cookbooks/civicrm/recipes/default.rb

   1 #
   2 # Cookbook:: civicrm
   3 # Recipe:: default
   4 #
   5 # Copyright:: 2011, OpenStreetMap Foundation
   6 #
   7 # Licensed under the Apache License, Version 2.0 (the "License");
   8 # you may not use this file except in compliance with the License.
   9 # You may obtain a copy of the License at
  10 #
  11 #     https://www.apache.org/licenses/LICENSE-2.0
  12 #
  13 # Unless required by applicable law or agreed to in writing, software
  14 # distributed under the License is distributed on an "AS IS" BASIS,
  15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16 # See the License for the specific language governing permissions and
  17 # limitations under the License.
  18 #
  19
  20 include_recipe "wordpress"
  21 include_recipe "mysql"
  22
  23 package %w[
  24   php-xml
  25   php-curl
  26   rsync
  27   wkhtmltopdf
  28   php-bcmath
  29   php-intl
  30 ]
  31
  32 apache_module "rewrite"
  33
  34 cache_dir = Chef::Config[:file_cache_path]
  35
  36 passwords = data_bag_item("civicrm", "passwords")
  37 wp2fa_encrypt_keys = data_bag_item("civicrm", "wp2fa_encrypt_keys")
  38
  39 database_password = passwords["database"]
  40 site_key = passwords["site_key"]
  41 cred_keys = passwords["cred_keys"]
  42 sign_keys = passwords["sign_keys"]
  43
  44 mysql_user "civicrm@localhost" do
  45   password database_password
  46 end
  47
  48 mysql_database "civicrm" do
  49   permissions "civicrm@localhost" => :all
  50 end
  51
  52 ssl_certificate "join.osmfoundation.org" do
  53   domains [ "join.osmfoundation.org", "crm.osmfoundation.org",
  54             "supporting.osmfoundation.org", "support.osmfoundation.org",
  55             "support.openstreetmap.org", "supporting.osm.org",
  56             "support.osm.org"]
  57   notifies :reload, "service[apache2]"
  58 end
  59
  60 apache_site "join.osmfoundation.org" do
  61   template "apache.erb"
  62 end
  63
  64 wordpress_site "supporting.openstreetmap.org" do
  65   # Do not add extra aliases as this causes issues with civicrm PHP sessions
  66   aliases ["supporting.openstreetmap.org"]
  67   database_name "civicrm"
  68   database_user "civicrm"
  69   database_password database_password
  70   wp2fa_encrypt_key wp2fa_encrypt_keys["key"]
  71   fpm_prometheus_port 11301
  72 end
  73
  74 wordpress_theme "osmblog-wp-theme" do
  75   site "supporting.openstreetmap.org"
  76   repository "https://github.com/osmfoundation/osmblog-wp-theme.git"
  77 end
  78
  79 wordpress_plugin "registration-honeypot" do
  80   site "supporting.openstreetmap.org"
  81 end
  82
  83 wordpress_plugin "contact-form-7" do
  84   site "supporting.openstreetmap.org"
  85 end
  86
  87 wordpress_plugin "civicrm-admin-utilities" do
  88   site "supporting.openstreetmap.org"
  89 end
  90
  91 civicrm_version = node[:civicrm][:version]
  92 civicrm_directory = "/srv/supporting.openstreetmap.org/wp-content/plugins/civicrm"
  93
  94 directory "/opt/civicrm-#{civicrm_version}" do
  95   owner "wordpress"
  96   group "wordpress"
  97   mode "755"
  98 end
  99
 100 remote_file "#{cache_dir}/civicrm-#{civicrm_version}-wordpress.zip" do
 101   action :create_if_missing
 102   source "https://download.civicrm.org/civicrm-#{civicrm_version}-wordpress.zip"
 103   owner "wordpress"
 104   group "wordpress"
 105   mode "644"
 106   backup false
 107 end
 108
 109 remote_file "#{cache_dir}/civicrm-#{civicrm_version}-l10n.tar.gz" do
 110   action :create_if_missing
 111   source "https://download.civicrm.org/civicrm-#{civicrm_version}-l10n.tar.gz"
 112   owner "wordpress"
 113   group "wordpress"
 114   mode "644"
 115   backup false
 116 end
 117
 118 archive_file "#{cache_dir}/civicrm-#{civicrm_version}-wordpress.zip" do
 119   action :nothing
 120   destination "/opt/civicrm-#{civicrm_version}"
 121   overwrite true
