diff --git a/Vagrantfile b/Vagrantfile index f76fd4e89..22f7f33cb 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -123,4 +123,15 @@ Vagrant.configure("2") do |config| provider.vm.box_url = CENTOS_9_BOX_URL end end + + config.vm.define "repo-deb" do |override| + override.vm.hostname = "repo-deb" + override.vm.box = "centos/stream9" + + override.vm.provider "libvirt" do |libvirt, provider| + libvirt.memory = "2048" + libvirt.machine_virtual_size = 40 + provider.vm.box_url = CENTOS_9_BOX_URL + end + end end diff --git a/puppet/data/common.yaml b/puppet/data/common.yaml index 85da91a96..18e46c4e0 100644 --- a/puppet/data/common.yaml +++ b/puppet/data/common.yaml @@ -1,6 +1,7 @@ --- stable_release: '3.11' profiles::web::stable: '%{alias("stable_release")}' +profiles::repo::deb::stable: '%{alias("stable_release")}' backup_servicename: 'backups.theforeman.org' backup_username: 'backup-%{facts.networking.hostname}' diff --git a/puppet/data/vagrant.yaml b/puppet/data/vagrant.yaml index 18a8f1c84..de705fbea 100644 --- a/puppet/data/vagrant.yaml +++ b/puppet/data/vagrant.yaml @@ -22,4 +22,6 @@ profiles::jenkins::node::swap_size_mb: 0 profiles::web::https: false +profiles::repo::deb::https: false + redmine::https: false diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp index 9f87c0e1d..392eb3326 100644 --- a/puppet/manifests/site.pp +++ b/puppet/manifests/site.pp @@ -41,3 +41,8 @@ include profiles::base include profiles::web } + +node /^repo-deb\d+\.[a-z]+\.theforeman\.org$/ { + include profiles::base + include profiles::repo::deb +} diff --git a/puppet/modules/freight/manifests/init.pp b/puppet/modules/freight/manifests/init.pp index 4ad0f537e..88027d5fc 100644 --- a/puppet/modules/freight/manifests/init.pp +++ b/puppet/modules/freight/manifests/init.pp @@ -1,15 +1,8 @@ # @summary install freight class freight { - if $facts['os']['family'] == 'Debian' { - apt::source { 'freight': - location => 'http://build.openvpn.net/debian/freight_team', - repos => 'main', - key => { - id => '30EBF4E73CCE63EEE124DD278E6DA8B4E158C569', - source => 'https://swupdate.openvpn.net/repos/repo-public.gpg', - }, - before => Package['freight'], - } + if $facts['os']['family'] == 'RedHat' { + include epel + Class['Epel'] -> Package['freight'] } package { 'freight': diff --git a/puppet/modules/freight/manifests/user.pp b/puppet/modules/freight/manifests/user.pp index b36bef28d..7e86b67ba 100644 --- a/puppet/modules/freight/manifests/user.pp +++ b/puppet/modules/freight/manifests/user.pp @@ -64,6 +64,10 @@ if $facts['os']['family'] != 'RedHat' or $facts['os']['release']['major'] != '7' { include apache::mod::expires } + include apache::mod::alias + include apache::mod::autoindex + include apache::mod::dir + include apache::mod::mime web::vhost { $vhost: docroot => $webdir, diff --git a/puppet/modules/profiles/manifests/repo/deb.pp b/puppet/modules/profiles/manifests/repo/deb.pp new file mode 100644 index 000000000..988258648 --- /dev/null +++ b/puppet/modules/profiles/manifests/repo/deb.pp @@ -0,0 +1,27 @@ +# @summary A profile for the debian repo machines +# +# @param stable +# Latest release that users expect +# +# @param https +# Whether to enable HTTPS. This is typically wanted but can only be enabled +# in a 2 pass setup. First Apache needs to run for Letsencrypt to function. +# Then Letsencrypt can be enabled. Also useful to turn off in test setups. +class profiles::repo::deb ( + String[1] $stable, + Boolean $https = true, +) { + class { 'web': + https => $https, + } + contain web + + contain web::vhost::archivedeb + + class { 'web::vhost::deb': + stable => $stable, + } + contain web::vhost::deb + + contain web::vhost::stagingdeb +} diff --git a/vagrant/manifests/default.pp b/vagrant/manifests/default.pp index 6e2a403c2..3e63ad1c5 100644 --- a/vagrant/manifests/default.pp +++ b/vagrant/manifests/default.pp @@ -25,3 +25,7 @@ node /^discourse.*/ { include profiles::discourse } + +node /^repo-deb.*/ { + include profiles::repo::deb +}