Version information
This version is compatible with:
- Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
- Puppet >= 4.7.0 < 7.0.0
- , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'joshbeard-crowd', '1.1.0'
Learn more about managing modules with a PuppetfileDocumentation
puppet-crowd
Overview
This Puppet module is used to install and configure the crowd application. Atlassian Crowd is a Single Sign-On (SSO) and Identity Management service. https://www.atlassian.com/software/crowd/overview
This module was forked from https://github.com/actionjack/puppet-crowd, which appears to be dormant.
- Manages the installation of Atlassian Crowd via compressed archive
- Manages Crowd init script and service
- Manages user
- Manages Crowd's Java settings and initial database settings
After installation, you should access Crowd in your browser. The default port is '8095'. Unfortunately, you'll need to step through the installation wizard, providing a license key and some basic configuration.
Prerequisites
Current dependencies are:
- puppetlabs/stdlib
- puppet/archive
A Java installation is also required. puppetlabs/java is recommended.
Usage
Examples
Defaults:
class { 'crowd': }
Using PostgreSQL database:
class { 'crowd':
db => 'postgres',
dbuser => 'crowd',
dbserver => 'localhost',
iddb => 'postgres',
iddbuser => 'crowdid',
iddbpassword => 'secret',
iddbserver => 'localhost',
}
Custom Installation:
class { 'crowd':
installdir => '/srv/crowd',
homedir => '/srv/local/crowd',
java_home => '/usr/java/latest',
download_url => 'http://mirrors.example.com/atlassian/crowd',
mysql_driver => 'http://mirrors.example.com/mysql/mysql-connector/mysql-connector-java-5.1.36.jar',
}
Reference
Class: crowd
Parameters
version
Default: '2.11.1'
The version of Crowd to download and install. MAJOR.MINOR.PATCH
Refer to https://www.atlassian.com/software/crowd/download
extension
Default: 'tar.gz'
The file extension of the archive to download. This should be .tar.gz
or
.zip
product
Default: 'crowd'
The product name. This is should be 'crowd'
installdir
Default: '/opt/crowd'
The absolute base path to install Crowd to. Within this path, Crowd will be
installed to a sub-directory that matches the version. Something like
atlassian-crowd-2.8.3-standalone
. You can override this sub-directory by
setting the 'appdir' parameter
appdir
Default: atlassian-${product}-${version}-standalone
The sub-directory under installdir to install Crowd to.
internet_proxy
Default: undef
Proxy setting to use if downloading Crowd behind a proxy.
homedir
Default: '/var/local/crowd'
The home directory for the crowd user.
manage_logging
Default: false
If true, the module will manage the access log valve in the Crowd server's Tomcat server.xml, properties in conf/logging.properties
,
properties in crowd-webapp/WEB-INF/classes/log4j.properties
, and properties in crowd-openidserver-webapp/WEB-INF/classes/log4j.properties
.
log_dir
Default: undef
If manage_logging
is true, this should specify the absolute path to the log directory (e.g. /var/log/crowd
).
manage_log_dir
Default: false
If manage_logging
is true, this will manage the log directory via a file
resource.
log_dir_owner
Default: $user
If manage_log_dir
is true, this specifies the owner for the file resource.
log_dir_group
Default: $group
If manage_log_dir
is true, this specifies the group for the file resource.
log_dir_mode
Default: 0750
If manage_log_dir
is true, this specifies the mode for the file resource.
log_max_days
Default: 5
If manage_logging
is true, this specifies the number of days to retain logs.
tomcat_port
Default: '8095'
The port that Crowd's Tomcat should listen on.
tomcat_address
Default: undef
The value for the 'address' attribute on the Tomcat connector.
max_threads
Default: '150'
For Crowd's Tomcat setings.
connection_timeout
Default: '20000'
For Crowd's Tomcat setings.
accept_count
Default: '100'
For Crowd's Tomcat setings.
