]> git.openstreetmap.org Git - chef.git/blobdiff - .kitchen.yml
Add logrotate where required
[chef.git] / .kitchen.yml
index c49fa230fe8e369adf8ceac95fbd4cfe07584e5d..f7cfa5d3838691d95978edc65b8a611749425e28 100644 (file)
@@ -1,16 +1,65 @@
 ---
 driver:
 ---
 driver:
-  name: vagrant
-  provision: true
-  vagrantfiles:
-    - .kitchen.provision.rb
+  name: dokken
+  chef_version: 18
+  volumes:
+    - /var/lib/docker
+  env:
+    - container=dokken
+  ipv6: true
+  ipv6_subnet: "fd95:8552:964c::/64"
+  dns:
+    - 8.8.8.8
+    - 8.8.4.4
+    - 1.1.1.1
+    - 1.0.0.1
+
+transport:
+  name: dokken
 
 provisioner:
 
 provisioner:
-  name: chef_zero
+  name: dokken
+  chef_license: accept
   data_bags_path: test/data_bags
   data_bags_path: test/data_bags
+  slow_resource_report: true
+  clean_dokken_sandbox: true
+  attributes:
+    networking:
+      dnssec: "false" # Disable DNSSEC as occasionally unreliable in GitHub Actions
+
+verifier:
+  name: inspec
+  root_path: /opt/verifier
+  sudo: false
 
 platforms:
 
 platforms:
-  - name: ubuntu-16.04
+  - name: ubuntu-20.04
+    driver:
+      image: ghcr.io/test-kitchen/dokken/ubuntu-20.04
+      privileged: true
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update -y
+        - RUN /usr/bin/apt-get install -y eatmydata
+        - RUN echo /usr/lib/$(uname -m)-linux-gnu/libeatmydata.so >>/etc/ld.so.preload
+  - name: ubuntu-22.04
+    driver:
+      image: ghcr.io/test-kitchen/dokken/ubuntu-22.04
+      privileged: true
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update -y
+        - RUN /usr/bin/apt-get install -y eatmydata
+        - RUN echo /usr/lib/$(uname -m)-linux-gnu/libeatmydata.so >>/etc/ld.so.preload
+  - name: debian-12
+    driver:
+      image: ghcr.io/test-kitchen/dokken/debian-12
+      privileged: true
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update -y
+        - RUN /usr/bin/apt-get install -y eatmydata
+        - RUN echo /usr/lib/$(uname -m)-linux-gnu/libeatmydata.so >>/etc/ld.so.preload
 
