]> git.openstreetmap.org Git - chef.git/commitdiff
projects / chef.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fdbb182)
donate: redirect to support.osm.org
authorGrant Slater <github@firefishy.com>
Tue, 8 Aug 2023 23:51:49 +0000 (00:51 +0100)
committerGrant Slater <github@firefishy.com>
Tue, 8 Aug 2023 23:51:49 +0000 (00:51 +0100)
cookbooks/donate/recipes/default.rb patch | blob | history
cookbooks/donate/templates/default/apache.erb patch | blob | history
cookbooks/donate/templates/default/backup.cron.erb [deleted file] patch | blob | history
cookbooks/donate/templates/default/db-connect.inc.php.erb [deleted file] patch | blob | history
test/integration/donate/serverspec/mysql_spec.rb [deleted file] patch | blob | history

diff --git a/cookbooks/donate/recipes/default.rb b/cookbooks/donate/recipes/default.rb
index e03973340433979d0c6e27dc793cb7d38f4287f2..49e46d78f7c8078068618daf61f0374fa626a327 100644 (file)
--- a/cookbooks/donate/recipes/default.rb
+++ b/cookbooks/donate/recipes/default.rb
@@ -19,60 +19,9 @@
 
 include_recipe "accounts"
 include_recipe "apache"
-include_recipe "git"
-include_recipe "mysql"
 include_recipe "php::fpm"
 
-package %w[
-  php-cli
-  php-curl
-  php-mysql
-  php-gd
-]
-
 apache_module "headers"
-apache_module "proxy"
-apache_module "proxy_fcgi"
-
-passwords = data_bag_item("donate", "passwords")
-
-database_password = passwords["database"]
-
-mysql_user "donate@localhost" do
-  password database_password
-end
-
-mysql_database "donate" do
-  permissions "donate@localhost" => :all
-end
-
-directory "/srv/donate.openstreetmap.org" do
-  owner "donate"
-  group "donate"
-  mode "755"
-end
-
-git "/srv/donate.openstreetmap.org" do
-  action :sync
-  repository "https://github.com/osmfoundation/donation-drive.git"
-  depth 1
-  user "donate"
-  group "donate"
-end
-
-directory "/srv/donate.openstreetmap.org/data" do
-  owner "donate"
-  group "donate"
-  mode "755"
-end
-
-template "/srv/donate.openstreetmap.org/scripts/db-connect.inc.php" do
-  source "db-connect.inc.php.erb"
-  owner "root"
-  group "donate"
-  mode "644"
-  variables :passwords => passwords
-end
 
 ssl_certificate "donate.openstreetmap.org" do
   domains ["donate.openstreetmap.org", "donate.openstreetmap.com",
@@ -81,40 +30,21 @@ ssl_certificate "donate.openstreetmap.org" do
 end
 
 php_fpm "donate.openstreetmap.org" do
-  php_admin_values "open_basedir" => "/srv/donate.openstreetmap.org/:/usr/share/php/:/tmp/",
-                   "disable_functions" => "exec,shell_exec,system,passthru,popen,proc_open"
-  prometheus_port 11101
+  action :delete
 end
 
 apache_site "donate.openstreetmap.org" do
   template "apache.erb"
 end
 
-systemd_service "osmf-donate" do
-  description "Update donation list"
-  exec_start "/usr/bin/php /srv/donate.openstreetmap.org/scripts/update_csv_donate2016.php"
-  working_directory "/srv/donate.openstreetmap.org/scripts"
-  user "donate"
-  sandbox true
-  memory_deny_write_execute true
-  restrict_address_families "AF_UNIX"
-  read_write_paths "/srv/donate.openstreetmap.org/data"
-end
-
-systemd_timer "osmf-donate" do
-  description "Update donation list"
-  on_boot_sec "2m"
-  on_unit_inactive_sec "2m"
+service "osmf-donate.timer" do
+  action [:stop, :disable]
 end
 
-service "osmf-donate.timer" do
-  action [:enable, :start]
+systemd_service "osmf-donate" do
+  action :delete
 end
 
-template "/etc/cron.daily/osmf-donate-backup" do
-  source "backup.cron.erb"
-  owner "root"
-  group "root"
-  mode "750"
-  variables :passwords => passwords
+file "/etc/cron.daily/osmf-donate-backup" do
+  action :delete
 end
diff --git a/cookbooks/donate/templates/default/apache.erb b/cookbooks/donate/templates/default/apache.erb
index 8bf3dad45051a6dfd416f0b51c68e8454ff92582..714438f1867a972f10a4f8cb786957b112a80322 100644 (file)
--- a/cookbooks/donate/templates/default/apache.erb
+++ b/cookbooks/donate/templates/default/apache.erb
@@ -18,61 +18,13 @@
   SSLEngine on
   SSLCertificateFile /etc/ssl/certs/donate.openstreetmap.org.pem
   SSLCertificateKeyFile /etc/ssl/private/donate.openstreetmap.org.key
-<% end -%>
+
+  RedirectMatch . https://supporting.openstreetmap.org/donate/
+  <% end -%>
 
