Add clone civicrm-staging cookbook

diff --git a/.kitchen.yml b/.kitchen.yml
index ad7fbe7c888f5f2c18189281a8e825877bf61f61..8e2603d2d32879a541b787b86c949a3eafddde53 100644 (file)
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -22,6 +22,7 @@ provisioner:
   chef_license: accept
   data_bags_path: test/data_bags
   slow_resource_report: true
+  clean_dokken_sandbox: true
 
 verifier:
   root_path: /opt/verifier
@@ -81,6 +82,9 @@ suites:
   - name: civicrm
     run_list:
       - recipe[civicrm::default]
+  - name: civicrm-staging
+    run_list:
+      - recipe[civicrm-staging::default]
   - name: clamav
     run_list:
       - recipe[clamav::default]

diff --git a/cookbooks/civicrm-staging/README.md b/cookbooks/civicrm-staging/README.md
new file mode 100644 (file)
index 0000000..7b50ee6
--- /dev/null
+++ b/cookbooks/civicrm-staging/README.md
@@ -0,0 +1,4 @@
+# CiviCRM Cookbook
+
+This cookbook installs  CiviCRM for Wordpress, and configures it for use with
+join-staging.osmfoundation.org for OSMF memberships.

diff --git a/cookbooks/civicrm-staging/attributes/default.rb b/cookbooks/civicrm-staging/attributes/default.rb
new file mode 100644 (file)
index 0000000..6474cc9
--- /dev/null
+++ b/cookbooks/civicrm-staging/attributes/default.rb
@@ -0,0 +1,45 @@
+default[:civicrm_staging][:version] = "5.63.2"
+
+default[:civicrm_staging][:extensions][:cividiscount][:name] = "org.civicrm.module.cividiscount"
+default[:civicrm_staging][:extensions][:cividiscount][:repository] = "https://lab.civicrm.org/extensions/cividiscount.git"
+default[:civicrm_staging][:extensions][:cividiscount][:revision] = "3.8.8"
+
+default[:civicrm_staging][:extensions][:osm][:name] = "de.systopia.osm"
+default[:civicrm_staging][:extensions][:osm][:repository] = "https://github.com/systopia/de.systopia.osm.git"
+default[:civicrm_staging][:extensions][:osm][:revision] = "1.3"
+
+default[:civicrm_staging][:extensions][:emailapi][:name] = "org.civicoop.emailapi"
+default[:civicrm_staging][:extensions][:emailapi][:repository] = "https://lab.civicrm.org/extensions/emailapi.git"
+default[:civicrm_staging][:extensions][:emailapi][:revision] = "2.9"
+
+default[:civicrm_staging][:extensions][:civiruleshttppost][:name] = "org.civicoop.civiruleshttppost"
+default[:civicrm_staging][:extensions][:civiruleshttppost][:repository] = "https://github.com/CiviCooP/org.civicoop.civiruleshttppost.git"
+default[:civicrm_staging][:extensions][:civiruleshttppost][:revision] = "e2c7de5f0fee319b9fca8adb1d1e122202bd2bec"
+
+default[:civicrm_staging][:extensions][:civirules][:name] = "org.civicoop.civirules"
+default[:civicrm_staging][:extensions][:civirules][:repository] = "https://lab.civicrm.org/extensions/civirules.git"
+default[:civicrm_staging][:extensions][:civirules][:revision] = "2.49"
+
+default[:civicrm_staging][:extensions][:mailchimp][:name] = "uk.co.vedaconsulting.mailchimp"
+default[:civicrm_staging][:extensions][:mailchimp][:repository] = "https://github.com/veda-consulting/uk.co.vedaconsulting.mailchimp.git"
+default[:civicrm_staging][:extensions][:mailchimp][:revision] = "0065ee6de2c2d653e49d10e9563349e8ffb1f9be"
+
+default[:civicrm_staging][:extensions][:username][:name] = "org.openstreetmap.username"
+default[:civicrm_staging][:extensions][:username][:repository] = "https://github.com/grischard/org.openstreetmap.username.git"
+default[:civicrm_staging][:extensions][:username][:revision] = "master"
+
+default[:civicrm_staging][:extensions][:donotsendreportemail][:name] = "org.civicrm.donotsendreportemail"
+default[:civicrm_staging][:extensions][:donotsendreportemail][:repository] = "https://github.com/pradpnayak/org.civicrm.donotsendreportemail.git"
+default[:civicrm_staging][:extensions][:donotsendreportemail][:revision] = "3b31c2e0c62183872c7ecd244395fb8dcfbd5dbb"
+
+default[:civicrm_staging][:extensions][:shoreditch][:name] = "org.civicrm.shoreditch"
+default[:civicrm_staging][:extensions][:shoreditch][:repository] = "https://github.com/civicrm/org.civicrm.shoreditch.git"
+default[:civicrm_staging][:extensions][:shoreditch][:revision] = "1.0.0-beta.12"
+
+default[:civicrm_staging][:extensions][:membershipextra][:name] = "com.skvare.membershipextra"
+default[:civicrm_staging][:extensions][:membershipextra][:repository] = "https://github.com/lemniscus/com.skvare.membershipextra.git"
+default[:civicrm_staging][:extensions][:membershipextra][:revision] = "1593911d6bfe184b45d59773fed27bab69cbb93a"
+
+default[:civicrm_staging][:extensions][:osmfverifycontributor][:name] = "osmf-verify-contributor"
+default[:civicrm_staging][:extensions][:osmfverifycontributor][:repository] = "https://github.com/openstreetmap/osmf-verify-contributor.git"
+default[:civicrm_staging][:extensions][:osmfverifycontributor][:revision] = "bb0cd61783033fb2e108c30e47224e5a818987f8"

