This repository has been archived by the owner on Jan 30, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 41
/
Copy pathrouter_api.pp
119 lines (109 loc) · 3.16 KB
/
router_api.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
# == Class: govuk::apps::router_api
#
# Configure the router-api app on a node.
#
# === Parameters
#
# [*port*]
# The port that router-api listens on.
#
# [*mongodb_name*]
# The Mongo database to be used.
#
# [*mongodb_nodes*]
# Array of hostnames for the mongo cluster to use.
#
# [*router_nodes*]
# Array of hostname:port pairs for the router instances. These will be used
# when reloading routes in the router.
#
# [*vhost*]
# Virtual host to be used by the application.
# Default: router-api
#
# [*secret_key_base*]
# The key for Rails to use when signing/encrypting sessions.
#
# [*sentry_dsn*]
# The URL used by Sentry to report exceptions
#
# [*router_nodes_class*]
# The class or classes of machine that run router that require reloading
# after app deployment. Acceptable formats are "cache" or "cache,draft_cache"
#
# [*oauth_id*]
# The OAuth ID used by GDS-SSO to identify the app to GOV.UK Signon
#
# [*oauth_secret*]
# The OAuth secret used by GDS-SSO to authenticate the app to GOV.UK Signon
#
class govuk::apps::router_api(
$port,
$mongodb_name,
$mongodb_nodes,
$mongodb_username = '',
$mongodb_password = '',
$mongodb_params = '',
$router_nodes = [],
$vhost = 'router-api',
$secret_key_base = undef,
$sentry_dsn = undef,
$router_nodes_class = undef,
$oauth_id = undef,
$oauth_secret = undef,
) {
$app_name = 'router-api'
validate_array($router_nodes)
govuk::app { $app_name:
app_type => 'rack',
port => $port,
sentry_dsn => $sentry_dsn,
vhost_ssl_only => true,
health_check_path => '/healthcheck',
log_format_is_json => true,
vhost => $vhost,
}
Govuk::App::Envvar {
app => $app_name,
}
govuk::app::envvar {
"${title}-SECRET_KEY_BASE":
varname => 'SECRET_KEY_BASE',
value => $secret_key_base;
"${title}-GDS_SSO_OAUTH_ID":
varname => 'GDS_SSO_OAUTH_ID',
value => $oauth_id;
"${title}-GDS_SSO_OAUTH_SECRET":
varname => 'GDS_SSO_OAUTH_SECRET',
value => $oauth_secret;
}
govuk::app::envvar::mongodb_uri { $app_name:
hosts => $mongodb_nodes,
database => $mongodb_name,
username => $mongodb_username,
password => $mongodb_password,
params => $mongodb_params,
}
if $router_nodes != [] {
govuk::app::envvar { "${title}-ROUTER_NODES":
varname => 'ROUTER_NODES',
value => join($router_nodes, ','),
}
}
# Set up a cron job which outputs the current nodes for a specific machine class.
# The file can then be read in by router-api to publish routes for those nodes.
if $router_nodes_class {
$router_port = '3055'
$router_nodes_file = '/etc/router_nodes'
cron::crondotdee { 'update-router-nodes':
command => "/usr/local/bin/govuk_node_list -c ${router_nodes_class} | sed 's/$/:${router_port}/g' > ${router_nodes_file}.new && [ -s ${router_nodes_file}.new ] && mv ${router_nodes_file}.new ${router_nodes_file}",
hour => '*',
minute => '*/5',
mailto => '""',
}
govuk::app::envvar { "${title}-ROUTER_NODES_FILE":
varname => 'ROUTER_NODES_FILE',
value => $router_nodes_file,
}
}
}