+ directory "#{gpx_directory}/traces" do
+ owner "apis"
+ group "apis"
+ mode "755"
+ end
+
+ directory "#{gpx_directory}/images" do
+ owner "apis"
+ group "apis"
+ mode "755"
+ end
+
+ openssl_rsa_private_key "#{site_directory}/doorkeeper.key" do
+ owner "root"
+ group "root"
+ mode "0400"
+ end
+
+ rails_port site_name do
+ directory rails_directory
+ user "apis"
+ group "apis"
+ repository details[:repository]
+ revision details[:revision]
+ database_port node[:postgresql][:clusters][:"15/main"][:port]
+ database_name database_name
+ database_username "apis"
+ email_from "OpenStreetMap <web@noreply.openstreetmap.org>"
+ gpx_dir gpx_directory
+ log_path "#{log_directory}/rails.log"
+ memcache_servers ["127.0.0.1"]
+ csp_enforce true
+ run_migrations true
+ trace_use_job_queue true
+ doorkeeper_signing_key lazy { File.read("#{site_directory}/doorkeeper.key") }
+ end
+
+ template "#{rails_directory}/config/initializers/setup.rb" do
+ source "rails.setup.rb.erb"
+ owner "apis"
+ group "apis"
+ mode "644"
+ variables :site => site_name
+ notifies :restart, "rails_port[#{site_name}]"
+ end
+
+ template "/etc/default/rails-#{name}" do
+ source "rails.environment.erb"
+ owner "root"
+ group "root"
+ mode "0600"
+ variables :secret_key_base => secret_key_base
+ end
+
+ service "rails-jobs@#{name}" do
+ action [:enable, :start]
+ supports :restart => true
+ subscribes :restart, "rails_port[#{site_name}]"
+ subscribes :restart, "systemd_service[rails-jobs@]"
+ only_if "fgrep -q delayed_job #{rails_directory}/Gemfile.lock"
+ end
+
+ if details[:cgimap_repository]
+ git cgimap_directory do
+ action :sync
+ repository details[:cgimap_repository]
+ revision details[:cgimap_revision]
+ user "apis"
+ group "apis"
+ end
+
+ directory "#{cgimap_directory}/build" do
+ user "apis"
+ group "apis"
+ mode "0755"
+ end
+
+ execute "#{cgimap_directory}/CMakeLists.txt" do
+ action :nothing
+ command "cmake .."
+ cwd "#{cgimap_directory}/build"
+ user "apis"
+ group "apis"
+ subscribes :run, "git[#{cgimap_directory}]", :immediately
+ end
+
+ execute "#{cgimap_directory}/build/Makefile" do
+ action :nothing
+ command "make -j"
+ cwd "#{cgimap_directory}/build"
+ user "apis"
+ group "apis"
+ subscribes :run, "execute[#{cgimap_directory}/CMakeLists.txt]", :immediately
+ end
+
+ template "/etc/default/cgimap-#{name}" do
+ source "cgimap.environment.erb"
+ owner "root"
+ group "root"
+ mode "640"
+ variables :cgimap_socket => "/run/cgimap-#{name}/socket",
+ :database_port => node[:postgresql][:clusters][:"15/main"][:port],
+ :database_name => database_name,
+ :log_directory => log_directory,
+ :options => details[:cgimap_options]
+ end
+
+ service "cgimap@#{name}" do
+ action [:start, :enable]
+ subscribes :restart, "execute[#{cgimap_directory}/build/Makefile]"
+ subscribes :restart, "template[/etc/default/cgimap-#{name}]"
+ subscribes :restart, "systemd_service[cgimap@]"
+ end
+ end
+
+ ssl_certificate site_name do
+ domains [site_name] + site_aliases
+ notifies :reload, "service[apache2]"
+ end
+
+ apache_site site_name do
+ template "apache.rails.erb"
+ variables :application_name => name,
+ :aliases => site_aliases,
+ :secret_key_base => secret_key_base,
+ :cgimap_enabled => details.key?(:cgimap_repository),
+ :cgimap_socket => "/run/cgimap-#{name}/socket"
+ end
+
+ template "/etc/logrotate.d/apis-#{name}" do
+ source "logrotate.apis.erb"
+ owner "root"
+ group "root"
+ mode "644"
+ variables :name => name,
+ :log_directory => log_directory,
+ :rails_directory => rails_directory
+ end
+ else
+ file "/etc/logrotate.d/apis-#{name}" do
+ action :delete
+ end