modules/profile/manifests/klaxon.pp - operations/puppet - Gitiles

 # SPDX-License-Identifier: Apache-2.0
 class profile::klaxon (
     Klaxon::Klaxon_config $config   = lookup('profile::klaxon::klaxon_config', {'merge' => hash}),
     String $escalation_policy_slug  = lookup('profile::klaxon::escalation_policy_slug'),
 ) {
     $port = 4667

     class {'klaxon':
         escalation_policy_slug => $escalation_policy_slug,
         port                   => $port,
         config                 => $config,
     }

     $ssl_settings = ssl_ciphersuite('apache', 'strong', true)

     profile::idp::client::httpd::site {'klaxon.wikimedia.org':
         require         => [
             Acme_chief::Cert['icinga'],
         ],
         vhost_content   => 'profile/idp/client/httpd-klaxon.erb',
         # These four groups are the best current proxy for "trusted contributors".
         required_groups => [
             'cn=nda,ou=groups,dc=wikimedia,dc=org',
             'cn=ops,ou=groups,dc=wikimedia,dc=org',
             'cn=wmf,ou=groups,dc=wikimedia,dc=org',
             'cn=wmde,ou=groups,dc=wikimedia,dc=org',
         ],
         # This is the common prefix of all login-required handlers in Klaxon.
         protected_uri   => '/protected/',
         vhost_settings  => { port => $port },
     }
 }
	# SPDX-License-Identifier: Apache-2.0
	class profile::klaxon (
	Klaxon::Klaxon_config $config = lookup('profile::klaxon::klaxon_config', {'merge' => hash}),
	String $escalation_policy_slug = lookup('profile::klaxon::escalation_policy_slug'),
	) {
	$port = 4667

	class {'klaxon':
	escalation_policy_slug => $escalation_policy_slug,
	port => $port,
	config => $config,
	}

	$ssl_settings = ssl_ciphersuite('apache', 'strong', true)

	profile::idp::client::httpd::site {'klaxon.wikimedia.org':
	require => [
	Acme_chief::Cert['icinga'],
	],
	vhost_content => 'profile/idp/client/httpd-klaxon.erb',
	# These four groups are the best current proxy for "trusted contributors".
	required_groups => [
	'cn=nda,ou=groups,dc=wikimedia,dc=org',
	'cn=ops,ou=groups,dc=wikimedia,dc=org',
	'cn=wmf,ou=groups,dc=wikimedia,dc=org',
	'cn=wmde,ou=groups,dc=wikimedia,dc=org',
	],
	# This is the common prefix of all login-required handlers in Klaxon.
	protected_uri => '/protected/',
	vhost_settings => { port => $port },
	}
	}