Since the chain file contents parameter defaults to undef, on puppet 3
the ERB template evaluates that to the symbol :undef which is not
falsey, so if it is left unset it creates an invalid apache config
pointing to /etc/apache2/undef. To be safe, explicitly check for any
emptyish values. This is only an issue for tests on puppet 3, on puppet
4 undef is correctly evaluated as nil.
Change-Id: I380d69f3928e342562c3c63e35a07555163733e8
When serveraliases is not defined it should evaluate to nil, not ''.
Check for both to cover our bases.
Change-Id: Iad51146400443fce963889d77eae3c6e4759d08c
Dynamic scoping for variables in ERB templates was removed in puppet
4[1] which means that the variables defined in the
manifest cannot be found when it is referenced in
the httpd::vhost defined type and will be evaluated as nil when
puppet runs. Use scope.lookupvar instead to be explicit about the
variable's source.
[1] https://puppet.com/docs/puppet/4.10/lang_updating_manifests.html#dynamic-scoping-in-erb
Change-Id: Ifc1db7851d2a0cd39af9f05b55ec9a546a12f567
Apache version 2.4 changes the Order Allow,Deny security configuration options.
This patch modifies the vhost template in order to support it and provide
trusty compatibility.
Change-Id: I1514ab788f8bfd9198ae020ea1fab745cee6f305
The $site_root parameter must be set in order for the file resource
ensuring it to work. However, the best default for it depends on the
$site_name and $site_vhosts_root parameter. Class parameter defaults
behave strangely if they depend on another class parameter: they take
on the value of whatever the user has set, not the default value. So if
we want the default value of $site_root to be
"${site_vhosts_root}/${site_name}", and we want it to be acceptable to
use the default value of 'www.example.com' as the site name, then we
have to set the default in the body of the class, not in the parameters
list. The same is true for the $site_docroot parameter.
This patch leaves the official default of $site_root as undef but
conditionally sets a preferred default of "${site_vhosts_root}/${site_name}" in
the body of the class. Since variables in puppet are immutable we need
to assign this value to a new variable and fix the references to this
variable throughout hte module.
This patch changes the official default of $site_docroot from
"${site_root}/w" to undef, because that default would have different
behavior depending on whether the user had set $site_root or not. We
then conditionally set it to the right default in the body of the class
and update references to that variable. Also changed the Directory key
for the docroot in the vhost template to refer to the $docroot
parameter passed in to the httpd::vhost type rather than the
$_site_docroot value from the class, which evaluates to the same value
but makes the Directory tag consistent with the Docroot declaration
above it.
Change-Id: Iaed65b20816c0b4f6fd34f7e0ef07f906bb9750e
The conf_xxxx class paramters of drupal class refactored now
to conf variable that can hold the key-value pairs. So it
will allow the define additional parameters without any change
required in the drupal:: class.
The conf_xxx parameters kept only for compatibility reason, will be
removed in a future release.
Change-Id: I9e77d609bc6aaa3a5e10f065e79aa8a86cae151e
We were testing if the chain file contents var was not equal to empty
string ('') before setting the chain file path in the vhost.
Unfortunately this variable was unset so has a value of nil in the erb
file. This meant that the condition matched even though we didn't want
it to and we got a broken vhost file.
Fix this by explicitly setting this var's value to undef by default in
puppet. This results in a nil value erb side which we can test against
more simply.
Change-Id: I8016b7ab20843a6e35002bed1a79867480ddbd08
Extend the Drupal vhost template with ssl capability, and
groups-dev.openstack.org now accepts the following hiera variables for
ssl setup:
- groups_dev_site_ssl_cert_file_contents: x509 certificate of vhost in pem format
- groups_dev_site_ssl_key_file_contents: rsa key of x509 certificate in pem format
- groups_dev_site_ssl_chain_file_contents: trusted chain of parent certificates (optional)
This patch is required for proper openstackid/oauth2 backref communication.
Change-Id: Ia148d1db743fc80bcb675c9ca2906333ef62eff8
Implements: blueprint groups-oauth2-authentication
Move the openid provider url into groups_openid_provider configuration
variable for groups portal. We are separating the productive and
staging urls, so productive is pointing to openstackid.org now.
Change-Id: Ifc7d5d41b80c3a080800d1d9d1ef394490d93b14
Both staging and productive groups instances will use the manifest
published at tarballs.openstack.org/groups/drupal-updates catalog.
It helps to separate the staging and prod deployment source
versions, passed in package_branch parameter. Drush dsd tool updated
to v0.9, and puppet sitedeploy and siteupdate resources were also
refactored to support drush-dl package provider parameters.
Change-Id: I8299c063ea774a85554c2406c6cb6ccb007fb182
Add optional GA tracking code variable to settings.php template and add
tracking code to groups.openstack.org site.
Change-Id: Iddf223cab9ef672178f4e2984cdacf27a8d0f16f
This patch removes the drush make site building function from
groups-dev instance, and now directly fetch release tarballs from
http://tarballs.openstack.org/groups repository. With an advanced
multi-slot deployment architecture it prevents the typical Drupal
WSOD issues that randomly caused site malfunction when a request
arrived during installation. It also simplifies the
deployment steps using the standard drush aliases and
drush-dsd extension and supports local configuration variables
in local_settings.php file.
Change-Id: I73976a60e080d15b6f513db79fee46bcf468e302
Add a groups-dev node to openstack infra, based on drupal
environment. This node checks out the repository:
https://git.openstack.org/openstack-infra/groups
Build a new deployment from scratch, including drush make
distbuild and drush si auto-installation features.
Change-Id: I71eef1c14724ceb13a896ff768923148dedcc2ef
Andreas Jaeger