WMDE
/
puppet-wmdeit_piwik
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
puppet-wmdeit_piwik/manifests/init.pp

299 lines
6.2 KiB
Puppet
Raw Blame History

# Class: piwik
# ===========================
#
# Full description of class piwik here.
#
# Parameters
# ----------
#
# Document parameters here.
#
# * `sample parameter`
# Explanation of what this parameter affects and what it defaults to.
# e.g. "Specify one or more upstream ntp servers as an array."
#
# Variables
# ----------
#
# Here you should define a list of variables that this module would require.
#
# * `sample variable`
# Explanation of how this variable affects the function of this class and if
# it has a default. e.g. "The parameter enc_ntp_servers must be set by the
# External Node Classifier as a comma separated list of hostnames." (Note,
# global variables should be avoided in favor of class parameters as
# of Puppet 2.6.)
#
# Examples
# --------
#
# @example
# class { 'piwik':
# servers => [ 'pool.ntp.org', 'ntp.local.company.com' ],
# }
#
# Authors
# -------
#
# Author Name <author@domain.com>
#
# Copyright
# ---------
#
# Copyright 2018 Your name here, unless otherwise noted.
#
class wmdeit_piwik(
$source = "https://builds.matomo.org/piwik.zip",
$domain,
$localnginx = true,
$localsql = true,
$piwikdbuser = "piwik",
$piwikdbname = "piwikdb",
$piwikdbpassword = "piwik",
$piwikdbhost = "localhost",
$ssl = false,
$piwiksalt = undef,
) inherits wmdeit_piwik::params
{
$piwikini = "$wwwdir/piwik/config/config.ini.php"
if $localnginx {
$fpm_listen = "/tmp/fpm"
$fpm_type ="unix:"
}
service { "$phpfpm_service":
ensure => running,
require => Package[$packages],
subscribe => [Package[$packages],File[$phpfpm_cfg]]
}
file{"$phpfpm_cfg":
ensure => present,
content => template ("wmdeit_piwik/php-fpm.conf.erb"),
}
package { $packages:
ensure => installed,
require => File["$wwwdir"]
}
file { "$wwwdir":
ensure => directory,
}
file { "$sourcezip":
source => $source,
ensure => 'present'
}
exec {"unzip":
command => "$unzipcmd -q $sourcezip && chown -R $wwwuser $wwwdir/piwik",
cwd => "$wwwdir",
require => [
Package[$packages],
File[$sourcezip],
File[$wwwdir],
],
creates => "$wwwdir/piwik",
} ->
file{"$piwikini":
ensure => file,
owner => $wwwuser
} ->
ini_setting {"$piwikini proxy":
ensure => present,
section => "General",
path => "$piwikini",
setting => "browser_archiving_disabled_enforce",
value => "1",
}
if $piwiksalt {
ini_setting {"$piwikini salt":
ensure => present,
section => "General",
path => "$piwikini",
setting => "salt",
value => "\"$piwiksalt\"",
require => File["$piwikini"],
}
}
ini_setting {"$piwikini dbhost":
ensure => present,
section => "database",
path => "$piwikini",
setting => "host",
value => "\"$piwikdbhost\"",
require => File["$piwikini"],
}
ini_setting {"$piwikini dbname":
ensure => present,
section => "database",
path => "$piwikini",
setting => "dbname",
value => "\"$piwikdbname\"",
require => File["$piwikini"],
}
ini_setting {"$piwikini dbuser":
ensure => present,
section => "database",
path => "$piwikini",
setting => "username",
value => "\"$piwikdbuser\"",
require => File["$piwikini"],
}
ini_setting {"$piwikini dbpass":
ensure => present,
section => "database",
path => "$piwikini",
setting => "password",
value => "\"$piwikdbpassword\"",
require => File["$piwikini"],
}
if $ssl {
$ssl_redirect = true
$ssl_port = 443
$ssl_key = "/etc/ssl/private/wikimedia.de.key"
$ssl_cert = "/etc/ssl/certs/wikimedia.de.chained.pem"
}
if $localnginx {
class {"nginx":
worker_connections => 4096,
multi_accept => 'on',
events_use => "$eventmech",
server_tokens => 'off',
fastcgi_cache_path => "/var/cache/nginx",
}
# nginx::resource::server { "${domain}_http":
# listen_port => 80,
# ensure => present,
# access_log => "off",
# error_log => "off",
# server_name => ["$domain"],
# server_cfg_append => {
# "return" => '301 https://$server_name$request_uri'
# }
#
# }
nginx::resource::server { "$domain":
ssl_redirect => $ssl,
ssl_port => $ssl_port,
ssl_key => $ssl_key,
ssl_cert => $ssl_cert,
server_name => ["$domain"],
# listen_port => 443,
ensure => present,
www_root => "$wwwdir/piwik",
access_log => "off",
error_log => "off",
# ssl => true,
server_cfg_append => {
"ssl_session_cache" => "shared:SSL:10m",
# " ssl_session_timeout" => "10m;"
}
#include => ["/usr/local/etc/nginx/apps/piwik/piwik.conf"],
}
file {"$cache_dir":
ensure => "directory",
owner => "$wwwuser"
}
nginx::resource::location { "${domain}_x2":
ensure => present,
server => "$domain",
# ssl => true,
# ssl_only => true,
www_root => "$wwwdir/piwik/",
location => '~* ^.+\.(?:css|gif|html?|jpe?g|js|png|swf)$',
location_cfg_append=> {
open_file_cache => "max=500 inactive=120s",
open_file_cache_valid =>"45s",
open_file_cache_min_uses => "2",
open_file_cache_errors => "off",
},
expires => "max",
}
nginx::resource::location { "${domain}_root":
ensure => present,
server => "$domain",
# ssl => true,
# ssl_only => true,
www_root => "$wwwdir/piwik/",
location => '~ \.php$',
index_files => ['index.php', 'index.html', 'index.htm'],
proxy => undef,
fastcgi => "$fpm_type$fpm_listen",
fastcgi_script => undef,
# location_cfg_append => {
# fastcgi_connect_timeout => '3m',
# fastcgi_read_timeout => '3m',
# fastcgi_send_timeout => '3m',
# fastcgi_cache_valid => "404 1m",
# fastcgi_cache_valid => "200 301 5m",
#
# }
}
}
if $localsql {
class {"mysql::server":
override_options => {
mysqld => {
'innodb_buffer_pool_size' => '2147483648'
}
}
}
mysql::db { "$piwikdbname":
user => "$piwikdbuser",
password => "$piwikdbpassword",
host => "$piwikdbhost",
grant => ['ALL'],
}
}
cron {"refresh matomo":
ensure => present,
hour => '*',
minute => '*/15',
command => "/usr/bin/php $wwwdir/piwik/console core:archive --url https://$domain",
user => "$wwwuser"
}
}
Reference in New Issue View Git Blame Copy Permalink