Alexandros Kosiaris has submitted this change and it was merged.
Change subject: modularize otrs
......................................................................
modularize otrs
This was a single role before, move it to the module/role paradigm,
splitting up the various classes and moving templates/files around.
Add tests, documentation for the new classes.
Change-Id: I04cc8d734cd83acc2ce4c4d26cea9c0fbd1da2ec
---
M manifests/role/otrs.pp
R modules/otrs/files/crontab.otrs
R modules/otrs/files/idle_agent_report
R modules/otrs/files/otrs.TicketExport2Mbox.pl
R modules/otrs/files/train_spamassassin
R modules/otrs/files/wmf.ico
A modules/otrs/manifests/init.pp
A modules/otrs/manifests/mail.pp
A modules/otrs/manifests/web.pp
R modules/otrs/templates/Config.pm.erb
R modules/otrs/templates/exim4.conf.otrs.erb
R modules/otrs/templates/system_filter.conf.otrs.erb
R modules/otrs/templates/ticket.wikimedia.org.erb
A modules/otrs/tests/Makefile
A modules/otrs/tests/mail.pp
A modules/otrs/tests/otrs.pp
A modules/otrs/tests/web.pp
17 files changed, 308 insertions(+), 175 deletions(-)
Approvals:
Alexandros Kosiaris: Verified; Looks good to me, approved
jenkins-bot: Verified
diff --git a/manifests/role/otrs.pp b/manifests/role/otrs.pp
index f81f557..9c7ee6c 100644
--- a/manifests/role/otrs.pp
+++ b/manifests/role/otrs.pp
@@ -1,28 +1,41 @@
-# vim: set ts=4 et sw=4: =>
+# vim: set ts=4 et sw=4:
# role/otrs.pp
-class role::otrs (
- $otrs_database_host = 'm2-master.eqiad.wmnet',
- $otrs_database_name = 'otrs',
- ) {
+class role::otrs {
system::role { 'role::otrs::webserver':
description => 'OTRS Web Application Server',
}
-
- mailalias { 'root':
- recipient => '[email protected]',
- }
-
include standard
- include webserver::apache
- include network::constants
- include passwords::mysql::otrs
+ include passwords::mysql::otrs
+ include passwords::exim
+ include network::constants
$otrs_database_user = $::passwords::mysql::otrs::user
$otrs_database_pw = $::passwords::mysql::otrs::pass
+ $exim_database_pass = $passwords::exim::otrs_mysql_password
- $ssl_settings = ssl_ciphersuite('apache-2.2', 'compat', '365')
+ class { '::otrs':
+ otrs_database_host => 'm2-master.eqiad.wmnet',
+ otrs_database_name => 'otrs',
+ otrs_database_user => $otrs_database_user,
+ otrs_database_pw => $otrs_database_pw,
+ exim_database_name => 'otrs',
+ exim_database_user => 'exim',
+ exim_database_pass => $exim_database_pass,
+ trusted_networks => $network::constants::all_networks,
+ }
+
+ # TODO: On purpose here since it references a file not in a module which is
+ # used by other classes as well
+ file { '/etc/exim4/wikimedia_domains':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ source => 'puppet:///files/exim/wikimedia_domains',
+ require => Class['exim4'],
+ }
ferm::service { 'otrs_http':
proto => 'tcp',
@@ -40,165 +53,6 @@
srange => '($EXTERNAL_NETWORKS)',
}
- user { 'otrs':
- home => '/var/lib/otrs',
- groups => 'www-data',
- shell => '/bin/bash',
- managehome => true,
- system => true,
- }
-
- $packages = [
- 'libapache-dbi-perl',
- 'libdbd-mysql-perl',
- 'libgd-graph-perl',
- 'libgd-text-perl',
- 'libio-socket-ssl-perl',
- 'libjson-xs-perl',
- 'libnet-ldap-perl',
- 'libpdf-api2-perl',
- 'libsoap-lite-perl',
- 'libtext-csv-xs-perl',
- 'libtimedate-perl',
- 'mysql-client',
- 'perl-doc',
- ]
-
- package { $packages:
- ensure => 'present',
- }
-
- # can conflict with ferm module
- if ! defined(Package['libnet-dns-perl']){