 suites:
   - name: accounts
 
 suites:
   - name: accounts
@@ -19,49 +68,369 @@ suites:
   - name: apache
     run_list:
       - recipe[apache::default]
   - name: apache
     run_list:
       - recipe[apache::default]
-  - name: apache-ssl
-    run_list:
-      - recipe[apache::ssl]
   - name: apt
     run_list:
       - recipe[apt::default]
   - name: apt
     run_list:
       - recipe[apt::default]
+  - name: apt-repository
+    run_list:
+      - recipe[apt::repository]
+  - name: awscli
+    run_list:
+      - recipe[awscli::default]
+  - name: backup
+    run_list:
+      - recipe[backup::default]
   - name: bind
     run_list:
       - recipe[bind::default]
   - name: bind
     run_list:
       - recipe[bind::default]
+    attributes:
+      bind:
+        clients: none
+  - name: blog
+    run_list:
+      - recipe[blog::default]
   - name: blogs
     run_list:
   - name: blogs
     run_list:
-      - recipe[accounts::default]
       - recipe[blogs::default]
       - recipe[blogs::default]
-  - name: forum
+  - name: chef
     run_list:
     run_list:
-      - recipe[accounts::default]
-      - role[forum]
+      - recipe[chef::default]
+  - name: civicrm
+    run_list:
+      - recipe[civicrm::default]
+  - name: clamav
+    run_list:
+      - recipe[clamav::default]
+  - name: community
+    run_list:
+      - recipe[community::default]
+  - name: db-backup
+    run_list:
+      - recipe[db::backup]
+  - name: db-base
+    run_list:
+      - recipe[db::base]
+  - name: db-master
+    run_list:
+      - recipe[db::master]
+  - name: db-slave
+    run_list:
+      - recipe[db::slave]
+  - name: dev
+    run_list:
+      - recipe[dev::default]
+    attributes:
+      postgresql:
+        versions:
+          - 15
+  - name: devices
+    run_list:
+      - recipe[devices::default]
+  - name: dhcpd
+    run_list:
+      - recipe[dhcpd::default]
+    attributes:
+      dhcpd:
+        first_address: 172.18.100.1
+        last_address: 172.18.100.254
+      networking:
+        interfaces:
+          test:
+            interface: eth0
+            role: internal
+            inet:
+              address: 172.18.0.2
+              prefix: 16
+              gateway: 172.18.0.1
+        roles:
+          external:
+            zone: test
+  - name: dmca
+    run_list:
+      - recipe[dmca::default]
+  - name: dns
+    run_list:
+      - recipe[dns::default]
+  - name: docker
+    run_list:
+      - recipe[docker::default]
+  - name: elasticsearch
+    run_list:
+      - recipe[elasticsearch::default]
+  - name: exim
+    run_list:
+      - recipe[exim::default]
+  - name: fail2ban
+    run_list:
+      - recipe[fail2ban::default]
+  - name: foundation-birthday
+    run_list:
+      - recipe[foundation::birthday]
+  - name: foundation-board
+    run_list:
+      - recipe[foundation::board]
+  - name: foundation-dwg
+    run_list:
+      - recipe[foundation::dwg]
+  - name: foundation-mastodon
+    run_list:
+      - recipe[foundation::mastodon]
+  - name: foundation-mwg
+    run_list:
+      - recipe[foundation::mwg]
+  - name: foundation-owg
+    run_list:
+      - recipe[foundation::owg]
+  - name: foundation-welcome
+    run_list:
+      - recipe[foundation::welcome]
+  - name: foundation-wiki
+    run_list:
+      - recipe[foundation::wiki]
+  - name: ftp
+    run_list:
+      - recipe[ftp::default]
+  - name: geodns
+    run_list:
+      - recipe[geodns::default]
+    attributes:
+      networking:
+        interfaces:
+          test:
+            role: external
+            inet:
+              address: 172.18.0.2
+              prefix: 16
+  - name: geoipupdate
+    run_list:
+      - recipe[geoipupdate::default]
+  - name: git
+    run_list:
+      - recipe[git::default]
+  - name: git-server
+    run_list:
+      - recipe[git::server]
+  - name: git-web
+    run_list:
+      - recipe[git::web]
+  - name: gps-tile
+    run_list:
+      - recipe[gps-tile::default]
+  - name: hardware
+    run_list:
+      - recipe[hardware::default]
+  - name: hot
+    run_list:
+      - recipe[hot::default]
+  - name: ideditor
+    run_list:
+      - recipe[ideditor::default]
+  - name: imagery-tiler
+    run_list:
+      - recipe[imagery::tiler]
+  - name: irc
+    run_list:
+      - recipe[irc::default]
+  - name: kibana
+    run_list:
+      - recipe[kibana::default]
   - name: letsencrypt
     run_list:
   - name: letsencrypt
     run_list:
-      - recipe[accounts::default]
-      - recipe[apt::default]
-      - role[letsencrypt]
+      - recipe[letsencrypt::default]
+  - name: logstash
+    run_list:
+      - recipe[logstash::default]
+  - name: logstash-forwarder
+    run_list:
+      - recipe[logstash::forwarder]
     attributes:
     attributes:
-      apt:
-        sources:
-          - openstreetmap
-  - name: munin
+      logstash:
