Add a load more cookbooks to the public repository
authorTom Hughes <tom@compton.nu>
Mon, 17 Jun 2013 20:38:56 +0000 (21:38 +0100)
committerTom Hughes <tom@compton.nu>
Mon, 17 Jun 2013 20:40:36 +0000 (21:40 +0100)
86 files changed:
cookbooks/civicrm/README.rdoc [new file with mode: 0644]
cookbooks/civicrm/attributes/default.rb [new file with mode: 0644]
cookbooks/civicrm/metadata.rb [new file with mode: 0644]
cookbooks/civicrm/recipes/default.rb [new file with mode: 0644]
cookbooks/civicrm/templates/default/settings_location.php.erb [new file with mode: 0644]
cookbooks/db/README.rdoc [new file with mode: 0644]
cookbooks/db/metadata.rb [new file with mode: 0644]
cookbooks/db/recipes/base.rb [new file with mode: 0644]
cookbooks/db/recipes/master.rb [new file with mode: 0644]
cookbooks/db/recipes/slave.rb [new file with mode: 0644]
cookbooks/db/templates/default/cron.erb [new file with mode: 0644]
cookbooks/dev/README.rdoc [new file with mode: 0644]
cookbooks/dev/attributes/default.rb [new file with mode: 0644]
cookbooks/dev/metadata.rb [new file with mode: 0644]
cookbooks/dev/recipes/default.rb [new file with mode: 0644]
cookbooks/dev/templates/default/apache.apis.erb [new file with mode: 0644]
cookbooks/dev/templates/default/apache.phppgadmin.erb [new file with mode: 0644]
cookbooks/dev/templates/default/apache.rails.erb [new file with mode: 0644]
cookbooks/dev/templates/default/apache.user.erb [new file with mode: 0644]
cookbooks/dev/templates/default/apis.html.erb [new file with mode: 0644]
cookbooks/dev/templates/default/fpm-default.conf.erb [new file with mode: 0644]
cookbooks/dev/templates/default/fpm.conf.erb [new file with mode: 0644]
cookbooks/dev/templates/default/passenger.conf.erb [new file with mode: 0644]
cookbooks/dev/templates/default/phppgadmin.conf.erb [new file with mode: 0644]
cookbooks/dev/templates/default/rails.setup.rb.erb [new file with mode: 0644]
cookbooks/drupal/README.rdoc [new file with mode: 0644]
cookbooks/drupal/attributes/default.rb [new file with mode: 0644]
cookbooks/drupal/definitions/drupal_site.rb [new file with mode: 0644]
cookbooks/drupal/metadata.rb [new file with mode: 0644]
cookbooks/drupal/recipes/default.rb [new file with mode: 0644]
cookbooks/drupal/templates/default/apache-ssl.erb [new file with mode: 0644]
cookbooks/drupal/templates/default/apache.erb [new file with mode: 0644]
cookbooks/nominatim/README.rdoc [new file with mode: 0644]
cookbooks/nominatim/metadata.rb [new file with mode: 0644]
cookbooks/nominatim/recipes/default.rb [new file with mode: 0644]
cookbooks/owl/README.rdoc [new file with mode: 0644]
cookbooks/owl/attributes/default.rb [new file with mode: 0644]
cookbooks/owl/metadata.rb [new file with mode: 0644]
cookbooks/owl/recipes/default.rb [new file with mode: 0644]
cookbooks/owl/templates/default/apache.erb [new file with mode: 0644]
cookbooks/owl/templates/default/database.yml.erb [new file with mode: 0644]
cookbooks/owl/templates/default/passenger.conf.erb [new file with mode: 0644]
cookbooks/squid/README.rdoc [new file with mode: 0644]
cookbooks/squid/attributes/default.rb [new file with mode: 0644]
cookbooks/squid/definitions/squid_fragment.rb [new file with mode: 0644]
cookbooks/squid/metadata.rb [new file with mode: 0644]
cookbooks/squid/recipes/default.rb [new file with mode: 0644]
cookbooks/squid/templates/default/squid.conf.erb [new file with mode: 0644]
cookbooks/squid/templates/default/squid.erb [new file with mode: 0644]
cookbooks/subversion/README.rdoc [new file with mode: 0644]
cookbooks/subversion/files/default/hooks/post-commit [new file with mode: 0644]
cookbooks/subversion/files/default/hooks/post-revprop-change [new file with mode: 0644]
cookbooks/subversion/metadata.rb [new file with mode: 0644]
cookbooks/subversion/recipes/default.rb [new file with mode: 0644]
cookbooks/subversion/templates/default/apache.erb [new file with mode: 0644]
cookbooks/tilecache/README.rdoc [new file with mode: 0644]
cookbooks/tilecache/attributes/default.rb [new file with mode: 0644]
cookbooks/tilecache/metadata.rb [new file with mode: 0644]
cookbooks/tilecache/recipes/default.rb [new file with mode: 0644]
cookbooks/tilecache/templates/default/squid.conf.erb [new file with mode: 0644]
cookbooks/web/README.rdoc [new file with mode: 0644]
cookbooks/web/attributes/default.rb [new file with mode: 0644]
cookbooks/web/definitions/rails_port.rb [new file with mode: 0644]
cookbooks/web/metadata.rb [new file with mode: 0644]
cookbooks/web/recipes/backend.rb [new file with mode: 0644]
cookbooks/web/recipes/base.rb [new file with mode: 0644]
cookbooks/web/recipes/cgimap.rb [new file with mode: 0644]
cookbooks/web/recipes/frontend.rb [new file with mode: 0644]
cookbooks/web/recipes/gpx.rb [new file with mode: 0644]
cookbooks/web/recipes/rails.rb [new file with mode: 0644]
cookbooks/web/recipes/statistics.rb [new file with mode: 0644]
cookbooks/web/templates/default/apache.backend.erb [new file with mode: 0644]
cookbooks/web/templates/default/apache.frontend.erb [new file with mode: 0644]
cookbooks/web/templates/default/database.yml.erb [new file with mode: 0644]
cookbooks/web/templates/default/init.gpx.erb [new file with mode: 0644]
cookbooks/web/templates/default/logrotate.apache.erb [new file with mode: 0644]
cookbooks/web/templates/default/logrotate.web.erb [new file with mode: 0644]
cookbooks/web/templates/default/passenger.conf.erb [new file with mode: 0644]
cookbooks/web/templates/default/passenger.cron.erb [new file with mode: 0644]
cookbooks/web/templates/default/rails.cron.erb [new file with mode: 0644]
cookbooks/web/templates/default/ruby.erb [new file with mode: 0644]
cookbooks/web/templates/default/statistics.cron.erb [new file with mode: 0644]
cookbooks/web/templates/default/statistics.erb [new file with mode: 0644]
cookbooks/yournavigation/README.rdoc [new file with mode: 0644]
cookbooks/yournavigation/metadata.rb [new file with mode: 0644]
cookbooks/yournavigation/recipes/default.rb [new file with mode: 0644]

diff --git a/cookbooks/civicrm/README.rdoc b/cookbooks/civicrm/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/civicrm/attributes/default.rb b/cookbooks/civicrm/attributes/default.rb
new file mode 100644 (file)
index 0000000..8fefdfc
--- /dev/null
@@ -0,0 +1 @@
+default[:civicrm][:version] = "4.2.7"
diff --git a/cookbooks/civicrm/metadata.rb b/cookbooks/civicrm/metadata.rb
new file mode 100644 (file)
index 0000000..796cde6
--- /dev/null
@@ -0,0 +1,8 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures CiviCRM"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "drupal"
+depends           "mysql"
diff --git a/cookbooks/civicrm/recipes/default.rb b/cookbooks/civicrm/recipes/default.rb
new file mode 100644 (file)
index 0000000..13b05af
--- /dev/null
@@ -0,0 +1,158 @@
+#
+# Cookbook Name:: civicrm
+# Recipe:: default
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "drupal"
+include_recipe "mysql"
+
+passwords = data_bag_item("civicrm", "passwords")
+
+database_password = passwords["database"]
+admin_password = passwords["admin"]
+site_key = passwords["key"]
+
+mysql_user "civicrm@localhost" do
+  password database_password
+end
+
+mysql_database "civicrm" do
+  permissions "civicrm@localhost" => :all
+end
+
+drupal_site "crm.osmfoundation.org" do
+  title "CiviCRM"
+  database_name "civicrm"
+  database_username "civicrm"
+  database_password database_password
+  admin_password admin_password
+end
+
+directory "/usr/local/share/civicrm" do
+  owner "root"
+  group "root"
+  mode "0755"
+end
+
+civicrm_version = node[:civicrm][:version]
+civicrm_directory = "/usr/local/share/civicrm/#{civicrm_version}"
+
+subversion civicrm_directory do
+  action :export
+  repository "http://svn.civicrm.org/civicrm/tags/tarballs/#{node[:civicrm][:version]}"
+  user "root"
+  group "root"
+end
+
+link "/usr/share/drupal7/sites/all/modules/civicrm" do
+  to "/usr/local/share/civicrm/#{node[:civicrm][:version]}"
+end
+
+directory "/data/crm.osmfoundation.org/civicrm" do
+  owner "www-data"
+  group "www-data"
+  mode "0775"
+end
+
+ruby_block "#{civicrm_directory}/civicrm.settings.php" do
+  block do
+    out = File.new("#{civicrm_directory}/civicrm.settings.php", "w")
+
+    File.foreach("#{civicrm_directory}/templates/CRM/common/civicrm.settings.php.tpl") do |line|
+      line.gsub!(/%%cms%%/, "Drupal")
+      line.gsub!(/%%CMSdbUser%%/, "civicrm")
+      line.gsub!(/%%CMSdbPass%%/, database_password)
+      line.gsub!(/%%CMSdbHost%%/, "localhost")
+      line.gsub!(/%%CMSdbName%%/, "civicrm")
+      line.gsub!(/%%dbUser%%/, "civicrm")
+      line.gsub!(/%%dbPass%%/, database_password)
+      line.gsub!(/%%dbHost%%/, "localhost")
+      line.gsub!(/%%dbName%%/, "civicrm")
+      line.gsub!(/%%crmRoot%%/, "/usr/share/drupal7/sites/all/modules/civicrm")
+      line.gsub!(/%%templateCompileDir%%/, "/data/crm.osmfoundation.org/civicrm")
+      line.gsub!(/%%baseURL%%/, "http://crm.osmfoundation.org/")
+      line.gsub!(/%%siteKey%%/, site_key)
+
+      out.print(line)
+    end
+
+    out.close
+  end
+
+  not_if do
+    File.exist?("#{civicrm_directory}/civicrm.settings.php") and
+    File.mtime("#{civicrm_directory}/civicrm.settings.php") >= File.mtime("#{civicrm_directory}/templates/CRM/common/civicrm.settings.php.tpl")
+  end
+end
+
+link "/etc/drupal/7/sites/crm.osmfoundation.org/civicrm.settings.php" do
+  to "#{civicrm_directory}/civicrm.settings.php"
+end
+
+template "#{civicrm_directory}/settings_location.php" do
+  source "settings_location.php.erb"
+  owner "root"
+  group "root"
+  mode "0644"
+end
+
+execute "civicrm-load-acl" do
+  action :nothing
+  command "mysql --user=civicrm --password=#{database_password} civicrm < sql/civicrm_acl.mysql"
+  cwd "/usr/share/drupal7/sites/all/modules/civicrm"
+  user "root"
+  group "root"
+end
+
+execute "civicrm-load-data" do
+  action :nothing
+  command "mysql --user=civicrm --password=#{database_password} civicrm < sql/civicrm_data.mysql"
+  cwd "/usr/share/drupal7/sites/all/modules/civicrm"
+  user "root"
+  group "root"
+  notifies :run, resources(:execute => "civicrm-load-acl")
+end
+
+execute "civicrm-load" do
+  action :nothing
+  command "mysql --user=civicrm --password=#{database_password} civicrm < sql/civicrm.mysql"
+  cwd "/usr/share/drupal7/sites/all/modules/civicrm"
+  user "root"
+  group "root"
+  notifies :run, resources(:execute => "civicrm-load-data")
+end
+
+execute "civicrm-gencode" do
+  command "php GenCode.php"
+  cwd "#{civicrm_directory}/xml"
+  user "root"
+  group "root"
+  creates "#{civicrm_directory}/civicrm-version.php"
+  notifies :run, resources(:execute => "civicrm-load")
+end
+
+directory "/data/crm.osmfoundation.org/civicrm/en_US" do
+  owner "www-data"
+  group "www-data"
+  mode "0775"
+end
+
+directory "/data/crm.osmfoundation.org/civicrm/en_US/ConfigAndLog" do
+  owner "www-data"
+  group "www-data"
+  mode "0775"
+end
diff --git a/cookbooks/civicrm/templates/default/settings_location.php.erb b/cookbooks/civicrm/templates/default/settings_location.php.erb
new file mode 100644 (file)
index 0000000..3e0249d
--- /dev/null
@@ -0,0 +1,10 @@
+<?php
+
+// the directory name for your 'sites' location in drupal. We use the below location
+// along with drupal 'conf_init()' function to figure out where the settings files
+// are located. This is primarily used when we hit CiviCRM outside of 'Drupal' (via mail/soap
+// etc)
+
+define( 'CIVICRM_CONFDIR', '/etc/drupal/7/sites/crm.osmfoundation.org' );
+
+?>
diff --git a/cookbooks/db/README.rdoc b/cookbooks/db/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/db/metadata.rb b/cookbooks/db/metadata.rb
new file mode 100644 (file)
index 0000000..a979c1d
--- /dev/null
@@ -0,0 +1,9 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures database servers"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "postgresql"
+depends           "web"
+depends           "git"
diff --git a/cookbooks/db/recipes/base.rb b/cookbooks/db/recipes/base.rb
new file mode 100644 (file)
index 0000000..3f99204
--- /dev/null
@@ -0,0 +1,56 @@
+#
+# Cookbook Name:: db
+# Recipe:: base
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "postgresql"
+include_recipe "git"
+
+passwords = data_bag_item("db", "passwords")
+
+postgresql_munin "openstreetmap" do
+  cluster node[:db][:cluster]
+  database "openstreetmap"
+end
+
+directory "/srv/www.openstreetmap.org" do
+  group "rails"
+  mode 02775
+end
+
+rails_port "www.openstreetmap.org" do
+  directory "/srv/www.openstreetmap.org/rails"
+  user "rails"
+  group "rails"
+  repository "git://git.openstreetmap.org/rails.git"
+  revision "live"
+  database_host "localhost"
+  database_name "openstreetmap"
+  database_username "openstreetmap"
+  database_password passwords["openstreetmap"]
+  gpx_dir "/store/rails/gpx"
+  file_column_root "/store/rails"
+end
+
+execute "/srv/www.openstreetmap.org/rails/db/functions/Makefile" do
+  action :nothing
+  command "make"
+  cwd "/srv/www.openstreetmap.org/rails/db/functions"
+  user "rails"
+  group "rails"
+  subscribes :run, resources(:git => "/srv/www.openstreetmap.org/rails")
+end
diff --git a/cookbooks/db/recipes/master.rb b/cookbooks/db/recipes/master.rb
new file mode 100644 (file)
index 0000000..70ae0e6
--- /dev/null
@@ -0,0 +1,91 @@
+#
+# Cookbook Name:: db
+# Recipe:: master
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "db::base"
+
+passwords = data_bag_item("db", "passwords")
+
+postgresql_user "tomh" do
+  cluster node[:db][:cluster]
+  superuser true
+end
+
+postgresql_user "matt" do
+  cluster node[:db][:cluster]
+  superuser true
+end
+
+postgresql_user "openstreetmap" do
+  cluster node[:db][:cluster]
+  password passwords["openstreetmap"]
+end
+
+postgresql_user "rails" do
+  cluster node[:db][:cluster]
+  password passwords["rails"]
+end
+
+postgresql_user "planetdump" do
+  cluster node[:db][:cluster]
+  password passwords["planetdump"]
+end
+
+postgresql_user "planetdiff" do
+  cluster node[:db][:cluster]
+  password passwords["planetdiff"]
+end
+
+postgresql_user "backup" do
+  cluster node[:db][:cluster]
+  password passwords["backup"]
+end
+
+postgresql_user "gpximport" do
+  cluster node[:db][:cluster]
+  password passwords["gpximport"]
+end
+
+postgresql_user "munin" do
+  cluster node[:db][:cluster]
+  password passwords["munin"]
+end
+
+postgresql_user "replication" do
+  cluster node[:db][:cluster]
+  password passwords["replication"]
+  replication true
+end
+
+postgresql_database "openstreetmap" do
+  cluster node[:db][:cluster]
+  owner "openstreetmap"
+end
+
+postgresql_extension "btree_gist" do
+  cluster node[:db][:cluster]
+  database "openstreetmap"
+  only_if { node[:postgresql][:clusters][node[:db][:cluster]] and node[:postgresql][:clusters][node[:db][:cluster]][:version] >= 9.0 }
+end
+
+template "/etc/cron.daily/rails-db" do
+  source "cron.erb"
+  owner "root"
+  group "root"
+  mode 0755
+end
diff --git a/cookbooks/db/recipes/slave.rb b/cookbooks/db/recipes/slave.rb
new file mode 100644 (file)
index 0000000..54adff5
--- /dev/null
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: db
+# Recipe:: slave
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "db::base"
diff --git a/cookbooks/db/templates/default/cron.erb b/cookbooks/db/templates/default/cron.erb
new file mode 100644 (file)
index 0000000..ec1d2e0
--- /dev/null
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+# Cleanup archive directory
+find /store/postgresql/system/archive -mtime +10 -print0 | xargs -0r rm
diff --git a/cookbooks/dev/README.rdoc b/cookbooks/dev/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/dev/attributes/default.rb b/cookbooks/dev/attributes/default.rb
new file mode 100644 (file)
index 0000000..4f16412
--- /dev/null
@@ -0,0 +1 @@
+default[:dev][:rails] = {}
diff --git a/cookbooks/dev/metadata.rb b/cookbooks/dev/metadata.rb
new file mode 100644 (file)
index 0000000..2f273b7
--- /dev/null
@@ -0,0 +1,37 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures dev services"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "apache"
