opendev
/
puppet-etherpad_lite
Code Issues Proposed changes

Retire repo 

Depends-On: https://review.opendev.org/720892
Change-Id: Ie5c4c64b1eb37054a6a3dcaa9bb4cb36c81e53ef
This commit is contained in:
Monty Taylor 2020-04-22 08:55:34 -05:00
parent 14a49a862e
commit bb91e9cd68
27 changed files with 9 additions and 1214 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Gemfile
View File

@ -1,15 +0,0 @@
source 'https://rubygems.org'
if File.exists?('/home/zuul/src/git.openstack.org/openstack-infra/puppet-openstack_infra_spec_helper')
gem_checkout_method = {:path => '/home/zuul/src/git.openstack.org/openstack-infra/puppet-openstack_infra_spec_helper'}
else
gem_checkout_method = {:git => 'https://git.openstack.org/openstack-infra/puppet-openstack_infra_spec_helper'}
end
gem_checkout_method[:require] = false
group :development, :test, :system_tests do
gem 'puppet-openstack_infra_spec_helper',
gem_checkout_method
end
# vim:ft=ruby

202
LICENSE
View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

3
README.md
View File

@ -1,3 +0,0 @@
# OpenStack Etherpad Lite Module
This module installs and configures Etherpad Lite

9
README.rst Normal file
View File

@ -0,0 +1,9 @@
This project is no longer maintained.
The contents of this repository are still available in the Git
source code management system. To see the contents of this
repository before it reached its end of life, please check out the
previous commit with "git checkout HEAD^1".
For any further questions, please email
service-discuss@lists.opendev.org or join #opendev on Freenode.

8
Rakefile
View File

@ -1,8 +0,0 @@
require 'rubygems'
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-lint/tasks/puppet-lint'
PuppetLint.configuration.fail_on_warnings = true
PuppetLint.configuration.send('disable_80chars')
PuppetLint.configuration.send('disable_autoloader_layout')
PuppetLint.configuration.send('disable_class_inherits_from_params_class')
PuppetLint.configuration.send('disable_class_parameter_defaults')

11
bindep.txt
View File

@ -1,11 +0,0 @@
# This is a cross-platform list tracking distribution packages needed by tests;
# see http://docs.openstack.org/infra/bindep/ for additional information.
libxml2-devel [test platform:rpm]
libxml2-dev [test platform:dpkg]
libxslt-devel [test platform:rpm]
libxslt1-dev [test platform:dpkg]
ruby-devel [test platform:rpm]
ruby-dev [test platform:dpkg]
zlib1g-dev [test platform:dpkg]
zlib-devel [test platform:rpm]

39
files/apache-connection-tuning
View File

@ -1,39 +0,0 @@
# worker MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
# graceful restart. ThreadLimit can only be changed by stopping
# and starting Apache.
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
#
# Etherpad Lite clients create a lot of connections. To be able to support
# Several hundred concurrent users we need to make sure that we allow a few
# thousand concurrent connections. This should be ok as typical etherpad use
# involves a couple writers then a bunch of lurkers. The cost of lurkers
# is basically the TCP connection as they don't create DB writes and so on.
# In addition to allowing for connection growth, keep a healthy number of
# spare threads around to better handle thundering herds of users (eg at the
# start of summit sessions).
<IfModule mpm_worker_module>
ServerLimit 128
StartServers 3
MinSpareThreads 96
MaxSpareThreads 192
ThreadLimit 64
ThreadsPerChild 32
MaxClients 4096
MaxRequestsPerChild 0
</IfModule>
<IfModule mpm_event_module>
ServerLimit 128
StartServers 3
MinSpareThreads 96
MaxSpareThreads 192
ThreadLimit 64
ThreadsPerChild 32
MaxClients 4096
MaxRequestsPerChild 0
</IfModule>

7
files/pad.js
View File

@ -1,7 +0,0 @@
function customStart()
{
//define your javascript here
//jquery is available - except index.js
//you can load extra scripts with $.getScript http://api.jquery.com/jQuery.getScript/
chat.stickToScreen(true);
}