diff --git a/cookbooks/civicrm-staging/metadata.rb b/cookbooks/civicrm-staging/metadata.rb
new file mode 100644 (file)
index 0000000..b32b136
--- /dev/null
+++ b/cookbooks/civicrm-staging/metadata.rb
@@ -0,0 +1,10 @@
+name              "civicrm-staging"
+maintainer        "OpenStreetMap Administrators"
+maintainer_email  "admins@openstreetmap.org"
+license           "Apache-2.0"
+description       "Installs and configures CiviCRM"
+
+version           "1.0.0"
+supports          "ubuntu"
+depends           "wordpress"
+depends           "mysql"

diff --git a/cookbooks/civicrm-staging/recipes/default.rb b/cookbooks/civicrm-staging/recipes/default.rb
new file mode 100644 (file)
index 0000000..8a68c22
--- /dev/null
+++ b/cookbooks/civicrm-staging/recipes/default.rb
@@ -0,0 +1,208 @@
+#
+# Cookbook:: civicrm
+# Recipe:: default
+#
+# Copyright:: 2011, OpenStreetMap Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "wordpress"
+include_recipe "mysql"
+
+package %w[
+  php-xml
+  php-curl
+  rsync
+  wkhtmltopdf
+  php-bcmath
+  php-intl
+]
+
+cache_dir = Chef::Config[:file_cache_path]
+
+passwords = data_bag_item("civicrm-staging", "passwords")
+wp2fa_encrypt_keys = data_bag_item("civicrm-staging", "wp2fa_encrypt_keys")
+
+database_password = passwords["database"]
+site_key = passwords["site_key"]
+cred_keys = passwords["cred_keys"]
+sign_keys = passwords["sign_keys"]
+
+mysql_user "civicrm-staging@localhost" do
+  password database_password
+end
+
+mysql_database "civicrm-staging" do
+  permissions "civicrm-staging@localhost" => :all
+end
+
+wordpress_site "join-staging.osmfoundation.org" do
+  aliases "crm-staging.osmfoundation.org"
+  database_name "civicrm-staging"
+  database_user "civicrm-staging"
+  database_password database_password
+  wp2fa_encrypt_key wp2fa_encrypt_keys["key"]
+  fpm_prometheus_port 11301
+end
+
+wordpress_theme "osmblog-wp-theme" do
+  site "join-staging.osmfoundation.org"
+  repository "https://github.com/osmfoundation/osmblog-wp-theme.git"
+end
+
+wordpress_plugin "registration-honeypot" do
+  site "join-staging.osmfoundation.org"
+end
+
+wordpress_plugin "contact-form-7" do
+  site "join-staging.osmfoundation.org"
+end
+
+wordpress_plugin "civicrm-admin-utilities" do
+  site "join-staging.osmfoundation.org"
+end
+
+civicrm_version = node[:civicrm_staging][:version]
+civicrm_directory = "/srv/join-staging.osmfoundation.org/wp-content/plugins/civicrm"
+
+directory "/opt/civicrm-staging-#{civicrm_version}" do
+  owner "wordpress"
+  group "wordpress"
+  mode "755"
+end
+
+remote_file "#{cache_dir}/civicrm-#{civicrm_version}-wordpress.zip" do
+  action :create_if_missing
+  source "https://download.civicrm.org/civicrm-#{civicrm_version}-wordpress.zip"
+  owner "wordpress"
+  group "wordpress"
+  mode "644"
+  backup false
+end
+
+remote_file "#{cache_dir}/civicrm-#{civicrm_version}-l10n.tar.gz" do
+  action :create_if_missing
+  source "https://download.civicrm.org/civicrm-#{civicrm_version}-l10n.tar.gz"
+  owner "wordpress"
+  group "wordpress"
+  mode "644"
+  backup false
+end
+
+archive_file "#{cache_dir}/civicrm-#{civicrm_version}-wordpress.zip" do
+  action :nothing
+  destination "/opt/civicrm-staging-#{civicrm_version}"
+  overwrite true
+  owner "wordpress"
+  group "wordpress"
+  subscribes :extract, "remote_file[#{cache_dir}/civicrm-#{civicrm_version}-wordpress.zip]", :immediately
+end
+
+archive_file "#{cache_dir}/civicrm-#{civicrm_version}-l10n.tar.gz" do
