X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/2f23300adc2b6a6730c3d8eaa1bcc45d95b208e6..25dbbcc5db8e8cd3c3ca4466b385e471c4984195:/cookbooks/community/templates/default/web_only.yml.erb diff --git a/cookbooks/community/templates/default/web_only.yml.erb b/cookbooks/community/templates/default/web_only.yml.erb index a3f47dbbe..14c3113c8 100644 --- a/cookbooks/community/templates/default/web_only.yml.erb +++ b/cookbooks/community/templates/default/web_only.yml.erb @@ -19,8 +19,9 @@ links: # any extra arguments for Docker? # docker_args: -params: - version: v2.8.1 +# Workaround bug: https://github.com/discourse/discourse_docker/pull/505 +# params: +# version: v2.8.9 env: LC_ALL: en_US.UTF-8 @@ -31,7 +32,7 @@ env: ## How many concurrent web requests are supported? Depends on memory and CPU cores. ## will be set automatically by bootstrap based on detected CPUs, or you can override - UNICORN_WORKERS: 8 + UNICORN_WORKERS: <%= node[:cpu][:total] %> ## TODO: The domain name this Discourse instance will respond to DISCOURSE_HOSTNAME: community.openstreetmap.org @@ -53,7 +54,7 @@ env: DISCOURSE_SMTP_PASSWORD: # DISCOURSE_SMTP_ENABLE_START_TLS: true # (optional, default true) DISCOURSE_SMTP_DOMAIN: community.openstreetmap.org - DISCOURSE_NOTIFICATION_EMAIL: noreply@community.openstreetmap.org + DISCOURSE_NOTIFICATION_EMAIL: community@noreply.openstreetmap.org ## TODO: configure connectivity to the databases DISCOURSE_DB_SOCKET: '' @@ -64,7 +65,9 @@ env: ## The maxmind geolocation IP address key for IP address lookup ## see https://meta.discourse.org/t/-/137387/23 for details +<% if @license_keys -%> DISCOURSE_MAXMIND_LICENSE_KEY: '<%= @license_keys[node[:geoipupdate][:account]] %>' +<% end -%> volumes: - volume: @@ -75,10 +78,10 @@ volumes: guest: /var/log - volume: host: /etc/ssl/certs/community.openstreetmap.org.pem - guest: /shared/ssl/ssl.crt; + guest: /shared/ssl/ssl.crt - volume: host: /etc/ssl/private/community.openstreetmap.org.key - guest: /shared/ssl/ssl.key;; + guest: /shared/ssl/ssl.key ## Plugins go here ## see https://meta.discourse.org/t/19157 for details @@ -87,42 +90,24 @@ hooks: - exec: cd: $home/plugins cmd: - - git clone --depth 1 https://github.com/discourse/docker_manager.git - git clone --depth 1 https://github.com/discourse/discourse-oauth2-basic.git - git clone --depth 1 https://github.com/discourse/discourse-solved.git - git clone --depth 1 https://github.com/discourse/discourse-canned-replies.git - git clone --depth 1 https://github.com/discourse/discourse-reactions.git + - git clone --depth 1 https://github.com/discourse/discourse-prometheus.git + - git clone --depth 1 https://github.com/discourse/discourse-translator.git + - exec: + cd: $home + cmd: + - git fetch --depth=1 origin tag v2.8.9 --no-tags + - git checkout v2.8.9 after_ssl: - - file: - path: "/etc/nginx/letsencrypt.conf" - contents: | - user www-data; - worker_processes auto; - daemon on; - - events { - worker_connections 768; - # multi_accept on; - } - - http { - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - - access_log /var/log/nginx/access.letsencrypt.log; - error_log /var/log/nginx/error.letsencrypt.log; - - server { - listen 80; - listen [::]:80; - - rewrite ^/\.well-known/acme-challenge/(.*)$ http://acme.openstreetmap.org/.well-known/acme-challenge/$1 permanent; - - } - } + - replace: + filename: "/etc/nginx/conf.d/discourse.conf" + from: /listen 80;/ + to: | + listen 80; + rewrite ^/\.well-known/acme-challenge/(.*)$ http://acme.openstreetmap.org/.well-known/acme-challenge/$1 permanent; - replace: filename: "/etc/nginx/conf.d/discourse.conf"