]> git.donarmstrong.com Git - dsa-puppet.git/blob - modules/roles/manifests/pubsub/entities.pp
projects / dsa-puppet.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
relax permissions for mxes
[dsa-puppet.git] / modules / roles / manifests / pubsub / entities.pp
1 class roles::pubsub::entities {
2         include roles::pubsub::params
3
4         $admin_password   = $roles::pubsub::params::admin_password
5         $ftp_password     = $roles::pubsub::params::ftp_password
6         $buildd_password  = $roles::pubsub::params::buildd_password
7         $wbadm_password   = $roles::pubsub::params::wbadm_password
8         $mailadm_password = $roles::pubsub::params::mailadm_password
9         $mailly_password  = $roles::pubsub::params::mailly_password
10         $muffat_password  = $roles::pubsub::params::muffat_password
11
12         rabbitmq_user { 'admin':
13                 admin    => true,
14                 password => $admin_password,
15                 provider => 'rabbitmqctl',
16         }
17
18         rabbitmq_user { 'ftpteam':
19                 admin    => true,
20                 password => $ftp_password,
21                 provider => 'rabbitmqctl',
22         }
23
24         rabbitmq_user { 'buildd':
25                 admin    => true,
26                 password => $buildd_password,
27                 provider => 'rabbitmqctl',
28         }
29
30         rabbitmq_user { 'wbadm':
31                 admin    => true,
32                 password => $wbadm_password,
33                 provider => 'rabbitmqctl',
34         }
35
36         rabbitmq_user { 'mailadm':
37                 admin    => true,
38                 password => $mailadm_password,
39                 provider => 'rabbitmqctl',
40         }
41
42         rabbitmq_user { 'mailly':
43                 admin    => true,
44                 password => $mailly_password,
45                 provider => 'rabbitmqctl',
46         }
47
48         rabbitmq_user { 'muffat':
49                 admin    => true,
50                 password => $muffat_password,
51                 provider => 'rabbitmqctl',
52         }
53
54         rabbitmq_vhost { 'packages':
55                 ensure   => present,
56                 provider => 'rabbitmqctl',
57         }
58
59         rabbitmq_vhost { 'buildd':
60                 ensure   => present,
61                 provider => 'rabbitmqctl',
62         }
63
64         rabbitmq_vhost { 'dsa':
65                 ensure   => present,
66                 provider => 'rabbitmqctl',
67         }
68
69         rabbitmq_user_permissions { 'admin@/':
70                 configure_permission => '.*',
71                 read_permission      => '.*',
72                 write_permission     => '.*',
73                 provider             => 'rabbitmqctl',
74                 require              => Rabbitmq_user['admin']
75         }
76
77         rabbitmq_user_permissions { 'admin@buildd':
78                 configure_permission => '.*',
79                 read_permission      => '.*',
80                 write_permission     => '.*',
81                 provider             => 'rabbitmqctl',
82                 require              => [
83                         Rabbitmq_user['admin'],
84                         Rabbitmq_vhost['buildd']
85                 ]
86         }
87
88         rabbitmq_user_permissions { 'admin@dsa':
89                 configure_permission => '.*',
90                 read_permission      => '.*',
91                 write_permission     => '.*',
92                 provider             => 'rabbitmqctl',
93                 require              => [
94                         Rabbitmq_user['admin'],
95                         Rabbitmq_vhost['dsa']
96                 ]
97         }
98
99         rabbitmq_user_permissions { 'admin@packages':
100                 configure_permission => '.*',
101                 read_permission      => '.*',
102                 write_permission     => '.*',
103                 provider             => 'rabbitmqctl',
104                 require              => [
105                         Rabbitmq_user['admin'],
106                         Rabbitmq_vhost['packages']
107                 ]
108         }
109
110         rabbitmq_user_permissions { 'ftpteam@packages':
111                 configure_permission => '.*',
112                 read_permission      => '.*',
113                 write_permission     => '.*',
114                 provider             => 'rabbitmqctl',
115                 require              => [
116                         Rabbitmq_user['ftpteam'],
117                         Rabbitmq_vhost['packages']
118                 ]
