Yuvipanda has uploaded a new change for review. https://gerrit.wikimedia.org/r/282102
Change subject: devpi: Add module + role ...................................................................... devpi: Add module + role Simple role that sets up a devpi server with an nginx proxy in front, to make it easier to distribute python artifacts Change-Id: If7aa876e662fa341c60e25a9ed883d6ae6cb29f9 --- A modules/devpi/files/nginx.conf A modules/devpi/manifests/init.pp A modules/devpi/templates/initscripts/devpi.systemd.erb A modules/role/manifests/devpi/server.pp M modules/role/manifests/toollabs/docker/registry.pp 5 files changed, 97 insertions(+), 2 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/02/282102/1 diff --git a/modules/devpi/files/nginx.conf b/modules/devpi/files/nginx.conf new file mode 100644 index 0000000..d7165da --- /dev/null +++ b/modules/devpi/files/nginx.conf @@ -0,0 +1,40 @@ +server { + listen 80; + gzip on; + gzip_min_length 2000; + gzip_proxied any; + gzip_types text/html application/json; + + proxy_read_timeout 60s; + client_max_body_size 64M; + + # set to where your devpi-server state is on the filesystem + root /srv/devpi/server; + + # try serving static files directly + location ~ /\+f/ { + # workaround to pass non-GET/HEAD requests through to the named location below + error_page 418 = @proxy_to_app; + if ($request_method !~ (GET)|(HEAD)) { + return 418; + } + + expires max; + try_files /+files$uri @proxy_to_app; + } + # try serving docs directly + location ~ /\+doc/ { + try_files $uri @proxy_to_app; + } + location / { + # workaround to pass all requests to / through to the named location below + error_page 418 = @proxy_to_app; + return 418; + } + location @proxy_to_app { + proxy_pass http://127.0.0.1:3141; + proxy_set_header X-outside-url $scheme://$host:$server_port; + proxy_set_header X-Real-IP $remote_addr; + expires -1; # no-cache + } +} diff --git a/modules/devpi/manifests/init.pp b/modules/devpi/manifests/init.pp new file mode 100644 index 0000000..ca44b5d --- /dev/null +++ b/modules/devpi/manifests/init.pp @@ -0,0 +1,40 @@ +# Sets up a simple devpi server +class devpi { + group { 'devpi': + ensure => present, + system => true, + } + + user { 'devpi': + ensure => present, + shell => '/bin/false', + home => '/srv/devpi', + managehome => true, + system => true, + } + + git::clone { 'operations/wheels/devpi': + ensure => latest, + directory => '/srv/devpi/venv', + owner => 'devpi', + group => 'devpi', + mode => '0770', + } + + exec { '/srv/devpi/venv/freshinstall.bash': + path => '/usr/bin:/bin', + user => 'devpi', + group => 'devpi', + unless => '/srv/devpi/venv/bin/pip freeze | cmp --silent /srv/devpi/venv/requirements.txt -', + subscribe => Git::Clone['operations/wheels/devpi'], + } + + base::service_unit { 'devpi': + systemd => true, + subscribe => Exec['/srv/devpi/venv/freshinstall.bash'], + } + + nginx::site { 'devpi': + source => 'puppet:///modules/devpi/nginx.conf', + } +} diff --git a/modules/devpi/templates/initscripts/devpi.systemd.erb b/modules/devpi/templates/initscripts/devpi.systemd.erb new file mode 100644 index 0000000..d22f76f --- /dev/null +++ b/modules/devpi/templates/initscripts/devpi.systemd.erb @@ -0,0 +1,11 @@ +[Unit] +Description=Devpi Server + +[Service] +User=devpi +Group=devpi +ExecStart=/srv/devpi/venv/bin/devpi-server \ + --serverdir /srv/devpi/server + +[Install] +WantedBy=multi-user.target diff --git a/modules/role/manifests/devpi/server.pp b/modules/role/manifests/devpi/server.pp new file mode 100644 index 0000000..6e2ca3a --- /dev/null +++ b/modules/role/manifests/devpi/server.pp @@ -0,0 +1,4 @@ +# Sets up a simple devpi server +class role::devpi::server { + class {'::devpi':} +} diff --git a/modules/role/manifests/toollabs/docker/registry.pp b/modules/role/manifests/toollabs/docker/registry.pp index 1c7fa45..6ba5871 100644 --- a/modules/role/manifests/toollabs/docker/registry.pp +++ b/modules/role/manifests/toollabs/docker/registry.pp @@ -7,9 +7,9 @@ skip_private => true, before => Class['::docker::registry'], } - + $builder = ipresolve(hiera('docker::builder_host'), 4, $::nameservers[0]) - + class { '::docker::registry': datapath => '/srv/registry', allow_push_from => $builder, -- To view, visit https://gerrit.wikimedia.org/r/282102 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: If7aa876e662fa341c60e25a9ed883d6ae6cb29f9 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Yuvipanda <yuvipa...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits