From 2d48ee78bf3bb9b848afa872deaca49376b7106a Mon Sep 17 00:00:00 2001 From: Evgeni Golov Date: Fri, 19 Jul 2024 15:02:06 +0200 Subject: [PATCH] add dedicated debian repo profile --- Vagrantfile | 11 ++++++++ puppet/data/common.yaml | 1 + puppet/data/vagrant.yaml | 2 ++ puppet/manifests/site.pp | 5 ++++ puppet/modules/freight/manifests/init.pp | 13 +++------ puppet/modules/freight/manifests/user.pp | 2 +- puppet/modules/profiles/manifests/repo/deb.pp | 27 +++++++++++++++++++ puppet/modules/profiles/manifests/web.pp | 3 +++ puppet/modules/web/manifests/vhost/deb.pp | 1 + vagrant/manifests/default.pp | 4 +++ 10 files changed, 59 insertions(+), 10 deletions(-) create mode 100644 puppet/modules/profiles/manifests/repo/deb.pp diff --git a/Vagrantfile b/Vagrantfile index f76fd4e89..22f7f33cb 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -123,4 +123,15 @@ Vagrant.configure("2") do |config| provider.vm.box_url = CENTOS_9_BOX_URL end end + + config.vm.define "repo-deb" do |override| + override.vm.hostname = "repo-deb" + override.vm.box = "centos/stream9" + + override.vm.provider "libvirt" do |libvirt, provider| + libvirt.memory = "2048" + libvirt.machine_virtual_size = 40 + provider.vm.box_url = CENTOS_9_BOX_URL + end + end end diff --git a/puppet/data/common.yaml b/puppet/data/common.yaml index 85da91a96..18e46c4e0 100644 --- a/puppet/data/common.yaml +++ b/puppet/data/common.yaml @@ -1,6 +1,7 @@ --- stable_release: '3.11' profiles::web::stable: '%{alias("stable_release")}' +profiles::repo::deb::stable: '%{alias("stable_release")}' backup_servicename: 'backups.theforeman.org' backup_username: 'backup-%{facts.networking.hostname}' diff --git a/puppet/data/vagrant.yaml b/puppet/data/vagrant.yaml index 18a8f1c84..de705fbea 100644 --- a/puppet/data/vagrant.yaml +++ b/puppet/data/vagrant.yaml @@ -22,4 +22,6 @@ profiles::jenkins::node::swap_size_mb: 0 profiles::web::https: false +profiles::repo::deb::https: false + redmine::https: false diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp index 9f87c0e1d..392eb3326 100644 --- a/puppet/manifests/site.pp +++ b/puppet/manifests/site.pp @@ -41,3 +41,8 @@ include profiles::base include profiles::web } + +node /^repo-deb\d+\.[a-z]+\.theforeman\.org$/ { + include profiles::base + include profiles::repo::deb +} diff --git a/puppet/modules/freight/manifests/init.pp b/puppet/modules/freight/manifests/init.pp index 4ad0f537e..bef7856eb 100644 --- a/puppet/modules/freight/manifests/init.pp +++ b/puppet/modules/freight/manifests/init.pp @@ -1,14 +1,9 @@ # @summary install freight class freight { - if $facts['os']['family'] == 'Debian' { - apt::source { 'freight': - location => 'http://build.openvpn.net/debian/freight_team', - repos => 'main', - key => { - id => '30EBF4E73CCE63EEE124DD278E6DA8B4E158C569', - source => 'https://swupdate.openvpn.net/repos/repo-public.gpg', - }, - before => Package['freight'], + if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] == '9' { + class {'epel': + epel_testing_enabled => true, + before => Package['freight'], } } diff --git a/puppet/modules/freight/manifests/user.pp b/puppet/modules/freight/manifests/user.pp index 2da929197..e8c23fbc8 100644 --- a/puppet/modules/freight/manifests/user.pp +++ b/puppet/modules/freight/manifests/user.pp @@ -73,7 +73,7 @@ owner => 'root', group => 'root', mode => '0644', - content => epp("${module_name}/${vhost}-HEADER.html.epp", { 'stable' => $profiles::web::stable }), + content => epp("${module_name}/${vhost}-HEADER.html.epp", { 'stable' => $web::vhost::deb::stable }), } file { "${webdir}/foreman.asc": ensure => link, diff --git a/puppet/modules/profiles/manifests/repo/deb.pp b/puppet/modules/profiles/manifests/repo/deb.pp new file mode 100644 index 000000000..988258648 --- /dev/null +++ b/puppet/modules/profiles/manifests/repo/deb.pp @@ -0,0 +1,27 @@ +# @summary A profile for the debian repo machines +# +# @param stable +# Latest release that users expect +# +# @param https +# Whether to enable HTTPS. This is typically wanted but can only be enabled +# in a 2 pass setup. First Apache needs to run for Letsencrypt to function. +# Then Letsencrypt can be enabled. Also useful to turn off in test setups. +class profiles::repo::deb ( + String[1] $stable, + Boolean $https = true, +) { + class { 'web': + https => $https, + } + contain web + + contain web::vhost::archivedeb + + class { 'web::vhost::deb': + stable => $stable, + } + contain web::vhost::deb + + contain web::vhost::stagingdeb +} diff --git a/puppet/modules/profiles/manifests/web.pp b/puppet/modules/profiles/manifests/web.pp index 68f5dfd4a..f80604065 100644 --- a/puppet/modules/profiles/manifests/web.pp +++ b/puppet/modules/profiles/manifests/web.pp @@ -24,6 +24,9 @@ contain web::vhost::archivedeb + class { 'web::vhost::deb': + stable => $stable, + } contain web::vhost::deb class { 'web::vhost::debugs': diff --git a/puppet/modules/web/manifests/vhost/deb.pp b/puppet/modules/web/manifests/vhost/deb.pp index b11c32364..7c265aa83 100644 --- a/puppet/modules/web/manifests/vhost/deb.pp +++ b/puppet/modules/web/manifests/vhost/deb.pp @@ -1,6 +1,7 @@ # @summary Set up the deb vhost # @api private class web::vhost::deb ( + String[1] $stable, String $user = 'freight', Stdlib::Absolutepath $home = "/home/${user}", ) { diff --git a/vagrant/manifests/default.pp b/vagrant/manifests/default.pp index 6e2a403c2..3e63ad1c5 100644 --- a/vagrant/manifests/default.pp +++ b/vagrant/manifests/default.pp @@ -25,3 +25,7 @@ node /^discourse.*/ { include profiles::discourse } + +node /^repo-deb.*/ { + include profiles::repo::deb +}