]> git.openstreetmap.org Git - chef.git/commitdiff
projects / chef.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 960f2a2)
Set SECRET_KEY_BASE for rails job runners
authorTom Hughes <tom@compton.nu>
Wed, 8 Nov 2023 19:05:47 +0000 (19:05 +0000)
committerTom Hughes <tom@compton.nu>
Wed, 8 Nov 2023 19:20:01 +0000 (19:20 +0000)
cookbooks/dev/recipes/default.rb patch | blob | history
cookbooks/dev/templates/default/rails.environment.erb [new file with mode: 0644] patch | blob
cookbooks/web/recipes/rails.rb patch | blob | history

diff --git a/cookbooks/dev/recipes/default.rb b/cookbooks/dev/recipes/default.rb
index 4723770439f84aac11073de3e93a0358c71e1bd1..3a708a018c413c15910e54bb67881c553de82825 100644 (file)
--- a/cookbooks/dev/recipes/default.rb
+++ b/cookbooks/dev/recipes/default.rb
@@ -298,7 +298,7 @@ if node[:postgresql][:clusters][:"15/main"]
   systemd_service "rails-jobs@" do
     description "Rails job queue runner"
     type "simple"
-    environment "RAILS_ENV" => "production", "SLEEP_DELAY" => "60"
+    environment_file "/etc/default/rails-%i"
     user "apis"
     working_directory "/srv/%i.apis.dev.openstreetmap.org/rails"
     exec_start "#{node[:ruby][:bundle]} exec rails jobs:work"
@@ -413,6 +413,14 @@ if node[:postgresql][:clusters][:"15/main"]
         notifies :restart, "rails_port[#{site_name}]"
       end
 
+      template "/etc/default/rails-#{name}" do
+        source "rails.environment.erb"
+        owner "root"
+        group "root"
+        mode "0600"
+        variables :secret_key_base => secret_key_base
+      end
+
       service "rails-jobs@#{name}" do
         action [:enable, :start]
         supports :restart => true
diff --git a/cookbooks/dev/templates/default/rails.environment.erb b/cookbooks/dev/templates/default/rails.environment.erb
new file mode 100644 (file)
index 0000000..c8a6ee0
--- /dev/null
+++ b/cookbooks/dev/templates/default/rails.environment.erb
@@ -0,0 +1,5 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+RAILS_ENV="production"
+SLEEP_DELAY="60"
+SECRET_KEY_BASE="<%= @secret_key_base %>"
diff --git a/cookbooks/web/recipes/rails.rb b/cookbooks/web/recipes/rails.rb
index c5130a91a37571696659a396ec9ea14bc9415561..fd3d59f2d501db37f830bc6eaa1f8bc5aa7ed87a 100644 (file)
--- a/cookbooks/web/recipes/rails.rb
+++ b/cookbooks/web/recipes/rails.rb
@@ -165,7 +165,10 @@ end
 systemd_service "rails-jobs@" do
   description "Rails job queue runner"
   type "simple"
-  environment "RAILS_ENV" => "production", "QUEUE" => "%I", "SLEEP_DELAY" => "60"
+  environment "RAILS_ENV" => "production",
+              "QUEUE" => "%I",
+              "SLEEP_DELAY" => "60",
+              "SECRET_KEY_BASE" => web_passwords["secret_key_base"]
   user "rails"
   working_directory rails_directory
   exec_start "#{node[:ruby][:bundle]} exec rails jobs:work"
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.