5 # Copyright:: 2011, OpenStreetMap Foundation
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # https://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
21 require "securerandom"
23 include_recipe "apache"
24 include_recipe "passenger"
25 include_recipe "geoipupdate"
27 include_recipe "memcached"
28 include_recipe "munin"
29 include_recipe "mysql"
30 include_recipe "nodejs"
31 include_recipe "php::fpm"
32 include_recipe "postgresql"
33 include_recipe "python"
67 libboost-program-options-dev
68 libboost-date-time-dev
69 libboost-filesystem-dev
82 python_package "geojson" do
87 apache_module "expires"
88 apache_module "headers"
90 apache_module "proxy_fcgi"
91 apache_module "rewrite"
92 apache_module "suexec"
93 apache_module "userdir"
95 apache_module "wsgi" do
96 package "libapache2-mod-wsgi-py3"
99 package "apache2-suexec-pristine"
104 pm_min_spare_servers 2
105 pm_max_spare_servers 6
112 directory "/srv/dev.openstreetmap.org" do
118 template "/srv/dev.openstreetmap.org/index.html" do
119 source "dev.html.erb"
125 ssl_certificate "dev.openstreetmap.org" do
126 domains "dev.openstreetmap.org"
127 notifies :reload, "service[apache2]"
130 apache_site "dev.openstreetmap.org" do
131 template "apache.dev.erb"
136 template "/etc/phppgadmin/config.inc.php" do
137 source "phppgadmin.conf.erb"
143 file "/etc/apache2/conf.d/phppgadmin" do
147 ssl_certificate "phppgadmin.dev.openstreetmap.org" do
148 domains "phppgadmin.dev.openstreetmap.org"
149 notifies :reload, "service[apache2]"
152 apache_site "phppgadmin.dev.openstreetmap.org" do
153 template "apache.phppgadmin.erb"
156 search(:accounts, "*:*").each do |account|
158 details = node[:accounts][:users][name] || {}
160 next unless %w[user administrator].include?(details[:status])
162 user_home = details[:home] || account["home"] || "#{node[:accounts][:home]}/#{name}"
164 next unless File.directory?("#{user_home}/public_html")
171 pm_min_spare_servers 2
172 pm_max_spare_servers 6
173 pm_max_requests 10000
174 request_terminate_timeout 1800
175 environment "HOSTNAME" => "$HOSTNAME",
176 "PATH" => "/usr/local/bin:/usr/bin:/bin",
180 php_values "max_execution_time" => "300",
181 "memory_limit" => "128M",
182 "post_max_size" => "32M",
183 "upload_max_filesize" => "32M"
184 php_admin_values "sendmail_path" => "/usr/sbin/sendmail -t -i -f #{name}@errol.openstreetmap.org",
185 "open_basedir" => "/home/#{name}/:/tmp/:/usr/share/php/"
186 php_flags "display_errors" => "on"
189 ssl_certificate "#{name}.dev.openstreetmap.org" do
190 domains ["#{name}.dev.openstreetmap.org", "#{name}.dev.osm.org"]
191 notifies :reload, "service[apache2]"
194 apache_site "#{name}.dev.openstreetmap.org" do
195 template "apache.user.erb"
196 directory "#{user_home}/public_html"
197 variables :user => name
200 template "/etc/sudoers.d/#{name}" do
201 source "sudoers.user.erb"
205 variables :user => name
209 if node[:postgresql][:clusters][:"14/main"]
210 postgresql_user "apis" do
214 template "/usr/local/bin/cleanup-rails-assets" do
216 source "cleanup-assets.erb"
222 systemd_service "rails-jobs@" do
223 description "Rails job queue runner"
226 working_directory "/srv/%i.apis.dev.openstreetmap.org/rails"
227 exec_start "#{node[:ruby][:bundle]} exec rails jobs:work"
231 protect_system "full"
233 no_new_privileges true
236 systemd_service "cgimap@" do
237 description "OpenStreetMap API Server"
239 environment_file "/etc/default/cgimap-%i"
241 exec_start "/srv/%i.apis.dev.openstreetmap.org/cgimap/openstreetmap-cgimap --daemon --port $CGIMAP_PORT --instances 5"
242 exec_reload "/bin/kill -HUP $MAINPID"
245 protect_system "full"
247 no_new_privileges true
253 Dir.glob("/srv/*.apis.dev.openstreetmap.org").each do |dir|
254 node.default_unless[:dev][:rails][File.basename(dir).split(".").first] = {}
257 node[:dev][:rails].each do |name, details|
258 database_name = details[:database] || "apis_#{name}"
259 site_name = "#{name}.apis.dev.openstreetmap.org"
260 site_directory = "/srv/#{name}.apis.dev.openstreetmap.org"
261 log_directory = "#{site_directory}/logs"
262 rails_directory = "#{site_directory}/rails"
263 cgimap_directory = "#{site_directory}/cgimap"
264 gpx_directory = "#{site_directory}/gpx"
