]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/taginfo/recipes/default.rb
Revert "Disable OAuth 1.0a and basic authentication"
[chef.git] / cookbooks / taginfo / recipes / default.rb
index fcbbe05af9cec9ed0995ce2a6106012c28f7163f..818561930412db0cdbc6521fce689eb766464866 100644 (file)
@@ -1,14 +1,14 @@
 #
-# Cookbook Name:: taginfo
+# Cookbook:: taginfo
 # Recipe:: default
 #
-# Copyright 2014, OpenStreetMap Foundation
+# Copyright:: 2014, OpenStreetMap Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#     http://www.apache.org/licenses/LICENSE-2.0
+#     https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 
 require "json"
 
-include_recipe "apache::ssl"
-include_recipe "passenger"
+include_recipe "accounts"
+include_recipe "apache"
 include_recipe "git"
-
-package "libsqlite3-dev"
-package "zlib1g-dev"
-package "libosmpbf-dev"
-package "libprotobuf-dev"
-package "libboost-dev"
-package "libexpat1-dev"
-package "libsparsehash-dev"
-package "libgd2-xpm-dev"
-package "make"
-package "g++"
-
-package "sqlite3"
-package "osmosis"
-package "curl"
-package "m4"
-package "subversion"
-
-package "ruby"
-package "rubygems"
-gem_package "json"
-gem_package "sqlite3"
-gem_package "sinatra"
-gem_package "sinatra-r18n"
-gem_package "rack-contrib"
+include_recipe "passenger"
+include_recipe "planet::current"
+include_recipe "prometheus"
+include_recipe "ruby"
+
+package %w[
+  libsqlite3-dev
+  zlib1g-dev
+  libbz2-dev
+  libboost-dev
+  libexpat1-dev
+  libsparsehash-dev
+  libgd-dev
+  libicu-dev
+  libboost-program-options-dev
+  libosmium2-dev
+  libprotozero-dev
+  cmake
+  make
+  g++
+]
+
+package %w[
+  sqlite3
+  sqlite3-pcre
+  osmium-tool
+  pyosmium
+  curl
+  pbzip2
+]
 
 apache_module "cache"
-apache_module "disk_cache"
+apache_module "cache_disk"
+apache_module "headers"
+
+directory "/var/log/taginfo" do
+  owner "taginfo"
+  group "taginfo"
+  mode "755"
+end
 
-template "/etc/cron.d/taginfo" do
-  source "cron.erb"
+template "/etc/sudoers.d/taginfo" do
+  source "sudoers.erb"
   owner "root"
   group "root"
-  mode 0644
+  mode "440"
 end
 
-directory "/var/log/taginfo" do
-  owner "taginfo"
-  group "taginfo"
-  mode 0755
+systemd_service "taginfo-update@" do
+  description "Taginfo update for %i"
+  wants "planet-update.service"
+  after "planet-update.service"
+  exec_start "/srv/%i/bin/update"
+  user "taginfo"
+  sandbox :enable_network => true
+  restrict_address_families "AF_UNIX"
+  read_write_paths [
+    "/srv/%i/data",
+    "/srv/%i/download",
+    "/srv/%i/sources",
+    "/var/log/taginfo/%i"
+  ]
 end
 
-file "/etc/logrotate.d/taginfo" do
-  action :delete
+systemd_timer "taginfo-update@" do
+  description "Taginfo update for %i"
+  on_calendar "01:37"
 end
 
 node[:taginfo][:sites].each do |site|
-  name = site[:name]
-  directory = site[:directory] || "/srv/#{name}"
+  site_name = site[:name]
+  site_aliases = Array(site[:aliases])
+  directory = site[:directory] || "/srv/#{site_name}"
   description = site[:description]
+  about = site[:about]
   icon = site[:icon]
   contact = site[:contact]
 
-  directory "/var/log/taginfo/#{name}" do
+  directory "/var/log/taginfo/#{site_name}" do
     owner "taginfo"
     group "taginfo"
-    mode 0755
+    mode "755"
   end
 
   directory directory do
     owner "taginfo"
     group "taginfo"
-    mode 0755
+    mode "755"
   end
 
-  git "#{directory}/osmium" do
+  git "#{directory}/taginfo-tools" do
     action :sync
-    repository "git://github.com/joto/osmium.git"
+    repository "https://github.com/taginfo/taginfo-tools.git"
     revision "osmorg-taginfo-live"
+    depth 1
+    enable_submodules true
     user "taginfo"
     group "taginfo"
   end
 
-  git "#{directory}/taginfo" do
-    action :sync
-    repository "git://github.com/joto/taginfo.git"
-    revision "osmorg-taginfo-live"
-    user "taginfo"
-    group "taginfo"
-  end
-
-  settings = JSON.parse(IO.read("#{directory}/taginfo/taginfo-config-example.json"))
-
-  settings["instance"]["url"] = "http://#{name}/"
-  settings["instance"]["description"] = description
-  settings["instance"]["icon"] = "/img/logo/#{icon}.png"
-  settings["instance"]["contact"] = contact
-  settings["logging"]["directory"] = "/var/log/taginfo/#{name}"
-  settings["opensearch"]["shortname"] = "Taginfo"
-  settings["opensearch"]["contact"] = "webmaster@openstreetmap.org"
-  settings["sources"]["download"] = ""
-  settings["sources"]["create"] = "db languages josm potlatch wiki"
-  settings["sources"]["db"]["planetfile"] = "#{directory}/planet/planet.pbf"
-  settings["sources"]["db"]["tagstats"] = "#{directory}/taginfo/tagstats/tagstats"
-  settings["tagstats"]["cxxflags"] = "-I../../osmium/include"
-  settings["tagstats"]["geodistribution"] = "MmapAnon"
-
-  file "#{directory}/taginfo-config.json" do
+  directory "#{directory}/build" do
     owner "taginfo"
     group "taginfo"
-    mode 0644
-    content JSON.pretty_generate(settings)
+    mode "755"
   end
 
-  execute "#{directory}/taginfo/tagstats/Makefile" do
+  execute "compile_taginfo_tools" do
     action :nothing
-    command "make"
-    cwd "#{directory}/taginfo/tagstats"
     user "taginfo"
     group "taginfo"
-    subscribes :run, "git[#{directory}/osmium]"
-    subscribes :run, "git[#{directory}/taginfo]"
-    notifies :restart, "service[apache2]"
-  end
-
-  directory "#{directory}/taginfo/web/tmp" do
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
-  end
-
-  directory "#{directory}/data" do
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
+    cwd "#{directory}/build"
+    command "cmake #{directory}/taginfo-tools -DCMAKE_BUILD_TYPE=Release && make"
+    subscribes :run, "apt_package[libprotozero-dev]"
+    subscribes :run, "apt_package[libosmium2-dev]"
+    subscribes :run, "git[#{directory}/taginfo-tools]"
   end
 
-  directory "#{directory}/data/old" do
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
-  end
-
-  directory "#{directory}/download" do
-    owner "taginfo"
+  git "#{directory}/taginfo" do
+    action :sync
+    repository "https://github.com/taginfo/taginfo.git"
+    revision "osmorg-taginfo-live"
+    depth 1
+    user "taginfo"
     group "taginfo"
-    mode 0755
   end
 
-  directory "#{directory}/sources" do
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
-  end
+  settings = Chef::DelayedEvaluator.new do
+    settings = JSON.parse(IO.read("#{directory}/taginfo/taginfo-config-example.json"))
 
-  directory "#{directory}/planet" do
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
-  end
+    settings["instance"]["url"] = "https://#{site_name}/"
+    settings["instance"]["description"] = description
+    settings["instance"]["about"] = about
+    settings["instance"]["icon"] = "/img/logo/#{icon}.png"
+    settings["instance"]["contact"] = contact
+    settings["instance"]["access_control_allow_origin"] = ""
+    settings["logging"]["directory"] = "/var/log/taginfo/#{site_name}"
+    settings["opensearch"]["shortname"] = "Taginfo"
+    settings["opensearch"]["contact"] = "webmaster@openstreetmap.org"
+    settings["paths"]["bin_dir"] = "#{directory}/build/src"
+    settings["sources"]["download"] = ""
+    settings["sources"]["create"] = "db languages projects wiki wikidata chronology"
+    settings["sources"]["db"]["planetfile"] = "/var/lib/planet/planet.osh.pbf"
+    settings["sources"]["chronology"]["osm_history_file"] = "/var/lib/planet/planet.osh.pbf"
+    settings["tagstats"]["geodistribution"] = "DenseMmapArray"
 
-  remote_file "#{directory}/planet/planet.pbf" do
-    action :create_if_missing
-    source "http://planet.openstreetmap.org/pbf/planet-latest.osm.pbf"
-    owner "taginfo"
-    group "taginfo"
-    mode 0644
+    JSON.pretty_generate(settings)
   end
 
-  directory "#{directory}/planet/log" do
+  file "#{directory}/taginfo-config.json" do
     owner "taginfo"
     group "taginfo"
-    mode 0755
+    mode "644"
+    content settings
+    notifies :restart, "service[apache2]"
   end
 
-  directory "#{directory}/planet/replication" do
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
+  bundle_install "#{directory}/taginfo" do
+    action :nothing
+    user "root"
+    group "root"
+    subscribes :run, "git[#{directory}/taginfo]"
+    notifies :restart, "passenger_application[#{directory}/taginfo/web/public]"
   end
 
-  template "#{directory}/planet/replication/configuration.txt" do
-    source "configuration.txt.erb"
-    owner "taginfo"
-    group "taginfo"
-    mode 0644
+  %w[taginfo/web/tmp bin data data/old download sources].each do |dir|
+    directory "#{directory}/#{dir}" do
+      owner "taginfo"
+      group "taginfo"
+      mode "755"
+    end
   end
 
-  file "#{directory}/planet/replication/download.lock" do
+  template "#{directory}/bin/update" do
+    source "update.erb"
     owner "taginfo"
     group "taginfo"
-    mode 0644
+    mode "755"
+    variables :name => site_name, :directory => directory
   end
 
-  directory "#{directory}/bin" do
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
+  passenger_application "#{directory}/taginfo/web/public" do
+    action :nothing
   end
 
-  template "#{directory}/bin/update-planet" do
-    source "update-planet.erb"
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
-    variables :directory => directory
+  ssl_certificate site_name do
+    domains [site_name] + site_aliases
+    notifies :reload, "service[apache2]"
   end
 
-  template "#{directory}/bin/update-taginfo" do
-    source "update-taginfo.erb"
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
-    variables :directory => directory
+  apache_site site_name do
+    template "apache.erb"
+    directory "#{directory}/taginfo/web/public"
+    variables :aliases => site_aliases
   end
 
-  template "#{directory}/bin/update" do
-    source "update.erb"
-    owner "taginfo"
-    group "taginfo"
-    mode 0755
-    variables :name => name, :directory => directory
+  service "taginfo-update@#{site_name}.timer" do
+    action [:enable, :start]
   end
 
-  apache_site name do
-    template "apache.erb"
-    directory "#{directory}/taginfo/web/public"
+  prometheus_collector "taginfo-#{site_name}" do
+    interval "15m"
+    user "taginfo"
+    path "#{directory}/taginfo/sources/metrics.rb"
+    options "#{directory}/data"
   end
 end