5 # Copyright:: 2011, OpenStreetMap Foundation
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # https://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
21 require "securerandom"
23 include_recipe "apache"
24 include_recipe "passenger"
25 include_recipe "geoipupdate"
27 include_recipe "memcached"
28 include_recipe "munin"
29 include_recipe "mysql"
30 include_recipe "nodejs"
31 include_recipe "php::fpm"
32 include_recipe "postgresql"
33 include_recipe "python"
91 libboost-program-options-dev
92 libboost-date-time-dev
93 libboost-filesystem-dev
135 # Add uk_os_OSTN15_NTv2_OSGBtoETRS.tif used for reprojecting OS data
136 execute "uk_os_OSTN15_NTv2_OSGBtoETRS.tif" do
137 command "projsync --file uk_os_OSTN15_NTv2_OSGBtoETRS.tif --system-directory"
138 not_if { ::File.exist?("/usr/share/proj/uk_os_OSTN15_NTv2_OSGBtoETRS.tif") }
141 nodejs_package "svgo"
143 python_package "geojson" do
148 apache_module "expires"
149 apache_module "headers"
150 apache_module "proxy"
151 apache_module "proxy_fcgi"
152 apache_module "rewrite"
153 apache_module "suexec"
154 apache_module "userdir"
156 apache_module "wsgi" do
157 package "libapache2-mod-wsgi-py3"
160 package "apache2-suexec-pristine"
165 pm_min_spare_servers 2
166 pm_max_spare_servers 6
173 directory "/srv/dev.openstreetmap.org" do
179 template "/srv/dev.openstreetmap.org/index.html" do
180 source "dev.html.erb"
186 ssl_certificate "dev.openstreetmap.org" do
187 domains "dev.openstreetmap.org"
188 notifies :reload, "service[apache2]"
191 apache_site "dev.openstreetmap.org" do
192 template "apache.dev.erb"
197 template "/etc/phppgadmin/config.inc.php" do
198 source "phppgadmin.conf.erb"
204 file "/etc/apache2/conf.d/phppgadmin" do
208 ssl_certificate "phppgadmin.dev.openstreetmap.org" do
209 domains "phppgadmin.dev.openstreetmap.org"
210 notifies :reload, "service[apache2]"
213 apache_site "phppgadmin.dev.openstreetmap.org" do
214 template "apache.phppgadmin.erb"
217 search(:accounts, "*:*").each do |account|
219 details = node[:accounts][:users][name] || {}
221 next unless %w[user administrator].include?(details[:status])
223 user_home = details[:home] || account["home"] || "#{node[:accounts][:home]}/#{name}"
225 next unless File.directory?("#{user_home}/public_html")
232 pm_min_spare_servers 2
233 pm_max_spare_servers 6
234 pm_max_requests 10000
235 request_terminate_timeout 1800
236 environment "HOSTNAME" => "$HOSTNAME",
237 "PATH" => "/usr/local/bin:/usr/bin:/bin",
241 php_values "max_execution_time" => "300",
242 "memory_limit" => "128M",
243 "post_max_size" => "32M",
244 "upload_max_filesize" => "32M"
245 php_admin_values "sendmail_path" => "/usr/sbin/sendmail -t -i -f #{name}@dev.openstreetmap.org",
246 "open_basedir" => "/home/#{name}/:/tmp/:/usr/share/php/"
247 php_flags "display_errors" => "on"
250 ssl_certificate "#{name}.dev.openstreetmap.org" do
251 domains ["#{name}.dev.openstreetmap.org", "#{name}.dev.osm.org"]
252 notifies :reload, "service[apache2]"
255 apache_site "#{name}.dev.openstreetmap.org" do
256 template "apache.user.erb"
257 directory "#{user_home}/public_html"
258 variables :user => name
261 template "/etc/sudoers.d/#{name}" do
262 source "sudoers.user.erb"
266 variables :user => name
270 node[:postgresql][:versions].each do |version|
271 package "postgresql-#{version}-postgis-3"
274 if node[:postgresql][:clusters][:"15/main"]
275 postgresql_user "apis" do
279 template "/usr/local/bin/cleanup-rails-assets" do
281 source "cleanup-assets.erb"
287 systemd_service "rails-jobs@" do
288 description "Rails job queue runner"
290 environment "RAILS_ENV" => "production", "SLEEP_DELAY" => "60"
292 working_directory "/srv/%i.apis.dev.openstreetmap.org/rails"
293 exec_start "#{node[:ruby][:bundle]} exec rails jobs:work"
296 sandbox :enable_network => true
297 restrict_address_families "AF_UNIX"
298 memory_deny_write_execute false
299 read_write_paths "/srv/%i.apis.dev.openstreetmap.org/logs"
302 systemd_service "cgimap@" do
303 description "OpenStreetMap API Server"
305 environment_file "/etc/default/cgimap-%i"
307 exec_start "/srv/%i.apis.dev.openstreetmap.org/cgimap/openstreetmap-cgimap --daemon --port $CGIMAP_PORT --instances 5"
308 exec_reload "/bin/kill -HUP $MAINPID"
309 sandbox :enable_network => true
310 restrict_address_families "AF_UNIX"
311 read_write_paths ["/srv/%i.apis.dev.openstreetmap.org/logs", "/srv/%i.apis.dev.openstreetmap.org/rails/tmp"]
317 Dir.glob("/srv/*.apis.dev.openstreetmap.org").each do |dir|
318 node.default_unless[:dev][:rails][File.basename(dir).split(".").first] = {}
321 node[:dev][:rails].each do |name, details|
322 database_name = details[:database] || "apis_#{name}"
