default.pp 7.59 KB
Newer Older
1
2
3
4
# @summary Install and configure Démarches Simplifiées
#
# Install and configure Démarches Simplifiées, the open source tool for french administration to simply create form
#
5
6
7
8
9
10
11
12
13
14
15
16
# @param _system_username
# Name of the system user for DémarchesSimplifiées
# @param db_user_name
# Name of the Postgres user for the database ds
# @param db_user_password
# Password for DS database Password for the Postgres user ds
# @param _ds_home
# Path for the home directory of the system user ds
# @param db_name
# Name of the database for DémarchesSimplifiées
# @param _ds_db_role
# Postgres role of user and databade for DémarchesSimplifiées
17
# @param db_host
18
# Hostname of Postgres relay host
19
# @param db_port
20
# Port of Postgres relay host
21
# @param db_test_name
22
# Name of the test database
23
# @param db_test_user_name
24
# Name of the test database's user
25
# @param db_test_user_password
26
# Password of the test database's user
27
# @param _ds_db_test_role
28
# Role for the test database
29
# @param source_code_of_ds
30
31
32
# Repository to download Démarches Simplifiées
# @param preRequistes
# List of packages to be installed beforehand
33
34
35
36

# #############################################################################
# Variables

37
# System user for Démarches Simplifiées
38
$_system_username = 'vagrant'
Matthieu FAURE's avatar
Matthieu FAURE committed
39
$_ds_home = "/home/${_system_username}"
40
$_ds_project_directory = "$_ds_home/demarches-simplifiees.fr"
Matthieu FAURE's avatar
Matthieu FAURE committed
41
42
43
$db_user_name = 'ds'
$db_name = 'ds'
$_ds_db_role = 'ds'
Matthieu FAURE's avatar
Matthieu FAURE committed
44
$db_user_password = 'kiki34' # /!\ Do not forget to change this passwd in production :)
Matthieu FAURE's avatar
Matthieu FAURE committed
45
46
47
48
$db_host = 'localhost'
$db_port = 3434
$db_test_name = 'tps_test'
$db_test_user_name = 'tps_test'
49
$db_test_user_password = 'tps_test'
Matthieu FAURE's avatar
Matthieu FAURE committed
50
$_ds_db_test_role = 'test'
51
52
#$source_code_of_ds = 'https://github.com/betagouv/demarches-simplifiees.fr.git'
$local_source_code_of_ds = '/shared_dev/'
53
$_path_bundle = "$_ds_home/rbenv/shims/"
Matthieu FAURE's avatar
Matthieu FAURE committed
54
55
$db_database = 'ds'
$db_pool = ''
56
57

# #############################################################################
58
# System user for Démarches Simplifiées app
59
60
accounts::user { $_system_username:
}
61
62
63

# #############################################################################
# PREREQUISITES Postgres
64
# Install all global package required
65
66
67
68
69
$preRequistes = [
  'curl',
  'autoconf',
  'bison',
  'chromium-browser',
70
  'chromium-chromedriver',
Matthieu FAURE's avatar
Matthieu FAURE committed
71
72
  'libcurl4-openssl-dev',
  'libpq-dev',
73
74
75
76
77
78
]

package { $preRequistes:
  ensure  => 'installed',
  require => Class['apt::update'],
}
79

Matthieu FAURE's avatar
Matthieu FAURE committed
80
# Create a soft link on /shared_dev directory which is a share folder of your local project.
81
# Comment this part if you want to clone a repository installation.
82
file { $_ds_project_directory:
Matthieu FAURE's avatar
Matthieu FAURE committed
83
84
  ensure => link,
  target => "$local_source_code_of_ds",
85
}
86
87
88
89
90

# Desactivation of IPv6
sysctl { 'net.ipv6.conf.all.autoconf':
  ensure => present,
  value  => '1',
91
92
93
}

# #############################################################################
Matthieu FAURE's avatar
Matthieu FAURE committed
94
# PREREQUISITES Create and customize values of DB in .env
95
# Copy the file `config/env.example`, rename it to `.env` and put it at the root of the project as 'ds' user
Matthieu FAURE's avatar
Matthieu FAURE committed
96
97
98
99
100
# NOTE: once this code is transformed in a clear Puppet Module, all the file_lines should be treated with
#       content => epp()
file { "$_ds_project_directory/.env":
  ensure  => present,
  source  => "$_ds_project_directory/config/env.example",
101
  # content => epp('vagrant-demarches-simplifiees/env.epp'),
Matthieu FAURE's avatar
Matthieu FAURE committed
102
103
  owner   => $_system_username,
  require => File[$_ds_project_directory],
104
105
}