- package { 'libnet-dns-perl':
- ensure => present,
- }
- }
-
- file { '/opt/otrs/Kernel/Config.pm':
- ensure => 'file',
- owner => 'otrs',
- group => 'www-data',
- mode => '0440',
- content => template('otrs/Config.pm.erb'),
- }
-
- apache::site { 'ticket.wikimedia.org':
- content => template('apache/sites/ticket.wikimedia.org.erb'),
- }
-
- file { '/etc/cron.d/otrs':
- ensure => 'file',
- owner => 'root',
- group => 'root',
- mode => '0444',
- source => 'puppet:///files/otrs/crontab.otrs',
- }
-
- file { '/var/spool/spam':
- ensure => 'directory',
- owner => 'otrs',
- group => 'www-data',
- mode => '0775',
- }
-
- file { '/opt/otrs/bin/otrs.TicketExport2Mbox.pl':
- ensure => 'file',
- owner => 'otrs',
- group => 'www-data',
- mode => '0755',
- source => 'puppet:///files/otrs/otrs.TicketExport2Mbox.pl',
- }
-
- file { '/opt/otrs/bin/cgi-bin/idle_agent_report':
- ensure => 'file',
- owner => 'otrs',
- group => 'www-data',
- mode => '0755',
- source => 'puppet:///files/otrs/idle_agent_report',
- }
-
- file {
'/opt/otrs/var/httpd/htdocs/skins/Agent/default/img/icons/product.ico':
- ensure => 'file',
- owner => 'otrs',
- group => 'www-data',
- mode => '0664',
- source => 'puppet:///files/otrs/wmf.ico',
- }
-
- file { '/usr/local/bin/train_spamassassin':
- ensure => 'file',
- owner => 'root',
- group => 'root',
- mode => '0555',
- source => 'puppet:///files/otrs/train_spamassassin',
- }
-
- file { '/opt/otrs/Kernel/Output/HTML/OTRS':
- ensure => link,
- target => '/opt/otrs/Kernel/Output/HTML/Standard',
- }
-
- sslcert::certificate { 'ticket.wikimedia.org': }
- include ::apache::mod::perl
- include ::apache::mod::rewrite
- include ::apache::mod::ssl
- include ::apache::mod::headers
-
- include clamav
- class { 'spamassassin':
- required_score => '3.5',# (5.0)
- use_bayes => '1', # 0|(1)
- bayes_auto_learn => '0', # 0|(1)
- short_report_template => true, # true|(false)
- trusted_networks => $network::constants::all_networks,
- custom_scores => {
- 'RP_MATCHES_RCVD' => '-0.500',
- 'SPF_SOFTFAIL' => '2.000',
- 'SUSPICIOUS_RECIPS' => '2.000',
- 'DEAR_SOMETHING' => '1.500',
- },
- debug_logging => '--debug spf',
- }
-
- include passwords::exim
- $otrs_mysql_password = $passwords::exim::otrs_mysql_password
-
- class { 'exim4':
- variant => 'heavy',
- config => template('exim/exim4.conf.otrs.erb'),
- filter => template('exim/system_filter.conf.otrs.erb'),
- require => [
- Class['spamassassin'],
- Class['clamav'],
- ]
- }
- include exim4::ganglia
-
- file { '/etc/exim4/defer_domains':
- ensure => present,
- owner => 'root',
- group => 'Debian-exim',
- mode => '0444',
- require => Class['exim4'],
- }
-
- file { '/etc/exim4/wikimedia_domains':
- ensure => present,
- owner => 'root',
- group => 'root',
- mode => '0444',
- source => 'puppet:///files/exim/wikimedia_domains',
- require => Class['exim4'],
- }
-
- cron { 'otrs_train_spamassassin':
- ensure => 'present',
- user => 'root',
- minute => '5',
- command => '/usr/local/bin/train_spamassassin',
- }
-
monitoring::service { 'smtp':
description => 'OTRS SMTP',
check_command => 'check_smtp',
@@ -209,4 +63,10 @@
check_command => 'check_ssl_http!ticket.wikimedia.org',
}
+ # can conflict with ferm module
+ if ! defined(Package['libnet-dns-perl']){
+ package { 'libnet-dns-perl':
+ ensure => present,
+ }
+ }
}
diff --git a/files/otrs/crontab.otrs b/modules/otrs/files/crontab.otrs
similarity index 100%
rename from files/otrs/crontab.otrs