+        forwarder:
+          filebeat.inputs:
+            - type: filestream
+              id: apache
+              paths:
+                - /var/log/apache2/access.log
+              fields:
+                type: apache
+              fields_under_root: true
+  - name: mail
+    run_list:
+      - role[mail]
+  - name: mailman
     run_list:
     run_list:
-      - recipe[munin::default]
-  - name: munin-server
+      - recipe[mailman::default]
+  - name: matomo
     run_list:
     run_list:
-      - recipe[munin::server]
+      - recipe[matomo::default]
+  - name: memcached
+    run_list:
+      - recipe[memcached::default]
   - name: mysql
     run_list:
       - recipe[mysql::default]
   - name: networking
     run_list:
       - recipe[networking::default]
   - name: mysql
     run_list:
       - recipe[mysql::default]
   - name: networking
     run_list:
       - recipe[networking::default]
+  - name: nginx
+    run_list:
+      - recipe[nginx::default]
+  - name: nodejs
+    run_list:
+      - recipe[nodejs::default]
+  - name: nominatim
+    run_list:
+      - recipe[nominatim::default]
+  - name: ntp
+    run_list:
+      - recipe[ntp::default]
+  - name: openssh
+    run_list:
+      - recipe[openssh::default]
+  - name: osmosis
+    run_list:
+      - recipe[osmosis::default]
+  - name: osqa
+    run_list:
+      - recipe[osqa::default]
   - name: otrs
     run_list:
   - name: otrs
     run_list:
-      - recipe[accounts::default]
-      - recipe[chef::default]
-      - role[otrs]
+      - recipe[otrs::default]
+  - name: overpass
+    run_list:
+      - recipe[overpass::default]
+  - name: passenger
+    run_list:
+      - recipe[passenger::default]
+  - name: php
+    run_list:
+      - recipe[php::default]
+  - name: php-apache
+    run_list:
+      - recipe[php::apache]
+  - name: php-fpm
+    run_list:
+      - recipe[php::fpm]
+  - name: planet
+    run_list:
+      - recipe[planet::default]
+  - name: planet-aws
+    run_list:
+      - recipe[planet::aws]
+  - name: planet-current
+    run_list:
+      - recipe[planet::current]
+  - name: planet-dump
+    run_list:
+      - recipe[planet::dump]
+  - name: planet-notes
+    run_list:
+      - recipe[planet::notes]
+    attributes:
+      web:
+        readonly_database_host: readonly
+  - name: planet-replication
+    run_list:
+      - recipe[planet::replication]
+    attributes:
+      web:
+        readonly_database_host: readonly
+  - name: postgresql
+    run_list:
+      - recipe[postgresql::default]
+    attributes:
+      postgresql:
+        versions:
+          - 15
+  - name: prometheus
+    run_list:
+      - recipe[prometheus::default]
+    attributes:
+      networking:
+        interfaces:
+          test:
+            interface: eth0
+            role: internal
+            inet:
+              address: 172.18.0.2
+              prefix: 16
+              gateway: 172.18.0.1
+  - name: prometheus-server
+    run_list:
+      - recipe[prometheus::server]
+  - name: python
+    run_list:
+      - recipe[python::default]
+  - name: rsyncd
+    run_list:
+      - recipe[rsyncd::default]
+  - name: serverinfo
+    run_list:
+      - recipe[serverinfo::default]
+  - name: snmpd
+    run_list:
+      - recipe[snmpd::default]
+  - name: spamassassin
+    run_list:
+      - recipe[spamassassin::default]
+  - name: ssl
+    run_list:
+      - recipe[ssl::default]
+  - name: stateofthemap-container
+    run_list:
+      - recipe[stateofthemap::container]
+  - name: stateofthemap-wordpress
+    run_list:
+      - recipe[stateofthemap::wordpress]
+  - name: subversion
+    run_list:
+      - recipe[subversion::default]
+  - name: supybot
+    run_list:
+      - recipe[supybot::default]
+  - name: switch2osm
+    run_list:
+      - recipe[switch2osm::default]
+  - name: sysctl
+    run_list:
+      - recipe[sysctl::default]
+  - name: sysfs
+    run_list:
+      - recipe[sysfs::default]
+  - name: taginfo
+    run_list:
+      - recipe[taginfo::default]
+    attributes:
+      taginfo:
+        sites:
+          - name: taginfo.example.com
+  - name: tile
+    run_list:
+      - recipe[tile::default]
+  - name: tilelog
+    run_list:
+      - recipe[tilelog::default]
   - name: tools
     run_list:
       - recipe[tools::default]
   - name: tools
     run_list:
       - recipe[tools::default]
+  - name: trac
+    run_list:
+      - recipe[trac::default]
+  - name: vectortile
+    run_list:
+      - recipe[vectortile::default]
+  - name: web-cgimap
+    run_list:
+      - recipe[web::cgimap]
+  - name: web-frontend
+    run_list:
+      - recipe[web::frontend]
+  - name: web-rails
+    run_list:
+      - recipe[web::rails]
+  - name: wiki
+    run_list:
+      - recipe[wiki::default]
+  - name: wordpress
+    run_list:
+      - recipe[wordpress::default]