min_spare_threads
Default: '25'
For Crowd's Tomcat setings.
proxy
Default: {}
Optional proxy configuration for Crowd's Tomcat. This is a hash of attributes to pass to the Tomcat connector. Something like the following:
proxy => {
scheme => 'https',
proxyName => 'foo.example.com',
proxyPort => '443',
}
manage_user
Default: true
Whether this module should manage the user or not.
manage_group
Default: true
Whether this module should manage the group or not.
user
Default: 'crowd'
The user to manage Crowd as.
group
Default: 'crowd'
The group to manage Crowd as.
uid
Default: undef
Optional specified UID to use if managing the user.
gid
Default: undef
Optional specified GID to use if managing the group.
shell
Default: '/sbin/nologin' and '/usr/sbin/nologin' on Debian.
The shell that the user
should have set, if this module is to manage the user.
password
Default: '*'
A password for the user, if this module is managing the user.
download_driver
Default: true
Whether this module should be responsible for downloading the JDBC driver for
MySQL if db
is set to mysql
.
Refer to https://confluence.atlassian.com/display/CROWD/MySQL for more information.
mysql_driver
Default: 'http://central.maven.org/maven2/mysql/mysql-connector-java/5.1.36/mysql-connector-java-5.1.36.jar'
If this module should download the JDBC driver for MySQL, this parameter
should be set to the URL to download the .jar
file from.
download_url
Default: 'https://www.atlassian.com/software/crowd/downloads/binary/'
The base URL to download Crowd from.
java_home
Default: '/usr/lib/jvm/java'
The absolute path to the Java installation to use.
jvm_xms
Default: '256m'
Custom JVM settings for initial memory size. Set in setenv.sh
in CATALINA_OPTS
.
jvm_xmx
Default: '512m'
Custom JVM settings for maximum memory size. Set in setenv.sh
in CATALINA_OPTS
.
jvm_permgen
Default: '256m'
Custom JVM settings for permgen size. You probably don't need to tune this.
jvm_opts
Default: ''
Any custom JVM options to start Crowd with. Set in setenv.sh
in CATALINA_OPTS
.
logdir
Default: '/var/log/crowdir
'
Set the folder to store log files in.
db
Default: 'mysql'
The database type to use. The module supports either mysql
, postgres
, or oracle
.
dbuser
Default: 'crowd'
The username for connecting to the database.
dbpassword
Default: 'crowd'
The database password.
NOTE: This doesn't do anything.
dbserver
Default: 'localhost'
The server address for accessing the Crowd database.
dbname
Default: 'crowd'
The name of the Crowd database.
dbport
Default: undef
The port for accessing the database server. Defaults to '5432' for Postgres and '3306' for MySQL.
dbdriver
Default: undef
Defaults to com.mysql.jdbc.Driver
when db
is set to mysql
and
org.postgresql.Driver
when db
is set to postgres
and
oracle.jdbc.driver.OracleDriver
when db is set to
oracle`.
iddb
Default: 'mysql'
The type of database for the CrowdID database.
See https://confluence.atlassian.com/display/CROWD/Installing+Crowd+and+CrowdID
iddbuser
Default: 'crowd'
The database username for the CrowdID database.
iddbpassword
Default: 'crowd'
The database password for the CrowdID database.
iddbserver
Default: 'localhost'
The address for the database server for the CrowdID database.
iddbname
Default: 'crowdid'
The name of the database for the CrowdID database.
iddbport
Default: undef
The port for accessing the CrowdID database server. Defaults to '5432' for Postgres and '3306' for MySQL.
iddbdriver
Default: undef
Defaults to com.mysql.jdbc.Driver
when db
is set to mysql
and
org.postgresql.Driver
when db
is set to postgres
manage_service
Default: true
Whether this module should manage the service.
service_file
Default: $crowd::params::service_file
The absolute path to the service file. For traditional sysV init systems, this
defaults to /etc/init.d/crowd
.