2
files/robots.txt
View File

@ -1,2 +0,0 @@
User-agent: *
Disallow: /

171
manifests/apache.pp
View File

@ -1,171 +0,0 @@
# == Class: etherpad_lite::apache
#
class etherpad_lite::apache (
$docroot = '/srv/etherpad-lite',
$serveradmin = "webmaster@${::fqdn}",
$ssl_cert_file = '',
$ssl_cert_file_contents = '', # If left empty puppet will not create file.
$ssl_chain_file = '',
$ssl_chain_file_contents = '', # If left empty puppet will not create file.
$ssl_key_file = '',
$ssl_key_file_contents = '', # If left empty puppet will not create file.
$vhost_name = $::fqdn,
# Table containing openid auth details. If undef not enabled
# Example dict:
# {
# banner => "Welcome",
# singleIdp => "https://openstackid.org",
# trusted => '^https://openstackid.org/.*$',
# any_valid_user => false,
# users => ['https://openstackid.org/foo',
# 'https://openstackid.org/bar'],
# }
# Note that if you care which users get access set any_valid_user to false
# and then provide an explicit list of openids in the users list. Otherwise
# set any_valid_user to true and any successfully authenticated user will
# get access.
$auth_openid = undef,
) {
package { 'ssl-cert':
ensure => present,
}
include ::httpd
::httpd::vhost { $vhost_name:
port => 443,
docroot => $docroot,
priority => '50',
template => 'etherpad_lite/etherpadlite.vhost.erb',
ssl => true,
}
if !defined(Httpd::Mod['rewrite']) {
httpd::mod { 'rewrite':
ensure => present,
}
}
if !defined(Httpd::Mod['proxy']) {
httpd::mod { 'proxy':
ensure => present,
}
}
if !defined(Httpd::Mod['proxy_http']) {
httpd::mod { 'proxy_http':
ensure => present,
}
}
if !defined(Httpd::Mod['proxy_wstunnel']) {
httpd::mod { 'proxy_wstunnel':
ensure => present,
}
}
if ($auth_openid != undef) {
if !defined(Package['libapache2-mod-auth-openid']) {
package { 'libapache2-mod-auth-openid':
ensure => present,
}
}
if !defined(Httpd::Mod['auth_openid']) {
httpd::mod { 'auth_openid':
ensure => present,
require => Package['libapache2-mod-auth-openid'],
}
}
}
file { '/etc/apache2':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
file { '/etc/apache2/conf-available':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
require => File['/etc/apache2'],
}
file { '/etc/apache2/conf-available/connection-tuning.conf':
ensure => present,
owner => 'root',
group => 'root',
mode => '0644',
source => 'puppet:///modules/etherpad_lite/apache-connection-tuning',
require => File['/etc/apache2/conf-available'],
}
file { '/etc/apache2/conf-enabled':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
require => File['/etc/apache2'],
}
file { '/etc/apache2/conf-enabled/connection-tuning.conf':
ensure => link,
target => '/etc/apache2/conf-available/connection-tuning.conf',
notify => Service['httpd'],
require => [
File['/etc/apache2/conf-enabled'],
File['/etc/apache2/conf-available/connection-tuning.conf'],
],
}
file { $docroot:
ensure => directory,
}
file { "${docroot}/robots.txt":
ensure => present,
source => 'puppet:///modules/etherpad_lite/robots.txt',
owner => 'root',
group => 'root',
mode => '0444',
require => File[$docroot],
}
file { '/etc/ssl/certs':
ensure => directory,
owner => 'root',
mode => '0755',
}
file { '/etc/ssl/private':
ensure => directory,
owner => 'root',
mode => '0700',
}
if $ssl_cert_file_contents != '' {
file { $ssl_cert_file:
owner => 'root',
group => 'root',
mode => '0640',
content => $ssl_cert_file_contents,
before => Httpd::Vhost[$vhost_name],
}
}
if $ssl_key_file_contents != '' {
file { $ssl_key_file:
owner => 'root',
group => 'ssl-cert',
mode => '0640',
content => $ssl_key_file_contents,
require => Package['ssl-cert'],
before => Httpd::Vhost[$vhost_name],
}
}
if $ssl_chain_file_contents != '' {
file { $ssl_chain_file:
owner => 'root',
group => 'root',
mode => '0640',
content => $ssl_chain_file_contents,
before => Httpd::Vhost[$vhost_name],
}
}
}

38
manifests/buildsource.pp
View File

@ -1,38 +0,0 @@
# == Define: buildsource
#
# define to build from source using ./configure && make && make install.
#
define etherpad_lite::buildsource(
$creates = '/nonexistant/file',
$dir = $title,
$timeout = 300,
$user = 'root',
) {
exec { "./configure in ${dir}":
command => './configure',
path => "/usr/bin:/bin:/usr/local/bin:${dir}",
user => $user,
cwd => $dir,
creates => $creates,
before => Exec["make in ${dir}"],
}
exec { "make in ${dir}":
command => 'make',
path => '/usr/bin:/bin',
user => $user,
cwd => $dir,
timeout => $timeout,
creates => $creates,
before => Exec["make install in ${dir}"],
}
exec { "make install in ${dir}":
command => 'make install',
path => '/usr/bin:/bin',
user => $user,
cwd => $dir,
creates => $creates,
}
}

190
manifests/init.pp
View File

@ -1,190 +0,0 @@
# == Class: etherpad_lite
#
# Class to install etherpad lite. Puppet acts a lot like a package manager
# through this class.
#
# To use etherpad lite you will want the following includes:
# include etherpad_lite
# include etherpad_lite::mysql # necessary to use mysql as the backend
# include etherpad_lite::site # configures etherpad lite instance
# include etherpad_lite::apache # will add reverse proxy on localhost
# The defaults for all the classes should just work (tm)
#
#
class etherpad_lite (
$base_install_dir = '/opt/etherpad-lite',
$base_log_dir = '/var/log',
$ep_ensure = 'present',
$ep_user = 'eplite',
$eplite_version = 'develop',
# If set to system will install system package.
$nodejs_version = '6.x',
) {
# where the modules are, needed to easily install modules later
$modules_dir = "${base_install_dir}/etherpad-lite/node_modules"
$path = "/usr/local/bin:/usr/bin:/bin:${base_install_dir}/etherpad-lite"
user { $ep_user:
shell => '/usr/sbin/nologin',
system => true,
gid => $ep_user,
require => Group[$ep_user],
managehome => true,
}
group { $ep_user:
ensure => present,
}
# Below is what happens when you treat puppet as a package manager.
# This is probably bad, but it works and you don't need to roll .debs.
file { $base_install_dir:
ensure => directory,
group => $ep_user,
mode => '0664',
}
package { 'abiword':
ensure => present,
}
if !defined(Package['curl']) {
package { 'curl':
ensure => present,
}
}
anchor { 'nodejs-package-install': }
if ($nodejs_version != 'system') {
class { '::nodejs':
repo_url_suffix => $nodejs_version,
legacy_debian_symlinks => false,
before => Anchor['nodejs-package-install'],
}
} else {
package { ['nodejs', 'npm']:
ensure => present,
before => Anchor['nodejs-package-install'],
}
}
file { '/usr/local/bin/node':
ensure => link,
target => '/usr/bin/nodejs',
require => Anchor['nodejs-package-install'],
before => Anchor['nodejs-anchor'],
}
anchor { 'nodejs-anchor': }
if !defined(Package['git']) {
package { 'git':
ensure => present
}
}
vcsrepo { "${base_install_dir}/etherpad-lite":
ensure => $ep_ensure,
provider => git,
source => 'https://github.com/ether/etherpad-lite.git',
owner => $ep_user,
revision => $eplite_version,
require => [
Package['git'],
User[$ep_user],
],
}
exec { 'install_etherpad_dependencies':
command => './bin/installDeps.sh',
path => $path,
user => $ep_user,
cwd => "${base_install_dir}/etherpad-lite",
environment => "HOME=/home/${ep_user}",
require => [
Package['curl'],
Vcsrepo["${base_install_dir}/etherpad-lite"],
Anchor['nodejs-anchor'],
User[$ep_user],
],
before => File["${base_install_dir}/etherpad-lite/settings.json"],
creates => "${base_install_dir}/etherpad-lite/node_modules",
}
case $::operatingsystem {
'Ubuntu': {
if $::operatingsystemrelease <= '14.04' {
file { '/etc/init/etherpad-lite.conf':
ensure => present,
content => template('etherpad_lite/upstart.erb'),
replace => true,
owner => 'root',
}
file { '/etc/init.d/etherpad-lite':
ensure => link,
target => '/lib/init/upstart-job',
}
file { "${base_log_dir}/${ep_user}":
ensure => directory,
owner => $ep_user,
}
include ::logrotate
logrotate::file { 'epliteerror':
log => "${base_log_dir}/${ep_user}/error.log",
options => [
'compress',
'copytruncate',
'missingok',
'rotate 7',
'daily',
'notifempty',
],
}
logrotate::file { 'epliteaccess':
log => "${base_log_dir}/${ep_user}/access.log",
options => [
'compress',
'copytruncate',
'missingok',
'rotate 7',
'daily',
'notifempty',
],
}
} else {
# Note logs go to syslog, can maybe change when
# https://github.com/systemd/systemd/pull/7198 is available
file { '/etc/systemd/system/etherpad-lite.service':
ensure => present,
content => template('etherpad_lite/etherpad-lite.service.erb'),
replace => true,
owner => 'root',
require => Exec['install_etherpad_dependencies'],
}
# This is a hack to make sure that systemd is aware of the new service
# before we attempt to start it.
exec { 'etherpad-lite-systemd-daemon-reload':
command => '/bin/systemctl daemon-reload',
refreshonly => true,
require => File['/etc/systemd/system/etherpad-lite.service'],
}
}
}
default: {
fail('This operating system not supported')
}
}
# end package management ugliness
}

