Puppet Class: vopsbot

Defined in:

modules/vopsbot/manifests/init.pp

Summary

install and run vopsbot

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

• users (Hash[String, Vopsbot::User]) —

  list of authorised users

• irc_server (String) —

  the irc server to connect to

• server_port (Stdlib::Port) —

  the irc server port to connect to

• nickname (String) —

  irc nick to use

• irc_channels (Array[String]) —

  list of channels to join

• password (String) —

  irc password to use

• vo_api_id (String) —

  VictorOps ID

• vo_api_key (String) —

  VictorOps API key

• active_alert_host —

  fqdn of the active alert host

• passive_alert_hosts —

  array of fqdn of the passive alertmanager hosts

• database_name (String) (defaults to: 'ircbot') —

  name of the database to use

• run_service (Boolean) (defaults to: false) —

  indicate if we should run the service

• daemon_user (String) (defaults to: 'vopsbot') —

  the user used to run the vopsbot daemon

• alertmanager_active_host (Stdlib::Host)
• alertmanager_passive_hosts (Array[Stdlib::Host])
• vo_rotation (String) (defaults to: '247_policy')

# File 'modules/vopsbot/manifests/init.pp', line 16

class vopsbot(
    Hash[String, Vopsbot::User] $users,
    String $irc_server,
    Stdlib::Port $server_port,
    String $nickname,
    Array[String] $irc_channels,
    String $password,
    String $vo_api_id,
    String $vo_api_key,
    Stdlib::Host $alertmanager_active_host,
    Array[Stdlib::Host] $alertmanager_passive_hosts,
    String $database_name = 'ircbot',
    Boolean $run_service = false,
    String $daemon_user = 'vopsbot',
    String $vo_rotation = '247_policy',
) {
    $data_path = '/srv/vopsbot'
    # Install the software
    package { 'vopsbot':
        ensure => present,
    }

    # TODO: add this to the debian package
    # https://gitlab.wikimedia.org/repos/sre/vopsbot/-/merge_requests/8
    systemd::sysuser { $daemon_user:
        ensure      => present,
        home_dir    => $data_path,
        description => 'vopsbot runner',
    }

    # configuration
    file { '/etc/vopsbot':
        ensure => directory,
        owner  => $daemon_user,
    }
    $ircbot_config = '/etc/vopsbot/ircbot-config.json'
    $user_config = '/etc/vopsbot/users.yaml'
    $db_path = "${data_path}/${database_name}.db"
    $config = {
        'server' => $irc_server,
        'port' => $server_port,
        'use_tls' => true,
        'use_sasl' => true,
        'nick' => $nickname,
        'password' => $password,
        'channels' => $irc_channels,
        'db_dsn'   => "sqlite3://file:${db_path}",
    }

    file { $ircbot_config:
        ensure  => file,
        owner   => $daemon_user,
        group   => $daemon_user,
        mode    => '0440',
        content => to_json($config),
        notify  => Systemd::Service['vopsbot'],
    }

    file { $user_config:
        ensure  => file,
        owner   => $daemon_user,
        group   => $daemon_user,
        mode    => '0440',
        content => to_yaml($users),
        notify  => Systemd::Service['vopsbot'],
    }

    file { $data_path:
        ensure => directory,
        owner  => $daemon_user,
        group  => $daemon_user,
        mode   => '0755',
    }
    # pre-generate the database
    # TODO: maybe use mysql
    $schema_file = "${data_path}/schema.sql"
    file { $schema_file:
        ensure => file,
        owner  => $daemon_user,
        group  => $daemon_user,
        mode   => '0440',
        source => 'puppet:///modules/vopsbot/schema.sql',
    }

    sqlite::db { 'vopsbot':
        ensure     => 'present',
        owner      => $daemon_user,
        group      => $daemon_user,
        db_path    => $db_path,
        sql_schema => $schema_file,
        require    => File[$schema_file],
    }

    if length($alertmanager_passive_hosts) > 0 {
        rsync::quickdatacopy { 'vopsbot-sync-db':
            ensure              => present,
            auto_sync           => true,
            source_host         => $alertmanager_active_host,
            dest_host           => $alertmanager_passive_hosts,
            module_path         => $data_path,
            server_uses_stunnel => true,
            chown               => "${daemon_user}:${daemon_user}",
        }
    }

    systemd::service { 'vopsbot':
        ensure   => $run_service.bool2str('present', 'absent'),
        override => false,
        content  => template('vopsbot/systemd.unit.erb'),
        require  => Systemd::Sysuser[$daemon_user],
    }

    profile::auto_restarts::service { 'vopsbot':
        ensure => stdlib::ensure($run_service)
    }
}