106
107
108
# As long as this is not a pupet module, we don't use a template but 'file_line'.
# Puppuet module should use a template to set proper values.
# Set values for Database and Github Oauth token in config file '.env'
Matthieu FAURE's avatar
Matthieu FAURE committed
109
110
111
file_line { 'DB_DATABASE':
  ensure  => present,
  path    => "$_ds_project_directory/.env",
112
  line    => "DB_DATABASE=\"$db_name\"",
Matthieu FAURE's avatar
Matthieu FAURE committed
113
114
115
116
117
118
  match   => '^DB_DATABASE="tps_development"',
  require => File["$_ds_project_directory/.env"],
}
file_line { 'DB_USERNAME':
  ensure  => present,
  path    => "$_ds_project_directory/.env",
119
  line    => "DB_USERNAME=\"$db_user_name\"",
Matthieu FAURE's avatar
Matthieu FAURE committed
120
121
122
123
124
125
  match   => '^DB_USERNAME="tps_development"',
  require => File["$_ds_project_directory/.env"],
}
file_line { 'DB_PASSWORD':
  ensure  => present,
  path    => "$_ds_project_directory/.env",
126
  line    => "DB_PASSWORD=\"$db_user_password\"",
Matthieu FAURE's avatar
Matthieu FAURE committed
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
  match   => '^DB_PASSWORD="tps_development"',
  require => File["$_ds_project_directory/.env"],
}
file_line { 'GITHUB_CLIENT_ID':
  ensure  => present,
  path    => "$_ds_project_directory/.env",
  line    => 'GITHUB_CLIENT_ID="efb23e8a602aac61157c"',
  match   => '^GITHUB_CLIENT_ID=""',
  require => File["$_ds_project_directory/.env"],
}
file_line { 'GITHUB_CLIENT_SECRET':
  ensure  => present,
  path    => "$_ds_project_directory/.env",
  line    => 'GITHUB_CLIENT_SECRET="ec8f3370372bc4fb381f3f379d5320f1231c2189"',
  match   => '^GITHUB_CLIENT_SECRET=""',
  require => File["$_ds_project_directory/.env"],
}

# Modification of bin/setup file.
# As we already created the DB we don't need to recreate it.
147
file_line { 'db:setup':
Matthieu FAURE's avatar
Matthieu FAURE committed
148
149
  ensure  => present,
  path    => "$_ds_project_directory/bin/setup",
Matthieu FAURE's avatar
Matthieu FAURE committed
150
151
  line    => "  system! 'bin/rails db:schema:load db:seed'",
  match   => "  system! 'bin/rails db:setup'",
Matthieu FAURE's avatar
Matthieu FAURE committed
152
  require => File[$_ds_project_directory],
153
154
}

155
156
157
158
159
160
161
162
# #############################################################################
# PREREQUISITES ruby
# Install rbenv
class { 'rbenv':
  install_dir => "$_ds_home/rbenv",
  owner       => $_system_username,
}
rbenv::plugin { 'rbenv/ruby-build': }
Matthieu FAURE's avatar
Matthieu FAURE committed
163
-> rbenv::build { '2.6.5': global => true }
164

Matthieu FAURE's avatar
Matthieu FAURE committed
165
# Ensure permissions on /usr/bin/env
Matthieu FAURE's avatar
Matthieu FAURE committed
166
-> file { '/usr/bin/env':
167
168
169
170
  ensure => file,
  owner  => "$_system_username",
}

171
172
# #############################################################################
# PREREQUISITES Postgres
Matthieu FAURE's avatar
Matthieu FAURE committed
173
# This ensures a PostgreSQL server is installed
174
class { 'postgresql::server': }
175

Matthieu FAURE's avatar
Matthieu FAURE committed
176
# Grant membership to a role
Matthieu FAURE's avatar
Matthieu FAURE committed
177
postgresql::server::role { $_ds_db_role:
178
  password_hash => postgresql_password($db_user_name, $db_user_password),
179
}
Matthieu FAURE's avatar
Matthieu FAURE committed
180
# Create a role, database and assign the correct permissions
Matthieu FAURE's avatar
Matthieu FAURE committed
181
182
183
184
-> postgresql::server::db { $db_name:
  user     => $db_user_name,
  password => postgresql_password($db_user_name, $db_user_password),
  owner    => $_ds_db_role,
185
186
}

187
# Role Test creation
Matthieu FAURE's avatar
Matthieu FAURE committed
188
189
190
postgresql::server::role { $_ds_db_test_role:
  password_hash => postgresql_password($db_test_user_name, $db_test_user_password),
}
191
# DB Test + Test Postgres user creation + assignation permissions
Matthieu FAURE's avatar
Matthieu FAURE committed
192
193
194
195
-> postgresql::server::db { $db_test_name:
  user     => $db_test_user_name,
  password => postgresql_password($db_test_user_name, $db_test_user_password),
  owner    => $_ds_db_test_role,
196
197
}

198
# Activate an extension 'unaccent' on postgresql databases (both ds and tps_test)
199
200
201
202
203
204
[$db_test_name, $db_name].each | $database | {
  postgresql::server::extension { "unaccent-${database}":
    database  => $database,
    extension => 'unaccent',
    ensure    => present,
  }
205
206
207
208
209
210
}

# PGPASS file
$_pgpass_content = "
# hostname:port:database:username:password
${db_host}:${db_port}:${db_name}:${db_user_name}:${db_user_password}
211
${db_host}:${db_port}:${db_test_name}:${db_test_user_name}:${db_test_user_password}
212
213
214
215
216
217
218
219
220
221
222
223
"

file { 'PGPASS file':
  ensure  => file,
  path    => "${_ds_home}/.pgpass",
  mode    => '0600',
  owner   => $_system_username,
  content => $_pgpass_content,
}

# #############################################################################
# PREREQUISITES nodejs
Matthieu FAURE's avatar
Matthieu FAURE committed
224
# The desired version must be specified.
225
226
227
class { 'nodejs':
  repo_url_suffix => '12.x',
}
228
229
230
231

# #############################################################################
# PREREQUISITES Yarn
# Install Yarn
Matthieu FAURE's avatar
Matthieu FAURE committed
232
# /!\ By default, last version is installed
233
class { 'yarn': }
234
235
236
237
238

# #############################################################################
# PREREQUISITES tmux
# Install tmux
class { 'tmux': }