Commit Graph

60 Commits

Author SHA1 Message Date
Clark Boylan 9998655fa9 Retire this project
OpenDev is no longer running an openstackid instance and the puppet
module isn't used by the folks running the current instance. We can go
ahead and clean this repo up.

Depends-On: https://review.opendev.org/c/openstack/project-config/+/818170
Change-Id: Ifab5aa7a839d8353aee9acacd5fd2eec525cc924
2021-11-16 14:41:11 -08:00
smarcet ad9fa60259 Changed default queue driver from database
to redis to prevent deadlocks

Change-Id: I39f5e3206b58800e7ed47abfa2ad58da360a77bb
Signed-off-by: smarcet <smarcet@gmail.com>
2020-10-19 09:30:31 -03:00
smarcet eb6547e446 Added cloud storage config
Change-Id: I6a9c67da18beacf4b6f67ed2ace8371ba3478fd8
Signed-off-by: smarcet <smarcet@gmail.com>
2020-09-21 09:25:11 -03:00
smarcet 437b6b776e Added message broker (RabbitMQ) settings
updated configuration for message broker

Change-Id: I3112fabafd1172129c5cdc4c3743b5c9685a9338
Signed-off-by: smarcet <smarcet@gmail.com>
Depends-on: https://review.opendev.org/#/c/752734
2020-09-18 15:08:02 -03:00
smarcet a647c22158 Fixed permissions issues on SpammerProcess
fixed permission due generating the pickle
file was not allowed.

Change-Id: I18f5a832753c393ba01cec6e3318191a1e639c1f
Signed-off-by: smarcet <smarcet@gmail.com>
2020-04-03 14:53:17 -03:00
smarcet a4d88dc494 Added config variables to support emails
* support
* user spam processor results

Change-Id: I27d34b40c1bf04e64340bc245da0f27517a319f3
Signed-off-by: smarcet <smarcet@gmail.com>
2020-03-25 11:20:17 -03:00
smarcet 954b03a75f Fixing results from ZAP Scanning Report
added header Strict-Transport-Security Header Not Set

Change-Id: I22b14e30738254ebd3e847003f16a4ad3863ed8a
Signed-off-by: smarcet <smarcet@gmail.com>
2020-03-24 17:39:57 -03:00
smarcet 8ddb3f8ce3 Added python packages install support
Change-Id: I5b6178ed2db510f8f708901d513f1512e5226a36
Signed-off-by: smarcet <smarcet@gmail.com>
2020-03-11 14:13:10 -03:00
smarcet b1e5b59a0a Removed stale config variables
removed all config variables related to
ss integration

Change-Id: Id57bbf6329a0aac9904fd317ce0e1d8628993aa3
Signed-off-by: smarcet <smarcet@gmail.com>
Depends-on: https://review.opendev.org/#/c/709529
2020-02-24 15:31:34 -03:00
smarcet f1f6e58ef8 Fixed broken deployment
Refactored to support Doctrine ORM
and Laravel Queues

Change-Id: Iea078ee1e7d2541872b3b6966825eb6988fd266e
2020-01-27 23:15:31 -03:00
smarcet 1806356c52 Updated Build
* Fix on supervisor launch script
* Refactoring on docroot variable

Change-Id: I65099e2ee2a0b3b153d70cb9ba6b7e96ec9baced
2020-01-24 14:51:58 +00:00
smarcet 24076bd286 Updated build
Updated puppet build to support new migration
for user management from IDP side

Change-Id: I633add5af8d96223d331a129f39956b1af4f8867
2020-01-22 04:07:17 +00:00
Jeremy Stanley 7091e5ced9 Puppet-lint says "class included by absolute name"
Get rid of lots of leading :: prefixes because the puppet-lint
authors think that's prettier for some reason.

Change-Id: If1f0fcebe4305861ff6cabe596feb023548cf23a
2020-01-22 04:07:15 +00:00
smarcet f05f1b5a5f Added paranetrized urls
parametrized urls for registration
/reset password and verification

Change-Id: I2748957adc92776dddf32b15cb650d8446b8b8a6
Depends-On: https://review.opendev.org/#/c/656395/
2019-04-29 17:19:06 -03:00
smarcet 18261412e5 Add sendgrid support
added api sendgrid key on .env file

Depends-On: https://review.openstack.org/#/c/651794
Change-Id: I084d5f66138f15cf5d9b215a1cb9a304e70e4957
2019-04-11 11:42:24 -03:00
Clark Boylan d53f72407e Disable legacy nodejs symlinks
We currently setup a symlink loop between /usr/bin/node and
/usr/bin/nodejs. This seems to happen due to a mismatch in expectations
between nodesource packaging and our nodejs puppet module. Thankfully
the puppet module allows us to disable the symlinking behavior [0].
We've successfully used this method on the etherpad servers so apply it
to openstackid as well.