 122   owner "wordpress"
 123   group "wordpress"
 124   subscribes :extract, "remote_file[#{cache_dir}/civicrm-#{civicrm_version}-wordpress.zip]", :immediately
 125 end
 126
 127 archive_file "#{cache_dir}/civicrm-#{civicrm_version}-l10n.tar.gz" do
 128   action :nothing
 129   destination "/opt/civicrm-#{civicrm_version}/civicrm"
 130   overwrite true
 131   owner "wordpress"
 132   group "wordpress"
 133   subscribes :extract, "remote_file[#{cache_dir}/civicrm-#{civicrm_version}-l10n.tar.gz]", :immediately
 134 end
 135
 136 execute "/opt/civicrm-#{civicrm_version}/civicrm" do
 137   action :nothing
 138   command "rsync --archive --delete --delete-delay --delay-updates /opt/civicrm-#{civicrm_version}/civicrm/ #{civicrm_directory}"
 139   user "wordpress"
 140   group "wordpress"
 141   subscribes :run, "archive_file[#{cache_dir}/civicrm-#{civicrm_version}-wordpress.zip]", :immediately
 142   subscribes :run, "archive_file[#{cache_dir}/civicrm-#{civicrm_version}-l10n.tar.gz]", :immediately
 143 end
 144
 145 directory "/srv/supporting.openstreetmap.org/wp-content/uploads" do
 146   owner "www-data"
 147   group "www-data"
 148   mode "755"
 149 end
 150
 151 extensions_directory = "/srv/supporting.openstreetmap.org/wp-content/plugins/civicrm-extensions"
 152
 153 directory extensions_directory do
 154   owner "wordpress"
 155   group "wordpress"
 156   mode "755"
 157 end
 158
 159 node[:civicrm][:extensions].each_value do |details|
 160   git "#{extensions_directory}/#{details[:name]}" do
 161     action :sync
 162     repository details[:repository]
 163     revision details[:revision]
 164     user "wordpress"
 165     group "wordpress"
 166   end
 167 end
 168
 169 settings = edit_file "#{civicrm_directory}/civicrm/templates/CRM/common/civicrm.settings.php.template" do |line|
 170   line.gsub!(/%%cms%%/, "WordPress")
 171   line.gsub!(/%%CMSdbUser%%/, "civicrm")
 172   line.gsub!(/%%CMSdbPass%%/, database_password)
 173   line.gsub!(/%%CMSdbHost%%/, "localhost")
 174   line.gsub!(/%%CMSdbName%%/, "civicrm")
 175   line.gsub!(/%%dbUser%%/, "civicrm")
 176   line.gsub!(/%%dbPass%%/, database_password)
 177   line.gsub!(/%%dbHost%%/, "localhost")
 178   line.gsub!(/%%dbName%%/, "civicrm")
 179   line.gsub!(/%%crmRoot%%/, "#{civicrm_directory}/civicrm/")
 180   line.gsub!(/%%templateCompileDir%%/, "/srv/supporting.openstreetmap.org/wp-content/uploads/civicrm/templates_c/")
 181   line.gsub!(/%%baseURL%%/, "http://supporting.openstreetmap.org/")
 182   line.gsub!(/%%siteKey%%/, site_key)
 183   line.gsub!(/%%credKeys%%/, cred_keys)
 184   line.gsub!(/%%signKeys%%/, sign_keys)
 185   line.gsub!(%r{// *define\('CIVICRM_CMSDIR', '/path/to/install/root/'\);}, "define('CIVICRM_CMSDIR', '/srv/supporting.openstreetmap.org');")
 186
 187   line
 188 end
 189
 190 file "#{civicrm_directory}/civicrm.settings.php" do
 191   owner "wordpress"
 192   group "wordpress"
 193   mode "644"
 194   content settings
 195 end
 196
 197 systemd_service "osmf-crm-jobs" do
 198   description "Run CRM jobs"
 199   exec_start "/usr/bin/php #{civicrm_directory}/civicrm/bin/cli.php -s supporting.openstreetmap.org -u batch -p \"#{passwords['batch']}\" -e Job -a execute"
 200   user "www-data"
 201   sandbox :enable_network => true
 202   memory_deny_write_execute false
 203   restrict_address_families "AF_UNIX"
 204   read_write_paths "/srv/supporting.openstreetmap.org/wp-content/uploads/civicrm"
 205 end
 206
 207 systemd_timer "osmf-crm-jobs" do
 208   description "Run CRM jobs"
 209   on_boot_sec "15m"
 210   on_unit_inactive_sec "15m"
 211 end
 212
 213 service "osmf-crm-jobs.timer" do
 214   action [:enable, :start]
 215 end
 216
 217 template "/etc/cron.daily/osmf-crm-backup" do
 218   source "backup.cron.erb"
 219   owner "root"
 220   group "root"
 221   mode "750"
 222   variables :passwords => passwords
 223 end