Hello! We are running our annual fundraising. Please consider making a donation if you value this freely available service or want to support people around the world working towards liberatory social change. https://riseup.net/donate.

Commit 56b176f8 authored by taggart's avatar taggart
Browse files

some commits to make things safe to run right now

parent 58017b63
......@@ -14,7 +14,8 @@ class sympa {
include sympa::nagios
}
### still reviewing the below
/*
the rest is boklm's stuff I'm still reviewing, commented for now
# sympa script start 5 differents script, I am not
# sure that puppet will correctly handle this
......@@ -371,148 +372,4 @@ class sympa {
}
### RISEUP
$apache2_ssl = enabled
include site-apache::no_default_site
apache2::module {
"removeip": ensure => present, require_package => "libapache2-mod-removeip";
"fastcgi": ensure => absent;
# NOTE: we need a way to set things in fcgid.conf, but the apache2 module
# we're currently (Aug 2011) using doesn't support that, so we deliver
# it as a file below
"fcgid": ensure => present, require_package => "libapache2-mod-fastcgi";
"headers": ensure => present;
}
apache2::site {
"lists.riseup.net":
ensure => present,
content => template("riseupsites/lists/lists.riseup.net");
}
apache2::envvars {
"fastcgi_user":
content => "export APACHE_PID_FILE=/var/run/apache2.pid\nexport APACHE_RUN_USER=sympa\nexport APACHE_RUN_GROUP=sympa\nexport APACHE_RUN_DIR=/var/run/apache2$SUFFIX\nexport APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX\nexport APACHE_LOG_DIR=/var/log/apache2$SUFFIX\n\nexport LANG=C\nexport LANG\n"
}
# do locale generation
group { sympa:
name => sympa,
gid => 1000,
ensure => present,
allowdupe => false
}
user {
"sympa":
uid => 1000,
gid => 1000,
comment => 'Sympa user',
home => '/home/sympa',
shell => '/bin/bash',
groups => nestd,
ensure => present,
password => '!',
allowdupe => false,
require => Group["sympa"];
}
service {
"cron":
name => cron,
pattern => '/usr/sbin/cron',
enable => true,
ensure => running,
hasrestart => true;
"spamass-milter":
name => spamass-milter,
pattern => '/usr/sbin/spamass-milter',
enable => true,
ensure => running,
hasrestart => true,
subscribe => File["/etc/default/spamass-milter"],
require => File["/etc/default/spamass-milter"];
}
locales {
"$fqdn": type => "lists";
}
file {
# the following two are needed for the milter
"/var/run/sendmail":
ensure => directory,
mode => 0777, owner => postfix, group => postfix;
"/var/run/spamass/spamass.sock":
ensure => present,
mode => 0755, owner => postfix, group => postfix;
"/etc/default/spamass-milter":
source => "$fileserver/spamassassin/spamass-milter_default",
require => Package["spamass-milter"],
mode => 0644, owner => root, group => root;
"/etc/sympa":
ensure => directory,
owner => sympa, group => sympa, mode => 0755;
"/etc/sympa/sympa.conf":
source => "$fileserver/sympa/sympa.conf",
owner => sympa, group => sympa, mode => 0640,
require => File["/etc/sympa"];
"/etc/sympa/wwsympa.conf":
source => "$fileserver/sympa/wwsympa.conf",
owner => sympa, group => sympa, mode => 0640,
require => File["/etc/sympa"];
"/var/lib/apache2/fastcgi":
ensure => present,
owner => root, group => sympa, mode => 0775,
require => Package["libapache2-mod-fastcgi"];
"/var/lib/apache2/fastcgi/dynamic":
ensure => present,
owner => root, group => sympa, mode => 0770,
require => File["/var/lib/apache2/fastcgi"];
# NOTE: as mentioned above it would be better if the apache2 module
# could handle setting things in the module conf files for us, but for
# now we just deliver the file
"/etc/apache2/mods-available/fcgid.conf":
source => "$fileserver/apache2/fcgid.conf",
owner => root, group => root, mode => 0644;
}
augeas {
"logrotate_sympa":
context => "/files/etc/logrotate.d/sympa/rule",
changes => [ "set file /var/log/sympa/*.log", "set rotate 3", "set schedule weekly",
"set compress compress", "set missingok missingok", "set ifempty notifempty",
"set copytruncate copytruncate" ]
}
if defined(Class['monit']) {
monit::check::process { "wwsympa.fcgi":
pidfile => "/var/run/apache2.pid",
start => "/etc/init.d/apache2 start",
stop => "/etc/init.d/apache2 stop",
customlines => ["if totalmem > 5000 MB for 3 cycles then restart"];
}
monit::check::process {"task_manager.pl":
pidfile => "/home/sympa/task_manager.pid",
start => "/etc/init.d/sympa start",
stop => "/etc/init.d/sympa stop",
customlines => ["if totalmem > 5000 MB for 3 cycles then restart"],
ensure => absent;
}
}
*/
class sympa::mageia {
/* this came from boklm, needs to be reviewed, maybe moved
# perl-CGI-Fast is needed for fast cgi
# perl-Socket6 is required by perl-IO-Socket-SSL
# (optional requirement)
......@@ -16,4 +18,5 @@ class sympa::mageia {
subscribe => [ Package["sympa"], File['/etc/sympa/sympa.conf']]
}
*/
}
# FIXME: this has riseup specific paths currently
class sympa::nagios {
nagios::service {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment