diff options
Diffstat (limited to 'modules/sympa/manifests')
| -rw-r--r-- | modules/sympa/manifests/datasource/ldap_group.pp | 5 | ||||
| -rw-r--r-- | modules/sympa/manifests/init.pp | 314 | ||||
| -rw-r--r-- | modules/sympa/manifests/list.pp | 57 | ||||
| -rw-r--r-- | modules/sympa/manifests/list/announce.pp | 21 | ||||
| -rw-r--r-- | modules/sympa/manifests/list/private.pp | 16 | ||||
| -rw-r--r-- | modules/sympa/manifests/list/public.pp | 16 | ||||
| -rw-r--r-- | modules/sympa/manifests/list/public_restricted.pp | 17 | ||||
| -rw-r--r-- | modules/sympa/manifests/scenario/sender_restricted.pp | 9 | ||||
| -rw-r--r-- | modules/sympa/manifests/search_filter/ldap.pp | 5 | ||||
| -rw-r--r-- | modules/sympa/manifests/server.pp | 103 | ||||
| -rw-r--r-- | modules/sympa/manifests/variable.pp | 3 |
11 files changed, 253 insertions, 313 deletions
diff --git a/modules/sympa/manifests/datasource/ldap_group.pp b/modules/sympa/manifests/datasource/ldap_group.pp new file mode 100644 index 00000000..6060bec4 --- /dev/null +++ b/modules/sympa/manifests/datasource/ldap_group.pp @@ -0,0 +1,5 @@ +define sympa::datasource::ldap_group { + file { "/etc/sympa/data_sources/${name}.incl": + content => template('sympa/data_sources/ldap_group.incl') + } +} diff --git a/modules/sympa/manifests/init.pp b/modules/sympa/manifests/init.pp index 51a76694..7f6fcfe6 100644 --- a/modules/sympa/manifests/init.pp +++ b/modules/sympa/manifests/init.pp @@ -1,313 +1 @@ -class sympa { - class variable { - $vhost = "ml.$domain" - } - - class server inherits variable { - # perl-CGI-Fast is needed for fast cgi - # perl-Socket6 is required by perl-IO-Socket-SSL - # (optional requirement) - package { ['sympa', 'sympa-www', 'perl-CGI-Fast', - 'perl-Socket6']: } - - # sympa script start 5 differents script, I am not - # sure that puppet will correctly handle this - service { "sympa": - subscribe => [ Package["sympa"], File['/etc/sympa/sympa.conf']] - } - - $pgsql_password = extlookup("sympa_pgsql",'x') - $ldap_password = extlookup("sympa_ldap",'x') - - postgresql::remote_db_and_user { 'sympa': - password => $pgsql_password, - description => "Sympa database", - } - - File { - require => Package['sympa'], - } - - file { '/etc/sympa/sympa.conf': - # should be cleaner to have it root owned, but puppet do not support acl - # and in any case, config will be reset if it change - owner => sympa, - group => apache, - mode => 640, - content => template("sympa/sympa.conf"), - } - - file { '/etc/sympa/auth.conf': - content => template("sympa/auth.conf"), - notify => Service['httpd'], - } - - - include apache::mod_fcgid - apache::webapp_other{"sympa": - webapp_file => "sympa/webapp_sympa.conf", - } - - apache::vhost_redirect_ssl { "$vhost": } - - apache::vhost_base { "$vhost": - use_ssl => true, - content => template("sympa/vhost_ml.conf"), - } - - subversion::snapshot { "/etc/sympa/web_tt2": - source => "svn://svn.mageia.org/svn/web/templates/sympa/trunk" - } - - file { ["/etc/sympa/lists_xml/", - "/etc/sympa/scenari/", - "/etc/sympa/data_sources/", - "/etc/sympa/search_filters/"]: - ensure => directory, - purge => true, - recurse => true, - force => true, - } - - file { - "/etc/sympa/scenari/subscribe.open_web_only_notify": - source => "puppet:///modules/sympa/scenari/open_web_only_notify"; - "/etc/sympa/scenari/unsubscribe.open_web_only_notify": - source => "puppet:///modules/sympa/scenari/open_web_only_notify"; - "/etc/sympa/scenari/send.subscriber_moderated": - source => "puppet:///modules/sympa/scenari/subscriber_moderated"; - "/etc/sympa/scenari/create_list.forbidden": - source => "puppet:///modules/sympa/scenari/forbidden"; - "/etc/sympa/topics.conf": - source => "puppet:///modules/sympa/topics.conf"; - } - - define ldap_search_filter { - file { "/etc/sympa/search_filters/$name.ldap": - content => template('sympa/search_filters/group.ldap') - } - } - - define ldap_group_datasource { - file { "/etc/sympa/data_sources/$name.incl": - content => template('sympa/data_sources/ldap_group.incl') - } - } - - define scenario_sender_ldap_group { - file { "/etc/sympa/scenari/send.restricted_$name": - content => template('sympa/scenari/sender.ldap_group') - } - } - - define scenario_sender_email { - $sender_email_file = regsubst($name,'\@','-at-') - file { "/etc/sympa/scenari/send.restricted_$sender_email_file": - content => template('sympa/scenari/sender.email') - } - } - - # add each group that could be used in a sympa ml either as - # - owner - # - editor ( moderation ) - ldap_group_datasource { "mga-sysadmin": } - ldap_group_datasource { "mga-ml_moderators": } - - - # directory that will hold the list data - # i am not sure of the name ( misc, 09/12/10 ) - file { "/var/lib/sympa/expl/": - ensure => directory, - owner => sympa, - } - } - - define list($subject, - $profile = false, - $language = 'en', - $topics = false, - $reply_to = false, - $sender_email = false, - $sender_ldap_group = false, - $subscriber_ldap_group = false, - $public_archive = true, - $subscription_open = false) { - - include sympa::variable - $ldap_password = extlookup("sympa_ldap",'x') - $custom_subject = $name - - $xml_file = "/etc/sympa/lists_xml/$name.xml" - - if $sender_email { - $sender_email_file = regsubst($sender_email,'\@','-at-') - } else { - $sender_email_file = '' - } - - file { "$xml_file": - content => template('sympa/list.xml'), - require => Package[sympa], - } - - exec { "sympa.pl --create_list --robot=$sympa::variable::vhost --input_file=$xml_file": - require => File["$xml_file"], - creates => "/var/lib/sympa/expl/$name", - before => File["/var/lib/sympa/expl/$name/config"], - } - - file { "/var/lib/sympa/expl/$name/config": - owner => sympa, - group => sympa, - mode => 750, - content => template("sympa/config"), - notify => Service['sympa'], - } - - if $sender_ldap_group { - if ! defined(Sympa::Server::Scenario_sender_ldap_group[$sender_ldap_group]) { - sympa::server::scenario_sender_ldap_group { $sender_ldap_group: } - } - } - - if $sender_email { - if ! defined(Sympa::Server::Scenario_sender_email[$sender_email]) { - sympa::server::scenario_sender_email { $sender_email: } - } - } - - if $subscriber_ldap_group { - if ! defined(Sympa::Server::Ldap_search_filter[$subscriber_ldap_group]) { - sympa::server::ldap_search_filter { $subscriber_ldap_group: } - } - } - } - -# -# various types of list that can be directly used -# -# - - # public discussion list - # reply_to is set to the list - define public_list($subject, $language = 'en', $topics = false) { - include sympa::variable - list { $name: - subject => $subject, - # profile => "public", - language => $language, - topics => $topics, - reply_to => "$name@$sympa::variable::vhost", - } - } - - # list where announce are sent by member of ldap_group - # reply_to is set to $reply_to - define announce_list_group($subject, $reply_to, $sender_ldap_group, $language = 'en', $topics = false) { - # profile + scenario - list{ $name: - subject => $subject, - profile => "", - language => $language, - topics => $topics, - reply_to => $reply_to, - sender_ldap_group => $sender_ldap_group, - } - } - - - # list where announce are sent by $email only - # reply_to is set to $reply_to - define announce_list_email($subject, $reply_to, $sender_email, $language = 'en', $topics = false) { - list{ $name: - subject => $subject, - profile => "", - language => $language, - topics => $topics, - reply_to => $reply_to, - sender_email => $sender_email, - } - } - - # list where people cannot subscribe, where people from $ldap_group receive - # mail, with public archive - define restricted_list($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { - list{ $name: - subject => $subject, - profile => "", - topics => $topics, - language => $language, - subscriber_ldap_group => $subscriber_ldap_group, - sender_ldap_group => $subscriber_ldap_group, - } - } - - # list where only people from the ldap_group can post, ad where they are subscribe - # by default, but anybody else can subscribe to read and receive messages - define public_restricted_list($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { - list{ $name: - subject => $subject, - profile => "", - topics => $topics, - language => $language, - subscriber_ldap_group => $subscriber_ldap_group, - sender_ldap_group => $subscriber_ldap_group, - subscription_open => true, - } - } - - - # same as restricted list, but anybody can post - define restricted_list_open($subject, $subscriber_ldap_group, $language = 'en', $topics = false) { - list{ $name: - subject => $subject, - profile => "", - language => $language, - topics => $topics, - subscriber_ldap_group => $subscriber_ldap_group, - sender_ldap_group => $subscriber_ldap_group, - } - } - - # list with private archive, restricted to member of $ldap_group - define private_list($subject, $subscriber_ldap_group, $language ='en', $topics = false) { - list{ $name: - subject => $subject, - profile => "", - language => $language, - topics => $topics, - subscriber_ldap_group => $subscriber_ldap_group, - sender_ldap_group => $subscriber_ldap_group, - public_archive => false, - } - } - - # list with private archive, restricted to member of $ldap_group - # everybody can post - # used for contact alias - define private_list_open($subject, $subscriber_ldap_group, $language ='en', $topics = false) { - list{ $name: - subject => $subject, - profile => "", - language => $language, - topics => $topics, - subscriber_ldap_group => $subscriber_ldap_group, - public_archive => false, - } - } - - # same as private_list, but post are restricted to $email - # ( scripting ) - define private_list_email($subject, $subscriber_ldap_group, $sender_email, $language ='en', $topics = false) { - list{ $name: - subject => $subject, - profile => "", - language => $language, - topics => $topics, - subscriber_ldap_group => $subscriber_ldap_group, - sender_email => $sender_email, - public_archive => false, - } - } -} - +class sympa { } diff --git a/modules/sympa/manifests/list.pp b/modules/sympa/manifests/list.pp new file mode 100644 index 00000000..205d2719 --- /dev/null +++ b/modules/sympa/manifests/list.pp @@ -0,0 +1,57 @@ +define sympa::list( $subject, + $language = 'en', + $topics = false, + $reply_to = false, + $sender_subscriber = false, + $sender_email = false, + $sender_ldap_group = false, + $subscriber_ldap_group = false, + $public_archive = true, + $subscription_open = false, + $critical = false) { + + include sympa::variable + $ldap_password = extlookup('sympa_ldap','x') + $custom_subject = $name + + $xml_file = "/etc/sympa/lists_xml/${name}.xml" + + file { $xml_file: + content => template('sympa/list.xml'), + require => Package[sympa], + } + + exec { "sympa.pl --create_list --robot=${sympa::variable::vhost} --input_file=${xml_file}": + require => File[$xml_file], + creates => "/var/lib/sympa/expl/${name}", + before => File["/var/lib/sympa/expl/${name}/config"], + } + + file { "/var/lib/sympa/expl/${name}/config": + owner => 'sympa', + group => 'sympa', + mode => '0750', + content => template('sympa/config'), + notify => Service['sympa'], + } + + sympa::scenario::sender_restricted { $name: + ldap_group => $sender_ldap_group, + email => $sender_email, + allow_subscriber => $sender_subscriber, + } + + if $subscriber_ldap_group { + if ! defined(Sympa::Search_filter::Ldap[$subscriber_ldap_group]) { + sympa::search_filter::ldap { $subscriber_ldap_group: } + } + } + + if $sender_ldap_group { + if ! defined(Sympa::Search_filter::Ldap[$sender_ldap_group]) { + sympa::search_filter::ldap { $sender_ldap_group: } + } + } +} + + diff --git a/modules/sympa/manifests/list/announce.pp b/modules/sympa/manifests/list/announce.pp new file mode 100644 index 00000000..2dd1c647 --- /dev/null +++ b/modules/sympa/manifests/list/announce.pp @@ -0,0 +1,21 @@ +# list where announce are sent by $email or $ldap_group only +# reply_to is set to $reply_to +define sympa::list::announce($subject, + $reply_to, + $sender_email = false, + $sender_ldap_group = false, + $subscriber_ldap_group = false, + $language = 'en', + $topics = false, + $critical = false) { + list { $name: + subject => $subject, + language => $language, + topics => $topics, + reply_to => $reply_to, + sender_email => $sender_email, + sender_ldap_group => $sender_ldap_group, + subscriber_ldap_group => $subscriber_ldap_group, + critical => $critical + } +} diff --git a/modules/sympa/manifests/list/private.pp b/modules/sympa/manifests/list/private.pp new file mode 100644 index 00000000..c8d9b38e --- /dev/null +++ b/modules/sympa/manifests/list/private.pp @@ -0,0 +1,16 @@ +# list with private archive, restricted to member of $ldap_group +define sympa::list::private($subject, + $subscriber_ldap_group, + $sender_email = false, + $language ='en', + $topics = false) { + list { $name: + subject => $subject, + language => $language, + topics => $topics, + subscriber_ldap_group => $subscriber_ldap_group, + sender_ldap_group => $subscriber_ldap_group, + sender_email => $sender_email, + public_archive => false, + } +} diff --git a/modules/sympa/manifests/list/public.pp b/modules/sympa/manifests/list/public.pp new file mode 100644 index 00000000..7b97534a --- /dev/null +++ b/modules/sympa/manifests/list/public.pp @@ -0,0 +1,16 @@ +# public discussion list +# reply_to is set to the list +define sympa::list::public($subject, + $language = 'en', + $topics = false, + $sender_email = false) { + include sympa::variable + list { $name: + subject => $subject, + language => $language, + topics => $topics, + sender_email => $sender_email, + sender_subscriber => true, + reply_to => "${name}@${sympa::variable::vhost}", + } +} diff --git a/modules/sympa/manifests/list/public_restricted.pp b/modules/sympa/manifests/list/public_restricted.pp new file mode 100644 index 00000000..5c316368 --- /dev/null +++ b/modules/sympa/manifests/list/public_restricted.pp @@ -0,0 +1,17 @@ +# list where only people from the ldap_group can post, and where +# they are subscribed by default, but anybody else can subscribe +# to read and receive messages +define sympa::list::public_restricted($subject, + $subscriber_ldap_group, + $language = 'en', + $topics = false) { + list { $name: + subject => $subject, + topics => $topics, + language => $language, + subscriber_ldap_group => $subscriber_ldap_group, + sender_ldap_group => $subscriber_ldap_group, + subscription_open => true, + reply_to => "${name}@${sympa::variable::vhost}", + } +} diff --git a/modules/sympa/manifests/scenario/sender_restricted.pp b/modules/sympa/manifests/scenario/sender_restricted.pp new file mode 100644 index 00000000..c69d3669 --- /dev/null +++ b/modules/sympa/manifests/scenario/sender_restricted.pp @@ -0,0 +1,9 @@ +define sympa::scenario::sender_restricted( + $email = false, + $ldap_group = false, + $allow_subscriber = false +) { + file { "/etc/sympa/scenari/send.restricted_${name}": + content => template('sympa/scenari/sender.restricted') + } +} diff --git a/modules/sympa/manifests/search_filter/ldap.pp b/modules/sympa/manifests/search_filter/ldap.pp new file mode 100644 index 00000000..5cbc84f8 --- /dev/null +++ b/modules/sympa/manifests/search_filter/ldap.pp @@ -0,0 +1,5 @@ +define sympa::search_filter::ldap { + file { "/etc/sympa/search_filters/$name.ldap": + content => template('sympa/search_filters/group.ldap') + } +} diff --git a/modules/sympa/manifests/server.pp b/modules/sympa/manifests/server.pp new file mode 100644 index 00000000..bcdda789 --- /dev/null +++ b/modules/sympa/manifests/server.pp @@ -0,0 +1,103 @@ +class sympa::server( + $authentication_info_url = 'https://wiki.mageia.org/en/Mageia.org_user_account' + ) { + include sympa::variable + # perl-CGI-Fast is needed for fast cgi + # perl-Socket6 is required by perl-IO-Socket-SSL + # (optional requirement) + package {['sympa', + 'sympa-www', + 'perl-CGI-Fast', + 'perl-Socket6']: } + + # sympa script starts 5 different scripts; I am not + # sure that puppet will correctly handle this + service { 'sympa': + subscribe => [ Package['sympa'], File['/etc/sympa/sympa.conf']] + } + + service { 'sympa-outgoing': + ensure => running, + require => Service['sympa'] + } + + $pgsql_password = extlookup('sympa_pgsql','x') + $ldap_password = extlookup('sympa_ldap','x') + + postgresql::remote_db_and_user { 'sympa': + password => $pgsql_password, + description => 'Sympa database', + } + + File { + require => Package['sympa'], + } + + $vhost = $sympa::variable::vhost + file { '/etc/sympa/sympa.conf': + # should be cleaner to have it root owned, but puppet does not support acls + # and in any case, config will be reset if it changes + owner => 'sympa', + group => 'apache', + mode => '0640', + content => template('sympa/sympa.conf'), + } + + file { '/etc/sympa/auth.conf': + content => template('sympa/auth.conf'), + notify => Service['httpd'], + } + + + include apache::mod::fcgid + apache::webapp_other { 'sympa': + webapp_file => 'sympa/webapp_sympa.conf', + } + + apache::vhost::redirect_ssl { $sympa::variable::vhost: } + + apache::vhost::base { $sympa::variable::vhost: + use_ssl => true, + content => template('sympa/vhost_ml.conf'), + } + +# git::snapshot { '/etc/sympa/web_tt2': +# source => "git://git.${::domain}/web/templates/sympa", +# } + + file { ['/etc/sympa/lists_xml/', + '/etc/sympa/scenari/', + '/etc/sympa/data_sources/', + '/etc/sympa/search_filters/']: + ensure => directory, + purge => true, + recurse => true, + force => true, + } + + file { + '/etc/sympa/scenari/subscribe.open_web_only_notify': + source => 'puppet:///modules/sympa/scenari/open_web_only_notify'; + '/etc/sympa/scenari/unsubscribe.open_web_only_notify': + source => 'puppet:///modules/sympa/scenari/open_web_only_notify'; + '/etc/sympa/scenari/create_list.forbidden': + source => 'puppet:///modules/sympa/scenari/forbidden'; + '/etc/sympa/topics.conf': + source => 'puppet:///modules/sympa/topics.conf'; + } + + # add each group that could be used in a sympa ml either as + # - owner + # - editor ( moderation ) + sympa::datasource::ldap_group { 'mga-sysadmin': } + sympa::datasource::ldap_group { 'mga-ml_moderators': } + + + # directory that will hold the list data + # i am not sure of the name ( misc, 09/12/10 ) + file { '/var/lib/sympa/expl/': + ensure => directory, + owner => 'sympa', + } + +} diff --git a/modules/sympa/manifests/variable.pp b/modules/sympa/manifests/variable.pp new file mode 100644 index 00000000..26f60294 --- /dev/null +++ b/modules/sympa/manifests/variable.pp @@ -0,0 +1,3 @@ +class sympa::variable { + $vhost = "ml.${::domain}" +} |