+depends           "git"
+depends           "mysql"
+depends           "postgresql"
+depends           "tools"
+depends           "web"
+
+attribute "rails",
+  :display_name => "Rails Configuration",
+  :description => "Hash of rails port configuration information",
+  :type => "hash"
+
+attribute "rails/sites",
+  :display_name => "Rails Installations",
+  :description => "Hash of rails port installations to configure",
+  :type => "hash"
+
+attribute "rails/sites/repository",
+  :display_name => "Repository",
+  :description => "Git repository to use",
+  :default => "git://git.openstreetmap.org/rails.git"
+
+attribute "rails/sites/revision",
+  :display_name => "Revision",
+  :description => "Revision to use",
+  :default => "live"
+
+attribute "rails/sites/database",
+  :display_name => "Database",
+  :description => "Database to use",
+  :default => nil
diff --git a/cookbooks/dev/recipes/default.rb b/cookbooks/dev/recipes/default.rb
new file mode 100644 (file)
index 0000000..33de91a
--- /dev/null
@@ -0,0 +1,230 @@
+#
+# Cookbook Name:: dev
+# Recipe:: default
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "yaml"
+
+include_recipe "apache"
+include_recipe "git"
+include_recipe "mysql"
+include_recipe "postgresql"
+
+package "php-apc"
+package "php-db"
+package "php-cgiwrap"
+package "php-pear"
+
+package "php5-cgi"
+package "php5-cli"
+package "php5-curl"
+package "php5-fpm"
+package "php5-imagick"
+package "php5-mcrypt"
+package "php5-mysql"
+package "php5-pgsql"
+package "php5-sqlite"
+
+package "python"
+package "python-argparse"
+package "python-beautifulsoup"
+package "python-cheetah"
+package "python-dateutil"
+package "python-magic"
+package "python-psycopg2"
+
+apache_module "expires"
+apache_module "fastcgi-handler"
+apache_module "rewrite"
+apache_module "expires"
+apache_module "wsgi"
+
+apache_module "passenger" do
+  conf "passenger.conf.erb"
+end
+
+munin_plugin "passenger_memory"
+munin_plugin "passenger_processes"
+munin_plugin "passenger_queues"
+munin_plugin "passenger_requests"
+
+gem_package "sqlite3"
+
+gem_package "rails" do
+  version "3.0.9"
+end
+
+service "php5-fpm" do
+  action [ :enable, :start ]
+  supports :status => true, :restart => true, :reload => true
+end
+
+template "/etc/php5/fpm/pool.d/default.conf" do
+  source "fpm-default.conf.erb"
+  owner "root"
+  group "root"
+  mode 0644
+  notifies :reload, resources(:service => "php5-fpm")
+end
+
+file "/etc/php5/fpm/pool.d/www.conf" do
+  action :delete
+  notifies :reload, resources(:service => "php5-fpm")
+end
+
+package "phppgadmin"
+
+template "/etc/phppgadmin/config.inc.php" do
+  source "phppgadmin.conf.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+link "/etc/apache2/conf.d/phppgadmin" do
+  action :delete
+end
+
+apache_site "phppgadmin.dev.openstreetmap.org" do
+  template "apache.phppgadmin.erb"
+end
+
+node[:accounts][:users].each do |name,details|
+  if ["user","administrator"].include?(details[:status])
+    user_home = details[:home] || "#{node[:accounts][:home]}/#{name.to_s}"
+
+    if File.directory?("#{user_home}/public_html")
+      template "/etc/php5/fpm/pool.d/#{name}.conf" do
+        source "fpm.conf.erb"
+        owner "root"
+        group "root"
+        mode 0644
+        variables :user => name
+        notifies :reload, resources(:service => "php5-fpm")
+      end
+
+      apache_site "#{name}.dev.openstreetmap.org" do
+        template "apache.user.erb"
+        directory "#{user_home}/public_html"
+        variables :user => name
+      end
+    end
+  end
+end
+
+if node[:postgresql][:clusters]["9.1/main"]
+  postgresql_user "apis" do
+    cluster "9.1/main"
+  end
+
+  node[:dev][:rails].each do |name,details|
+    database_name = details[:database] || "apis_#{name}"
+    site_name = "#{name}.apis.dev.openstreetmap.org"
+    site_aliases = details[:aliases] || []
+    rails_directory = "/srv/#{name}.apis.dev.openstreetmap.org"
+
+    postgresql_database database_name do
+      cluster "9.1/main"
+      owner "apis"
+    end
+
+    postgresql_extension "#{database_name}_btree_gist" do
+      cluster "9.1/main"
+      database database_name
+      extension "btree_gist"
+    end
+
+    rails_port site_name do
+      ruby node[:dev][:ruby]
+      directory rails_directory
+      user "apis"
+      group "apis"
+      repository details[:repository]
+      revision details[:revision]
+      database_port node[:postgresql][:clusters]["9.1/main"][:port]
+      database_name database_name
+      database_username "apis"
+      run_migrations true
+    end
+
+    template "#{rails_directory}/config/initializers/setup.rb" do
+      source "rails.setup.rb.erb"
+      owner "apis"
+      group "apis"
+      mode 0644
+      variables :site => site_name
+      notifies :touch, resources(:file => "#{rails_directory}/tmp/restart.txt")
+    end
+
+    apache_site site_name do
+      template "apache.rails.erb"
+      variables :name => site_name, :aliases => site_aliases
+    end
+  end
+
+  Dir.glob("/srv/*.apis.dev.openstreetmap.org").each do |rails_directory|
+    name = File.basename(rails_directory, ".apis.dev.openstreetmap.org")
+
+    unless node[:dev][:rails].include?(name)
+      database_config = YAML.load_file("#{rails_directory}/config/database.yml")
+      database_name = database_config["production"]["database"]
+      site_name = "#{name}.apis.dev.openstreetmap.org"
+
+      apache_site site_name do
+        action [ :delete ]
+      end
+
+      directory rails_directory do
+        action :delete
+        recursive true
+      end
+
+      file "/etc/cron.daily/rails-#{name}" do
+        action :delete
+      end
+
+      postgresql_database database_name do
+        action :drop
+        cluster "9.1/main"
+      end
+    end
+  end
+
+  directory "/srv/apis.dev.openstreetmap.org" do
+    owner "apis"
+    group "apis"
+    mode 0755
+  end
+
+  template "/srv/apis.dev.openstreetmap.org/index.html" do
+    source "apis.html.erb"
+    owner "apis"
+    group "apis"
+    mode 0644
+  end
+
+  apache_site "apis.dev.openstreetmap.org" do
+    template "apache.apis.erb"
+  end
+
+  node[:postgresql][:clusters].each do |name,details|
+    postgresql_munin name do
+      cluster name
+      database "ALL"
+    end
+  end
+end
diff --git a/cookbooks/dev/templates/default/apache.apis.erb b/cookbooks/dev/templates/default/apache.apis.erb
new file mode 100644 (file)
index 0000000..3e53b00
--- /dev/null
@@ -0,0 +1,11 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<VirtualHost *:80>
+       ServerName apis.dev.openstreetmap.org
+       ServerAdmin webmaster@openstreetmap.org
+
+       DocumentRoot /srv/apis.dev.openstreetmap.org
+
+       CustomLog /var/log/apache2/apis.dev.openstreetmap.org-access.log combined
+       ErrorLog /var/log/apache2/apis.dev.openstreetmap.org-error.log
+</VirtualHost>
diff --git a/cookbooks/dev/templates/default/apache.phppgadmin.erb b/cookbooks/dev/templates/default/apache.phppgadmin.erb
new file mode 100644 (file)
index 0000000..e2d8556
--- /dev/null
@@ -0,0 +1,20 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<VirtualHost *:80>
+       ServerName phppgadmin.dev.openstreetmap.org
+       ServerAdmin webmaster@openstreetmap.org
+
+       CustomLog /var/log/apache2/phppgadmin.dev.openstreetmap.org-access.log combined
+       ErrorLog /var/log/apache2/phppgadmin.dev.openstreetmap.org-error.log
+
+       DocumentRoot /usr/share/phppgadmin
+
+       <IfModule mod_fastcgi_handler.c>
+               <FilesMatch "\.ph(p3?|tml)$">
+                       SetHandler fcgi:/var/run/php5-fpm-default.sock
+               </FilesMatch>
+               <FilesMatch "\.phps$">
+                       SetHandler fcgi:/var/run/php5-fpm-default.sock
+               </FilesMatch>
+       </IfModule>
+</VirtualHost>
diff --git a/cookbooks/dev/templates/default/apache.rails.erb b/cookbooks/dev/templates/default/apache.rails.erb
new file mode 100644 (file)
index 0000000..7d45abe
--- /dev/null
@@ -0,0 +1,16 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<VirtualHost *:80>
+       ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+       ServerAlias <%= alias_name %>
+<% end -%>
+       ServerAdmin webmaster@openstreetmap.org
+
+       DocumentRoot /srv/<%= @name %>/public
+
+       CustomLog /var/log/apache2/<%= @name %>-access.log combined
+       ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+       RailsEnv production
+</VirtualHost>
diff --git a/cookbooks/dev/templates/default/apache.user.erb b/cookbooks/dev/templates/default/apache.user.erb
new file mode 100644 (file)
index 0000000..9b49158
--- /dev/null
@@ -0,0 +1,52 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+WSGIDaemonProcess <%= @user %>.dev.openstreetmap.org user=<%= @user %> inactivity-timeout=600
+
+<VirtualHost *:80>
+       ServerName <%= @user %>.dev.openstreetmap.org
+       ServerAdmin webmaster@openstreetmap.org
+       ServerAlias <%= @user %>.dev.osm.org
+
+       UseCanonicalName Off
+       DocumentRoot <%= @directory %>
+       ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+
+       WSGIProcessGroup <%= @user %>.dev.openstreetmap.org
+
+       RewriteEngine on
+       #RewriteLog /var/log/apache2/rewrite.log
+       #RewriteLogLevel 4
+
+       CustomLog /var/log/apache2/<%= @user %>.dev.openstreetmap.org-access.log combined
+       ErrorLog /var/log/apache2/<%= @user %>.dev.openstreetmap.org-error.log
+
+       RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
+       RewriteRule ^/cgi-bin/(.*)$ /cgi-bin/cgiwrap/~<%= @user %>/cgi-bin/$1 [PT,L]
+
+       RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
+       RewriteRule ^/cgi-bin-d/(.*)$ /cgi-bin/cgiwrapd/~<%= @user %>/cgi-bin/$1 [PT,L]
+
+       <IfModule mod_fastcgi_handler.c>
+               <FilesMatch "\.ph(p3?|tml)$">
+                       SetHandler fcgi:/var/run/php5-fpm-<%= @user %>.sock
+               </FilesMatch>
+               <FilesMatch "\.phps$">
+                       SetHandler fcgi:/var/run/php5-fpm-<%= @user %>.sock
+               </FilesMatch>
+       </IfModule>
+
+       <IfModule !mod_fastcgi_handler.c>
+               RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
+               RewriteRule ^(.*\.php)$ /cgi-bin/php-cgiwrap/~<%= @user %>/$1 [PT,L]
+       </IfModule>
+</VirtualHost>
+
+<Directory <%= @directory %>>
+       AllowOverride AuthConfig FileInfo Indexes Options=RailsBaseURI
+       Options SymLinksIfOwnerMatch Indexes Includes
+</Directory>
+
+<Directory <%= @directory %>/wsgi-bin>
+       SetHandler wsgi-script
+       Options ExecCGI SymLinksIfOwnerMatch
+</Directory>
diff --git a/cookbooks/dev/templates/default/apis.html.erb b/cookbooks/dev/templates/default/apis.html.erb
new file mode 100644 (file)
index 0000000..e226350
--- /dev/null
@@ -0,0 +1,26 @@
+<html>
+<head>
+<title>OpenStreetMap Testing APIs</title>
+</head>
+<body>
+<h1>OpenStreetMap Testing APIs</h1>
+<p>This server hosts several versions of the OSM APIs for use by anyone
+for testing clients against or as a data sandbox.</p>
+<table>
+<tr>
+<th align="left">Name</th>
+<th align="left">Repository</th>
+<th align="left">Revision</th>
+</tr>
+<% node[:dev][:rails].each do |name,details| -%>
+<tr>
+<td><a href="http://<%= name %>.apis.dev.openstreetmap.org/"><%= name %></a></td>
+<td><%= details[:repository] %></td>
+<td><%= details[:revision] %></td>
+</tr>
+<% end -%>
+</table>
+<p>These APIs are updated every half hour. The last update was at
+<%= Time.now.strftime("%Y-%m-%d %H:%M:%S") %></p>
+</body>
+</html>
diff --git a/cookbooks/dev/templates/default/fpm-default.conf.erb b/cookbooks/dev/templates/default/fpm-default.conf.erb
new file mode 100644 (file)
index 0000000..68afd01
--- /dev/null
@@ -0,0 +1,384 @@
+; Start a new pool named 'default'.
+; the variable $pool can we used in any directive and will be replaced by the
+; pool name ('default' here)
+[default]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses on a
+;                            specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /var/run/php5-fpm-default.sock
+
+; Set listen(2) backlog. A value of '-1' means unlimited.
+; Default Value: 128 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = -1
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. 
+; Default Values: user and group are set as the running user
+;                 mode is set to 0666
+listen.owner = www-data
+listen.group = www-data
+listen.mode = 0660
+; List of ipv4 addresses of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 10
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 4
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 2
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 6
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following informations:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example: 
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in ┬Ás of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: ${prefix}/share/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set 
+;pm.status_path = /status
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{miliseconds}d
+;      - %{mili}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some exemples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: ouput header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string 
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = %R - %u %t "%m %r%Q%q" %s %f %{mili}d %{kilo}M %C%%
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever 
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot = 
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+chdir = /
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; exectute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'. 
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
diff --git a/cookbooks/dev/templates/default/fpm.conf.erb b/cookbooks/dev/templates/default/fpm.conf.erb
new file mode 100644 (file)
index 0000000..afbb1a7
--- /dev/null
@@ -0,0 +1,50 @@
+; DO NOT EDIT - This file is being maintained by Chef
+
+[<%= @user %>]
+listen = /var/run/php5-fpm-<%= @user %>.sock
+
+listen.backlog = 256
+listen.owner = www-data
+listen.group = www-data
+listen.mode = 0660
+
+user = <%= @user %>
+group = <%= @user %>
+
+pm = dynamic
+pm.max_children = 10
+pm.start_servers = 4
+pm.min_spare_servers = 2
+pm.max_spare_servers = 6
+pm.max_requests = 10000
+
+request_terminate_timeout = 1800
+
+;pm.status_path = /status
+;ping.path = /ping
+;ping.response = pong
+;request_terminate_timeout = 0
+;request_slowlog_timeout = 0
+;slowlog = /var/log/php5-fpm.log.slow
+;rlimit_files = 1024
+;rlimit_core = 0
+;chroot = 
+;chdir = /var/www
+;catch_workers_output = yes
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /tmp
+env[TMPDIR] = /tmp
+env[TEMP] = /tmp
+
+php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f <%= @user %>@errol.openstreetmap.org
+php_admin_value[open_basedir] = /home/<%= @user %>/:/tmp/:/usr/share/php/
+php_flag[display_errors] = on
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+php_value[max_execution_time] = 300
+php_value[memory_limit] = 128M
+
diff --git a/cookbooks/dev/templates/default/passenger.conf.erb b/cookbooks/dev/templates/default/passenger.conf.erb
new file mode 100644 (file)
index 0000000..42639f1
--- /dev/null
@@ -0,0 +1,7 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<IfModule mod_passenger.c>
+  PassengerRoot /usr
+  PassengerRuby /usr/bin/ruby<%= node[:dev][:ruby] %>
+  PassengerUseGlobalQueue on
+</IfModule>
diff --git a/cookbooks/dev/templates/default/phppgadmin.conf.erb b/cookbooks/dev/templates/default/phppgadmin.conf.erb
new file mode 100644 (file)
index 0000000..c7f4a95
--- /dev/null
@@ -0,0 +1,127 @@
+<?php
+       // DO NOT EDIT - This file is being maintained by Chef
+
+       /**
+        * Central phpPgAdmin configuration.  As a user you may modify the
+        * settings here for your particular configuration.
