From 0c148ea26f1f408d4dd30e071e01013e354b65ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C3=A9cureuil?= Date: Thu, 23 Mar 2017 21:11:34 +0100 Subject: Add bugzilla-dev module --- modules/bugzilla-dev/manifests/init.pp | 79 +++++++++++++++ modules/bugzilla-dev/templates/localconfig | 103 +++++++++++++++++++ modules/bugzilla-dev/templates/params | 111 +++++++++++++++++++++ modules/bugzilla-dev/templates/robots.txt | 10 ++ modules/bugzilla-dev/templates/vhost.conf | 2 + .../bugzilla-dev/templates/webapp_bugzilla.conf | 47 +++++++++ 6 files changed, 352 insertions(+) create mode 100755 modules/bugzilla-dev/manifests/init.pp create mode 100755 modules/bugzilla-dev/templates/localconfig create mode 100755 modules/bugzilla-dev/templates/params create mode 100755 modules/bugzilla-dev/templates/robots.txt create mode 100755 modules/bugzilla-dev/templates/vhost.conf create mode 100755 modules/bugzilla-dev/templates/webapp_bugzilla.conf (limited to 'modules') diff --git a/modules/bugzilla-dev/manifests/init.pp b/modules/bugzilla-dev/manifests/init.pp new file mode 100755 index 00000000..06c53abc --- /dev/null +++ b/modules/bugzilla-dev/manifests/init.pp @@ -0,0 +1,79 @@ +class bugzilla { + + $extension_location = '/usr/share/bugzilla/extensions/Mageia' + + package {['bugzilla', + 'bugzilla-extension-sitemap', + 'graphviz', + 'perl-Template-GD', # needed for graphical_report support + 'perl-Test-Taint', + 'perl-JSON-RPC']: } + + $pgsql_password = extlookup('bugzilla_pgsql','x') + $ldap_password = extlookup('bugzilla_ldap','x') + + postgresql::remote_db_and_user { 'bugs': + description => 'Bugzilla database', + password => $pgsql_password, + } + + file { '/etc/bugzilla/localconfig': + group => 'apache', + mode => '0640', + content => template('bugzilla/localconfig'), + require => Package['bugzilla'], + } + + + file { '/var/lib/bugzilla/params': + group => 'apache', + mode => '0640', + content => template('bugzilla/params'), + require => Package['bugzilla'], + } + + apache::webapp_other { 'bugzilla': + webapp_file => 'bugzilla/webapp_bugzilla.conf', + } + + $bugs_vhost = "bugs.${::domain}" + $vhost_root = '/usr/share/bugzilla/www' + + apache::vhost::redirect_ssl { $bugs_vhost: } + + apache::vhost::base { $bugs_vhost: + content => template('bugzilla/vhost.conf'), + aliases => { '/bugzilla/' => $vhost_root }, + use_ssl => true, + location => $vhost_root, + vhost => $bugs_vhost, + } + + git::snapshot { $extension_location: + source => "git://git.${::domain}/web/templates/bugzilla", + require => Package['bugzilla'], + } + + file { 'Mageia': + ensure => directory, + path => '/usr/share/bugzilla/extensions', + group => 'apache', + mode => '0640', + recurse => true, + require => Git::Snapshot[$extension_location], + } + + file { '/usr/share/bugzilla/www/robots.txt': + group => 'apache', + mode => '0640', + content => template('bugzilla/robots.txt'), + require => Package['bugzilla-extension-sitemap'], + } + + cron { 'collectstats': + command => '/usr/share/bugzilla/bin/collectstats.pl', + user => 'apache', + hour => 2, + minute => 30, + } +} diff --git a/modules/bugzilla-dev/templates/localconfig b/modules/bugzilla-dev/templates/localconfig new file mode 100755 index 00000000..169f55ed --- /dev/null +++ b/modules/bugzilla-dev/templates/localconfig @@ -0,0 +1,103 @@ + +# If you are using Apache as your web server, Bugzilla can create .htaccess +# files for you that will instruct Apache not to serve files that shouldn't +# be accessed from the web browser (like your local configuration data and non-cgi +# executable files). For this to work, the directory your Bugzilla +# installation