Puppet Class: phabricator::aphlict

Defined in:
modules/phabricator/manifests/aphlict.pp

Overview

Class: phabricator::aphlict

Aphlict is the phabricator real-time notification relay service. Docs: secure.phabricator.com/book/phabricator/article/notifications/

Parameters

ensure

either present / absent

user

The user account that aphlict runs with

group

Group for the aphlict service

basedir

Phabricator base directory

enable_ssl

should ssl be enabled on the client port. Set to true to terminate tls in aphlict, set to false if tls is terminated in envoy.

sslcert

path to the ssl cert for aphlict

sslkey

path to the ssl certificate private key

sslchain

path to the ssl certificate chain file

admin_port

port used for the aphlict admin interface (default: 22281)

admin_ip

IP address used for the aphlict admin interface (default: 127.0.0.1)

Parameters:

  • ensure (Wmflib::Ensure)
  • user (String) (defaults to: 'aphlict')
  • group (String) (defaults to: 'aphlict')
  • basedir (Stdlib::Unixpath) (defaults to: '/srv/phab')
  • enable_ssl (Boolean) (defaults to: false)
  • sslcert (Optional[Stdlib::Unixpath]) (defaults to: undef)
  • sslkey (Optional[Stdlib::Unixpath]) (defaults to: undef)
  • sslchain (Optional[Stdlib::Unixpath]) (defaults to: undef)
  • admin_port (Stdlib::Port) (defaults to: 22281)
  • admin_ip (Stdlib::Ip_address) (defaults to: '127.0.0.1')


38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# File 'modules/phabricator/manifests/aphlict.pp', line 38

class phabricator::aphlict(
    Wmflib::Ensure $ensure,
    String $user = 'aphlict',
    String $group = 'aphlict',
    Stdlib::Unixpath $basedir = '/srv/phab',
    Boolean $enable_ssl = false,
    Optional[Stdlib::Unixpath] $sslcert = undef,
    Optional[Stdlib::Unixpath] $sslkey = undef,
    Optional[Stdlib::Unixpath] $sslchain = undef,
    Stdlib::Port $admin_port = 22281,
    Stdlib::Ip_address $admin_ip = '127.0.0.1',
) {

    # packages
    require_package('nodejs')

    # paths
    $phabdir = "${basedir}/phabricator/"
    $aphlict_dir = "${phabdir}/support/aphlict/server"
    $node_modules = "${aphlict_dir}/node_modules"
    $aphlict_conf = "${basedir}/aphlict/config.json"
    $aphlict_start_cmd = "${phabdir}bin/aphlict start --config ${aphlict_conf}"
    $aphlict_stop_cmd = "${phabdir}bin/aphlict stop --config ${aphlict_conf}"

    # Ordering
    Package['nodejs'] -> File[$aphlict_conf] ~> Service['aphlict']
    File['/var/run/aphlict/'] -> File['/var/log/aphlict/'] -> Service['aphlict']
    User[$user] -> Service['aphlict']
    File[$node_modules] ~> Service['aphlict']

    if $ensure == 'present' {
        $service_ensure = 'running'
    } else {
        $service_ensure = 'stopped'
    }


    # Defines
    file { $node_modules:
        ensure => 'link',
        target => "${basedir}/aphlict/node_modules",
    }

    file { $aphlict_conf:
        ensure  => $ensure,
        content => template('phabricator/aphlict-config.json.erb'),
        owner   => $user,
        group   => $group,
        mode    => '0644',
    }

    file { '/var/run/aphlict/':
        ensure => 'directory',
        owner  => $user,
        group  => $group,
    }

    file { '/var/log/aphlict/':
        ensure => 'directory',
        owner  => $user,
        group  => $group,
    }

    logrotate::conf { 'aphlict':
        ensure  => $ensure,
        source  => 'puppet:///modules/phabricator/logrotate_aphlict',
        require => File['/var/log/aphlict/'],
    }

    # accounts
    group { $group:
        ensure => 'present',
        system => true,
    }

    user { $user:
        gid     => $group,
        shell   => '/bin/false',
        home    => '/var/run/aphlict',
        system  => true,
        require => Group[$group],
    }

    systemd::service { 'aphlict':
        ensure         => $ensure,
        content        => systemd_template('aphlict'),
        require        => User[$user],
        service_params => {
            hasrestart => false,
        },
    }

}