+        *
+        * $Id: config.inc.php-dist,v 1.55 2008/02/18 21:10:31 xzilla Exp $
+        */
+
+<% node[:postgresql][:clusters].sort.each_with_index do |cluster,index| -%>
+       $conf['servers'][<%= index %>]['desc'] = '<%= cluster[0] %>';
+       $conf['servers'][<%= index %>]['host'] = '127.0.0.1';
+       $conf['servers'][<%= index %>]['port'] = <%= cluster[1][:port] %>;
+       $conf['servers'][<%= index %>]['sslmode'] = 'allow';
+       $conf['servers'][<%= index %>]['defaultdb'] = 'template1';
+       $conf['servers'][<%= index %>]['pg_dump_path'] = '/usr/lib/postgresql/<%= cluster[1][:version] %>/bin/pg_dump';
+       $conf['servers'][<%= index %>]['pg_dumpall_path'] = '/usr/lib/postgresql/<%= cluster[1][:version] %>/bin/pg_dumpall';
+       $conf['servers'][<%= index %>]['slony_support'] = false;
+       $conf['servers'][<%= index %>]['slony_sql'] = '';
+<% end -%>
+
+
+       // Example of groups definition.
+       // Groups allow administrators to logicaly group servers together under group nodes in the left browser tree
+       //
+       // The group '0' description
+       //$conf['srv_groups'][0]['desc'] = 'group one';
+       //
+       // Add here servers indexes belonging to the group '0' seperated by comma
+       //$conf['srv_groups'][0]['servers'] = '0,1,2'; 
+       //
+       // A server can belong to multi groups
+       //$conf['srv_groups'][1]['desc'] = 'group two';
+       //$conf['srv_groups'][1]['servers'] = '3,1';
+       
+
+       // Default language. E.g.: 'english', 'polish', etc.  See lang/ directory
+       // for all possibilities. If you specify 'auto' (the default) it will use 
+       // your browser preference.
+       $conf['default_lang'] = 'auto';
+
+       // AutoComplete uses AJAX interaction to list foreign key values 
+       // on insert fields. It currently only works on single column 
+       // foreign keys. You can choose one of the following values:
+       // 'default on' enables AutoComplete and turns it on by default.
+       // 'default off' enables AutoComplete but turns it off by default.
+       // 'disable' disables AutoComplete.
+       $conf['autocomplete'] = 'default on';
+       
+       // If extra login security is true, then logins via phpPgAdmin with no
+       // password or certain usernames (pgsql, postgres, root, administrator)
+       // will be denied. Only set this false once you have read the FAQ and
+       // understand how to change PostgreSQL's pg_hba.conf to enable
+       // passworded local connections.
+       $conf['extra_login_security'] = true;
+
+       // Only show owned databases?
+       // Note: This will simply hide other databases in the list - this does
+       // not in any way prevent your users from seeing other database by
+       // other means. (e.g. Run 'SELECT * FROM pg_database' in the SQL area.)
+       $conf['owned_only'] = false;
+
+       // Display comments on objects?  Comments are a good way of documenting
+       // a database, but they do take up space in the interface.
+       $conf['show_comments'] = true;
+
+       // Display "advanced" objects? Setting this to true will show 
+       // aggregates, types, operators, operator classes, conversions, 
+       // languages and casts in phpPgAdmin. These objects are rarely 
+       // administered and can clutter the interface.
+       $conf['show_advanced'] = false;
+
+       // Display "system" objects?
+       $conf['show_system'] = false;
+
+       // Display reports feature?  For this feature to work, you must
+       // install the reports database as explained in the INSTALL file.
+       $conf['show_reports'] = true;
+
+       // Database and table for reports
+       $conf['reports_db'] = 'phppgadmin';
+       $conf['reports_schema'] = 'public';
+       $conf['reports_table'] = 'ppa_reports';
+
+       // Only show owned reports?
+       // Note: This does not prevent people from accessing other reports by
+       // other means.
+       $conf['owned_reports_only'] = false;
+
+       // Minimum length users can set their password to.
+       $conf['min_password_length'] = 1;
+
+       // Width of the left frame in pixels (object browser)
+       $conf['left_width'] = 200;
+       
+       // Which look & feel theme to use
+       $conf['theme'] = 'default';
+       
+       // Show OIDs when browsing tables?
+       $conf['show_oids'] = false;
+       
+       // Max rows to show on a page when browsing record sets
+       $conf['max_rows'] = 30;
+
+       // Max chars of each field to display by default in browse mode
+       $conf['max_chars'] = 50;
+
+       // Send XHTML strict headers?
+       $conf['use_xhtml_strict'] = false;
+
+       // Base URL for PostgreSQL documentation.
+       // '%s', if present, will be replaced with the PostgreSQL version
+       // (e.g. 8.4 )
+       $conf['help_base'] = 'http://www.postgresql.org/docs/%s/interactive/';
+       
+       // Configuration for ajax scripts
+       // Time in seconds. If set to 0, refreshing data using ajax will be disabled (locks and activity pages)
+       $conf['ajax_refresh'] = 3;
+       
+       /*****************************************
+        * Don't modify anything below this line *
+        *****************************************/
+
+       $conf['version'] = 19;
+
+?>
diff --git a/cookbooks/dev/templates/default/rails.setup.rb.erb b/cookbooks/dev/templates/default/rails.setup.rb.erb
new file mode 100644 (file)
index 0000000..269ac43
--- /dev/null
@@ -0,0 +1,41 @@
+unless Object.const_defined?(:Rake) or Object.const_defined?(:POTLATCH2_KEY)
+  OpenStreetMap::Application.config.after_initialize do
+    unless webmaster = User.find_by_email("webmaster@openstreetmap.org")
+      webmaster = User.create({
+        :display_name => "OpenStreetMap Webmaster",
+        :email => "webmaster@openstreetmap.org",
+        :pass_crypt => SecureRandom.hex,
+        :status => "active"
+      }, :without_protection => true)
+    end
+
+    permissions = Hash[ClientApplication.all_permissions.map { |p| [ p, true ] }]
+
+    unless id = webmaster.client_applications.find_by_name("iD")
+      id = ClientApplication.create(permissions.merge({
+        :name => "iD",
+        :url => "http://<%= @site %>/",
+      }), :without_protection => true)
+    end
+
+    ID_KEY = id.key
+
+    unless potlatch = webmaster.client_applications.find_by_name("Potlatch 2")
+      potlatch = ClientApplication.create(permissions.merge({
+        :name => "Potlatch 2",
+        :url => "http://<%= @site %>/",
+      }), :without_protection => true)
+    end
+
+    POTLATCH2_KEY = potlatch.key
+
+    unless website = webmaster.client_applications.find_by_name("Web Site")
+      website = ClientApplication.create(permissions.merge({
+        :name => "Web Site",
+        :url => "http://<%= @site %>/",
+      }), :without_protection => true)
+    end
+
+    OAUTH_KEY = website.key
+  end
+end
diff --git a/cookbooks/drupal/README.rdoc b/cookbooks/drupal/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/drupal/attributes/default.rb b/cookbooks/drupal/attributes/default.rb
new file mode 100644 (file)
index 0000000..efa6d7d
--- /dev/null
@@ -0,0 +1 @@
+default[:apt][:sources] |= [ "aw-drupal" ]
diff --git a/cookbooks/drupal/definitions/drupal_site.rb b/cookbooks/drupal/definitions/drupal_site.rb
new file mode 100644 (file)
index 0000000..41e0b73
--- /dev/null
@@ -0,0 +1,82 @@
+#
+# Cookbook Name:: drupal
+# Definition:: drupal_site
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :drupal_site, :action => [ :create ], :variables => {} do
+  site_name = params[:name]
+  site_action = params[:action]
+  site_title = params[:title] || site_name
+  short_name = site_name.sub(/\..*$/, "")
+  db_name = params[:database_name] || short_name
+  db_username = params[:database_username] || short_name
+  db_password = params[:database_password]
+  db_url = "mysql://#{db_username}:#{db_password}@localhost/#{db_name}"
+  admin_username = params[:admin_username] || "admin"
+  admin_password = params[:admin_password]
+  admin_email = params[:admin_email] || "webmaster@openstreetmap.org"
+  ssl = params[:ssl] || false
+
+  if site_action.include?(:create)
+    directory "/data/#{site_name}" do
+      owner "www-data"
+      group "www-data"
+      mode "0775"
+      recursive true
+    end
+
+    directory "/data/#{site_name}/files" do
+      owner "www-data"
+      group "www-data"
+      mode "0775"
+    end
+
+    directory "/data/#{site_name}/private" do
+      owner "www-data"
+      group "www-data"
+      mode "0775"
+    end
+
+    directory "/etc/drupal/7/sites/#{site_name}" do
+      owner "root"
+      group "root"
+      mode "0555"
+    end
+
+    link "/etc/drupal/7/sites/#{site_name}/files" do
+      to "/data/#{site_name}/files"
+    end
+
+    link "/etc/drupal/7/sites/#{site_name}/private" do
+      to "/data/#{site_name}/private"
+    end
+
+    execute "drupal-site-install-#{short_name}" do
+      command "drush site-install --account-name=#{admin_username} --account-pass=#{admin_password} --account-mail=#{admin_email} --db-url=#{db_url} --site-name=#{site_title} --site-mail=webmaster@openstreetmap.org --sites-subdir=#{site_name} --yes"
+      cwd "/usr/share/drupal7"
+      user "root"
+      group "root"
+      creates "/etc/drupal/7/sites/#{site_name}/settings.php"
+    end
+
+    apache_site site_name do
+      cookbook "drupal"
+      template ssl ? "apache-ssl.erb" : "apache.erb"
+    end
+  elsif site_action.include?(:delete)
+  end
+end
diff --git a/cookbooks/drupal/metadata.rb b/cookbooks/drupal/metadata.rb
new file mode 100644 (file)
index 0000000..d1840df
--- /dev/null
@@ -0,0 +1,7 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures Drupal"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "apache"
diff --git a/cookbooks/drupal/recipes/default.rb b/cookbooks/drupal/recipes/default.rb
new file mode 100644 (file)
index 0000000..a129474
--- /dev/null
@@ -0,0 +1,25 @@
+#
+# Cookbook Name:: drupal
+# Recipe:: default
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "apache::ssl"
+
+package "drupal7"
+package "drush"
+
+apache_module "php5"
diff --git a/cookbooks/drupal/templates/default/apache-ssl.erb b/cookbooks/drupal/templates/default/apache-ssl.erb
new file mode 100644 (file)
index 0000000..03aa5ee
--- /dev/null
@@ -0,0 +1,23 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<VirtualHost *:80>
+        ServerName <%= @name %>
+        ServerAdmin webmaster@openstreetmap.org
+
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+        RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
+
+<VirtualHost *:443>
+        ServerName <%= @name %>
+        ServerAdmin webmaster@openstreetmap.org
+
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+        DocumentRoot /usr/share/drupal7
+
+        SSLEngine on
+</VirtualHost>
diff --git a/cookbooks/drupal/templates/default/apache.erb b/cookbooks/drupal/templates/default/apache.erb
new file mode 100644 (file)
index 0000000..f1947c4
--- /dev/null
@@ -0,0 +1,11 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<VirtualHost *:80>
+        ServerName <%= @name %>
+        ServerAdmin webmaster@openstreetmap.org
+
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+        DocumentRoot /usr/share/drupal7
+</VirtualHost>
diff --git a/cookbooks/nominatim/README.rdoc b/cookbooks/nominatim/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/nominatim/metadata.rb b/cookbooks/nominatim/metadata.rb
new file mode 100644 (file)
index 0000000..2806429
--- /dev/null
@@ -0,0 +1,8 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures nominatim servers"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "apache"
+depends           "postgresql"
diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb
new file mode 100644 (file)
index 0000000..2c24309
--- /dev/null
@@ -0,0 +1,59 @@
+#
+# Cookbook Name:: nominatim
+# Recipe:: default
+#
+# Copyright 2012, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "apache"
+include_recipe "postgresql"
+
+package "php5"
+package "php5-cli"
+package "php5-pgsql"
+
+package "php-apc"
+
+apache_module "rewrite"
+apache_module "fastcgi-handler"
+
+service "php5-fpm" do
+  action [ :enable, :start ]
+  supports :status => true, :restart => true, :reload => true
+end
+
+postgresql_user "tomh" do
+  cluster "9.1/main"
+  superuser true
+end
+
+postgresql_user "lonvia" do
+  cluster "9.1/main"
+  superuser true
+end
+
+postgresql_user "twain" do
+  cluster "9.1/main"
+  superuser true
+end
+
+postgresql_user "www-data" do
+  cluster "9.1/main"
+end
+
+postgresql_munin "nominatim" do
+  cluster "9.1/main"
+  database "nominatim"
+end
diff --git a/cookbooks/owl/README.rdoc b/cookbooks/owl/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/owl/attributes/default.rb b/cookbooks/owl/attributes/default.rb
new file mode 100644 (file)
index 0000000..adf7f68
--- /dev/null
@@ -0,0 +1 @@
+default[:owl][:ruby] = "1.9.1"
diff --git a/cookbooks/owl/metadata.rb b/cookbooks/owl/metadata.rb
new file mode 100644 (file)
index 0000000..1aca6a4
--- /dev/null
@@ -0,0 +1,8 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures OWL servers"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "apache"
+depends           "postgresql"
diff --git a/cookbooks/owl/recipes/default.rb b/cookbooks/owl/recipes/default.rb
new file mode 100644 (file)
index 0000000..819abdd
--- /dev/null
@@ -0,0 +1,134 @@
+#
+# Cookbook Name:: owl
+# Recipe:: default
+#
+# Copyright 2012, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "apache"
+include_recipe "postgresql"
+
+package "python"
+package "python-psycopg2"
+
+package "libxslt-dev"
+
+package "ruby#{node[:owl][:ruby]}"
+package "ruby#{node[:owl][:ruby]}-dev"
+package "rubygems#{node[:owl][:ruby]}"
+package "irb#{node[:owl][:ruby]}"
+
+gem_package "bundler#{node[:owl][:ruby]}" do
+  package_name "bundler"
+  gem_binary "gem#{node[:owl][:ruby]}"
+  options "--format-executable"
+end
+
+apache_module "deflate"
+
+apache_module "passenger" do
+  conf "passenger.conf.erb"
+end
+
+munin_plugin "passenger_memory"
+munin_plugin "passenger_processes"
+munin_plugin "passenger_queues"
+munin_plugin "passenger_requests"
+
+postgresql_user "tomh" do
+  cluster "9.1/main"
+  superuser true
+end
+
+postgresql_user "matt" do
+  cluster "9.1/main"
+  superuser true
+end
+
+postgresql_user "ppawel" do
+  cluster "9.1/main"
+  superuser true
+end
+
+postgresql_user "owl" do
+  cluster "9.1/main"
+end
+
+postgresql_database "owl" do
+  cluster "9.1/main"
+  owner "owl"
+end
+
+postgresql_munin "owl" do
+  cluster "9.1/main"
+  database "owl"
+end
+
+# grant select on changeset_tiles to owl;
+# grant select on geometry_columns to owl;
+# grant select on changesets to owl;
+# grant select on users to owl;
+
+directory "/srv/owl.openstreetmap.org" do
+  owner "owl"
+  group "owl"
+  mode 02775
+end
+
+file "/srv/owl.openstreetmap.org/openstreetmap-watch-list/rails/tmp/restart.txt" do
+  action :nothing
+end
+
+execute "/srv/owl.openstreetmap.org/openstreetmap-watch-list/rails/Gemfile" do
+  action :nothing
+  command "bundle#{node[:owl][:ruby]} install"
+  cwd "/srv/owl.openstreetmap.org/openstreetmap-watch-list/rails"
+  user "root"
+  group "root"
