diff --git a/Vagrantfile b/Vagrantfile index f76fd4e89..22f7f33cb 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -123,4 +123,15 @@ Vagrant.configure("2") do |config| provider.vm.box_url = CENTOS_9_BOX_URL end end + + config.vm.define "repo-deb" do |override| + override.vm.hostname = "repo-deb" + override.vm.box = "centos/stream9" + + override.vm.provider "libvirt" do |libvirt, provider| + libvirt.memory = "2048" + libvirt.machine_virtual_size = 40 + provider.vm.box_url = CENTOS_9_BOX_URL + end + end end diff --git a/puppet/data/common.yaml b/puppet/data/common.yaml index 85da91a96..18e46c4e0 100644 --- a/puppet/data/common.yaml +++ b/puppet/data/common.yaml @@ -1,6 +1,7 @@ --- stable_release: '3.11' profiles::web::stable: '%{alias("stable_release")}' +profiles::repo::deb::stable: '%{alias("stable_release")}' backup_servicename: 'backups.theforeman.org' backup_username: 'backup-%{facts.networking.hostname}' diff --git a/puppet/data/vagrant.yaml b/puppet/data/vagrant.yaml index 18a8f1c84..de705fbea 100644 --- a/puppet/data/vagrant.yaml +++ b/puppet/data/vagrant.yaml @@ -22,4 +22,6 @@ profiles::jenkins::node::swap_size_mb: 0 profiles::web::https: false +profiles::repo::deb::https: false + redmine::https: false diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp index 9f87c0e1d..392eb3326 100644 --- a/puppet/manifests/site.pp +++ b/puppet/manifests/site.pp @@ -41,3 +41,8 @@ include profiles::base include profiles::web } + +node /^repo-deb\d+\.[a-z]+\.theforeman\.org$/ { + include profiles::base + include profiles::repo::deb +} diff --git a/puppet/modules/freight/manifests/init.pp b/puppet/modules/freight/manifests/init.pp index 4ad0f537e..bef7856eb 100644 --- a/puppet/modules/freight/manifests/init.pp +++ b/puppet/modules/freight/manifests/init.pp @@ -1,14 +1,9 @@ # @summary install freight class freight { - if $facts['os']['family'] == 'Debian' { - apt::source { 'freight': - location => 'http://build.openvpn.net/debian/freight_team', - repos => 'main', - key => { - id => '30EBF4E73CCE63EEE124DD278E6DA8B4E158C569', - source => 'https://swupdate.openvpn.net/repos/repo-public.gpg', - }, - before => Package['freight'], + if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] == '9' { + class {'epel': + epel_testing_enabled => true, + before => Package['freight'], } } diff --git a/puppet/modules/freight/manifests/user.pp b/puppet/modules/freight/manifests/user.pp index 2da929197..4523abce1 100644 --- a/puppet/modules/freight/manifests/user.pp +++ b/puppet/modules/freight/manifests/user.pp @@ -5,6 +5,7 @@ Stdlib::Absolutepath $stagedir, String $vhost, Variant[String, Array[String]] $cron_matches, + String[1] $stable, ) { require freight @@ -73,7 +74,7 @@ owner => 'root', group => 'root', mode => '0644', - content => epp("${module_name}/${vhost}-HEADER.html.epp", { 'stable' => $profiles::web::stable }), + content => epp("${module_name}/${vhost}-HEADER.html.epp", { 'stable' => $stable }), } file { "${webdir}/foreman.asc": ensure => link, diff --git a/puppet/modules/profiles/manifests/repo/deb.pp b/puppet/modules/profiles/manifests/repo/deb.pp new file mode 100644 index 000000000..1031f6795 --- /dev/null +++ b/puppet/modules/profiles/manifests/repo/deb.pp @@ -0,0 +1,33 @@ +# @summary A profile for the debian repo machines +# +# @param stable +# Latest release that users expect +# +# @param https +# Whether to enable HTTPS. This