- elasticsearch
- exim
- fail2ban
- - forum
- foundation-board
- foundation-dwg
- foundation-mwg
- name: fail2ban
run_list:
- recipe[fail2ban::default]
- - name: forum
- run_list:
- - recipe[forum::default]
- name: foundation-board
run_list:
- recipe[foundation::board]
end
ssl_certificate "community.openstreetmap.org" do
- domains ["community.openstreetmap.org", "community.osm.org", "communities.openstreetmap.org", "communities.osm.org", "c.openstreetmap.org", "c.osm.org"]
+ domains ["community.openstreetmap.org", "community.osm.org", "communities.openstreetmap.org", "communities.osm.org", "c.openstreetmap.org", "c.osm.org", "forum.openstreetmap.org", "forum.osm.org"]
notifies :run, "notify_group[discourse_container_new_web_only]"
notifies :run, "notify_group[discourse_container_new_mail_receiver]"
end
+++ /dev/null
-This is an automated response to your email, which was sent to an
-unattended address.
-
-If you are having technical problems with the forums then please
-contact support@openstreetmap.org for assistance.
-
-Thank you,
-
-OpenStreetMap Administrators
+++ /dev/null
-# Forum Cookbook
-
-This cookbook installs and configures the fluxbb forums software used at
-https://forum.openstreetmap.org
+++ /dev/null
-# Enable the "forum" role
-default[:accounts][:users][:forum][:status] = :role
+++ /dev/null
-name "forum"
-maintainer "OpenStreetMap Administrators"
-maintainer_email "admins@openstreetmap.org"
-license "Apache-2.0"
-description "Installs and configures a roundup server"
-
-version "1.0.0"
-supports "ubuntu"
-depends "accounts"
-depends "apache"
-depends "git"
-depends "mysql"
-depends "php"
+++ /dev/null
-#
-# Cookbook:: forum
-# Recipe:: default
-#
-# Copyright:: 2014, OpenStreetMap Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-include_recipe "accounts"
-include_recipe "apache"
-include_recipe "git"
-include_recipe "mysql"
-include_recipe "php::fpm"
-
-cache_dir = Chef::Config[:file_cache_path]
-
-passwords = data_bag_item("forum", "passwords")
-
-package %w[
- php-cli
- php-mysql
- php-xml
- php-apcu
-]
-
-apache_module "env"
-apache_module "rewrite"
-
-ssl_certificate "forum.openstreetmap.org" do
- domains ["forum.openstreetmap.org", "forum.osm.org"]
- notifies :reload, "service[apache2]"
-end
-
-php_fpm "forum.openstreetmap.org" do
- php_admin_values "open_basedir" => "/srv/forum.openstreetmap.org/html/:/usr/share/php/:/tmp/",
- "disable_functions" => "exec,shell_exec,system,passthru,popen,proc_open"
- prometheus_port 9253
-end
-
-apache_site "forum.openstreetmap.org" do
- template "apache.erb"
-end
-
-directory "/srv/forum.openstreetmap.org" do
- owner "forum"
- group "forum"
- mode "755"
-end
-
-git "/srv/forum.openstreetmap.org/html/" do
- action :sync
- repository "http://github.com/openstreetmap/openstreetmap-forum.git"
- revision "openstreetmap-1.5.10"
- depth 1
- user "forum"
- group "forum"
- notifies :reload, "service[apache2]"
-end
-
-remote_file "#{cache_dir}/air3_v0.8.tar.gz" do
- action :create_if_missing
- source "https://github.com/natrius/air3/archive/refs/tags/v0.8.tar.gz"
- owner "root"
- group "root"
- mode "644"
- backup false
-end
-
-archive_file "#{cache_dir}/air3_v0.8.tar.gz" do
- action :nothing
- destination "/srv/forum.openstreetmap.org/html/style"
- strip_components 1
- overwrite true
- owner "forum"
- group "forum"
- subscribes :extract, "remote_file[#{cache_dir}/air3_v0.8.tar.gz]", :immediately
-end
-
-directory "/srv/forum.openstreetmap.org/html/cache/" do
- owner "www-data"
- group "www-data"
- mode "755"
-end
-
-directory "/srv/forum.openstreetmap.org/html/img/avatars/" do
- owner "www-data"
- group "www-data"
- mode "755"
-end
-
-template "/srv/forum.openstreetmap.org/html/config.php" do
- source "config.php.erb"
- owner "forum"
- group "www-data"
- mode "440"
- variables :passwords => passwords
-end
-
-mysql_user "forum@localhost" do
- password passwords["database"]
-end
-
-mysql_database "forum" do
- permissions "forum@localhost" => :all
-end
-
-template "/etc/cron.daily/forum-backup" do
- source "backup.cron.erb"
- owner "root"
- group "root"
- mode "750"
- variables :passwords => passwords
-end
