X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/0f9b10e62eb9048bfcfa512500adb865ebc1ea79..699e157e3d708f38064eea9072aa210fe5ccac30:/cookbooks/overpass/recipes/default.rb diff --git a/cookbooks/overpass/recipes/default.rb b/cookbooks/overpass/recipes/default.rb index d807eab69..880420226 100644 --- a/cookbooks/overpass/recipes/default.rb +++ b/cookbooks/overpass/recipes/default.rb @@ -23,8 +23,9 @@ include_recipe "apache" username = "overpass" basedir = data_bag_item("accounts", username)["home"] +web_passwords = data_bag_item("web", "passwords") -%w[bin site diffs db src].each do |dirname| +%w[bin site diffs db src munin].each do |dirname| directory "#{basedir}/#{dirname}" do owner username group username @@ -71,6 +72,22 @@ end ## Setup Apache +gem_package "rotp" + +directory "#{basedir}/apache" do + owner "root" + group "root" + mode "755" +end + +template "#{basedir}/apache/totp-filter" do + source "totp-filter.erb" + owner "root" + group "root" + mode "755" + variables :totp_key => web_passwords["totp_key"] +end + ssl_certificate node[:fqdn] do domains [node[:fqdn], node[:overpass][:fqdn]] @@ -79,6 +96,11 @@ end apache_module "cgi" apache_module "headers" +apache_module "rewrite" + +apache_site "default" do + action :disable +end apache_site "#{node[:overpass][:fqdn]}" do template "apache.erb" @@ -188,3 +210,21 @@ end service "overpass-area-processor" do action [:enable] end + +# Munin scripts + +%w[db_lag request_count].each do |name| + template "#{basedir}/munin/overpass_#{name}" do + source "munin_#{name}.erb" + owner username + group username + mode "755" + variables :basedir => basedir + end + + munin_plugin "overpass_#{name}" do + target "#{basedir}/munin/overpass_#{name}" + conf "munin.erb" + conf_variables :user => username + end +end