rename to modules/otrs/files/crontab.otrs
diff --git a/files/otrs/idle_agent_report b/modules/otrs/files/idle_agent_report
similarity index 100%
rename from files/otrs/idle_agent_report
rename to modules/otrs/files/idle_agent_report
diff --git a/files/otrs/otrs.TicketExport2Mbox.pl
b/modules/otrs/files/otrs.TicketExport2Mbox.pl
similarity index 100%
rename from files/otrs/otrs.TicketExport2Mbox.pl
rename to modules/otrs/files/otrs.TicketExport2Mbox.pl
diff --git a/files/otrs/train_spamassassin
b/modules/otrs/files/train_spamassassin
similarity index 100%
rename from files/otrs/train_spamassassin
rename to modules/otrs/files/train_spamassassin
diff --git a/files/otrs/wmf.ico b/modules/otrs/files/wmf.ico
similarity index 100%
rename from files/otrs/wmf.ico
rename to modules/otrs/files/wmf.ico
Binary files differ
diff --git a/modules/otrs/manifests/init.pp b/modules/otrs/manifests/init.pp
new file mode 100644
index 0000000..f139367
--- /dev/null
+++ b/modules/otrs/manifests/init.pp
@@ -0,0 +1,131 @@
+# Class: otrs
+#
+# This class installs all the prerequisite packages for OTRS
+#
+# Parameters:
+# $otrs_database_host,
+# The MySQL OTRS database host
+# $otrs_database_name,
+# The MySQL OTRS database name
+# $otrs_database_user,
+# The MySQL OTRS database user
+# $otrs_database_pw,
+# The MySQL OTRS database pass
+# $exim_database_name,
+# The MySQL OTRS database name (probably the same)
+# $exim_database_user,
+# The MySQL OTRS database user (probably not the same)
+# $exim_database_pass,
+# The MySQL OTRS database pass (probably not the same)
+# $trusted_networks,
+# The trusted by OTRS networks
+#
+# Actions:
+# Install OTRS and prerequisites
+#
+# Requires:
+#
+# class {'::otrs':
+# otrs_database_host => 'host1',
+# otrs_database_name => 'otrs',
+# otrs_database_user => 'user',
+# otrs_database_pw => 'pass
+# exim_database_name => 'otrs',
+# exim_database_user => 'eximuser',
+# exim_database_pass => 'eximpass',
+# trusted_networks => [],
+# }
+#
+class otrs(
+ $otrs_database_host,
+ $otrs_database_name,
+ $otrs_database_user,
+ $otrs_database_pw,
+ $exim_database_name,
+ $exim_database_user,
+ $exim_database_pass,
+ $trusted_networks,
+) {
+ # Implementation classes
+ include otrs::web
+ class { 'otrs::mail':
+ otrs_mysql_database => $exim_database_name,
+ otrs_mysql_user => $exim_database_user,
+ otrs_mysql_password => $exim_database_pass,
+ trusted_networks => $trusted_networks,
+ }
+
+ # Installation
+ $packages = [
+ 'libapache-dbi-perl',
+ 'libdbd-mysql-perl',
+ 'libgd-graph-perl',
+ 'libgd-text-perl',
+ 'libio-socket-ssl-perl',
+ 'libjson-xs-perl',
+ 'libnet-ldap-perl',
+ 'libpdf-api2-perl',
+ 'libsoap-lite-perl',
+ 'libtext-csv-xs-perl',
+ 'libtimedate-perl',
+ 'mysql-client',
+ 'perl-doc',
+ ]
+
+ package { $packages:
+ ensure => 'present',
+ }
+
+ user { 'otrs':
+ home => '/var/lib/otrs',
+ groups => 'www-data',
+ shell => '/bin/bash',
+ managehome => true,
+ system => true,
+ }
+
+ file { '/opt/otrs/Kernel/Config.pm':
+ ensure => 'file',
+ owner => 'otrs',
+ group => 'www-data',
+ mode => '0440',
+ content => template('otrs/Config.pm.erb'),
+ }
+
+ file { '/etc/cron.d/otrs':
+ ensure => 'file',
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ source => 'puppet:///modules/otrs/crontab.otrs',
+ }
+
+ file { '/opt/otrs/bin/otrs.TicketExport2Mbox.pl':
+ ensure => 'file',
+ owner => 'otrs',
+ group => 'www-data',
+ mode => '0755',
+ source => 'puppet:///modules/otrs/otrs.TicketExport2Mbox.pl',