+  notifies :touch, resources(:file => "/srv/owl.openstreetmap.org/openstreetmap-watch-list/rails/tmp/restart.txt")
+end
+
+git "/srv/owl.openstreetmap.org/openstreetmap-watch-list" do
+  action :sync
+  repository "git://github.com/ppawel/openstreetmap-watch-list.git"
+  revision "owl.osm.org"
+  user "owl"
+  group "owl"
+  notifies :run, resources(:execute => "/srv/owl.openstreetmap.org/openstreetmap-watch-list/rails/Gemfile")
+end
+
+directory "srv/owl.openstreetmap.org/openstreetmap-watch-list/rails/tmp" do
+  owner "owl"
+  group "owl"
+end
+
+file "srv/owl.openstreetmap.org/openstreetmap-watch-list/rails/config/environment.rb" do
+  owner "owl"
+  group "owl"
+end
+
+template "/srv/owl.openstreetmap.org/openstreetmap-watch-list/rails/config/database.yml" do
+  source "database.yml.erb"
+  owner "owl"
+  group "owl"
+  mode 0664
+  notifies :run, resources(:execute => "/srv/owl.openstreetmap.org/openstreetmap-watch-list/rails/Gemfile")
+  only_if { node[:postgresql][:clusters]["9.1/main"] }
+end
+
+apache_site "owl.openstreetmap.org" do
+  template "apache.erb"
+  variables :aliases => [ "owl.osm.org" ]
+end
diff --git a/cookbooks/owl/templates/default/apache.erb b/cookbooks/owl/templates/default/apache.erb
new file mode 100644 (file)
index 0000000..94dbc3e
--- /dev/null
@@ -0,0 +1,18 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<VirtualHost *:80>
+       ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+       ServerAlias <%= alias_name %>
+<% end -%>
+       ServerAdmin webmaster@openstreetmap.org
+
+       DocumentRoot /srv/<%= @name %>/openstreetmap-watch-list/rails/public
+
+       RailsEnv production
+
+       SetOutputFilter DEFLATE
+
+       CustomLog /var/log/apache2/<%= @name %>-access.log combined
+       ErrorLog /var/log/apache2/<%= @name %>-error.log
+</VirtualHost>
diff --git a/cookbooks/owl/templates/default/database.yml.erb b/cookbooks/owl/templates/default/database.yml.erb
new file mode 100644 (file)
index 0000000..27db9c0
--- /dev/null
@@ -0,0 +1,13 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+production:
+  adapter: postgresql
+  port: <%= node[:postgresql][:clusters]["9.1/main"][:port] %>
+  database: owl
+  encoding: utf8
+
+development:
+  adapter: postgresql
+  port: <%= node[:postgresql][:clusters]["9.1/main"][:port] %>
+  database: owl
+  encoding: utf8
diff --git a/cookbooks/owl/templates/default/passenger.conf.erb b/cookbooks/owl/templates/default/passenger.conf.erb
new file mode 100644 (file)
index 0000000..1bf352c
--- /dev/null
@@ -0,0 +1,7 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<IfModule mod_passenger.c>
+  PassengerRoot /usr
+  PassengerRuby /usr/bin/ruby<%= node[:owl][:ruby] %>
+  PassengerUseGlobalQueue on
+</IfModule>
diff --git a/cookbooks/squid/README.rdoc b/cookbooks/squid/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/squid/attributes/default.rb b/cookbooks/squid/attributes/default.rb
new file mode 100644 (file)
index 0000000..411e613
--- /dev/null
@@ -0,0 +1,5 @@
+
+default[:squid][:cache_mem] = "256 MB"
+default[:squid][:cache_dir] = "ufs /var/spool/squid 256 16 256"
+default[:squid][:access_log] = "/var/log/squid/access.log squid"
+
diff --git a/cookbooks/squid/definitions/squid_fragment.rb b/cookbooks/squid/definitions/squid_fragment.rb
new file mode 100644 (file)
index 0000000..f64873d
--- /dev/null
@@ -0,0 +1,39 @@
+#
+# Cookbook Name:: squid
+# Definition:: squid_fragment
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :squid_fragment, :action => [ :create ], :variables => {} do
+  name = params[:name]
+  site_action = params[:action]
+
+  if site_action.include?(:create)
+    template "/etc/squid/squid.conf.d/#{name}.conf" do
+      source params[:template]
+      owner "root"
+      group "root"
+      mode 0644
+      variables params[:variables]
+      notifies :create, "template[/etc/squid/squid.conf]"
+    end
+  elsif site_action.include?(:delete)
+    template "/etc/squid/squid.conf.d/#{name}.conf" do
+      action :delete
+      notifies :create, "template[/etc/squid/squid.conf]"
+    end
+  end
+end
diff --git a/cookbooks/squid/metadata.rb b/cookbooks/squid/metadata.rb
new file mode 100644 (file)
index 0000000..735b1c0
--- /dev/null
@@ -0,0 +1,6 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures squid"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
diff --git a/cookbooks/squid/recipes/default.rb b/cookbooks/squid/recipes/default.rb
new file mode 100644 (file)
index 0000000..6452f67
--- /dev/null
@@ -0,0 +1,57 @@
+#
+# Cookbook Name:: squid
+# Recipe:: default
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+package "squid"
+package "squidclient"
+
+template "/etc/squid/squid.conf" do
+  source "squid.conf.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+template "/etc/default/squid" do
+  source "squid.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+directory "/etc/squid/squid.conf.d" do
+  owner "root"
+  group "root"
+  mode 0755
+end
+
+service "squid" do
+  action [ :enable, :start ]
+  supports :status => true, :restart => true, :reload => true
+  subscribes :reload, resources(:template => "/etc/squid/squid.conf")
+  subscribes :restart, resources(:template => "/etc/default/squid")
+  subscribes :reload, resources(:template => "/etc/resolv.conf")
+end
+
+munin_plugin "squid_cache"
+munin_plugin "squid_delay_pools"
+munin_plugin "squid_times"
+munin_plugin "squid_icp"
+munin_plugin "squid_objectsize"
+munin_plugin "squid_requests"
+munin_plugin "squid_traffic"
diff --git a/cookbooks/squid/templates/default/squid.conf.erb b/cookbooks/squid/templates/default/squid.conf.erb
new file mode 100644 (file)
index 0000000..72ff977
--- /dev/null
@@ -0,0 +1,104 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+#FIXME - configurable
+cache_mem  <%= node[:squid][:cache_mem] %>
+
+max_filedescriptors 65536
+
+#used by squidclient / munin
+http_port 127.0.0.1:3128
+
+#FIXME - configurable
+http_port 80 accel defaultsite=tile.openstreetmap.org tcpkeepalive=60,10,6 http11
+
+cache_effective_user proxy
+cache_effective_group proxy
+
+#FIXME - configurable
+cache_dir <%= node[:squid][:cache_dir] %>
+cache_swap_log /var/spool/squid/%s
+
+quick_abort_min 0 KB
+quick_abort_max 0 KB
+
+read_ahead_gap 64 KB
+
+maximum_object_size 1048576 bytes
+maximum_object_size_in_memory 64 KB
+
+cache_replacement_policy heap LFUDA
+memory_replacement_policy heap GDSF
+
+server_persistent_connections on
+persistent_request_timeout 1 minutes
+
+negative_ttl 15 seconds
+half_closed_clients off
+pipeline_prefetch on
+
+read_timeout 90 seconds
+request_timeout 90 seconds
+connect_timeout 20 seconds
+client_lifetime 1 hours
+
+collapsed_forwarding on
+refresh_stale_hit 300 seconds
+
+#Recommended minimum configuration:
+#----------------------------------
+acl all src all
+acl manager proto cache_object
+acl localhost src 127.0.0.1/32
+acl to_localhost dst 127.0.0.0/8
+acl SSL_ports port 443
+acl Safe_ports port 80          # http
+acl Safe_ports port 21          # ftp
+acl Safe_ports port 443         # https
+acl Safe_ports port 70          # gopher
+acl Safe_ports port 210         # wais
+acl Safe_ports port 1025-65535  # unregistered ports
+acl Safe_ports port 280         # http-mgmt
+acl Safe_ports port 488         # gss-http
+acl Safe_ports port 591         # filemaker
+acl Safe_ports port 777         # multiling http
+acl CONNECT method CONNECT
+http_access allow manager localhost
+
+http_access allow manager
+
+http_access deny manager
+http_access deny !Safe_ports
+http_access deny CONNECT !SSL_ports
+#----------------------------------
+
+acl purge_hosts src 127.0.0.0/8
+acl PURGE method purge
+http_access allow purge purge_hosts
+http_access deny purge
+
+forwarded_for on
+
+access_log <%= node[:squid][:access_log] %>
+cache_log /var/log/squid/cache.log
+cache_store_log none
+buffered_logs on
+client_db off
+strip_query_terms off
+
+digest_generation off
+
+refresh_pattern .              0       20%     4320
+
+#ZERO required for logrotate to work properly
+logfile_rotate 0
+
+<% Dir.glob("/etc/squid/squid.conf.d/*.conf") do |file| -%>
+<%= File.read(file) %>
+<% end -%>
+
+#MUST BE LAST ACL
+#--------------
+http_access deny all
+icp_access deny all
+#--------------
+
diff --git a/cookbooks/squid/templates/default/squid.erb b/cookbooks/squid/templates/default/squid.erb
new file mode 100644 (file)
index 0000000..f6a346c
--- /dev/null
@@ -0,0 +1,8 @@
+# DO NOT EDIT - This file is being maintained by Chef
+#
+# /etc/default/squid    Configuration settings for the Squid proxy server.
+#
+
+# Max. number of filedescriptors to use. You can increase this on a busy
+# cache to a maximum of (currently) 65536 filedescriptors. Default is 1024.
+SQUID_MAXFD=65536
diff --git a/cookbooks/subversion/README.rdoc b/cookbooks/subversion/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/subversion/files/default/hooks/post-commit b/cookbooks/subversion/files/default/hooks/post-commit
new file mode 100644 (file)
index 0000000..a8de2af
--- /dev/null
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+/usr/bin/sudo -u trac /usr/bin/trac-admin /var/lib/trac changeset added "$1" "$2"
diff --git a/cookbooks/subversion/files/default/hooks/post-revprop-change b/cookbooks/subversion/files/default/hooks/post-revprop-change
new file mode 100644 (file)
index 0000000..31843a0
--- /dev/null
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+/usr/bin/sudo -u trac /usr/bin/trac-admin /var/lib/trac changeset modified "$1" "$2"
diff --git a/cookbooks/subversion/metadata.rb b/cookbooks/subversion/metadata.rb
new file mode 100644 (file)
index 0000000..f2c68b7
--- /dev/null
@@ -0,0 +1,7 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures subversion servers"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "apache"
diff --git a/cookbooks/subversion/recipes/default.rb b/cookbooks/subversion/recipes/default.rb
new file mode 100644 (file)
index 0000000..1a52b9f
--- /dev/null
@@ -0,0 +1,50 @@
+#
+# Cookbook Name:: subversion
+# Recipe:: default
+#
+# Copyright 2012, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "apache"
+
+package "subversion"
+
+site_name = "svn.openstreetmap.org"
+repository_directory = "/var/lib/subversion/repos/openstreetmap"
+
+remote_directory "#{repository_directory}/hooks" do
+  source "hooks"
+  owner "www-data"
+  group "www-data"
+  mode 0755
+  files_owner "www-data"
+  files_group "www-data"
+  files_mode 0755
+  purge false
+end
+
+apache_module "authz_svn" do
+  package "libapache2-svn"
+end
+
+apache_module "dav_svn" do
+  package "libapache2-svn"
+end
+
+apache_site site_name do
+  template "apache.erb"
+  directory repository_directory
+  variables :realm => "Subversion Repository", :password_file => "/etc/apache2/svn.passwd"
+end
diff --git a/cookbooks/subversion/templates/default/apache.erb b/cookbooks/subversion/templates/default/apache.erb
new file mode 100644 (file)
index 0000000..90bdd4f
--- /dev/null
@@ -0,0 +1,26 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<VirtualHost *:80>
+        ServerName <%= @name %>
+        ServerAdmin webmaster@openstreetmap.org
+
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        CustomLog /var/log/apache2/<%= @name %>-svn-access.log "%h %t %u %{SVN-ACTION}e" env=SVN-ACTION
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+       <Location />
+               DAV svn
+               SVNPath <%= @directory %>
+
+               AuthType Basic
+               AuthName "<%= @realm %>"
+               AuthUserFile <%= @password_file %>
+
+               LimitXMLRequestBody 0
+               LimitRequestBody 0
+
+               <LimitExcept GET PROPFIND OPTIONS REPORT>
+                       Require valid-user
+               </LimitExcept>
+       </Location>
+</VirtualHost>
diff --git a/cookbooks/tilecache/README.rdoc b/cookbooks/tilecache/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/tilecache/attributes/default.rb b/cookbooks/tilecache/attributes/default.rb
new file mode 100644 (file)
index 0000000..2e84715
--- /dev/null
@@ -0,0 +1,12 @@
+
+default[:tilecache][:tile_parent] = "parent.tile.openstreetmap.org"
+
+#Per IP bucket refill rate
+default[:tilecache][:ip_bucket_refill] = "8192"
+#Per IP bucket size
+default[:tilecache][:ip_bucket_size] = "16777216"
+#Per Class C refill rate
+default[:tilecache][:net_bucket_refill] = "32768"
+#Per Class C bucket size
+default[:tilecache][:net_bucket_size] = "33554432"
+
diff --git a/cookbooks/tilecache/metadata.rb b/cookbooks/tilecache/metadata.rb
new file mode 100644 (file)
index 0000000..ce9c0e6
--- /dev/null
@@ -0,0 +1,7 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures a tile cache"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "squid"
diff --git a/cookbooks/tilecache/recipes/default.rb b/cookbooks/tilecache/recipes/default.rb
new file mode 100644 (file)
index 0000000..23edf01
--- /dev/null
@@ -0,0 +1,27 @@
+#
+# Cookbook Name:: tilecache
+# Recipe:: default
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "squid"
+
+tilecaches = search(:node, "roles:tilecache")
+
+squid_fragment "tilecache" do
+  template "squid.conf.erb"
+  variables :caches => tilecaches
+end
diff --git a/cookbooks/tilecache/templates/default/squid.conf.erb b/cookbooks/tilecache/templates/default/squid.conf.erb
new file mode 100644 (file)
index 0000000..aac9a45
--- /dev/null
@@ -0,0 +1,679 @@
+acl osmtile_sites dstdomain a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org tile.openstreetmap.org a.tile.osm.org b.tile.osm.org c.tile.osm.org tile.osm.org
+acl osmtiles_png urlpath_regex .png$
+
+http_access allow osmtile_sites
+
+acl osmtile_nocache_url urlpath_regex \.png/(status|dirty)$
+cache deny osmtile_sites osmtile_nocache_url
+
+cache_peer <%= node[:tilecache][:tile_parent] %> parent 80 0 no-query originserver name=osmtileAccel login=PASS connect-timeout=90 no-digest
+cache_peer yevaud.openstreetmap.org parent 80 0 no-query originserver name=osmtileFileAccel login=PASS connect-timeout=90 no-delay no-digest max-conn=30
+
+cache_peer_access osmtileAccel allow osmtile_sites osmtiles_png
+cache_peer_access osmtileAccel deny all
+
+cache_peer_access osmtileFileAccel allow osmtile_sites !osmtiles_png
+cache_peer_access osmtileFileAccel deny all
+
+#----------------------------------
+#Create an unlimited pool for cache IP addresses
+acl pool_unlimited src 127.0.0.1
+<% @caches.each do |cache| -%>
+<% cache.ipaddresses(:family => :inet, :role => :external) do |address| -%>
+  acl pool_unlimited src <%= address %>
+<% end -%>
+<% end -%>
+
+acl pool_000 src 0.0.0.0/7
+acl pool_002 src 2.0.0.0/7
+acl pool_004 src 4.0.0.0/7
+acl pool_006 src 6.0.0.0/7
+acl pool_008 src 8.0.0.0/7
+acl pool_010 src 10.0.0.0/7
+acl pool_012 src 12.0.0.0/7
+acl pool_014 src 14.0.0.0/7
+acl pool_016 src 16.0.0.0/7
+acl pool_018 src 18.0.0.0/7
+acl pool_020 src 20.0.0.0/7
+acl pool_022 src 22.0.0.0/7
+acl pool_024 src 24.0.0.0/7
+acl pool_026 src 26.0.0.0/7
+acl pool_028 src 28.0.0.0/7
+acl pool_030 src 30.0.0.0/7
+acl pool_032 src 32.0.0.0/7
+acl pool_034 src 34.0.0.0/7
+acl pool_036 src 36.0.0.0/7
+acl pool_038 src 38.0.0.0/7
+acl pool_040 src 40.0.0.0/7
+acl pool_042 src 42.0.0.0/7
+acl pool_044 src 44.0.0.0/7
+acl pool_046 src 46.0.0.0/7
+acl pool_048 src 48.0.0.0/7
