Enable CSP in report only mode for the main web site
[chef.git] / cookbooks / web / definitions / rails_port.rb
index 6773cf9..6985528 100644 (file)
@@ -28,6 +28,7 @@ define :rails_port, :action => [:create, :enable] do
   rails_repository = params[:repository] || "git://git.openstreetmap.org/rails.git"
   rails_revision = params[:revision] || "live"
   run_migrations = params[:run_migrations] || false
+  email_from = params[:email_from] || "OpenStreetMap <support@openstreetmap.org>"
   status = params[:status] || "online"
 
   database_params = {
@@ -109,12 +110,19 @@ define :rails_port, :action => [:create, :enable] do
   end
 
   application_yml = edit_file "#{rails_directory}/config/example.application.yml" do |line|
+    line.gsub!(/^( *)server_protocol:.*$/, "\\1server_protocol: \"https\"")
     line.gsub!(/^( *)server_url:.*$/, "\\1server_url: \"#{name}\"")
 
+    line.gsub!(/^( *)#publisher_url:.*$/, "\\1publisher_url: \"https://plus.google.com/111953119785824514010\"")
+
+    line.gsub!(/^( *)support_email:.*$/, "\\1support_email: \"support@openstreetmap.org\"")
+
     if params[:email_from]
-      line.gsub!(/^( *)email_from:.*$/, "\\1email_from: \"#{params[:email_from]}\"")
+      line.gsub!(/^( *)email_from:.*$/, "\\1email_from: \"#{email_from}\"")
     end
 
+    line.gsub!(/^( *)email_return_path:.*$/, "\\1email_return_path: \"bounces@openstreetmap.org\"")
+
     line.gsub!(/^( *)status:.*$/, "\\1status: :#{status}")
 
     if params[:messages_domain]
@@ -187,6 +195,11 @@ define :rails_port, :action => [:create, :enable] do
       line.gsub!(/^( *)#github_auth_secret:.*$/, "\\1github_auth_secret: \"#{params[:github_auth_secret]}\"")
     end
 
+    if params[:wikipedia_auth_id]
+      line.gsub!(/^( *)#wikipedia_auth_id:.*$/, "\\1wikipedia_auth_id: \"#{params[:wikipedia_auth_id]}\"")
+      line.gsub!(/^( *)#wikipedia_auth_secret:.*$/, "\\1wikipedia_auth_secret: \"#{params[:wikipedia_auth_secret]}\"")
+    end
+
     if params[:mapquest_key]
       line.gsub!(/^( *)#mapquest_key:.*$/, "\\1mapquest_key: \"#{params[:mapquest_key]}\"")
     end
@@ -199,6 +212,14 @@ define :rails_port, :action => [:create, :enable] do
       line.gsub!(/^( *)#thunderforest_key:.*$/, "\\1thunderforest_key: \"#{params[:thunderforest_key]}\"")
     end
 
+    if params[:totp_key]
+      line.gsub!(/^( *)#totp_key:.*$/, "\\1totp_key: \"#{params[:totp_key]}\"")
+    end
+
+    if params[:csp_report_url]
+      line.gsub!(/^( *)#csp_report_url:.*$/, "\\1csp_report_url: \"#{params[:csp_report_url]}\"")
+    end
+
     line.gsub!(/^( *)require_terms_seen:.*$/, "\\1require_terms_seen: true")
     line.gsub!(/^( *)require_terms_agreed:.*$/, "\\1require_terms_agreed: true")
 
@@ -269,20 +290,21 @@ define :rails_port, :action => [:create, :enable] do
     cwd "#{rails_directory}/lib/quad_tile"
     user rails_user
     group rails_group
-    not_if { File.exist?("#{rails_directory}/lib/quad_tile/Makefile") && File.mtime("#{rails_directory}/lib/quad_tile/Makefile") >= File.mtime("#{rails_directory}/lib/quad_tile/extconf.rb") }
+    not_if do
+      File.exist?("#{rails_directory}/lib/quad_tile/quad_tile_so.so") &&
+        File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= File.mtime("#{rails_directory}/lib/quad_tile/extconf.rb") &&
+        File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= File.mtime("#{rails_directory}/lib/quad_tile/quad_tile.c") &&
+        File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= File.mtime("#{rails_directory}/lib/quad_tile/quad_tile.h")
+    end
+    notifies :run, "execute[#{rails_directory}/lib/quad_tile/Makefile]"
   end
 
   execute "#{rails_directory}/lib/quad_tile/Makefile" do
+    action :nothing
     command "make"
     cwd "#{rails_directory}/lib/quad_tile"
     user rails_user
     group rails_group
-    not_if do
-      File.exist?("#{rails_directory}/lib/quad_tile/quad_tile_so.so") &&
-        File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= File.mtime("#{rails_directory}/lib/quad_tile/Makefile") &&
-        File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= File.mtime("#{rails_directory}/lib/quad_tile/quad_tile.c") &&
-        File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= File.mtime("#{rails_directory}/lib/quad_tile/quad_tile.h")
-    end
     notifies :run, "execute[#{rails_directory}]"
   end