266 if details[:repository]
267 site_aliases = details[:aliases] || []
268 secret_key_base = persistent_token("dev", "rails", name, "secret_key_base")
270 postgresql_database database_name do
275 postgresql_extension "#{database_name}_btree_gist" do
277 database database_name
278 extension "btree_gist"
281 directory site_directory do
287 directory log_directory do
293 directory gpx_directory do
299 directory "#{gpx_directory}/traces" do
305 directory "#{gpx_directory}/images" do
311 rails_port site_name do
312 directory rails_directory
315 repository details[:repository]
316 revision details[:revision]
317 database_port node[:postgresql][:clusters][:"14/main"][:port]
318 database_name database_name
319 database_username "apis"
320 email_from "OpenStreetMap <web@noreply.openstreetmap.org>"
321 gpx_dir gpx_directory
322 log_path "#{log_directory}/rails.log"
323 memcache_servers ["127.0.0.1"]
326 trace_use_job_queue true
329 template "#{rails_directory}/config/initializers/setup.rb" do
330 source "rails.setup.rb.erb"
334 variables :site => site_name
335 notifies :restart, "rails_port[#{site_name}]"
338 service "rails-jobs@#{name}" do
339 action [:enable, :start]
340 supports :restart => true
341 subscribes :restart, "rails_port[#{site_name}]"
342 subscribes :restart, "systemd_service[#{name}]"
343 only_if "fgrep -q delayed_job #{rails_directory}/Gemfile.lock"
346 if details[:cgimap_repository]
347 git cgimap_directory do
349 repository details[:cgimap_repository]
350 revision details[:cgimap_revision]
355 execute "#{cgimap_directory}/autogen.sh" do
357 command "./autogen.sh"
361 subscribes :run, "git[#{cgimap_directory}]", :immediately
364 execute "#{cgimap_directory}/configure" do
366 command "./configure --with-fcgi=/usr --with-boost-libdir=/usr/lib/x86_64-linux-gnu --enable-yajl"
370 subscribes :run, "execute[#{cgimap_directory}/autogen.sh]", :immediately
373 execute "#{cgimap_directory}/Makefile" do
379 subscribes :run, "execute[#{cgimap_directory}/configure]", :immediately
380 notifies :restart, "service[cgimap@#{name}]"
383 template "/etc/default/cgimap-#{name}" do
384 source "cgimap.environment.erb"
388 variables :cgimap_port => cgimap_port,
389 :database_port => node[:postgresql][:clusters][:"14/main"][:port],
390 :database_name => database_name,
391 :log_directory => log_directory
392 notifies :restart, "service[cgimap@#{name}]"
395 service "cgimap@#{name}" do
396 action [:start, :enable]
400 ssl_certificate site_name do
401 domains [site_name] + site_aliases
402 notifies :reload, "service[apache2]"
405 apache_site site_name do
406 template "apache.rails.erb"
407 variables :application_name => name,
408 :aliases => site_aliases,
409 :secret_key_base => secret_key_base,
410 :cgimap_enabled => details.key?(:cgimap_repository),
411 :cgimap_port => cgimap_port
414 template "/etc/logrotate.d/apis-#{name}" do
415 source "logrotate.apis.erb"
419 variables :name => name,
420 :log_directory => log_directory,
421 :rails_directory => rails_directory
426 file "/etc/logrotate.d/apis-#{name}" do
430 apache_site site_name do
434 service "cgimap@#{name}" do
435 action [:stop, :disable]
438 file "/etc/default/cgimap-#{name}" do
442 service "rails-jobs@#{name}" do
443 action [:stop, :disable]
446 directory site_directory do
451 file "/etc/cron.daily/rails-#{site_name.tr('.', '-')}" do
455 postgresql_database database_name do
462 directory "/srv/apis.dev.openstreetmap.org" do
468 template "/srv/apis.dev.openstreetmap.org/index.html" do
469 source "apis.html.erb"
475 ssl_certificate "apis.dev.openstreetmap.org" do
476 domains "apis.dev.openstreetmap.org"
477 notifies :reload, "service[apache2]"
480 apache_site "apis.dev.openstreetmap.org" do
481 template "apache.apis.erb"
484 node[:postgresql][:clusters].each_key do |name|
485 postgresql_munin name do
492 directory "/srv/ooc.openstreetmap.org" do
498 remote_directory "/srv/ooc.openstreetmap.org/html" do
508 ssl_certificate "ooc.openstreetmap.org" do
509 domains ["ooc.openstreetmap.org",
510 "a.ooc.openstreetmap.org",
511 "b.ooc.openstreetmap.org",
512 "c.ooc.openstreetmap.org"]
513 notifies :reload, "service[apache2]"
516 apache_site "ooc.openstreetmap.org" do
517 template "apache.ooc.erb"