Puppet Class: scap::master

Defined in:

modules/scap/manifests/master.pp

Overview

class: scap::master

Sets up a scap master (currently deploy1001 and deploy2001)

Parameters:

• common_path (Any) (defaults to: '/srv/mediawiki')
• common_source_path (Any) (defaults to: '/srv/mediawiki-staging')
• patches_path (Any) (defaults to: '/srv/patches')
• deployment_group (Any) (defaults to: 'wikidev')
• deployment_hosts (Array[String]) (defaults to: [])

# File 'modules/scap/manifests/master.pp', line 4

class scap::master(
    $common_path        = '/srv/mediawiki',
    $common_source_path = '/srv/mediawiki-staging',
    $patches_path       = '/srv/patches',
    $deployment_group   = 'wikidev',
    Array[String] $deployment_hosts = [],
) {
    include network::constants

    require_package('python3-service-checker', 'python3-pygerrit2')

    git::clone { 'operations/mediawiki-config':
        ensure             => present,
        directory          => $common_source_path,
        owner              => 'mwdeploy',
        group              => $deployment_group,
        shared             => true,
        before             => Exec['fetch_mediawiki'],
        recurse_submodules => true,
    }

    # Install the commit-msg hook from gerrit

    file { "${common_source_path}/.git/hooks/commit-msg":
        ensure  => present,
        owner   => 'mwdeploy',
        group   => $deployment_group,
        mode    => '0775',
        source  => 'puppet:///modules/scap/commit-msg',
        require => Git::Clone['operations/mediawiki-config'],
    }

    rsync::server::module { 'common':
        path        => $common_source_path,
        read_only   => 'yes',
        hosts_allow => $::network::constants::mw_appserver_networks;
    }

    rsync::server::module { 'patches':
        path        => $patches_path,
        read_only   => 'yes',
        hosts_allow => $deployment_hosts
    }

    class { 'scap::l10nupdate':
        deployment_group => $deployment_group,
        run_l10nupdate   => false,
    }

    file { '/usr/local/bin/scap-master-sync':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0555',
        source => 'puppet:///modules/scap/scap-master-sync',
    }

    # Allow rsync of common module to mediawiki-staging as root.
    # This is for master-master sync of /srv/mediawiki-staging
    sudo::user { 'scap-master-sync':
        user       => 'mwdeploy',
        privileges => [
            'ALL = (root) NOPASSWD: /usr/local/bin/scap-master-sync',
        ]
    }
}