsrepo { "${base_install_dir}/etherpad-lite": - ensure => present, - provider => git, - source => 'https://github.com/ether/etherpad-lite.git', - owner => $ep_user, - revision => $eplite_version, - require => Package['git'], - } - } else { - vcsrepo { "${base_install_dir}/etherpad-lite": - ensure => present, - provider => git, - source => 'https://github.com/Pita/etherpad-lite.git', - owner => $ep_user, - require => Package['git'], - } + vcsrepo { "${base_install_dir}/etherpad-lite": + ensure => present, + provider => git, + source => 'https://github.com/ether/etherpad-lite.git', + owner => $ep_user, + revision => $eplite_version, + require => [ + Package['git'], + User[$ep_user], + ], } exec { 'install_etherpad_dependencies': @@ -120,25 +110,6 @@ class etherpad_lite ( creates => "${base_install_dir}/etherpad-lite/node_modules", } - if $ep_headings == true { - # install the test install plugin - # This seesm to be needed to get - exec {'npm install ep_fintest': - cwd => $modules_dir, - path => $path, - creates => "${modules_dir}/ep_fintest", - require => Exec['install_etherpad_dependencies'] - } -> - - # install the headings plugin - exec {'npm install ep_headings': - cwd => $modules_dir, - path => $path, - creates => "${modules_dir}/ep_headings", - require => Exec['install_etherpad_dependencies'] - } - } - file { '/etc/init/etherpad-lite.conf': ensure => present, content => template('etherpad_lite/upstart.erb'), diff --git a/manifests/mysql.pp b/manifests/mysql.pp deleted file mode 100644 index 92138d6..0000000 --- a/manifests/mysql.pp +++ /dev/null @@ -1,82 +0,0 @@ -# == Class: etherpad_lite::mysql -# -class etherpad_lite::mysql( - $database_password = '', - $dbType = 'mysql', - $database_user = 'eplite', - $database_name = 'etherpad-lite' -) { - include etherpad_lite - - $base = "${etherpad_lite::base_install_dir}/etherpad-lite" - - package { 'mysql-server': - ensure => present, - } - - package { 'mysql-client': - ensure => present, - } - - service { 'mysql': - ensure => running, - enable => true, - hasrestart => true, - require => [ - Package['mysql-server'], - Package['mysql-client'], - ], - } - - file { "${base}/create_database.sh": - ensure => present, - content => template('etherpad_lite/create_database.sh.erb'), - group => $etherpad_lite::ep_user, - mode => '0755', - owner => $etherpad_lite::ep_user, - replace => true, - require => Class['etherpad_lite'], - } - - file { "${base}/create_user.sh": - ensure => present, - content => template('etherpad_lite/create_user.sh.erb'), - group => $etherpad_lite::ep_user, - mode => '0755', - owner => $etherpad_lite::ep_user, - replace => true, - require => Class['etherpad_lite'], - } - - exec { 'create-etherpad-lite-db': - unless => "mysql --defaults-file=/etc/mysql/debian.cnf ${database_name}", - path => [ - '/bin', - '/usr/bin', - ], - command => "${base}/create_database.sh", - require => [ - Service['mysql'], - File["${base}/settings.json"], - File["${base}/create_database.sh"], - ], - before => Exec['grant-etherpad-lite-db'], - } - - exec { 'grant-etherpad-lite-db': - unless => - "mysql -u${database_user} -p${database_password} ${database_name}", - path => [ - '/bin', - '/usr/bin' - ], - command => "${base}/create_user.sh", - require => [ - Service['mysql'], - File["${base}/settings.json"], - File["${base}/create_user.sh"], - ], - } -} - -# vim:sw=2:ts=2:expandtab:textwidth=79 diff --git a/manifests/plugin.pp b/manifests/plugin.pp new file mode 100644 index 0000000..f319a71 --- /dev/null +++ b/manifests/plugin.pp @@ -0,0 +1,13 @@ +# Define to install etherpad lite plugins +# +define etherpad_lite::plugin { + $plugin_name = $name + exec { "npm install ${plugin_name}": + cwd => $etherpad_lite::modules_dir, + path => $etherpad_lite::path, + user => $etherpad_lite::ep_user, + environment => "HOME=${etherpad_lite::base_log_dir}/${etherpad_lite::ep_user}", + creates => "${etherpad_lite::modules_dir}/${plugin_name}", + require => Class['etherpad_lite'] + } +} diff --git a/manifests/site.pp b/manifests/site.pp index f2f47c1..78808ae 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -1,30 +1,22 @@ # == Class: etherpad_lite::site # class etherpad_lite::site ( - $database_password = '', - $dbType = 'mysql', + $database_password, + $sessionKey = '', + $dbType = 'mysql', $database_user = 'eplite', - $database_name = 'etherpad-lite' + $database_name = 'etherpad-lite', + $database_host = 'localhost' ) { include etherpad_lite $base = $etherpad_lite::base_install_dir - if $dbType == 'mysql' { - service { 'etherpad-lite': - ensure => running, - enable => true, - subscribe => File["${base}/etherpad-lite/settings.json"], - require => Class['etherpad_lite::mysql'], - } - } - else { - service { 'etherpad-lite': - ensure => running, - enable => true, - subscribe => File["${base}/etherpad-lite/settings.json"], - } + service { 'etherpad-lite': + ensure => running, + enable => true, + subscribe => File["${base}/etherpad-lite/settings.json"], } file { "${base}/etherpad-lite/settings.json": diff --git a/templates/create_database.sh.erb b/templates/create_database.sh.erb deleted file mode 100644 index 97af276..0000000 --- a/templates/create_database.sh.erb +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash - -mysql --defaults-file=/etc/mysql/debian.cnf -e 'create database `<%= database_name %>` CHARACTER SET utf8 COLLATE utf8_bin' diff --git a/templates/create_user.sh.erb b/templates/create_user.sh.erb deleted file mode 100644 index 0c1f24b..0000000 --- a/templates/create_user.sh.erb +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash - -mysql --defaults-file=/etc/mysql/debian.cnf -e 'grant all on `<%= database_name %>`.* to "<%= database_user %>"@"localhost" identified by "<%= database_password %>";' diff --git a/templates/etherpad-lite_settings.json.erb b/templates/etherpad-lite_settings.json.erb index 7d9ee88..4e417f6 100644 --- a/templates/etherpad-lite_settings.json.erb +++ b/templates/etherpad-lite_settings.json.erb @@ -4,17 +4,27 @@ Please edit settings.json, not settings.json.template */ { + // Name your instance! + "title": "OpenStack Etherpad", + //Ip and port which etherpad should bind at "ip": "127.0.0.1", "port" : 9001, + // favicon default name + "favicon": "favicon.ico", + + // Session Key, used for reconnecting user sessions + // Set this to a secure string at least 10 characters long. Do not share this value. + "sessionKey" : "<%= sessionKey %>", + //The Type of the database. You can choose between dirty, sqlite and mysql //You should use mysql or sqlite for anything else than testing or development "dbType" : "<%= dbType %>", //the database specific settings "dbSettings" : { "user" : "<%= database_user %>", - "host" : "localhost", + "host" : "<%= database_host %>", "password": "<%= database_password %>", "database": "<%= database_name %>" }, @@ -39,9 +49,72 @@ Abiword is needed to enable the import/export of pads*/ "abiword" : "/usr/bin/abiword", - /* This setting is used if you need http basic auth */ - // "httpAuth" : "user:pass", + /* This setting is used if you require authentication of all users. + Note: /admin always requires authentication. */ + "requireAuthentication": false, + + /* Require authorization by a module, or a user with is_admin set, see below. */ + "requireAuthorization": false, + + /* Users for basic authentication. is_admin = true gives access to /admin. + If you do not uncomment this, /admin will not be available! */ + /* + "users": { + "admin": { + "password": "changeme1", + "is_admin": true + }, + "user": { + "password": "changeme1", + "is_admin": false + } + }, + */ + + // restrict socket.io transport methods + "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"], /* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */ - "loglevel": "INFO" + "loglevel": "INFO", + + //Logging