[0] https://github.com/voxpupuli/puppet-nodejs/tree/v2.3.0#legacy_debian_symlinks

Debugging notes:

Symlink loop:

  clarkb@openstackid-dev01:~$ ls -al /usr/bin/node
  lrwxrwxrwx 1 root root 15 Mar 18 23:54 /usr/bin/node -> /usr/bin/nodejs
  clarkb@openstackid-dev01:~$ ls -al /usr/bin/nodejs
  lrwxrwxrwx 1 root root 24 Mar 18 23:32 /usr/bin/nodejs -> /etc/alternatives/nodejs
  clarkb@openstackid-dev01:~$ ls -al /etc/alternatives/nodejs
  lrwxrwxrwx 1 root root 13 Mar 18 23:32 /etc/alternatives/nodejs -> /usr/bin/node

Package contents:

  clarkb@openstackid-dev01:~$ dpkg -L nodejs | grep /usr/bin
  /usr/bin
  /usr/bin/node
  /usr/bin/npx
  /usr/bin/npm

Puppet logs:

  Mar 18 23:54:39 openstackid-dev01 puppet-user[19866]: (/Stage[main]/Nodejs::Install/File[/usr/bin/node]/ensure) ensure changed 'file' to 'link'
  Mar 18 23:54:39 openstackid-dev01 puppet-user[19866]: (/Stage[main]/Nodejs::Install/File[/usr/share/man/man1/node.1.gz]/ensure) ensure changed 'file' to 'link'

Change-Id: Ib77b851e12a4f94b5853b1b9e981f898c0ad36f1
2019-03-20 10:54:22 -07:00
Sebastian Marcet 6336b6cdc7 Fix on mysql ssl certs
* added code to ensure that directory /etc/mysql-client-ssl exists
  before to create the certs
* fixed typo on .env

Change-Id: I89640b2d25b274bcc7205b6665c9930d695a003d
2019-02-15 08:09:01 -03:00
Sebastian Marcet db89f2367c Update nodejs default version
default nodejs version installed on ubuntu xenial
is too old ( 4.x ) and wanst installing npm package
thus deployment was failing bc its relaying on that one
added repo_url_suffix attribute to class nodejs to force
to install version 9.x

Change-Id: I4f3fe711acaffdf7340c49dc9aca095bbbf10a68
2019-02-08 13:15:03 -03:00
Sebastian Marcet 6265d038e7 Fixed scope of deploy resource type usage
added scope openstackid for puppet 4

Change-Id: Ief67f2601f516bfa553e8f84a3228a9e2a487b10
2019-01-18 10:50:53 -03:00
Sebastian Marcet 5ad10537b4 Updated script to support PHP7
Added php 7.x support and xenial support using external
ppa from andrej

Depends-On: https://review.openstack.org/611936

Change-Id: Ic30cc62216be3035c363fa0203a757df662acf47
2019-01-15 15:01:21 -03:00
Sebastian Marcet 9a044f8e00 Added configuration for MYSQL SSL connection
added config params to set up client certs for
PDO SSL connections ( mysql )

Change-Id: Idb04a5a97e5e461bc91508567ad27c1ded60049a
2018-08-23 15:21:21 -03:00
Sebastian Marcet 89890ae5ca Updated binary dependencies
added build-essential due its needed to build
node-sass npm package.

Change-Id: I21b240ee5a14a55f32f4a955da176b6dacbdd535
2018-04-30 11:56:39 -03:00
Jenkins 33f81f0190 Merge "Install Laravel schedule" 2017-08-30 14:21:24 +00:00
Clark Boylan 4c99e995a8 Allow multiple places to install curl
Curl is an important package that we end up needing in a few places. To
avoid puppet unique name conflicts with the package "curl" only define
the curl package resource if it isn't already defined.

This allows us to define it in multiple places that may or may not
overlap depending on how hosts are constructed.

Change-Id: I17c119e81a035916550de44356b9f4badd505c81
2017-08-24 13:49:31 -07:00
Sebastian Marcet dbcaf34f22 Install Laravel schedule
setup cron job to install
laravel schedule.

Change-Id: Icfc510080b62a8e5fe51a27ab1628d4a8840d05e
2017-08-13 23:15:49 -03:00
Sebastian Marcet e0374d97e6 Updated session cookie params
addeed more configuration params for
IDP cookie session. also set default value
for lifetime from 120 to 1440 minutes as
requested by Jimmy McArthur.

