From b23d90ed62af985550f9da9498413b9ec201c394 Mon Sep 17 00:00:00 2001 From: Alex Vandiver Date: Tue, 6 Feb 2024 15:40:19 -0500 Subject: [PATCH] puppet: Rename puppet/zulip_ops to puppet/kandra. This makes for easier tab-completion, and also is a bit more explicit about the expected consumer. --- docs/production/deployment.md | 4 +-- docs/production/troubleshooting.md | 2 +- docs/subsystems/queuing.md | 2 +- .../files/apache/ports.conf | 0 .../files/apt/apt.conf.d/02periodic | 0 .../apt/apt.conf.d/50unattended-upgrades | 0 .../files/certs/.gitignore | 0 .../{zulip_ops => kandra}/files/chrony.conf | 0 .../files/cron.d/check_send_receive_time | 0 .../cron.d/check_user_zephyr_mirror_liveness | 0 .../files/cron.d/fetch-contributor-data | 0 .../files/cron.d/test_zephyr_personal_mirrors | 0 .../files/cron.d/zephyr-mirror | 0 .../files/dotfiles/emacs.el | 0 .../files/grafana/grafana.ini | 0 .../files/install-aws-cli | 0 .../files/install-ssh-authorized-keys | 0 .../files/install-ssh-keys | 0 .../files/iptables/header.v4 | 0 .../files/iptables/header.v6 | 0 .../files/iptables/trailer.v4 | 0 .../files/iptables/trailer.v6 | 0 .../files/iptables/zmirror.v4 | 0 .../files/iptables/zmirror.v6 | 0 puppet/{zulip_ops => kandra}/files/krb5.conf | 0 .../files/munin-plugins/rabbitmq_connections | 0 .../files/munin-plugins/rabbitmq_consumers | 0 .../files/munin-plugins/rabbitmq_messages | 0 .../rabbitmq_messages_unacknowledged | 0 .../rabbitmq_messages_uncommitted | 0 .../files/munin-plugins/rabbitmq_queue_memory | 0 .../files/munin-plugins/tornado_event_queues | 0 .../munin-plugins/zulip_send_receive_timing | 0 .../files/munin/apache.conf | 0 .../files/munin/munin-node.conf | 0 .../files/munin/plugin-conf.d/munin-node.conf | 0 .../files/nagios4/commands.cfg | 0 .../nagios4/conf.d/generic-host_nagios2.cfg | 0 .../conf.d/generic-service_nagios2.cfg | 0 .../files/nagios4/conf.d/hostgroups.cfg | 0 .../files/nagios4/conf.d/services.cfg | 0 .../nagios4/conf.d/timeperiods_nagios2.cfg | 0 .../files/nagios4/nagios.cfg | 0 .../files/nagios4/resource.cfg | 0 .../files/nagios4/zuliprc | 0 .../check_personal_zephyr_mirrors | 0 .../check_user_zephyr_mirror_liveness | 0 .../zulip_zephyr_mirror/check_zephyr_mirror | 2 +- .../files/nagios_ssh_config | 0 .../files/needrestart/zulip.conf | 0 .../files/nginx/sites-available/zulip | 0 .../files/nginx/sites-available/zulip-staging | 0 .../nginx/zulip-include-app.d/well-known.conf | 0 .../files/postgresql/pg_hba.conf | 0 .../files/postgresql/setup_disks.sh | 0 .../files/process_exporter.yaml | 0 .../files/prometheus/prometheus.yaml | 0 .../files/statuspage-pusher | 0 .../files/supervisor/conf.d/zmirror.conf | 0 .../files/teleport-aws-credentials | 0 .../files/teleport_app.yaml | 0 .../files/teleport_server.yaml | 0 .../files/zephyr-clients | 0 .../{zulip_ops => kandra}/manifests/apache.pp | 4 +-- .../manifests/app_frontend.pp | 20 ++++++------- .../manifests/app_frontend_monitoring.pp | 14 ++++----- .../manifests/aws_tools.pp | 12 ++++---- puppet/kandra/manifests/camo.pp | 7 +++++ .../manifests/firewall.pp | 10 +++---- .../manifests/firewall_allow.pp | 2 +- .../manifests/ksplice_uptrack.pp | 4 +-- .../manifests/munin_node.pp | 6 ++-- .../manifests/munin_plugin.pp | 4 +-- .../manifests/prod_app_frontend_once.pp | 6 ++-- .../manifests/profile/base.pp | 30 +++++++++---------- .../manifests/profile/chat_zulip_org.pp | 20 +++++++++++++ .../manifests/profile/grafana.pp | 10 +++---- .../manifests/profile/munin_server.pp | 10 +++---- .../manifests/profile/nagios.pp | 24 +++++++-------- .../manifests/profile/postgresql.pp | 12 ++++---- .../manifests/profile/prod_app_frontend.pp | 12 ++++---- .../manifests/profile/prometheus_server.pp | 14 ++++----- .../manifests/profile/redis.pp | 6 ++-- .../kandra/manifests/profile/smokescreen.pp | 9 ++++++ .../manifests/profile/staging_app_frontend.pp | 8 ++--- .../manifests/profile/teleport.pp | 14 ++++----- .../manifests/profile/zmirror.pp | 16 +++++----- .../manifests/profile/zmirror_personals.pp | 14 ++++----- .../manifests/profile/zulipbot_zulip_org.pp | 8 +++++ .../manifests/prometheus/akamai.pp | 12 ++++---- .../manifests/prometheus/base.pp | 2 +- .../manifests/prometheus/node.pp | 8 ++--- .../manifests/prometheus/postgresql.pp | 8 ++--- .../manifests/prometheus/process.pp | 10 +++---- .../manifests/prometheus/rabbitmq.pp | 6 ++-- .../manifests/prometheus/redis.pp | 8 ++--- .../manifests/prometheus/uwsgi.pp | 8 ++--- .../manifests/prometheus/wal_g.pp | 6 ++-- .../manifests/ssh_authorized_keys.pp | 2 +- .../manifests/ssh_keys.pp | 2 +- .../manifests/statuspage.pp | 6 ++-- .../manifests/teleport/application.pp | 6 ++-- .../manifests/teleport/application_top.pp | 4 +-- .../manifests/teleport/base.pp | 2 +- .../manifests/teleport/db.pp | 8 ++--- .../manifests/teleport/node.pp | 8 ++--- .../manifests/teleport/part.pp | 4 +-- .../manifests/user_dotfiles.pp | 8 ++--- .../{zulip_ops => kandra}/manifests/vector.pp | 2 +- .../templates/dotfiles/aws_config.erb | 0 .../templates/msmtprc_nagios.template.erb | 0 .../templates/munin/munin.conf.erb | 0 .../templates/nagios4/cgi.cfg.template.erb | 0 .../nagios4/contacts.cfg.template.erb | 0 .../templates/nagios4/hosts.cfg.template.erb | 0 .../nagios4/localhost.cfg.template.erb | 0 .../nagios_apache_site.conf.template.erb | 0 .../templates/nagios_autossh.template.erb | 0 .../supervisor/conf.d/grafana.conf.erb | 0 .../supervisor/conf.d/munin_tunnels.conf.erb | 0 .../conf.d/prometheus.conf.template.erb | 0 ...ometheus_akamai_exporter.conf.template.erb | 0 ...prometheus_node_exporter.conf.template.erb | 0 ...etheus_postgres_exporter.conf.template.erb | 0 ...metheus_process_exporter.conf.template.erb | 0 ...rometheus_redis_exporter.conf.template.erb | 0 ...rometheus_uwsgi_exporter.conf.template.erb | 0 ...rometheus_wal_g_exporter.conf.template.erb | 0 .../conf.d/redis_tunnel.conf.template.erb | 0 .../statuspage-pusher.conf.template.erb | 0 .../templates/teleport.service.template.erb | 0 .../templates/teleport_app.yaml.template.erb | 2 +- .../templates/teleport_db.yaml.template.erb | 0 .../templates/teleport_node.yaml.template.erb | 0 .../templates/uptrack/uptrack.conf.erb | 0 .../templates/vector.toml.template.erb | 0 puppet/zulip/manifests/common.pp | 2 +- puppet/zulip_ops/manifests/camo.pp | 7 ----- .../manifests/profile/chat_zulip_org.pp | 20 ------------- .../manifests/profile/smokescreen.pp | 9 ------ .../manifests/profile/zulipbot_zulip_org.pp | 8 ----- tools/linter_lib/custom_check.py | 8 ++--- tools/release-tarball-exclude.txt | 2 +- tools/setup/bootstrap-aws-installer | 4 +-- tools/setup/install-aws-server | 10 +++---- zproject/default_settings.py | 2 +- 146 files changed, 250 insertions(+), 250 deletions(-) rename puppet/{zulip_ops => kandra}/files/apache/ports.conf (100%) rename puppet/{zulip_ops => kandra}/files/apt/apt.conf.d/02periodic (100%) rename puppet/{zulip_ops => kandra}/files/apt/apt.conf.d/50unattended-upgrades (100%) rename puppet/{zulip_ops => kandra}/files/certs/.gitignore (100%) rename puppet/{zulip_ops => kandra}/files/chrony.conf (100%) rename puppet/{zulip_ops => kandra}/files/cron.d/check_send_receive_time (100%) rename puppet/{zulip_ops => kandra}/files/cron.d/check_user_zephyr_mirror_liveness (100%) rename puppet/{zulip_ops => kandra}/files/cron.d/fetch-contributor-data (100%) rename puppet/{zulip_ops => kandra}/files/cron.d/test_zephyr_personal_mirrors (100%) rename puppet/{zulip_ops => kandra}/files/cron.d/zephyr-mirror (100%) rename puppet/{zulip_ops => kandra}/files/dotfiles/emacs.el (100%) rename puppet/{zulip_ops => kandra}/files/grafana/grafana.ini (100%) rename puppet/{zulip_ops => kandra}/files/install-aws-cli (100%) rename puppet/{zulip_ops => kandra}/files/install-ssh-authorized-keys (100%) rename puppet/{zulip_ops => kandra}/files/install-ssh-keys (100%) rename puppet/{zulip_ops => kandra}/files/iptables/header.v4 (100%) rename puppet/{zulip_ops => kandra}/files/iptables/header.v6 (100%) rename puppet/{zulip_ops => kandra}/files/iptables/trailer.v4 (100%) rename puppet/{zulip_ops => kandra}/files/iptables/trailer.v6 (100%) rename puppet/{zulip_ops => kandra}/files/iptables/zmirror.v4 (100%) rename puppet/{zulip_ops => kandra}/files/iptables/zmirror.v6 (100%) rename puppet/{zulip_ops => kandra}/files/krb5.conf (100%) rename puppet/{zulip_ops => kandra}/files/munin-plugins/rabbitmq_connections (100%) rename puppet/{zulip_ops => kandra}/files/munin-plugins/rabbitmq_consumers (100%) rename puppet/{zulip_ops => kandra}/files/munin-plugins/rabbitmq_messages (100%) rename puppet/{zulip_ops => kandra}/files/munin-plugins/rabbitmq_messages_unacknowledged (100%) rename puppet/{zulip_ops => kandra}/files/munin-plugins/rabbitmq_messages_uncommitted (100%) rename puppet/{zulip_ops => kandra}/files/munin-plugins/rabbitmq_queue_memory (100%) rename puppet/{zulip_ops => kandra}/files/munin-plugins/tornado_event_queues (100%) rename puppet/{zulip_ops => kandra}/files/munin-plugins/zulip_send_receive_timing (100%) rename puppet/{zulip_ops => kandra}/files/munin/apache.conf (100%) rename puppet/{zulip_ops => kandra}/files/munin/munin-node.conf (100%) rename puppet/{zulip_ops => kandra}/files/munin/plugin-conf.d/munin-node.conf (100%) rename puppet/{zulip_ops => kandra}/files/nagios4/commands.cfg (100%) rename puppet/{zulip_ops => kandra}/files/nagios4/conf.d/generic-host_nagios2.cfg (100%) rename puppet/{zulip_ops => kandra}/files/nagios4/conf.d/generic-service_nagios2.cfg (100%) rename puppet/{zulip_ops => kandra}/files/nagios4/conf.d/hostgroups.cfg (100%) rename puppet/{zulip_ops => kandra}/files/nagios4/conf.d/services.cfg (100%) rename puppet/{zulip_ops => kandra}/files/nagios4/conf.d/timeperiods_nagios2.cfg (100%) rename puppet/{zulip_ops => kandra}/files/nagios4/nagios.cfg (100%) rename puppet/{zulip_ops => kandra}/files/nagios4/resource.cfg (100%) rename puppet/{zulip_ops => kandra}/files/nagios4/zuliprc (100%) rename puppet/{zulip_ops => kandra}/files/nagios_plugins/zulip_zephyr_mirror/check_personal_zephyr_mirrors (100%) rename puppet/{zulip_ops => kandra}/files/nagios_plugins/zulip_zephyr_mirror/check_user_zephyr_mirror_liveness (100%) rename puppet/{zulip_ops => kandra}/files/nagios_plugins/zulip_zephyr_mirror/check_zephyr_mirror (93%) rename puppet/{zulip_ops => kandra}/files/nagios_ssh_config (100%) rename puppet/{zulip_ops => kandra}/files/needrestart/zulip.conf (100%) rename puppet/{zulip_ops => kandra}/files/nginx/sites-available/zulip (100%) rename puppet/{zulip_ops => kandra}/files/nginx/sites-available/zulip-staging (100%) rename puppet/{zulip_ops => kandra}/files/nginx/zulip-include-app.d/well-known.conf (100%) rename puppet/{zulip_ops => kandra}/files/postgresql/pg_hba.conf (100%) rename puppet/{zulip_ops => kandra}/files/postgresql/setup_disks.sh (100%) rename puppet/{zulip_ops => kandra}/files/process_exporter.yaml (100%) rename puppet/{zulip_ops => kandra}/files/prometheus/prometheus.yaml (100%) rename puppet/{zulip_ops => kandra}/files/statuspage-pusher (100%) rename puppet/{zulip_ops => kandra}/files/supervisor/conf.d/zmirror.conf (100%) rename puppet/{zulip_ops => kandra}/files/teleport-aws-credentials (100%) rename puppet/{zulip_ops => kandra}/files/teleport_app.yaml (100%) rename puppet/{zulip_ops => kandra}/files/teleport_server.yaml (100%) rename puppet/{zulip_ops => kandra}/files/zephyr-clients (100%) rename puppet/{zulip_ops => kandra}/manifests/apache.pp (91%) rename puppet/{zulip_ops => kandra}/manifests/app_frontend.pp (76%) rename puppet/{zulip_ops => kandra}/manifests/app_frontend_monitoring.pp (64%) rename puppet/{zulip_ops => kandra}/manifests/aws_tools.pp (87%) create mode 100644 puppet/kandra/manifests/camo.pp rename puppet/{zulip_ops => kandra}/manifests/firewall.pp (84%) rename puppet/{zulip_ops => kandra}/manifests/firewall_allow.pp (95%) rename puppet/{zulip_ops => kandra}/manifests/ksplice_uptrack.pp (89%) rename puppet/{zulip_ops => kandra}/manifests/munin_node.pp (80%) rename puppet/{zulip_ops => kandra}/manifests/munin_plugin.pp (77%) rename puppet/{zulip_ops => kandra}/manifests/prod_app_frontend_once.pp (83%) rename puppet/{zulip_ops => kandra}/manifests/profile/base.pp (78%) create mode 100644 puppet/kandra/manifests/profile/chat_zulip_org.pp rename puppet/{zulip_ops => kandra}/manifests/profile/grafana.pp (82%) rename puppet/{zulip_ops => kandra}/manifests/profile/munin_server.pp (79%) rename puppet/{zulip_ops => kandra}/manifests/profile/nagios.pp (87%) rename puppet/{zulip_ops => kandra}/manifests/profile/postgresql.pp (73%) rename puppet/{zulip_ops => kandra}/manifests/profile/prod_app_frontend.pp (75%) rename puppet/{zulip_ops => kandra}/manifests/profile/prometheus_server.pp (81%) rename puppet/{zulip_ops => kandra}/manifests/profile/redis.pp (82%) create mode 100644 puppet/kandra/manifests/profile/smokescreen.pp rename puppet/{zulip_ops => kandra}/manifests/profile/staging_app_frontend.pp (69%) rename puppet/{zulip_ops => kandra}/manifests/profile/teleport.pp (53%) rename puppet/{zulip_ops => kandra}/manifests/profile/zmirror.pp (74%) rename puppet/{zulip_ops => kandra}/manifests/profile/zmirror_personals.pp (83%) create mode 100644 puppet/kandra/manifests/profile/zulipbot_zulip_org.pp rename puppet/{zulip_ops => kandra}/manifests/prometheus/akamai.pp (71%) rename puppet/{zulip_ops => kandra}/manifests/prometheus/base.pp (90%) rename puppet/{zulip_ops => kandra}/manifests/prometheus/node.pp (78%) rename puppet/{zulip_ops => kandra}/manifests/prometheus/postgresql.pp (90%) rename puppet/{zulip_ops => kandra}/manifests/prometheus/process.pp (77%) rename puppet/{zulip_ops => kandra}/manifests/prometheus/rabbitmq.pp (74%) rename puppet/{zulip_ops => kandra}/manifests/prometheus/redis.pp (78%) rename puppet/{zulip_ops => kandra}/manifests/prometheus/uwsgi.pp (78%) rename puppet/{zulip_ops => kandra}/manifests/prometheus/wal_g.pp (83%) rename puppet/{zulip_ops => kandra}/manifests/ssh_authorized_keys.pp (94%) rename puppet/{zulip_ops => kandra}/manifests/ssh_keys.pp (93%) rename puppet/{zulip_ops => kandra}/manifests/statuspage.pp (75%) rename puppet/{zulip_ops => kandra}/manifests/teleport/application.pp (65%) rename puppet/{zulip_ops => kandra}/manifests/teleport/application_top.pp (67%) rename puppet/{zulip_ops => kandra}/manifests/teleport/base.pp (93%) rename puppet/{zulip_ops => kandra}/manifests/teleport/db.pp (74%) rename puppet/{zulip_ops => kandra}/manifests/teleport/node.pp (79%) rename puppet/{zulip_ops => kandra}/manifests/teleport/part.pp (83%) rename puppet/{zulip_ops => kandra}/manifests/user_dotfiles.pp (90%) rename puppet/{zulip_ops => kandra}/manifests/vector.pp (95%) rename puppet/{zulip_ops => kandra}/templates/dotfiles/aws_config.erb (100%) rename puppet/{zulip_ops => kandra}/templates/msmtprc_nagios.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/munin/munin.conf.erb (100%) rename puppet/{zulip_ops => kandra}/templates/nagios4/cgi.cfg.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/nagios4/contacts.cfg.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/nagios4/hosts.cfg.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/nagios4/localhost.cfg.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/nagios_apache_site.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/nagios_autossh.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/grafana.conf.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/munin_tunnels.conf.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/prometheus.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/prometheus_akamai_exporter.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/prometheus_node_exporter.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/prometheus_postgres_exporter.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/prometheus_process_exporter.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/prometheus_redis_exporter.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/prometheus_uwsgi_exporter.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/prometheus_wal_g_exporter.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/redis_tunnel.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/supervisor/conf.d/statuspage-pusher.conf.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/teleport.service.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/teleport_app.yaml.template.erb (77%) rename puppet/{zulip_ops => kandra}/templates/teleport_db.yaml.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/teleport_node.yaml.template.erb (100%) rename puppet/{zulip_ops => kandra}/templates/uptrack/uptrack.conf.erb (100%) rename puppet/{zulip_ops => kandra}/templates/vector.toml.template.erb (100%) delete mode 100644 puppet/zulip_ops/manifests/camo.pp delete mode 100644 puppet/zulip_ops/manifests/profile/chat_zulip_org.pp delete mode 100644 puppet/zulip_ops/manifests/profile/smokescreen.pp delete mode 100644 puppet/zulip_ops/manifests/profile/zulipbot_zulip_org.pp diff --git a/docs/production/deployment.md b/docs/production/deployment.md index 332e025d65..e8a36ba220 100644 --- a/docs/production/deployment.md +++ b/docs/production/deployment.md @@ -193,7 +193,7 @@ want to choose in the list of includes in [the main manifest for the default all-in-one Zulip server][standalone.pp], though it's also possible to subclass some of the lower-level manifests defined in that directory if you want to customize. A good example of doing this is -in the [zulip_ops Puppet configuration][zulipchat-puppet] that we use +in the [kandra Puppet configuration][zulipchat-puppet] that we use as part of managing chat.zulip.org and zulip.com. ### Using Zulip with Amazon RDS as the database @@ -498,7 +498,7 @@ that your Zulip server sits at `https://10.10.10.10:443`; see [nginx-proxy-longpolling-config]: https://github.com/zulip/zulip/blob/main/puppet/zulip/files/nginx/zulip-include-common/proxy_longpolling [standalone.pp]: https://github.com/zulip/zulip/blob/main/puppet/zulip/manifests/profile/standalone.pp -[zulipchat-puppet]: https://github.com/zulip/zulip/tree/main/puppet/zulip_ops/manifests +[zulipchat-puppet]: https://github.com/zulip/zulip/tree/main/puppet/kandra/manifests ### Apache2 configuration diff --git a/docs/production/troubleshooting.md b/docs/production/troubleshooting.md index 1688290a08..6121632846 100644 --- a/docs/production/troubleshooting.md +++ b/docs/production/troubleshooting.md @@ -272,7 +272,7 @@ the next section for details. ### Nagios configuration The complete Nagios configuration (sans secret keys) used to -monitor zulip.com is available under `puppet/zulip_ops` in the +monitor zulip.com is available under `puppet/kandra` in the Zulip Git repository (those files are not installed in the release tarballs). diff --git a/docs/subsystems/queuing.md b/docs/subsystems/queuing.md index 40e771a685..0b219522a6 100644 --- a/docs/subsystems/queuing.md +++ b/docs/subsystems/queuing.md @@ -52,7 +52,7 @@ To add a new queue processor: The queue will automatically be added to the list of queues tracked by `scripts/nagios/check-rabbitmq-consumers`, so Nagios can properly check whether a queue processor is running for your queue. You still -need to update the sample Nagios configuration in `puppet/zulip_ops` +need to update the sample Nagios configuration in `puppet/kandra` manually. ### Publishing events into a queue diff --git a/puppet/zulip_ops/files/apache/ports.conf b/puppet/kandra/files/apache/ports.conf similarity index 100% rename from puppet/zulip_ops/files/apache/ports.conf rename to puppet/kandra/files/apache/ports.conf diff --git a/puppet/zulip_ops/files/apt/apt.conf.d/02periodic b/puppet/kandra/files/apt/apt.conf.d/02periodic similarity index 100% rename from puppet/zulip_ops/files/apt/apt.conf.d/02periodic rename to puppet/kandra/files/apt/apt.conf.d/02periodic diff --git a/puppet/zulip_ops/files/apt/apt.conf.d/50unattended-upgrades b/puppet/kandra/files/apt/apt.conf.d/50unattended-upgrades similarity index 100% rename from puppet/zulip_ops/files/apt/apt.conf.d/50unattended-upgrades rename to puppet/kandra/files/apt/apt.conf.d/50unattended-upgrades diff --git a/puppet/zulip_ops/files/certs/.gitignore b/puppet/kandra/files/certs/.gitignore similarity index 100% rename from puppet/zulip_ops/files/certs/.gitignore rename to puppet/kandra/files/certs/.gitignore diff --git a/puppet/zulip_ops/files/chrony.conf b/puppet/kandra/files/chrony.conf similarity index 100% rename from puppet/zulip_ops/files/chrony.conf rename to puppet/kandra/files/chrony.conf diff --git a/puppet/zulip_ops/files/cron.d/check_send_receive_time b/puppet/kandra/files/cron.d/check_send_receive_time similarity index 100% rename from puppet/zulip_ops/files/cron.d/check_send_receive_time rename to puppet/kandra/files/cron.d/check_send_receive_time diff --git a/puppet/zulip_ops/files/cron.d/check_user_zephyr_mirror_liveness b/puppet/kandra/files/cron.d/check_user_zephyr_mirror_liveness similarity index 100% rename from puppet/zulip_ops/files/cron.d/check_user_zephyr_mirror_liveness rename to puppet/kandra/files/cron.d/check_user_zephyr_mirror_liveness diff --git a/puppet/zulip_ops/files/cron.d/fetch-contributor-data b/puppet/kandra/files/cron.d/fetch-contributor-data similarity index 100% rename from puppet/zulip_ops/files/cron.d/fetch-contributor-data rename to puppet/kandra/files/cron.d/fetch-contributor-data diff --git a/puppet/zulip_ops/files/cron.d/test_zephyr_personal_mirrors b/puppet/kandra/files/cron.d/test_zephyr_personal_mirrors similarity index 100% rename from puppet/zulip_ops/files/cron.d/test_zephyr_personal_mirrors rename to puppet/kandra/files/cron.d/test_zephyr_personal_mirrors diff --git a/puppet/zulip_ops/files/cron.d/zephyr-mirror b/puppet/kandra/files/cron.d/zephyr-mirror similarity index 100% rename from puppet/zulip_ops/files/cron.d/zephyr-mirror rename to puppet/kandra/files/cron.d/zephyr-mirror diff --git a/puppet/zulip_ops/files/dotfiles/emacs.el b/puppet/kandra/files/dotfiles/emacs.el similarity index 100% rename from puppet/zulip_ops/files/dotfiles/emacs.el rename to puppet/kandra/files/dotfiles/emacs.el diff --git a/puppet/zulip_ops/files/grafana/grafana.ini b/puppet/kandra/files/grafana/grafana.ini similarity index 100% rename from puppet/zulip_ops/files/grafana/grafana.ini rename to puppet/kandra/files/grafana/grafana.ini diff --git a/puppet/zulip_ops/files/install-aws-cli b/puppet/kandra/files/install-aws-cli similarity index 100% rename from puppet/zulip_ops/files/install-aws-cli rename to puppet/kandra/files/install-aws-cli diff --git a/puppet/zulip_ops/files/install-ssh-authorized-keys b/puppet/kandra/files/install-ssh-authorized-keys similarity index 100% rename from puppet/zulip_ops/files/install-ssh-authorized-keys rename to puppet/kandra/files/install-ssh-authorized-keys diff --git a/puppet/zulip_ops/files/install-ssh-keys b/puppet/kandra/files/install-ssh-keys similarity index 100% rename from puppet/zulip_ops/files/install-ssh-keys rename to puppet/kandra/files/install-ssh-keys diff --git a/puppet/zulip_ops/files/iptables/header.v4 b/puppet/kandra/files/iptables/header.v4 similarity index 100% rename from puppet/zulip_ops/files/iptables/header.v4 rename to puppet/kandra/files/iptables/header.v4 diff --git a/puppet/zulip_ops/files/iptables/header.v6 b/puppet/kandra/files/iptables/header.v6 similarity index 100% rename from puppet/zulip_ops/files/iptables/header.v6 rename to puppet/kandra/files/iptables/header.v6 diff --git a/puppet/zulip_ops/files/iptables/trailer.v4 b/puppet/kandra/files/iptables/trailer.v4 similarity index 100% rename from puppet/zulip_ops/files/iptables/trailer.v4 rename to puppet/kandra/files/iptables/trailer.v4 diff --git a/puppet/zulip_ops/files/iptables/trailer.v6 b/puppet/kandra/files/iptables/trailer.v6 similarity index 100% rename from puppet/zulip_ops/files/iptables/trailer.v6 rename to puppet/kandra/files/iptables/trailer.v6 diff --git a/puppet/zulip_ops/files/iptables/zmirror.v4 b/puppet/kandra/files/iptables/zmirror.v4 similarity index 100% rename from puppet/zulip_ops/files/iptables/zmirror.v4 rename to puppet/kandra/files/iptables/zmirror.v4 diff --git a/puppet/zulip_ops/files/iptables/zmirror.v6 b/puppet/kandra/files/iptables/zmirror.v6 similarity index 100% rename from puppet/zulip_ops/files/iptables/zmirror.v6 rename to puppet/kandra/files/iptables/zmirror.v6 diff --git a/puppet/zulip_ops/files/krb5.conf b/puppet/kandra/files/krb5.conf similarity index 100% rename from puppet/zulip_ops/files/krb5.conf rename to puppet/kandra/files/krb5.conf diff --git a/puppet/zulip_ops/files/munin-plugins/rabbitmq_connections b/puppet/kandra/files/munin-plugins/rabbitmq_connections similarity index 100% rename from puppet/zulip_ops/files/munin-plugins/rabbitmq_connections rename to puppet/kandra/files/munin-plugins/rabbitmq_connections diff --git a/puppet/zulip_ops/files/munin-plugins/rabbitmq_consumers b/puppet/kandra/files/munin-plugins/rabbitmq_consumers similarity index 100% rename from puppet/zulip_ops/files/munin-plugins/rabbitmq_consumers rename to puppet/kandra/files/munin-plugins/rabbitmq_consumers diff --git a/puppet/zulip_ops/files/munin-plugins/rabbitmq_messages b/puppet/kandra/files/munin-plugins/rabbitmq_messages similarity index 100% rename from puppet/zulip_ops/files/munin-plugins/rabbitmq_messages rename to puppet/kandra/files/munin-plugins/rabbitmq_messages diff --git a/puppet/zulip_ops/files/munin-plugins/rabbitmq_messages_unacknowledged b/puppet/kandra/files/munin-plugins/rabbitmq_messages_unacknowledged similarity index 100% rename from puppet/zulip_ops/files/munin-plugins/rabbitmq_messages_unacknowledged rename to puppet/kandra/files/munin-plugins/rabbitmq_messages_unacknowledged diff --git a/puppet/zulip_ops/files/munin-plugins/rabbitmq_messages_uncommitted b/puppet/kandra/files/munin-plugins/rabbitmq_messages_uncommitted similarity index 100% rename from puppet/zulip_ops/files/munin-plugins/rabbitmq_messages_uncommitted rename to puppet/kandra/files/munin-plugins/rabbitmq_messages_uncommitted diff --git a/puppet/zulip_ops/files/munin-plugins/rabbitmq_queue_memory b/puppet/kandra/files/munin-plugins/rabbitmq_queue_memory similarity index 100% rename from puppet/zulip_ops/files/munin-plugins/rabbitmq_queue_memory rename to puppet/kandra/files/munin-plugins/rabbitmq_queue_memory diff --git a/puppet/zulip_ops/files/munin-plugins/tornado_event_queues b/puppet/kandra/files/munin-plugins/tornado_event_queues similarity index 100% rename from puppet/zulip_ops/files/munin-plugins/tornado_event_queues rename to puppet/kandra/files/munin-plugins/tornado_event_queues diff --git a/puppet/zulip_ops/files/munin-plugins/zulip_send_receive_timing b/puppet/kandra/files/munin-plugins/zulip_send_receive_timing similarity index 