is in must be within the jurisdiction of a block +# in the httpd.conf file that has 'AllowOverride Limit' in it. If it has +# 'AllowOverride All' or other options with Limit, that's fine. +# (Older Apache installations may use an access.conf file to store these +# blocks.) +# If this is set to 1, Bugzilla will create these files if they don't exist. +# If this is set to 0, Bugzilla will not create these files. +$create_htaccess = 0; + +# Usually, this is the group your web server runs as. +# If you have a Windows box, ignore this setting. +# If you have use_suexec switched on below, this is the group Apache switches +# to in order to run Bugzilla scripts. +# If you do not have access to the group your scripts will run under, +# set this to "". If you do set this to "", then your Bugzilla installation +# will be _VERY_ insecure, because some files will be world readable/writable, +# and so anyone who can get local access to your machine can do whatever they +# want. You should only have this set to "" if this is a testing installation +# and you cannot set this up any other way. YOU HAVE BEEN WARNED! +# If you set this to anything other than "", you will need to run checksetup.pl +# asroot, or as a user who is a member of the specified group. +$webservergroup = 'apache'; + +# Set this if Bugzilla runs in an Apache SuexecUserGroup environment. +# (If your web server runs control panel software (cPanel, Plesk or similar), +# or if your Bugzilla is to run in a shared hosting environment, then you are +# almost certainly in an Apache SuexecUserGroup environment.) +# If you have a Windows box, ignore this setting. +# If set to 0, Bugzilla will set file permissions as tightly as possible. +# If set to 1, Bugzilla will set file permissions so that it may work in an +# SuexecUserGroup environment. The difference is that static files (CSS, +# JavaScript and so on) will receive world read permissions. +$use_suexec = 0; + +# What SQL database to use. Default is mysql. List of supported databases +# can be obtained by listing Bugzilla/DB directory - every module corresponds +# to one supported database and the name corresponds to a driver name. +$db_driver = 'pg'; + +# The DNS name of the host that the database server runs on. +$db_host = 'pgsql.<%= domain %>'; + +# The name of the database +$db_name = 'bugs'; + +# Who we connect to the database as. +$db_user = 'bugs'; + +# Enter your database password here. It's normally advisable to specify +# a password for your bugzilla database user. +# If you use apostrophe (') or a backslash (\) in your password, you'll +# need to escape it by preceding it with a '\' character. (\') or (\) +# (Far simpler just not to use those characters.) +$db_pass = '<%= pgsql_password %>'; + +# Sometimes the database server is running on a non-standard port. If that's +# the case for your database server, set this to the port number that your +# database server is running on. Setting this to 0 means "use the default +# port for my database server." +$db_port = 0; + +# MySQL Only: Enter a path to the unix socket for MySQL. If this is +# blank, then MySQL's compiled-in default will be used. You probably +# want that. +$db_sock = ''; + +# Should checksetup.pl try to verify that your database setup is correct? +# (with some combinations of database servers/Perl modules/moonphase this +# doesn't work) +$db_check = 1; + +# With the introduction of a configurable index page using the +# template toolkit, Bugzilla's main index page is now index.cgi. +# Most web servers will allow you to use index.cgi as a directory +# index, and many come preconfigured that way, but if yours doesn't +# then you'll need an index.html file that provides redirection +# to index.cgi. Setting $index_html to 1 below will allow +# checksetup.pl to create one for you if it doesn't exist. +# NOTE: checksetup.pl will not replace an existing file, so if you +# wish to have checksetup.pl create one for you, you must +# make sure that index.html doesn't already exist +$index_html = 0; + +# For some optional functions of Bugzilla (such as the pretty-print patch +# viewer), we need the cvs binary to access files and revisions. +# Because it's possible that this program is not in your path, you can specify +# its location here. Please specify the full path to the executable. +$cvsbin = '/usr/bin/cvs'; + +# For some optional functions of Bugzilla (such as the pretty-print patch +# viewer), we need the interdiff binary to make diffs between two patches. +# Because it's possible that this program is not in your path, you can specify +# its location here. Please specify the full path to the executable. +$interdiffbin = '/usr/bin/interdiff'; + +# The interdiff feature needs diff, so we have to have that path. +# Please specify the directory name only; do not use trailing slash. +$diffpath = '/usr/bin'; diff --git a/modules/bugzilla-dev/templates/params b/modules/bugzilla-dev/templates/params new file mode 100755 index 00000000..21269924 --- /dev/null +++ b/modules/bugzilla-dev/templates/params @@ -0,0 +1,111 @@ +%param = ( + 'LDAPBaseDN' => 'ou=People,<%= dc_suffix %>', + 'LDAPbinddn' => 'cn=bugzilla-alamut,ou=System Accounts,<%= dc_suffix %>:<%= ldap_password %>', + 'LDAPfilter' => '', + 'LDAPmailattribute' => 'mail', + 'LDAPserver' => 'ldap.<%= domain %>', + 'LDAPstarttls' => '1', + 'LDAPuidattribute' => 'uid', + 'RADIUS_NAS_IP' => '', + 'RADIUS_email_suffix' => '', + 'RADIUS_secret' => '', + 'RADIUS_server' => '', + 'ajax_user_autocompletion' => '1', + 'allow_attach_url' => 0, + 'allow_attachment_deletion' => 0, + 'allow_attachment_display' => 1, + 'allowbugdeletion' => 0, + 'allowemailchange' => 0, + 'allowloginid' => '0', + 'allowuserdeletion' => 0, + 'announcehtml' => '', + 'attachment_base' => '', + 'auth_env_email' => '', + 'auth_env_id' => '', + 'auth_env_realname' => '', + 'bonsai_url' => '', + 'chartgroup' => 'editbugs', + 'commentonchange_resolution' => 1, + 'commentonduplicate' => 0, + 'confirmuniqueusermatch' => 1, + 'cookiedomain' => '', + 'cookiepath' => '/', + 'createemailregexp' => '.*', + 'cvsroot' => '', + 'cvsroot_get' => '', + 'debug_group' => 'editbugs', + 'default_search_limit' => '500', + 'defaultopsys' => 'Linux', + 'defaultplatform' => 'All', + 'defaultpriority' => 'Normal', + 'defaultquery' => 'bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&emailassigned_to1=1&emailassigned_to2=1&emailreporter2=1&emailcc2=1&emailqa_contact2=1&order=Importance&long_desc_type=substring', + 'defaultseverity' => 'normal', + 'docs_urlbase' => ' http://www.bugzilla.org/docs/4.4/en/html/', + 'duplicate_or_move_bug_status' => 'RESOLVED', + 'emailregexp' => '^[\\w\\.\\+\\-=]+@[\\w\\.\\-]+\\.[\\w\\-]+$', + 'emailregexpdesc' => 'A legal address must contain exactly one \'@\', and at least one \'.\' after the @.', + 'emailsuffix' => '', + 'globalwatchers' => 'bugs@ml.<%= domain %>', + 'inbound_proxies' => '', + 'insidergroup' => 'secteam', + 'letsubmitterchoosemilestone' => 1, + 'letsubmitterchoosepriority' => 1, + 'lxr_root' => '', + 'lxr_url' => '', + 'mail_delivery_method' => 'SMTP', + 'mailfrom' => 'bugzilla-daemon@<%= domain %>', + 'maintainer' => 'sysadmin@group.