18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
# File 'manifests/server/config.pp', line 18
class gocd::server::config {
if $caller_module_name != $module_name {
fail("Use of private class ${name} from ${caller_module_name}")
}
validate_string($::gocd::server::jvm_min_memory)
validate_string($::gocd::server::jvm_max_memory)
validate_re($::gocd::server::jvm_min_memory, '^\d+[KkGgMm]$')
validate_re($::gocd::server::jvm_max_memory, '^\d+[KkGgMm]$')
file { '/etc/default/go-server':
ensure => present,
content => template("${module_name}/go-server.default.erb"),
mode => '0644',
}
concat { '/var/lib/go-server/passwd':
ensure => present,
mode => '0600',
force => true,
owner => 'go',
group => 'go',
}
if $::gocd::server::ssl_certificate and $::gocd::server::ssl_private_key {
# This is apparently hardcoded in application. :(
$keystore_password = 'serverKeystorepa55w0rd'
java_ks { 'cruise:/etc/go/keystore':
ensure => latest,
certificate => $::gocd::server::ssl_certificate,
private_key => $::gocd::server::ssl_private_key,
password => $keystore_password,
}
if $::gocd::server::ssl_ca_cert {
java_ks { 'cruise:/etc/go/truststore':
ensure => latest,
certificate => $::gocd::server::ssl_ca_cert,
password => $keystore_password,
trustcacerts => true,
}
}
}
if $::gocd::server::manage_firewall {
firewall { '500 Allow incoming GoCD Server Dashboard connections.':
ensure => present,
state => [ 'NEW' ],
action => 'accept',
chain => 'INPUT',
proto => 'tcp',
dport => [
$::gocd::server::listen_port_ssl,
$::gocd::server::listen_port,
],
}
}
}
|