# limitations under the License.
#
-include_recipe "memcached"
include_recipe "apache::ssl"
include_recipe "web::rails"
-include_recipe "web::cgimap"
web_passwords = data_bag_item("web", "passwords")
apache_module "deflate"
apache_module "expires"
apache_module "headers"
-apache_module "proxy_fcgi"
apache_module "proxy_http"
apache_module "proxy_balancer"
apache_module "lbmethod_byrequests"
munin_plugin "api_waits_#{node[:hostname]}" do
target "api_waits_"
end
-
-node.set[:memcached][:ip_address] = node.external_ipaddress
-
-firewall_rule "accept-memcache-tcp" do
- action :accept
- family "inet"
- source "ic"
- dest "fw"
- proto "tcp"
- dest_ports "11211"
- source_ports "1024:"
-end
-
-firewall_rule "accept-memcache-udp" do
- action :accept
- family "inet"
- source "ic"
- dest "fw"
- proto "udp"
- dest_ports "11211"
- source_ports "1024:"
-end
gpx_dir "/store/rails/gpx"
attachments_dir "/store/rails/attachments"
log_path "#{node[:web][:log_directory]}/rails.log"
- memcache_servers %w(193.63.75.99 193.63.75.100 193.63.75.103)
+ memcache_servers %w(rails1 rails2 rails3)
potlatch2_key web_passwords["potlatch2_key"]
id_key web_passwords["id_key"]
oauth_key web_passwords["oauth_key"]
Alias /attachments /store/rails/attachments
#
- # Pass supported calls to cgimap
+ # Preserve the host name when forwarding to the proxy
#
- RewriteRule ^/api/0\.6/map$ fcgi://127.0.0.1:8000$0 [P]
- RewriteCond %{REQUEST_METHOD} ^(HEAD|GET)$
- RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+$ fcgi://127.0.0.1:8000$0 [P]
- RewriteRule ^/api/0\.6/(way|relation)/[0-9]+/full$ fcgi://127.0.0.1:8000$0 [P]
- RewriteRule ^/api/0\.6/(nodes|ways|relations)$ fcgi://127.0.0.1:8000$0 [P]
+ ProxyPreserveHost on
+
+ #
+ # Set a long timeout - changeset uploads can take a long time
+ #
+ ProxyTimeout 3600
+
+ #
+ # Allow all proxy requests
+ #
+ <Proxy *>
+ Allow from all
+ </Proxy>
+
+ #
+ # Pass some other API calls to the backends via a load balancer
+ #
+ ProxyPass /api/0.6/map balancer://backend/api/0.6/map
+ ProxyPass /api/0.6/tracepoints balancer://backend/api/0.6/tracepoints
+ ProxyPass /api/0.6/amf/read balancer://backend/api/0.6/amf/read
+ ProxyPass /api/0.6/swf/trackpoints balancer://backend/api/0.6/swf/trackpoints
+ ProxyPassMatch ^(/api/0\.6/changeset/[0-9]+/(upload|download))$ balancer://backend$1
+ ProxyPassMatch ^(/api/0\.6/(node|way|relation)/[0-9]+)$ balancer://backend$1
+ ProxyPassMatch ^(/api/0\.6/(node|way|relation)/[0-9]+/(full|history|search|ways))$ balancer://backend$1
+ ProxyPass /api/0.6/nodes balancer://backend/api/0.6/nodes
+ ProxyPass /api/0.6/ways balancer://backend/api/0.6/ways
+ ProxyPass /api/0.6/relations balancer://backend/api/0.6/relations
+ ProxyPassMatch ^(/trace/[0-9]+/data(|/|.xml))$ balancer://backend$1
#
# Redirect trac and wiki requests to the right places
#
RedirectPermanent /images/osm_logo.png http://www.openstreetmap.org/assets/osm_logo.png
RedirectPermanent /images/cc_button.png http://www.openstreetmap.org/assets/cc_button.png
+
+ #
+ # Define a load balancer for the backends
+ #
+ <Proxy balancer://backend>
+ ProxySet lbmethod=bybusyness
+<% if port == 443 -%>
+ BalancerMember https://rails1 disablereuse=on
+ BalancerMember https://rails2 disablereuse=on
+ BalancerMember https://rails3 disablereuse=on
+<% else -%>
+ BalancerMember http://rails1
+ BalancerMember http://rails2
+ BalancerMember http://rails3
+<% end -%>
+ </Proxy>
<% if port == 80 -%>
#
:checkpoint_completion_target => "0.8",
:cpu_tuple_cost => "0.1",
:late_authentication_rules => [
- { :address => "146.179.159.160/27" },
- { :address => "193.63.75.96/27" }
+ { :address => "146.179.159.160/27" }
]
}
}
projects / chef.git / commitdiff