diff --git a/hieradata/roles/infra/storage/edgecache.yaml b/hieradata/roles/infra/storage/edgecache.yaml index 7fcd2f8..a7f1fa3 100644 --- a/hieradata/roles/infra/storage/edgecache.yaml +++ b/hieradata/roles/infra/storage/edgecache.yaml @@ -42,6 +42,9 @@ profiles::edgecache::params::directories: /data/edgecache/pub/postgres: { owner: nginx, group: nginx } /data/edgecache/pub/postgres/apt: { owner: nginx, group: nginx } /data/edgecache/pub/postgres/yum: { owner: nginx, group: nginx } + /data/edgecache/pub/ceph: { owner: nginx, group: nginx } + /data/edgecache/pub/ceph/apt: { owner: nginx, group: nginx } + /data/edgecache/pub/ceph/yum: { owner: nginx, group: nginx } profiles::edgecache::params::mirrors: debian: @@ -118,3 +121,29 @@ profiles::edgecache::params::mirrors: proxy_cache_valid: - '200 302 1440h' - '404 1m' + ceph_yum_repodata: + ensure: present + location: '~* ^/ceph/yum/.*/repodata/' + rewrite_rules: + - '^/ceph/yum/(.*)$ /rpm-reef/$1 break' + proxy: http://158.69.68.124 + ceph_yum_data: + ensure: present + location: /ceph/yum + proxy: http://158.69.68.124/rpm-reef + proxy_cache: cache + proxy_cache_valid: + - '200 302 1440h' + - '404 1m' + ceph_apt: + ensure: present + location: /ceph/apt + proxy: http://158.69.68.124/debian-reef + ceph_apt_pool: + ensure: present + location: /ceph/apt/pool + proxy: http://158.69.68.124/debian-reef/pool + proxy_cache: cache + proxy_cache_valid: + - '200 302 1440h' + - '404 1m' diff --git a/site/profiles/manifests/edgecache/files.pp b/site/profiles/manifests/edgecache/files.pp new file mode 100644 index 0000000..4315100 --- /dev/null +++ b/site/profiles/manifests/edgecache/files.pp @@ -0,0 +1,11 @@ +# profiles::edgecache::files +class profiles::edgecache::files { + + # ceph rpm gpg key + file {'/data/edgecache/pub/ceph/ceph-rpm.gpg': + ensure => file, + content => template('profiles/edgecache/ceph-rpm.gpg.erb'), + require => File['/data/edgecache/pub/ceph'], + } + +} diff --git a/site/profiles/manifests/edgecache/init.pp b/site/profiles/manifests/edgecache/init.pp index 1112530..b83bda6 100644 --- a/site/profiles/manifests/edgecache/init.pp +++ b/site/profiles/manifests/edgecache/init.pp @@ -4,6 +4,7 @@ class profiles::edgecache::init { if $facts['enc_role'] == 'roles::infra::storage::edgecache' { include profiles::edgecache::nginx + include profiles::edgecache::files include profiles::edgecache::selinux Class['profiles::edgecache::nginx'] diff --git a/site/profiles/templates/edgecache/ceph-rpm.gpg.erb b/site/profiles/templates/edgecache/ceph-rpm.gpg.erb new file mode 100644 index 0000000..527e575 --- /dev/null +++ b/site/profiles/templates/edgecache/ceph-rpm.gpg.erb @@ -0,0 +1,20 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.22 (GNU/Linux) + +mQENBFTCLWABCADDHh5ktfB+78L6yxcIxwbZgaLKTp0mKvM3i2CjBrbw+xHJ4x9E +mn39rkTJf2UHOK0PgAp3FftoAFCtrSAXuanNGpEcpSxXDzxNj2QMpAbySZ2r4RpL +qxNVlB73dHuASXIMlhyV1ASpM6Me0dpaTtyKj38kRPFkWWuIUaiEQzXFgztYx7Kp +i+we0iUBfSKY47l2rbqyu9qZ8kCeMjuSuLfG5OKw+fj9zwqFJkc+LAz8IPTF4g7p +48m0m5bUPvKIIa1BfYcyqaTMxfbqjGaF1M37zF1O0TUKGQ+8VddzQmwg7GglQMt3 +FqVer1WJUNPXyEgmZMzfmg7lqdPKKYaQBLk1ABEBAAG0XkNlbnRPUyBTdG9yYWdl +IFNJRyAoaHR0cDovL3dpa2kuY2VudG9zLm9yZy9TcGVjaWFsSW50ZXJlc3RHcm91 +cC9TdG9yYWdlKSA8c2VjdXJpdHlAY2VudG9zLm9yZz6JATkEEwECACMFAlTCLWAC +GwMHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDUouUL5FHltbq9B/93dtpt +lQG2mVvGik9TFgRdt+p3CPTqT1fwNzhB3iO02yJu5oM6s4FB1XqKRaKlqtvtBzyT +geAwenu74aU1hFv4uq+uETCanUaSgOvTcCn5WXUpOvlwKJV7TUjLSNRfp2dAG8Ig +d3euLnfajCE13t5BrqhTAlaMxAbGAqtzr6K9y0hUeT0ogjrscfoQSVptlcLs8d7m +P+VMR4GUfvUAws65JZxBaal4N7eIIZCWktnJ+B3dE3/tsAksGyXGLaSroPSuY18V +wksdBuscKVV49Ees0SbhvSrF5JJ07ccUt43SSFun84iNW4nuiWm2QOOKMcd182Sk +d9SDUTFu/G4s2gx7 +=a0nM +-----END PGP PUBLIC KEY BLOCK-----