100% rename from puppet/zulip_ops/files/munin-plugins/zulip_send_receive_timing rename to puppet/kandra/files/munin-plugins/zulip_send_receive_timing diff --git a/puppet/zulip_ops/files/munin/apache.conf b/puppet/kandra/files/munin/apache.conf similarity index 100% rename from puppet/zulip_ops/files/munin/apache.conf rename to puppet/kandra/files/munin/apache.conf diff --git a/puppet/zulip_ops/files/munin/munin-node.conf b/puppet/kandra/files/munin/munin-node.conf similarity index 100% rename from puppet/zulip_ops/files/munin/munin-node.conf rename to puppet/kandra/files/munin/munin-node.conf diff --git a/puppet/zulip_ops/files/munin/plugin-conf.d/munin-node.conf b/puppet/kandra/files/munin/plugin-conf.d/munin-node.conf similarity index 100% rename from puppet/zulip_ops/files/munin/plugin-conf.d/munin-node.conf rename to puppet/kandra/files/munin/plugin-conf.d/munin-node.conf diff --git a/puppet/zulip_ops/files/nagios4/commands.cfg b/puppet/kandra/files/nagios4/commands.cfg similarity index 100% rename from puppet/zulip_ops/files/nagios4/commands.cfg rename to puppet/kandra/files/nagios4/commands.cfg diff --git a/puppet/zulip_ops/files/nagios4/conf.d/generic-host_nagios2.cfg b/puppet/kandra/files/nagios4/conf.d/generic-host_nagios2.cfg similarity index 100% rename from puppet/zulip_ops/files/nagios4/conf.d/generic-host_nagios2.cfg rename to puppet/kandra/files/nagios4/conf.d/generic-host_nagios2.cfg diff --git a/puppet/zulip_ops/files/nagios4/conf.d/generic-service_nagios2.cfg b/puppet/kandra/files/nagios4/conf.d/generic-service_nagios2.cfg similarity index 100% rename from puppet/zulip_ops/files/nagios4/conf.d/generic-service_nagios2.cfg rename to puppet/kandra/files/nagios4/conf.d/generic-service_nagios2.cfg diff --git a/puppet/zulip_ops/files/nagios4/conf.d/hostgroups.cfg b/puppet/kandra/files/nagios4/conf.d/hostgroups.cfg similarity index 100% rename from puppet/zulip_ops/files/nagios4/conf.d/hostgroups.cfg rename to puppet/kandra/files/nagios4/conf.d/hostgroups.cfg diff --git a/puppet/zulip_ops/files/nagios4/conf.d/services.cfg b/puppet/kandra/files/nagios4/conf.d/services.cfg similarity index 100% rename from puppet/zulip_ops/files/nagios4/conf.d/services.cfg rename to puppet/kandra/files/nagios4/conf.d/services.cfg diff --git a/puppet/zulip_ops/files/nagios4/conf.d/timeperiods_nagios2.cfg b/puppet/kandra/files/nagios4/conf.d/timeperiods_nagios2.cfg similarity index 100% rename from puppet/zulip_ops/files/nagios4/conf.d/timeperiods_nagios2.cfg rename to puppet/kandra/files/nagios4/conf.d/timeperiods_nagios2.cfg diff --git a/puppet/zulip_ops/files/nagios4/nagios.cfg b/puppet/kandra/files/nagios4/nagios.cfg similarity index 100% rename from puppet/zulip_ops/files/nagios4/nagios.cfg rename to puppet/kandra/files/nagios4/nagios.cfg diff --git a/puppet/zulip_ops/files/nagios4/resource.cfg b/puppet/kandra/files/nagios4/resource.cfg similarity index 100% rename from puppet/zulip_ops/files/nagios4/resource.cfg rename to puppet/kandra/files/nagios4/resource.cfg diff --git a/puppet/zulip_ops/files/nagios4/zuliprc b/puppet/kandra/files/nagios4/zuliprc similarity index 100% rename from puppet/zulip_ops/files/nagios4/zuliprc rename to puppet/kandra/files/nagios4/zuliprc diff --git a/puppet/zulip_ops/files/nagios_plugins/zulip_zephyr_mirror/check_personal_zephyr_mirrors b/puppet/kandra/files/nagios_plugins/zulip_zephyr_mirror/check_personal_zephyr_mirrors similarity index 100% rename from puppet/zulip_ops/files/nagios_plugins/zulip_zephyr_mirror/check_personal_zephyr_mirrors rename to puppet/kandra/files/nagios_plugins/zulip_zephyr_mirror/check_personal_zephyr_mirrors diff --git a/puppet/zulip_ops/files/nagios_plugins/zulip_zephyr_mirror/check_user_zephyr_mirror_liveness b/puppet/kandra/files/nagios_plugins/zulip_zephyr_mirror/check_user_zephyr_mirror_liveness similarity index 100% rename from puppet/zulip_ops/files/nagios_plugins/zulip_zephyr_mirror/check_user_zephyr_mirror_liveness rename to puppet/kandra/files/nagios_plugins/zulip_zephyr_mirror/check_user_zephyr_mirror_liveness diff --git a/puppet/zulip_ops/files/nagios_plugins/zulip_zephyr_mirror/check_zephyr_mirror b/puppet/kandra/files/nagios_plugins/zulip_zephyr_mirror/check_zephyr_mirror similarity index 93% rename from puppet/zulip_ops/files/nagios_plugins/zulip_zephyr_mirror/check_zephyr_mirror rename to puppet/kandra/files/nagios_plugins/zulip_zephyr_mirror/check_zephyr_mirror index b23b9f2475..d918e2471a 100755 --- a/puppet/zulip_ops/files/nagios_plugins/zulip_zephyr_mirror/check_zephyr_mirror +++ b/puppet/kandra/files/nagios_plugins/zulip_zephyr_mirror/check_zephyr_mirror @@ -7,7 +7,7 @@ This script just checks the contents of a file. The forwarding test itself lives in api/integrations/zephyr/check-mirroring and should be run out of cron. -See puppet/zulip_ops/files/cron.d/zephyr-mirror for the crontab details. +See puppet/kandra/files/cron.d/zephyr-mirror for the crontab details. """ import os import sys diff --git a/puppet/zulip_ops/files/nagios_ssh_config b/puppet/kandra/files/nagios_ssh_config similarity index 100% rename from puppet/zulip_ops/files/nagios_ssh_config rename to puppet/kandra/files/nagios_ssh_config diff --git a/puppet/zulip_ops/files/needrestart/zulip.conf b/puppet/kandra/files/needrestart/zulip.conf similarity index 100% rename from puppet/zulip_ops/files/needrestart/zulip.conf rename to puppet/kandra/files/needrestart/zulip.conf diff --git a/puppet/zulip_ops/files/nginx/sites-available/zulip b/puppet/kandra/files/nginx/sites-available/zulip similarity index 100% rename from puppet/zulip_ops/files/nginx/sites-available/zulip rename to puppet/kandra/files/nginx/sites-available/zulip diff --git a/puppet/zulip_ops/files/nginx/sites-available/zulip-staging b/puppet/kandra/files/nginx/sites-available/zulip-staging similarity index 100% rename from puppet/zulip_ops/files/nginx/sites-available/zulip-staging rename to puppet/kandra/files/nginx/sites-available/zulip-staging diff --git a/puppet/zulip_ops/files/nginx/zulip-include-app.d/well-known.conf b/puppet/kandra/files/nginx/zulip-include-app.d/well-known.conf similarity index 100% rename from puppet/zulip_ops/files/nginx/zulip-include-app.d/well-known.conf rename to puppet/kandra/files/nginx/zulip-include-app.d/well-known.conf diff --git a/puppet/zulip_ops/files/postgresql/pg_hba.conf b/puppet/kandra/files/postgresql/pg_hba.conf similarity index 100% rename from puppet/zulip_ops/files/postgresql/pg_hba.conf rename to puppet/kandra/files/postgresql/pg_hba.conf diff --git a/puppet/zulip_ops/files/postgresql/setup_disks.sh b/puppet/kandra/files/postgresql/setup_disks.sh similarity index 100% rename from puppet/zulip_ops/files/postgresql/setup_disks.sh rename to puppet/kandra/files/postgresql/setup_disks.sh diff --git a/puppet/zulip_ops/files/process_exporter.yaml b/puppet/kandra/files/process_exporter.yaml similarity index 100% rename from puppet/zulip_ops/files/process_exporter.yaml rename to puppet/kandra/files/process_exporter.yaml diff --git a/puppet/zulip_ops/files/prometheus/prometheus.yaml b/puppet/kandra/files/prometheus/prometheus.yaml similarity index 100% rename from puppet/zulip_ops/files/prometheus/prometheus.yaml rename to puppet/kandra/files/prometheus/prometheus.yaml diff --git a/puppet/zulip_ops/files/statuspage-pusher b/puppet/kandra/files/statuspage-pusher similarity index 100% rename from puppet/zulip_ops/files/statuspage-pusher rename to puppet/kandra/files/statuspage-pusher diff --git a/puppet/zulip_ops/files/supervisor/conf.d/zmirror.conf b/puppet/kandra/files/supervisor/conf.d/zmirror.conf similarity index 100% rename from puppet/zulip_ops/files/supervisor/conf.d/zmirror.conf rename to puppet/kandra/files/supervisor/conf.d/zmirror.conf diff --git a/puppet/zulip_ops/files/teleport-aws-credentials b/puppet/kandra/files/teleport-aws-credentials similarity index 100% rename from puppet/zulip_ops/files/teleport-aws-credentials rename to puppet/kandra/files/teleport-aws-credentials diff --git a/puppet/zulip_ops/files/teleport_app.yaml b/puppet/kandra/files/teleport_app.yaml similarity index 100% rename from puppet/zulip_ops/files/teleport_app.yaml rename to puppet/kandra/files/teleport_app.yaml diff --git a/puppet/zulip_ops/files/teleport_server.yaml b/puppet/kandra/files/teleport_server.yaml similarity index 100% rename from puppet/zulip_ops/files/teleport_server.yaml rename to puppet/kandra/files/teleport_server.yaml diff --git a/puppet/zulip_ops/files/zephyr-clients b/puppet/kandra/files/zephyr-clients similarity index 100% rename from puppet/zulip_ops/files/zephyr-clients rename to puppet/kandra/files/zephyr-clients diff --git a/puppet/zulip_ops/manifests/apache.pp b/puppet/kandra/manifests/apache.pp similarity index 91% rename from puppet/zulip_ops/manifests/apache.pp rename to puppet/kandra/manifests/apache.pp index 038b1c30fd..c82c0e310e 100644 --- a/puppet/zulip_ops/manifests/apache.pp +++ b/puppet/kandra/manifests/apache.pp @@ -1,4 +1,4 @@ -class zulip_ops::apache { +class kandra::apache { $apache_packages = [# Needed to run Apache with WSGI 'apache2', 'libapache2-mod-wsgi', @@ -28,7 +28,7 @@ class zulip_ops::apache { owner => 'root', group => 'root', mode => '0640', - source => 'puppet:///modules/zulip_ops/apache/ports.conf', + source => 'puppet:///modules/kandra/apache/ports.conf', notify => Service['apache2'], } diff --git a/puppet/zulip_ops/manifests/app_frontend.pp b/puppet/kandra/manifests/app_frontend.pp similarity index 76% rename from puppet/zulip_ops/manifests/app_frontend.pp rename to puppet/kandra/manifests/app_frontend.pp index 70b5fa85e5..44160726a8 100644 --- a/puppet/zulip_ops/manifests/app_frontend.pp +++ b/puppet/kandra/manifests/app_frontend.pp @@ -1,15 +1,15 @@ -class zulip_ops::app_frontend { +class kandra::app_frontend { include zulip::app_frontend_base include zulip::profile::memcached include zulip::profile::rabbitmq include zulip::postfix_localmail include zulip::static_asset_compiler include zulip::hooks::sentry - include zulip_ops::app_frontend_monitoring + include kandra::app_frontend_monitoring - zulip_ops::firewall_allow{ 'smtp': } - zulip_ops::firewall_allow{ 'http': } - zulip_ops::firewall_allow{ 'https': } + kandra::firewall_allow{ 'smtp': } + kandra::firewall_allow{ 'http': } + kandra::firewall_allow{ 'https': } $redis_hostname = zulipconf('redis', 'hostname', undef) group { 'redistunnel': @@ -25,7 +25,7 @@ class zulip_ops::app_frontend { home => '/home/redistunnel', managehome => true, } - zulip_ops::user_dotfiles { 'redistunnel': + kandra::user_dotfiles { 'redistunnel': keys => true, known_hosts => [$redis_hostname], } @@ -34,12 +34,12 @@ class zulip_ops::app_frontend { ensure => file, require => [ Package['supervisor', 'autossh'], - Zulip_Ops::User_Dotfiles['redistunnel'], + Kandra::User_Dotfiles['redistunnel'], ], owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/redis_tunnel.conf.template.erb'), + content => template('kandra/supervisor/conf.d/redis_tunnel.conf.template.erb'), notify => Service['supervisor'], } # Need redis_password in its own file for Nagios @@ -57,7 +57,7 @@ class zulip_ops::app_frontend { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/nginx/zulip-include-app.d/well-known.conf', + source => 'puppet:///modules/kandra/nginx/zulip-include-app.d/well-known.conf', notify => Service['nginx'], } @@ -68,6 +68,6 @@ class zulip_ops::app_frontend { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/cron.d/fetch-contributor-data', + source => 'puppet:///modules/kandra/cron.d/fetch-contributor-data', } } diff --git a/puppet/zulip_ops/manifests/app_frontend_monitoring.pp b/puppet/kandra/manifests/app_frontend_monitoring.pp similarity index 64% rename from puppet/zulip_ops/manifests/app_frontend_monitoring.pp rename to puppet/kandra/manifests/app_frontend_monitoring.pp index 6bc70725ee..8e7ff5b589 100644 --- a/puppet/zulip_ops/manifests/app_frontend_monitoring.pp +++ b/puppet/kandra/manifests/app_frontend_monitoring.pp @@ -1,11 +1,11 @@ # @summary Munin monitoring of a Django frontend and RabbitMQ server. # -class zulip_ops::app_frontend_monitoring { - include zulip_ops::prometheus::rabbitmq - include zulip_ops::prometheus::uwsgi - include zulip_ops::prometheus::process - zulip_ops::firewall_allow { 'grok_exporter': port => '9144' } - include zulip_ops::munin_node +class kandra::app_frontend_monitoring { + include kandra::prometheus::rabbitmq + include kandra::prometheus::uwsgi + include kandra::prometheus::process + kandra::firewall_allow { 'grok_exporter': port => '9144' } + include kandra::munin_node $munin_plugins = [ 'rabbitmq_connections', 'rabbitmq_consumers', @@ -15,7 +15,7 @@ class zulip_ops::app_frontend_monitoring { 'rabbitmq_queue_memory', 'zulip_send_receive_timing', ] - zulip_ops::munin_plugin { $munin_plugins: } + kandra::munin_plugin { $munin_plugins: } file { '/etc/cron.d/rabbitmq-monitoring': ensure => file, diff --git a/puppet/zulip_ops/manifests/aws_tools.pp b/puppet/kandra/manifests/aws_tools.pp similarity index 87% rename from puppet/zulip_ops/manifests/aws_tools.pp rename to puppet/kandra/manifests/aws_tools.pp index ee4041d171..34965eaa5a 100644 --- a/puppet/zulip_ops/manifests/aws_tools.pp +++ b/puppet/kandra/manifests/aws_tools.pp @@ -1,12 +1,12 @@ # @summary Installs the AWS CLI # -class zulip_ops::aws_tools { +class kandra::aws_tools { $is_ec2 = zulipconf('machine', 'hosting_provider', 