5 # Copyright 2011, OpenStreetMap Foundation
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # https://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
21 require "securerandom"
23 include_recipe "apache"
24 include_recipe "passenger"
26 include_recipe "memcached"
27 include_recipe "mysql"
28 include_recipe "nodejs"
29 include_recipe "postgresql"
30 include_recipe "python"
65 python_package "geojson"
68 apache_module "expires"
69 apache_module "headers"
71 apache_module "proxy_fcgi"
72 apache_module "rewrite"
73 apache_module "suexec"
74 apache_module "userdir"
77 package "apache2-suexec-pristine"
79 service "php7.2-fpm" do
80 action [:enable, :start]
83 template "/etc/php/7.2/fpm/pool.d/default.conf" do
84 source "fpm-default.conf.erb"
88 notifies :reload, "service[php7.2-fpm]"
91 file "/etc/php/7.2/fpm/pool.d/www.conf" do
93 notifies :reload, "service[php7.2-fpm]"
96 directory "/srv/dev.openstreetmap.org" do
102 template "/srv/dev.openstreetmap.org/index.html" do
103 source "dev.html.erb"
109 ssl_certificate "dev.openstreetmap.org" do
110 domains "dev.openstreetmap.org"
111 notifies :reload, "service[apache2]"
114 apache_site "dev.openstreetmap.org" do
115 template "apache.dev.erb"
120 template "/etc/phppgadmin/config.inc.php" do
121 source "phppgadmin.conf.erb"
127 file "/etc/apache2/conf.d/phppgadmin" do
131 ssl_certificate "phppgadmin.dev.openstreetmap.org" do
132 domains "phppgadmin.dev.openstreetmap.org"
133 notifies :reload, "service[apache2]"
136 apache_site "phppgadmin.dev.openstreetmap.org" do
137 template "apache.phppgadmin.erb"
140 search(:accounts, "*:*").each do |account|
142 details = node[:accounts][:users][name] || {}
144 next unless %w[user administrator].include?(details[:status])
146 user_home = details[:home] || account["home"] || "#{node[:accounts][:home]}/#{name}"
148 next unless File.directory?("#{user_home}/public_html")
150 port = 7000 + account["uid"].to_i
152 template "/etc/php/7.2/fpm/pool.d/#{name}.conf" do
153 source "fpm.conf.erb"
157 variables :user => name, :port => port
158 notifies :reload, "service[php7.2-fpm]"
161 ssl_certificate "#{name}.dev.openstreetmap.org" do
162 domains ["#{name}.dev.openstreetmap.org", "#{name}.dev.osm.org"]
163 notifies :reload, "service[apache2]"
166 apache_site "#{name}.dev.openstreetmap.org" do
167 template "apache.user.erb"
168 directory "#{user_home}/public_html"
169 variables :user => name, :port => port
172 template "/etc/sudoers.d/#{name}" do
173 source "sudoers.user.erb"
177 variables :user => name
181 if node[:postgresql][:clusters][:"9.5/main"]
182 postgresql_user "apis" do
186 template "/usr/local/bin/cleanup-rails-assets" do
188 source "cleanup-assets.erb"
194 node[:dev][:rails].each do |name, details|
195 database_name = details[:database] || "apis_#{name}"
196 site_name = "#{name}.apis.dev.openstreetmap.org"
197 rails_directory = "/srv/#{name}.apis.dev.openstreetmap.org"
199 if details[:repository]
200 site_aliases = details[:aliases] || []
201 secret_key_base = details[:secret_key_base] || SecureRandom.base64(96)
203 node.normal[:dev][:rails][name][:secret_key_base] = secret_key_base
205 postgresql_database database_name do
210 postgresql_extension "#{database_name}_btree_gist" do
212 database database_name
213 extension "btree_gist"
216 rails_port site_name do
217 ruby node[:passenger][:ruby_version]
218 directory rails_directory
221 repository details[:repository]
222 revision details[:revision]
223 database_port node[:postgresql][:clusters][:"9.5/main"][:port]
224 database_name database_name
225 database_username "apis"
226 memcache_servers ["127.0.0.1"]
231 template "#{rails_directory}/config/initializers/setup.rb" do
232 source "rails.setup.rb.erb"
236 variables :site => site_name
237 notifies :restart, "rails_port[#{site_name}]"
240 ssl_certificate site_name do
241 domains [site_name] + site_aliases
242 notifies :reload, "service[apache2]"
245 apache_site site_name do
246 template "apache.rails.erb"
247 variables :name => site_name, :aliases => site_aliases, :secret_key_base => secret_key_base
250 apache_site site_name do
254 directory rails_directory do
259 file "/etc/cron.daily/rails-#{site_name.tr('.', '-')}" do
263 postgresql_database database_name do
268 node.normal[:dev][:rails].delete(name)
272 directory "/srv/apis.dev.openstreetmap.org" do
278 template "/srv/apis.dev.openstreetmap.org/index.html" do
279 source "apis.html.erb"
285 ssl_certificate "apis.dev.openstreetmap.org" do
286 domains "apis.dev.openstreetmap.org"
287 notifies :reload, "service[apache2]"
290 apache_site "apis.dev.openstreetmap.org" do
291 template "apache.apis.erb"
294 node[:postgresql][:clusters].each_key do |name|
295 postgresql_munin name do
302 directory "/srv/ooc.openstreetmap.org" do
308 remote_directory "/srv/ooc.openstreetmap.org/html" do
318 ssl_certificate "ooc.openstreetmap.org" do
319 domains ["ooc.openstreetmap.org",
320 "a.ooc.openstreetmap.org",
321 "b.ooc.openstreetmap.org",
322 "c.ooc.openstreetmap.org"]
323 notifies :reload, "service[apache2]"
326 apache_site "ooc.openstreetmap.org" do
327 template "apache.ooc.erb"