+acl pool_050 src 50.0.0.0/7
+acl pool_052 src 52.0.0.0/7
+acl pool_054 src 54.0.0.0/7
+acl pool_056 src 56.0.0.0/7
+acl pool_058 src 58.0.0.0/7
+acl pool_060 src 60.0.0.0/7
+acl pool_062 src 62.0.0.0/7
+acl pool_064 src 64.0.0.0/7
+acl pool_066 src 66.0.0.0/7
+acl pool_068 src 68.0.0.0/7
+acl pool_070 src 70.0.0.0/7
+acl pool_072 src 72.0.0.0/7
+acl pool_074 src 74.0.0.0/7
+acl pool_076 src 76.0.0.0/7
+acl pool_078 src 78.0.0.0/7
+acl pool_080 src 80.0.0.0/7
+acl pool_082 src 82.0.0.0/7
+acl pool_084 src 84.0.0.0/7
+acl pool_086 src 86.0.0.0/7
+acl pool_088 src 88.0.0.0/7
+acl pool_090 src 90.0.0.0/7
+acl pool_092 src 92.0.0.0/7
+acl pool_094 src 94.0.0.0/7
+acl pool_096 src 96.0.0.0/7
+acl pool_098 src 98.0.0.0/7
+acl pool_100 src 100.0.0.0/7
+acl pool_102 src 102.0.0.0/7
+acl pool_104 src 104.0.0.0/7
+acl pool_106 src 106.0.0.0/7
+acl pool_108 src 108.0.0.0/7
+acl pool_110 src 110.0.0.0/7
+acl pool_112 src 112.0.0.0/7
+acl pool_114 src 114.0.0.0/7
+acl pool_116 src 116.0.0.0/7
+acl pool_118 src 118.0.0.0/7
+acl pool_120 src 120.0.0.0/7
+acl pool_122 src 122.0.0.0/7
+acl pool_124 src 124.0.0.0/7
+acl pool_126 src 126.0.0.0/7
+acl pool_128 src 128.0.0.0/7
+acl pool_130 src 130.0.0.0/7
+acl pool_132 src 132.0.0.0/7
+acl pool_134 src 134.0.0.0/7
+acl pool_136 src 136.0.0.0/7
+acl pool_138 src 138.0.0.0/7
+acl pool_140 src 140.0.0.0/7
+acl pool_142 src 142.0.0.0/7
+acl pool_144 src 144.0.0.0/7
+acl pool_146 src 146.0.0.0/7
+acl pool_148 src 148.0.0.0/7
+acl pool_150 src 150.0.0.0/7
+acl pool_152 src 152.0.0.0/7
+acl pool_154 src 154.0.0.0/7
+acl pool_156 src 156.0.0.0/7
+acl pool_158 src 158.0.0.0/7
+acl pool_160 src 160.0.0.0/7
+acl pool_162 src 162.0.0.0/7
+acl pool_164 src 164.0.0.0/7
+acl pool_166 src 166.0.0.0/7
+acl pool_168 src 168.0.0.0/7
+acl pool_170 src 170.0.0.0/7
+acl pool_172 src 172.0.0.0/7
+acl pool_174 src 174.0.0.0/7
+acl pool_176 src 176.0.0.0/7
+acl pool_178 src 178.0.0.0/7
+acl pool_180 src 180.0.0.0/7
+acl pool_182 src 182.0.0.0/7
+acl pool_184 src 184.0.0.0/7
+acl pool_186 src 186.0.0.0/7
+acl pool_188 src 188.0.0.0/7
+acl pool_190 src 190.0.0.0/7
+acl pool_192 src 192.0.0.0/7
+acl pool_194 src 194.0.0.0/7
+acl pool_196 src 196.0.0.0/7
+acl pool_198 src 198.0.0.0/7
+acl pool_200 src 200.0.0.0/7
+acl pool_202 src 202.0.0.0/7
+acl pool_204 src 204.0.0.0/7
+acl pool_206 src 206.0.0.0/7
+acl pool_208 src 208.0.0.0/7
+acl pool_210 src 210.0.0.0/7
+acl pool_212 src 212.0.0.0/7
+acl pool_214 src 214.0.0.0/7
+acl pool_216 src 216.0.0.0/7
+acl pool_218 src 218.0.0.0/7
+acl pool_220 src 220.0.0.0/7
+acl pool_222 src 222.0.0.0/7
+acl pool_224 src 224.0.0.0/7
+acl pool_226 src 226.0.0.0/7
+acl pool_228 src 228.0.0.0/7
+acl pool_230 src 230.0.0.0/7
+acl pool_232 src 232.0.0.0/7
+acl pool_234 src 234.0.0.0/7
+acl pool_236 src 236.0.0.0/7
+acl pool_238 src 238.0.0.0/7
+acl pool_240 src 240.0.0.0/7
+acl pool_242 src 242.0.0.0/7
+acl pool_244 src 244.0.0.0/7
+acl pool_246 src 246.0.0.0/7
+acl pool_248 src 248.0.0.0/7
+acl pool_250 src 250.0.0.0/7
+acl pool_252 src 252.0.0.0/7
+acl pool_254 src 254.0.0.0/7
+
+delay_pools 128
+delay_initial_bucket_level 25
+
+delay_class 1 3
+delay_class 2 3
+delay_class 3 3
+delay_class 4 3
+delay_class 5 3
+delay_class 6 3
+delay_class 7 3
+delay_class 8 3
+delay_class 9 3
+delay_class 10 3
+delay_class 11 3
+delay_class 12 3
+delay_class 13 3
+delay_class 14 3
+delay_class 15 3
+delay_class 16 3
+delay_class 17 3
+delay_class 18 3
+delay_class 19 3
+delay_class 20 3
+delay_class 21 3
+delay_class 22 3
+delay_class 23 3
+delay_class 24 3
+delay_class 25 3
+delay_class 26 3
+delay_class 27 3
+delay_class 28 3
+delay_class 29 3
+delay_class 30 3
+delay_class 31 3
+delay_class 32 3
+delay_class 33 3
+delay_class 34 3
+delay_class 35 3
+delay_class 36 3
+delay_class 37 3
+delay_class 38 3
+delay_class 39 3
+delay_class 40 3
+delay_class 41 3
+delay_class 42 3
+delay_class 43 3
+delay_class 44 3
+delay_class 45 3
+delay_class 46 3
+delay_class 47 3
+delay_class 48 3
+delay_class 49 3
+delay_class 50 3
+delay_class 51 3
+delay_class 52 3
+delay_class 53 3
+delay_class 54 3
+delay_class 55 3
+delay_class 56 3
+delay_class 57 3
+delay_class 58 3
+delay_class 59 3
+delay_class 60 3
+delay_class 61 3
+delay_class 62 3
+delay_class 63 3
+delay_class 64 3
+delay_class 65 3
+delay_class 66 3
+delay_class 67 3
+delay_class 68 3
+delay_class 69 3
+delay_class 70 3
+delay_class 71 3
+delay_class 72 3
+delay_class 73 3
+delay_class 74 3
+delay_class 75 3
+delay_class 76 3
+delay_class 77 3
+delay_class 78 3
+delay_class 79 3
+delay_class 80 3
+delay_class 81 3
+delay_class 82 3
+delay_class 83 3
+delay_class 84 3
+delay_class 85 3
+delay_class 86 3
+delay_class 87 3
+delay_class 88 3
+delay_class 89 3
+delay_class 90 3
+delay_class 91 3
+delay_class 92 3
+delay_class 93 3
+delay_class 94 3
+delay_class 95 3
+delay_class 96 3
+delay_class 97 3
+delay_class 98 3
+delay_class 99 3
+delay_class 100 3
+delay_class 101 3
+delay_class 102 3
+delay_class 103 3
+delay_class 104 3
+delay_class 105 3
+delay_class 106 3
+delay_class 107 3
+delay_class 108 3
+delay_class 109 3
+delay_class 110 3
+delay_class 111 3
+delay_class 112 3
+delay_class 113 3
+delay_class 114 3
+delay_class 115 3
+delay_class 116 3
+delay_class 117 3
+delay_class 118 3
+delay_class 119 3
+delay_class 120 3
+delay_class 121 3
+delay_class 122 3
+delay_class 123 3
+delay_class 124 3
+delay_class 125 3
+delay_class 126 3
+delay_class 127 3
+delay_class 128 3
+#bit mask
+# xxxxxxx- -------- xxxxxxxx xxxxxxxx
+
+delay_access 1 allow pool_000 !pool_unlimited osmtile_sites
+delay_access 2 allow pool_002 !pool_unlimited osmtile_sites
+delay_access 3 allow pool_004 !pool_unlimited osmtile_sites
+delay_access 4 allow pool_006 !pool_unlimited osmtile_sites
+delay_access 5 allow pool_008 !pool_unlimited osmtile_sites
+delay_access 6 allow pool_010 !pool_unlimited osmtile_sites
+delay_access 7 allow pool_012 !pool_unlimited osmtile_sites
+delay_access 8 allow pool_014 !pool_unlimited osmtile_sites
+delay_access 9 allow pool_016 !pool_unlimited osmtile_sites
+delay_access 10 allow pool_018 !pool_unlimited osmtile_sites
+delay_access 11 allow pool_020 !pool_unlimited osmtile_sites
+delay_access 12 allow pool_022 !pool_unlimited osmtile_sites
+delay_access 13 allow pool_024 !pool_unlimited osmtile_sites
+delay_access 14 allow pool_026 !pool_unlimited osmtile_sites
+delay_access 15 allow pool_028 !pool_unlimited osmtile_sites
+delay_access 16 allow pool_030 !pool_unlimited osmtile_sites
+delay_access 17 allow pool_032 !pool_unlimited osmtile_sites
+delay_access 18 allow pool_034 !pool_unlimited osmtile_sites
+delay_access 19 allow pool_036 !pool_unlimited osmtile_sites
+delay_access 20 allow pool_038 !pool_unlimited osmtile_sites
+delay_access 21 allow pool_040 !pool_unlimited osmtile_sites
+delay_access 22 allow pool_042 !pool_unlimited osmtile_sites
+delay_access 23 allow pool_044 !pool_unlimited osmtile_sites
+delay_access 24 allow pool_046 !pool_unlimited osmtile_sites
+delay_access 25 allow pool_048 !pool_unlimited osmtile_sites
+delay_access 26 allow pool_050 !pool_unlimited osmtile_sites
+delay_access 27 allow pool_052 !pool_unlimited osmtile_sites
+delay_access 28 allow pool_054 !pool_unlimited osmtile_sites
+delay_access 29 allow pool_056 !pool_unlimited osmtile_sites
+delay_access 30 allow pool_058 !pool_unlimited osmtile_sites
+delay_access 31 allow pool_060 !pool_unlimited osmtile_sites
+delay_access 32 allow pool_062 !pool_unlimited osmtile_sites
+delay_access 33 allow pool_064 !pool_unlimited osmtile_sites
+delay_access 34 allow pool_066 !pool_unlimited osmtile_sites
+delay_access 35 allow pool_068 !pool_unlimited osmtile_sites
+delay_access 36 allow pool_070 !pool_unlimited osmtile_sites
+delay_access 37 allow pool_072 !pool_unlimited osmtile_sites
+delay_access 38 allow pool_074 !pool_unlimited osmtile_sites
+delay_access 39 allow pool_076 !pool_unlimited osmtile_sites
+delay_access 40 allow pool_078 !pool_unlimited osmtile_sites
+delay_access 41 allow pool_080 !pool_unlimited osmtile_sites
+delay_access 42 allow pool_082 !pool_unlimited osmtile_sites
+delay_access 43 allow pool_084 !pool_unlimited osmtile_sites
+delay_access 44 allow pool_086 !pool_unlimited osmtile_sites
+delay_access 45 allow pool_088 !pool_unlimited osmtile_sites
+delay_access 46 allow pool_090 !pool_unlimited osmtile_sites
+delay_access 47 allow pool_092 !pool_unlimited osmtile_sites
+delay_access 48 allow pool_094 !pool_unlimited osmtile_sites
+delay_access 49 allow pool_096 !pool_unlimited osmtile_sites
+delay_access 50 allow pool_098 !pool_unlimited osmtile_sites
+delay_access 51 allow pool_100 !pool_unlimited osmtile_sites
+delay_access 52 allow pool_102 !pool_unlimited osmtile_sites
+delay_access 53 allow pool_104 !pool_unlimited osmtile_sites
+delay_access 54 allow pool_106 !pool_unlimited osmtile_sites
+delay_access 55 allow pool_108 !pool_unlimited osmtile_sites
+delay_access 56 allow pool_110 !pool_unlimited osmtile_sites
+delay_access 57 allow pool_112 !pool_unlimited osmtile_sites
+delay_access 58 allow pool_114 !pool_unlimited osmtile_sites
+delay_access 59 allow pool_116 !pool_unlimited osmtile_sites
+delay_access 60 allow pool_118 !pool_unlimited osmtile_sites
+delay_access 61 allow pool_120 !pool_unlimited osmtile_sites
+delay_access 62 allow pool_122 !pool_unlimited osmtile_sites
+delay_access 63 allow pool_124 !pool_unlimited osmtile_sites
+delay_access 64 allow pool_126 !pool_unlimited osmtile_sites
+delay_access 65 allow pool_128 !pool_unlimited osmtile_sites
+delay_access 66 allow pool_130 !pool_unlimited osmtile_sites
+delay_access 67 allow pool_132 !pool_unlimited osmtile_sites
+delay_access 68 allow pool_134 !pool_unlimited osmtile_sites
+delay_access 69 allow pool_136 !pool_unlimited osmtile_sites
+delay_access 70 allow pool_138 !pool_unlimited osmtile_sites
+delay_access 71 allow pool_140 !pool_unlimited osmtile_sites
+delay_access 72 allow pool_142 !pool_unlimited osmtile_sites
+delay_access 73 allow pool_144 !pool_unlimited osmtile_sites
+delay_access 74 allow pool_146 !pool_unlimited osmtile_sites
+delay_access 75 allow pool_148 !pool_unlimited osmtile_sites
+delay_access 76 allow pool_150 !pool_unlimited osmtile_sites
+delay_access 77 allow pool_152 !pool_unlimited osmtile_sites
+delay_access 78 allow pool_154 !pool_unlimited osmtile_sites
+delay_access 79 allow pool_156 !pool_unlimited osmtile_sites
+delay_access 80 allow pool_158 !pool_unlimited osmtile_sites
+delay_access 81 allow pool_160 !pool_unlimited osmtile_sites
+delay_access 82 allow pool_162 !pool_unlimited osmtile_sites
+delay_access 83 allow pool_164 !pool_unlimited osmtile_sites
+delay_access 84 allow pool_166 !pool_unlimited osmtile_sites
+delay_access 85 allow pool_168 !pool_unlimited osmtile_sites
+delay_access 86 allow pool_170 !pool_unlimited osmtile_sites
+delay_access 87 allow pool_172 !pool_unlimited osmtile_sites
+delay_access 88 allow pool_174 !pool_unlimited osmtile_sites
+delay_access 89 allow pool_176 !pool_unlimited osmtile_sites
+delay_access 90 allow pool_178 !pool_unlimited osmtile_sites
+delay_access 91 allow pool_180 !pool_unlimited osmtile_sites
+delay_access 92 allow pool_182 !pool_unlimited osmtile_sites
+delay_access 93 allow pool_184 !pool_unlimited osmtile_sites
+delay_access 94 allow pool_186 !pool_unlimited osmtile_sites
+delay_access 95 allow pool_188 !pool_unlimited osmtile_sites
+delay_access 96 allow pool_190 !pool_unlimited osmtile_sites
+delay_access 97 allow pool_192 !pool_unlimited osmtile_sites
+delay_access 98 allow pool_194 !pool_unlimited osmtile_sites
+delay_access 99 allow pool_196 !pool_unlimited osmtile_sites
+delay_access 100 allow pool_198 !pool_unlimited osmtile_sites
+delay_access 100 allow pool_198 !pool_unlimited osmtile_sites
+delay_access 101 allow pool_200 !pool_unlimited osmtile_sites
+delay_access 102 allow pool_202 !pool_unlimited osmtile_sites
+delay_access 103 allow pool_204 !pool_unlimited osmtile_sites
+delay_access 104 allow pool_206 !pool_unlimited osmtile_sites
+delay_access 105 allow pool_208 !pool_unlimited osmtile_sites
+delay_access 106 allow pool_210 !pool_unlimited osmtile_sites
+delay_access 107 allow pool_212 !pool_unlimited osmtile_sites
+delay_access 108 allow pool_214 !pool_unlimited osmtile_sites
+delay_access 109 allow pool_216 !pool_unlimited osmtile_sites
+delay_access 110 allow pool_218 !pool_unlimited osmtile_sites
+delay_access 111 allow pool_220 !pool_unlimited osmtile_sites
+delay_access 112 allow pool_222 !pool_unlimited osmtile_sites
+delay_access 113 allow pool_224 !pool_unlimited osmtile_sites
+delay_access 114 allow pool_226 !pool_unlimited osmtile_sites
+delay_access 115 allow pool_228 !pool_unlimited osmtile_sites
+delay_access 116 allow pool_230 !pool_unlimited osmtile_sites
+delay_access 117 allow pool_232 !pool_unlimited osmtile_sites
+delay_access 118 allow pool_234 !pool_unlimited osmtile_sites
+delay_access 119 allow pool_236 !pool_unlimited osmtile_sites
+delay_access 120 allow pool_238 !pool_unlimited osmtile_sites
+delay_access 121 allow pool_240 !pool_unlimited osmtile_sites
+delay_access 122 allow pool_242 !pool_unlimited osmtile_sites
+delay_access 123 allow pool_244 !pool_unlimited osmtile_sites
+delay_access 124 allow pool_246 !pool_unlimited osmtile_sites
+delay_access 125 allow pool_248 !pool_unlimited osmtile_sites
+delay_access 126 allow pool_250 !pool_unlimited osmtile_sites
+delay_access 127 allow pool_252 !pool_unlimited osmtile_sites
+delay_access 128 allow pool_254 !pool_unlimited osmtile_sites
+
+delay_access 1 deny all
+delay_access 2 deny all
+delay_access 3 deny all
+delay_access 4 deny all
+delay_access 5 deny all
+delay_access 6 deny all
+delay_access 7 deny all
+delay_access 8 deny all
+delay_access 9 deny all
+delay_access 10 deny all
+delay_access 11 deny all
+delay_access 12 deny all
+delay_access 13 deny all
+delay_access 14 deny all
+delay_access 15 deny all
+delay_access 16 deny all
+delay_access 17 deny all
+delay_access 18 deny all
+delay_access 19 deny all
+delay_access 20 deny all
+delay_access 21 deny all
+delay_access 22 deny all
+delay_access 23 deny all
+delay_access 24 deny all
+delay_access 25 deny all
+delay_access 26 deny all
+delay_access 27 deny all
+delay_access 28 deny all
+delay_access 29 deny all
+delay_access 30 deny all
+delay_access 31 deny all
+delay_access 32 deny all
+delay_access 33 deny all
+delay_access 34 deny all
+delay_access 35 deny all
+delay_access 36 deny all
+delay_access 37 deny all
+delay_access 38 deny all
+delay_access 39 deny all
+delay_access 40 deny all
+delay_access 41 deny all
+delay_access 42 deny all
+delay_access 43 deny all
+delay_access 44 deny all
+delay_access 45 deny all
+delay_access 46 deny all
+delay_access 47 deny all
+delay_access 48 deny all
+delay_access 49 deny all
+delay_access 50 deny all
+delay_access 51 deny all
+delay_access 52 deny all
+delay_access 53 deny all
+delay_access 54 deny all
+delay_access 55 deny all
+delay_access 56 deny all
+delay_access 57 deny all
+delay_access 58 deny all
+delay_access 59 deny all
+delay_access 60 deny all
+delay_access 61 deny all
+delay_access 62 deny all
+delay_access 63 deny all
+delay_access 64 deny all
+delay_access 65 deny all
+delay_access 66 deny all
+delay_access 67 deny all
+delay_access 68 deny all