'ec2') == 'ec2' file { '/usr/local/bin/install-aws-cli': ensure => file, mode => '0755', - source => 'puppet:///modules/zulip_ops/install-aws-cli', + source => 'puppet:///modules/kandra/install-aws-cli', } exec { 'install-aws-cli': require => File['/usr/local/bin/install-aws-cli'], @@ -49,7 +49,7 @@ class zulip_ops::aws_tools { mode => '0755', owner => 'root', group => 'root', - source => 'puppet:///modules/zulip_ops/teleport-aws-credentials', + source => 'puppet:///modules/kandra/teleport-aws-credentials', } } file { '/root/.aws': @@ -66,7 +66,7 @@ class zulip_ops::aws_tools { mode => '0644', owner => 'root', group => 'root', - content => template('zulip_ops/dotfiles/aws_config.erb'), + content => template('kandra/dotfiles/aws_config.erb'), } # Pull keys and authorized_keys from AWS secretsmanager @@ -76,7 +76,7 @@ class zulip_ops::aws_tools { mode => '0755', owner => 'root', group => 'root', - source => 'puppet:///modules/zulip_ops/install-ssh-keys', + source => 'puppet:///modules/kandra/install-ssh-keys', } file { '/usr/local/bin/install-ssh-authorized-keys': ensure => file, @@ -84,6 +84,6 @@ class zulip_ops::aws_tools { mode => '0755', owner => 'root', group => 'root', - source => 'puppet:///modules/zulip_ops/install-ssh-authorized-keys', + source => 'puppet:///modules/kandra/install-ssh-authorized-keys', } } diff --git a/puppet/kandra/manifests/camo.pp b/puppet/kandra/manifests/camo.pp new file mode 100644 index 0000000000..d738583d0e --- /dev/null +++ b/puppet/kandra/manifests/camo.pp @@ -0,0 +1,7 @@ +class kandra::camo { + class { 'zulip::camo': + listen_address => '0.0.0.0', + } + + kandra::firewall_allow { 'camo': port => '9292' } +} diff --git a/puppet/zulip_ops/manifests/firewall.pp b/puppet/kandra/manifests/firewall.pp similarity index 84% rename from puppet/zulip_ops/manifests/firewall.pp rename to puppet/kandra/manifests/firewall.pp index 6264625e9d..a99aea534f 100644 --- a/puppet/zulip_ops/manifests/firewall.pp +++ b/puppet/kandra/manifests/firewall.pp @@ -1,4 +1,4 @@ -class zulip_ops::firewall { +class kandra::firewall { package { 'iptables-persistent': } concat { '/etc/iptables/rules.v4': ensure => present, @@ -7,12 +7,12 @@ class zulip_ops::firewall { } concat::fragment { 'iptables-header.v4': target => '/etc/iptables/rules.v4', - source => 'puppet:///modules/zulip_ops/iptables/header.v4', + source => 'puppet:///modules/kandra/iptables/header.v4', order => '01', } concat::fragment { 'iptables-trailer.v4': target => '/etc/iptables/rules.v4', - source => 'puppet:///modules/zulip_ops/iptables/trailer.v4', + source => 'puppet:///modules/kandra/iptables/trailer.v4', order => '99', } @@ -23,12 +23,12 @@ class zulip_ops::firewall { } concat::fragment { 'iptables-header.v6': target => '/etc/iptables/rules.v6', - source => 'puppet:///modules/zulip_ops/iptables/header.v6', + source => 'puppet:///modules/kandra/iptables/header.v6', order => '01', } concat::fragment { 'iptables-trailer.v6': target => '/etc/iptables/rules.v6', - source => 'puppet:///modules/zulip_ops/iptables/trailer.v6', + source => 'puppet:///modules/kandra/iptables/trailer.v6', order => '99', } diff --git a/puppet/zulip_ops/manifests/firewall_allow.pp b/puppet/kandra/manifests/firewall_allow.pp similarity index 95% rename from puppet/zulip_ops/manifests/firewall_allow.pp rename to puppet/kandra/manifests/firewall_allow.pp index b88584b6f9..9c454c267f 100644 --- a/puppet/zulip_ops/manifests/firewall_allow.pp +++ b/puppet/kandra/manifests/firewall_allow.pp @@ -2,7 +2,7 @@ # # Rules with the same ordering are ordered by the rule name. # -define zulip_ops::firewall_allow ( +define kandra::firewall_allow ( $port = '', $proto = 'tcp', $order = '50', diff --git a/puppet/zulip_ops/manifests/ksplice_uptrack.pp b/puppet/kandra/manifests/ksplice_uptrack.pp similarity index 89% rename from puppet/zulip_ops/manifests/ksplice_uptrack.pp rename to puppet/kandra/manifests/ksplice_uptrack.pp index 8f7f4b3a29..641f32e023 100644 --- a/puppet/zulip_ops/manifests/ksplice_uptrack.pp +++ b/puppet/kandra/manifests/ksplice_uptrack.pp @@ -1,4 +1,4 @@ -class zulip_ops::ksplice_uptrack { +class kandra::ksplice_uptrack { $ksplice_access_key = zulipsecret('secrets', 'ksplice_access_key', '') if $ksplice_access_key != '' { file { '/etc/uptrack': @@ -12,7 +12,7 @@ class zulip_ops::ksplice_uptrack { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/uptrack/uptrack.conf.erb'), + content => template('kandra/uptrack/uptrack.conf.erb'), } $setup_apt_repo_file = "${::zulip_scripts_path}/lib/setup-apt-repo" exec{ 'setup-apt-repo-ksplice': diff --git a/puppet/zulip_ops/manifests/munin_node.pp b/puppet/kandra/manifests/munin_node.pp similarity index 80% rename from puppet/zulip_ops/manifests/munin_node.pp rename to puppet/kandra/manifests/munin_node.pp index a65be593f4..dc08c1e1f6 100644 --- a/puppet/zulip_ops/manifests/munin_node.pp +++ b/puppet/kandra/manifests/munin_node.pp @@ -1,4 +1,4 @@ -class zulip_ops::munin_node { +class kandra::munin_node { zulip::safepackage { ['munin-node', 'munin-plugins-extra']: ensure => installed } service { 'munin-node': @@ -11,7 +11,7 @@ class zulip_ops::munin_node { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/munin/munin-node.conf', + source => 'puppet:///modules/kandra/munin/munin-node.conf', notify => Service['munin-node'], } @@ -21,7 +21,7 @@ class zulip_ops::munin_node { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/munin/plugin-conf.d', + source => 'puppet:///modules/kandra/munin/plugin-conf.d', notify => Service['munin-node'], } diff --git a/puppet/zulip_ops/manifests/munin_plugin.pp b/puppet/kandra/manifests/munin_plugin.pp similarity index 77% rename from puppet/zulip_ops/manifests/munin_plugin.pp rename to puppet/kandra/manifests/munin_plugin.pp index 9a94b2fcc5..e23217f343 100644 --- a/puppet/zulip_ops/manifests/munin_plugin.pp +++ b/puppet/kandra/manifests/munin_plugin.pp @@ -1,9 +1,9 @@ -define zulip_ops::munin_plugin { +define kandra::munin_plugin { file { "/usr/local/munin/lib/plugins/${title}": owner => 'root', group => 'root', mode => '0755', - source => "puppet:///modules/zulip_ops/munin-plugins/${title}", + source => "puppet:///modules/kandra/munin-plugins/${title}", } file { "/etc/munin/plugins/${name}": diff --git a/puppet/zulip_ops/manifests/prod_app_frontend_once.pp b/puppet/kandra/manifests/prod_app_frontend_once.pp similarity index 83% rename from puppet/zulip_ops/manifests/prod_app_frontend_once.pp rename to puppet/kandra/manifests/prod_app_frontend_once.pp index a2b64960e0..9001b62944 100644 --- a/puppet/zulip_ops/manifests/prod_app_frontend_once.pp +++ b/puppet/kandra/manifests/prod_app_frontend_once.pp @@ -1,4 +1,4 @@ -class zulip_ops::prod_app_frontend_once { +class kandra::prod_app_frontend_once { include zulip::app_frontend_once include zulip::hooks::push_git_ref include zulip::hooks::zulip_notify @@ -32,7 +32,7 @@ class zulip_ops::prod_app_frontend_once { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/cron.d/check_send_receive_time', + source => 'puppet:///modules/kandra/cron.d/check_send_receive_time', } file { '/etc/cron.d/check_user_zephyr_mirror_liveness': @@ -40,6 +40,6 @@ class zulip_ops::prod_app_frontend_once { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/cron.d/check_user_zephyr_mirror_liveness', + source => 'puppet:///modules/kandra/cron.d/check_user_zephyr_mirror_liveness', } } diff --git a/puppet/zulip_ops/manifests/profile/base.pp b/puppet/kandra/manifests/profile/base.pp similarity index 78% rename from puppet/zulip_ops/manifests/profile/base.pp rename to puppet/kandra/manifests/profile/base.pp index 7059eb4a77..516d7ad1f2 100644 --- a/puppet/zulip_ops/manifests/profile/base.pp +++ b/puppet/kandra/manifests/profile/base.pp @@ -1,12 +1,12 @@ -class zulip_ops::profile::base { +class kandra::profile::base { include zulip::profile::base - include zulip_ops::munin_node - include zulip_ops::ksplice_uptrack - include zulip_ops::firewall - include zulip_ops::teleport::node - include zulip_ops::prometheus::node + include kandra::munin_node + include kandra::ksplice_uptrack + include kandra::firewall + include kandra::teleport::node + include kandra::prometheus::node - zulip_ops::firewall_allow { 'ssh': order => '10'} + kandra::firewall_allow { 'ssh': order => '10'} $is_ec2 = zulipconf('machine', 'hosting_provider', 'ec2') == 'ec2' $org_base_packages = [ @@ -43,30 +43,30 @@ class zulip_ops::profile::base { file { '/etc/apt/apt.conf.d/02periodic': ensure => file, mode => '0644', - source => 'puppet:///modules/zulip_ops/apt/apt.conf.d/02periodic', + source => 'puppet:///modules/kandra/apt/apt.conf.d/02periodic', } file { '/etc/apt/apt.conf.d/50unattended-upgrades': ensure => file, mode => '0644', - source => 'puppet:///modules/zulip_ops/apt/apt.conf.d/50unattended-upgrades', + source => 'puppet:///modules/kandra/apt/apt.conf.d/50unattended-upgrades', } if $::os['distro']['release']['major'] == '22.04' { file { '/etc/needrestart/conf.d/zulip.conf': ensure => file, mode => '0644', - source => 'puppet:///modules/zulip_ops/needrestart/zulip.conf', + source => 'puppet:///modules/kandra/needrestart/zulip.conf', } } user { 'root': } - zulip_ops::user_dotfiles { 'root': + kandra::user_dotfiles { 'root': home => '/root', keys => 'internal-read-only-deploy-key', authorized_keys => 'common', } - zulip_ops::user_dotfiles { 'zulip': + kandra::user_dotfiles { 'zulip': keys => 'internal-read-only-deploy-key', authorized_keys => 'common', } @@ -75,14 +75,14 @@ class zulip_ops::profile::base { ensure => running, } - include zulip_ops::aws_tools + include kandra::aws_tools if $is_ec2 { # EC2 hosts can use the in-VPC timeserver file { '/etc/chrony/chrony.conf': ensure => file, mode => '0644', - source => 'puppet:///modules/zulip_ops/chrony.conf', + source => 'puppet:///modules/kandra/chrony.conf', require => Package['chrony'], notify => Service['chrony'], } @@ -107,7 +107,7 @@ class zulip_ops::profile::base { group => 'nagios', mode => '0700', } - zulip_ops::user_dotfiles { 'nagios': + kandra::user_dotfiles { 'nagios': home => '/var/lib/nagios', authorized_keys => true, } diff --git a/puppet/kandra/manifests/profile/chat_zulip_org.pp b/puppet/kandra/manifests/profile/chat_zulip_org.pp new file mode 100644 index 0000000000..978bdf70e8 --- /dev/null +++ b/puppet/kandra/manifests/profile/chat_zulip_org.pp @@ -0,0 +1,20 @@ +class kandra::profile::chat_zulip_org inherits kandra::profile::base { + include zulip::profile::standalone + include zulip::postfix_localmail + include zulip::hooks::sentry + + include kandra::app_frontend_monitoring + include kandra::prometheus::redis + include kandra::prometheus::postgresql + kandra::firewall_allow { 'smokescreen_metrics': port => '9810' } + kandra::firewall_allow { 'http': } + kandra::firewall_allow { 'https': } + kandra::firewall_allow { 'smtp': } + + Kandra::User_Dotfiles['root'] { + keys => false, + } + Kandra::User_Dotfiles['zulip'] { + keys => false, + } +} diff --git a/puppet/zulip_ops/manifests/profile/grafana.pp b/puppet/kandra/manifests/profile/grafana.pp similarity index 82% rename from puppet/zulip_ops/manifests/profile/grafana.pp rename to puppet/kandra/manifests/profile/grafana.pp index 9f1d2f0c65..6c401070e0 100644 --- a/puppet/zulip_ops/manifests/profile/grafana.pp +++ b/puppet/kandra/manifests/profile/grafana.pp @@ -1,6 +1,6 @@ # @summary Observability using Grafana # -class zulip_ops::profile::grafana inherits zulip_ops::profile::base { +class kandra::profile::grafana inherits kandra::profile::base { include zulip::supervisor @@ -39,8 +39,8 @@ class zulip_ops::profile::grafana inherits zulip_ops::profile::base { group => 'grafana', } - zulip_ops::teleport::application { 'monitoring': port => '3000' } - zulip_ops::firewall_allow { 'grafana': port => '3000' } + kandra::teleport::application { 'monitoring': port => '3000' } + kandra::firewall_allow { 'grafana': port => '3000' } file { "${zulip::common::supervisor_conf_dir}/grafana.conf": ensure => file, require => [ @@ -52,7 +52,7 @@ class zulip_ops::profile::grafana inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/grafana.conf.erb'), + content => template('kandra/supervisor/conf.d/grafana.conf.erb'), notify => Service[supervisor], } @@ -67,7 +67,7 @@ class zulip_ops::profile::grafana inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/grafana/grafana.ini', + source => 'puppet:///modules/kandra/grafana/grafana.ini', notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/profile/munin_server.pp b/puppet/kandra/manifests/profile/munin_server.pp similarity index 79% rename from puppet/zulip_ops/manifests/profile/munin_server.pp rename to puppet/kandra/manifests/profile/munin_server.pp index f7eb7891db..230c0f424f 100644 --- a/puppet/zulip_ops/manifests/profile/munin_server.pp +++ b/puppet/kandra/manifests/profile/munin_server.pp @@ -1,6 +1,6 @@ -class zulip_ops::profile::munin_server inherits zulip_ops::profile::base { +class kandra::profile::munin_server inherits kandra::profile::base { - include zulip_ops::apache + include kandra::apache include zulip::supervisor $munin_packages = [ @@ -18,7 +18,7 @@ class zulip_ops::profile::munin_server inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/munin/apache.conf', + source => 'puppet:///modules/kandra/munin/apache.conf', notify => Service['apache2'], } @@ -40,7 +40,7 @@ class zulip_ops::profile::munin_server inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/munin/munin.conf.erb'), + content => template('kandra/munin/munin.conf.erb'), } file { "${zulip::common::supervisor_conf_dir}/munin_tunnels.conf": @@ -49,7 +49,7 @@ class zulip_ops::profile::munin_server inherits zulip_ops::profile::base { mode => '0644', owner => 'root', group => 'root', - content => template('zulip_ops/supervisor/conf.d/munin_tunnels.conf.erb'), + content => template('kandra/supervisor/conf.d/munin_tunnels.conf.erb'), notify => Service['supervisor'], } } diff --git a/puppet/zulip_ops/manifests/profile/nagios.pp b/puppet/kandra/manifests/profile/nagios.pp similarity index 87% rename from puppet/zulip_ops/manifests/profile/nagios.pp rename to puppet/kandra/manifests/profile/nagios.pp index 9e853de5c6..691627fd73 100644 --- a/puppet/zulip_ops/manifests/profile/nagios.pp +++ b/puppet/kandra/manifests/profile/nagios.pp @@ -1,6 +1,6 @@ -class zulip_ops::profile::nagios inherits zulip_ops::profile::base { +class kandra::profile::nagios inherits kandra::profile::base { - include zulip_ops::apache + include kandra::apache zulip::ssh_keys { 'nagios': } $nagios_packages = [# Packages needed for Nagios @@ -40,7 +40,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/nagios4/', + source => 'puppet:///modules/kandra/nagios4/', notify => Service['nagios4'], } @@ -50,7 +50,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0640', - content => template('zulip_ops/nagios_apache_site.conf.template.erb'), + content => template('kandra/nagios_apache_site.conf.template.erb'), } apache2site { 'nagios': ensure => present, @@ -60,7 +60,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { ], notify => Service['apache2'], } - zulip_ops::teleport::application{ 'nagios': + kandra::teleport::application{ 'nagios': description => 'Monitoring: nagios and munin', port => '3000', } @@ -70,7 +70,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/nagios4/contacts.cfg.template.erb'), + content => template('kandra/nagios4/contacts.cfg.template.erb'), notify => Service['nagios4'], } file { '/etc/nagios4/conf.d/hosts.cfg': @@ -78,7 +78,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/nagios4/hosts.cfg.template.erb'), + content => template('kandra/nagios4/hosts.cfg.template.erb'), notify => Service['nagios4'], } file { '/etc/nagios4/conf.d/localhost.cfg': @@ -86,7 +86,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/nagios4/localhost.cfg.template.erb'), + content => template('kandra/nagios4/localhost.cfg.template.erb'), notify => Service['nagios4'], } @@ -95,7 +95,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/nagios4/cgi.cfg.template.erb'), + content => template('kandra/nagios4/cgi.cfg.template.erb'), notify => Service['nagios4'], } @@ -120,7 +120,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { mode => '0644', owner => 'root', group => 'root', - content => template('zulip_ops/nagios_autossh.template.erb'), + content => template('kandra/nagios_autossh.template.erb'), notify => Service['nagios4'], } @@ -129,7 +129,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { mode => '0600', owner => 'nagios', group => 'nagios', - content => template('zulip_ops/msmtprc_nagios.template.erb'), + content => template('kandra/msmtprc_nagios.template.erb'), require => File['/var/lib/nagios'], } @@ -138,7 +138,7 @@ class zulip_ops::profile::nagios inherits zulip_ops::profile::base { mode => '0644', owner => 'nagios', group => 'nagios', - source => 'puppet:///modules/zulip_ops/nagios_ssh_config', + source => 'puppet:///modules/kandra/nagios_ssh_config', } # Disable apparmor for msmtp so it can read the above config file diff --git a/puppet/zulip_ops/manifests/profile/postgresql.pp b/puppet/kandra/manifests/profile/postgresql.pp similarity index 73% rename from puppet/zulip_ops/manifests/profile/postgresql.pp rename to puppet/kandra/manifests/profile/postgresql.pp index 10e812220b..2a7b1cfdf0 100644 --- a/puppet/zulip_ops/manifests/profile/postgresql.pp +++ b/puppet/kandra/manifests/profile/postgresql.pp @@ -1,13 +1,13 @@ -class zulip_ops::profile::postgresql inherits zulip_ops::profile::base { +class kandra::profile::postgresql inherits kandra::profile::base { include zulip::profile::postgresql - include zulip_ops::teleport::db - include zulip_ops::prometheus::postgresql + include kandra::teleport::db + include kandra::prometheus::postgresql $common_packages = ['xfsprogs'] package { $common_packages: ensure => installed } - zulip_ops::firewall_allow{ 'postgresql': } + kandra::firewall_allow{ 'postgresql': } zulip::sysctl { 'postgresql-swappiness': key => 'vm.swappiness', @@ -23,7 +23,7 @@ class zulip_ops::profile::postgresql inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0744', - source => 'puppet:///modules/zulip_ops/postgresql/setup_disks.sh', + source => 'puppet:///modules/kandra/postgresql/setup_disks.sh', } exec { 'setup_disks': command => '/root/setup_disks.sh', @@ -37,6 +37,6 @@ class zulip_ops::profile::postgresql inherits zulip_ops::profile::base { owner => 'postgres', group => 'postgres', mode => '0640', - source => 'puppet:///modules/zulip_ops/postgresql/pg_hba.conf', + source => 'puppet:///modules/kandra/postgresql/pg_hba.conf', } } diff --git a/puppet/zulip_ops/manifests/profile/prod_app_frontend.pp b/puppet/kandra/manifests/profile/prod_app_frontend.pp similarity index 75% rename from puppet/zulip_ops/manifests/profile/prod_app_frontend.pp rename to puppet/kandra/manifests/profile/prod_app_frontend.pp index 5628724e90..8b678f6dbd 100644 --- a/puppet/zulip_ops/manifests/profile/prod_app_frontend.pp +++ b/puppet/kandra/manifests/profile/prod_app_frontend.pp @@ -1,11 +1,11 @@ -class zulip_ops::profile::prod_app_frontend inherits zulip_ops::profile::base { - include zulip_ops::app_frontend +class kandra::profile::prod_app_frontend inherits kandra::profile::base { + include kandra::app_frontend include zulip::hooks::zulip_notify - Zulip_Ops::User_Dotfiles['root'] { + Kandra::User_Dotfiles['root'] { keys => 'internal-limited-write-deploy-key', } - Zulip_Ops::User_Dotfiles['zulip'] { + Kandra::User_Dotfiles['zulip'] { keys => 'internal-limited-write-deploy-key', } @@ -21,7 +21,7 @@ class zulip_ops::profile::prod_app_frontend inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/nginx/sites-available/zulip', + source => 'puppet:///modules/kandra/nginx/sites-available/zulip', notify => Service['nginx'], } @@ -39,7 +39,7 @@ class zulip_ops::profile::prod_app_frontend inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0755', - source => 'puppet:///modules/zulip_ops/nagios_plugins/zulip_zephyr_mirror', + source => 'puppet:///modules/kandra/nagios_plugins/zulip_zephyr_mirror', } # Prod has our Apple Push Notifications Service private key at diff --git a/puppet/zulip_ops/manifests/profile/prometheus_server.pp b/puppet/kandra/manifests/profile/prometheus_server.pp similarity index 81% rename from puppet/zulip_ops/manifests/profile/prometheus_server.pp rename to puppet/kandra/manifests/profile/prometheus_server.pp index faf8175e23..4c7baa538c 100644 --- a/puppet/zulip_ops/manifests/profile/prometheus_server.pp +++ b/puppet/kandra/manifests/profile/prometheus_server.pp @@ -2,18 +2,18 @@ # # Only one instance is necessary. # -class zulip_ops::profile::prometheus_server inherits zulip_ops::profile::base { +class kandra::profile::prometheus_server inherits kandra::profile::base { - include zulip_ops::prometheus::base + include kandra::prometheus::base # This blackbox monitoring of the backup system runs locally - include zulip_ops::prometheus::wal_g + include kandra::prometheus::wal_g # Ditto the Akamai logs - include zulip_ops::prometheus::akamai + include kandra::prometheus::akamai # Export prometheus stats to status.zulip.com - include zulip_ops::statuspage + include kandra::statuspage $version = $zulip::common::versions['prometheus']['version'] $dir = "/srv/zulip-prometheus-${version}" @@ -48,7 +48,7 @@ class zulip_ops::profile::prometheus_server inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/prometheus/prometheus.yaml', + source => 'puppet:///modules/kandra/prometheus/prometheus.yaml', notify => Service[supervisor], } @@ -63,7 +63,7 @@ class zulip_ops::profile::prometheus_server inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/prometheus.conf.template.erb'), + content => template('kandra/supervisor/conf.d/prometheus.conf.template.erb'), notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/profile/redis.pp b/puppet/kandra/manifests/profile/redis.pp similarity index 82% rename from puppet/zulip_ops/manifests/profile/redis.pp rename to puppet/kandra/manifests/profile/redis.pp index 6b80a86384..cdf2e322bc 100644 --- a/puppet/zulip_ops/manifests/profile/redis.pp +++ b/puppet/kandra/manifests/profile/redis.pp @@ -1,6 +1,6 @@ -class zulip_ops::profile::redis inherits zulip_ops::profile::base { +class kandra::profile::redis inherits kandra::profile::base { include zulip::profile::redis - include zulip_ops::prometheus::redis + include kandra::prometheus::redis zulip::sysctl { 'redis-somaxconn': key => 'net.core.somaxconn', @@ -29,7 +29,7 @@ class zulip_ops::profile::redis inherits zulip_ops::profile::base { home => '/home/redistunnel', managehome => true, } - zulip_ops::user_dotfiles { 'redistunnel': + kandra::user_dotfiles { 'redistunnel': authorized_keys => true, } } diff --git a/puppet/kandra/manifests/profile/smokescreen.pp b/puppet/kandra/manifests/profile/smokescreen.pp new file mode 100644 index 0000000000..40ccf64779 --- /dev/null +++ b/puppet/kandra/manifests/profile/smokescreen.pp @@ -0,0 +1,9 @@ +class kandra::profile::smokescreen inherits kandra::profile::base { + + + include zulip::profile::smokescreen + kandra::firewall_allow { 'smokescreen': port => '4750' } + kandra::firewall_allow { 'smokescreen_metrics': port => '9810' } + + include kandra::camo +} diff --git a/puppet/zulip_ops/manifests/profile/staging_app_frontend.pp b/puppet/kandra/manifests/profile/staging_app_frontend.pp similarity index 69% rename from puppet/zulip_ops/manifests/profile/staging_app_frontend.pp rename to puppet/kandra/manifests/profile/staging_app_frontend.pp index b53ef7ae6d..1bbd404608 100644 --- a/puppet/zulip_ops/manifests/profile/staging_app_frontend.pp +++ b/puppet/kandra/manifests/profile/staging_app_frontend.pp @@ -1,6 +1,6 @@ -class zulip_ops::profile::staging_app_frontend inherits zulip_ops::profile::base { +class kandra::profile::staging_app_frontend inherits kandra::profile::base { - include zulip_ops::app_frontend + include kandra::app_frontend file { '/etc/nginx/sites-available/zulip-staging': ensure => file, @@ -8,7 +8,7 @@ class zulip_ops::profile::staging_app_frontend inherits zulip_ops::profile::base owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/nginx/sites-available/zulip-staging', + source => 'puppet:///modules/kandra/nginx/sites-available/zulip-staging', notify => Service['nginx'], } file { '/etc/nginx/sites-enabled/zulip-staging': @@ -24,6 +24,6 @@ class zulip_ops::profile::staging_app_frontend inherits zulip_ops::profile::base owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/cron.d/check_send_receive_time', + source => 'puppet:///modules/kandra/cron.d/check_send_receive_time', } } diff --git a/puppet/zulip_ops/manifests/profile/teleport.pp b/puppet/kandra/manifests/profile/teleport.pp similarity index 53% rename from puppet/zulip_ops/manifests/profile/teleport.pp rename to puppet/kandra/manifests/profile/teleport.pp index 60b3901147..c737c283f4 100644 --- a/puppet/zulip_ops/manifests/profile/teleport.pp +++ b/puppet/kandra/manifests/profile/teleport.pp @@ -1,23 +1,23 @@ -class zulip_ops::profile::teleport inherits zulip_ops::profile::base { +class kandra::profile::teleport inherits kandra::profile::base { file { '/etc/teleport_server.yaml': owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/teleport_server.yaml', + source => 'puppet:///modules/kandra/teleport_server.yaml', notify => Service['teleport_server'], } - zulip_ops::teleport::part { 'server': } + kandra::teleport::part { 'server': } # https://goteleport.com/docs/admin-guide/#ports # Port 443 is outward-facing, for UI - zulip_ops::firewall_allow { 'teleport_server_ui': port => 443 } + kandra::firewall_allow { 'teleport_server_ui': port => 443 } # Port 3023 is outward-facing, for teleport clients to connect to. - zulip_ops::firewall_allow { 'teleport_server_proxy': port => 3023 } + kandra::firewall_allow { 'teleport_server_proxy': port => 3023 } # Port 3034 is outward-facing, for teleport servers outside the # cluster to connect back to establish reverse proxies. - zulip_ops::firewall_allow { 'teleport_server_reverse': port => 3024 } + kandra::firewall_allow { 'teleport_server_reverse': port => 3024 } # Port 3025 is inward-facing, for other nodes to look up auth information - zulip_ops::firewall_allow { 'teleport_server_auth': port => 3025 } + kandra::firewall_allow { 'teleport_server_auth': port => 3025 } } diff --git a/puppet/zulip_ops/manifests/profile/zmirror.pp b/puppet/kandra/manifests/profile/zmirror.pp similarity index 74% rename from puppet/zulip_ops/manifests/profile/zmirror.pp rename to puppet/kandra/manifests/profile/zmirror.pp index 0309d16e35..640f7daaf2 100644 --- a/puppet/zulip_ops/manifests/profile/zmirror.pp +++ b/puppet/kandra/manifests/profile/zmirror.pp @@ -1,4 +1,4 @@ -class zulip_ops::profile::zmirror inherits zulip_ops::profile::base { +class kandra::profile::zmirror inherits kandra::profile::base { include zulip::supervisor @@ -21,7 +21,7 @@ class zulip_ops::profile::zmirror inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/supervisor/conf.d/zmirror.conf', + source => 'puppet:///modules/kandra/supervisor/conf.d/zmirror.conf', notify => Service['supervisor'], } @@ -30,7 +30,7 @@ class zulip_ops::profile::zmirror inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/cron.d/zephyr-mirror', + source => 'puppet:///modules/kandra/cron.d/zephyr-mirror', } file { '/etc/krb5.conf': @@ -38,7 +38,7 @@ class zulip_ops::profile::zmirror inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/krb5.conf', + source => 'puppet:///modules/kandra/krb5.conf', } file { '/etc/default/zephyr-clients': @@ -46,7 +46,7 @@ class zulip_ops::profile::zmirror inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/zephyr-clients', + source => 'puppet:///modules/kandra/zephyr-clients', } file { '/usr/lib/nagios/plugins/zulip_zephyr_mirror': @@ -56,18 +56,18 @@ class zulip_ops::profile::zmirror inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0755', - source => 'puppet:///modules/zulip_ops/nagios_plugins/zulip_zephyr_mirror', + source => 'puppet:///modules/kandra/nagios_plugins/zulip_zephyr_mirror', } # Allow the relevant UDP ports concat::fragment { 'iptables-zmirror.v4': target => '/etc/iptables/rules.v4', - source => 'puppet:///modules/zulip_ops/iptables/zmirror.v4', + source => 'puppet:///modules/kandra/iptables/zmirror.v4', order => '20', } concat::fragment { 'iptables-zmirror.v6': target => '/etc/iptables/rules.v6', - source => 'puppet:///modules/zulip_ops/iptables/zmirror.v6', + source => 'puppet:///modules/kandra/iptables/zmirror.v6', order => '20', } diff --git a/puppet/zulip_ops/manifests/profile/zmirror_personals.pp b/puppet/kandra/manifests/profile/zmirror_personals.pp similarity index 83% rename from puppet/zulip_ops/manifests/profile/zmirror_personals.pp rename to puppet/kandra/manifests/profile/zmirror_personals.pp index 9ca7705d4f..0a8d5b2699 100644 --- a/puppet/zulip_ops/manifests/profile/zmirror_personals.pp +++ b/puppet/kandra/manifests/profile/zmirror_personals.pp @@ -1,8 +1,8 @@ -class zulip_ops::profile::zmirror_personals inherits zulip_ops::profile::base { +class kandra::profile::zmirror_personals inherits kandra::profile::base { include zulip::supervisor - Zulip_Ops::User_Dotfiles['zulip'] { + Kandra::User_Dotfiles['zulip'] { authorized_keys => [ 'common', 'production-write-ccache', @@ -51,7 +51,7 @@ class zulip_ops::profile::zmirror_personals inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/krb5.conf', + source => 'puppet:///modules/kandra/krb5.conf', } concat::fragment { '01-supervisor-zmirror': @@ -73,7 +73,7 @@ class zulip_ops::profile::zmirror_personals inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0644', - source => 'puppet:///modules/zulip_ops/cron.d/test_zephyr_personal_mirrors', + source => 'puppet:///modules/kandra/cron.d/test_zephyr_personal_mirrors', } file { '/usr/lib/nagios/plugins/zulip_zephyr_mirror': @@ -83,18 +83,18 @@ class zulip_ops::profile::zmirror_personals inherits zulip_ops::profile::base { owner => 'root', group => 'root', mode => '0755', - source => 'puppet:///modules/zulip_ops/nagios_plugins/zulip_zephyr_mirror', + source => 'puppet:///modules/kandra/nagios_plugins/zulip_zephyr_mirror', } # Allow the relevant UDP ports concat::fragment { 'iptables-zmirror.v4': target => '/etc/iptables/rules.v4', - source => 'puppet:///modules/zulip_ops/iptables/zmirror.v4', + source => 'puppet:///modules/kandra/iptables/zmirror.v4', order => '20', } concat::fragment { 'iptables-zmirror.v6': target => '/etc/iptables/rules.v6', - source => 'puppet:///modules/zulip_ops/iptables/zmirror.v6', + source => 'puppet:///modules/kandra/iptables/zmirror.v6', order => '20', } } diff --git a/puppet/kandra/manifests/profile/zulipbot_zulip_org.pp b/puppet/kandra/manifests/profile/zulipbot_zulip_org.pp new file mode 100644 index 0000000000..6bc6d03e34 --- /dev/null +++ b/puppet/kandra/manifests/profile/zulipbot_zulip_org.pp @@ -0,0 +1,8 @@ +class kandra::profile::zulipbot_zulip_org inherits kandra::profile::base { + + kandra::firewall_allow { 'http': } + kandra::firewall_allow { 'https': } + + # TODO: This does not do any configuration of zulipbot itself, or of + # caddy. +} diff --git a/puppet/zulip_ops/manifests/prometheus/akamai.pp b/puppet/kandra/manifests/prometheus/akamai.pp similarity index 71% rename from puppet/zulip_ops/manifests/prometheus/akamai.pp rename to puppet/kandra/manifests/prometheus/akamai.pp index becd7f8865..2eeb373d98 100644 --- a/puppet/zulip_ops/manifests/prometheus/akamai.pp +++ b/puppet/kandra/manifests/prometheus/akamai.pp @@ -1,11 +1,11 @@ # @summary Prometheus monitoring of Akamai access logs # -class zulip_ops::prometheus::akamai { - include zulip_ops::prometheus::base - include zulip_ops::vector +class kandra::prometheus::akamai { + include kandra::prometheus::base + include kandra::vector include zulip::supervisor - $bin = $zulip_ops::vector::bin + $bin = $kandra::vector::bin $conf = '/etc/vector.toml' $pipelines = { 'static' => zulipsecret('secrets', 'akamai_static_sqs_url', ''), @@ -17,7 +17,7 @@ class zulip_ops::prometheus::akamai { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/vector.toml.template.erb'), + content => template('kandra/vector.toml.template.erb'), } file { "${zulip::common::supervisor_conf_dir}/prometheus_akamai_exporter.conf": ensure => file, @@ -30,7 +30,7 @@ class zulip_ops::prometheus::akamai { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/prometheus_akamai_exporter.conf.template.erb'), + content => template('kandra/supervisor/conf.d/prometheus_akamai_exporter.conf.template.erb'), notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/prometheus/base.pp b/puppet/kandra/manifests/prometheus/base.pp similarity index 90% rename from puppet/zulip_ops/manifests/prometheus/base.pp rename to puppet/kandra/manifests/prometheus/base.pp index 4000044ff1..5203a28e14 100644 --- a/puppet/zulip_ops/manifests/prometheus/base.pp +++ b/puppet/kandra/manifests/prometheus/base.pp @@ -1,6 +1,6 @@ # @summary Configures a node for monitoring with Prometheus # -class zulip_ops::prometheus::base { +class kandra::prometheus::base { group { 'prometheus': ensure => present, gid => '1060', diff --git a/puppet/zulip_ops/manifests/prometheus/node.pp b/puppet/kandra/manifests/prometheus/node.pp similarity index 78% rename from puppet/zulip_ops/manifests/prometheus/node.pp rename to puppet/kandra/manifests/prometheus/node.pp index 7d66672c6d..4ffc629308 100644 --- a/puppet/zulip_ops/manifests/prometheus/node.pp +++ b/puppet/kandra/manifests/prometheus/node.pp @@ -1,7 +1,7 @@ # @summary Configures a node for monitoring with Prometheus # -class zulip_ops::prometheus::node { - include zulip_ops::prometheus::base +class kandra::prometheus::node { + include kandra::prometheus::base include zulip::supervisor $version = $zulip::common::versions['node_exporter']['version'] @@ -14,7 +14,7 @@ class zulip_ops::prometheus::node { tarball_prefix => "node_exporter-${version}.linux-${zulip::common::goarch}", } - zulip_ops::firewall_allow { 'node_exporter': port => '9100' } + kandra::firewall_allow { 'node_exporter': port => '9100' } file { "${zulip::common::supervisor_conf_dir}/prometheus_node_exporter.conf": ensure => file, require => [ @@ -25,7 +25,7 @@ class zulip_ops::prometheus::node { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/prometheus_node_exporter.conf.template.erb'), + content => template('kandra/supervisor/conf.d/prometheus_node_exporter.conf.template.erb'), notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/prometheus/postgresql.pp b/puppet/kandra/manifests/prometheus/postgresql.pp similarity index 90% rename from puppet/zulip_ops/manifests/prometheus/postgresql.pp rename to puppet/kandra/manifests/prometheus/postgresql.pp index 09e0ca4c0c..a6eb6e96be 100644 --- a/puppet/zulip_ops/manifests/prometheus/postgresql.pp +++ b/puppet/kandra/manifests/prometheus/postgresql.pp @@ -1,7 +1,7 @@ # @summary Prometheus monitoring of postgresql servers # -class zulip_ops::prometheus::postgresql { - include zulip_ops::prometheus::base +class kandra::prometheus::postgresql { + include kandra::prometheus::base include zulip::supervisor include zulip::golang @@ -55,7 +55,7 @@ class zulip_ops::prometheus::postgresql { user => 'postgres', } - zulip_ops::firewall_allow { 'postgres_exporter': port => '9187' } + kandra::firewall_allow { 'postgres_exporter': port => '9187' } file { "${zulip::common::supervisor_conf_dir}/prometheus_postgres_exporter.conf": ensure => file, require => [ @@ -67,7 +67,7 @@ class zulip_ops::prometheus::postgresql { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/prometheus_postgres_exporter.conf.template.erb'), + content => template('kandra/supervisor/conf.d/prometheus_postgres_exporter.conf.template.erb'), notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/prometheus/process.pp b/puppet/kandra/manifests/prometheus/process.pp similarity index 77% rename from puppet/zulip_ops/manifests/prometheus/process.pp rename to puppet/kandra/manifests/prometheus/process.pp index 136292bf82..be469cb6f3 100644 --- a/puppet/zulip_ops/manifests/prometheus/process.pp +++ b/puppet/kandra/manifests/prometheus/process.pp @@ -1,7 +1,7 @@ # @summary Prometheus monitoring of Zulip server processes # -class zulip_ops::prometheus::process { - include zulip_ops::prometheus::base +class kandra::prometheus::process { + include kandra::prometheus::base include zulip::supervisor $version = $zulip::common::versions['process_exporter']['version'] @@ -15,14 +15,14 @@ class zulip_ops::prometheus::process { tarball_prefix => "process-exporter-${version}.linux-${zulip::common::goarch}", } - zulip_ops::firewall_allow { 'process_exporter': port => '9256' } + kandra::firewall_allow { 'process_exporter': port => '9256' } file { $conf: ensure => file, require => User[zulip], owner => 'zulip', group => 'zulip', mode => '0644', - source => 'puppet:///modules/zulip_ops/process_exporter.yaml', + source => 'puppet:///modules/kandra/process_exporter.yaml', } file { "${zulip::common::supervisor_conf_dir}/prometheus_process_exporter.conf": ensure => file, @@ -35,7 +35,7 @@ class zulip_ops::prometheus::process { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/prometheus_process_exporter.conf.template.erb'), + content => template('kandra/supervisor/conf.d/prometheus_process_exporter.conf.template.erb'), notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/prometheus/rabbitmq.pp b/puppet/kandra/manifests/prometheus/rabbitmq.pp similarity index 74% rename from puppet/zulip_ops/manifests/prometheus/rabbitmq.pp rename to puppet/kandra/manifests/prometheus/rabbitmq.pp index 8f585f41f6..4ac6378da5 100644 --- a/puppet/zulip_ops/manifests/prometheus/rabbitmq.pp +++ b/puppet/kandra/manifests/prometheus/rabbitmq.pp @@ -2,13 +2,13 @@ # the built-in prometheus plugin which serves on port 15692: # https://www.rabbitmq.com/prometheus.html # -class zulip_ops::prometheus::rabbitmq { - include zulip_ops::prometheus::base +class kandra::prometheus::rabbitmq { + include kandra::prometheus::base exec { 'enable rabbitmq-prometheus': command => 'rabbitmq-plugins enable rabbitmq_prometheus', unless => 'grep -q rabbitmq_prometheus /etc/rabbitmq/enabled_plugins', require => Service['rabbitmq-server'], } - zulip_ops::firewall_allow { 'rabbitmq': port => '15692' } + kandra::firewall_allow { 'rabbitmq': port => '15692' } } diff --git a/puppet/zulip_ops/manifests/prometheus/redis.pp b/puppet/kandra/manifests/prometheus/redis.pp similarity index 78% rename from puppet/zulip_ops/manifests/prometheus/redis.pp rename to puppet/kandra/manifests/prometheus/redis.pp index 224adcea2f..7282e8da38 100644 --- a/puppet/zulip_ops/manifests/prometheus/redis.pp +++ b/puppet/kandra/manifests/prometheus/redis.pp @@ -1,7 +1,7 @@ # @summary Prometheus monitoring of redis servers # -class zulip_ops::prometheus::redis { - include zulip_ops::prometheus::base +class kandra::prometheus::redis { + include kandra::prometheus::base include zulip::supervisor $version = $zulip::common::versions['redis_exporter']['version'] @@ -14,7 +14,7 @@ class zulip_ops::prometheus::redis { tarball_prefix => "redis_exporter-v${version}.linux-${zulip::common::goarch}", } - zulip_ops::firewall_allow { 'redis_exporter': port => '9121' } + kandra::firewall_allow { 'redis_exporter': port => '9121' } file { "${zulip::common::supervisor_conf_dir}/prometheus_redis_exporter.conf": ensure => file, require => [ @@ -25,7 +25,7 @@ class zulip_ops::prometheus::redis { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/prometheus_redis_exporter.conf.template.erb'), + content => template('kandra/supervisor/conf.d/prometheus_redis_exporter.conf.template.erb'), notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/prometheus/uwsgi.pp b/puppet/kandra/manifests/prometheus/uwsgi.pp similarity index 78% rename from puppet/zulip_ops/manifests/prometheus/uwsgi.pp rename to puppet/kandra/manifests/prometheus/uwsgi.pp index 13c08a7ed3..7265515019 100644 --- a/puppet/zulip_ops/manifests/prometheus/uwsgi.pp +++ b/puppet/kandra/manifests/prometheus/uwsgi.pp @@ -1,7 +1,7 @@ # @summary Prometheus monitoring of uwsgi servers # -class zulip_ops::prometheus::uwsgi { - include