]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/civicrm/recipes/default.rb
Make nftables block various invalid TCP flag combinations
[chef.git] / cookbooks / civicrm / recipes / default.rb
index 0182d32492460f72f07e999148d4abd9b07be0b9..89ba93a42b060cbb75fbb19d5e559d1227c94c0b 100644 (file)
@@ -34,7 +34,9 @@ cache_dir = Chef::Config[:file_cache_path]
 passwords = data_bag_item("civicrm", "passwords")
 
 database_password = passwords["database"]
-site_key = passwords["key"]
+site_key = passwords["site_key"]
+cred_keys = passwords["cred_keys"]
+sign_keys = passwords["sign_keys"]
 
 mysql_user "civicrm@localhost" do
   password database_password
@@ -161,6 +163,8 @@ settings = edit_file "#{civicrm_directory}/civicrm/templates/CRM/common/civicrm.
   line.gsub!(/%%templateCompileDir%%/, "/srv/join.osmfoundation.org/wp-content/uploads/civicrm/templates_c/")
   line.gsub!(/%%baseURL%%/, "http://join.osmfoundation.org/")
   line.gsub!(/%%siteKey%%/, site_key)
+  line.gsub!(/%%credKeys%%/, cred_keys)
+  line.gsub!(/%%signKeys%%/, sign_keys)
   line.gsub!(%r{// *define\('CIVICRM_CMSDIR', '/path/to/install/root/'\);}, "define('CIVICRM_CMSDIR', '/srv/join.osmfoundation.org');")
 
   line
@@ -180,6 +184,7 @@ systemd_service "osmf-crm-jobs" do
   sandbox :enable_network => true
   memory_deny_write_execute false
   restrict_address_families "AF_UNIX"
+  read_write_paths "/srv/join.osmfoundation.org/wp-content/uploads/civicrm"
 end
 
 systemd_timer "osmf-crm-jobs" do