aboutsummaryrefslogtreecommitdiffstats
path: root/manifests/nodes/alamut.pp
blob: 1f4c469c2aeec2f58542fc346750e9eb39d839d1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# web apps
node alamut {
# Location: IELO datacenter (marseille)
#
# TODO:
# - Review board
# - api
# - pastebin
# - LDAP slave
#
    include common::default_mageia_server_no_smtp
    include postgresql::server
    postgresql::tagged { 'default': }

    timezone::timezone { 'Europe/Paris': }

    include catdap
    include mga-mirrors

    class {'epoll::var':
        db_password => extlookup('epoll_pgsql','x'),
    }
    include epoll
    include epoll::create_db

    include bugzilla
    include sympa::server
    include postfix::server::primary

    # temporary, just the time the vm is running there
    host { 'friteuse':
        ensure       => 'present',
        ip           => '192.168.122.131',
        host_aliases => [ "friteuse.$domain", "forums.$domain" ],
    }

    # to create all phpbb database on alamut
    phpbb::databases { $fqdn: }

    apache::vhost::redirect_ssl { "forums.$domain": }
    apache::vhost_redirect { "forum.$domain":
        url => "https://forums.$domain/",
    }
    apache::vhost_redirect { "ssl_forum.$domain":
        url     => "https://forums.$domain/",
        vhost   => "forum.$domain",
        use_ssl => true,
    }

    # connect to ssl so the proxy do not shoke if trying to
    # enforce ssl ( note that this has not been tested, maybe this
    # is uneeded )
    apache::vhost::reverse_proxy { "ssl_forums.$domain":
        url     => "https://forums.$domain/",
        vhost   => "forums.$domain",
        use_ssl => true,
        content => '
        RewriteEngine On
        RewriteCond %{QUERY_STRING} mode=register
        RewriteRule .*ucp.php - [forbidden]
        ',
    }

    include tld_redirections

    include libvirtd::kvm
    include lists
    include dns::server
    include repositories::svn_mirror
    include viewvc

    # disabled until fixed
    #Enable back to test.
    include repositories::git_mirror
    include cgit
    include gitmirror

    include xymon::server
    apache::vhost_simple { "xymon.$domain":
        location => '/var/lib/xymon/www',
    }

    youri-check::report_www { 'check': }

    youri-check::config {'config_cauldron':
        version => 'cauldron',
    }
    youri-check::report { 'report_cauldron':
        version => 'cauldron',
        hour    => '*',
        minute  => '24'
    }

    youri-check::config {'config_5':
        version => '5',
    }
    youri-check::report {'report_5':
        version => '5',
        hour    => '*',
        minute  => '54'
    }

    include wikis
    include websites::perl
    include websites::www
    include websites::nav

    class { 'mgapeople':
        ldap_server => 'ldap.mageia.org',
        binddn      => 'cn=mgapeople-alamut,ou=System Accounts,dc=mageia,dc=org',
        bindpw      => extlookup('mgapeople_ldap','x'),
        vhost       => 'people.mageia.org',
        vhostdir    => '/var/www/vhosts/people.mageia.org',
        maintdburl  => 'http://pkgsubmit.mageia.org/data/maintdb.txt',
    }

    class { 'mga-treasurer':
        vhost    => 'treasurer.mageia.org',
        vhostdir => '/var/www/vhosts/treasurer.mageia.org',
    }

    # Forward ports to arm1 and arm2 ssh, to access them from outside
    xinetd::port_forward {'forward_arm1':
        target_ip   => 'arm1.mageia.org',
        target_port => '22',
        port        => '4251',
        proto       => 'tcp',
    }
    xinetd::port_forward {'forward_arm2':
        target_ip   => 'arm2.mageia.org',
        target_port => '22',
        port        => '4252',
        proto       => 'tcp',
    }
}