Switch to emergency frontend only setup

[chef.git] / cookbooks / web / recipes / frontend.rb

diff --git a/cookbooks/web/recipes/frontend.rb b/cookbooks/web/recipes/frontend.rb
index 8ed2db77b0fb4eaadd7c8b0f51233aed1b4d420c..4c50df6681246edf05242ecc1a8f902667a9cb29 100644 (file)
--- a/cookbooks/web/recipes/frontend.rb
+++ b/cookbooks/web/recipes/frontend.rb
@@ -17,23 +17,31 @@
 # limitations under the License.
 #
 
+include_recipe "memcached"
 include_recipe "apache::ssl"
 include_recipe "web::rails"
+include_recipe "web::cgimap"
+
+web_passwords = data_bag_item("web", "passwords")
 
 apache_module "alias"
 apache_module "deflate"
 apache_module "expires"
 apache_module "headers"
+apache_module "proxy_fcgi"
 apache_module "proxy_http"
 apache_module "proxy_balancer"
+apache_module "lbmethod_byrequests"
+apache_module "lbmethod_bybusyness"
 apache_module "rewrite"
 
 apache_site "default" do
-  action [ :disable ]
+  action [:disable]
 end
 
 apache_site "www.openstreetmap.org" do
   template "apache.frontend.erb"
+  variables :secret_key_base => web_passwords["secret_key_base"]
 end
 
 gem_package "hpricot"
@@ -58,3 +66,25 @@ end
 munin_plugin "api_waits_#{node[:hostname]}" do
   target "api_waits_"
 end
+
+node.set[:memcached][:ip_address] = node.external_ipaddress
+
+firewall_rule "accept-memcache-tcp" do
+  action :accept
+  family "inet"
+  source "ic"
+  dest "fw"
+  proto "tcp"
+  dest_ports "11211"
+  source_ports "1024:"
+end
+
+firewall_rule "accept-memcache-udp" do
+  action :accept
+  family "inet"
+  source "ic"
+  dest "fw"
+  proto "udp"
+  dest_ports "11211"
+  source_ports "1024:"
+end