X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/74d900a73345c80ef4205d1d4c0a3e1b674dad4d..e4a0595002f1f428a98776070ad4677b6433b46f:/cookbooks/trac/recipes/default.rb

diff --git a/cookbooks/trac/recipes/default.rb b/cookbooks/trac/recipes/default.rb
index 551f28e71..347b41b9b 100644
--- a/cookbooks/trac/recipes/default.rb
+++ b/cookbooks/trac/recipes/default.rb
@@ -1,14 +1,14 @@
 #
-# Cookbook Name:: trac
+# Cookbook:: trac
 # Recipe:: default
 #
-# Copyright 2012, OpenStreetMap Foundation
+# Copyright:: 2012, OpenStreetMap Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#     http://www.apache.org/licenses/LICENSE-2.0
+#     https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
@@ -17,15 +17,30 @@
 # limitations under the License.
 #
 
-include_recipe "apache::ssl"
+include_recipe "accounts"
+include_recipe "apache"
 
-package "trac"
-package "trac-git"
-package "ruby"
+package %w[
+  trac
+  ruby
+]
 
 site_name = "trac.openstreetmap.org"
 site_directory = "/srv/#{site_name}"
 
+directory "/var/lib/trac" do
+  owner "trac"
+  group "trac"
+  mode 0o755
+end
+
+execute "trac-initenv-#{site_name}" do
+  command "trac-admin /var/lib/trac initenv #{site_name} sqlite:db/trac.db"
+  user "trac"
+  group "trac"
+  not_if { ::File.exist?("/var/lib/trac/VERSION") }
+end
+
 template "/var/lib/trac/conf/trac.ini" do
   source "trac.ini.erb"
   owner "trac"
@@ -60,7 +75,7 @@ execute "trac-deploy-#{site_name}" do
   command "trac-admin /var/lib/trac deploy #{site_directory}"
   user "root"
   group "root"
-  not_if { File.exist?(site_directory) }
+  not_if { ::File.exist?(site_directory) }
 end
 
 cookbook_file "/usr/local/bin/trac-authenticate" do
@@ -71,16 +86,19 @@ end
 
 apache_module "wsgi"
 
+apache_module "authnz_external" do
+  package "libapache2-mod-authnz-external"
+end
+
 ssl_certificate "trac.openstreetmap.org" do
-  domains "trac.openstreetmap.org"
-  fallback_certificate "openstreetmap"
+  domains ["trac.openstreetmap.org", "trac.osm.org"]
   notifies :reload, "service[apache2]"
 end
 
 apache_site site_name do
   template "apache.erb"
   directory site_directory
-  variables :user => "trac", :group => "trac"
+  variables :user => "trac", :group => "trac", :aliases => ["trac.osm.org"]
 end
 
 template "/etc/sudoers.d/trac" do