+delay_access 69 deny all
+delay_access 70 deny all
+delay_access 71 deny all
+delay_access 72 deny all
+delay_access 73 deny all
+delay_access 74 deny all
+delay_access 75 deny all
+delay_access 76 deny all
+delay_access 77 deny all
+delay_access 78 deny all
+delay_access 79 deny all
+delay_access 80 deny all
+delay_access 81 deny all
+delay_access 82 deny all
+delay_access 83 deny all
+delay_access 84 deny all
+delay_access 85 deny all
+delay_access 86 deny all
+delay_access 87 deny all
+delay_access 88 deny all
+delay_access 89 deny all
+delay_access 90 deny all
+delay_access 91 deny all
+delay_access 92 deny all
+delay_access 93 deny all
+delay_access 94 deny all
+delay_access 95 deny all
+delay_access 96 deny all
+delay_access 97 deny all
+delay_access 98 deny all
+delay_access 99 deny all
+delay_access 100 deny all
+delay_access 101 deny all
+delay_access 102 deny all
+delay_access 103 deny all
+delay_access 104 deny all
+delay_access 105 deny all
+delay_access 106 deny all
+delay_access 107 deny all
+delay_access 108 deny all
+delay_access 109 deny all
+delay_access 110 deny all
+delay_access 111 deny all
+delay_access 112 deny all
+delay_access 113 deny all
+delay_access 114 deny all
+delay_access 115 deny all
+delay_access 116 deny all
+delay_access 117 deny all
+delay_access 118 deny all
+delay_access 119 deny all
+delay_access 120 deny all
+delay_access 121 deny all
+delay_access 122 deny all
+delay_access 123 deny all
+delay_access 124 deny all
+delay_access 125 deny all
+delay_access 126 deny all
+delay_access 127 deny all
+delay_access 128 deny all
+
+delay_parameters 1 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 2 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 3 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 4 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 5 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 6 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 7 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 8 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 9 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 10 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 11 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 12 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 13 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 14 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 15 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 16 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 17 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 18 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 19 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 20 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 21 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 22 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 23 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 24 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 25 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 26 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 27 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 28 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 29 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 30 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 31 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 32 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 33 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 34 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 35 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 36 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 37 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 38 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 39 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 40 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 41 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 42 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 43 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 44 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 45 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 46 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 47 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 48 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 49 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 50 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 51 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 52 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 53 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 54 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 55 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 56 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 57 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 58 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 59 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 60 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 61 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 62 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 63 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 64 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 65 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 66 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 67 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 68 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 69 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 70 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 71 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 72 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 73 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 74 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 75 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 76 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 77 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 78 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 79 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 80 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 81 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 82 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 83 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 84 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 85 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 86 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 87 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 88 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 89 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 90 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 91 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 92 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 93 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 94 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 95 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 96 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 97 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 98 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 99 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 100 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 101 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 102 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 103 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 104 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 105 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 106 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 107 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 108 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 109 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 110 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 111 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 112 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 113 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 114 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 115 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 116 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 117 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 118 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 119 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 120 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 121 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 122 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 123 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 124 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 125 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 126 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 127 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+delay_parameters 128 -1/-1 <%= node[:tilecache][:net_bucket_refill] %>/<%= node[:tilecache][:net_bucket_size] %> <%= node[:tilecache][:ip_bucket_refill] %>/<%= node[:tilecache][:ip_bucket_size] %>
+
+#----------------------------------
+
diff --git a/cookbooks/web/README.rdoc b/cookbooks/web/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/web/attributes/default.rb b/cookbooks/web/attributes/default.rb
new file mode 100644 (file)
index 0000000..54d692f
--- /dev/null
@@ -0,0 +1,4 @@
+default[:web][:ruby_version] = "1.9.1"
+default[:web][:base_directory] = "/srv/www.openstreetmap.org"
+default[:web][:pid_directory] = "/var/run/web"
+default[:web][:log_directory] = "/var/log/web"
diff --git a/cookbooks/web/definitions/rails_port.rb b/cookbooks/web/definitions/rails_port.rb
new file mode 100644 (file)
index 0000000..48606f7
--- /dev/null
@@ -0,0 +1,248 @@
+#
+# Cookbook Name:: web
+# Definition:: rails_port
+#
+# Copyright 2012, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :rails_port, :action => [ :create, :enable ] do
+  name = params[:name]
+  ruby_version = params[:ruby] || "1.9.1"
+  rails_directory = params[:directory] || "/srv/#{name}"
+  rails_user = params[:user]
+  rails_group = params[:group]
+  rails_repository = params[:repository] || "git://git.openstreetmap.org/rails.git"
+  rails_revision = params[:revision] || "live"
+  run_migrations = params[:run_migrations] || false
+  status = params[:status] || "online"
+
+  database_params = {
+    :host => params[:database_host],
+    :port => params[:database_port],
+    :name => params[:database_name],
+    :username => params[:database_username],
+    :password => params[:database_password]
+  }
+
+  package "ruby#{ruby_version}"
+  package "ruby#{ruby_version}-dev"
+  package "rubygems#{ruby_version}"
+  package "irb#{ruby_version}"
+  package "imagemagick"
+
+  package "g++"
+  package "libpq-dev"
+  package "libsasl2-dev"
+  package "libxml2-dev"
+  package "libxslt1-dev"
+  package "libmemcached-dev"
+
+  gem_package "bundler#{ruby_version}" do
+    package_name "bundler"
+    gem_binary "gem#{ruby_version}"
+    options "--format-executable"
+  end
+
+  file "/usr/lib/ruby/1.8/rack.rb" do
+    action :delete
+  end
+
+  directory "/usr/lib/ruby/1.8/rack" do
+    action :delete
+    recursive true
+  end
+
+  file "#{rails_directory}/tmp/restart.txt" do
+    action :nothing
+  end
+
+  file "#{rails_directory}/public/export/embed.html" do
+    action :nothing
+  end
+
+  execute "#{rails_directory}/public/assets" do
+    action :nothing
+    command "rake#{ruby_version} assets:precompile"
+    cwd rails_directory
+    user rails_user
+    group rails_group
+    notifies :delete, resources(:file => "#{rails_directory}/public/export/embed.html")
+    notifies :touch, resources(:file => "#{rails_directory}/tmp/restart.txt")
+  end
+
+  execute "#{rails_directory}/db/migrate" do
+    action :nothing
+    command "rake#{ruby_version} db:migrate"
+    cwd rails_directory
+    user rails_user
+    group rails_group
+    notifies :run, resources(:execute => "#{rails_directory}/public/assets")
+  end
+
+  execute "#{rails_directory}/Gemfile" do
+    action :nothing
+    command "bundle#{ruby_version} install"
+    cwd rails_directory
+    user "root"
+    group "root"
+    if run_migrations
+      notifies :run, resources(:execute => "#{rails_directory}/db/migrate")
+    else
+      notifies :run, resources(:execute => "#{rails_directory}/public/assets")
+    end
+    subscribes :run, resources(:gem_package => "bundler#{ruby_version}")
+  end
+
+  directory rails_directory do
+    owner rails_user
+    group rails_group
+    mode 02775
+  end
+
+  git rails_directory do
+    action :sync
+    repository rails_repository
+    revision rails_revision
+    user rails_user
+    group rails_group
+    notifies :run, resources(:execute => "#{rails_directory}/Gemfile")
+  end
+
+  directory "#{rails_directory}/tmp" do
+    owner rails_user
+    group rails_group
+  end
+
+  file "#{rails_directory}/config/environment.rb" do
+    owner rails_user
+    group rails_group
+  end
+
+  template "#{rails_directory}/config/database.yml" do
+    cookbook "web"
+    source "database.yml.erb"
+    owner rails_user
+    group rails_group
+    mode 0664
+    variables database_params
+    notifies :touch, resources(:file => "#{rails_directory}/tmp/restart.txt")
+  end
+
+  file "#{rails_directory}/config/application.yml" do
+    owner rails_user
+    group rails_group
+    mode 0664
+    content_from_file "#{rails_directory}/config/example.application.yml" do |line|
+      line.gsub!(/^( *)server_url:.*$/, "\\1server_url: \"#{name}\"")
+
+      if params[:email_from]
+        line.gsub!(/^( *)email_from:.*$/, "\\1email_from: \"#{params[:email_from]}\"")
+      end
+
+      line.gsub!(/^( *)status:.*$/, "\\1status: :#{status}")
+
+      if params[:messages_domain]
+        line.gsub!(/^( *)#messages_domain:.*$/, "\\1messages_domain: \"#{params[:messages_domain]}\"")
+      end
+
+      line.gsub!(/^( *)#geonames_username:.*$/, "\\1geonames_username: \"openstreetmap\"")
+
+      if params[:quova_username]
+        line.gsub!(/^( *)#quova_username:.*$/, "\\1quova_username: \"#{params[:quova_username]}\"")
+        line.gsub!(/^( *)#quova_password:.*$/, "\\1quova_password: \"#{params[:quova_password]}\"")
+      end
+
+      if params[:soft_memory_limit]
+        line.gsub!(/^( *)#soft_memory_limit:.*$/, "\\1soft_memory_limit: #{params[:soft_memory_limit]}")
+      end
+
+      if params[:hard_memory_limit]
+        line.gsub!(/^( *)#hard_memory_limit:.*$/, "\\1hard_memory_limit: #{params[:hard_memory_limit]}")
+      end
+
+      if params[:gpx_dir]
+        line.gsub!(/^( *)gpx_trace_dir:.*$/, "\\1gpx_trace_dir: \"#{params[:gpx_dir]}/traces\"")
+        line.gsub!(/^( *)gpx_image_dir:.*$/, "\\1gpx_image_dir: \"#{params[:gpx_dir]}/images\"")
+      end
+
+      if params[:attachments_dir]
+        line.gsub!(/^( *)attachments_dir:.*$/, "\\1attachments_dir: \"#{params[:attachments_dir]}\"")
+      end
+
+      if params[:log_path]
+        line.gsub!(/^( *)#log_path:.*$/, "\\1log_path: \"#{params[:log_path]}\"")
+      end
+
+      if params[:memcache_servers]
+        line.gsub!(/^( *)#memcache_servers:.*$/, "\\1memcache_servers: [ \"#{params[:memcache_servers].join("\", \"")}\" ]")
+      end
+
+      if params[:potlatch2_key]
