Puppet Class: profile::tcpircbot

Defined in:
modules/profile/manifests/tcpircbot.pp

Overview

Parameters:

  • ensure (Wmflib::Ensure) (defaults to: lookup('profile::tcpircbot::ensure'))
  • irc_host (Stdlib::Host) (defaults to: lookup('profile::tcpircbot::irc::host'))
  • irc_port (Stdlib::Port) (defaults to: lookup('profile::tcpircbot::irc::port'))


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
# File 'modules/profile/manifests/tcpircbot.pp', line 1

class profile::tcpircbot(
    Wmflib::Ensure $ensure = lookup('profile::tcpircbot::ensure'),
    Stdlib::Host $irc_host = lookup('profile::tcpircbot::irc::host'),
    Stdlib::Port $irc_port = lookup('profile::tcpircbot::irc::port'),
){

    include passwords::logmsgbot
    class {'tcpircbot': }

    tcpircbot::instance { 'logmsgbot':
        ensure      => $ensure,
        listen_port => 9200,
        channels    => '#wikimedia-operations',
        password    => $passwords::logmsgbot::logmsgbot_password,
        server_host => $irc_host,
        server_port => $irc_port,
        cidr        => [
            '::ffff:127.0.0.1/128',             # loopback
            '::ffff:10.64.32.28/128',           # deployment eqiad v4: deploy1002
            '2620:0:861:103:10:64:32:28/128',   # deployment eqiad v6: deploy1002
            '::ffff:10.192.32.7/128',           # deployment codfw v4: deploy2002
            '2620:0:860:103:10:192:32:7/128',   # deployment codfw v6: deploy2002
            '::ffff:10.64.16.77/128',           # maintenance eqiad v4: mwmaint1002
            '2620:0:861:102:10:64:16:77/128',   # maintenance eqiad v6: mwmaint1002
            '::ffff:10.192.32.34/128',          # maintenance codfw v4: mwmaint2002
            '2620:0:860:103:10:192:32:34/128',  # maintenance codfw v6: mwmaint2002
            '::ffff:10.64.16.73/128',           # puppetmaster1001.eqiad.wmnet
            '2620:0:861:102:10:64:16:73/128',   # puppetmaster1001.eqiad.wmnet
            '::ffff:10.192.0.27/128',           # puppetmaster2001.codfw.wmnet
            '2620:0:860:101:10:192:0:27/128',   # puppetmaster2001.codfw.wmnet
            '::ffff:10.64.48.98/128',           # cumin1002.eqiad.wmnet
            '2620:0:861:107:10:64:48:98/128',   # cumin1002.eqiad.wmnet
            '::ffff:10.192.32.49/128',          # cumin2002.codfw.wmnet
            '2620:0:860:103:10:192:32:49/128',  # cumin2002.codfw.wmnet
        ],
    }
    tcpircbot::instance { 'logmsgbot_cloud':
        ensure      => $ensure,
        listen_port => 9201,
        channels    => '#wikimedia-cloud-feed',
        password    => $passwords::logmsgbot::logmsgbot_password,
        server_host => $irc_host,
        server_port => $irc_port,
        cidr        => [
            '::ffff:127.0.0.1/128',             # loopback
            '::ffff:10.64.48.148/128',          # cloudcumin1001.eqiad.wmnet
            '2620:0:861:107:10:64:48:148/128',  # cloudcumin1001.eqiad.wmnet
            '::ffff:10.192.32.140/128',         # cloudcumin2001.codfw.wmnet
            '2620:0:860:103:10:192:32:140/128', # cloudcumin2001.codfw.wmnet
        ],
    }

    $allowed_hosts_prod = [
        'deploy1002.eqiad.wmnet',       # deployment eqiad
        'deploy2002.codfw.wmnet',       # deployment codfw
        'puppetmaster1001.eqiad.wmnet', # puppet eqiad
        'puppetmaster2001.codfw.wmnet', # puppet codfw
        'mwmaint1002.eqiad.wmnet',      # maintenance eqiad
        'mwmaint2002.codfw.wmnet',      # maintenance codfw
        'cumin1002.eqiad.wmnet',        # cluster mgmt eqiad
        'cumin2002.codfw.wmnet',        # cluster mgmt codfw
    ]
    $allowed_hosts_cloud = [
        'cloudcumin1001.eqiad.wmnet',   # cloud cluster mgmt eqiad
        'cloudcumin2001.codfw.wmnet',   # cloud cluster mgmt codfw
    ]

    $allowed_hosts_prod_ferm = join($allowed_hosts_prod, ' ')
    ferm::service { 'tcpircbot_allowed':
        proto  => 'tcp',
        port   => '9200',
        srange => "(@resolve((${allowed_hosts_prod_ferm})) @resolve((${allowed_hosts_prod_ferm}), AAAA))",
    }

    $allowed_hosts_cloud_ferm = join($allowed_hosts_cloud, ' ')
    ferm::service { 'tcpircbot_cloud_allowed':
        proto  => 'tcp',
        port   => '9201',
        srange => "(@resolve((${allowed_hosts_cloud_ferm})) @resolve((${allowed_hosts_cloud_ferm}), AAAA))",
    }
}