Madhuvishy has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/334461 )
Change subject: toolschecker: Fix service dependencies
......................................................................
toolschecker: Fix service dependencies
Change-Id: I95752b3d5b888efa81212c0480541866ecb38082
---
M modules/toollabs/manifests/checker.pp
1 file changed, 69 insertions(+), 70 deletions(-)
Approvals:
Madhuvishy: Looks good to me, approved
jenkins-bot: Verified
diff --git a/modules/toollabs/manifests/checker.pp
b/modules/toollabs/manifests/checker.pp
index 25bd1e9..4a2dad9 100644
--- a/modules/toollabs/manifests/checker.pp
+++ b/modules/toollabs/manifests/checker.pp
@@ -21,72 +21,6 @@
ensure => latest,
}
- file { '/usr/local/lib/python2.7/dist-packages/toolschecker.py':
- ensure => file,
- owner => 'root',
- group => 'root',
- mode => '0444',
- source => 'puppet:///modules/toollabs/toolschecker.py',
- notify => Service['toolschecker'],
- }
-
- file { '/data/project/toolschecker/www/python/src/app.py':
- ensure => file,
- owner => 'root',
- group => 'root',
- mode => '0555',
- source => 'puppet:///modules/toollabs/toolschecker_generic_service.py',
- notify => Service['toolschecker'],
- }
-
- file { '/data/project/toolschecker/public_html/index.php':
- ensure => file,
- owner => 'root',
- group => 'root',
- mode => '0555',
- source =>
'puppet:///modules/toollabs/toolschecker_lighttpd_service.php',
- notify => Service['toolschecker'],
- }
-
- file { ['/run/toolschecker', '/var/lib/toolschecker',
'/var/lib/toolschecker/puppetcerts']:
- ensure => directory,
- owner => "${::labsproject}.toolschecker",
- group => 'www-data',
- mode => '0755',
- }
-
- file { '/etc/init/toolschecker':
- ensure => directory,
- owner => 'root',
- group => 'root',
- mode => '0644',
- }
-
- # We need this host's puppet cert and key (readable) so we can check
- # puppet status
- file { '/var/lib/toolschecker/puppetcerts/cert.pem':
- ensure => present,
- owner => "${::labsproject}.toolschecker",
- group => 'www-data',
- mode => '0400',
- source => "/var/lib/puppet/ssl/certs/${::fqdn}.pem",
- }
-
- file { '/var/lib/toolschecker/puppetcerts/key.pem':
- ensure => present,
- owner => "${::labsproject}.toolschecker",
- group => 'www-data',
- mode => '0400',
- source => "/var/lib/puppet/ssl/private_keys/${::fqdn}.pem",
- }
-
- sudo::user { 'tools.toolschecker':
- privileges => [
- 'ALL=(tools.toolschecker-k8s-ws) NOPASSWD: ALL',
- 'ALL=(tools.toolschecker-ge-ws) NOPASSWD: ALL',
- ],
- }
-
$checks = {
'self' => {
path => '/self'
@@ -167,11 +101,76 @@
create_resources(toollabs::check, $checks)
- nginx::site { 'toolschecker-nginx':
- require => Service['toolschecker'],
- content => template('toollabs/toolschecker.nginx.erb'),
+ file { ['/run/toolschecker', '/var/lib/toolschecker',
'/var/lib/toolschecker/puppetcerts']:
+ ensure => directory,
+ owner => "${::labsproject}.toolschecker",
+ group => 'www-data',
+ mode => '0755',
+ before => Toollabs::Check[keys($checks)],
}
- File['/run/toolschecker'] -> Toollabs::Check[keys($checks)] ->
Nginx::Site['toolschecker-nginx']
+ file { '/usr/local/lib/python2.7/dist-packages/toolschecker.py':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ source => 'puppet:///modules/toollabs/toolschecker.py',
+ notify => Toollabs::Check[keys($checks)],
+ }
+
+ file { '/data/project/toolschecker/www/python/src/app.py':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0555',
+ source => 'puppet:///modules/toollabs/toolschecker_generic_service.py',
+ notify => Toollabs::Check[keys($checks)],
+ }
+
+ file { '/data/project/toolschecker/public_html/index.php':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0555',
+ source =>
'puppet:///modules/toollabs/toolschecker_lighttpd_service.php',
+ notify => Toollabs::Check[keys($checks)],
+ }
+
+ file { '/etc/init/toolschecker':
+ ensure => directory,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ }
+
+ # We need this host's puppet cert and key (readable) so we can check
+ # puppet status
+ file { '/var/lib/toolschecker/puppetcerts/cert.pem':
+ ensure => present,
+ owner => "${::labsproject}.toolschecker",
+ group => 'www-data',
+ mode => '0400',
+ source => "/var/lib/puppet/ssl/certs/${::fqdn}.pem",
+ }
+
+ file { '/var/lib/toolschecker/puppetcerts/key.pem':
+ ensure => present,
+ owner => "${::labsproject}.toolschecker",
+ group => 'www-data',
+ mode => '0400',
+ source => "/var/lib/puppet/ssl/private_keys/${::fqdn}.pem",
+ }
+
+ sudo::user { 'tools.toolschecker':
+ privileges => [
+ 'ALL=(tools.toolschecker-k8s-ws) NOPASSWD: ALL',
+ 'ALL=(tools.toolschecker-ge-ws) NOPASSWD: ALL',
+ ],
+ }
+
+ nginx::site { 'toolschecker-nginx':
+ content => template('toollabs/toolschecker.nginx.erb'),
+ require => Toollabs::Check[keys($checks)],
+ }
}
--
To view, visit https://gerrit.wikimedia.org/r/334461
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I95752b3d5b888efa81212c0480541866ecb38082
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Madhuvishy <[email protected]>
Gerrit-Reviewer: Madhuvishy <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