32
manifests/mysql.pp
View File

@ -1,32 +0,0 @@
# == Class: puppet-etherpad_lite::mysql
#
class etherpad_lite::mysql(
$database_password,
$mysql_root_password,
$database_name = 'etherpad-lite',
$database_user = 'eplite',
) {
class { '::mysql::server':
root_password => $mysql_root_password,
override_options => {
'mysqld' => {
'default-storage-engine' => 'InnoDB',
}
}
}
include ::mysql::server::account_security
mysql::db { $database_name:
user => $database_user,
password => $database_password,
host => 'localhost',
grant => ['all'],
charset => 'utf8mb4',
collate => 'utf8mb4_unicode_ci',
require => [
Class['mysql::server'],
Class['mysql::server::account_security'],
],
}
}

16
manifests/plugin.pp
View File

@ -1,16 +0,0 @@
# Define to install etherpad lite plugins
#
define etherpad_lite::plugin {
$plugin_name = $name
exec { "npm install ${plugin_name}":
cwd => $etherpad_lite::modules_dir,
path => $etherpad_lite::path,
user => $etherpad_lite::ep_user,
environment => "HOME=/home/${etherpad_lite::ep_user}",
creates => "${etherpad_lite::modules_dir}/${plugin_name}",
require => [
Class['etherpad_lite'],
User[$etherpad_lite::ep_user],
],
}
}

52
manifests/site.pp
View File

@ -1,52 +0,0 @@
# == Class: etherpad_lite::site
#
class etherpad_lite::site (
$database_password,
$etherpad_title,
$database_host = 'localhost',
$database_name = 'etherpad-lite',
$database_user = 'eplite',
$db_type = 'mysql',
$session_key = '',
) {
include ::etherpad_lite
$base = $etherpad_lite::base_install_dir
service { 'etherpad-lite':
ensure => running,
enable => true,
subscribe => File["${base}/etherpad-lite/settings.json"],
}
file { "${base}/etherpad-lite/settings.json":
ensure => present,
content => template('etherpad_lite/etherpad-lite_settings.json.erb'),
replace => true,
owner => $etherpad_lite::ep_user,
group => $etherpad_lite::ep_user,
mode => '0600',
require => Class['etherpad_lite'],
before => Service['etherpad-lite'],
}
file { "${base}/etherpad-lite/src/static/custom":
ensure => directory,
owner => $etherpad_lite::ep_user,
group => $etherpad_lite::ep_user,
mode => '0755',
require => Class['etherpad_lite'],
}
file { "${base}/etherpad-lite/src/static/custom/pad.js":
ensure => present,
source => 'puppet:///modules/etherpad_lite/pad.js',
owner => $etherpad_lite::ep_user,
group => $etherpad_lite::ep_user,
mode => '0644',
require => File["${base}/etherpad-lite/src/static/custom"],
before => Service['etherpad-lite'],
}
}

11
metadata.json
View File

@ -1,11 +0,0 @@
{
"name": "openstackinfra-etherpad_lite",
"version": "0.0.1",
"author": "Openstack CI",
"summary": "Puppet module for Etherpad Lite",
"license": "Apache 2.0",
"source": "https://git.openstack.org/openstack-infra/puppet-etherpad_lite.git",
"project_page": "http://docs.openstack.org/infra/system-config/",
"issues_url": "https://storyboard.openstack.org/#!/project/800",
"dependencies": []
}