zulip_ops::prometheus::base +class kandra::prometheus::uwsgi { + include kandra::prometheus::base include zulip::supervisor $version = $zulip::common::versions['uwsgi_exporter']['version'] @@ -14,7 +14,7 @@ class zulip_ops::prometheus::uwsgi { tarball_prefix => "uwsgi_exporter-${version}.linux-${zulip::common::goarch}", } - zulip_ops::firewall_allow { 'uwsgi_exporter': port => '9238' } + kandra::firewall_allow { 'uwsgi_exporter': port => '9238' } file { "${zulip::common::supervisor_conf_dir}/prometheus_uwsgi_exporter.conf": ensure => file, require => [ @@ -25,7 +25,7 @@ class zulip_ops::prometheus::uwsgi { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/prometheus_uwsgi_exporter.conf.template.erb'), + content => template('kandra/supervisor/conf.d/prometheus_uwsgi_exporter.conf.template.erb'), notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/prometheus/wal_g.pp b/puppet/kandra/manifests/prometheus/wal_g.pp similarity index 83% rename from puppet/zulip_ops/manifests/prometheus/wal_g.pp rename to puppet/kandra/manifests/prometheus/wal_g.pp index 0851c8752d..a25224ac95 100644 --- a/puppet/zulip_ops/manifests/prometheus/wal_g.pp +++ b/puppet/kandra/manifests/prometheus/wal_g.pp @@ -1,7 +1,7 @@ # @summary Prometheus monitoring of wal-g backups # -class zulip_ops::prometheus::wal_g { - include zulip_ops::prometheus::base +class kandra::prometheus::wal_g { + include kandra::prometheus::base include zulip::supervisor include zulip::wal_g @@ -28,7 +28,7 @@ class zulip_ops::prometheus::wal_g { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/prometheus_wal_g_exporter.conf.template.erb'), + content => template('kandra/supervisor/conf.d/prometheus_wal_g_exporter.conf.template.erb'), notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/ssh_authorized_keys.pp b/puppet/kandra/manifests/ssh_authorized_keys.pp similarity index 94% rename from puppet/zulip_ops/manifests/ssh_authorized_keys.pp rename to puppet/kandra/manifests/ssh_authorized_keys.pp index 12af6d4aad..b9835f789f 100644 --- a/puppet/zulip_ops/manifests/ssh_authorized_keys.pp +++ b/puppet/kandra/manifests/ssh_authorized_keys.pp @@ -1,4 +1,4 @@ -define zulip_ops::ssh_authorized_keys( +define kandra::ssh_authorized_keys( $keys = true, ) { $user = $name diff --git a/puppet/zulip_ops/manifests/ssh_keys.pp b/puppet/kandra/manifests/ssh_keys.pp similarity index 93% rename from puppet/zulip_ops/manifests/ssh_keys.pp rename to puppet/kandra/manifests/ssh_keys.pp index c3a75adca3..2318430e1f 100644 --- a/puppet/zulip_ops/manifests/ssh_keys.pp +++ b/puppet/kandra/manifests/ssh_keys.pp @@ -1,4 +1,4 @@ -define zulip_ops::ssh_keys( +define kandra::ssh_keys( $keys = true, ) { $user = $name diff --git a/puppet/zulip_ops/manifests/statuspage.pp b/puppet/kandra/manifests/statuspage.pp similarity index 75% rename from puppet/zulip_ops/manifests/statuspage.pp rename to puppet/kandra/manifests/statuspage.pp index ec9084e0c1..6e2daabd06 100644 --- a/puppet/zulip_ops/manifests/statuspage.pp +++ b/puppet/kandra/manifests/statuspage.pp @@ -2,7 +2,7 @@ # # Requires a /etc/zulip/statuspage.conf which maps statuspage.io # metric_ids to Prometheus queries. -class zulip_ops::statuspage { +class kandra::statuspage { $bin = '/usr/local/bin/statuspage-pusher' file { $bin: @@ -10,7 +10,7 @@ class zulip_ops::statuspage { owner => 'root', group => 'root', mode => '0755', - source => 'puppet:///modules/zulip_ops/statuspage-pusher', + source => 'puppet:///modules/kandra/statuspage-pusher', } file { "${zulip::common::supervisor_conf_dir}/statuspage-pusher.conf": @@ -22,7 +22,7 @@ class zulip_ops::statuspage { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/supervisor/conf.d/statuspage-pusher.conf.template.erb'), + content => template('kandra/supervisor/conf.d/statuspage-pusher.conf.template.erb'), notify => Service[supervisor], } } diff --git a/puppet/zulip_ops/manifests/teleport/application.pp b/puppet/kandra/manifests/teleport/application.pp similarity index 65% rename from puppet/zulip_ops/manifests/teleport/application.pp rename to puppet/kandra/manifests/teleport/application.pp index a94328bbe9..0b7f75b9b1 100644 --- a/puppet/zulip_ops/manifests/teleport/application.pp +++ b/puppet/kandra/manifests/teleport/application.pp @@ -1,15 +1,15 @@ # @summary Adds an http "application" to the Teleport configuration for the host. # # See https://goteleport.com/docs/application-access/ -define zulip_ops::teleport::application ( +define kandra::teleport::application ( $port, $description = '', $order = '50', ) { - include zulip_ops::teleport::application_top + include kandra::teleport::application_top concat::fragment { "teleport_app_${name}": target => '/etc/teleport_node.yaml', order => $order, - content => template('zulip_ops/teleport_app.yaml.template.erb'), + content => template('kandra/teleport_app.yaml.template.erb'), } } diff --git a/puppet/zulip_ops/manifests/teleport/application_top.pp b/puppet/kandra/manifests/teleport/application_top.pp similarity index 67% rename from puppet/zulip_ops/manifests/teleport/application_top.pp rename to puppet/kandra/manifests/teleport/application_top.pp index cd87908363..31d109ea1f 100644 --- a/puppet/zulip_ops/manifests/teleport/application_top.pp +++ b/puppet/kandra/manifests/teleport/application_top.pp @@ -1,10 +1,10 @@ # @summary Enables application support on the node; include once. # # See https://goteleport.com/docs/application-access/ -class zulip_ops::teleport::application_top { +class kandra::teleport::application_top { concat::fragment { 'teleport_app': target => '/etc/teleport_node.yaml', order => '10', - source => 'puppet:///modules/zulip_ops/teleport_app.yaml', + source => 'puppet:///modules/kandra/teleport_app.yaml', } } diff --git a/puppet/zulip_ops/manifests/teleport/base.pp b/puppet/kandra/manifests/teleport/base.pp similarity index 93% rename from puppet/zulip_ops/manifests/teleport/base.pp rename to puppet/kandra/manifests/teleport/base.pp index 8c53db279f..72857db6ac 100644 --- a/puppet/zulip_ops/manifests/teleport/base.pp +++ b/puppet/kandra/manifests/teleport/base.pp @@ -1,4 +1,4 @@ -class zulip_ops::teleport::base { +class kandra::teleport::base { include zulip::supervisor $setup_apt_repo_file = "${::zulip_scripts_path}/lib/setup-apt-repo" diff --git a/puppet/zulip_ops/manifests/teleport/db.pp b/puppet/kandra/manifests/teleport/db.pp similarity index 74% rename from puppet/zulip_ops/manifests/teleport/db.pp rename to puppet/kandra/manifests/teleport/db.pp index 2127b4f49a..9152526c59 100644 --- a/puppet/zulip_ops/manifests/teleport/db.pp +++ b/puppet/kandra/manifests/teleport/db.pp @@ -2,8 +2,8 @@ # # https://goteleport.com/docs/admin-guide/#adding-nodes-to-the-cluster # details additional manual steps to allow a node to join the cluster. -class zulip_ops::teleport::db { - include zulip_ops::teleport::base +class kandra::teleport::db { + include kandra::teleport::base $is_ec2 = zulipconf('machine', 'hosting_provider', 'ec2') == 'ec2' $join_token = zulipsecret('secrets', 'teleport_join_token', '') @@ -12,9 +12,9 @@ class zulip_ops::teleport::db { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/teleport_db.yaml.template.erb'), + content => template('kandra/teleport_db.yaml.template.erb'), notify => Service['teleport_db'], } - zulip_ops::teleport::part { 'db': } + kandra::teleport::part { 'db': } } diff --git a/puppet/zulip_ops/manifests/teleport/node.pp b/puppet/kandra/manifests/teleport/node.pp similarity index 79% rename from puppet/zulip_ops/manifests/teleport/node.pp rename to puppet/kandra/manifests/teleport/node.pp index 3eaf73486c..24bacd4bba 100644 --- a/puppet/zulip_ops/manifests/teleport/node.pp +++ b/puppet/kandra/manifests/teleport/node.pp @@ -3,8 +3,8 @@ # EC2 nodes will automatically join the cluster; non-EC2 hosts will # need to set a teleport_join_token secret. See # https://goteleport.com/docs/agents/join-services-to-your-cluster/join-token/#generate-a-token -class zulip_ops::teleport::node { - include zulip_ops::teleport::base +class kandra::teleport::node { + include kandra::teleport::base $is_ec2 = zulipconf('machine', 'hosting_provider', 'ec2') == 'ec2' $join_token = zulipsecret('secrets', 'teleport_join_token', '') @@ -17,9 +17,9 @@ class zulip_ops::teleport::node { } concat::fragment { 'teleport_node_base': target => '/etc/teleport_node.yaml', - content => template('zulip_ops/teleport_node.yaml.template.erb'), + content => template('kandra/teleport_node.yaml.template.erb'), order => '01', } - zulip_ops::teleport::part { 'node': } + kandra::teleport::part { 'node': } } diff --git a/puppet/zulip_ops/manifests/teleport/part.pp b/puppet/kandra/manifests/teleport/part.pp similarity index 83% rename from puppet/zulip_ops/manifests/teleport/part.pp rename to puppet/kandra/manifests/teleport/part.pp index db1502e45b..6806daba11 100644 --- a/puppet/zulip_ops/manifests/teleport/part.pp +++ b/puppet/kandra/manifests/teleport/part.pp @@ -1,6 +1,6 @@ # @summary Adds a systemd service named teleport_$name # -define zulip_ops::teleport::part() { +define kandra::teleport::part() { $part = $name include zulip::systemd_daemon_reload @@ -11,7 +11,7 @@ define zulip_ops::teleport::part() { owner => 'root', group => 'root', mode => '0644', - content => template('zulip_ops/teleport.service.template.erb'), + content => template('kandra/teleport.service.template.erb'), notify => [Exec['reload systemd'], Service["teleport_${part}"]], } diff --git a/puppet/zulip_ops/manifests/user_dotfiles.pp b/puppet/kandra/manifests/user_dotfiles.pp similarity index 90% rename from puppet/zulip_ops/manifests/user_dotfiles.pp rename to puppet/kandra/manifests/user_dotfiles.pp index 928be05903..0f943e5a2d 100644 --- a/puppet/zulip_ops/manifests/user_dotfiles.pp +++ b/puppet/kandra/manifests/user_dotfiles.pp @@ -1,4 +1,4 @@ -define zulip_ops::user_dotfiles ( +define kandra::user_dotfiles ( $home = '', $keys = false, $authorized_keys = false, @@ -26,7 +26,7 @@ define zulip_ops::user_dotfiles ( owner => $user, group => $user, mode => '0644', - source => 'puppet:///modules/zulip_ops/dotfiles/emacs.el', + source => 'puppet:///modules/kandra/dotfiles/emacs.el', } # Suppress MOTD printing, to fix load problems with Nagios caused by @@ -42,13 +42,13 @@ define zulip_ops::user_dotfiles ( } if $keys != false { - zulip_ops::ssh_keys{ $user: + kandra::ssh_keys{ $user: keys => $keys, require => File["${homedir}/.ssh"], } } if $authorized_keys != false { - zulip_ops::ssh_authorized_keys{ $user: + kandra::ssh_authorized_keys{ $user: keys => $authorized_keys, require => File["${homedir}/.ssh"], } diff --git a/puppet/zulip_ops/manifests/vector.pp b/puppet/kandra/manifests/vector.pp similarity index 95% rename from puppet/zulip_ops/manifests/vector.pp rename to puppet/kandra/manifests/vector.pp index ec97c0ead4..ee253b278a 100644 --- a/puppet/zulip_ops/manifests/vector.pp +++ b/puppet/kandra/manifests/vector.pp @@ -1,6 +1,6 @@ # @summary Installs Vector to transform Prometheus data # -class zulip_ops::vector { +class kandra::vector { $version = $zulip::common::versions['vector']['version'] $dir = "/srv/zulip-vector-${version}" $bin = "${dir}/bin/vector" diff --git a/puppet/zulip_ops/templates/dotfiles/aws_config.erb b/puppet/kandra/templates/dotfiles/aws_config.erb similarity index 100% rename from puppet/zulip_ops/templates/dotfiles/aws_config.erb rename to puppet/kandra/templates/dotfiles/aws_config.erb diff --git a/puppet/zulip_ops/templates/msmtprc_nagios.template.erb b/puppet/kandra/templates/msmtprc_nagios.template.erb similarity index 100% rename from puppet/zulip_ops/templates/msmtprc_nagios.template.erb rename to puppet/kandra/templates/msmtprc_nagios.template.erb diff --git a/puppet/zulip_ops/templates/munin/munin.conf.erb b/puppet/kandra/templates/munin/munin.conf.erb similarity index 100% rename from puppet/zulip_ops/templates/munin/munin.conf.erb rename to puppet/kandra/templates/munin/munin.conf.erb diff --git a/puppet/zulip_ops/templates/nagios4/cgi.cfg.template.erb b/puppet/kandra/templates/nagios4/cgi.cfg.template.erb similarity index 100% rename from puppet/zulip_ops/templates/nagios4/cgi.cfg.template.erb rename to puppet/kandra/templates/nagios4/cgi.cfg.template.erb diff --git a/puppet/zulip_ops/templates/nagios4/contacts.cfg.template.erb b/puppet/kandra/templates/nagios4/contacts.cfg.template.erb similarity index 100% rename from puppet/zulip_ops/templates/nagios4/contacts.cfg.template.erb rename to puppet/kandra/templates/nagios4/contacts.cfg.template.erb diff --git a/puppet/zulip_ops/templates/nagios4/hosts.cfg.template.erb b/puppet/kandra/templates/nagios4/hosts.cfg.template.erb similarity index 100% rename from puppet/zulip_ops/templates/nagios4/hosts.cfg.template.erb rename to puppet/kandra/templates/nagios4/hosts.cfg.template.erb diff --git a/puppet/zulip_ops/templates/nagios4/localhost.cfg.template.erb b/puppet/kandra/templates/nagios4/localhost.cfg.template.erb similarity index 100% rename from puppet/zulip_ops/templates/nagios4/localhost.cfg.template.erb rename to puppet/kandra/templates/nagios4/localhost.cfg.template.erb diff --git a/puppet/zulip_ops/templates/nagios_apache_site.conf.template.erb b/puppet/kandra/templates/nagios_apache_site.