+        line.gsub!(/^( *)#potlatch2_key:.*$/, "\\1potlatch2_key: \"#{params[:potlatch2_key]}\"")
+      end
+
+      if params[:id_key]
+        line.gsub!(/^( *)#id_key:.*$/, "\\1id_key: \"#{params[:id_key]}\"")
+      end
+
+      if params[:oauth_key]
+        line.gsub!(/^( *)#oauth_key:.*$/, "\\1oauth_key: \"#{params[:oauth_key]}\"")
+      end
+
+      line.gsub!(/^( *)require_terms_seen:.*$/, "\\1require_terms_seen: true")
+      line.gsub!(/^( *)require_terms_agreed:.*$/, "\\1require_terms_agreed: true")
+
+      if params[:piwik_location]
+        line.gsub!(/^( *)#piwik_location:.*$/, "\\1piwik_location: \"#{params[:piwik_location]}\"")
+        line.gsub!(/^( *)#piwik_site:.*$/, "\\1piwik_site: #{params[:piwik_site]}")
+        line.gsub!(/^( *)#piwik_signup_goal:.*$/, "\\1piwik_signup_goal: #{params[:piwik_signup_goal]}")
+      end
+
+      line
+    end
+    notifies :touch, resources(:file => "#{rails_directory}/tmp/restart.txt")
+  end
+
+  execute "#{rails_directory}/lib/quad_tile/extconf.rb" do
+    command "ruby extconf.rb"
+    cwd "#{rails_directory}/lib/quad_tile"
+    user rails_user
+    group rails_group
+    not_if { File.exist?("#{rails_directory}/lib/quad_tile/Makefile") and File.mtime("#{rails_directory}/lib/quad_tile/Makefile") >= File.mtime("#{rails_directory}/lib/quad_tile/extconf.rb") }
+  end
+
+  execute "#{rails_directory}/lib/quad_tile/Makefile" do
+    command "make"
+    cwd "#{rails_directory}/lib/quad_tile"
+    user rails_user
+    group rails_group
+    not_if do
+      File.exist?("#{rails_directory}/lib/quad_tile/quad_tile_so.so") and
+      File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= File.mtime("#{rails_directory}/lib/quad_tile/Makefile") and
+      File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= File.mtime("#{rails_directory}/lib/quad_tile/quad_tile.c") and
+      File.mtime("#{rails_directory}/lib/quad_tile/quad_tile_so.so") >= File.mtime("#{rails_directory}/lib/quad_tile/quad_tile.h")
+    end
+    notifies :touch, resources(:file => "#{rails_directory}/tmp/restart.txt")
+  end
+
+  template "/etc/cron.daily/rails-#{name}" do
+    cookbook "web"
+    source "rails.cron.erb"
+    owner "root"
+    group "root"
+    mode 0755
+    variables :directory => rails_directory
+  end
+end
diff --git a/cookbooks/web/metadata.rb b/cookbooks/web/metadata.rb
new file mode 100644 (file)
index 0000000..c38ae36
--- /dev/null
@@ -0,0 +1,10 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures www.openstreetmap.org servers"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "apache"
+depends           "git"
+depends           "memcached"
+depends           "tools"
diff --git a/cookbooks/web/recipes/backend.rb b/cookbooks/web/recipes/backend.rb
new file mode 100644 (file)
index 0000000..fa13948
--- /dev/null
@@ -0,0 +1,35 @@
+#
+# Cookbook Name:: web
+# Recipe:: backend
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "memcached"
+include_recipe "web::rails"
+include_recipe "web::cgimap"
+
+apache_module "fastcgi-handler"
+apache_module "remoteip"
+
+apache_site "default" do
+  action [ :disable ]
+end
+
+apache_site "www.openstreetmap.org" do
+  template "apache.backend.erb"
+end
+
+node.set[:memcached][:ip_address] = node.internal_ipaddress
diff --git a/cookbooks/web/recipes/base.rb b/cookbooks/web/recipes/base.rb
new file mode 100644 (file)
index 0000000..2258b3f
--- /dev/null
@@ -0,0 +1,42 @@
+#
+# Cookbook Name:: web
+# Recipe:: base
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+directory node[:web][:base_directory] do
+  group "rails"
+  mode 02775
+end
+
+directory node[:web][:pid_directory] do
+  owner "rails"
+  group "rails"
+  mode 0775
+end
+
+directory node[:web][:log_directory] do
+  owner "rails"
+  group "rails"
+  mode 0775
+end
+
+template "/etc/logrotate.d/web" do
+  source "logrotate.web.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
diff --git a/cookbooks/web/recipes/cgimap.rb b/cookbooks/web/recipes/cgimap.rb
new file mode 100644 (file)
index 0000000..73114c1
--- /dev/null
@@ -0,0 +1,124 @@
+#
+# Cookbook Name:: web
+# Recipe:: cgimap
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "tools"
+include_recipe "web::base"
+
+db_passwords = data_bag_item("db", "passwords")
+
+package "gcc"
+package "make"
+package "autoconf"
+package "automake"
+package "libfcgi-dev"
+package "libxml2-dev"
+package "libmemcached-dev"
+package "libboost-regex-dev"
+package "libboost-program-options-dev"
+package "libboost-date-time-dev"
+package "zlib1g-dev"
+
+if node[:lsb][:release].to_f < 12.04
+  package "libpqxx-dev"
+else
+  package "libpqxx3-dev"
+end
+
+cgimap_directory = "#{node[:web][:base_directory]}/cgimap"
+pid_directory = node[:web][:pid_directory]
+log_directory = node[:web][:log_directory]
+
+execute "cgimap-build" do
+  action :nothing
+  command "make"
+  cwd cgimap_directory
+  user "rails"
+  group "rails"
+end
+
+execute "cgimap-configure" do
+  action :nothing
+  command "./configure --with-fcgi=/usr --with-boost-libdir=/usr/lib"
+  cwd cgimap_directory
+  user "rails"
+  group "rails"
+  notifies :run, resources(:execute => "cgimap-build"), :immediate
+end
+
+execute "cgimap-autogen" do
+  action :nothing
+  command "./autogen.sh"
+  cwd cgimap_directory
+  user "rails"
+  group "rails"
+  notifies :run, resources(:execute => "cgimap-configure"), :immediate
+end
+
+git cgimap_directory do
+  action :sync
+  repository "git://git.openstreetmap.org/cgimap.git"
+  revision "live"
+  user "rails"
+  group "rails"
+  notifies :run, resources(:execute => "cgimap-autogen"), :immediate
+end
+
+if node[:web][:readonly_database_host]
+  database_host = node[:web][:readonly_database_host]
+  database_readonly = true
+else
+  database_host = node[:web][:database_host]
+  database_readonly = node[:web][:status] == "database_readonly"
+end
+
+file "/etc/init.d/cgimap" do
+  owner "root"
+  group "root"
+  mode 0755
+  content_from_file "#{cgimap_directory}/scripts/cgimap.init" do |line|
+    line.gsub!(/^CGIMAP_HOST=.*;/, "CGIMAP_HOST=#{database_host};")
+    line.gsub!(/^CGIMAP_DBNAME=.*;/, "CGIMAP_DBNAME=openstreetmap;")
+    line.gsub!(/^CGIMAP_USERNAME=.*;/, "CGIMAP_USERNAME=rails;")
+    line.gsub!(/^CGIMAP_PASSWORD=.*;/, "CGIMAP_PASSWORD=#{db_passwords['rails']};")
+    line.gsub!(/^CGIMAP_PIDFILE=.*;/, "CGIMAP_PIDFILE=#{pid_directory}/cgimap.pid;")
+    line.gsub!(/^CGIMAP_LOGFILE=.*;/, "CGIMAP_LOGFILE=#{log_directory}/cgimap.log;")
+    line.gsub!(/^CGIMAP_MEMCACHE=.*;/, "CGIMAP_MEMCACHE=rails1,rails2,rails3;")
+
+    line.gsub!(/\/home\/rails\/bin\/map/, "#{cgimap_directory}/map")
+
+    if database_readonly
+      line.gsub!(/--daemon/, "--daemon --readonly")
+    end
+
+    line
+  end
+end
+
+if ["database_offline", "api_offline"].include?(node[:web][:status])
+  service "cgimap" do
+    action :stop
+  end
+else
+  service "cgimap" do
+    action [ :enable, :start ]
+    supports :restart => true, :reload => true
+    subscribes :restart, resources(:execute => "cgimap-build")
+    subscribes :restart, resources(:file => "/etc/init.d/cgimap")
+  end
+end
diff --git a/cookbooks/web/recipes/frontend.rb b/cookbooks/web/recipes/frontend.rb
new file mode 100644 (file)
index 0000000..8ed2db7
--- /dev/null
@@ -0,0 +1,60 @@
+#
+# Cookbook Name:: web
+# Recipe:: frontend
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "apache::ssl"
+include_recipe "web::rails"
+
+apache_module "alias"
+apache_module "deflate"
+apache_module "expires"
+apache_module "headers"
+apache_module "proxy_http"
+apache_module "proxy_balancer"
+apache_module "rewrite"
+
+apache_site "default" do
+  action [ :disable ]
+end
+
+apache_site "www.openstreetmap.org" do
+  template "apache.frontend.erb"
+end
+
+gem_package "hpricot"
+gem_package "home_run"
+gem_package "apachelogregex"
+
+template "/etc/logrotate.d/apache2" do
+  source "logrotate.apache.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+munin_plugin "api_calls_num" do
+  action :delete
+end
+
+munin_plugin "api_calls_#{node[:hostname]}" do
+  target "api_calls_"
+end
+
+munin_plugin "api_waits_#{node[:hostname]}" do
+  target "api_waits_"
+end
diff --git a/cookbooks/web/recipes/gpx.rb b/cookbooks/web/recipes/gpx.rb
new file mode 100644 (file)
index 0000000..c5d0088
--- /dev/null
@@ -0,0 +1,81 @@
+#
+# Cookbook Name:: web
+# Recipe:: gpx
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "web::base"
+
+db_passwords = data_bag_item("db", "passwords")
+
+package "gcc"
+package "make"
+package "pkg-config"
+package "libarchive-dev"
+package "libbz2-dev"
+package "libexpat1-dev"
+package "libgd2-noxpm-dev"
+package "libmemcached-dev"
+package "libpq-dev"
+package "zlib1g-dev"
+
+gpx_directory = "#{node[:web][:base_directory]}/gpx-import"
+pid_directory = node[:web][:pid_directory]
+log_directory = node[:web][:log_directory]
+
+execute "gpx-import-build" do
+  action :nothing
+  command "make DB=postgres"
+  cwd "#{gpx_directory}/src"
+  user "rails"
+  group "rails"
+end
+
+git gpx_directory do
+  action :sync
+  repository "git://git.openstreetmap.org/gpx-import.git"
+  revision "live"
+  user "rails"
+  group "rails"
+  notifies :run, resources(:execute => "gpx-import-build"), :immediate
+end
+
+template "/etc/init.d/gpx-import" do
+  source "init.gpx.erb"
+  owner "root"
+  group "root"
+  mode 0755
+  variables :gpx_directory => gpx_directory,
+            :pid_directory => pid_directory,
+            :log_directory => log_directory,
+            :database_host =>  node[:web][:database_host],
+            :database_name => "openstreetmap",
+            :database_username => "gpximport",
+            :database_password => db_passwords["gpximport"]
+end
+
+if ["database_offline", "database_readonly", "gpx_offline"].include?(node[:web][:status])
+  service "gpx-import" do
+    action :stop
+  end
+else
+  service "gpx-import" do
+    action [ :enable, :start ]
+    supports :restart => true, :reload => true
+    subscribes :restart, resources(:execute => "gpx-import-build")
+    subscribes :restart, resources(:template => "/etc/init.d/gpx-import")
+  end
+end
diff --git a/cookbooks/web/recipes/rails.rb b/cookbooks/web/recipes/rails.rb
new file mode 100644 (file)
index 0000000..cd8bb9b
--- /dev/null
@@ -0,0 +1,92 @@
+#
+# Cookbook Name:: web
+# Recipe:: rails
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "tools"
+include_recipe "web::base"
+
+include_recipe "apache"
+include_recipe "git"
+
+web_passwords = data_bag_item("web", "passwords")
+db_passwords = data_bag_item("db", "passwords")
+
+directory "#{node[:web][:base_directory]}/bin" do
+  owner "root"
+  group "root"
+  mode 0755
+end
+
+template "#{node[:web][:base_directory]}/bin/ruby" do
+  source "ruby.erb"
+  owner "root"
+  group "root"
+  mode 0755
+  notifies :reload, "service[apache2]"
+end
+
+apache_module "passenger" do
+  conf "passenger.conf.erb"
+end
+
+package "passenger-common#{node[:web][:ruby_version]}"
+
+munin_plugin "passenger_memory"
+munin_plugin "passenger_processes"
+munin_plugin "passenger_queues"
+munin_plugin "passenger_requests"
+
+template "/etc/cron.hourly/passenger" do
+  cookbook "web"
+  source "passenger.cron.erb"
+  owner "root"
+  group "root"
+  mode 0755
+end
+
+rails_directory = "#{node[:web][:base_directory]}/rails"
+
+rails_port "www.openstreetmap.org" do
+  ruby node[:web][:ruby_version]
+  directory rails_directory
+  user "rails"
+  group "rails"
+  repository "git://git.openstreetmap.org/rails.git"
+  revision "live"
+  database_host node[:web][:database_host]
+  database_name "openstreetmap"
+  database_username "rails"
+  database_password db_passwords["rails"]
+  email_from "OpenStreetMap <web@noreply.openstreetmap.org>"
+  status node[:web][:status]
+  messages_domain "messages.openstreetmap.org"
+  quova_username "ws360602"
+  quova_password web_passwords["quova"]
+  soft_memory_limit node[:web][:rails_soft_memory_limit]
+  hard_memory_limit node[:web][:rails_hard_memory_limit]
+  gpx_dir "/store/rails/gpx"
+  attachments_dir "/store/rails/attachments"
+  log_path "#{node[:web][:log_directory]}/rails.log"
+  memcache_servers [ "rails1", "rails2", "rails3" ]
+  potlatch2_key web_passwords["potlatch2_key"]
+  id_key web_passwords["id_key"]
+  oauth_key web_passwords["oauth_key"]
+  piwik_location "piwik.openstreetmap.org"
+  piwik_site 1
+  piwik_signup_goal 1
+end
diff --git a/cookbooks/web/recipes/statistics.rb b/cookbooks/web/recipes/statistics.rb
new file mode 100644 (file)
index 0000000..c7bf9e8
--- /dev/null
@@ -0,0 +1,37 @@
+#
+# Cookbook Name:: web
+# Recipe:: statistics
+#
+# Copyright 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "web::base"
+
+rails_directory = "#{node[:web][:base_directory]}/rails"
+
+template "/usr/local/bin/statistics" do
+  source "statistics.erb"
+  owner "root"
+  group "root"
+  mode 0755
+  variables :directory => rails_directory
+end
+
+template "/etc/cron.d/statistics" do
+  source "statistics.cron.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
diff --git a/cookbooks/web/templates/default/apache.backend.erb b/cookbooks/web/templates/default/apache.backend.erb
new file mode 100644 (file)
index 0000000..17200ca
--- /dev/null
@@ -0,0 +1,39 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<VirtualHost *:80>
+  #
+  # Basic server configuration
+  #
+  ServerName <%= node[:fqdn] %>
+  ServerAlias api.openstreetmap.org www.openstreetmap.org
+  ServerAdmin webmaster@openstreetmap.org
+
+  #
+  # Setup logging
+  #
+  LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" %Ts" combined_with_time
+  CustomLog /var/log/apache2/access.log combined_with_time
+  ErrorLog /var/log/apache2/error.log
+
+  #
+  # Configure rails
+  #
+  DocumentRoot <%= node[:web][:base_directory] %>/rails/public
+  RailsEnv production
+  PassengerMinInstances 3
+  PassengerMaxRequests 500
+  PassengerPreStart http://www.openstreetmap.org/
+
+  #
+  # Get the real remote IP for requests via a trusted proxy
+  #
+  RemoteIPHeader X-Forwarded-For
+  RemoteIPTrustedProxy 146.179.159.160/27
+
+  #
+  # Pass map calls to cgimap
+  #
+  <Location /api/0.6/map>
+    SetHandler fcgi:127.0.0.1:8000
+  </Location>
+</VirtualHost>
diff --git a/cookbooks/web/templates/default/apache.frontend.erb b/cookbooks/web/templates/default/apache.frontend.erb
new file mode 100644 (file)
index 0000000..3907585
--- /dev/null
@@ -0,0 +1,278 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<% [80, 443].each do |port| -%>
+<VirtualHost *:<%= port %>>
+  #
+  # Basic server configuration
+  #
+  ServerName <%= node[:fqdn] %>
+  ServerAlias api.openstreetmap.org www.openstreetmap.org
+  ServerAdmin webmaster@openstreetmap.org
+<% if port == 443 -%>
+
+  #
+  # Enable SSL
+  #
+  SSLEngine on
+<% end -%>
+
+  #
+  # Setup logging
+  #
+  LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" %Ts" combined_with_time
+  CustomLog /var/log/apache2/access.log combined_with_time
+  ErrorLog /var/log/apache2/error.log
+
+  #
+  # Turn on various features
+  #
+  ExpiresActive On
+  RewriteEngine on
+
+  #
+  # Block troublesome GPX data scrapping
+  #
+  RewriteCond %{REQUEST_METHOD} HEAD
+  RewriteRule ^/trace/\d+/data - [F,L]
+
+  #
+  # Block tilesAtHome
+  #
+  RewriteCond %{HTTP_USER_AGENT} tilesAtHome
+  RewriteRule . - [F,L]
+
+  #
