cdn-ops/global/overlay/etc/puppet/modules/cdn/manifests/cache.pp
2024-10-10 15:28:23 +02:00

85 lines
2.2 KiB
Puppet

# Configure a SUNET CDN CA server
class cdn::cache(
Hash[String, Integer] $customers = {
customer1 => 1000000000,
}
)
{
include sunet::packages::certbot
include cdn::ca_trust
$cache_secrets = lookup({ 'name' => 'cdn::cache-secrets', 'default_value' => undef })
file { '/opt/sunet-cdn':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
file { '/opt/sunet-cdn/customers':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
file { '/opt/sunet-cdn/conf':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
file { "/opt/sunet-cdn/conf/varnish-slash-seccomp.json":
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template('cdn/cache/varnish-slash-seccomp.json.erb'),
}
if $cache_secrets {
customers.each |String $customer, Integer $customer_uid| {
if $cache_secrets['customers'][$customer] {
file { "/opt/sunet-cdn/customers/$customer":
ensure => directory,
owner => $customer_uid,
group => $customer_uid,
mode => '0750',
}
file { "/opt/sunet-cdn/customers/$customer/shared":
ensure => directory,
owner => $customer_uid,
group => $customer_uid,
mode => '0750',
}
file { "/opt/sunet-cdn/customers/$customer/cache":
ensure => directory,
owner => $customer_uid,
group => $customer_uid,
mode => '0750',
}
file { "/opt/sunet-cdn/customers/$customer/conf/haproxy.cfg":
ensure => file,
owner => $customer_uid,
group => $customer_uid,
mode => '0440',
content => template('cdn/cache/haproxy.cfg.erb'),
}
sunet::docker_compose { "sunet-cdn-cache-$customer":
content => template('cdn/cache/docker-compose.yml.erb'),
service_name => "cdn-cache-$customer",
compose_dir => "/opt/sunet-cdn/compose/$customer",
compose_filename => 'docker-compose.yml',
description => "SUNET CDN CA $customer",
}
}
}
}
}