include_recipe "php::fpm"
include_recipe "postgresql"
include_recipe "python"
+include_recipe "ruby"
package %w[
php-cgi
autoconf
automake
libtool
+ libargon2-dev
libfcgi-dev
libxml2-dev
libmemcached-dev
libpqxx-dev
libcrypto++-dev
libyajl-dev
+ libfmt-dev
zlib1g-dev
]
package "apache2-suexec-pristine"
php_fpm "default" do
- template "fpm-default.conf.erb"
+ pm_max_children 10
+ pm_start_servers 4
+ pm_min_spare_servers 2
+ pm_max_spare_servers 6
end
php_fpm "www" do
next unless File.directory?("#{user_home}/public_html")
- port = 7000 + account["uid"].to_i
-
php_fpm name do
- template "fpm.conf.erb"
- variables :user => name, :port => port
+ user name
+ group name
+ pm_max_children 10
+ pm_start_servers 4
+ pm_min_spare_servers 2
+ pm_max_spare_servers 6
+ pm_max_requests 10000
+ request_terminate_timeout 1800
+ environment "HOSTNAME" => "$HOSTNAME",
+ "PATH" => "/usr/local/bin:/usr/bin:/bin",
+ "TMP" => "/tmp",
+ "TMPDIR" => "/tmp",
+ "TEMP" => "/tmp"
+ php_values "max_execution_time" => "300",
+ "memory_limit" => "128M",
+ "post_max_size" => "32M",
+ "upload_max_filesize" => "32M"
+ php_admin_values "sendmail_path" => "/usr/sbin/sendmail -t -i -f #{name}@errol.openstreetmap.org",
+ "open_basedir" => "/home/#{name}/:/tmp/:/usr/share/php/"
+ php_flags "display_errors" => "on"
end
ssl_certificate "#{name}.dev.openstreetmap.org" do
apache_site "#{name}.dev.openstreetmap.org" do
template "apache.user.erb"
directory "#{user_home}/public_html"
- variables :user => name, :port => port
+ variables :user => name
end
template "/etc/sudoers.d/#{name}" do
end
end
-if node[:postgresql][:clusters][:"12/main"]
+if node[:postgresql][:clusters][:"14/main"]
postgresql_user "apis" do
- cluster "12/main"
+ cluster "14/main"
end
template "/usr/local/bin/cleanup-rails-assets" do
mode "755"
end
- ruby_version = node[:passenger][:ruby_version]
-
systemd_service "rails-jobs@" do
description "Rails job queue runner"
type "simple"
user "apis"
working_directory "/srv/%i.apis.dev.openstreetmap.org/rails"
- exec_start "/usr/local/bin/bundle#{ruby_version} exec rake jobs:work"
+ exec_start "#{node[:ruby][:bundle]} exec rake jobs:work"
restart "on-failure"
private_tmp true
private_devices true
cgimap_port = 9000
+ Dir.glob("/srv/*.apis.dev.openstreetmap.org").each do |dir|
+ node.default_unless[:dev][:rails][File.basename(dir).split(".").first] = {}
+ end
+
node[:dev][:rails].each do |name, details|
database_name = details[:database] || "apis_#{name}"
site_name = "#{name}.apis.dev.openstreetmap.org"
if details[:repository]
site_aliases = details[:aliases] || []
- secret_key_base = details[:secret_key_base] || SecureRandom.base64(96)
-
- node.normal[:dev][:rails][name][:secret_key_base] = secret_key_base
+ secret_key_base = persistent_token("dev", "rails", name, "secret_key_base")
postgresql_database database_name do
- cluster "12/main"
+ cluster "14/main"
owner "apis"
end
postgresql_extension "#{database_name}_btree_gist" do
- cluster "12/main"
+ cluster "14/main"
database database_name
extension "btree_gist"
end
end
rails_port site_name do
- ruby ruby_version
directory rails_directory
user "apis"
group "apis"
repository details[:repository]
revision details[:revision]
- database_port node[:postgresql][:clusters][:"12/main"][:port]
+ database_port node[:postgresql][:clusters][:"14/main"][:port]
database_name database_name
database_username "apis"
+ email_from "OpenStreetMap <web@noreply.openstreetmap.org>"
gpx_dir gpx_directory
log_path "#{log_directory}/rails.log"
memcache_servers ["127.0.0.1"]
cwd cgimap_directory
user "apis"
group "apis"
- subscribes :run, "git[#{cgimap_directory}]", :immediate
+ subscribes :run, "git[#{cgimap_directory}]", :immediately
end
execute "#{cgimap_directory}/configure" do
cwd cgimap_directory
user "apis"
group "apis"
- subscribes :run, "execute[#{cgimap_directory}/autogen.sh]", :immediate
+ subscribes :run, "execute[#{cgimap_directory}/autogen.sh]", :immediately
end
execute "#{cgimap_directory}/Makefile" do
cwd cgimap_directory
user "apis"
group "apis"
- subscribes :run, "execute[#{cgimap_directory}/configure]", :immediate
+ subscribes :run, "execute[#{cgimap_directory}/configure]", :immediately
notifies :restart, "service[cgimap@#{name}]"
end
group "root"
mode "640"
variables :cgimap_port => cgimap_port,
- :database_port => node[:postgresql][:clusters][:"12/main"][:port],
+ :database_port => node[:postgresql][:clusters][:"14/main"][:port],
:database_name => database_name,
:log_directory => log_directory
notifies :restart, "service[cgimap@#{name}]"
action :delete
end
+ service "rails-jobs@#{name}" do
+ action [:stop, :disable]
+ end
+
directory site_directory do
action :delete
recursive true
postgresql_database database_name do
action :drop
- cluster "12/main"
+ cluster "14/main"
end
-
- node.normal[:dev][:rails].delete(name)
end
end
mode "755"
files_owner "root"
files_group "root"
- files_mode 0o644
+ files_mode "644"
end
ssl_certificate "ooc.openstreetmap.org" do