Change-Id: Iddca85712c98f88e11b2c872aaf1911bd6263c39
2017-06-02 16:38:41 -03:00
Sebastian Marcet 985100d9c5 Server params tweaking
* tweaked kernel params
* tweaked php params

Change-Id: I9e9a864182e22e7387a10535a57b822a5dfdb5c0
2017-04-10 16:44:41 -03:00
Sebastian Marcet 49e222aa4a Apache/PHP configuration tweaks
In order to improvee IDP responsiveness
follwing actions were taken:

* updated apache connection settings
* removed access log settings from apache2
* updated php pool settings
* added php.ini settings
** added zend opcode cache
** set php max memory limmit to 32MB
* added php-fpm.conf settings
** set emergency_restart settings

Change-Id: I52aafd41267aa46d4f481b7c91a24732c615632b
2017-04-05 12:24:49 -03:00
Sebastian Marcet 75c6ce708b Puppet script upgrade to LV 5.X
In order to allow IDP upgrade from
LV 4.x to LV 5.X
(https://review.openstack.org/#/c/305521/)
puppet and shell scripts
were update to support diferent versions
or laravel through config variable $laravel_version
( default value to version 4 so production would not
get affected ).

Change-Id: I76a7093f3c88c72256f638d5c56cc8799643b69d
2016-11-23 16:15:26 -03:00
Sebastian Marcet 93b89568da Tweaked server connection settings
* updated apache mpm event module connection settings
* added tcp/ip connection settings
* added vm.overcommit_memory setting for redis server
* added dependency to duritong/puppet-sysctl

Change-Id: I7c98a75fff3a0d5f27de4ef78e87c1054586e609
2016-03-31 14:29:37 -03:00
Sebastian Marcet b764ef6fd2 Readded php5enmod mbcrypt for trusty
Change-Id: I874cde6399314a38fff8a96f9498f8aaf8e9698d
2016-03-30 20:18:05 -03:00
Sebastian Marcet a9fab67330 Updated config for Precise
* removed php5enmod ( it does not exists on precise)
* updated config to use class apache::mod::event intead
  on custom config file

Change-Id: Ic7610a5f93c9d5eb3d1673ede3ad41227a6537db
2016-03-30 18:38:27 -03:00
Sebastian Marcet 6cb41de782 Update Configuration for Precise
added conditional logic to support fastcgi apache 2.2 mod on Precise

Change-Id: Ice7a2f9d802fe4fa65589456eb376bafe85ba448
2016-03-30 16:16:50 -03:00
Sebastian Marcet a1c7cc4ed7 Apache MPM events + php5 fpm
* Updated site config to change MPM from fork to event model
  and to start using php5-fpm (fast cgi) to get a better site
  performance and a better use or server resources.
* Updated mysql php driver to newer one (php5-mysqlnd).
* Added missing dependencies : php5-json (json functions) and
  php5-gmp( big number functions used by jose4php).
* Replaced puppet-httpd with puppetlabs-apache.
* added www.conf to tweak php5-fpm connection settings
* update vhost template to support proxy_fcgi.
* updated apache connections settings to improve performance on
  mpm events.
* updated dependency to puppetlabs/apache (1.8.1)
Change-Id: I66c6ad413a6b0c31a19cc663058a53edc3bec5cc
2016-03-30 11:18:59 -03:00
Sebastian Marcet 638c790997 Update prefork MPM apache settings
Tweeaked apache connection settings on prefork MPM to allow better
performance at larger client volumes and server sizes. Make this
safe for Trusty as well, for ease of upgrading in the near future.

Change-Id: I0f52eabc8218b12392a2ac75d3ce3a5a85e01df5
2016-03-23 20:21:26 +00:00
Jeremy Stanley d738f5647d Default to hostname not fqdn for laravel env
Laravel expects the short hostname for its environment identifier,
but we didn't notice this before because production openstackid.org
and openstackid-dev.openstack.org had incorrect /etc/hostname files
containing their fully qualified hostnames rather than their short
hostnames. Now that we correctly set the contents of the hostname
file in new deployments, this will break without correcting the
Puppet module.

The plan is to merge this with Puppet disabled for openstackid.org,
confirm that correcting the hostname on openstackid-dev revives it,
then manually apply the same correction and this patch on production
openstackid.org before reenabling Puppet there.

