#
-# Cookbook Name:: web
+# Cookbook:: web
# Recipe:: rails
#
-# Copyright 2011, OpenStreetMap Foundation
+# Copyright:: 2011, OpenStreetMap Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
#
-include_recipe "tools"
-include_recipe "web::base"
-
include_recipe "apache"
-include_recipe "passenger"
+include_recipe "apt"
include_recipe "git"
+include_recipe "geoipupdate"
+include_recipe "munin"
include_recipe "nodejs"
+include_recipe "passenger"
+include_recipe "tools"
+include_recipe "web::base"
web_passwords = data_bag_item("web", "passwords")
db_passwords = data_bag_item("db", "passwords")
piwik = data_bag_item("web", "piwik")
+storage = {
+ "aws" => {
+ "service" => "S3",
+ "access_key_id" => "AKIASQUXHPE7AMJQRFOS",
+ "secret_access_key" => web_passwords["aws_key"],
+ "region" => "eu-west-1",
+ "bucket" => "openstreetmap-user-avatars",
+ "use_dualstack_endpoint" => true,
+ "upload" => {
+ "acl" => "public-read",
+ "cache_control" => "public, max-age=31536000, immutable"
+ }
+ }
+}
+
rails_port "www.openstreetmap.org" do
ruby ruby_version
directory rails_directory
thunderforest_key web_passwords["thunderforest_key"]
totp_key web_passwords["totp_key"]
csp_enforce true
+ trace_use_job_queue true
+ diary_feed_delay 12
+ storage_configuration storage
+ storage_service "aws"
+ storage_url "https://openstreetmap-user-avatars.s3.dualstack.eu-west-1.amazonaws.com"
end
-systemd_service "rails-jobs" do
+systemd_service "rails-jobs@" do
description "Rails job queue runner"
type "simple"
+ environment "RAILS_ENV" => "production", "QUEUE" => "%I"
user "rails"
working_directory rails_directory
exec_start "/usr/local/bin/bundle#{ruby_version} exec rake jobs:work"