+  action :nothing
+  destination "/opt/civicrm-staging-#{civicrm_version}/civicrm"
+  overwrite true
+  owner "wordpress"
+  group "wordpress"
+  subscribes :extract, "remote_file[#{cache_dir}/civicrm-#{civicrm_version}-l10n.tar.gz]", :immediately
+end
+
+execute "/opt/civicrm-staging-#{civicrm_version}/civicrm" do
+  action :nothing
+  command "rsync --archive --delete /opt/civicrm-staging-#{civicrm_version}/civicrm/ #{civicrm_directory}"
+  user "wordpress"
+  group "wordpress"
+  subscribes :run, "archive_file[#{cache_dir}/civicrm-#{civicrm_version}-wordpress.zip]", :immediately
+  subscribes :run, "archive_file[#{cache_dir}/civicrm-#{civicrm_version}-l10n.tar.gz]", :immediately
+end
+
+directory "/srv/join-staging.osmfoundation.org/wp-content/uploads" do
+  owner "www-data"
+  group "www-data"
+  mode "755"
+end
+
+extensions_directory = "/srv/join-staging.osmfoundation.org/wp-content/plugins/civicrm-extensions"
+
+directory extensions_directory do
+  owner "wordpress"
+  group "wordpress"
+  mode "755"
+end
+
+node[:civicrm_staging][:extensions].each_value do |details|
+  git "#{extensions_directory}/#{details[:name]}" do
+    action :sync
+    repository details[:repository]
+    revision details[:revision]
+    user "wordpress"
+    group "wordpress"
+  end
+end
+
+settings = edit_file "#{civicrm_directory}/civicrm/templates/CRM/common/civicrm.settings.php.template" do |line|
+  line.gsub!(/%%cms%%/, "WordPress")
+  line.gsub!(/%%CMSdbUser%%/, "civicrm-staging")
+  line.gsub!(/%%CMSdbPass%%/, database_password)
+  line.gsub!(/%%CMSdbHost%%/, "localhost")
+  line.gsub!(/%%CMSdbName%%/, "civicrm-staging")
+  line.gsub!(/%%dbUser%%/, "civicrm-staging")
+  line.gsub!(/%%dbPass%%/, database_password)
+  line.gsub!(/%%dbHost%%/, "localhost")
+  line.gsub!(/%%dbName%%/, "civicrm-staging")
+  line.gsub!(/%%crmRoot%%/, "#{civicrm_directory}/civicrm/")
+  line.gsub!(/%%templateCompileDir%%/, "/srv/join-staging.osmfoundation.org/wp-content/uploads/civicrm/templates_c/")
+  line.gsub!(/%%baseURL%%/, "http://join-staging.osmfoundation.org/")
+  line.gsub!(/%%siteKey%%/, site_key)
+  line.gsub!(/%%credKeys%%/, cred_keys)
+  line.gsub!(/%%signKeys%%/, sign_keys)
+  line.gsub!(%r{// *define\('CIVICRM_CMSDIR', '/path/to/install/root/'\);}, "define('CIVICRM_CMSDIR', '/srv/join-staging.osmfoundation.org');")
+
+  line
+end
+
+file "#{civicrm_directory}/civicrm.settings.php" do
+  owner "wordpress"
+  group "wordpress"
+  mode "644"
+  content settings
+end
+
+# systemd_service "osmf-crm-staging-jobs" do
+#   description "Run CRM staging jobs"
+#   exec_start "/usr/bin/php #{civicrm_directory}/civicrm/bin/cli.php -s join-staging.osmfoundation.org -u batch -p \"#{passwords['batch']}\" -e Job -a execute"
+#   user "www-data"
+#   sandbox :enable_network => true
+#   memory_deny_write_execute false
+#   restrict_address_families "AF_UNIX"
+#   read_write_paths "/srv/join-staging.osmfoundation.org/wp-content/uploads/civicrm"
+# end
+
+# systemd_timer "osmf-crm-staging-jobs" do
+#   description "Run CRM staging jobs"
+#   on_boot_sec "15m"
+#   on_unit_inactive_sec "15m"
+# end
+
+# service "osmf-crm-jobs-staging.timer" do
+#   action [:enable, :start]
+# end
+
+# template "/etc/cron.daily/osmf-crm-staging-backup" do
+#   source "backup.cron.erb"
+#   owner "root"
+#   group "root"
+#   mode "750"
+#   variables :passwords => passwords
+# end

