aboutsummaryrefslogtreecommitdiffstats
path: root/modules/transifex/manifests/init.pp
blob: 3e2c7da9839a0ba12439227491b75f744406ccd1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
class transifex {
  include django_application 
  package { 'transifex':
    ensure => installed
  }
 
  $pgsql_password = extlookup("transifex_pgsql",'x')
  $ldap_password = extlookup("transifex_ldap",'x')

  $templates_dir = "/var/lib/transifex/templates"

  @@postgresql::user { 'transifex':
        password => $pgsql_password,
  }

  @@postgresql::database { 'transifex':
        description => "Transifex database",
        user => "transifex",
        require => Postgresql::User['transifex']
  }

  file { "20-engines.conf":
    path => "/etc/transifex/20-engines.conf",
    ensure => present,
    owner => root,
    group => apache,
    mode => 640,
    content => template("transifex/20-engines.conf"),
    require => Package['transifex'],
    notify => Service['apache']
  }

  file { "30-site.conf":
    path => "/etc/transifex/30-site.conf",
    ensure => present,
    owner => root,
    group => root,
    mode => 644,
    content => template("transifex/30-site.conf"),
    require => Package['transifex'],
    notify => Service['apache']
  }

  file { "40-apps.conf":
    path => "/etc/transifex/40-apps.conf",
    ensure => present,
    owner => root,
    group => root,
    mode => 644,
    content => template("transifex/40-apps.conf"),
    require => Package['transifex'],
    notify => Service['apache']
  }

  file { "45-ldap.conf":
    path => "/etc/transifex/45-ldap.conf",
    ensure => present,
    owner => root,
    group => root,
    mode => 644,
    content => template("transifex/45-ldap.conf"),
    require => Package['transifex'],
    notify => Service['apache']
  }

  file { "50-project.conf":
    path => "/etc/transifex/50-project.conf",
    ensure => present,
    owner => root,
    group => root,
    mode => 644,
    content => template("transifex/50-project.conf"),
    require => Package['transifex'],
    notify => Service['apache']
  }

  subversion::snapshot { $templates_dir:
    source => "svn://svn.mageia.org/svn/web/templates/transifex/trunk"
  }

  apache::vhost_django_app { "transifex.$domain":
    module => "transifex",
    use_ssl => true,
    module_path => ["/usr/share/transifex","/usr/share","/usr/local/lib/"],
    aliases => { "/site_media/static/admin/" => "/usr/lib/python2.6/site-packages/django/contrib/admin/media/", },
  }

  apache::vhost_redirect_ssl { "transifex.$domain": }

  # the group are mapped from ldap, since AUTH_LDAP_FIND_GROUP_PERMS is set to yes
  # but the group need to exist in django first 
  django_application::create_group { ["mga-i18n","mga-i18n-committers"]:
    module => "transifex",
    path => "/usr/share/transifex:/usr/share",
  }  

  # allow the people in mga-i18n-committers to :
  #  - manage projects
  #  - manage ressources
  define committers_permission($app='')
  {
    django_application::add_permission_to_group { $name:   
       app => $app,    
       group => 'mga-i18n-committers',
       module => "transifex",
       path => "/usr/share/transifex:/usr/share",
       require => Django_application::Create_group['mga-i18n-committers'],
    }
  }
  
  committers_permission { ['add_project',
                           'change_project',
                           'delete_project']: }

  committers_permission { [ 'add_resource',
                            'change_resource', 
                            'delete_resource']:
    app => "resources",
  } 
}