From 733ae98541c57b39d1a3237fc211b91d36b79c19 Mon Sep 17 00:00:00 2001 From: Grant Slater Date: Sun, 12 Feb 2023 16:24:29 +0000 Subject: [PATCH] irc: Use container Signed-off-by: Grant Slater --- cookbooks/irc/files/default/html/index.html | 75 --------------------- cookbooks/irc/files/default/html/style.css | 11 --- cookbooks/irc/metadata.rb | 1 + cookbooks/irc/recipes/default.rb | 28 +++----- cookbooks/irc/templates/default/apache.erb | 38 +++++------ 5 files changed, 31 insertions(+), 122 deletions(-) delete mode 100644 cookbooks/irc/files/default/html/index.html delete mode 100644 cookbooks/irc/files/default/html/style.css diff --git a/cookbooks/irc/files/default/html/index.html b/cookbooks/irc/files/default/html/index.html deleted file mode 100644 index 21e566806..000000000 --- a/cookbooks/irc/files/default/html/index.html +++ /dev/null @@ -1,75 +0,0 @@ - - - - irc.openstreetmap.org - - - -

irc.openstreetmap.org

- - - - - - - - - - - - - -

Nickname
Channel	- -

- - diff --git a/cookbooks/irc/files/default/html/style.css b/cookbooks/irc/files/default/html/style.css deleted file mode 100644 index 3a8dc0250..000000000 --- a/cookbooks/irc/files/default/html/style.css +++ /dev/null @@ -1,11 +0,0 @@ -h1 { - text-align: center; -} - -div { - display: flex; -} - -form { - margin: auto; -} diff --git a/cookbooks/irc/metadata.rb b/cookbooks/irc/metadata.rb index 6e745f6e6..755e6f9c7 100644 --- a/cookbooks/irc/metadata.rb +++ b/cookbooks/irc/metadata.rb @@ -7,3 +7,4 @@ description "Configures irc.openstreetmap.org" version "1.0.0" supports "ubuntu" depends "apache" +depends "podman" diff --git a/cookbooks/irc/recipes/default.rb b/cookbooks/irc/recipes/default.rb index 7fbc7ff74..ef6332dce 100644 --- a/cookbooks/irc/recipes/default.rb +++ b/cookbooks/irc/recipes/default.rb @@ -18,30 +18,24 @@ # include_recipe "apache" +include_recipe "podman" + +docker_external_port = 8092 + +podman_service "irc.openstreetmap.org" do + description "Container service for irc.openstreetmap.org" + image "ghcr.io/openstreetmap/irc:latest" + ports docker_external_port => "8080" +end ssl_certificate "irc.openstreetmap.org" do domains ["irc.openstreetmap.org", "irc.osm.org"] notifies :reload, "service[apache2]" end -directory "/srv/irc.openstreetmap.org" do - owner "root" - group "root" - mode "755" -end - -remote_directory "/srv/irc.openstreetmap.org/html" do - source "html" - owner "root" - group "root" - mode "755" - files_owner "root" - files_group "root" - files_mode "644" -end +apache_module "proxy_http" apache_site "irc.openstreetmap.org" do template "apache.erb" - directory "/srv/irc.openstreetmap.org/html" - variables :aliases => ["irc.osm.org"] + variables :docker_external_port => docker_external_port, :aliases => ["irc.osm.org"] end diff --git a/cookbooks/irc/templates/default/apache.erb b/cookbooks/irc/templates/default/apache.erb index ceb112e18..55dc39c18 100644 --- a/cookbooks/irc/templates/default/apache.erb +++ b/cookbooks/irc/templates/default/apache.erb @@ -1,17 +1,17 @@ # DO NOT EDIT - This file is being maintained by Chef - + ServerName <%= @name %> +<% @aliases.each do |alias_name| -%> + ServerAlias <%= alias_name %> +<% end -%> ServerAdmin webmaster@openstreetmap.org - SSLEngine on - SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem - SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key - CustomLog /var/log/apache2/<%= @name %>-access.log combined ErrorLog /var/log/apache2/<%= @name %>-error.log - DocumentRoot <%= @directory %> + RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ + RedirectPermanent / https://<%= @name %>/ <% unless @aliases.empty? -%> @@ -22,31 +22,31 @@ <% end -%> ServerAdmin webmaster@openstreetmap.org + CustomLog /var/log/apache2/<%= @name %>-access.log combined + ErrorLog /var/log/apache2/<%= @name %>-error.log + SSLEngine on SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key - CustomLog /var/log/apache2/<%= @name %>-access.log combined - ErrorLog /var/log/apache2/<%= @name %>-error.log - RedirectPermanent / https://<%= @name %>/ <% end -%> - + ServerName <%= @name %> -<% @aliases.each do |alias_name| -%> - ServerAlias <%= alias_name %> -<% end -%> ServerAdmin webmaster@openstreetmap.org CustomLog /var/log/apache2/<%= @name %>-access.log combined ErrorLog /var/log/apache2/<%= @name %>-error.log - RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ - RedirectPermanent / https://<%= @name %>/ - + SSLEngine on + SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem + SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key + + RequestHeader set X-Forwarded-Proto "https" + RequestHeader set X-Forwarded-Port "443" -> - Require all granted - + ProxyPass / http://localhost:<%= @docker_external_port %>/ + ProxyPreserveHost on + -- 2.39.5