+++ /dev/null
-# DO NOT EDIT - This file is being maintained by Chef
-
-<VirtualHost *:80>
- ServerName forum.openstreetmap.org
- ServerAlias forum.osm.org
- ServerAdmin webmaster@openstreetmap.org
-
- CustomLog /var/log/apache2/forum.openstreetmap.org-access.log combined
- ErrorLog /var/log/apache2/forum.openstreetmap.org-error.log
-
- RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
- RedirectPermanent / https://forum.openstreetmap.org/
-</VirtualHost>
-
-<VirtualHost *:443>
- ServerAlias forum.osm.org
- ServerAdmin webmaster@openstreetmap.org
-
- SSLEngine on
- SSLCertificateFile /etc/ssl/certs/forum.openstreetmap.org.pem
- SSLCertificateKeyFile /etc/ssl/private/forum.openstreetmap.org.key
-
- CustomLog /var/log/apache2/forum.openstreetmap.org-access.log combined
- ErrorLog /var/log/apache2/forum.openstreetmap.org-error.log
-
- RedirectPermanent / https://forum.openstreetmap.org/
-</VirtualHost>
-
-<VirtualHost *:443>
- ServerName forum.openstreetmap.org
- ServerAdmin webmaster@openstreetmap.org
-
- SSLEngine on
- SSLCertificateFile /etc/ssl/certs/forum.openstreetmap.org.pem
- SSLCertificateKeyFile /etc/ssl/private/forum.openstreetmap.org.key
-
- CustomLog /var/log/apache2/forum.openstreetmap.org-access.log combined
- ErrorLog /var/log/apache2/forum.openstreetmap.org-error.log
-
- DocumentRoot /srv/forum.openstreetmap.org/html
-
- <FilesMatch ".+\.ph(ar|p|tml)$">
- SetHandler "proxy:unix:/run/php/php-forum.openstreetmap.org-fpm.sock|fcgi://127.0.0.1"
- </FilesMatch>
-</VirtualHost>
-
-<Directory /srv/forum.openstreetmap.org/html>
- RewriteEngine on
- RewriteRule ^config\.php$ - [F,L]
-
- Options -Indexes
-
- Require all granted
-</Directory>
-
-<Directory /srv/forum.openstreetmap.org/html/img>
- <FilesMatch ".+\.ph(ar|p|tml)$">
- SetHandler None
- </FilesMatch>
-</Directory>
+++ /dev/null
-#!/bin/sh
-
-# DO NOT EDIT - This file is being maintained by Chef
-
-T=$(mktemp -d -t -p /var/tmp forum.XXXXXXXXXX)
-D=$(date +%Y-%m-%d)
-B=forum-$D.tar.gz
-
-mkdir $T/forum-$D
-echo '[mysqldump]' > $T/mysqldump.opts
-echo 'user=forum' >> $T/mysqldump.opts
-echo 'password=<%= @passwords["database"] %>' >> $T/mysqldump.opts
-mysqldump --defaults-file=$T/mysqldump.opts --opt --no-tablespaces forum > $T/forum-$D/forum.sql
-ln -s /srv/forum.openstreetmap.org $T/forum-$D/www
-
-export RSYNC_RSH="ssh -ax"
-
-nice tar --create --dereference --directory=$T forum-$D | nice gzip --rsyncable -9 > $T/$B
-nice rsync --preallocate --fuzzy $T/$B backup::backup
-
-rm -rf $T
+++ /dev/null
-<?php
-
-$db_type = 'mysqli';
-$db_host = 'localhost';
-$db_name = 'forum';
-$db_username = 'forum';
-$db_password = '<%= @passwords["database"] %>';
-$db_prefix = 'osm_';
-$p_connect = false;
-
-$cookie_name = 'forum_cookie';
-$cookie_domain = '';
-$cookie_path = '/';
-$cookie_secure = 1;
-$cookie_seed = '<%= @passwords["cookie_seed"] %>';
-
-define('PUN', 1);
channels = #osm-dev
commit message = [%s|%b|%a] %m %l
-[osm-forum]
-short name = osm-forum
-url = https://github.com/openstreetmap/openstreetmap-forum.git
-branch = openstreetmap-1.5.10
-commit link = https://github.com/openstreetmap/openstreetmap-forum/commit/%c
-channels = #osm-dev
-commit message = [%s|%b|%a] %m %l
-
[osm-osmosis]
short name = osm-osmosis
url = https://github.com/openstreetmap/osmosis.git
description "Master role applied to clifford"
default_attributes(
- :exim => {
- :rewrites => [
- {
- :pattern => "www-data@openstreetmap.org",
- :replacement => "forum@noreply.openstreetmap.org",
- :flags => "F"
- }
- ]
- },
:networking => {
:interfaces => {
:internal_ipv4 => {
run_list(
"role[ucl]",
- "role[hp-dl360-g6]",
- "role[forum]"
+ "role[hp-dl360-g6]"
)
+++ /dev/null
-name "forum"
-description "Role applied to all forum servers"
-
-default_attributes(
- :apache => {
- :mpm => "event",
- :timeout => 60,
- :event => {
- :server_limit => 18,
- :max_request_workers => 450,
- :min_spare_threads => 50,
- :max_spare_threads => 150,
- :listen_cores_buckets_ratio => 4
- }
- }
-)
-
-run_list(
- "recipe[forum]"
-)
+++ /dev/null
-{
- "id": "forum",
- "uid": "522",
- "comment": "Forum",
- "manage_home": false
-}
projects / chef.git / commitdiff