BryanDavis has uploaded a new change for review. https://gerrit.wikimedia.org/r/295777
Change subject: striker: Update configuration ...................................................................... striker: Update configuration Switch to new ini based configuration style. Change-Id: I9c1f89a72698d165dece0e15e3d9c15df7fac46d --- M puppet/modules/role/manifests/striker.pp M puppet/modules/role/templates/striker/apache.conf.erb A puppet/modules/role/templates/striker/striker.ini.erb D puppet/modules/role/templates/striker/vagrant_settings.py.erb 4 files changed, 57 insertions(+), 79 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/vagrant refs/changes/77/295777/1 diff --git a/puppet/modules/role/manifests/striker.pp b/puppet/modules/role/manifests/striker.pp index a5d3bfd..bbda3eb 100644 --- a/puppet/modules/role/manifests/striker.pp +++ b/puppet/modules/role/manifests/striker.pp @@ -101,8 +101,14 @@ } # Configure striker - file { "${app_dir}/vagrant_settings.py": - content => template('role/striker/vagrant_settings.py.erb'), + file { '/etc/striker': + ensure => 'directory', + owner => 'root', + group => 'root', + mode => '0555', + } + file { '/etc/striker/striker.ini': + content => template('role/striker/striker.ini.erb'), require => [ Git::Clone['striker'], Class['::phabricator'], @@ -124,10 +130,9 @@ exec { 'striker manage.py migrate': cwd => $app_dir, command => "${venv}/bin/python manage.py migrate", - environment => 'DJANGO_SETTINGS_MODULE=vagrant_settings', require => [ Mysql::User[$db_user], - File["${app_dir}/vagrant_settings.py"], + File['/etc/striker/striker.ini'], ], onlyif => "${venv}/bin/python manage.py showmigrations --plan | /bin/grep -q '\\[ \\]'", } @@ -135,10 +140,9 @@ exec { 'striker manage.py collectstatic': cwd => $app_dir, command => "${venv}/bin/python manage.py collectstatic --noinput", - environment => 'DJANGO_SETTINGS_MODULE=vagrant_settings', require => [ Mysql::User[$db_user], - File["${app_dir}/vagrant_settings.py"], + File['/etc/striker/striker.ini'], ], unless => "${venv}/bin/python manage.py collectstatic --noinput --dry-run| grep -q '^0 static'", } diff --git a/puppet/modules/role/templates/striker/apache.conf.erb b/puppet/modules/role/templates/striker/apache.conf.erb index 58b53ee..54659a5 100644 --- a/puppet/modules/role/templates/striker/apache.conf.erb +++ b/puppet/modules/role/templates/striker/apache.conf.erb @@ -1,10 +1,7 @@ ServerName <%= @vhost_name %> DocumentRoot <%= @app_dir %> -SetEnv DJANGO_SETTINGS_MODULE vagrant_settings -SetEnv DJANGO_LOG_LEVEL DEBUG SetEnv DJANGO_DEBUG True - WSGIDaemonProcess striker python-path=<%= @app_dir %>:<%= @venv %>/lib/python2.7/site-packages home=<%= @app_dir %> display-name=%{GROUP} threads=8 WSGIProcessGroup striker WSGIScriptAlias / <%= @deploy_dir %>/striker/striker/wsgi.py process-group=striker diff --git a/puppet/modules/role/templates/striker/striker.ini.erb b/puppet/modules/role/templates/striker/striker.ini.erb new file mode 100644 index 0000000..efc194c --- /dev/null +++ b/puppet/modules/role/templates/striker/striker.ini.erb @@ -0,0 +1,47 @@ +# Managed by Puppet. +# See puppet/modules/role/templates/striker/striker.ini.erb + +[secrets] +# Not so secret secret key +SECRET_KEY = &tse*xh73ad^#d+v%%rb18wp2ab%sj5xv1t7&zyj%bma=^h@g_ + +[debug] +DEBUG = true + +[ldap] +SERVER_URI = ldap://127.0.0.1:389 +BIND_USER = <%= scope['::role::ldapauth::writer_dn'] %> +BIND_PASSWORD = <%= scope['::role::ldapauth::writer_password'] %> +TLS = false + +BASE_DN = <%= scope['::role::ldapauth::base_dn'] %> +USER_DN_TEMPLATE = cn=%(user)s,<%= scope['::role::ldapauth::user_base_dn'] %> +STAFF_GROUP_DN = cn=wmf,ou=groups,<%= scope['::role::ldapauth::base_dn'] %> +SUPERUSER_GROUP_DN = cn=tools.admin,ou=servicegroups,<%= scope['::role::ldapauth::base_dn'] %> + +TOOLS_MAINTAINER_BASE_DN = ou=people,<%= scope['::role::ldapauth::base_dn'] %> +TOOLS_TOOL_BASE_DN = ou=servicegroups,<%= scope['::role::ldapauth::base_dn'] %> + +[oauth] +MWURL = <%= scope['::mediawiki::server_url'] %>/w/index.php +CONSUMER_KEY = <%= @oauth_consumer_key %> +CONSUMER_SECRET = <%= @oauth_consumer_secret %> + +[phabricator] +SERVER_URL = <%= @phabricator_url %> +USER = <%= @phabricator_user %> +TOKEN = <%= @phabricator_token %> +REPO_ADMIN_GROUP = <%= @phabricator_repo_admin_group %> + +[db] +ENGINE = django.db.backends.mysql +NAME = <%= @db_name %> +USER = <%= @db_user %> +PASSWORD = <%= @db_pass %> +HOST = 127.0.0.1 +PORT = 3306 + +[logging] +HANDLERS = file +LEVEL = DEBUG +FILE_FILENAME = <%= @log_dir %>/striker/django.log diff --git a/puppet/modules/role/templates/striker/vagrant_settings.py.erb b/puppet/modules/role/templates/striker/vagrant_settings.py.erb deleted file mode 100644 index ddd507e..0000000 --- a/puppet/modules/role/templates/striker/vagrant_settings.py.erb +++ /dev/null @@ -1,70 +0,0 @@ -# -*- coding: utf-8 -*- -# Managed by Puppet. -# See puppet/modules/role/templates/striker/vagrant_config.py.erb - -import django_auth_ldap.config -import ldap -from striker.settings import * # noqa - -# Not so secret secret key -SECRET_KEY = '&tse*xh73ad^#d+v%%rb18wp2ab%sj5xv1t7&zyj%bma=^h@g_' - -# OAuth with local devwiki -OAUTH_MWURL = "<%= scope['::mediawiki::server_url'] %>/w/index.php" -OAUTH_CONSUMER_KEY = "<%= @oauth_consumer_key %>" -OAUTH_CONSUMER_SECRET = "<%= @oauth_consumer_secret %>" - -# Credentials for local Phabricator -PHABRICATOR_URL = "<%= @phabricator_url %>" -PHABRICATOR_USER = "<%= @phabricator_user %>" -PHABRICATOR_TOKEN = "<%= @phabricator_token %>" -PHABRICATOR_REPO_ADMIN_GROUP = "<%= @phabricator_repo_admin_group %>" - -# MySQL database for app storage -DATABASES['default'] = { - 'ENGINE': 'django.db.backends.mysql', - 'NAME': '<%= @db_name %>', - 'USER': '<%= @db_user %>', - 'PASSWORD': '<%= @db_pass %>', - 'HOST': '127.0.0.1', - 'PORT': '3306', -} - -# LDAP config -DATABASES['ldap'] = { - 'ENGINE': 'ldapdb.backends.ldap', - 'NAME': 'ldap://127.0.0.1:389', - 'USER': '<%= scope['::role::ldapauth::writer_dn'] %>', - 'PASSWORD': '<%= scope['::role::ldapauth::writer_password'] %>', -} - -AUTH_LDAP_SERVER_URI = DATABASES['ldap']['NAME'] -AUTH_LDAP_START_TLS = False -AUTH_LDAP_USER_DN_TEMPLATE = 'cn=%(user)s,<%= scope['::role::ldapauth::user_base_dn'] %>' -AUTH_LDAP_USER_SEARCH = None -AUTH_LDAP_GROUP_SEARCH = django_auth_ldap.config.LDAPSearch( - '<%= scope['::role::ldapauth::base_dn'] %>', - ldap.SCOPE_SUBTREE, - '(objectClass=groupOfNames)' -) -AUTH_LDAP_USER_FLAGS_BY_GROUP = { - 'is_staff': 'cn=wmf,ou=groups,<%= scope['::role::ldapauth::base_dn'] %>', - 'is_superuser': 'cn=tools.admin,ou=servicegroups,<%= scope['::role::ldapauth::base_dn'] %>', -} - -TOOLS_MAINTAINER_BASE_DN = 'ou=people,<%= scope['::role::ldapauth::base_dn'] %>' -TOOLS_TOOL_BASE_DN = 'ou=servicegroups,<%= scope['::role::ldapauth::base_dn'] %>' - -# Logging -LOGGING['handlers']['vagrant'] = { - 'class': 'logging.FileHandler', - 'filename': '<%= @log_dir %>/striker/django.log', - 'formatter': 'line', - 'level': 'DEBUG', -} -LOGGING['root']['handlers'] = ['vagrant'] -if 'loggers' in LOGGING: - for logger in LOGGING['loggers']: - LOGGING['loggers'][logger]['handlers'] = ['vagrant'] - -# ldap.set_option(ldap.OPT_DEBUG_LEVEL, 4095) -- To view, visit https://gerrit.wikimedia.org/r/295777 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I9c1f89a72698d165dece0e15e3d9c15df7fac46d Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/vagrant Gerrit-Branch: master Gerrit-Owner: BryanDavis <bda...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits