otrs: Add otrs::debian for installing otrs via deb package

[chef.git] / cookbooks / otrs / recipes / debian.rb

diff --git a/cookbooks/otrs/recipes/debian.rb b/cookbooks/otrs/recipes/debian.rb
new file mode 100644 (file)
index 0000000..35bdc14
--- /dev/null
+++ b/cookbooks/otrs/recipes/debian.rb
@@ -0,0 +1,121 @@
+#
+# Cookbook:: otrs
+# Recipe:: debian
+#
+# Copyright:: 2024, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "accounts"
+include_recipe "apache"
+include_recipe "exim"
+include_recipe "postgresql"
+include_recipe "tools"
+
+passwords = data_bag_item("otrs", "passwords")
+
+apache_module "perl" do
+  package "libapache2-mod-perl2"
+end
+
+apache_module "deflate"
+apache_module "headers"
+apache_module "rewrite"
+
+database_cluster = node[:otrs][:database_cluster]
+database_name = node[:otrs][:database_name]
+database_user = node[:otrs][:database_user]
+database_password = passwords[node[:otrs][:database_password]]
+site = node[:otrs][:site]
+site_aliases = node[:otrs][:site_aliases] || []
+
+postgresql_user database_user do
+  cluster database_cluster
+  password database_password
+end
+
+postgresql_database database_name do
+  cluster database_cluster
+  owner database_user
+end
+
+package "dbconfig-common"
+
+template "/etc/dbconfig-common/otrs2.conf" do
+  source "dbconfig.config.erb"
+  owner "root"
+  group "root"
+  mode "600"
+  variables :database_name => database_name,
+            :database_user => database_user,
+            :database_password => database_password
+end
+
+apt_package "otrs2" do
+  options "-t #{node[:lsb][:codename]}-backports"
+end
+
+# Ensure debconf is repopulated on a dbconfig change
+execute "dpkg-reconfigure-otrs2" do
+  action :nothing
+  command "dpkg-reconfigure -fnoninteractive otrs2"
+  subscribes :run, "template[/etc/dbconfig-common/otrs2.conf]"
+end
+
+# Disable deb otrs2 apache config
+apache_conf "otrs2" do
+  action :disable
+end
+
+# Disable deb otrs2 cron job
+file "/etc/cron.d/otrs2" do
+  action :delete
+  manage_symlink_source true
+end
+
+systemd_service "otrs" do
+  description "OTRS Daemon"
+  type "forking"
+  user "otrs"
+  group "otrs"
+  exec_start_pre "-/usr/share/otrs/bin/otrs.Daemon.pl stop" # Stop if race with deb cron
+  exec_start "/usr/share/otrs/bin/otrs.Daemon.pl start"
+  private_tmp true
+  protect_system "strict"
+  protect_home true
+  read_write_paths ["/var/lib/otrs", "/var/log/exim4", "/var/spool/exim4"]
+end
+
+service "otrs" do
+  action [:enable, :start]
+  subscribes :restart, "apt_package[otrs2]"
+  subscribes :restart, "systemd_service[otrs]"
+end
+
+ssl_certificate site do
+  domains [site] + site_aliases
+  notifies :reload, "service[apache2]"
+end
+
+apache_site site do
+  template "apache-debian.erb"
+  variables :aliases => site_aliases
+end
+
+template "/etc/cron.daily/otrs-backup" do
+  source "backup.cron.erb"
+  owner "root"
+  group "root"
+  mode "755"
+end