Puppet Class: sentry

Defined in:
modules/sentry/manifests/init.pp

Overview

Class: sentry

Sentry is a real-time, platform-agnostic error logging and aggregation platform.

Parameters

db_pass

Password for MySQL account.

server_name

Domain name under which Sentry will be available.

git_branch

Which branch to check out.

secret_key

The secret key required by Sentry.

admin_email

Email address of the application administrator.

admin_pass

Password of the Sentry superuser.

Parameters:

  • db_pass (Any)
  • server_name (Any)
  • secret_key (Any)
  • admin_pass (Any)
  • admin_email (Any) (defaults to: 'noc@wikimedia.org')
  • git_branch (Any) (defaults to: 'master')


26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# File 'modules/sentry/manifests/init.pp', line 26

class sentry (
    $db_pass,
    $server_name,
    $secret_key,
    $admin_pass,
    $admin_email = 'noc@wikimedia.org',
    $git_branch  = 'master',
) {
    include ::nginx
    include ::nginx::ssl
    include ::postgresql::server

    require sentry::packages

    redis::instance { '6379': }

    git::clone { 'operations/software/sentry':
        ensure    => latest,
        directory => '/srv/sentry',
        branch    => $git_branch,
    }

    group { 'sentry':
        ensure => present,
        system => true,
    }

    user { 'sentry':
        gid    => 'sentry',
        shell  => '/bin/false',
        home   => '/nonexistent',
        system => true,
    }

    file { '/etc/sentry.conf.py':
        content => template('sentry/sentry.conf.py.erb'),
        owner   => 'sentry',
        group   => 'sentry',
        mode    => '0640',
        require => Git::Clone['operations/software/sentry'],
    }

    file { '/etc/sentry.d':
        ensure => directory,
        owner  => 'sentry',
        group  => 'sentry',
        mode   => '0750',
    }

    file { '/usr/local/sbin/sentry-auth':
        source  => 'puppet:///modules/sentry/sentry-auth.py',
        owner   => 'root',
        group   => 'root',
        mode    => '0555',
        require => File['/etc/sentry.conf.py'],
    }

    postgresql::user { 'sentry':
        user      => 'sentry',
        password  => $db_pass,
        pgversion => '9.4',
        require   => File['/etc/sentry.conf.py'],
    }

    postgresql::db { 'sentry':
        name    => 'sentry',
        owner   => 'sentry',
        require => Postgresql::User['sentry'],
    }

    exec { 'initialize_sentry_database':
        command     => '/srv/sentry/bin/sentry upgrade --noinput',
        unless      => '/usr/bin/pg_dump --schema-only --dbname=sentry --table=sentry_*',
        environment => 'SENTRY_CONF=/etc/sentry.conf.py',
        user        => 'sentry',
        require     => Postgresql::Db['sentry'],
    }

    exec { 'create_sentry_admin':
        command => "/usr/local/sbin/sentry-auth set ${admin_email} ${admin_pass}",
        unless  => "/usr/local/sbin/sentry-auth check ${admin_email} ${admin_pass}",
        user    => 'sentry',
        require => Exec['initialize_sentry_database'],
    }

    systemd::service { 'sentry-worker':
        content   => systemd_template('sentry-worker'),
        restart   => true,
        subscribe => File['/etc/sentry.conf.py'],
        require   => Exec['initialize_sentry_database'],
    }

    systemd::service { 'sentry':
        content   => systemd_template('sentry'),
        restart   => true,
        subscribe => File['/etc/sentry.conf.py'],
        require   => Systemd::Service['sentry-worker'],
    }

    nginx::site { 'sentry':
        content => template('sentry/sentry.nginx.erb'),
    }
}