X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/7b058886e60a6ee9ac09bc07a3bfd3ed048a40a0..6e483ccb211cc0479ddf0c6365b6e92d509a71c4:/cookbooks/web/resources/rails_port.rb diff --git a/cookbooks/web/resources/rails_port.rb b/cookbooks/web/resources/rails_port.rb index d7f2e012d..d275afede 100644 --- a/cookbooks/web/resources/rails_port.rb +++ b/cookbooks/web/resources/rails_port.rb @@ -1,14 +1,14 @@ # -# Cookbook Name:: web +# Cookbook:: web # Resource:: rails_port # -# Copyright 2012, OpenStreetMap Foundation +# Copyright:: 2012, OpenStreetMap Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -20,17 +20,21 @@ require "yaml" resource_name :rails_port +provides :rails_port + +unified_mode true default_action :create -property :site, String, :name_attribute => true +property :site, String, :name_property => true property :ruby, String, :default => "2.3" property :directory, String property :user, String property :group, String -property :repository, String, :default => "git://git.openstreetmap.org/rails.git" +property :repository, String, :default => "https://git.openstreetmap.org/public/rails.git" property :revision, String, :default => "live" -property :run_migrations, [TrueClass, FalseClass], :default => false +property :run_migrations, [true, false], :default => false +property :build_assets, [true, false], :default => true property :email_from, String, :default => "OpenStreetMap " property :status, String, :default => "online" property :database_host, String @@ -61,12 +65,17 @@ property :github_auth_id, String property :github_auth_secret, String property :wikipedia_auth_id, String property :wikipedia_auth_secret, String -property :mapquest_key, String -property :mapzen_valhalla_key, String property :thunderforest_key, String property :totp_key, String +property :csp_enforce, [true, false], :default => false property :csp_report_url, String property :piwik_configuration, Hash +property :trace_use_job_queue, [true, false], :default => false +property :diary_feed_delay, Integer +property :storage_configuration, Hash, :default => {} +property :storage_service, String, :default => "local" +property :storage_url, String +property :tile_cdn_url, String action :create do package %W[ @@ -74,51 +83,60 @@ action :create do ruby#{new_resource.ruby}-dev imagemagick nodejs - geoip-database + tzdata ] package %w[ g++ + make pkg-config libpq-dev libsasl2-dev libxml2-dev libxslt1-dev libmemcached-dev + libffi-dev + libgd-dev + libarchive-dev + libbz2-dev + ] + + package %w[ + pngcrush + advancecomp + optipng + pngquant + jhead + jpegoptim + gifsicle + libjpeg-turbo-progs ] gem_package "bundler#{new_resource.ruby}" do package_name "bundler" - version "1.3.5" + version "2.1.4" gem_binary "gem#{new_resource.ruby}" options "--format-executable" end - file "/usr/lib/ruby/1.8/rack.rb" do - action :delete - end - - declare_resource :directory, "/usr/lib/ruby/1.8/rack" do - action :delete - recursive true + gem_package "bundler#{new_resource.ruby}" do + package_name "pkg-config" + gem_binary "gem#{new_resource.ruby}" end declare_resource :directory, rails_directory do owner new_resource.user group new_resource.group - mode 0o2775 + mode "2775" end git rails_directory do action :sync repository new_resource.repository revision new_resource.revision + depth 1 user new_resource.user group new_resource.group - notifies :run, "execute[#{rails_directory}/Gemfile]" - notifies :run, "execute[#{rails_directory}/public/assets]" - notifies :delete, "file[#{rails_directory}/public/export/embed.html]" - notifies :run, "execute[#{rails_directory}]" end declare_resource :directory, "#{rails_directory}/tmp" do @@ -136,25 +154,22 @@ action :create do source "database.yml.erb" owner new_resource.user group new_resource.group - mode 0o664 + mode "664" variables :host => new_resource.database_host, :port => new_resource.database_port, :name => new_resource.database_name, :username => new_resource.database_username, :password => new_resource.database_password - notifies :run, "execute[#{rails_directory}]" end application_yml = edit_file "#{rails_directory}/config/example.application.yml" do |line| line.gsub!(/^( *)server_protocol:.*$/, "\\1server_protocol: \"https\"") line.gsub!(/^( *)server_url:.*$/, "\\1server_url: \"#{new_resource.site}\"") - line.gsub!(/^( *)#publisher_url:.*$/, "\\1publisher_url: \"https://plus.google.com/111953119785824514010\"") - line.gsub!(/^( *)support_email:.*$/, "\\1support_email: \"support@openstreetmap.org\"") if new_resource.email_from - line.gsub!(/^( *)email_from:.*$/, "\\1email_from: \"#{email_from}\"") + line.gsub!(/^( *)email_from:.*$/, "\\1email_from: \"#{new_resource.email_from}\"") end line.gsub!