Puppet Class: profile::superset::proxy

Defined in:
modules/profile/manifests/superset/proxy.pp

Overview

Class profile::superset::proxy

Sets up a WMF HTTP LDAP auth proxy.

Parameters:

  • ldap_config (Hash) (defaults to: lookup('ldap', Hash, hash, {}))
  • x_forwareded_proto (String) (defaults to: lookup('profile::superset::proxy::x_forwareded_proto', {'default_value' => 'https'}))


5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# File 'modules/profile/manifests/superset/proxy.pp', line 5

class profile::superset::proxy (
    Hash $ldap_config          = lookup('ldap', Hash, hash, {}),
    String $x_forwareded_proto = lookup('profile::superset::proxy::x_forwareded_proto', {'default_value' => 'https'}),
) {

    require ::profile::analytics::httpd::utils

    include ::profile::prometheus::apache_exporter

    class { '::httpd':
        modules => ['proxy_http',
                    'proxy',
                    'headers',
                    'auth_basic',
                    'authnz_ldap']
    }

    class { '::passwords::ldap::production': }

    $proxypass = $passwords::ldap::production::proxypass
    $ldap_server_primary = $ldap_config['ro-server']
    $ldap_server_fallback = $ldap_config['ro-server-fallback']

    # Set up the VirtualHost
    httpd::site { 'superset.wikimedia.org':
        content => template('profile/superset/proxy/superset.wikimedia.org.erb'),
        require => File['/var/www/health_check'],
    }

    ferm::service { 'superset-http':
        proto  => 'tcp',
        port   => '80',
        srange => '$CACHES',
    }
}