Add install-server element
This commit is contained in:
parent
29ba459f46
commit
4e1784bde5
|
@ -0,0 +1,164 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -eux
|
||||
|
||||
# Services couldn't talk to mysql, disable selinux for now
|
||||
sed -i -e 's/=enforcing/=permissive/g' /etc/selinux/config
|
||||
|
||||
yum install -y --nogpg make rubygems ruby-devel rubygem-rake numpy java /opt/stack/files/ruby-devel.rpm python-jinja2 wget
|
||||
gem install --no-ri --no-rdoc bundler
|
||||
|
||||
cat <<-EOF > /tmp/gemfile
|
||||
source 'https://rubygems.org'
|
||||
group :test do
|
||||
gem 'rspec', '~> 2.14.1'
|
||||
gem 'rspec-extra-formatters', '1.0.0'
|
||||
gem 'serverspec', '1.3.0'
|
||||
gem 'r10k', '1.2.1'
|
||||
end
|
||||
EOF
|
||||
|
||||
bundle install --gemfile=/tmp/gemfile
|
||||
|
||||
#install jenkins
|
||||
yum install -y --nogpg /opt/stack/files/jenkins.rpm
|
||||
sed -i -e 's/HTTP_PORT=8080/HTTP_PORT=8282/' -e 's/JENKINS_PORT="8080"/JENKINS_PORT="8282"/' /etc/sysconfig/jenkins
|
||||
echo -e 'Defaults:jenkins !requiretty\njenkins ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/jenkins
|
||||
chmod 0440 /etc/sudoers.d/jenkins
|
||||
|
||||
#install puppet
|
||||
yum install -y --nogpg /opt/stack/files/puppet-release.rpm
|
||||
yum install -y --nogpg puppet-server git augeas ntp httpd puppetdb puppetdb-terminus python-pip mod_wsgi apr-util-devel apr-devel httpd-devel zlib-devel openssl-devel libcurl-devel gcc-c++ gcc mod_ssl patch
|
||||
gem install rack passenger
|
||||
passenger-install-apache2-module -a
|
||||
mkdir -p /usr/share/puppet/rack/puppetmasterd/public /usr/share/puppet/rack/puppetmasterd/tmp
|
||||
cp /usr/share/puppet/ext/rack/config.ru /usr/share/puppet/rack/puppetmasterd/
|
||||
chown puppet:puppet /usr/share/puppet/rack/puppetmasterd/config.ru
|
||||
|
||||
cat >> /usr/share/puppet/rack/puppetmasterd/config.ru <<EOF
|
||||
Encoding.default_external = Encoding::UTF_8
|
||||
Encoding.default_internal = Encoding::UTF_8
|
||||
EOF
|
||||
|
||||
passenger_version=$(gem list | grep passenger | awk '{print $2}' |sed 's/[)(]//g')
|
||||
|
||||
# do not enable by default as without cert it'll fail
|
||||
cat > /etc/httpd/conf.d/puppetmaster.conf.disabled <<EOF
|
||||
LoadModule passenger_module /usr/local/share/gems/gems/passenger-${passenger_version}/buildout/apache2/mod_passenger.so
|
||||
PassengerRoot /usr/local/share/gems/gems/passenger-${passenger_version}
|
||||
PassengerRuby /usr/bin/ruby
|
||||
PassengerHighPerformance on
|
||||
PassengerMaxPoolSize 12
|
||||
PassengerPoolIdleTime 1500
|
||||
PassengerStatThrottleRate 120
|
||||
Listen 8140
|
||||
|
||||
<VirtualHost *:8140>
|
||||
SSLEngine on
|
||||
SSLProtocol ALL -SSLv2
|
||||
SSLCipherSuite ALL:!aNULL:!eNULL:!DES:!3DES:!IDEA:!SEED:!DSS:!PSK:!RC4:!MD5:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXP
|
||||
SSLHonorCipherOrder on
|
||||
|
||||
SSLCertificateFile /var/lib/puppet/ssl/certs/mycert.pem
|
||||
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/mycert.pem
|
||||
SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem
|
||||
SSLCACertificateFile /var/lib/puppet/ssl/certs/ca.pem
|
||||
SSLVerifyClient optional
|
||||
SSLVerifyDepth 1
|
||||
SSLOptions +StdEnvVars +ExportCertData
|
||||
RequestHeader unset X-Forwarded-For
|
||||
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
|
||||
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
|
||||
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
|
||||
DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
|
||||
RackBaseURI /
|
||||
<Directory /usr/share/puppet/rack/puppetmasterd/>
|
||||
Options None
|
||||
AllowOverride None
|
||||
Order allow,deny
|
||||
allow from all
|
||||
</Directory>
|
||||
</VirtualHost>
|
||||
EOF
|
||||
|
||||
mkdir -p /var/www/puppetboard
|
||||
|
||||
cat > /var/www/puppetboard/wsgi.py <<EOF
|
||||
from __future__ import absolute_import
|
||||
import os
|
||||
|
||||
# Needed if a settings.py file exists
|
||||
os.environ['PUPPETBOARD_SETTINGS'] = '/var/www/puppetboard/settings.py'
|
||||
from puppetboard.app import app as application
|
||||
EOF
|
||||
|
||||
cat > /etc/httpd/conf.d/puppetboard <<EOF
