[MediaWiki-commits] [Gerrit] install wmfusercontent SSL cert on phab - change (operations/puppet)

Thu, 11 Sep 2014 12:03:47 -0700 

Dzahn has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/159809

Change subject: install wmfusercontent SSL cert on phab
......................................................................

install wmfusercontent SSL cert on phab

the new certificate requested in RT: 8212
has been added in change Ibbe0a4f209422a4

now install it on the phab nodes (or was it supposed
to be on varnish?)

well, this is to show how you can install it now,
install_certificate should get the cert .pem
from files/ssl/ in public puppet and the key with the
matching name from private puppet, and it will create
a chained cert that ends up in /etc/ssl/

and that you can use in your apache config then

Change-Id: I2333f48605bea61b5cc2acbdd68105f0ac501138
---
M manifests/role/phabricator.pp
M modules/phabricator/manifests/init.pp
2 files changed, 5 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/09/159809/1

diff --git a/manifests/role/phabricator.pp b/manifests/role/phabricator.pp
index 350491d..7754881 100644
--- a/manifests/role/phabricator.pp
+++ b/manifests/role/phabricator.pp
@@ -16,6 +16,7 @@
         lock_file        => '/var/run/phab_repo_lock',
         mysql_admin_user => $::mysql_adminuser,
         mysql_admin_pass => $::mysql_adminpass,
+        content_ssl_cert => 'star.wmfusercontent.org',
         auth_type        => 'sul',
         settings         => {
             'darkconsole.enabled'                => false,
@@ -48,6 +49,7 @@
         lock_file        => '/var/run/phab_repo_lock',
         mysql_admin_user => $::mysql_adminuser,
         mysql_admin_pass => $::mysql_adminpass,
+        content_ssl_cert => 'star.wmfusercontent.org',
         auth_type        => 'dual',
         extension_tag    => 'HEAD',
         extensions       => ['MediaWikiUserpageCustomField.php',
diff --git a/modules/phabricator/manifests/init.pp 
b/modules/phabricator/manifests/init.pp
index 41488f3..caba5c1 100644
--- a/modules/phabricator/manifests/init.pp
+++ b/modules/phabricator/manifests/init.pp
@@ -74,6 +74,7 @@
     $mysql_admin_pass = '',
     $serveradmin      = '',
     $auth_type        = '',
+    $content_ssl_cert = '',
 ) {
 
     #XXX: todo fix path issue 9/9/14
@@ -132,6 +133,8 @@
         content => template('phabricator/phabricator-default.conf.erb'),
     }
 
+    install_certificate{ $content_ssl_cert: }
+
     git::install { 'phabricator/libphutil':
         directory => "${phabdir}/libphutil",
         git_tag   => $git_tag,

-- 
To view, visit https://gerrit.wikimedia.org/r/159809
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I2333f48605bea61b5cc2acbdd68105f0ac501138
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to