   CustomLog /var/log/apache2/donate.openstreetmap.org-access.log combined
   ErrorLog /var/log/apache2/donate.openstreetmap.org-error.log
 
-  Options -Indexes
-
-  DocumentRoot /srv/donate.openstreetmap.org
-
-  # Alias Dynamic Content to data folder to avoid serving dummy git content
-  Alias /donors-eur.csv /srv/donate.openstreetmap.org/data/donors-eur.csv
-  Alias /donors.csv /srv/donate.openstreetmap.org/data/donors.csv
-
-  # Redirect previous compaigns to homepage
-  Redirect permanent /domain https://donate.openstreetmap.org/
-  Redirect permanent /memorial https://donate.openstreetmap.org/
-  Redirect permanent /server2011 https://donate.openstreetmap.org/
-  Redirect permanent /server2013 https://donate.openstreetmap.org/
-  Redirect permanent /server2015 https://donate.openstreetmap.org/
-
-  <Directory /srv/donate.openstreetmap.org>
-    Require all granted
-
-    <FilesMatch ".+\.ph(ar|p|tml)$">
-      SetHandler "proxy:unix:/run/php/php-donate.openstreetmap.org-fpm.sock|fcgi://127.0.0.1"
-    </FilesMatch>
-  </Directory>
-
-  <Directory /srv/donate.openstreetmap.org/scripts>
-    Require all denied
-  </Directory>
-
-  <Directory ~ "\.svn">
-    Require all denied
-  </Directory>
-
-  <Directory ~ "\.git">
-    Require all denied
-  </Directory>
-
-  <Files ~ "~$">
-    Require all denied
-  </Files>
-
-  # Enable deflate compression on .csv files if possible
-  <IfModule mod_deflate.c>
-    DeflateCompressionLevel 9
-    AddOutputFilterByType DEFLATE text/csv
-  </IfModule>
-
-  <IfModule mod_expires.c>
-    ExpiresDefault "access plus 15 minutes"
-    ExpiresByType text/html "access plus 5 minutes"
-    ExpiresByType text/csv "access plus 1 minute"
-  </IfModule>
 </VirtualHost>
 
 <% end -%>
diff --git a/cookbooks/donate/templates/default/backup.cron.erb b/cookbooks/donate/templates/default/backup.cron.erb
deleted file mode 100644 (file)
index 3782762..0000000
--- a/cookbooks/donate/templates/default/backup.cron.erb
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/sh
-
-# DO NOT EDIT - This file is being maintained by Chef
-
-T=$(mktemp -d -t -p /var/tmp osm-donate.XXXXXXXXXX)
-D=$(date +%Y-%m-%d)
-B=osm-donate-$D.tar.gz
-
-mkdir $T/osm-donate-$D
-echo '[mysqldump]' > $T/mysqldump.opts
-echo 'user=donate' >> $T/mysqldump.opts
-echo 'password=<%= @passwords["database"] %>' >> $T/mysqldump.opts
-mysqldump --defaults-file=$T/mysqldump.opts --opt --no-tablespaces donate > $T/osm-donate-$D/osm-donate.sql
-ln -s /srv/donate.openstreetmap.org $T/osm-donate-$D/www
-
-export RSYNC_RSH="ssh -ax"
-
-nice tar --create --dereference --directory=$T osm-donate-$D | nice gzip --rsyncable -9 > $T/$B
-nice rsync --preallocate --fuzzy $T/$B backup::backup
-
-rm -rf $T
diff --git a/cookbooks/donate/templates/default/db-connect.inc.php.erb b/cookbooks/donate/templates/default/db-connect.inc.php.erb
deleted file mode 100644 (file)
index c4cea1f..0000000
--- a/cookbooks/donate/templates/default/db-connect.inc.php.erb
+++ /dev/null
@@ -1,8 +0,0 @@
-<?php
-$_DB_H = new mysqli('localhost','donate','<%= @passwords['database'] %>','donate');
-if ($_DB_H->connect_errno) {
-    die('DB Connect Error: ' . $_DB_H->connect_errno);
-}
-$_DB_H->report_mode = MYSQLI_REPORT_ERROR;
-$_DB_H->query('set @@sql_mode = \'\'');
-$_DB_H->query('SET NAMES \'utf8\'');
diff --git a/test/integration/donate/serverspec/mysql_spec.rb b/test/integration/donate/serverspec/mysql_spec.rb
deleted file mode 100644 (file)
index 88323fe..0000000
--- a/test/integration/donate/serverspec/mysql_spec.rb
+++ /dev/null
@@ -1,23 +0,0 @@
-require "serverspec"
-
-# Required by serverspec
-set :backend, :exec
-
-mysql_variant = if os[:family] == "ubuntu"
-                  "mysql"
-                else
-                  "mariadb"
-                end
-
-describe package("#{mysql_variant}-server") do
-  it { should be_installed }
-end
-
-describe service("#{mysql_variant}") do
-  it { should be_enabled }
-  it { should be_running }
-end
-
-describe port(3306) do
-  it { should be_listening.with("tcp") }
-end
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.