|
||||
NameVirtualHost *:82
|
||||
Listen 82
|
||||
|
||||
<VirtualHost *:82>
|
||||
WSGIDaemonProcess puppetboard user=apache group=apache threads=5
|
||||
WSGIScriptAlias / /var/www/puppetboard/wsgi.py
|
||||
ErrorLog /var/log/httpd/puppetboard.error.log
|
||||
CustomLog /var/log/httpd/puppetboard.access.log combined
|
||||
|
||||
Alias /static /usr/lib/python2.6/site-packages/puppetboard/static
|
||||
|
||||
<Directory /usr/lib/python2.6/site-packages/puppetboard>
|
||||
WSGIProcessGroup puppetboard
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
Require all granted
|
||||
</Directory>
|
||||
</VirtualHost>
|
||||
EOF
|
||||
|
||||
cd /usr/share/ruby/vendor_ruby/hiera
|
||||
# patch reports this is maformed
|
||||
patch -p0 < /opt/stack/files/heira-backend.patch
|
||||
rm -rf /var/lib/puppet/ssl/*
|
||||
|
||||
cat > /etc/yum.repos.d/elasticsearch.repo <<EOF
|
||||
[elasticsearch-1.0]
|
||||
name=Elasticsearch repository for 1.0.x packages
|
||||
baseurl=http://packages.elasticsearch.org/elasticsearch/1.0/centos
|
||||
gpgcheck=0
|
||||
enabled=1
|
||||
EOF
|
||||
|
||||
|
||||
|
||||
#logcollector.install
|
||||
#monitor-server.install
|
||||
#tempest.instal
|
||||
|
||||
|
||||
pip install /opt/jenkins-job-builder
|
||||
|
||||
JENKINS_URL=https://updates.jenkins-ci.org/download/plugins
|
||||
JENKINS_URL2=http://ftp.nluug.nl/programming/jenkins/plugins
|
||||
JENKINS_PLUGINS="ssh-agent/1.4.1/ssh-agent.hpi \
|
||||
gearman-plugin/0.0.6/gearman-plugin.hpi \
|
||||
promoted-builds/2.17/promoted-builds.hpi \
|
||||
git-client/1.9.0/git-client.hpi \
|
||||
scm-api/0.2/scm-api.hpi \
|
||||
parameterized-trigger/2.24/parameterized-trigger.hpi \
|
||||
token-macro/1.10/token-macro.hpi \
|
||||
multiple-scms/0.3/multiple-scms.hpi \
|
||||
ansicolor/0.4.0/ansicolor.hpi \
|
||||
git/2.2.1/git.hpi \
|
||||
reverse-proxy-auth-plugin/1.4.0/reverse-proxy-auth-plugin.hpi"
|
||||
mkdir -p /var/lib/jenkins/plugins
|
||||
chown jenkins /var/lib/jenkins /var/lib/jenkins/plugins
|
||||
JENKINS_CACHE=/tmp/jenkins-plugins-cache
|
||||
for plugin in ${JENKINS_PLUGINS}; do
|
||||
plugin_name=$(basename ${plugin});
|
||||
echo "Installing plugin ${plugin_name}";
|
||||
if [ ! -r $JENKINS_CACHE/$plugin ]; then
|
||||
mkdir -p $JENKINS_CACHE/$(dirname ${plugin});
|
||||
wget -q -O - "${JENKINS_URL}/${plugin}" > $JENKINS_CACHE/$plugin || wget -q -O - "${JENKINS_URL2}/${plugin}" > $JENKINS_CACHE/$plugin;
|
||||
fi;
|
||||
cp $JENKINS_CACHE/$plugin /var/lib/jenkins/plugins/${plugin_name};
|
||||
done
|
||||
|
||||
# ImportError: No module named http_client
|
||||
pip install -U six
|
|
@ -0,0 +1,17 @@
|
|||
|
||||
if [ ! -e ~/.ssh/id_rsa ] ; then
|
||||
ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
|
||||
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
|
||||
fi
|
||||
|
||||
mkdir -p /etc/jenkins_jobs
|
||||
cd /opt/stack/config-tools/
|
||||
|
||||
# provision needs this but will overwrite it
|
||||
# proper DNS would fix it
|
||||
#echo "127.0.0.1 install-server.etest" >> /etc/hosts
|
||||
#
|
||||
#echo install-server.etest > /etc/hostname
|
||||
#hostname install-server.etest
|
||||
|
||||
#./provision.sh I.1.2.0 http://goodsquishy.com/downloads/repos/spinalstack-env.git/etest.yml version=D7-I.1.2.0
|
|
@ -0,0 +1,5 @@
|
|||
config-tools git /opt/stack/config-tools http://goodsquishy.com/downloads/repos-etest/config-tools.git/
|
||||
jjb git /opt/jenkins-job-builder https://git.openstack.org/openstack-infra/jenkins-job-builder
|
||||
puppet-release file /opt/stack/files/puppet-release.rpm http://yum.puppetlabs.com/el/7/products/x86_64/puppetlabs-release-7-11.noarch.rpm
|
||||
jenkins-rpm file /opt/stack/files/jenkins.rpm http://pkg.jenkins-ci.org/redhat/jenkins-1.583-1.1.noarch.rpm
|
||||
heira-patch file /opt/stack/files/heira-backend.patch https://github.com/enovance/edeploy-roles/raw/master/files/backend.rb.patch
|
|
@ -46,7 +46,8 @@
|
|||
"element-manifest",
|
||||
"tuskar",
|
||||
"fix-undercloud-package-installs",
|
||||
"os-cloud-config"
|
||||
"os-cloud-config",
|
||||
"install-server"
|
||||
],
|
||||
"hook": [
|
||||
"extra-data",
|
||||
|
|
Loading…
Reference in New Issue