323 site_name = "#{name}.apis.dev.openstreetmap.org"
324 site_directory = "/srv/#{name}.apis.dev.openstreetmap.org"
325 log_directory = "#{site_directory}/logs"
326 rails_directory = "#{site_directory}/rails"
327 cgimap_directory = "#{site_directory}/cgimap"
328 gpx_directory = "#{site_directory}/gpx"
330 if details[:repository]
331 site_aliases = details[:aliases] || []
332 secret_key_base = persistent_token("dev", "rails", name, "secret_key_base")
334 postgresql_database database_name do
339 postgresql_extension "#{database_name}_btree_gist" do
341 database database_name
342 extension "btree_gist"
345 directory site_directory do
351 directory log_directory do
357 directory gpx_directory do
363 directory "#{gpx_directory}/traces" do
369 directory "#{gpx_directory}/images" do
375 rails_port site_name do
376 directory rails_directory
379 repository details[:repository]
380 revision details[:revision]
381 database_port node[:postgresql][:clusters][:"15/main"][:port]
382 database_name database_name
383 database_username "apis"
384 email_from "OpenStreetMap <web@noreply.openstreetmap.org>"
385 gpx_dir gpx_directory
386 log_path "#{log_directory}/rails.log"
387 memcache_servers ["127.0.0.1"]
390 trace_use_job_queue true
393 template "#{rails_directory}/config/initializers/setup.rb" do
394 source "rails.setup.rb.erb"
398 variables :site => site_name
399 notifies :restart, "rails_port[#{site_name}]"
402 service "rails-jobs@#{name}" do
403 action [:enable, :start]
404 supports :restart => true
405 subscribes :restart, "rails_port[#{site_name}]"
406 subscribes :restart, "systemd_service[rails-jobs@]"
407 only_if "fgrep -q delayed_job #{rails_directory}/Gemfile.lock"
410 if details[:cgimap_repository]
411 git cgimap_directory do
413 repository details[:cgimap_repository]
414 revision details[:cgimap_revision]
419 execute "#{cgimap_directory}/autogen.sh" do
421 command "./autogen.sh"
425 subscribes :run, "git[#{cgimap_directory}]", :immediately
428 execute "#{cgimap_directory}/configure" do
430 command "./configure --with-fcgi=/usr --with-boost-libdir=/usr/lib/x86_64-linux-gnu --enable-yajl"
434 subscribes :run, "execute[#{cgimap_directory}/autogen.sh]", :immediately
437 execute "#{cgimap_directory}/Makefile" do
443 subscribes :run, "execute[#{cgimap_directory}/configure]", :immediately
446 template "/etc/default/cgimap-#{name}" do
447 source "cgimap.environment.erb"
451 variables :cgimap_port => cgimap_port,
452 :database_port => node[:postgresql][:clusters][:"15/main"][:port],
453 :database_name => database_name,
454 :log_directory => log_directory
457 service "cgimap@#{name}" do
458 action [:start, :enable]
459 subscribes :restart, "execute[#{cgimap_directory}/Makefile]"
460 subscribes :restart, "template[/etc/default/cgimap-#{name}]"
461 subscribes :restart, "systemd_service[cgimap@]"
465 ssl_certificate site_name do
466 domains [site_name] + site_aliases
467 notifies :reload, "service[apache2]"
470 apache_site site_name do
471 template "apache.rails.erb"
472 variables :application_name => name,
473 :aliases => site_aliases,
474 :secret_key_base => secret_key_base,
475 :cgimap_enabled => details.key?(:cgimap_repository),
476 :cgimap_port => cgimap_port
479 template "/etc/logrotate.d/apis-#{name}" do
480 source "logrotate.apis.erb"
484 variables :name => name,
485 :log_directory => log_directory,
486 :rails_directory => rails_directory
491 file "/etc/logrotate.d/apis-#{name}" do
495 apache_site site_name do
499 service "cgimap@#{name}" do
500 action [:stop, :disable]
503 file "/etc/default/cgimap-#{name}" do
507 service "rails-jobs@#{name}" do
508 action [:stop, :disable]
511 directory site_directory do
516 file "/etc/cron.daily/rails-#{site_name.tr('.', '-')}" do
520 postgresql_database database_name do
527 directory "/srv/apis.dev.openstreetmap.org" do
533 template "/srv/apis.dev.openstreetmap.org/index.html" do
534 source "apis.html.erb"
540 ssl_certificate "apis.dev.openstreetmap.org" do
541 domains "apis.dev.openstreetmap.org"
542 notifies :reload, "service[apache2]"
545 apache_site "apis.dev.openstreetmap.org" do
546 template "apache.apis.erb"
549 node[:postgresql][:clusters].each_key do |name|
550 postgresql_munin name do
557 directory "/srv/ooc.openstreetmap.org" do
563 remote_directory "/srv/ooc.openstreetmap.org/html" do
573 ssl_certificate "ooc.openstreetmap.org" do
574 domains ["ooc.openstreetmap.org",
575 "a.ooc.openstreetmap.org",
576 "b.ooc.openstreetmap.org",
577 "c.ooc.openstreetmap.org"]
578 notifies :reload, "service[apache2]"
581 apache_site "ooc.openstreetmap.org" do
582 template "apache.ooc.erb"
projects / chef.git / blob