65
spec/acceptance/etherpad_lite_spec.rb
View File

@ -1,65 +0,0 @@
require 'puppet-openstack_infra_spec_helper/spec_helper_acceptance'
describe 'puppet-etherpad_lite:: manifest', :if => ['debian', 'ubuntu'].include?(os[:family]) do
def pp_path
base_path = File.dirname(__FILE__)
File.join(base_path, 'fixtures')
end
def preconditions_puppet_module
module_path = File.join(pp_path, 'preconditions.pp')
File.read(module_path)
end
before(:all) do
apply_manifest(preconditions_puppet_module, catch_failures: true)
end
def init_puppet_module
module_path = File.join(pp_path, 'etherpad_lite.pp')
File.read(module_path)
end
it 'should work with no errors' do
apply_manifest(init_puppet_module, catch_failures: true)
end
it 'should be idempotent' do
apply_manifest(init_puppet_module, catch_changes: true)
end
describe 'required files' do
describe file('/opt/etherpad-lite/') do
it { should be_directory }
it { should be_grouped_into 'eplite' }
end
# check service file installed
describe file('/etc/systemd/system/etherpad-lite.service') do
it { should be_file }
end
# check git got all the source
describe file('/opt/etherpad-lite/etherpad-lite/bin/installDeps.sh') do
it { should be_file }
end
# check npm modules installed
describe file('/home/eplite/.npm') do
it { should be_directory }
end
end
describe 'required services' do
describe 'ports are open and services are reachable' do
describe port(80) do
it { should be_listening }
end
describe command('curl -L -k http://localhost --verbose') do
its(:stdout) { should contain('randomPadName()') }
end
end
end
end

25
spec/acceptance/fixtures/etherpad_lite.pp
View File

@ -1,25 +0,0 @@
class { '::etherpad_lite::mysql':
database_password => 'password',
mysql_root_password => 'password',
}
class { '::etherpad_lite':
ep_ensure => 'latest',
eplite_version => '1.7.0',
nodejs_version => '6.x',
}
class { '::etherpad_lite::apache':
ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem',
ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key',
vhost_name => 'localhost',
}
class { '::etherpad_lite::site':
database_password => 'password',
etherpad_title => 'A fake title',
}
etherpad_lite::plugin { 'ep_headings':
require => Class['etherpad_lite'],
}

4
spec/acceptance/fixtures/preconditions.pp
View File

@ -1,4 +0,0 @@
# Installing ssl-cert in order to get snakeoil certs
package { 'ssl-cert':
ensure => present,
}

11
spec/acceptance/nodesets/default.yml
View File

@ -1,11 +0,0 @@
HOSTS:
ubuntu-server-1404-x64:
roles:
- master
platform: ubuntu-14.04-amd64
box: puppetlabs/ubuntu-14.04-64-nocm
box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm
hypervisor: vagrant
CONFIG:
log_level: debug
type: git

10
spec/acceptance/nodesets/nodepool-centos7.yml
View File

@ -1,10 +0,0 @@
HOSTS:
centos-70-x64:
roles:
- master
platform: el-7-x86_64
hypervisor: none
ip: 127.0.0.1
CONFIG:
type: foss
set_env: false

10
spec/acceptance/nodesets/nodepool-trusty.yml
View File

@ -1,10 +0,0 @@
HOSTS:
ubuntu-14.04-amd64:
roles:
- master
platform: ubuntu-14.04-amd64
hypervisor: none
ip: 127.0.0.1
CONFIG:
type: foss
set_env: false

10
spec/acceptance/nodesets/nodepool-xenial.yml
View File

@ -1,10 +0,0 @@
HOSTS:
ubuntu-16.04-amd64:
roles:
- master
platform: ubuntu-16.04-amd64
hypervisor: none
ip: 127.0.0.1
CONFIG:
type: foss
set_env: false

16
templates/etherpad-lite.service.erb
View File

@ -1,16 +0,0 @@
[Unit]
Description=Etherpad-lite, the collaborative editor.
After=syslog.target network.target
[Service]
Type=simple
User=<%= @ep_user %>
Group=<%= @ep_user %>
WorkingDirectory=<%= @base_install_dir %>/etherpad-lite
ExecStart=/usr/bin/nodejs node_modules/ep_etherpad-lite/node/server.js
Restart=always
StandardOutput=syslog
StandardError=syslog
[Install]
WantedBy=multi-user.target