(/^( *)email_return_path:.*$/, "\\1email_return_path: \"bounces@openstreetmap.org\"") @@ -167,7 +182,7 @@ action :create do line.gsub!(/^( *)#geonames_username:.*$/, "\\1geonames_username: \"openstreetmap\"") - line.gsub!(/^( *)#geoip_database:.*$/, "\\1geoip_database: \"/usr/share/GeoIP/GeoIPv6.dat\"") + line.gsub!(/^( *)#maxmind_database:.*$/, "\\1maxmind_database: \"/usr/share/GeoIP/GeoLite2-Country.mmdb\"") if new_resource.gpx_dir line.gsub!(/^( *)gpx_trace_dir:.*$/, "\\1gpx_trace_dir: \"#{new_resource.gpx_dir}/traces\"") @@ -236,14 +251,6 @@ action :create do line.gsub!(/^( *)#wikipedia_auth_secret:.*$/, "\\1wikipedia_auth_secret: \"#{new_resource.wikipedia_auth_secret}\"") end - if new_resource.mapquest_key - line.gsub!(/^( *)#mapquest_key:.*$/, "\\1mapquest_key: \"#{new_resource.mapquest_key}\"") - end - - if new_resource.mapzen_valhalla_key - line.gsub!(/^( *)#mapzen_valhalla_key:.*$/, "\\1mapzen_valhalla_key: \"#{new_resource.mapzen_valhalla_key}\"") - end - if new_resource.thunderforest_key line.gsub!(/^( *)#thunderforest_key:.*$/, "\\1thunderforest_key: \"#{new_resource.thunderforest_key}\"") end @@ -252,36 +259,118 @@ action :create do line.gsub!(/^( *)#totp_key:.*$/, "\\1totp_key: \"#{new_resource.totp_key}\"") end + if new_resource.csp_enforce + line.gsub!(/^( *)csp_enforce:.*$/, "\\1csp_enforce: \"#{new_resource.csp_enforce}\"") + end + if new_resource.csp_report_url line.gsub!(/^( *)#csp_report_url:.*$/, "\\1csp_report_url: \"#{new_resource.csp_report_url}\"") end line.gsub!(/^( *)require_terms_seen:.*$/, "\\1require_terms_seen: true") line.gsub!(/^( *)require_terms_agreed:.*$/, "\\1require_terms_agreed: true") + line.gsub!(/^( *)trace_use_job_queue:.*$/, "\\1trace_use_job_queue: false") line end - file "#{rails_directory}/config/application.yml" do + file "create:#{rails_directory}/config/application.yml" do + path "#{rails_directory}/config/application.yml" owner new_resource.user group new_resource.group - mode 0o664 + mode "664" content application_yml - notifies :run, "execute[#{rails_directory}/public/assets]" + only_if { ::File.exist?("#{rails_directory}/config/example.application.yml") } + end + + file "delete:#{rails_directory}/config/application.yml" do + path "#{rails_directory}/config/application.yml" + action :delete + not_if { ::File.exist?("#{rails_directory}/config/example.application.yml") } + end + + settings = new_resource.to_hash.transform_keys(&:to_s).slice( + "email_from", + "status", + "messages_domain", + "attachments_dir", + "log_path", + "logstash_path", + "potlatch2_key", + "id_key", + "oauth_key", + "nominatim_url", + "osrm_url", + "google_auth_id", + "google_auth_secret", + "google_openid_realm", + "facebook_auth_id", + "facebook_auth_secret", + "windowslive_auth_id", + "windowslive_auth_secret", + "github_auth_id", + "github_auth_secret", + "wikipedia_auth_id", + "wikipedia_auth_secret", + "thunderforest_key", + "totp_key", + "csp_enforce", + "csp_report_url", + "trace_use_job_queue", + "diary_feed_delay", + "storage_service", + "storage_url", + "tile_cdn_url" + ).compact.merge( + "server_protocol" => "https", + "server_url" => new_resource.site, + "support_email" => "support@openstreetmap.org", + "email_return_path" => "bounces@openstreetmap.org", + "geonames_username" => "openstreetmap", + "maxmind_database" => "/usr/share/GeoIP/GeoLite2-Country.mmdb" + ) + + if new_resource.memcache_servers + settings["memcache_servers"] = new_resource.memcache_servers.to_a + end + + if new_resource.gpx_dir + settings["gpx_trace_dir"] = "#{new_resource.gpx_dir}/traces" + settings["gpx_image_dir"] = "#{new_resource.gpx_dir}/images" + end + + file "#{rails_directory}/config/settings.local.yml" do + owner new_resource.user + group new_resource.group + mode "664" + content YAML.dump(settings) + only_if { ::File.exist?("#{rails_directory}/config/settings.yml") } + end + + storage_configuration = new_resource.storage_configuration.merge( + "local" => { + "service" => "Disk", + "root" => "#{rails_directory}/storage" + } + ) + + file "#{rails_directory}/config/storage.yml" do + owner new_resource.user + group new_resource.group + mode "664" + content YAML.dump(storage_configuration) end if new_resource.piwik_configuration file "#{rails_directory}/config/piwik.yml" do owner new_resource.user group new_resource.group - mode 0o664 + mode "664" content YAML.dump(new_resource.piwik_configuration) - notifies :run, "execute[#{rails_directory}/public/assets]" end else file "#{rails_directory}/config/piwik.yml" do action :delete - notifies :run, "execute[#{rails_directory}/public/assets]" end end @@ -293,7 +382,7 @@ action :create do group "root" environment "NOKOGIRI_USE_SYSTEM_LIBRARIES" => "yes" subscribes :run, "gem_package[bundler#{new_resource.ruby}]" - notifies :run, "execute[#{rails_directory}]" + subscribes :run, "git[#{rails_directory}]" end execute "#{rails_directory}/db/migrate" do @@ -303,52 +392,74 @@ action :create do user new_resource.user group new_resource.group subscribes :run, "git[#{rails_directory}]" - notifies :run, "execute[#{rails_directory}]" only_if { new_resource.run_migrations } end - execute "#{rails_directory}/public/assets" do + package "yarnpkg" do + only_if { new_resource.build_assets } + end + + execute "#{rails_directory}/package.json" do action :nothing - command "bundle#{new_resource.ruby} exec rake assets:precompile" - environment "RAILS_ENV" => "production" + command "bundle#{new_resource.ruby} exec rake yarn:install" + environment "HOME" => rails_directory, + "RAILS_ENV" => "production" cwd rails_directory user new_resource.user group new_resource.group - notifies :run, "execute[#{rails_directory}]" + subscribes :run, "git[#{rails_directory}]" + only_if { new_resource.build_assets } end - file "#{rails_directory}/public/export/embed.html" do + execute "#{rails_directory}/app/assets/javascripts/i18n" do action :nothing - end - - execute "#{rails_directory}/lib/quad_tile/extconf.rb" do - command "ruby extconf.rb" - cwd "#{rails_directory}/lib/quad_tile" + command "bundle#{new_resource.ruby} exec rake i18n:js:export" + environment "HOME" => rails_directory, + "RAILS_ENV" => "production" + cwd rails_directory user new_resource.user group new_resource.group - not_if do - ::File.exist?("#{rails_directory}/lib/quad_tile/quad_tile_so.so") && - ::File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= ::File.mtime("#{rails_directory}/lib/quad_tile/extconf.rb") && - ::File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= ::File.mtime("#{rails_directory}/lib/quad_tile/quad_tile.c") && - ::File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= ::File.mtime("#{rails_directory}/lib/quad_tile/quad_tile.h") - end - notifies :run, "execute[#{rails_directory}/lib/quad_tile/Makefile]" + subscribes :run, "git[#{rails_directory}]" + only_if { new_resource.build_assets } end - execute "#{rails_directory}/lib/quad_tile/Makefile" do + execute "#{rails_directory}/public/assets" do action :nothing - command "make" - cwd "#{rails_directory}/lib/quad_tile" + command "bundle#{new_resource.ruby} exec rake assets:precompile" + environment "HOME" => rails_directory, + "RAILS_ENV" => "production" + cwd rails_directory user new_resource.user group new_resource.group - notifies :run, "execute[#{rails_directory}]" + subscribes :run, "git[#{rails_directory}]" + subscribes :run, "file[create:#{rails_directory}/config/application.yml]" + subscribes :run, "file[#{rails_directory}/config/settings.local.yml]" + subscribes :run, "file[#{rails_directory}/config/storage.yml]" + subscribes :run, "file[#{rails_directory}/config/piwik.yml]" + subscribes :run, "execute[#{rails_directory}/package.json]" + subscribes :run, "execute[#{rails_directory}/app/assets/javascripts/i18n]" + only_if { new_resource.build_assets } + end + + file "#{rails_directory}/public/export/embed.html" do + action :nothing + subscribes :delete, "git[#{rails_directory}]" + subscribes :delete, "file[#{rails_directory}/config/settings.local.yml]" end - execute rails_directory do + passenger_application rails_directory do action :nothing - command "passenger-config restart-app --ignore-app-not-running #{rails_directory}" - user "root" - group "root" + subscribes :restart, "git[#{rails_directory}]" + subscribes :restart, "file[#{rails_directory}/config/database.yml]" + subscribes :restart, "file[create:#{rails_directory}/config/application.yml]" + subscribes :restart, "file[#{rails_directory}/config/settings.local.yml]" + subscribes :restart, "file[#{rails_directory}/config/storage.yml]" + subscribes :restart, "file[#{rails_directory}/config/piwik.yml]" + subscribes :restart, "execute[#{rails_directory}/Gemfile]" + subscribes :restart, "execute[#{rails_directory}/db/migrate]" + subscribes :restart, "execute[#{rails_directory}/package.json]" + subscribes :restart, "execute[#{rails_directory}/app/assets/javascripts/i18n]" + subscribes :restart, "execute[#{rails_directory}/public/assets]" only_if { ::File.exist?("/usr/bin/passenger-config") } end @@ -357,17 +468,14 @@ action :create do source "rails.cron.erb" owner "root" group "root" - mode 0o755 + mode "755" variables :directory => rails_directory end end action :restart do - execute rails_directory do - action :run - command "passenger-config restart-app --ignore-app-not-running #{rails_directory}" - user "root" - group "root" + passenger_application rails_directory do + action :restart end end