diff --git a/files/zuul.init b/files/zuul.init index 80fa2f1..6119a37 100755 --- a/files/zuul.init +++ b/files/zuul.init @@ -18,7 +18,7 @@ NAME=zuul DAEMON=/usr/local/bin/zuul-server PIDFILE=/var/run/$NAME/$NAME.pid SCRIPTNAME=/etc/init.d/$NAME -USER=jenkins +USER=zuul # Exit if the package is not installed [ -x "$DAEMON" ] || exit 0 diff --git a/manifests/init.pp b/manifests/init.pp index 6e83c52..5ee7d04 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,16 +1,21 @@ # == Class: zuul # class zuul ( + $vhost_name = $::fqdn, + $serveradmin = "webmaster@${::fqdn}", $jenkins_server = '', $jenkins_user = '', $jenkins_apikey = '', $gerrit_server = '', $gerrit_user = '', + $zuul_ssh_private_key = '', $url_pattern = '', - $status_url = "https://${::fqdn}/zuul/status", + $status_url = "https://${::fqdn}/", $git_source_repo = 'https://github.com/openstack-ci/zuul.git', $push_change_refs = false ) { + include apache + $packages = [ 'python-webob', 'python-daemon', @@ -22,6 +27,19 @@ class zuul ( ensure => present, } + user { 'zuul': + ensure => present, + home => '/home/zuul', + shell => '/bin/bash', + gid => 'zuul', + managehome => true, + require => Group['zuul'], + } + + group { 'zuul': + ensure => present, + } + # A lot of things need yaml, be conservative requiring this package to avoid # conflicts with other modules. if ! defined(Package['python-yaml']) { @@ -71,40 +89,56 @@ class zuul ( # at some point, but that still has some problems. file { '/etc/zuul/zuul.conf': ensure => present, - owner => 'jenkins', + owner => 'zuul', mode => '0400', content => template('zuul/zuul.conf.erb'), require => [ File['/etc/zuul'], - Package['jenkins'], + User['zuul'], ], } file { '/var/log/zuul': ensure => directory, - owner => 'jenkins', - require => Package['jenkins'], + owner => 'zuul', + require => User['zuul'], } file { '/var/run/zuul': ensure => directory, - owner => 'jenkins', - require => Package['jenkins'], + owner => 'zuul', + require => User['zuul'], } file { '/var/lib/zuul': ensure => directory, - owner => 'jenkins', - require => Package['jenkins'], + owner => 'zuul', + require => User['zuul'], } file { '/var/lib/zuul/git': ensure => directory, - owner => 'jenkins', - require => Package['jenkins'], + owner => 'zuul', + require => User['zuul'], } - file { '/etc/init.d/zuul/': + file { '/var/lib/zuul/ssh': + ensure => directory, + owner => 'zuul', + group => 'zuul', + mode => '0500', + require => File['/var/lib/zuul'], + } + + file { '/var/lib/zuul/ssh/id_rsa': + owner => 'zuul', + group => 'zuul', + mode => '0400', + require => File['/var/lib/zuul/ssh'], + content => $zuul_ssh_private_key, + } + + file { '/etc/init.d/zuul': ensure => present, owner => 'root', group => 'root', @@ -124,4 +158,21 @@ class zuul ( hasrestart => true, require => File['/etc/init.d/zuul'], } + + apache::vhost { $vhost_name: + port => 443, + docroot => 'MEANINGLESS ARGUMENT', + priority => '50', + template => 'zuul/zuul.vhost.erb', + } + a2mod { 'rewrite': + ensure => present, + } + a2mod { 'proxy': + ensure => present, + } + a2mod { 'proxy_http': + ensure => present, + } + } diff --git a/templates/zuul.conf.erb b/templates/zuul.conf.erb index 960cf55..25a1609 100644 --- a/templates/zuul.conf.erb +++ b/templates/zuul.conf.erb @@ -6,7 +6,7 @@ apikey=<%= jenkins_apikey %> [gerrit] server=<%= gerrit_server %> user=<%= gerrit_user %> -sshkey=/var/lib/jenkins/.ssh/id_rsa +sshkey=/var/lib/zuul/ssh/id_rsa [zuul] layout_config=/etc/zuul/layout.yaml diff --git a/templates/zuul.vhost.erb b/templates/zuul.vhost.erb new file mode 100644 index 0000000..1c5351e --- /dev/null +++ b/templates/zuul.vhost.erb @@ -0,0 +1,20 @@ +:80> + ServerAdmin <%= scope.lookupvar("::zuul::serveradmin") %> + + ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("::zuul::vhost_name") %>-error.log + + LogLevel warn + + CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("::zuul::vhost_name") %>-access.log combined + + RewriteEngine on + RewriteRule /zuul/status http://127.0.0.1:8001/status [P] + RewriteRule / http://127.0.0.1:8001/status [P] + + SetEnv GIT_PROJECT_ROOT /var/lib/zuul/git/ + SetEnv GIT_HTTP_EXPORT_ALL + + AliasMatch ^/p/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/lib/zuul/git/$1 + AliasMatch ^/p/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/lib/zuul/git/$1 + ScriptAlias /p/ /usr/lib/git-core/git-http-backend/ +