diff --git a/cookbooks/civicrm-staging/templates/default/backup.cron.erb b/cookbooks/civicrm-staging/templates/default/backup.cron.erb
new file mode 100644 (file)
index 0000000..13457a6
--- /dev/null
+++ b/cookbooks/civicrm-staging/templates/default/backup.cron.erb
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+# DO NOT EDIT - This file is being maintained by Chef
+
+T=$(mktemp -d -t -p /var/tmp osmf-crm-staging.XXXXXXXXXX)
+D=$(date +%Y-%m-%d)
+B=osmf-crm-staging-$D.tar.gz
+
+mkdir $T/osmf-crm-staging-$D
+echo '[mysqldump]' > $T/mysqldump.opts
+echo 'user=civicrm-staging' >> $T/mysqldump.opts
+echo 'password=<%= @passwords["database"] %>' >> $T/mysqldump.opts
+mysqldump --defaults-file=$T/mysqldump.opts --opt --skip-lock-tables --no-tablespaces civicrm-staging > $T/osmf-crm-staging-$D/civicrm-staging.sql
+ln -s /srv/join-staging.osmfoundation.org $T/osmf-crm-staging-$D/www
+
+export RSYNC_RSH="ssh -ax"
+
+nice tar --create --dereference --directory=$T osmf-crm-staging-$D | nice gzip --rsyncable -9 > $T/$B
+nice rsync --preallocate --fuzzy $T/$B backup::backup
+
+rm -rf $T