+ }
+
+ file { '/opt/otrs/bin/cgi-bin/idle_agent_report':
+ ensure => 'file',
+ owner => 'otrs',
+ group => 'www-data',
+ mode => '0755',
+ source => 'puppet:///modules/otrs/idle_agent_report',
+ }
+
+ file {
'/opt/otrs/var/httpd/htdocs/skins/Agent/default/img/icons/product.ico':
+ ensure => 'file',
+ owner => 'otrs',
+ group => 'www-data',
+ mode => '0664',
+ source => 'puppet:///modules/otrs/wmf.ico',
+ }
+
+ file { '/opt/otrs/Kernel/Output/HTML/OTRS':
+ ensure => link,
+ target => '/opt/otrs/Kernel/Output/HTML/Standard',
+ }
+}
diff --git a/modules/otrs/manifests/mail.pp b/modules/otrs/manifests/mail.pp
new file mode 100644
index 0000000..2edb4b4
--- /dev/null
+++ b/modules/otrs/manifests/mail.pp
@@ -0,0 +1,94 @@
+# Class: otrs::mail
+#
+# This class installs/configures the exim part of the WMF OTRS installation
+#
+# Parameters:
+# $otrs_mysql_database
+# The name of the OTRS database
+# $otrs_mysql_user
+# The user for exim to connect to the OTRS database
+# $otrs_mysql_password
+# The password for exim to connect to the OTRS database
+# $trusted_networks
+# OTRS trusted networks by exim/spamassasin
+#
+# Actions:
+# Install/configure exim/spamassasin
+#
+# Requires:
+#
+# Sample Usage:
+# class { 'otrs::mail'
+# otrs_mysql_database => 'otrs',
+# otrs_mysql_user => 'exim',
+# otrs_mysql_password => 'pass',
+# trusted_networks => [],
+# }
+#
+class otrs::mail(
+ $otrs_mysql_database,
+ $otrs_mysql_user,
+ $otrs_mysql_password,
+ $trusted_networks,
+){
+ include clamav
+ include exim4::ganglia
+
+ class { 'exim4':
+ variant => 'heavy',
+ config => template('otrs/exim4.conf.otrs.erb'),
+ filter => template('otrs/system_filter.conf.otrs.erb'),
+ require => [
+ Class['spamassassin'],
+ Class['clamav'],
+ ]
+ }
+ class { 'spamassassin':
+ required_score => '3.5',# (5.0)
+ use_bayes => '1', # 0|(1)
+ bayes_auto_learn => '0', # 0|(1)
+ short_report_template => true, # true|(false)
+ trusted_networks => $trusted_networks,
+ custom_scores => {
+ 'RP_MATCHES_RCVD' => '-0.500',
+ 'SPF_SOFTFAIL' => '2.000',
+ 'SUSPICIOUS_RECIPS' => '2.000',
+ 'DEAR_SOMETHING' => '1.500',
+ },
+ debug_logging => '--debug spf',
+ }
+
+ mailalias { 'root':
+ recipient => '[email protected]',
+ }
+
+ file { '/etc/exim4/defer_domains':
+ ensure => present,
+ owner => 'root',
+ group => 'Debian-exim',
+ mode => '0444',
+ require => Class['exim4'],
+ }
+
+ file { '/usr/local/bin/train_spamassassin':
+ ensure => 'file',
+ owner => 'root',
+ group => 'root',
+ mode => '0555',
+ source => 'puppet:///modules/otrs/train_spamassassin',
+ }
+
+ cron { 'otrs_train_spamassassin':
+ ensure => 'present',
+ user => 'root',
+ minute => '5',
+ command => '/usr/local/bin/train_spamassassin',
+ }
+
+ file { '/var/spool/spam':
+ ensure => 'directory',
+ owner => 'otrs',
+ group => 'www-data',
+ mode => '0775',
+ }
+}
diff --git a/modules/otrs/manifests/web.pp b/modules/otrs/manifests/web.pp
new file mode 100644
index 0000000..525d0a4
--- /dev/null
+++ b/modules/otrs/manifests/web.pp
@@ -0,0 +1,26 @@
+# Class: otrs::web
+#
+# This class configures the apache part of the otrs WMF installation
+#
+# Parameters:
+
+# Actions:
+# Install the necessary apache modules, configure SSL
+#
+# Requires:
+#
+# Sample Usage:
+# include otrs::web
+#
+class otrs::web {
+ include ::apache::mod::perl
+ include ::apache::mod::rewrite
+ include ::apache::mod::ssl
+ include ::apache::mod::headers
+
+ sslcert::certificate { 'ticket.wikimedia.org': }