120
templates/etherpad-lite_settings.json.erb
View File

@ -1,120 +0,0 @@
/*
This file must be valid JSON. But comments are allowed
Please edit settings.json, not settings.json.template
*/
{
// Name your instance!
"title": "<%= @etherpad_title %>",
//Ip and port which etherpad should bind at
"ip": "127.0.0.1",
"port" : 9001,
// favicon default name
"favicon": "favicon.ico",
// Session Key, used for reconnecting user sessions
// Set this to a secure string at least 10 characters long. Do not share this value.
"sessionKey" : "<%= @session_key %>",
//The Type of the database. You can choose between dirty, sqlite and mysql
//You should use mysql or sqlite for anything else than testing or development
"dbType" : "<%= @db_type %>",
//the database specific settings
"dbSettings" : {
"user" : "<%= @database_user %>",
"host" : "<%= @database_host %>",
"password": "<%= @database_password %>",
"database": "<%= @database_name %>"
},
//the default text of a pad
"defaultPadText" : "Welcome to Etherpad Lite!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nEtherpad Lite on Github: http:\/\/j.mp/ep-lite\n",
/* Users must have a session to access pads. This effectively allows only group pads to be accessed. */
"requireSession" : false,
/* Users may edit pads but not create new ones. Pad creation is only via the API. This applies both to group pads and regular pads. */
"editOnly" : false,
/* if true, all css & js will be minified before sending to the client. This will improve the loading performance massivly,
but makes it impossible to debug the javascript/css */
"minify" : true,
/* How long may clients use served javascript code? Without versioning this
is may cause problems during deployment. */
"maxAge" : 21600000, // 6 hours
/* This is the path to the Abiword executable. Setting it to null, disables abiword.
Abiword is needed to enable the import/export of pads*/
"abiword" : "/usr/bin/abiword",
/* This setting is used if you require authentication of all users.
Note: /admin always requires authentication. */
"requireAuthentication": false,
/* Require authorization by a module, or a user with is_admin set, see below. */
"requireAuthorization": false,
/* Users for basic authentication. is_admin = true gives access to /admin.
If you do not uncomment this, /admin will not be available! */
/*
"users": {
"admin": {
"password": "changeme1",
"is_admin": true
},
"user": {
"password": "changeme1",
"is_admin": false
}
},
*/
// restrict socket.io transport methods
"socketTransportProtocols" : ["websocket", "xhr-polling", "jsonp-polling", "htmlfile"],
/* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */
"loglevel": "INFO",
//Logging configuration. See log4js documentation for further information
// https://github.com/nomiddlename/log4js-node
// You can add as many appenders as you want here:
"logconfig" :
{ "appenders": [
{ "type": "console"
//, "category": "access"// only logs pad access
}
/*
, { "type": "file"
, "filename": "/var/log/eplite/etherpad-lite.log"
, "maxLogSize": 1024
, "backups": 30 // how many log files there're gonna be at max
//, "category": "test" // only log a specific category
}*/
/*
, { "type": "logLevelFilter"
, "level": "warn" // filters out all log messages that have a lower level than "error"
, "appender":
{ Use whatever appender you want here }
}*/
/*
, { "type": "logLevelFilter"
, "level": "error" // filters out all log messages that have a lower level than "error"
, "appender":
{ "type": "smtp"
, "subject": "An error occured in your EPL instance!"
, "recipients": "bar@blurdybloop.com, baz@blurdybloop.com"
, "sendInterval": 60*5 // in secs -- will buffer log messages; set to 0 to send a mail for every message
, "transport": "SMTP", "SMTP": { // see https://github.com/andris9/Nodemailer#possible-transport-methods
"host": "smtp.example.com", "port": 465,
"secureConnection": true,
"auth": {
"user": "foo@example.com",
"pass": "bar_foo"
}
}
}
}*/
] }
}

