diff --git a/manifests/init.pp b/manifests/init.pp index 6cdde76..a4c6492 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -87,11 +87,6 @@ define buildsource( # include etherpad_lite::nginx # will add reverse proxy on localhost # The defaults for all the classes should just work (tm) # -# You will need to have a file at -# /root/secret-files/etherpad-lite_settings.json on the host that is puppet -# master or running puppet apply. This file should contain the settings for -# etherpad-lite. A template for that settings file can be found at: -# https://raw.github.com/Pita/etherpad-lite/master/settings.json.template # class etherpad_lite ( $ep_user = 'eplite', diff --git a/manifests/mysql.pp b/manifests/mysql.pp index 8af56ca..65994a3 100644 --- a/manifests/mysql.pp +++ b/manifests/mysql.pp @@ -1,4 +1,9 @@ -class etherpad_lite::mysql { +class etherpad_lite::mysql ( + $dbType = 'mysql', + $database_user = 'eplite', + $database_name = 'etherpad-lite', + $database_password +) { include etherpad_lite @@ -18,20 +23,42 @@ class etherpad_lite::mysql { Package['mysql-client']] } + file { "${etherpad_lite::base_install_dir}/etherpad-lite/create_database.sh": + ensure => 'present', + content => template('etherpad_lite/create_database.sh.erb'), + replace => true, + owner => $etherpad_lite::ep_user, + group => $etherpad_lite::ep_user, + mode => 0755, + require => Class['etherpad_lite'] + } + + file { "${etherpad_lite::base_install_dir}/etherpad-lite/create_user.sh": + ensure => 'present', + content => template('etherpad_lite/create_user.sh.erb'), + replace => true, + owner => $etherpad_lite::ep_user, + group => $etherpad_lite::ep_user, + mode => 0755, + require => Class['etherpad_lite'] + } + exec { "create-etherpad-lite-db": - unless => 'mysql --defaults-file=/etc/mysql/debian.cnf etherpad-lite', + unless => "mysql --defaults-file=/etc/mysql/debian.cnf ${database_name}", path => ['/bin', '/usr/bin'], - command => "mysql --defaults-file=/etc/mysql/debian.cnf -e \"create database \`etherpad-lite\` CHARACTER SET utf8 COLLATE utf8_bin;\"", + command => "${etherpad_lite::base_install_dir}/etherpad-lite/create_database.sh", require => [Service['mysql'], - File["${etherpad_lite::base_install_dir}/etherpad-lite/settings.json"]] + File["${etherpad_lite::base_install_dir}/etherpad-lite/settings.json"], + File["${etherpad_lite::base_install_dir}/etherpad-lite/create_database.sh"]] } -> exec { "grant-etherpad-lite-db": - unless => "mysql -ueplite -p\"`grep password ${etherpad_lite::base_install_dir}/etherpad-lite/settings.json | cut -d: -f2 | sed -e 's/.*\"\(.*\)\".*/\1/'`\" etherpad-lite", + unless => "mysql -u${database_user} -p${database_password} ${database_name}", path => ['/bin', '/usr/bin'], - command => "mysql --defaults-file=/etc/mysql/debian.cnf -e \"grant all on \`etherpad-lite\`.* to 'eplite'@'localhost' identified by '`grep password ${etherpad_lite::base_install_dir}/etherpad-lite/settings.json | cut -d: -f2 | sed -e 's/.*\"\(.*\)\".*/\1/'`';\" mysql", + command => "${etherpad_lite::base_install_dir}/etherpad-lite/create_user.sh", require => [Service['mysql'], - File["${etherpad_lite::base_install_dir}/etherpad-lite/settings.json"]] + File["${etherpad_lite::base_install_dir}/etherpad-lite/settings.json"], + File["${etherpad_lite::base_install_dir}/etherpad-lite/create_user.sh"]] } } diff --git a/manifests/nginx.pp b/manifests/nginx.pp index d9d56b9..4b0d5e3 100644 --- a/manifests/nginx.pp +++ b/manifests/nginx.pp @@ -1,6 +1,6 @@ class etherpad_lite::nginx ( $default_server = 'default_server', - $server_name = 'localhost' + $server_name = $fqdn ) { package { 'nginx': @@ -38,7 +38,7 @@ class etherpad_lite::nginx ( replace => true, owner => 'root', mode => 0600, - source => 'file:///root/secret-files/eplite.crt', + content => template('etherpad_lite/eplite.crt.erb'), require => Package['nginx'], } @@ -47,7 +47,7 @@ class etherpad_lite::nginx ( replace => true, owner => 