diff --git a/roles/crm-staging.rb b/roles/crm-staging.rb
new file mode 100644 (file)
index 0000000..5b1271e
--- /dev/null
+++ b/roles/crm-staging.rb
@@ -0,0 +1,44 @@
+name "crm-staging"
+description "Role applied to CRM staging server"
+
+default_attributes(
+  :accounts => {
+    :users => {
+      :stereo => { :status => :administrator }
+    }
+  },
+  :exim => {
+    :smarthost_name => "no-such-domain.openstreetmap.org",
+    # :local_domains => ["join.osmfoundation.org"],
+    # :routes => {
+    #   :join_return => {
+    #     :comment => "return@join.osmfoundation.org",
+    #     :domains => ["join.osmfoundation.org"],
+    #     :local_parts => ["return"],
+    #     :maildir => "/var/mail/crm-return",
+    #     :user => "www-data",
+    #     :group => "mail"
+    #   },
+    #   :join_mail => {
+    #     :comment => "mail@join.osmfoundation.org",
+    #     :domains => ["join.osmfoundation.org"],
+    #     :local_parts => ["mail"],
+    #     :maildir => "/var/mail/crm-mail",
+    #     :user => "www-data",
+    #     :group => "mail"
+    #   }
+    # },
+    :trusted_users => ["www-data"]
+  },
+  :mysql => {
+    :settings => {
+      :mysqld => {
+        :log_bin_trust_function_creators => 1
+      }
+    }
+  }
+)
+
+run_list(
+  "recipe[civicrm-staging]"
+)

diff --git a/test/data_bags/civicrm-staging/passwords.json b/test/data_bags/civicrm-staging/passwords.json
new file mode 100644 (file)
index 0000000..bcd1ad4
--- /dev/null
+++ b/test/data_bags/civicrm-staging/passwords.json
@@ -0,0 +1,9 @@
+{
+  "id": "passwords",
+  "database": "database-password",
+  "admin": "admin-password",
+  "site_key": "site_key",
+  "cred_keys": "cred_keys",
+  "sign_keys": "sign_keys",
+  "batch": "batch"
+}

diff --git a/test/data_bags/civicrm-staging/wp2fa_encrypt_keys.json b/test/data_bags/civicrm-staging/wp2fa_encrypt_keys.json
new file mode 100644 (file)
index 0000000..bfca5cd
--- /dev/null
+++ b/test/data_bags/civicrm-staging/wp2fa_encrypt_keys.json
@@ -0,0 +1,4 @@
+{
+  "id": "wp2fa_encrypt_keys",
+  "key": "iPWRI6ZJ6Q0CuLA8+FsVQw=="
+}

diff --git a/test/integration/civicrm-staging/serverspec/apache_spec.rb b/test/integration/civicrm-staging/serverspec/apache_spec.rb
new file mode 100644 (file)
index 0000000..dcd625a
--- /dev/null
+++ b/test/integration/civicrm-staging/serverspec/apache_spec.rb
@@ -0,0 +1,21 @@
+require "serverspec"
+
+# Required by serverspec
+set :backend, :exec
+
+describe package("apache2") do
+  it { should be_installed }
+end
+
+describe service("apache2") do
+  it { should be_enabled }
+  it { should be_running }
+end
+
+describe port(80) do
+  it { should be_listening.with("tcp6") }
+end
+
+describe port(443) do
+  it { should be_listening.with("tcp6") }
+end