Change-Id: I41ddb3cd12fa564d19cedc18ca5585d2ca7481da
Depends-On: If67783a2cbaf77e89a3d2aae80a9206b547dbac6
2016-03-23 14:06:58 +00:00
Jenkins afe80004cc Merge "Added DB seeding support" 2016-03-22 14:14:23 +00:00
Sebastian Marcet a9fd2fa4fd Added apache2 service notification on ssl cert change
Added notification to service apache2 when some of the ssl
cert files changes, to be able to reload them.

Change-Id: Iab89ce159d7874587fd006c765f042a41a20505f
2016-03-21 20:53:00 -03:00
Sebastian Marcet 79e17cabef Added DB seeding support
added db seeding support configuration on install site command
by default is disabled to avoid overwriten existent db

Change-Id: Iba74a5f6f8a08f73d73bc0ca2d499ea215cf8c8a
2016-03-21 20:41:20 -03:00
Sebastian Marcet 0bd2988d1c Update Email Configuration file
added a template to parametrize the email configuration sending
process

Change-Id: If640f30f569a77461ba396f07fd07aad1f356587
2016-03-15 08:40:01 -03:00
Sebastian Marcet b94c6b2445 Update App Configuration
Added version variable
updated provider on app.php template

Change-Id: I7e7c38925ff5152e3595202743e32aa296bd2c16
2016-02-26 15:06:07 -03:00
Jeremy Stanley b3463290eb Put /usr/local/bin first in paths
Reorder the exec paths so that /usr/local/bin is checked before
/usr/bin and /bin. The newer NPM-installed node.js is at
/usr/local/bin/node while the older distro-packaged node.js is at
/usr/bin/node.

Change-Id: I3e13ea1e9c5efed6e1a3ab489e70918f6b6a1768
2016-02-16 16:41:26 +00:00
Sebastian Marcet dbd2643937 Fix on nodejs default version
nodejs default version is too old
so now its install n node manager to install
latest one, also installing bower directly on update site/install site
command

Change-Id: I1a2c377db24f66a6138a07e4b2f284a02083f364
2016-01-23 19:27:26 -03:00
Sebastian Marcet 79746e577e Improved Bower support
improved bower support using nodejs native module
instead of custom logic used on former approachs.

Change-Id: Icf1cea6b78d385cf085432937b5373c6958f6fd0
2015-11-18 15:37:41 -03:00
Sebastian Marcet aecd18597d Added latest registry reference for node
Puppet build fails without this.

Change-Id: I7ef20e73e5bb9edee31de4887fc0bfec95fa0312
2015-11-13 21:33:25 +00:00
Sebastian Marcet dfb6169d47 Added bower support
added bower installation procedure to remove bower hardcoded
dependencies on https://review.openstack.org/#/c/198458/

Change-Id: Ic0a9b3a2dcfd84df35490fcd20c8399b3e0fd3cc
2015-11-13 16:40:34 -03:00
Sebastian Marcet bd1f2efd39 Updated configuration for OIDC
added app.php as template, bc now we need the app key set by default
on hiera.

Change-Id: I2d4678f36af911df33d0c334a76eb759aa2f725b
2015-08-18 17:34:27 -03:00
Colleen Murphy 9f823eef7e Add Gemfile and puppet 4 checks
In anticipation of puppet 4, start trying to deal with puppet 4 things
that can be helpfully predicted by puppet lint plugins. Also fix lint
errors caught by the puppet-lint-absolute_classname-check gem and arrow
alignment errors now caught by the modern puppet-lint gem.

We disable the puppet-lint-empty_string-check check for now, to be
fixed later, because this module makes heavy use of empty string
defaults and updating this needs to be done with care.

Change-Id: I90e74f25a1aa176d336afc591ac1da9c03c77aa7
2015-08-11 14:58:00 -07:00
Paul Belanger 0162ef56c9 Migrate to puppet-httpd module
puppet-httpd is the openstack-infra version of puppetlabs-apache
(0.0.4) release.

This patchset will remove the puppetlabs-apache namespace from -infra
allowing for possible future patchsets to use newer puppetlabs-apache
modules.

Change-Id: Id03b3895a5676b8d81cdd79a9536b4084dc8c3e3
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2015-07-16 15:45:04 -04:00
Marton Kiss 2e19e6ec64 Add standard puppet module files and .gitreview
This module has been split out from system-config, and additional
files are required to create a proper puppet module. Fix a puppetlint
issue in init.pp.

Some of the files are described in the spec:
http://specs.openstack.org/openstack-infra/infra-specs/specs/puppet-modules.html

Change-Id: I9135e0e9c8cd880c56a7630098c5175bc40846d8
2015-01-28 19:52:24 +01:00