'root', mode => 0600, - source => 'file:///root/secret-files/eplite.key', + content => template('etherpad_lite/eplite.key.erb'), require => Package['nginx'], } diff --git a/manifests/site.pp b/manifests/site.pp index a69185a..2641cae 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -1,5 +1,8 @@ class etherpad_lite::site ( - $dbType = 'mysql' + $dbType = 'mysql', + $database_user = 'eplite', + $database_name = 'etherpad-lite', + $database_password, ) { include etherpad_lite @@ -22,7 +25,7 @@ class etherpad_lite::site ( file { "${etherpad_lite::base_install_dir}/etherpad-lite/settings.json": ensure => 'present', - source => 'file:///root/secret-files/etherpad-lite_settings.json', + content => template('etherpad_lite/etherpad-lite_settings.json.erb'), replace => true, owner => $etherpad_lite::ep_user, group => $etherpad_lite::ep_user, diff --git a/templates/create_database.sh.erb b/templates/create_database.sh.erb new file mode 100644 index 0000000..97af276 --- /dev/null +++ b/templates/create_database.sh.erb @@ -0,0 +1,3 @@ +#!/bin/bash + +mysql --defaults-file=/etc/mysql/debian.cnf -e 'create database `<%= database_name %>` CHARACTER SET utf8 COLLATE utf8_bin' diff --git a/templates/create_user.sh.erb b/templates/create_user.sh.erb new file mode 100644 index 0000000..0c1f24b --- /dev/null +++ b/templates/create_user.sh.erb @@ -0,0 +1,3 @@ +#!/bin/bash + +mysql --defaults-file=/etc/mysql/debian.cnf -e 'grant all on `<%= database_name %>`.* to "<%= database_user %>"@"localhost" identified by "<%= database_password %>";' diff --git a/templates/eplite.crt.erb b/templates/eplite.crt.erb new file mode 100644 index 0000000..b9ce57a --- /dev/null +++ b/templates/eplite.crt.erb @@ -0,0 +1 @@ +<%= cert_file %> diff --git a/templates/eplite.key.erb b/templates/eplite.key.erb new file mode 100644 index 0000000..2ba76d2 --- /dev/null +++ b/templates/eplite.key.erb @@ -0,0 +1 @@ +<%= key_file %> diff --git a/templates/etherpad-lite_settings.json.erb b/templates/etherpad-lite_settings.json.erb new file mode 100644 index 0000000..7d9ee88 --- /dev/null +++ b/templates/etherpad-lite_settings.json.erb @@ -0,0 +1,47 @@ +/* + This file must be valid JSON. But comments are allowed + + Please edit settings.json, not settings.json.template +*/ +{ + //Ip and port which etherpad should bind at + "ip": "127.0.0.1", + "port" : 9001, + + //The Type of the database. You can choose between dirty, sqlite and mysql + //You should use mysql or sqlite for anything else than testing or development + "dbType" : "<%= dbType %>", + //the database specific settings + "dbSettings" : { + "user" : "<%= database_user %>", + "host" : "localhost", + "password": "<%= database_password %>", + "database": "<%= database_name %>" + }, + //the default text of a pad + "defaultPadText" : "Welcome to Etherpad Lite!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nEtherpad Lite on Github: http:\/\/j.mp/ep-lite\n", + + /* Users must have a session to access pads. This effectively allows only group pads to be accessed. */ + "requireSession" : false, + + /* Users may edit pads but not create new ones. Pad creation is only via the API. This applies both to group pads and regular pads. */ + "editOnly" : false, + + /* if true, all css & js will be minified before sending to the client. This will improve the loading performance massivly, + but makes it impossible to debug the javascript/css */ + "minify" : true, + + /* How long may clients use served javascript code? Without versioning this + is may cause problems during deployment. */ + "maxAge" : 21600000, // 6 hours + + /* This is the path to the Abiword executable. Setting it to null, disables abiword. + Abiword is needed to enable the import/export of pads*/ + "abiword" : "/usr/bin/abiword", + + /* This setting is used if you need http basic auth */ + // "httpAuth" : "user:pass", + + /* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */ + "loglevel": "INFO" +}