+ $ssl_settings = ssl_ciphersuite('apache-2.2', 'compat', '365')
+ apache::site { 'ticket.wikimedia.org':
+ content => template('otrs/ticket.wikimedia.org.erb'),
+ }
+}
diff --git a/templates/otrs/Config.pm.erb b/modules/otrs/templates/Config.pm.erb
similarity index 100%
rename from templates/otrs/Config.pm.erb
rename to modules/otrs/templates/Config.pm.erb
diff --git a/templates/exim/exim4.conf.otrs.erb
b/modules/otrs/templates/exim4.conf.otrs.erb
similarity index 94%
rename from templates/exim/exim4.conf.otrs.erb
rename to modules/otrs/templates/exim4.conf.otrs.erb
index 8dcc4d9..5762475 100644
--- a/templates/exim/exim4.conf.otrs.erb
+++ b/modules/otrs/templates/exim4.conf.otrs.erb
@@ -18,7 +18,7 @@
###############################
# MySQL lookups (OTRS)
-hide mysql_servers = m2-master.eqiad.wmnet/otrs/exim/<%= @otrs_mysql_password
%> : m2-slave.eqiad.wmnet/otrs/exim/<%= @otrs_mysql_password %>
+hide mysql_servers = m2-master.eqiad.wmnet/<%= @otrs_mysql_database %>/<%=
@otrs_mysql_user %>/<%= @otrs_mysql_password %> : m2-slave.eqiad.wmnet/<%=
@otrs_mysql_database %>/<%= @otrs_mysql_user %>/<%= @otrs_mysql_password %>
domainlist system_domains = @
domainlist local_domains = +system_domains : +wikimedia_domains
@@ -28,7 +28,7 @@
domainlist defer_domains = lsearch;CONFDIR/defer_domains
# Standard lists
-hostlist wikimedia_nets = <; <%=
scope.lookupvar('network::constants::all_networks').join(" ; ") %>
+hostlist wikimedia_nets = <; <%= @trusted_networks.join(" ; ") %>
hostlist relay_from_hosts = <; @[] ; 127.0.0.1 ; ::1 ;
# Interfaces
diff --git a/templates/exim/system_filter.conf.otrs.erb
b/modules/otrs/templates/system_filter.conf.otrs.erb
similarity index 100%
rename from templates/exim/system_filter.conf.otrs.erb
rename to modules/otrs/templates/system_filter.conf.otrs.erb
diff --git a/templates/apache/sites/ticket.wikimedia.org.erb
b/modules/otrs/templates/ticket.wikimedia.org.erb
similarity index 100%
rename from templates/apache/sites/ticket.wikimedia.org.erb
rename to modules/otrs/templates/ticket.wikimedia.org.erb
diff --git a/modules/otrs/tests/Makefile b/modules/otrs/tests/Makefile
new file mode 100644
index 0000000..76cd656
--- /dev/null
+++ b/modules/otrs/tests/Makefile
@@ -0,0 +1,13 @@
+MANIFESTS=$(wildcard *.pp)
+OBJS=$(MANIFESTS:.pp=.po)
+TESTS_DIR=$(dir $(CURDIR))
+MODULE_DIR=$(TESTS_DIR:/=)
+MODULES_DIR=$(dir $(MODULE_DIR))
+
+all: test
+
+test: $(OBJS)
+
+%.po: %.pp
+ puppet parser validate $<
+ puppet apply --noop --modulepath $(MODULES_DIR) $<
diff --git a/modules/otrs/tests/mail.pp b/modules/otrs/tests/mail.pp
new file mode 100644
index 0000000..bf35305
--- /dev/null
+++ b/modules/otrs/tests/mail.pp
@@ -0,0 +1,3 @@
+#
+
+include ::otrs::mail
diff --git a/modules/otrs/tests/otrs.pp b/modules/otrs/tests/otrs.pp
new file mode 100644
index 0000000..5188b67
--- /dev/null
+++ b/modules/otrs/tests/otrs.pp
@@ -0,0 +1,3 @@
+#
+
+include ::otrs
diff --git a/modules/otrs/tests/web.pp b/modules/otrs/tests/web.pp
new file mode 100644
index 0000000..dbfd7cf
--- /dev/null
+++ b/modules/otrs/tests/web.pp
@@ -0,0 +1,3 @@
+#
+
+include otrs::web
--
To view, visit https://gerrit.wikimedia.org/r/239369
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I04cc8d734cd83acc2ce4c4d26cea9c0fbd1da2ec
Gerrit-PatchSet: 7
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Alexandros Kosiaris <[email protected]>
Gerrit-Reviewer: Alexandros Kosiaris <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
