From 45c0862be818c87ac9825ed36a7a2e9d3a1aab7c Mon Sep 17 00:00:00 2001 From: Grant Slater Date: Wed, 9 Aug 2023 00:51:49 +0100 Subject: [PATCH] donate: redirect to support.osm.org --- cookbooks/donate/recipes/default.rb | 84 ++----------------- cookbooks/donate/templates/default/apache.erb | 54 +----------- .../donate/templates/default/backup.cron.erb | 21 ----- .../templates/default/db-connect.inc.php.erb | 8 -- .../donate/serverspec/mysql_spec.rb | 23 ----- 5 files changed, 10 insertions(+), 180 deletions(-) delete mode 100644 cookbooks/donate/templates/default/backup.cron.erb delete mode 100644 cookbooks/donate/templates/default/db-connect.inc.php.erb delete mode 100644 test/integration/donate/serverspec/mysql_spec.rb diff --git a/cookbooks/donate/recipes/default.rb b/cookbooks/donate/recipes/default.rb index e03973340..49e46d78f 100644 --- a/cookbooks/donate/recipes/default.rb +++ b/cookbooks/donate/recipes/default.rb @@ -19,60 +19,9 @@ include_recipe "accounts" include_recipe "apache" -include_recipe "git" -include_recipe "mysql" include_recipe "php::fpm" -package %w[ - php-cli - php-curl - php-mysql - php-gd -] - apache_module "headers" -apache_module "proxy" -apache_module "proxy_fcgi" - -passwords = data_bag_item("donate", "passwords") - -database_password = passwords["database"] - -mysql_user "donate@localhost" do - password database_password -end - -mysql_database "donate" do - permissions "donate@localhost" => :all -end - -directory "/srv/donate.openstreetmap.org" do - owner "donate" - group "donate" - mode "755" -end - -git "/srv/donate.openstreetmap.org" do - action :sync - repository "https://github.com/osmfoundation/donation-drive.git" - depth 1 - user "donate" - group "donate" -end - -directory "/srv/donate.openstreetmap.org/data" do - owner "donate" - group "donate" - mode "755" -end - -template "/srv/donate.openstreetmap.org/scripts/db-connect.inc.php" do - source "db-connect.inc.php.erb" - owner "root" - group "donate" - mode "644" - variables :passwords => passwords -end ssl_certificate "donate.openstreetmap.org" do domains ["donate.openstreetmap.org", "donate.openstreetmap.com", @@ -81,40 +30,21 @@ ssl_certificate "donate.openstreetmap.org" do end php_fpm "donate.openstreetmap.org" do - php_admin_values "open_basedir" => "/srv/donate.openstreetmap.org/:/usr/share/php/:/tmp/", - "disable_functions" => "exec,shell_exec,system,passthru,popen,proc_open" - prometheus_port 11101 + action :delete end apache_site "donate.openstreetmap.org" do template "apache.erb" end -systemd_service "osmf-donate" do - description "Update donation list" - exec_start "/usr/bin/php /srv/donate.openstreetmap.org/scripts/update_csv_donate2016.php" - working_directory "/srv/donate.openstreetmap.org/scripts" - user "donate" - sandbox true - memory_deny_write_execute true - restrict_address_families "AF_UNIX" - read_write_paths "/srv/donate.openstreetmap.org/data" -end - -systemd_timer "osmf-donate" do - description "Update donation list" - on_boot_sec "2m" - on_unit_inactive_sec "2m" +service "osmf-donate.timer" do + action [:stop, :disable] end -service "osmf-donate.timer" do - action [:enable, :start] +systemd_service "osmf-donate" do + action :delete end -template "/etc/cron.daily/osmf-donate-backup" do - source "backup.cron.erb" - owner "root" - group "root" - mode "750" - variables :passwords => passwords +file "/etc/cron.daily/osmf-donate-backup" do + action :delete end diff --git a/cookbooks/donate/templates/default/apache.erb b/cookbooks/donate/templates/default/apache.erb index 8bf3dad45..714438f18 100644 --- a/cookbooks/donate/templates/default/apache.erb +++ b/cookbooks/donate/templates/default/apache.erb @@ -18,61 +18,13 @@ SSLEngine on SSLCertificateFile /etc/ssl/certs/donate.openstreetmap.org.pem SSLCertificateKeyFile /etc/ssl/private/donate.openstreetmap.org.key -<% end -%> + + RedirectMatch . https://supporting.openstreetmap.org/donate/ + <% end -%> CustomLog /var/log/apache2/donate.openstreetmap.org-access.log combined ErrorLog /var/log/apache2/donate.openstreetmap.org-error.log - Options -Indexes - - DocumentRoot /srv/donate.openstreetmap.org - - # Alias Dynamic Content to data folder to avoid serving dummy git content - Alias /donors-eur.csv /srv/donate.openstreetmap.org/data/donors-eur.csv - Alias /donors.csv /srv/donate.openstreetmap.org/data/donors.csv - - # Redirect previous compaigns to homepage - Redirect permanent /domain https://donate.openstreetmap.org/ - Redirect permanent /memorial https://donate.openstreetmap.org/ - Redirect permanent /server2011 https://donate.openstreetmap.org/ - Redirect permanent /server2013 https://donate.openstreetmap.org/ - Redirect permanent /server2015 https://donate.openstreetmap.org/ - - - Require all granted - - - SetHandler "proxy:unix:/run/php/php-donate.openstreetmap.org-fpm.sock|fcgi://127.0.0.1" - - - - - Require all denied - - - - Require all denied - - - - Require all denied - - - - Require all denied - - - # Enable deflate compression on .csv files if possible - - DeflateCompressionLevel 9 - AddOutputFilterByType DEFLATE text/csv - - - - ExpiresDefault "access plus 15 minutes" - ExpiresByType text/html "access plus 5 minutes" - ExpiresByType text/csv "access plus 1 minute" - <% end -%> diff --git a/cookbooks/donate/templates/default/backup.cron.erb b/cookbooks/donate/templates/default/backup.cron.erb deleted file mode 100644 index 3782762c3..000000000 --- a/cookbooks/donate/templates/default/backup.cron.erb +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/sh - -# DO NOT EDIT - This file is being maintained by Chef - -T=$(mktemp -d -t -p /var/tmp osm-donate.XXXXXXXXXX) -D=$(date +%Y-%m-%d) -B=osm-donate-$D.tar.gz - -mkdir $T/osm-donate-$D -echo '[mysqldump]' > $T/mysqldump.opts -echo 'user=donate' >> $T/mysqldump.opts -echo 'password=<%= @passwords["database"] %>' >> $T/mysqldump.opts -mysqldump --defaults-file=$T/mysqldump.opts --opt --no-tablespaces donate > $T/osm-donate-$D/osm-donate.sql -ln -s /srv/donate.openstreetmap.org $T/osm-donate-$D/www - -export RSYNC_RSH="ssh -ax" - -nice tar --create --dereference --directory=$T osm-donate-$D | nice gzip --rsyncable -9 > $T/$B -nice rsync --preallocate --fuzzy $T/$B backup::backup - -rm -rf $T diff --git a/cookbooks/donate/templates/default/db-connect.inc.php.erb b/cookbooks/donate/templates/default/db-connect.inc.php.erb deleted file mode 100644 index c4cea1f93..000000000 --- a/cookbooks/donate/templates/default/db-connect.inc.php.erb +++ /dev/null @@ -1,8 +0,0 @@ -','donate'); -if ($_DB_H->connect_errno) { - die('DB Connect Error: ' . $_DB_H->connect_errno); -} -$_DB_H->report_mode = MYSQLI_REPORT_ERROR; -$_DB_H->query('set @@sql_mode = \'\''); -$_DB_H->query('SET NAMES \'utf8\''); diff --git a/test/integration/donate/serverspec/mysql_spec.rb b/test/integration/donate/serverspec/mysql_spec.rb deleted file mode 100644 index 88323fe98..000000000 --- a/test/integration/donate/serverspec/mysql_spec.rb +++ /dev/null @@ -1,23 +0,0 @@ -require "serverspec" - -# Required by serverspec -set :backend, :exec - -mysql_variant = if os[:family] == "ubuntu" - "mysql" - else - "mariadb" - end - -describe package("#{mysql_variant}-server") do - it { should be_installed } -end - -describe service("#{mysql_variant}") do - it { should be_enabled } - it { should be_running } -end - -describe port(3306) do - it { should be_listening.with("tcp") } -end -- 2.39.5