For upstart init systems (Ubuntu < 15.04), this defaults to /etc/init/crowd.conf
For systemd (RedHat > 7), this defaults to /usr/lib/systemd/system/crowd.service
Refer to manifests/params.pp for default values.
service_template
Default: $crowd::params::service_template
The template to use for the init system. A template for systemd, upstart, and sysV init is provided by this module.
service_mode
Default: $crowd::params::service_mode
The file mode of the init file. SysV init defaults to executable while Upstart and Systemd do not.
service_ensure
Default: 'running'
The service state.
service_enable
Default: true
Whether the service should start on boot.
service_provider
Default: undef
The provider to use for managing the service. You probably don't need to set this.
facts_ensure
Default: 'present'
Valid values are 'present' or 'absent'
Will provide an external fact called crowd_version
with the installed
Crowd version.
Note: This installs to Facter's system-wide external facts directory (facts.d -
see the facter_dir
parameter). A better solution to tracking the installed
version is needed that can work with a dynamic install path.
facter_dir
Default: See bamboo::params
Absolute path to the external facts directory. Refer to https://docs.puppet.com/facter/latest/custom_facts.html#external-facts
create_facter_dir
Default: true
Boolean
Whether this module should ensure the "facts.d" directory for external facts
is created. This module uses an Exec
resource to do that recursively if
this is true.
stop_command
Default: service crowd stop && sleep 15
The command to execute prior to upgrading. This should stop any running Crowd instance. This is executed after downloading the specified version and before extracting it to install it.
This requires crowd::facts_ensure = true
.
Development
Please feel free to raise any issues here for bug fixes. We also welcome feature requests. Feel free to make a pull request for anything and we make the effort to review and merge. We prefer with tests if possible.
Travis CI is used for testing.
How to test the Crowd module
Install the dependencies:
bundle install
Unit tests:
bundle exec rake spec
Syntax validation:
bundle exec rake validate
Puppet Lint:
bundle exec rake lint
Authors and Contributors
- Refer to the CONTRIBUTORS file.
- Original module by @actionjack
- Josh Beard (josh@signalboxes.net) https://github.com/joshbeard
2019-04-23 - Release 1.1.0
Summary
- Update testing
- Add LICENSE file
- Bump default Crowd version to 2.11.1
- Stop Crowd service on updating
- Provide
crowd::facts
manifest to provide external fact that reports the installed version. This is used for handling updates. - Add
logdir
parameter (PR #16 by @prikkeldraad) - Support custom log locations (PR #25 by @bt-lemery)
- Add
tomcat_address
parameter (Fixes Issue #4) - Support for Oracle database (PR #25 by @bt-lemery)
- Use
archive
module (PR #25 by @bt-lemery) - Allow IP address in download_url (PR #13 @BenjaminFarley)
- Allow dots in usernames (PR #9 @cyberious)
- Use
CATALINA_OPTS
instead ofJAVA_OPTS
insetenv.sh
(issue #14 @galcorlo) - Use PDK
2016-06-10 - Release 1.0.5
Summary
- Dependency metadata updated (s/nanliu-staging/puppet-staging) (issue #7)
2016-04-05 - Release 1.0.4
Summary
- Update tests
2016-04-05 - Release 1.0.3 (deleted)
Summary
- Fix default download_url to use https (issue #5)
- Bump default version to 2.8.4
2016-01-06 - Release 1.0.2
Summary
- Fix default nologin path for Debian systems (issue #3)
2015-10-19 - Release 1.0.1
Summary
- Fix PIDFile filename for systemd (resolves issue #2)
2015-10-15 - Release 1.0.0
Summary
- Initial release (since forked)
- Complete refactoring
- Add testing
- Overhaul readme and documentation
Dependencies
- puppetlabs-stdlib (>= 4.6.0 <6.0.0)
- puppet-archive (< 4.0.0)
- puppetlabs-augeas_core (< 2.0.0)
Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.