Revision 1277d078
Added by Eric Helms over 8 years ago
.fixtures.yml | ||
---|---|---|
common: "git://github.com/katello/puppet-common.git"
|
||
qpid: "git://github.com/katello/puppet-qpid.git"
|
||
candlepin: "git://github.com/katello/puppet-candlepin.git"
|
||
gutterball: "git://github.com/katello/puppet-gutterball.git"
|
||
pulp:
|
||
repo: "git://github.com/katello/puppet-pulp.git"
|
||
branch: "0.1-stable"
|
||
gutterball: "git://github.com/katello/puppet-gutterball.git"
|
||
pulp: "git://github.com/katello/puppet-pulp.git"
|
||
elasticsearch: "git://github.com/katello/puppet-elasticsearch.git"
|
||
symlinks:
|
||
katello: "#{source_dir}"
|
manifests/config.pp | ||
---|---|---|
mode => '0755',
|
||
}
|
||
|
||
file {'/etc/httpd/conf.d/pulp.conf':
|
||
ensure => file,
|
||
content => template('katello/pulp.conf.erb'),
|
||
owner => 'root',
|
||
group => 'root',
|
||
mode => '0644',
|
||
}
|
||
|
||
}
|
manifests/init.pp | ||
---|---|---|
#
|
||
# $config_dir:: Location for Katello config files
|
||
#
|
||
# $mongodb_path:: Path where mongodb should be stored
|
||
#
|
||
# $use_passenger:: Whether Katello is being deployed with Passenger
|
||
#
|
||
# $proxy_url:: URL of the proxy server
|
||
... | ... | |
|
||
$log_dir = $katello::params::log_dir,
|
||
$config_dir = $katello::params::config_dir,
|
||
$mongodb_path = $katello::params::mongodb_path,
|
||
|
||
$use_passenger = $katello::params::use_passenger,
|
||
|
||
... | ... | |
ca_cert => $certs::ca_cert_stripped,
|
||
keystore_password => $::certs::candlepin::keystore_password,
|
||
} ~>
|
||
class { '::qpid':
|
||
ssl => true,
|
||
ssl_cert_db => $::certs::nss_db_dir,
|
||
ssl_cert_password_file => $::certs::qpid::nss_db_password_file,
|
||
ssl_cert_name => 'broker',
|
||
} ~>
|
||
class { '::certs::pulp_parent': } ~>
|
||
class { '::pulp':
|
||
oauth_key => $katello::oauth_key,
|
||
oauth_secret => $katello::oauth_secret,
|
||
messaging_url => "ssl://${::fqdn}:5671",
|
||
qpid_ssl_cert_db => $certs::nss_db_dir,
|
||
qpid_ssl_cert_password_file => $certs::qpid::nss_db_password_file,
|
||
messaging_ca_cert => $certs::pulp_parent::messaging_ca_cert,
|
||
messaging_client_cert => $certs::pulp_parent::messaging_client_cert,
|
||
consumers_ca_cert => $certs::ca_cert,
|
||
consumers_ca_key => $certs::ca_key,
|
||
consumers_crl => $candlepin::crl_file,
|
||
proxy_url => $proxy_url,
|
||
proxy_port => $proxy_port,
|
||
proxy_username => $proxy_username,
|
||
proxy_password => $proxy_password,
|
||
mongodb_path => $mongodb_path,
|
||
ca_cert => $::certs::ca_cert,
|
||
ca_key => $::certs::ca_key,
|
||
ssl_ca_cert => $::certs::ca_cert,
|
||
oauth_enabled => true,
|
||
oauth_key => $katello::oauth_key,
|
||
oauth_secret => $katello::oauth_secret,
|
||
messaging_url => "ssl://${::fqdn}:5671",
|
||
messaging_ca_cert => $certs::pulp_parent::messaging_ca_cert,
|
||
messaging_client_cert => $certs::pulp_parent::messaging_client_cert,
|
||
messaging_transport => 'qpid',
|
||
broker_url => "qpid://${::fqdn}:5671",
|
||
broker_use_ssl => true,
|
||
consumers_crl => $candlepin::crl_file,
|
||
proxy_url => $proxy_url,
|
||
proxy_port => $proxy_port,
|
||
proxy_username => $proxy_username,
|
||
proxy_password => $proxy_password,
|
||
manage_broker => false,
|
||
manage_httpd => false,
|
||
} ~>
|
||
class { '::qpid::client':
|
||
ssl => true,
|
metadata.json | ||
---|---|---|
},
|
||
{
|
||
"name": "katello-pulp",
|
||
"version_requirement": ">= 0.1.0 < 1.0.0"
|
||
"version_requirement": ">= 1.0.0 < 2.0.0"
|
||
},
|
||
{
|
||
"name": "katello-elasticsearch",
|
templates/pulp.conf.erb | ||
---|---|---|
#
|
||
# WARNING: THIS CONFIGURATION WAS GENERATED BY KATELLO-CONFIGURE TOOL,
|
||
# CHANGES WILL LIKELY BE OVERWRITTEN.
|
||
#
|
||
|
||
# Apache configuration file for pulp web services and repositories
|
||
|
||
AddType application/x-pkcs7-crl .crl
|
||
AddType application/x-x509-ca-cert .crt
|
||
|
||
# Example ssl cert and key files to get you started.
|
||
# This MUST match /etc/pulp/pulp.conf [security] 'cacert'.
|
||
SSLCACertificateFile <%= scope.lookupvar("::certs::ca_cert") %>
|
||
|
||
# allow older yum clients to connect, see bz 647828
|
||
SSLInsecureRenegotiation on
|
||
|
||
WSGIProcessGroup pulp
|
||
WSGIApplicationGroup pulp
|
||
WSGIDaemonProcess pulp user=apache group=apache processes=1 threads=8 display-name=%{GROUP}
|
||
|
||
# DEBUG - uncomment the next 2 lines to enable debugging
|
||
#WSGIRestrictStdin Off
|
||
#WSGIRestrictStdout Off
|
||
|
||
WSGISocketPrefix run/wsgi
|
||
WSGIScriptAlias /pulp/api /srv/pulp/webservices.wsgi
|
||
WSGIImportScript /srv/pulp/webservices.wsgi process-group=pulp application-group=pulp
|
||
|
||
<Files webservices.wsgi>
|
||
WSGIPassAuthorization On
|
||
WSGIProcessGroup pulp
|
||
WSGIApplicationGroup pulp
|
||
SSLRenegBufferSize 1048576
|
||
SSLRequireSSL
|
||
SSLVerifyDepth 3
|
||
SSLOptions +StdEnvVars +ExportCertData
|
||
SSLVerifyClient optional
|
||
</Files>
|
||
|
||
<%- if scope.lookupvar('operatingsystem') == 'Fedora' && scope.lookupvar('operatingsystemrelease') == '18' -%>
|
||
<Directory /srv/pulp>
|
||
Require all granted
|
||
</Directory>
|
||
|
||
<VirtualHost *:80>
|
||
Include /etc/pulp/vhosts80/*.conf
|
||
</VirtualHost>
|
||
<%- end -%>
|
Also available in: Unified diff
Fixes #11609: Use Pulp module 1.0