modules/transifex/manifests/init.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

class transifex {
    include django_application

    package { 'transifex': }
 
    $pgsql_password = extlookup("transifex_pgsql",'x')
    $ldap_password = extlookup("transifex_ldap",'x')

    $templates_dir = "/var/lib/transifex/templates"

    postgresql::remote_db_and_user { 'transifex':
        description => "Transifex database",
        password => $pgsql_password,
    }

    define config() {
        $filename = $name

        file { "/etc/transifex/$filename":
            group => apache,
            mode => 640,
            require => Package['transifex'],
            notify => Service['apache'],
            content => template("transifex/$filename"),
        }
    }

    config { [ "20-engines.conf",
               "30-site.conf",
               "40-apps.conf",
               "45-ldap.conf",
               "50-project.conf"]: }

    subversion::snapshot { $templates_dir:
        source => "svn://svn.mageia.org/svn/web/templates/transifex/trunk"
    }

    apache::vhost_django_app { "transifex.$domain":
        module => "transifex",
        use_ssl => true,
        module_path => ["/usr/share/transifex","/usr/share","/usr/local/lib/"],
        aliases => { "/site_media/static/admin/" => "/usr/lib/python2.6/site-packages/django/contrib/admin/media/", },
    }

    # tx need write access there when running in apache
    file { "/var/lib/transifex/scratchdir/storage_files":
        ensure => directory,
        owner => apache,
        group => apache,
        require => Package['transifex'],
    }

    apache::vhost_redirect_ssl { "transifex.$domain": }

    # the group are mapped from ldap, since AUTH_LDAP_FIND_GROUP_PERMS is set to yes
    # but the group need to exist in django first
    django_application::create_group { ["mga-i18n","mga-i18n-committers"]:
        module => "transifex",
        path => "/usr/share/transifex:/usr/share",
    }

    define committers_permission($app='')
    {
        # using django_application::add_permission_to_group may cause problem
        # if we install a 2nd django application with the same permission name ( as it need
        # to be unique )
        django_application::add_permission_to_group { $name:
            app => $app,
            group => 'mga-i18n-committers',
            module => "transifex",
            path => "/usr/share/transifex:/usr/share",
            require => Django_application::Create_group['mga-i18n-committers'],
        }
    }
  
    committers_permission { ['add_project',
                             'change_project',
                             'delete_project']: }

    committers_permission { ['add_release',
                             'change_release',
                             'delete_release']: }

    committers_permission { ['add_resource',
                             'change_resource',
                             'delete_resource']:
        app => "resources",
    }
}