From: Tom Hughes <tom@compton.nu>
Date: Tue, 8 Jul 2014 07:46:02 +0000 (+0100)
Subject: Set SECRET_KEY_BASE to a random value for dev apis
X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/b09d9f97fea24b4a1f56a97724d13752d6340996?hp=b0cff008c5d80c4c80b5bdba555d27f6c048932d;ds=sidebyside

Set SECRET_KEY_BASE to a random value for dev apis
---

diff --git a/cookbooks/dev/recipes/default.rb b/cookbooks/dev/recipes/default.rb
index 7c3dcfac0..ef8e2dc77 100644
--- a/cookbooks/dev/recipes/default.rb
+++ b/cookbooks/dev/recipes/default.rb
@@ -18,6 +18,7 @@
 #
 
 require "yaml"
+require "securerandom"
 
 include_recipe "apache"
 include_recipe "passenger"
@@ -50,10 +51,10 @@ package "python-psycopg2"
 
 easy_install_package "geojson"
 
+apache_module "env"
 apache_module "expires"
 apache_module "fastcgi-handler"
 apache_module "rewrite"
-apache_module "expires"
 apache_module "wsgi"
 
 gem_package "sqlite3"
@@ -133,6 +134,9 @@ if node[:postgresql][:clusters][:"9.1/main"]
     site_name = "#{name}.apis.dev.openstreetmap.org"
     site_aliases = details[:aliases] || []
     rails_directory = "/srv/#{name}.apis.dev.openstreetmap.org"
+    secret_key_base = details[:secret_key_base] || SecureRandom.base64(96)
+
+    node.set[:dev][:rails][name][:secret_key_base] = secret_key_base
 
     postgresql_database database_name do
       cluster "9.1/main"
@@ -169,14 +173,14 @@ if node[:postgresql][:clusters][:"9.1/main"]
 
     apache_site site_name do
       template "apache.rails.erb"
-      variables :name => site_name, :aliases => site_aliases
+      variables :name => site_name, :aliases => site_aliases, :secret_key_base => secret_key_base
     end
   end
 
   Dir.glob("/srv/*.apis.dev.openstreetmap.org").each do |rails_directory|
     name = File.basename(rails_directory, ".apis.dev.openstreetmap.org")
 
-    unless node[:dev][:rails].include?(name)
+    unless node[:dev][:rails].include?(name) and node[:dev][:rails][name].include?(:repository)
       database_config = YAML.load_file("#{rails_directory}/config/database.yml")
       database_name = database_config["production"]["database"]
       site_name = "#{name}.apis.dev.openstreetmap.org"
diff --git a/cookbooks/dev/templates/default/apache.rails.erb b/cookbooks/dev/templates/default/apache.rails.erb
index 7d45abe21..4874416c3 100644
--- a/cookbooks/dev/templates/default/apache.rails.erb
+++ b/cookbooks/dev/templates/default/apache.rails.erb
@@ -13,4 +13,6 @@
 	ErrorLog /var/log/apache2/<%= @name %>-error.log
 
 	RailsEnv production
+
+	SetEnv SECRET_KEY_BASE <%= @secret_key_base %>
 </VirtualHost>