#30020: switch from our custom YAML implementation to Hiera -------------------------------------------------+------------------------- Reporter: anarcat | Owner: anarcat Type: project | Status: | assigned Priority: Medium | Milestone: Component: Internal Services/Tor Sysadmin Team | Version: Severity: Normal | Resolution: Keywords: | Actual Points: Parent ID: #29387 | Points: Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by anarcat): i got a little tired of battling this, so I took a small break. I still migrated a few roles: {{{ civicrm_ext_2018 civicrm_int_2018 civicrm_ext civicrm_int public_git rt svn metrics exonerator bridges trac mandos_server }}} many of those were easy marks: the ssl::service stuff were just a lot of copy-paste, which might have been better implemented by having a parametrized class with the node-specific parameters in hiera, something like: {{{ class profile::ssl_web($name, $onion = false) { ssl::service { $name: notify => Exec['service apache2 reload'], key => true, onion => $onion } } }}} And in (say) `eugeni.torproject.org.yaml`, you would have: {{{ profile::ssl_web::name: "lists.torproject.org" profile::ssl_web::onion: true classes: - profile::ssl_web }}} ... but I didn't want to overthink this just yet. plus we might want to manage those services more closely in Puppet eventually and such a class would just make it difficult. Besides, i suspect this would belong in the Apache module, not in a profile. '''And''' we should have a ''role'' in Hiera instead of a ''profile'', so we would end up creating the equivalent of the ''profile'' I ended up making anyways: {{{ class profile::lists { ssl::service { 'lists.torproject.org': notify => Exec['service apache2 reload'], key => true, } } }}} So I think it's the right conversion for now. I'm not converting the entire hierarchy to R/P/M just yet anyways, just switching to Hiera is enough work as it is. There are now 22 `has_role` calls left in the main `roles` class, down from around 50. Unfortunately, there is actually more roles in the `local.yaml` file (33) that I haven't considered or noticed, so we haven't crossed the magic halfway point just yet. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30020#comment:6> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs