X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/0f9b10e62eb9048bfcfa512500adb865ebc1ea79..a627b8b2958a004bc980fb0724cf1962e030b3a5:/cookbooks/overpass/recipes/default.rb?ds=inline diff --git a/cookbooks/overpass/recipes/default.rb b/cookbooks/overpass/recipes/default.rb index d807eab69..690a28445 100644 --- a/cookbooks/overpass/recipes/default.rb +++ b/cookbooks/overpass/recipes/default.rb @@ -18,13 +18,15 @@ # include_recipe "accounts" -include_recipe "munin" include_recipe "apache" +include_recipe "munin" +include_recipe "ruby" username = "overpass" basedir = data_bag_item("accounts", username)["home"] +web_passwords = data_bag_item("web", "passwords") -%w[bin site diffs db src].each do |dirname| +%w[bin site diffs db src munin].each do |dirname| directory "#{basedir}/#{dirname}" do owner username group username @@ -71,6 +73,24 @@ end ## Setup Apache +gem_package "rotp" do + gem_binary node[:ruby][:gem] +end + +directory "#{basedir}/apache" do + owner "root" + group "root" + mode "755" +end + +template "#{basedir}/apache/totp-filter" do + source "totp-filter.erb" + owner "root" + group "root" + mode "755" + variables :totp_key => web_passwords["totp_key"] +end + ssl_certificate node[:fqdn] do domains [node[:fqdn], node[:overpass][:fqdn]] @@ -79,6 +99,11 @@ end apache_module "cgi" apache_module "headers" +apache_module "rewrite" + +apache_site "default" do + action :disable +end apache_site "#{node[:overpass][:fqdn]}" do template "apache.erb" @@ -188,3 +213,29 @@ end service "overpass-area-processor" do action [:enable] end + +template "/etc/logrotate.d/overpass" do + source "logrotate.erb" + owner "root" + group "root" + mode "644" + variables :logdir => logdir +end + +# Munin scripts + +%w[db_lag request_count].each do |name| + template "#{basedir}/munin/overpass_#{name}" do + source "munin_#{name}.erb" + owner username + group username + mode "755" + variables :basedir => basedir + end + + munin_plugin "overpass_#{name}" do + target "#{basedir}/munin/overpass_#{name}" + conf "munin.erb" + conf_variables :user => username + end +end