From 8b285ec0fff650bcd2412a18b53dcf7155a5909f Mon Sep 17 00:00:00 2001 From: Tim Abbott Date: Sat, 30 Jul 2016 23:29:21 -0700 Subject: [PATCH] puppet: Read camo key from zulip-secrets.conf. --- puppet/zulip/manifests/camo.pp | 11 ++++++++++- puppet/zulip/templates/camo_defaults.template.erb | 3 +++ puppet/zulip_internal/files/camo_defaults | 3 --- puppet/zulip_internal/manifests/loadbalancer.pp | 9 --------- scripts/setup/generate_secrets.py | 2 ++ 5 files changed, 15 insertions(+), 13 deletions(-) create mode 100644 puppet/zulip/templates/camo_defaults.template.erb delete mode 100644 puppet/zulip_internal/files/camo_defaults diff --git a/puppet/zulip/manifests/camo.pp b/puppet/zulip/manifests/camo.pp index 8f6a17fa97..e890f7e34a 100644 --- a/puppet/zulip/manifests/camo.pp +++ b/puppet/zulip/manifests/camo.pp @@ -5,7 +5,16 @@ class zulip::camo { ] package { $camo_packages: ensure => "installed" } - # The configuration file is generated at install time + $camo_key = zulipsecret("secrets", "camo_key", '') + + file { "/etc/default/camo": + require => Package[camo], + ensure => file, + owner => "root", + group => "root", + mode => 644, + content => template("zulip/camo_defaults.template.erb"), + } } diff --git a/puppet/zulip/templates/camo_defaults.template.erb b/puppet/zulip/templates/camo_defaults.template.erb new file mode 100644 index 0000000000..d9bd65afef --- /dev/null +++ b/puppet/zulip/templates/camo_defaults.template.erb @@ -0,0 +1,3 @@ +ENABLED=yes +PORT=9292 +CAMO_KEY=<%= scope["zulip::camo::camo_key"] %> diff --git a/puppet/zulip_internal/files/camo_defaults b/puppet/zulip_internal/files/camo_defaults deleted file mode 100644 index cb0dce9497..0000000000 --- a/puppet/zulip_internal/files/camo_defaults +++ /dev/null @@ -1,3 +0,0 @@ -ENABLED=yes -PORT=9292 -CAMO_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx diff --git a/puppet/zulip_internal/manifests/loadbalancer.pp b/puppet/zulip_internal/manifests/loadbalancer.pp index 8ea672dfc9..116b053c3d 100644 --- a/puppet/zulip_internal/manifests/loadbalancer.pp +++ b/puppet/zulip_internal/manifests/loadbalancer.pp @@ -28,15 +28,6 @@ class zulip_internal::loadbalancer { notify => Service["nginx"], } - file { "/etc/default/camo": - require => Package[camo], - ensure => file, - owner => "root", - group => "root", - mode => 644, - source => "puppet:///modules/zulip_internal/camo_defaults", - } - file { '/etc/log2zulip.conf': ensure => file, owner => "zulip", diff --git a/scripts/setup/generate_secrets.py b/scripts/setup/generate_secrets.py index 287965ef8a..451d0ea309 100755 --- a/scripts/setup/generate_secrets.py +++ b/scripts/setup/generate_secrets.py @@ -23,6 +23,8 @@ CAMO_CONFIG_FILENAME = '/etc/default/camo' AUTOGENERATED_SETTINGS = ['shared_secret', 'avatar_salt', 'rabbitmq_password', 'local_database_password', 'initial_password_salt'] +# TODO: We can eliminate this function if we refactor the install +# script to run generate_secrets before zulip-puppet-apply. def generate_camo_config_file(camo_key): camo_config = """ENABLED=yes PORT=9292