Puppet Class: phabricator::aphlict

Defined in:
modules/phabricator/manifests/aphlict.pp

Overview

Class: phabricator::aphlict

Aphlict is the phabricator real-time notification relay service. Docs: secure.phabricator.com/book/phabricator/article/notifications/

Parameters

ensure

either present / absent

user

The user account that aphlict runs with

group

Group for the aphlict service

basedir

Phabricator base directory

enable_ssl

should ssl be enabled on the client port. Set to true to terminate tls in aphlict, set to false if tls is terminated in envoy.

sslcert

path to the ssl cert for aphlict

sslkey

path to the ssl certificate private key

sslchain

path to the ssl certificate chain file

Parameters:

  • ensure (Wmflib::Ensure)
  • user (String) (defaults to: 'aphlict')
  • group (String) (defaults to: 'aphlict')
  • basedir (Stdlib::Unixpath) (defaults to: '/srv/phab')
  • enable_ssl (Boolean) (defaults to: false)
  • sslcert (Optional[Stdlib::Unixpath]) (defaults to: undef)
  • sslkey (Optional[Stdlib::Unixpath]) (defaults to: undef)
  • sslchain (Optional[Stdlib::Unixpath]) (defaults to: undef)


31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# File 'modules/phabricator/manifests/aphlict.pp', line 31

class phabricator::aphlict(
    Wmflib::Ensure $ensure,
    String $user = 'aphlict',
    String $group = 'aphlict',
    Stdlib::Unixpath $basedir = '/srv/phab',
    Boolean $enable_ssl = false,
    Optional[Stdlib::Unixpath] $sslcert = undef,
    Optional[Stdlib::Unixpath] $sslkey = undef,
    Optional[Stdlib::Unixpath] $sslchain = undef,
) {

    # packages
    require_package('nodejs')

    # paths
    $phabdir = "${basedir}/phabricator/"
    $aphlict_dir = "${phabdir}/support/aphlict/server"
    $node_modules = "${aphlict_dir}/node_modules"
    $aphlict_conf = "${basedir}/aphlict/config.json"
    $aphlict_start_cmd = "${phabdir}bin/aphlict start --config ${aphlict_conf}"
    $aphlict_stop_cmd = "${phabdir}bin/aphlict stop --config ${aphlict_conf}"

    # Ordering
    Package['nodejs'] -> File[$aphlict_conf] ~> Service['aphlict']
    File['/var/run/aphlict/'] -> File['/var/log/aphlict/'] -> Service['aphlict']
    User[$user] -> Service['aphlict']
    File[$node_modules] ~> Service['aphlict']

    if $ensure == 'present' {
        $directory = 'directory'
        $service_ensure = 'running'
    } else {
        $directory = 'absent'
        $service_ensure = 'stopped'
    }


    # Defines
    file { $node_modules:
        ensure => 'link',
        target => "${basedir}/aphlict/node_modules",
    }

    file { $aphlict_conf:
        ensure  => $ensure,
        content => template('phabricator/aphlict-config.json.erb'),
        owner   => $user,
        group   => $group,
        mode    => '0644',
    }

    file { '/var/run/aphlict/':
        ensure => $directory,
        owner  => $user,
        group  => $group,
    }

    file { '/var/log/aphlict/':
        ensure => $directory,
        owner  => $user,
        group  => $group,
    }

    logrotate::conf { 'aphlict':
        ensure  => $ensure,
        source  => 'puppet:///modules/phabricator/logrotate_aphlict',
        require => File['/var/log/aphlict/'],
    }

    # accounts
    group { $group:
        ensure => 'present',
        system => true,
    }

    user { $user:
        gid     => $group,
        shell   => '/bin/false',
        home    => '/var/run/aphlict',
        system  => true,
        require => Group[$group],
    }

    systemd::service { 'aphlict':
        ensure         => $ensure,
        content        => systemd_template('aphlict'),
        require        => User[$user],
        service_params => {
            hasrestart => false,
        },
    }

}