<%= domain %>', + 'makeproductgroups' => 0, + 'maxattachmentsize' => '1000', + 'maxlocalattachment' => '0', + 'maxusermatches' => '1000', + 'mostfreqthreshold' => '2', + 'move-button-text' => 'Move To Bugscape', + 'move-enabled' => 0, + 'move-to-address' => 'bugzilla-import', + 'move-to-url' => '', + 'moved-default-component' => '', + 'moved-default-product' => '', + 'moved-from-address' => 'bugzilla-admin', + 'movers' => '', + 'musthavemilestoneonaccept' => 0, + 'mybugstemplate' => 'buglist.cgi?bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&emailassigned_to1=1&emailreporter1=1&emailtype1=exact&email1=%userid%&field0-0-0=bug_status&type0-0-0=notequals&value0-0-0=UNCONFIRMED&field0-0-1=reporter&type0-0-1=equals&value0-0-1=%userid%', + 'noresolveonopenblockers' => 0, + 'proxy_url' => '', + 'querysharegroup' => 'editbugs', + 'quip_list_entry_control' => 'open', + 'rememberlogin' => 'on', + 'requirelogin' => '0', + 'search_allow_no_criteria' => '0', + 'sendmailnow' => 1, + 'shadowdb' => '', + 'shadowdbhost' => '', + 'shadowdbport' => '3306', + 'shadowdbsock' => '', + 'smtp_debug' => 0, + 'smtp_password' => '', + 'smtp_username' => '', + 'smtpserver' => 'localhost', + 'specific_search_allow_empty_words' => 1, + 'ssl_redirect' => 1, + 'sslbase' => 'https://bugs.<%= domain %>/', + 'strict_isolation' => 0, + 'timetrackinggroup' => '', + 'upgrade_notification' => 'latest_stable_release', + 'urlbase' => 'http://bugs.<%= domain %>/', + 'use_mailer_queue' => 0, + 'use_see_also' => 1, + 'usebugaliases' => 0, + 'useclassification' => 0, + 'usemenuforusers' => '0', + 'useqacontact' => 1, + 'user_info_class' => 'CGI', + 'user_verify_class' => 'LDAP', + 'usestatuswhiteboard' => 1, + 'usetargetmilestone' => 1, + 'usevisibilitygroups' => 0, + 'usevotes' => 0, + 'utf8' => 1, + 'webdotbase' => '/usr/bin/dot', + 'whinedays' => 0 + ); diff --git a/modules/bugzilla-dev/templates/robots.txt b/modules/bugzilla-dev/templates/robots.txt new file mode 100755 index 00000000..63639f02 --- /dev/null +++ b/modules/bugzilla-dev/templates/robots.txt @@ -0,0 +1,10 @@ +User-agent: * +Disallow: / +Allow: /*index.cgi +Allow: /*page.cgi +Allow: /*show_bug.cgi +Allow: /*describecomponents.cgi +Disallow: /*show_bug.cgi*ctype=* +Disallow: /*show_bug.cgi*format=multiple* +Disallow: /*page.cgi*id=voting* +Sitemap: https://bugs.mageia.org/page.cgi?id=sitemap/sitemap.xml diff --git a/modules/bugzilla-dev/templates/vhost.conf b/modules/bugzilla-dev/templates/vhost.conf new file mode 100755 index 00000000..79eab9fb --- /dev/null +++ b/modules/bugzilla-dev/templates/vhost.conf @@ -0,0 +1,2 @@ +RewriteEngine On +RewriteRule ^/([0-9]+)$ /show_bug.cgi?id=$1 [R=301,L] diff --git a/modules/bugzilla-dev/templates/webapp_bugzilla.conf b/modules/bugzilla-dev/templates/webapp_bugzilla.conf new file mode 100755 index 00000000..9446ce4f --- /dev/null +++ b/modules/bugzilla-dev/templates/webapp_bugzilla.conf @@ -0,0 +1,47 @@ +<% +path_data_directory = "/var/lib/bugzilla" +%> + + + Order allow,deny + Allow from all + AllowOverride Limit FileInfo Indexes Options + + Options ExecCGI + DirectoryIndex index.cgi + + +# The duplicates.rdf must be accessible, as it is used by +# duplicates.xul +> + + Order allow,deny + Allow from all + + + +# The png files locally created locally must be accessible +/webdot> + + Order allow,deny + Allow from all + + + +Alias /graphs/ <%= path_data_directory %>/graphs/ +/graphs> + + Order allow,deny + Allow from all + + + +# This should work automatically, but perhaps something +# in our Bugzilla packaging breaks this? +Alias /extensions/Mageia/web/ <%= scope.lookupvar("bugzilla::extension_location") %>/web/ +/web/> + + Order allow,deny + Allow from all + + -- cgit v1.2.1