]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/overpass/recipes/default.rb
Upgrade to postgres 14 on culebre and nidhogg
[chef.git] / cookbooks / overpass / recipes / default.rb
index d807eab696c0e6e0a68ba6e13a42c3756a04922a..690a28445102e3c32ababb5731658987ca18d07d 100644 (file)
 #
 
 include_recipe "accounts"
-include_recipe "munin"
 include_recipe "apache"
+include_recipe "munin"
+include_recipe "ruby"
 
 username = "overpass"
 basedir = data_bag_item("accounts", username)["home"]
+web_passwords = data_bag_item("web", "passwords")
 
-%w[bin site diffs db src].each do |dirname|
+%w[bin site diffs db src munin].each do |dirname|
   directory "#{basedir}/#{dirname}" do
     owner username
     group username
@@ -71,6 +73,24 @@ end
 
 ## Setup Apache
 
+gem_package "rotp" do
+  gem_binary node[:ruby][:gem]
+end
+
+directory "#{basedir}/apache" do
+  owner "root"
+  group "root"
+  mode "755"
+end
+
+template "#{basedir}/apache/totp-filter" do
+  source "totp-filter.erb"
+  owner "root"
+  group "root"
+  mode "755"
+  variables :totp_key => web_passwords["totp_key"]
+end
+
 ssl_certificate node[:fqdn] do
   domains [node[:fqdn],
            node[:overpass][:fqdn]]
@@ -79,6 +99,11 @@ end
 
 apache_module "cgi"
 apache_module "headers"
+apache_module "rewrite"
+
+apache_site "default" do
+  action :disable
+end
 
 apache_site "#{node[:overpass][:fqdn]}" do
   template "apache.erb"
@@ -188,3 +213,29 @@ end
 service "overpass-area-processor" do
   action [:enable]
 end
+
+template "/etc/logrotate.d/overpass" do
+  source "logrotate.erb"
+  owner "root"
+  group "root"
+  mode "644"
+  variables :logdir => logdir
+end
+
+# Munin scripts
+
+%w[db_lag request_count].each do |name|
+  template "#{basedir}/munin/overpass_#{name}" do
+    source "munin_#{name}.erb"
+    owner username
+    group username
+    mode "755"
+    variables :basedir => basedir
+  end
+
+  munin_plugin "overpass_#{name}" do
+    target "#{basedir}/munin/overpass_#{name}"
+    conf "munin.erb"
+    conf_variables :user => username
+  end
+end