Puppet Class: profile::klaxon

Defined in:
modules/profile/manifests/klaxon.pp

Overview

Parameters:

  • config (Klaxon::Klaxon_config) (defaults to: lookup('profile::klaxon::klaxon_config', {'merge' => hash}))
  • escalation_policy_slug (String) (defaults to: lookup('profile::klaxon::escalation_policy_slug')) 


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'modules/profile/manifests/klaxon.pp', line 1

class profile::klaxon (
    Klaxon::Klaxon_config $config   = lookup('profile::klaxon::klaxon_config', {'merge' => hash}),
    String $escalation_policy_slug  = lookup('profile::klaxon::escalation_policy_slug'),
) {
    $port = 4667

    class {'klaxon':
        escalation_policy_slug => $escalation_policy_slug,
        port                   => $port,
        config                 => $config,
    }

    $ssl_settings = ssl_ciphersuite('apache', 'strong', true)

    profile::idp::client::httpd::site {'klaxon.wikimedia.org':
        require         => [
            Acme_chief::Cert['icinga'],
        ],
        vhost_content   => 'profile/idp/client/httpd-klaxon.erb',
        # These four groups are the best current proxy for "trusted contributors".
        required_groups => [
            'cn=nda,ou=groups,dc=wikimedia,dc=org',
            'cn=ops,ou=groups,dc=wikimedia,dc=org',
            'cn=wmf,ou=groups,dc=wikimedia,dc=org',
            'cn=wmde,ou=groups,dc=wikimedia,dc=org',
        ],
        # This is the common prefix of all login-required handlers in Klaxon.
        protected_uri   => '/protected/',
        vhost_settings  => { port => $port },
    }
}