117
templates/etherpadlite.vhost.erb
View File

@ -1,117 +0,0 @@
<VirtualHost *:80>
ServerName <%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
ServerAdmin <%= scope.lookupvar("etherpad_lite::apache::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-access.log combined
Redirect / https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName <%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
ServerAdmin <%= scope.lookupvar("etherpad_lite::apache::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-access.log combined
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
SSLCertificateFile <%= scope.lookupvar("etherpad_lite::apache::ssl_cert_file") %>
SSLCertificateKeyFile <%= scope.lookupvar("etherpad_lite::apache::ssl_key_file") %>
<% if scope.lookupvar("etherpad_lite::apache::ssl_chain_file") != "" %>
SSLCertificateChainFile <%= scope.lookupvar("etherpad_lite::apache::ssl_chain_file") %>
<% end %>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
<% auth_openid = scope["etherpad_lite::apache::auth_openid"] %>
<% if ! [nil, :undef].include?(auth_openid) %>
<Location /p/>
AuthType OpenID
AuthName "<%= auth_openid['banner'] %>"
AuthOpenIDSecureCookie On
AuthOpenIDCookieLifespan 3600
AuthOpenIDTrustRoot https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
AuthOpenIDServerName https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
AuthOpenIDSingleIdP <%= auth_openid['singleIdp'] %>
AuthOpenIDTrusted <%= auth_openid['trusted'] %>
<% if auth_openid['any_valid_user'] %>
Require valid-user
<% elsif !auth_openid['users'].empty? %>
<% auth_openid['users'].each do |user| -%>
Require user <%= user %>
<% end -%>
<% end %>
</Location>
<% end %>
<IfModule mod_proxy.c>
# The following redirects "nice" urls such as https://etherpad.example.org/padname
# to https://etherpad.example.org/p/padname. It was problematic directly
# supporting "nice" urls as etherpad hardcodes /p/ in many places.
# Adapted from https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy
RewriteEngine on
# Do not rewrite the /server-status URL (though by default, this
# is only accessible from localhost). Connect to it with:
# ssh -L 8443:localhost:443 $HOSTNAME
# https://localhost:8443/server-status
RewriteRule ^/server-status$ /server-status [L]
RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
RewriteRule ^.*$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %> [L,R=301]
# Server robots.txt directly so that it does not affect
# etherpad-lite installation.
RewriteRule ^/robots.txt$ <%= scope.lookupvar("etherpad_lite::apache::docroot") %>/robots.txt [L]
# Refuse external connections to the API through the proxy
RewriteRule ^/api/ - [F,L]
RewriteCond %{REQUEST_URI} !^/p/
RewriteCond %{REQUEST_URI} !^/locales/
RewriteCond %{REQUEST_URI} !^/locales.json
RewriteCond %{REQUEST_URI} !^/admin
RewriteCond %{REQUEST_URI} !^/p/
RewriteCond %{REQUEST_URI} !^/static/
RewriteCond %{REQUEST_URI} !^/pluginfw/
RewriteCond %{REQUEST_URI} !^/javascripts/
RewriteCond %{REQUEST_URI} !^/socket.io/
RewriteCond %{REQUEST_URI} !^/ep/
RewriteCond %{REQUEST_URI} !^/minified/
RewriteCond %{REQUEST_URI} !^/api/
RewriteCond %{REQUEST_URI} !^/ro/
RewriteCond %{REQUEST_URI} !^/error/
RewriteCond %{REQUEST_URI} !^/jserror
RewriteCond %{REQUEST_URI} !/favicon.ico
RewriteCond %{REQUEST_URI} !/robots.txt
RewriteRule ^/+(.+)$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/p/$1 [NC,L,R=301]
<IfModule mod_proxy_wstunnel.c>
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://localhost:9001/$1 [P,L]
ProxyPass /socket.io http://localhost:9001/socket.io retry=0
ProxyPassReverse /socket.io http://localhost:9001/socket.io
</IfModule>
ProxyPass / http://localhost:9001/ retry=0
ProxyPassReverse / http://localhost:9001/
</IfModule>
</VirtualHost>
</IfModule>

29
templates/upstart.erb
View File

@ -1,29 +0,0 @@
description "etherpad-lite"
start on started networking
stop on runlevel [!2345]
env EPHOME=<%= @base_install_dir %>/etherpad-lite
env EPLOGS=<%= @base_log_dir %>/<%= @ep_user %>
env EPUSER=<%= @ep_user %>
respawn
pre-start script
chdir $EPHOME
mkdir $EPLOGS ||true
chown -R $EPUSER:admin $EPLOGS ||true
chmod 0755 $EPLOGS ||true
chown -R $EPUSER:admin $EPHOME/var ||true
bin/installDeps.sh >> $EPLOGS/error.log || { stop; exit 1; }
end script
setuid <%= @ep_user %>
setgid <%= @ep_user %>
limit nofile 8192 16384
script
cd $EPHOME
/usr/local/bin/node --stack_size=1968 node_modules/ep_etherpad-lite/node/server.js \
>> $EPLOGS/access.log \
2>> $EPLOGS/error.log
end script