+  # Block requests for the old 404 map tile
+  #
+  RewriteRule ^/openlayers/img/404.png$ - [G,L]
+
+  #
+  # Block attempts to access old API versions
+  #
+  RewriteRule ^/api/0.[12345]/ - [G,L]
+
+  #
+  # Block JOSM revisions  1722-1727 as they have a serious bug that causes
+  # lat/lon to be swapped (http://josm.openstreetmap.de/ticket/2804)
+  #
+  RewriteCond %{HTTP_USER_AGENT} "^JOSM/[0-9]+\.[0-9]+ \(172[234567]\)"
+  RewriteRule . - [F,L]
+
+  #
+  # Block a changeset that seems to lock things up
+  #
+  RewriteRule ^/api/0.6/changeset/6823497/download$ - [F,L]
+
+  #
+  # Force special MIME type for crossdomain.xml files
+  #
+  <Files crossdomain.xml>
+    ForceType text/x-cross-domain-policy
+  </Files>
+
+  #
+  # Set expiry for assets
+  #
+  <Location /assets/>
+    Header unset Last-Modified
+    Header unset ETag
+    FileETag None
+
+    ExpiresDefault "access plus 1 year"
+  </Location>
+
+  #
+  # Set expiry for attachments
+  #
+  <Location /attachments/>
+    Header unset Last-Modified
+    Header unset ETag
+    FileETag None
+
+    ExpiresDefault "access plus 1 year"
+  </Location>
+
+  #
+  # Set expiry for other static content
+  #
+  <Location /export/embed.html>
+    ExpiresDefault "access plus 7 days"
+  </Location>
+  <Location /images/>
+    ExpiresDefault "access plus 10 years"
+  </Location>
+  <Location /javascripts/>
+    ExpiresDefault "access plus 10 years"
+  </Location>
+  <Location /openlayers/>
+    ExpiresDefault "access plus 7 days"
+  </Location>
+  <Location /stylesheets/>
+    ExpiresDefault "access plus 10 years"
+  </Location>
+
+  #
+  # Set expiry for Potlatch 1
+  #
+  <Location /potlatch/>
+    ExpiresDefault "access plus 7 days"
+  </Location>
+
+  #
+  # Set expiry for Potlatch 2
+  #
+  <Location /potlatch2/>
+    ExpiresByType application/x-shockwave-flash "access plus 1 day"
+    ExpiresByType application/xml "access plus 1 day"
+    ExpiresByType text/css "access plus 1 day"
+    ExpiresByType image/png "access plus 7 days"
+  </Location>
+
+  #
+  # Configure rails
+  #
+  DocumentRoot <%= node[:web][:base_directory] %>/rails/public
+  RailsEnv production
+  PassengerMinInstances 10
+  PassengerMaxRequests 5000
+  PassengerPreStart http://www.openstreetmap.org/
+  Alias /favicon.ico <%= node[:web][:base_directory] %>/rails/app/assets/images/favicon.ico
+  Alias /openlayers <%= node[:web][:base_directory] %>/rails/vendor/assets/openlayers
+  Alias /stats /store/rails/stats
+  Alias /user/image /store/rails/user/image
+  Alias /attachments /store/rails/attachments
+
+  #
+  # Preserve the host name when forwarding to the proxy
+  #
+  ProxyPreserveHost on
+
+  #
+  # Set a long timeout - changeset uploads can take a long time
+  #
+  ProxyTimeout 3600
+
+  #
+  # Allow all proxy requests
+  #
+  <Proxy *>
+    Allow from all
+  </Proxy>
+
+  #
+  # Pass other heavy duty API calls to the bulkapi backends via a load balancer
+  #
+  ProxyPass /api/0.6/map balancer://bulkapi/api/0.6/map
+  ProxyPass /api/0.6/tracepoints balancer://bulkapi/api/0.6/tracepoints
+  ProxyPass /api/0.6/amf/read balancer://bulkapi/api/0.6/amf/read
+  ProxyPass /api/0.6/swf/trackpoints balancer://bulkapi/api/0.6/swf/trackpoints
+  ProxyPassMatch ^(/api/0.6/changeset/[0-9]+/(upload|download))$ balancer://bulkapi$1
+  ProxyPassMatch ^(/api/0.6/.*/(full|history|search|ways))$ balancer://bulkapi$1
+  ProxyPass /api/0.6/nodes balancer://bulkapi/api/0.6/nodes
+  ProxyPass /api/0.6/ways balancer://bulkapi/api/0.6/ways
+  ProxyPassMatch ^(/trace/[0-9]+/data(|/|.xml))$ balancer://bulkapi$1
+
+  #
+  # Redirect trac and wiki requests to the right places
+  #
+  RedirectPermanent /trac/ http://trac.openstreetmap.org/
+  RedirectPermanent /wiki/ http://wiki.openstreetmap.org/
+
+  #
+  # Redirect requests for various images to the right place
+  #
+  RedirectPermanent /images/osm_logo.png http://www.openstreetmap.org/assets/osm_logo.png
+  RedirectPermanent /images/cc_button.png http://www.openstreetmap.org/assets/cc_button.png
+
+  #
+  # Define a load balancer for the bulkapi backends
+  #
+  <Proxy balancer://bulkapi>
+    ProxySet lbmethod=bybusyness
+    BalancerMember http://rails1
+    BalancerMember http://rails2
+    BalancerMember http://rails3
+  </Proxy>
+<% if port == 80 -%>
+
+  #
+  # Redirect requests which should be secure to the SSL site
+  #
+  RewriteCond %{REQUEST_URI} ^/login(\.html)?$ [OR]
+  RewriteCond %{REQUEST_URI} ^/user/(new|create-account\.html)$ [OR]
+  RewriteCond %{REQUEST_URI} ^/user/terms$ [OR]
+  RewriteCond %{REQUEST_URI} ^/user/save$ [OR]
+  RewriteCond %{REQUEST_URI} ^/user/([^/]+)/account$ [OR]
+  RewriteCond %{REQUEST_URI} ^/user/reset-password$
+  RewriteRule ^(.*)$ https://www.openstreetmap.org$1 [L,NE,R=permanent]
+
+  #
+  # Redirect api requests made to www.osm.org to api.osm.org
+  #
+#  RewriteCond %{HTTP_HOST} =www.openstreetmap.org
+#  RewriteRule ^/api/(.*)$ http://api.openstreetmap.org/api/$1 [L,NE,R=permanent]
+
+  #
+  # Redirect non-api requests made to api.osm.org to www.osm.org
+  #
+  RewriteCond %{HTTP_HOST} =api.openstreetmap.org
+  RewriteCond %{REQUEST_URI} !^/api/
+  RewriteRule ^(.*)$ http://www.openstreetmap.org$1 [L,NE,R=permanent]
+<% elsif port == 443 -%>
+
+  #
+  # Redirect api requests to api.osm.org over http
+  #
+  RewriteRule ^/api/(.*)$ http://api.openstreetmap.org/api/$1 [L,NE,R=permanent]
+
+  #
+  # Redirect requests which do not need to be secure over http
+  #
+  RewriteCond %{REQUEST_URI} !^/login(.html)?$
+  RewriteCond %{REQUEST_URI} !^/user/(new|create-account.html)$
+  RewriteCond %{REQUEST_URI} !^/user/terms$
+  RewriteCond %{REQUEST_URI} !^/user/save$
+  RewriteCond %{REQUEST_URI} !^/user/go_public$
+  RewriteCond %{REQUEST_URI} !^/user/([^/]+)/account$
+  RewriteCond %{REQUEST_URI} !^/user/reset-password$
+  RewriteCond %{REQUEST_URI} !^/preview/
+  RewriteCond %{REQUEST_URI} !^/assets/
+  RewriteCond %{REQUEST_URI} !^/javascripts/
+  RewriteCond %{REQUEST_URI} !^/images/
+  RewriteCond %{REQUEST_URI} !^/stylesheets/
+  RewriteCond %{REQUEST_URI} !^/openlayers/
+  RewriteRule ^(.*)$ http://www.openstreetmap.org$1 [L,NE,R=permanent]
+<% end -%>
+</VirtualHost>
+
+<% end -%>
+<VirtualHost *:80>
+  ServerName openstreetmap.org
+  ServerAlias maps.openstreetmap.org mapz.openstreetmap.org
+  ServerAlias openstreetmap.com www.openstreetmap.com
+  ServerAlias maps.openstreetmap.com mapz.openstreetmap.com
+  ServerAlias openstreetmap.net www.openstreetmap.net
+  ServerAlias maps.openstreetmap.net mapz.openstreetmap.net
+  ServerAlias openstreetmaps.org www.openstreetmaps.org
+  ServerAlias maps.openstreetmaps.org mapz.openstreetmaps.org
+  ServerAlias osm.org www.osm.org
+  ServerAlias maps.osm.org mapz.osm.org
+  ServerAlias openmaps.org www.openmaps.org
+  ServerAlias maps.openmaps.org mapz.openmaps.org
+  ServerAlias openworldmap.org www.openworldmap.org
+  ServerAlias maps.openworldmap.org mapz.openworldmap.org
+  ServerAlias freeosm.org www.freeosm.org
+  ServerAlias maps.freeosm.org mapz.freeosm.org
+
+  RedirectPermanent / http://www.openstreetmap.org/
+</VirtualHost>
+
+<VirtualHost *:80>
+  ServerName openstreetmap.org.uk
+  ServerAlias www.openstreetmap.org.uk
+  ServerAlias openstreetmap.co.uk
+  ServerAlias www.openstreetmap.co.uk
+
+  RedirectPermanent /events.ics http://openstreetmap.org.uk/events.ics
+  RedirectPermanent / http://www.openstreetmap.org/
+</VirtualHost>
diff --git a/cookbooks/web/templates/default/database.yml.erb b/cookbooks/web/templates/default/database.yml.erb
new file mode 100644 (file)
index 0000000..ab3c9c6
--- /dev/null
@@ -0,0 +1,31 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+production:
+  adapter: postgresql
+<% if @host -%>
+  host: <%= @host %>
+<% end -%>
+<% if @port -%>
+  port: <%= @port %>
+<% end -%>
+  database: <%= @name %>
+  username: <%= @username %>
+<% if @password -%>
+  password: <%= @password %>
+<% end -%>
+  encoding: utf8
+
+development:
+  adapter: postgresql
+<% if @host -%>
+  host: <%= @host %>
+<% end -%>
+<% if @port -%>
+  port: <%= @port %>
+<% end -%>
+  database: <%= @name %>
+  username: <%= @username %>
+<% if @password -%>
+  password: <%= @password %>
+<% end -%>
+  encoding: utf8
diff --git a/cookbooks/web/templates/default/init.gpx.erb b/cookbooks/web/templates/default/init.gpx.erb
new file mode 100644 (file)
index 0000000..0314027
--- /dev/null
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+export GPX_PROGRAM="<%= @gpx_directory %>/src/gpx-import"
+
+export GPX_SLEEP_TIME="40"
+
+export GPX_PATH_TRACES="/store/rails/gpx/traces"
+export GPX_PATH_IMAGES="/store/rails/gpx/images"
+export GPX_PATH_TEMPLATES="<%= @gpx_directory %>/templates/"
+
+export GPX_PGSQL_HOST="<%= @database_host %>"
+export GPX_PGSQL_USER="<%= @database_username %>"
+export GPX_PGSQL_PASS="<%= @database_password %>"
+export GPX_PGSQL_DB="<%= @database_name %>"
+
+export GPX_MEMCACHE_SERVERS="rails1,rails2,rails3"
+
+export GPX_LOG_FILE="<%= @log_directory %>/gpx-import.log"
+export GPX_PID_FILE="<%= @pid_directory %>/gpx-import.pid"
+
+export GPX_MAIL_SENDER="bounces@openstreetmap.org"
+
+start() {
+  start-stop-daemon --start --chuid rails --exec $GPX_PROGRAM
+}
+
+stop() {
+  start-stop-daemon --stop --retry 300 --pidfile $GPX_PID_FILE --exec $GPX_PROGRAM
+}
+
+reload() {
+  start-stop-daemon --stop --signal HUP --pidfile $GPX_PID_FILE --exec $GPX_PROGRAM
+}
+
+case "$1" in
+  start)
+    start
+    ;;
+  stop)
+    stop
+    ;;
+  reload)
+    reload
+    ;;
+  restart)
+    stop || exit $?
+    start
+    ;;
+esac
diff --git a/cookbooks/web/templates/default/logrotate.apache.erb b/cookbooks/web/templates/default/logrotate.apache.erb
new file mode 100644 (file)
index 0000000..6b8a661
--- /dev/null
@@ -0,0 +1,16 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+/var/log/apache2/*.log {
+  daily
+  missingok
+  rotate 28
+  compress
+  delaycompress
+  notifempty
+  create 640 root adm
+  sharedscripts
+  postrotate
+    /usr/bin/service apache2 reload > /dev/null
+    /usr/bin/rsync /var/log/apache2/access.log.2.gz horntail::logs/www.openstreetmap.org/<%= node[:hostname] %>-`date -d "-2 days" +%Y-%m-%d`.gz
+  endscript
+}
diff --git a/cookbooks/web/templates/default/logrotate.web.erb b/cookbooks/web/templates/default/logrotate.web.erb
new file mode 100644 (file)
index 0000000..83a6758
--- /dev/null
@@ -0,0 +1,23 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<%= node[:web][:log_directory] %>/*.log {
+  daily
+  missingok
+  rotate 7 
+  compress
+  delaycompress
+  notifempty
+  create 0660 rails rails
+  sharedscripts
+  postrotate
+<% if File.directory?("#{node[:web][:base_directory]}/rails") -%>
+    /bin/touch <%= node[:web][:base_directory] %>/rails/tmp/restart.txt
+<% end -%>
+<% if File.directory?("#{node[:web][:base_directory]}/gpx-import") -%>
+    /usr/bin/service gpx-import rotated
+<% end -%>
+<% if File.directory?("#{node[:web][:base_directory]}/cgimap") -%>
+    /usr/bin/service cgimap reload
+<% end -%>
+  endscript
+}
diff --git a/cookbooks/web/templates/default/passenger.conf.erb b/cookbooks/web/templates/default/passenger.conf.erb
new file mode 100644 (file)
index 0000000..678b987
--- /dev/null
@@ -0,0 +1,10 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+<IfModule mod_passenger.c>
+  PassengerRoot /usr
+  PassengerRuby <%= node[:web][:base_directory] %>/bin/ruby
+  PassengerUseGlobalQueue on
+  PassengerMaxPoolSize <%= node[:web][:rails_daemon_limit] %>
+  PassengerPoolIdleTime 0
+  #PassengerMaxPreloaderIdleTime 0
+</IfModule>
diff --git a/cookbooks/web/templates/default/passenger.cron.erb b/cookbooks/web/templates/default/passenger.cron.erb
new file mode 100644 (file)
index 0000000..b4d78fd
--- /dev/null
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+# Get a list of rack processes that are running
+pgrep -u rails -f Rack | sort > /tmp/rails.actual.$$
+
+# Get a list of rack processes we expect to be running
+passenger-status | awk '/PID:/ { print $3 }' | sort > /tmp/rails.expected.$$
+
+# Get a list of unexpected rack processes
+pids=$(comm -23 /tmp/rails.actual.$$ /tmp/rails.expected.$$)
+
+# Kill any expected rack processes
+[ -n "$pids" ] && kill -9 $pids
+
+# Remove our temporary files
+rm -f /tmp/rails.actual.$$ /tmp/rails.expected.$$
diff --git a/cookbooks/web/templates/default/rails.cron.erb b/cookbooks/web/templates/default/rails.cron.erb
new file mode 100644 (file)
index 0000000..7945c3d
--- /dev/null
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+# Cleanup temporary directory
+find <%= @directory %>/tmp -mtime +28 -print0 | xargs -0r rm
diff --git a/cookbooks/web/templates/default/ruby.erb b/cookbooks/web/templates/default/ruby.erb
new file mode 100644 (file)
index 0000000..a7c7421
--- /dev/null
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+export RUBY_HEAP_MIN_SLOTS=500000
+export RUBY_HEAP_FREE_MIN=100000
+export RUBY_GC_MALLOC_LIMIT=50000000
+
+exec /usr/bin/ruby<%= node[:web][:ruby_version] %> "$@"
diff --git a/cookbooks/web/templates/default/statistics.cron.erb b/cookbooks/web/templates/default/statistics.cron.erb
new file mode 100644 (file)
index 0000000..900856c
--- /dev/null
@@ -0,0 +1,2 @@
+# DO NOT EDIT - This file is being maintained by Chef
+0 0 * * * rails /usr/local/bin/statistics
diff --git a/cookbooks/web/templates/default/statistics.erb b/cookbooks/web/templates/default/statistics.erb
new file mode 100644 (file)
index 0000000..175f0a9
--- /dev/null
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# Generate new statistics
+<%= @directory %>/script/statistics > <%= @directory %>/tmp/data_stats.html
+
+# Move new statistics into place
+mv -f <%= @directory %>/tmp/data_stats.html /store/rails/stats
+
+# Mail statistics to Blackadder
+mail -s "OpenStreetMap Statistics" blackadderajr@gmail.com < /store/rails/stats/data_stats.html
diff --git a/cookbooks/yournavigation/README.rdoc b/cookbooks/yournavigation/README.rdoc
new file mode 100644 (file)
index 0000000..3de2ec7
--- /dev/null
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
diff --git a/cookbooks/yournavigation/metadata.rb b/cookbooks/yournavigation/metadata.rb
new file mode 100644 (file)
index 0000000..3d47c89
--- /dev/null
@@ -0,0 +1,7 @@
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache 2.0"
+description       "Installs and configures yournavigation servers"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "1.0.0"
+depends           "apache"
diff --git a/cookbooks/yournavigation/recipes/default.rb b/cookbooks/yournavigation/recipes/default.rb
new file mode 100644 (file)
index 0000000..1c9edc4
--- /dev/null
@@ -0,0 +1,48 @@
+#
+# Cookbook Name:: yournavigation
+# Recipe:: default
+#
+# Copyright 2012, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "apache"
+
+package "php5"
+package "php5-cli"
+
+package "php-apc"
+
+#Required for osmosis
+package "default-jre-headless"
+
+#Required for building gosmore
+package "build-essential"
+package "libxml2-dev"
+package "libgtk2.0-dev"
+package "subversion"
+package "libcurl4-gnutls-dev"
+package "libgps-dev"
+package "libcurl3"
+package "buffer"
+package "git"
+package "cmake"
+package "libqt4-core"
+package "libqt4-dev"
+package "qt4-dev-tools"
+package "qt4-linguist-tools"
+package "libicu48"
+
+apache_module "php5"
+