119         }
120
121         rabbitmq_user_permissions { 'wbadm@packages':
122                 read_permission      => 'unchecked',
123                 write_permission     => 'wbadm',
124                 provider             => 'rabbitmqctl',
125                 require              => [
126                         Rabbitmq_user['wbadm'],
127                         Rabbitmq_vhost['packages']
128                 ]
129         }
130
131         rabbitmq_user_permissions { 'buildd@buildd':
132                 configure_permission => '.*',
133                 read_permission      => '.*',
134                 write_permission     => '.*',
135                 provider             => 'rabbitmqctl',
136                 require              => [
137                         Rabbitmq_user['buildd'],
138                         Rabbitmq_vhost['buildd']
139                 ]
140         }
141
142         rabbitmq_user_permissions { 'wbadm@buildd':
143                 configure_permission => '.*',
144                 read_permission      => '.*',
145                 write_permission     => '.*',
146                 provider             => 'rabbitmqctl',
147                 require              => [
148                         Rabbitmq_user['wbadm'],
149                         Rabbitmq_vhost['buildd']
150                 ]
151         }
152
153         rabbitmq_user_permissions { 'mailadm@dsa':
154                 configure_permission => '.*',
155                 read_permission      => '.*',
156                 write_permission     => '.*',
157                 provider             => 'rabbitmqctl',
158                 require              => [
159                         Rabbitmq_user['mailadm'],
160                         Rabbitmq_vhost['dsa']
161                 ]
162         }
163
164         rabbitmq_user_permissions { 'mailly@dsa':
165                 configure_permission => '*',
166                 read_permission      => '*',
167                 write_permission     => '*',
168                 provider             => 'rabbitmqctl',
169                 require              => [
170                         Rabbitmq_user['mailly'],
171                         Rabbitmq_vhost['dsa']
172                 ]
173         }
174
175         rabbitmq_user_permissions { 'muffat@dsa':
176                 configure_permission => '*',
177                 read_permission      => '*',
178                 write_permission     => '*',
179                 provider             => 'rabbitmqctl',
180                 require              => [
181                         Rabbitmq_user['muffat'],
182                         Rabbitmq_vhost['dsa']
183                 ]
184         }
185
186         rabbitmq_policy { 'mirror-dsa':
187                 vhost   => 'dsa',
188                 match   => '.*',
189                 policy  => '{"ha-mode":"all"}',
190                 require => Rabbitmq_vhost['dsa']
191         }
192
193         rabbitmq_policy { 'mirror-buildd':
194                 vhost   => 'buildd',
195                 match   => '.*',
196                 policy  => '{"ha-mode":"all"}',
197                 require => Rabbitmq_vhost['buildd']
198         }
199
200         rabbitmq_policy { 'mirror-packages':
201                 vhost   => 'packages',
202                 match   => '.*',
203                 policy  => '{"ha-mode":"all"}',
204                 require => Rabbitmq_vhost['packages']
205         }
206
207         rabbitmq_plugin { 'rabbitmq_management':
208                 ensure   => present,
209                 provider => 'rabbitmqplugins',
210                 require  => Package['rabbitmq-server'],
211                 notify   => Service['rabbitmq-server']
212         }
213         rabbitmq_plugin { 'rabbitmq_management_agent':
214                 ensure   => present,
215                 provider => 'rabbitmqplugins',
216                 require  => Package['rabbitmq-server'],
217                 notify   => Service['rabbitmq-server']
218         }
219         rabbitmq_plugin { 'rabbitmq_tracing':
220                 ensure   => present,
221                 provider => 'rabbitmqplugins',
222                 require  => Package['rabbitmq-server'],
223                 notify   => Service['rabbitmq-server']
224         }
225         rabbitmq_plugin { 'rabbitmq_management_visualiser':
226                 ensure   => present,
227                 provider => 'rabbitmqplugins',
228                 require  => Package['rabbitmq-server'],
229                 notify   => Service['rabbitmq-server']
230         }
231
232 }
Unnamed repository; edit this file 'description' to name the repository.