is typically wanted but can only be enabled +# in a 2 pass setup. First Apache needs to run for Letsencrypt to function. +# Then Letsencrypt can be enabled. Also useful to turn off in test setups. +class profiles::repo::deb ( + String[1] $stable, + Boolean $https = true, +) { + class { 'web': + https => $https, + } + contain web + + class { 'web::vhost::archivedeb': + stable => $stable, + } + contain web::vhost::archivedeb + + class { 'web::vhost::deb': + stable => $stable, + } + contain web::vhost::deb + + class { 'web::vhost::stagingdeb': + stable => $stable, + } + contain web::vhost::stagingdeb +} diff --git a/puppet/modules/profiles/manifests/web.pp b/puppet/modules/profiles/manifests/web.pp index 68f5dfd4a..3f4a52229 100644 --- a/puppet/modules/profiles/manifests/web.pp +++ b/puppet/modules/profiles/manifests/web.pp @@ -22,8 +22,14 @@ } contain web + class { 'web::vhost::archivedeb': + stable => $stable, + } contain web::vhost::archivedeb + class { 'web::vhost::deb': + stable => $stable, + } contain web::vhost::deb class { 'web::vhost::debugs': @@ -33,6 +39,9 @@ contain web::vhost::downloads + class { 'web::vhost::stagingdeb': + stable => $stable, + } contain web::vhost::stagingdeb class { 'web::vhost::web': diff --git a/puppet/modules/web/manifests/vhost/archivedeb.pp b/puppet/modules/web/manifests/vhost/archivedeb.pp index 34a3d747f..503558e03 100644 --- a/puppet/modules/web/manifests/vhost/archivedeb.pp +++ b/puppet/modules/web/manifests/vhost/archivedeb.pp @@ -1,6 +1,7 @@ # @summary Set up the archivedeb vhost # @api private class web::vhost::archivedeb( + String[1] $stable, String $user = 'freightarchive', Stdlib::Absolutepath $home = "/home/${user}", ) { @@ -12,6 +13,7 @@ stagedir => "/var/www/${user}", vhost => 'archivedeb', cron_matches => [], + stable => $stable, } secure_ssh::rsync::receiver_setup { $user: diff --git a/puppet/modules/web/manifests/vhost/deb.pp b/puppet/modules/web/manifests/vhost/deb.pp index b11c32364..62f8f5b40 100644 --- a/puppet/modules/web/manifests/vhost/deb.pp +++ b/puppet/modules/web/manifests/vhost/deb.pp @@ -1,6 +1,7 @@ # @summary Set up the deb vhost # @api private class web::vhost::deb ( + String[1] $stable, String $user = 'freight', Stdlib::Absolutepath $home = "/home/${user}", ) { @@ -12,6 +13,7 @@ stagedir => '/var/www/freight', vhost => 'deb', cron_matches => ['nightly', 'scratch'], + stable => $stable, } # Can't use a standard rsync define here as we need to extend the diff --git a/puppet/modules/web/manifests/vhost/stagingdeb.pp b/puppet/modules/web/manifests/vhost/stagingdeb.pp index 935e35456..1d41d9a7e 100644 --- a/puppet/modules/web/manifests/vhost/stagingdeb.pp +++ b/puppet/modules/web/manifests/vhost/stagingdeb.pp @@ -1,6 +1,7 @@ # @summary Set up the stagingdeb vhost # @api private class web::vhost::stagingdeb( + String[1] $stable, String $user = 'freightstage', Stdlib::Absolutepath $home = "/home/${user}", ) { @@ -12,6 +13,7 @@ stagedir => "/var/www/${user}", vhost => 'stagingdeb', cron_matches => 'all', + stable => $stable, } secure_ssh::rsync::receiver_setup { $user: diff --git a/vagrant/manifests/default.pp b/vagrant/manifests/default.pp index 6e2a403c2..3e63ad1c5 100644 --- a/vagrant/manifests/default.pp +++ b/vagrant/manifests/default.pp @@ -25,3 +25,7 @@ node /^discourse.*/ { include profiles::discourse } + +node /^repo-deb.*/ { + include profiles::repo::deb +}