]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/dev/recipes/default.rb
apache ssl: Do not pass OCSP stapling failures to client
[chef.git] / cookbooks / dev / recipes / default.rb
index 39f99f6c71ccd05614f17d0f692d71036051c48d..ef8e2dc77939d6826ed8259c447d3111f37a9aa2 100644 (file)
 #
 
 require "yaml"
+require "securerandom"
 
 include_recipe "apache"
+include_recipe "passenger"
 include_recipe "git"
 include_recipe "mysql"
 include_recipe "postgresql"
@@ -47,21 +49,14 @@ package "python-dateutil"
 package "python-magic"
 package "python-psycopg2"
 
+easy_install_package "geojson"
+
+apache_module "env"
 apache_module "expires"
 apache_module "fastcgi-handler"
 apache_module "rewrite"
-apache_module "expires"
 apache_module "wsgi"
 
-apache_module "passenger" do
-  conf "passenger.conf.erb"
-end
-
-munin_plugin "passenger_memory"
-munin_plugin "passenger_processes"
-munin_plugin "passenger_queues"
-munin_plugin "passenger_requests"
-
 gem_package "sqlite3"
 
 gem_package "rails" do
@@ -78,12 +73,12 @@ template "/etc/php5/fpm/pool.d/default.conf" do
   owner "root"
   group "root"
   mode 0644
-  notifies :reload, resources(:service => "php5-fpm")
+  notifies :reload, "service[php5-fpm]"
 end
 
 file "/etc/php5/fpm/pool.d/www.conf" do
   action :delete
-  notifies :reload, resources(:service => "php5-fpm")
+  notifies :reload, "service[php5-fpm]"
 end
 
 package "phppgadmin"
@@ -105,7 +100,7 @@ end
 
 search(:accounts, "*:*").each do |account|
   name = account["id"]
-  details = node[:accounts][:users][name]
+  details = node[:accounts][:users][name] || {}
 
   if ["user","administrator"].include?(details[:status])
     user_home = details[:home] || account["home"] || "#{node[:accounts][:home]}/#{name.to_s}"
@@ -117,7 +112,7 @@ search(:accounts, "*:*").each do |account|
         group "root"
         mode 0644
         variables :user => name
-        notifies :reload, resources(:service => "php5-fpm")
+        notifies :reload, "service[php5-fpm]"
       end
 
       apache_site "#{name}.dev.openstreetmap.org" do
@@ -129,7 +124,7 @@ search(:accounts, "*:*").each do |account|
   end
 end
 
-if node[:postgresql][:clusters]["9.1/main"]
+if node[:postgresql][:clusters][:"9.1/main"]
   postgresql_user "apis" do
     cluster "9.1/main"
   end
@@ -139,6 +134,9 @@ if node[:postgresql][:clusters]["9.1/main"]
     site_name = "#{name}.apis.dev.openstreetmap.org"
     site_aliases = details[:aliases] || []
     rails_directory = "/srv/#{name}.apis.dev.openstreetmap.org"
+    secret_key_base = details[:secret_key_base] || SecureRandom.base64(96)
+
+    node.set[:dev][:rails][name][:secret_key_base] = secret_key_base
 
     postgresql_database database_name do
       cluster "9.1/main"
@@ -152,13 +150,13 @@ if node[:postgresql][:clusters]["9.1/main"]
     end
 
     rails_port site_name do
-      ruby node[:dev][:ruby]
+      ruby node[:passenger][:ruby_version]
       directory rails_directory
       user "apis"
       group "apis"
       repository details[:repository]
       revision details[:revision]
-      database_port node[:postgresql][:clusters]["9.1/main"][:port]
+      database_port node[:postgresql][:clusters][:"9.1/main"][:port]
       database_name database_name
       database_username "apis"
       run_migrations true
@@ -170,19 +168,19 @@ if node[:postgresql][:clusters]["9.1/main"]
       group "apis"
       mode 0644
       variables :site => site_name
-      notifies :touch, resources(:file => "#{rails_directory}/tmp/restart.txt")
+      notifies :touch, "file[#{rails_directory}/tmp/restart.txt]"
     end
 
     apache_site site_name do
       template "apache.rails.erb"
-      variables :name => site_name, :aliases => site_aliases
+      variables :name => site_name, :aliases => site_aliases, :secret_key_base => secret_key_base
     end
   end
 
   Dir.glob("/srv/*.apis.dev.openstreetmap.org").each do |rails_directory|
     name = File.basename(rails_directory, ".apis.dev.openstreetmap.org")
 
-    unless node[:dev][:rails].include?(name)
+    unless node[:dev][:rails].include?(name) and node[:dev][:rails][name].include?(:repository)
       database_config = YAML.load_file("#{rails_directory}/config/database.yml")
       database_name = database_config["production"]["database"]
       site_name = "#{name}.apis.dev.openstreetmap.org"