configuration. See log4js documentation for further information + // https://github.com/nomiddlename/log4js-node + // You can add as many appenders as you want here: + "logconfig" : + { "appenders": [ + { "type": "console" + //, "category": "access"// only logs pad access + } + /* + , { "type": "file" + , "filename": "/var/log/eplite/etherpad-lite.log" + , "maxLogSize": 1024 + , "backups": 30 // how many log files there're gonna be at max + //, "category": "test" // only log a specific category + }*/ + /* + , { "type": "logLevelFilter" + , "level": "warn" // filters out all log messages that have a lower level than "error" + , "appender": + { Use whatever appender you want here } + }*/ + /* + , { "type": "logLevelFilter" + , "level": "error" // filters out all log messages that have a lower level than "error" + , "appender": + { "type": "smtp" + , "subject": "An error occured in your EPL instance!" + , "recipients": "bar@blurdybloop.com, baz@blurdybloop.com" + , "sendInterval": 60*5 // in secs -- will buffer log messages; set to 0 to send a mail for every message + , "transport": "SMTP", "SMTP": { // see https://github.com/andris9/Nodemailer#possible-transport-methods + "host": "smtp.example.com", "port": 465, + "secureConnection": true, + "auth": { + "user": "foo@example.com", + "pass": "bar_foo" + } + } + } + }*/ + ] } } diff --git a/templates/etherpadlite.vhost.erb b/templates/etherpadlite.vhost.erb index 2de1e36..97d05fa 100644 --- a/templates/etherpadlite.vhost.erb +++ b/templates/etherpadlite.vhost.erb @@ -36,28 +36,37 @@ # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown - RewriteEngine on - RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %> - RewriteRule ^.*$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %> [L,R=301] + + # The following redirects "nice" urls such as https://etherpad.example.org/padname + # to https://etherpad.example.org/p/padname. It was problematic directly + # supporting "nice" urls as etherpad hardcodes /p/ in many places. + # Adapted from https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy + RewriteEngine on + RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %> + RewriteRule ^.*$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %> [L,R=301] - RewriteRule ^/p/(.*)$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/$1 [NC,L,R=301] - RewriteCond %{REQUEST_URI} !^/p/ - RewriteCond %{REQUEST_URI} !^/static/ - RewriteCond %{REQUEST_URI} !^/pluginfw/ - RewriteCond %{REQUEST_URI} !^/javascripts/ - RewriteCond %{REQUEST_URI} !^/socket.io/ - RewriteCond %{REQUEST_URI} !^/ep/ - RewriteCond %{REQUEST_URI} !^/minified/ - RewriteCond %{REQUEST_URI} !^/api/ - RewriteCond %{REQUEST_URI} !^/ro/ - RewriteCond %{REQUEST_URI} !^/error/ - RewriteCond %{REQUEST_URI} !^/jserror - RewriteCond %{REQUEST_URI} !/favicon.ico - RewriteCond %{REQUEST_URI} !/robots.txt - RewriteRule ^/+(.+)$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/p/$1 + RewriteCond %{REQUEST_URI} !^/p/ + RewriteCond %{REQUEST_URI} !^/locales/ + RewriteCond %{REQUEST_URI} !^/locales.json + RewriteCond %{REQUEST_URI} !^/admin + RewriteCond %{REQUEST_URI} !^/p/ + RewriteCond %{REQUEST_URI} !^/static/ + RewriteCond %{REQUEST_URI} !^/pluginfw/ + RewriteCond %{REQUEST_URI} !^/javascripts/ + RewriteCond %{REQUEST_URI} !^/socket.io/ + RewriteCond %{REQUEST_URI} !^/ep/ + RewriteCond %{REQUEST_URI} !^/minified/ + RewriteCond %{REQUEST_URI} !^/api/ + RewriteCond %{REQUEST_URI} !^/ro/ + RewriteCond %{REQUEST_URI} !^/error/ + RewriteCond %{REQUEST_URI} !^/jserror + RewriteCond %{REQUEST_URI} !/favicon.ico + RewriteCond %{REQUEST_URI} !/robots.txt + RewriteRule ^/+(.+)$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/p/$1 [NC,L,R=301] - RewriteRule ^/(.*)$ http://localhost:9001/$1 [P] - ProxyPassReverse / http://localhost:9001/ + RewriteRule ^/(.*)$ http://localhost:9001/$1 [P] + ProxyPassReverse / http://localhost:9001/ +