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/nagios_apache_site.conf.template.erb rename to puppet/kandra/templates/nagios_apache_site.conf.template.erb diff --git a/puppet/zulip_ops/templates/nagios_autossh.template.erb b/puppet/kandra/templates/nagios_autossh.template.erb similarity index 100% rename from puppet/zulip_ops/templates/nagios_autossh.template.erb rename to puppet/kandra/templates/nagios_autossh.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/grafana.conf.erb b/puppet/kandra/templates/supervisor/conf.d/grafana.conf.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/grafana.conf.erb rename to puppet/kandra/templates/supervisor/conf.d/grafana.conf.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/munin_tunnels.conf.erb b/puppet/kandra/templates/supervisor/conf.d/munin_tunnels.conf.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/munin_tunnels.conf.erb rename to puppet/kandra/templates/supervisor/conf.d/munin_tunnels.conf.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/prometheus.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/prometheus.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/prometheus.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/prometheus.conf.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/prometheus_akamai_exporter.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/prometheus_akamai_exporter.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/prometheus_akamai_exporter.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/prometheus_akamai_exporter.conf.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/prometheus_node_exporter.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/prometheus_node_exporter.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/prometheus_node_exporter.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/prometheus_node_exporter.conf.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/prometheus_postgres_exporter.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/prometheus_postgres_exporter.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/prometheus_postgres_exporter.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/prometheus_postgres_exporter.conf.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/prometheus_process_exporter.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/prometheus_process_exporter.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/prometheus_process_exporter.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/prometheus_process_exporter.conf.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/prometheus_redis_exporter.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/prometheus_redis_exporter.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/prometheus_redis_exporter.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/prometheus_redis_exporter.conf.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/prometheus_uwsgi_exporter.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/prometheus_uwsgi_exporter.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/prometheus_uwsgi_exporter.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/prometheus_uwsgi_exporter.conf.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/prometheus_wal_g_exporter.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/prometheus_wal_g_exporter.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/prometheus_wal_g_exporter.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/prometheus_wal_g_exporter.conf.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/redis_tunnel.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/redis_tunnel.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/redis_tunnel.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/redis_tunnel.conf.template.erb diff --git a/puppet/zulip_ops/templates/supervisor/conf.d/statuspage-pusher.conf.template.erb b/puppet/kandra/templates/supervisor/conf.d/statuspage-pusher.conf.template.erb similarity index 100% rename from puppet/zulip_ops/templates/supervisor/conf.d/statuspage-pusher.conf.template.erb rename to puppet/kandra/templates/supervisor/conf.d/statuspage-pusher.conf.template.erb diff --git a/puppet/zulip_ops/templates/teleport.service.template.erb b/puppet/kandra/templates/teleport.service.template.erb similarity index 100% rename from puppet/zulip_ops/templates/teleport.service.template.erb rename to puppet/kandra/templates/teleport.service.template.erb diff --git a/puppet/zulip_ops/templates/teleport_app.yaml.template.erb b/puppet/kandra/templates/teleport_app.yaml.template.erb similarity index 77% rename from puppet/zulip_ops/templates/teleport_app.yaml.template.erb rename to puppet/kandra/templates/teleport_app.yaml.template.erb index 5ab500ab5b..8cb3b3079a 100644 --- a/puppet/zulip_ops/templates/teleport_app.yaml.template.erb +++ b/puppet/kandra/templates/teleport_app.yaml.template.erb @@ -1,4 +1,4 @@ -<%# This is appended to puppet/zulip_ops/files/teleport_node.yaml, so should be +<%# This is appended to puppet/kandra/files/teleport_node.yaml, so should be indented. Specifically, the "-" should be in the same column as the "T" at the start of this comment. -%> - name: "<%= @name %>" diff --git a/puppet/zulip_ops/templates/teleport_db.yaml.template.erb b/puppet/kandra/templates/teleport_db.yaml.template.erb similarity index 100% rename from puppet/zulip_ops/templates/teleport_db.yaml.template.erb rename to puppet/kandra/templates/teleport_db.yaml.template.erb diff --git a/puppet/zulip_ops/templates/teleport_node.yaml.template.erb b/puppet/kandra/templates/teleport_node.yaml.template.erb similarity index 100% rename from puppet/zulip_ops/templates/teleport_node.yaml.template.erb rename to puppet/kandra/templates/teleport_node.yaml.template.erb diff --git a/puppet/zulip_ops/templates/uptrack/uptrack.conf.erb b/puppet/kandra/templates/uptrack/uptrack.conf.erb similarity index 100% rename from puppet/zulip_ops/templates/uptrack/uptrack.conf.erb rename to puppet/kandra/templates/uptrack/uptrack.conf.erb diff --git a/puppet/zulip_ops/templates/vector.toml.template.erb b/puppet/kandra/templates/vector.toml.template.erb similarity index 100% rename from puppet/zulip_ops/templates/vector.toml.template.erb rename to puppet/kandra/templates/vector.toml.template.erb diff --git a/puppet/zulip/manifests/common.pp b/puppet/zulip/manifests/common.pp index 4351aafc1e..c3e260f06f 100644 --- a/puppet/zulip/manifests/common.pp +++ b/puppet/zulip/manifests/common.pp @@ -83,7 +83,7 @@ class zulip::common { }, }, - ### zulip_ops packages + ### kandra packages # https://docs.aws.amazon.com/rolesanywhere/latest/userguide/credential-helper.html 'aws_signing_helper' => { diff --git a/puppet/zulip_ops/manifests/camo.pp b/puppet/zulip_ops/manifests/camo.pp deleted file mode 100644 index e2cde00611..0000000000 --- a/puppet/zulip_ops/manifests/camo.pp +++ /dev/null @@ -1,7 +0,0 @@ -class zulip_ops::camo { - class { 'zulip::camo': - listen_address => '0.0.0.0', - } - - zulip_ops::firewall_allow { 'camo': port => '9292' } -} diff --git a/puppet/zulip_ops/manifests/profile/chat_zulip_org.pp b/puppet/zulip_ops/manifests/profile/chat_zulip_org.pp deleted file mode 100644 index c7cee0e543..0000000000 --- a/puppet/zulip_ops/manifests/profile/chat_zulip_org.pp +++ /dev/null @@ -1,20 +0,0 @@ -class zulip_ops::profile::chat_zulip_org inherits zulip_ops::profile::base { - include zulip::profile::standalone - include zulip::postfix_localmail - include zulip::hooks::sentry - - include zulip_ops::app_frontend_monitoring - include zulip_ops::prometheus::redis - include zulip_ops::prometheus::postgresql - zulip_ops::firewall_allow { 'smokescreen_metrics': port => '9810' } - zulip_ops::firewall_allow { 'http': } - zulip_ops::firewall_allow { 'https': } - zulip_ops::firewall_allow { 'smtp': } - - Zulip_Ops::User_Dotfiles['root'] { - keys => false, - } - Zulip_Ops::User_Dotfiles['zulip'] { - keys => false, - } -} diff --git a/puppet/zulip_ops/manifests/profile/smokescreen.pp b/puppet/zulip_ops/manifests/profile/smokescreen.pp deleted file mode 100644 index 0dbafd53d9..0000000000 --- a/puppet/zulip_ops/manifests/profile/smokescreen.pp +++ /dev/null @@ -1,9 +0,0 @@ -class zulip_ops::profile::smokescreen inherits zulip_ops::profile::base { - - - include zulip::profile::smokescreen - zulip_ops::firewall_allow { 'smokescreen': port => '4750' } - zulip_ops::firewall_allow { 'smokescreen_metrics': port => '9810' } - - include zulip_ops::camo -} diff --git a/puppet/zulip_ops/manifests/profile/zulipbot_zulip_org.pp b/puppet/zulip_ops/manifests/profile/zulipbot_zulip_org.pp deleted file mode 100644 index 66eb48beb0..0000000000 --- a/puppet/zulip_ops/manifests/profile/zulipbot_zulip_org.pp +++ /dev/null @@ -1,8 +0,0 @@ -class zulip_ops::profile::zulipbot_zulip_org inherits zulip_ops::profile::base { - - zulip_ops::firewall_allow { 'http': } - zulip_ops::firewall_allow { 'https': } - - # TODO: This does not do any configuration of zulipbot itself, or of - # caddy. -} diff --git a/tools/linter_lib/custom_check.py b/tools/linter_lib/custom_check.py index 11dca7b8db..93acb9c731 100644 --- a/tools/linter_lib/custom_check.py +++ b/tools/linter_lib/custom_check.py @@ -900,18 +900,18 @@ puppet_rules = RuleList( "pattern": r"(include[\t ]+|\$)zulip::(profile|base)\b", "exclude": { "puppet/zulip/manifests/profile/", - "puppet/zulip_ops/manifests/", + "puppet/kandra/manifests/", "puppet/zulip/manifests/dockervoyager.pp", }, "description": "Abstraction layering violation; only profiles should reference profiles or zulip::base", }, { - "pattern": r"(include[\t ]+|\$)zulip_ops::(profile|base)\b", + "pattern": r"(include[\t ]+|\$)kandra::(profile|base)\b", "exclude": { "puppet/zulip/manifests/", - "puppet/zulip_ops/manifests/profile/", + "puppet/kandra/manifests/profile/", }, - "description": "Abstraction layering violation; only profiles should reference profiles or zulip_ops::base", + "description": "Abstraction layering violation; only profiles should reference profiles or kandra::base", }, ], ) diff --git a/tools/release-tarball-exclude.txt b/tools/release-tarball-exclude.txt index 03e6b8b879..9acd9cf08e 100644 --- a/tools/release-tarball-exclude.txt +++ b/tools/release-tarball-exclude.txt @@ -7,7 +7,7 @@ tools/ zilencer/ templates/corporate templates/zilencer -puppet/zulip_ops +puppet/kandra zproject/dev_settings.py zproject/test_settings.py zerver/tests diff --git a/tools/setup/bootstrap-aws-installer b/tools/setup/bootstrap-aws-installer index 8ddba2f5cf..2f659af33a 100644 --- a/tools/setup/bootstrap-aws-installer +++ b/tools/setup/bootstrap-aws-installer @@ -40,7 +40,7 @@ export DEBIAN_FRONTEND=noninteractive # The following line gets subbed in by a call to pack-local-script, # which will make $AWS_INSTALLER the path to a local copy of install-aws-cli -AWS_INSTALLER="inline!puppet/zulip_ops/files/install-aws-cli" +AWS_INSTALLER="inline!puppet/kandra/files/install-aws-cli" # We then call it, to install the AWS CLI "$AWS_INSTALLER" @@ -57,7 +57,7 @@ EOF # The following line gets replaced by pack-local-script output, which # smuggles the install-ssh-keys binary into this one. # install-ssh-keys, in turn, pulls key data from AWS' secret manager. -INSTALL_SSH_KEYS="inline!puppet/zulip_ops/files/install-ssh-keys" +INSTALL_SSH_KEYS="inline!puppet/kandra/files/install-ssh-keys" "$INSTALL_SSH_KEYS" root prod/ssh/keys/internal-read-only-deploy-key # Provide GitHub known_hosts setup; you can verify against fingerprints at diff --git a/tools/setup/install-aws-server b/tools/setup/install-aws-server index 76a0ad0abe..1b0d88763b 100755 --- a/tools/setup/install-aws-server +++ b/tools/setup/install-aws-server @@ -11,7 +11,7 @@ Installs an empty Ubuntu server in AWS with a Zulip server role. * server is the local part of the hostname (e.g. postgres0) * roles is a comma-separated list of Puppet profile names; these - will get 'zulip_ops::profile::' prepended to them, and passed + will get 'kandra::profile::' prepended to them, and passed to scripts/lib/install -- e.g. 'postgresql' * branch is used to override the default branch to install from. * username is the name of the AWS SSH key pair to allow logins as @@ -77,7 +77,7 @@ set -x cd "$(dirname "$0")/../.." -./puppet/zulip_ops/files/install-aws-cli +./puppet/kandra/files/install-aws-cli AWS=/srv/zulip-aws-tools/bin/aws zulip_install_config_file="$HOME/.zulip-install-server.conf" @@ -89,12 +89,12 @@ fi REPO_URL=$(crudini --get "$zulip_install_config_file" repo repo_url) for role in ${ROLES//,/ }; do - if ! [ -f "./puppet/zulip_ops/manifests/profile/$role.pp" ]; then - echo "No such role zulip_ops::profile::$role !" + if ! [ -f "./puppet/kandra/manifests/profile/$role.pp" ]; then + echo "No such role kandra::profile::$role !" exit 1 fi done -FULL_ROLES=$(echo "$ROLES" | perl -pe '$_=join(",",map{"zulip_ops::profile::$_"} split ",")') +FULL_ROLES=$(echo "$ROLES" | perl -pe '$_=join(",",map{"kandra::profile::$_"} split ",")') function lookup() { KEY="$1" diff --git a/zproject/default_settings.py b/zproject/default_settings.py index 0cd2181143..03ec40aaa2 100644 --- a/zproject/default_settings.py +++ b/zproject/default_settings.py @@ -574,7 +574,7 @@ GOOGLE_ANALYTICS_ID: Optional[str] = None # This is overridden by dev_settings.py for droplets. IS_DEV_DROPLET = False -# Used by puppet/zulip_ops/files/cron.d/check_send_receive_time. +# Used by puppet/kandra/files/cron.d/check_send_receive_time. NAGIOS_BOT_HOST = EXTERNAL_HOST # Use half of the available CPUs for data import purposes.