diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-18 18:41:38 +0200 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-18 18:41:38 +0200 |
| commit | 8c572ffbcb1941446f6c05cbaec4a7b2f5fd8ae8 (patch) | |
| tree | 5781847b166226d1d78c939ec8ac57add0c1c958 /manifests/concourse.pp | |
| parent | Puppetserver: setup eyaml. (diff) | |
| download | profiles-8c572ffbcb1941446f6c05cbaec4a7b2f5fd8ae8.tar.gz profiles-8c572ffbcb1941446f6c05cbaec4a7b2f5fd8ae8.tar.xz | |
Replace concourse with module.
Diffstat (limited to '')
| -rw-r--r-- | manifests/concourse.pp | 89 |
1 files changed, 0 insertions, 89 deletions
diff --git a/manifests/concourse.pp b/manifests/concourse.pp deleted file mode 100644 index 7679106..0000000 --- a/manifests/concourse.pp +++ /dev/null @@ -1,89 +0,0 @@ -# @summary Sets up the Concourse CI/CD system -# -# TODO file modes for just about everything. -# -# https://concourse-ci.org/ -class profiles::concourse ( - String $database_name = 'atc', - String $database_username = 'concourse', - String $database_password = extlib::cache_data('profiles', 'concourse_database_password', extlib::random_password(25)), - - String $keydir = '/usr/lib/concourse', - String $session_signing_key = "${keydir}/session_signing_key", - String $tsa_host_key = "${keydir}/tsa_host_key", - String $worker_key = "${keydir}/worker_key", - String $authorized_worker_keys = "${keydir}/authorized_worker_keys", -) { - ensure_packages([ - 'concourse', - 'concourse-resource-types', - 'concourse-fly-cli', - ]) - - include ::profiles::postgresql - - postgresql::server::db { $database_name: - user => $database_username, - password => $database_password, - grant => 'all', - comment => 'Concourse CI', - } - - exec { 'Concourse generate signing key': - command => ['concourse', 'generate-key', '-t', 'rsa', '-f', $session_signing_key], - creates => $session_signing_key, - path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin',] - } - - exec { 'Concourse generate TSA host key': - command => ['concourse', 'generate-key', '-t', 'ssh', '-f', $tsa_host_key], - creates => $tsa_host_key, - path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin',] - } - - exec { 'Concourse generate worker key': - command => ['concourse', 'generate-key', '-t', 'ssh', '-f', $worker_key], - creates => $worker_key, - path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin',] - } - - file { $authorized_worker_keys: - content => $worker_key, - require => Exec['Concourse generate worker key'], - subscribe => Exec['Concourse generate worker key'], - } - - $env = { - 'CONCOURSE_ADD_LOCAL_USER' => 'hugo:password', - 'CONCOURSE_MAIN_TEAM_LOCAL_USER' => 'hugo', - - 'CONCOURSE_SESSION_SIGNING_KEY' => $session_signing_key, - 'CONCOURSE_TSA_HOST_KEY' => $tsa_host_key, - 'CONCOURSE_TSA_AUTHORIZED_KEYS' => $authorized_worker_keys, - - 'CONCOURSE_POSTGRES_USER' => $database_username, - 'CONCOURSE_POSTGRES_PASSWORD' => $database_password, - } - - $env_declarations = $env.map |$k, $v| { "${k}=${v}" }.join("\n") - $env_str = @("EOF") - # Environment file for concourse.service - # File managed by Puppet. Local changes WILL be overwritten. - ${env_declarations} - | EOF - - file { '/etc/conf.d/concourse': - content => $env_str, - } - - systemd::unit_file { 'concourse.service': - source => "puppet:///modules/${module_name}/concourse.service", - } ~> service { 'concourse': - ensure => running, - enable => true, - } - - # concourse quickstart --worker-work-dir=/usr/local/data/concourse - # - # cat worker-key >> authorized-worker-keys -} |