From d5d78aa42c55fcf94c90655a19030bb7da65eeda Mon Sep 17 00:00:00 2001 From: Grant Slater Date: Mon, 3 Apr 2023 12:48:21 +0100 Subject: [PATCH] Switch to using containers for ideditor and hot. Move to naga --- .github/workflows/test-kitchen.yml | 1 + .kitchen.yml | 3 ++ cookbooks/hot/metadata.rb | 2 +- cookbooks/hot/recipes/default.rb | 12 +++----- cookbooks/hot/templates/default/apache.erb | 28 ------------------- cookbooks/ideditor/metadata.rb | 2 +- cookbooks/ideditor/recipes/default.rb | 11 ++------ .../ideditor/templates/default/apache.erb | 27 ------------------ roles/naga.rb | 4 ++- roles/ridley.rb | 4 +-- .../ideditor/serverspec/apache_spec.rb | 21 ++++++++++++++ 11 files changed, 38 insertions(+), 77 deletions(-) delete mode 100644 cookbooks/hot/templates/default/apache.erb delete mode 100644 cookbooks/ideditor/templates/default/apache.erb create mode 100644 test/integration/ideditor/serverspec/apache_spec.rb diff --git a/.github/workflows/test-kitchen.yml b/.github/workflows/test-kitchen.yml index 7159b11de..63b741695 100644 --- a/.github/workflows/test-kitchen.yml +++ b/.github/workflows/test-kitchen.yml @@ -53,6 +53,7 @@ jobs: - gps-tile - hardware - hot + - ideditor - irc - kibana - letsencrypt diff --git a/.kitchen.yml b/.kitchen.yml index 9b18826f2..2b5b581f8 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -185,6 +185,9 @@ suites: - name: hot run_list: - recipe[hot::default] + - name: ideditor + run_list: + - recipe[ideditor::default] - name: irc run_list: - recipe[irc::default] diff --git a/cookbooks/hot/metadata.rb b/cookbooks/hot/metadata.rb index 118521e91..9f689b2f7 100644 --- a/cookbooks/hot/metadata.rb +++ b/cookbooks/hot/metadata.rb @@ -6,4 +6,4 @@ description "Configures hot web site" version "1.0.0" supports "ubuntu" -depends "apache" +depends "podman" diff --git a/cookbooks/hot/recipes/default.rb b/cookbooks/hot/recipes/default.rb index b4d316923..8f12dc193 100644 --- a/cookbooks/hot/recipes/default.rb +++ b/cookbooks/hot/recipes/default.rb @@ -17,13 +17,9 @@ # limitations under the License. # -include_recipe "apache" +include_recipe "podman::apache" -ssl_certificate "hot.openstreetmap.org" do - domains ["hot.openstreetmap.org", "hot.osm.org"] - notifies :reload, "service[apache2]" -end - -apache_site "hot.openstreetmap.org" do - template "apache.erb" +podman_site "hot.openstreetmap.org" do + image "ghcr.io/openstreetmap/hot.openstreetmap.org-website:latest" + aliases ["hot.osm.org"] end diff --git a/cookbooks/hot/templates/default/apache.erb b/cookbooks/hot/templates/default/apache.erb deleted file mode 100644 index 71682aae7..000000000 --- a/cookbooks/hot/templates/default/apache.erb +++ /dev/null @@ -1,28 +0,0 @@ -# DO NOT EDIT - This file is being maintained by Chef - - - ServerName hot.openstreetmap.org - ServerAlias hot.osm.org - ServerAdmin webmaster@openstreetmap.org - - CustomLog /var/log/apache2/hot.openstreetmap.org-access.log combined - ErrorLog /var/log/apache2/hot.openstreetmap.org-error.log - - RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ - RedirectPermanent / https://www.hotosm.org/ - - - - ServerName hot.openstreetmap.org - ServerAlias hot.osm.org - ServerAdmin webmaster@openstreetmap.org - - CustomLog /var/log/apache2/hot.openstreetmap.org-access.log combined - ErrorLog /var/log/apache2/hot.openstreetmap.org-error.log - - SSLEngine on - SSLCertificateFile /etc/ssl/certs/hot.openstreetmap.org.pem - SSLCertificateKeyFile /etc/ssl/private/hot.openstreetmap.org.key - - RedirectPermanent / https://www.hotosm.org/ - diff --git a/cookbooks/ideditor/metadata.rb b/cookbooks/ideditor/metadata.rb index c177fdb9c..dc3b80211 100644 --- a/cookbooks/ideditor/metadata.rb +++ b/cookbooks/ideditor/metadata.rb @@ -6,4 +6,4 @@ description "Configures ideditor.com web site" version "1.0.0" supports "ubuntu" -depends "apache" +depends "podman" diff --git a/cookbooks/ideditor/recipes/default.rb b/cookbooks/ideditor/recipes/default.rb index b65209fa2..753ac1222 100644 --- a/cookbooks/ideditor/recipes/default.rb +++ b/cookbooks/ideditor/recipes/default.rb @@ -17,13 +17,8 @@ # limitations under the License. # -include_recipe "apache" +include_recipe "podman::apache" -ssl_certificate "preview.ideditor.com" do - domains ["preview.ideditor.com"] - notifies :reload, "service[apache2]" -end - -apache_site "preview.ideditor.com" do - template "apache.erb" +podman_site "preview.ideditor.com" do + image "ghcr.io/openstreetmap/preview.ideditor.com-website:latest" end diff --git a/cookbooks/ideditor/templates/default/apache.erb b/cookbooks/ideditor/templates/default/apache.erb deleted file mode 100644 index c9af62747..000000000 --- a/cookbooks/ideditor/templates/default/apache.erb +++ /dev/null @@ -1,27 +0,0 @@ -# DO NOT EDIT - This file is being maintained by Chef - - - ServerName <%= @name %> - ServerAdmin webmaster@openstreetmap.org - - CustomLog /var/log/apache2/<%= @name %>-access.log combined - ErrorLog /var/log/apache2/<%= @name %>-error.log - - RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ - Redirect permanent / https://<%= @name %>/ - - - ServerName <%= @name %> - ServerAdmin webmaster@openstreetmap.org - - CustomLog /var/log/apache2/<%= @name %>-access.log combined - ErrorLog /var/log/apache2/<%= @name %>-error.log - - SSLEngine on - SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem - SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key - - RewriteEngine on - RewriteRule ^/release/?.* https://ideditor-release.netlify.app/ [QSD,L,R=307] - RewriteRule ^/?.* https://ideditor.netlify.app/ [QSD,L,R=307] - diff --git a/roles/naga.rb b/roles/naga.rb index ab310808a..aa9db6707 100644 --- a/roles/naga.rb +++ b/roles/naga.rb @@ -42,5 +42,7 @@ run_list( "role[switch2osm]", "recipe[foundation::owg]", "recipe[foundation::welcome]", - "recipe[stateofthemap::container]" + "recipe[stateofthemap::container]", + "recipe[hot]", + "recipe[ideditor]" ) diff --git a/roles/ridley.rb b/roles/ridley.rb index 60ebf295c..7a653f422 100644 --- a/roles/ridley.rb +++ b/roles/ridley.rb @@ -45,8 +45,6 @@ run_list( "role[blog]", "role[otrs]", "role[donate]", - "recipe[hot]", "recipe[dmca]", - "recipe[dhcpd]", - "recipe[ideditor]" + "recipe[dhcpd]" ) diff --git a/test/integration/ideditor/serverspec/apache_spec.rb b/test/integration/ideditor/serverspec/apache_spec.rb new file mode 100644 index 000000000..dcd625ae5 --- /dev/null +++ b/test/integration/ideditor/serverspec/apache_spec.rb @@ -0,0 +1,21 @@ +require "serverspec" + +# Required by serverspec +set :backend, :exec + +describe package("apache2") do + it { should be_installed } +end + +describe service("apache2") do + it { should be_enabled } + it { should be_running } +end + +describe port(80) do + it { should be_listening.with("tcp6") } +end + +describe port(443) do + it { should be_listening.with("tcp6") } +end -- 2.39.5