Unified Diff: modules/discourse/manifests/init.pp
Issue 9377123:
Set up proper FastCGI environment for Discourse and use nginx (Closed)
Patch Set: Converted init_discourse script to Python
Created Feb. 18, 2013, 2:03 p.m.
Use n/p to move between diff chunks;
N/P to move between comments.
« modules/discourse/files/discourse.fcgi ('K')
|
« modules/discourse/files/sudoers ('k')
|
no next file »
|
no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| Index: modules/discourse/manifests/init.pp |
| =================================================================== |
| --- a/modules/discourse/manifests/init.pp |
| +++ b/modules/discourse/manifests/init.pp |
| @@ -28,44 +28,136 @@ class discourse { |
| } |
| package {'bundler': |
| ensure => present, |
| provider => gem |
| } |
| $gem_dependencies = ['git', 'build-essential', 'ruby1.9.1-dev', 'libxml2-dev', |
| - 'libxslt-dev', 'libpq-dev'] |
| + 'libxslt-dev', 'libpq-dev', 'libfcgi-dev'] |
| package {$gem_dependencies: ensure => present} |
| - file {'/etc/discourse': ensure => directory} |
| + file {'/opt/discourse': |
| + ensure => directory, |
| + mode => 755, |
| + owner => discourse, |
| + group => www-data |
| + } |
| - file {'/etc/discourse/database.yml': |
| - mode => 640, |
| + file {'/opt/discourse/discourse.fcgi': |
| + mode => 755, |
| + owner => discourse, |
| + group => www-data, |
| + source => 'puppet:///modules/discourse/discourse.fcgi', |
| + require => Exec['fetch-discourse'] |
| + } |
| + |
| + file {'/opt/discourse/config/database.yml': |
| + mode => 600, |
| + owner => discourse, |
| + group => www-data, |
| + source => 'puppet:///modules/discourse/database.yml', |
| + require => Exec['fetch-discourse'] |
| + } |
| + |
| + file {'/opt/discourse/config/redis.yml': |
| + mode => 600, |
| + owner => discourse, |
| + group => www-data, |
| + source => 'puppet:///modules/discourse/redis.yml', |
| + require => Exec['fetch-discourse'] |
| + } |
| + |
| + file {'/usr/local/bin/init-discourse': |
| + mode => 0755, |
| owner => root, |
| group => root, |
| - source => 'puppet:///modules/discourse/database.yml' |
| + source => 'puppet:///modules/discourse/init-discourse' |
| } |
| - file {'/etc/discourse/redis.yml': |
| - mode => 640, |
| + user {'discourse': |
| + ensure => present, |
| + comment => 'Discourse user', |
| + home => '/home/discourse', |
| + gid => www-data, |
| + password => '*', |
| + managehome => true |
| + } |
| + |
| + file {'/etc/sudoers.d/discourse': |
| + ensure => present, |
| owner => root, |
| group => root, |
| - source => 'puppet:///modules/discourse/redis.yml' |
| + mode => 0440, |
| + source => 'puppet:///modules/discourse/sudoers', |
| + require => User['discourse'] |
| } |
| - file {'/usr/local/bin/deploy-discourse': |
| - mode => 0744, |
| - owner => root, |
| - group => root, |
| - source => 'puppet:///modules/discourse/deploy-discourse' |
| + exec {'fetch-discourse': |
| + command => "hg clone https://hg.adblockplus.org/discourse /opt/discourse", |
| + path => ["/usr/bin/", "/bin/"], |
| + user => discourse, |
| + group => www-data, |
| + require => [Package['mercurial'], File['/opt/discourse']], |
| + onlyif => "test ! -d /opt/discourse/.hg" |
| } |
| - exec {'/usr/local/bin/deploy-discourse': |
| - subscribe => File['/usr/local/bin/deploy-discourse'], |
| + exec {'/usr/local/bin/init-discourse': |
| + subscribe => File['/usr/local/bin/init-discourse'], |
| refreshonly => true, |
| + user => discourse, |
| + group => www-data, |
| timeout => 0, |
| + logoutput => true, |
| require => [Package['bundler', 'postgresql-contrib', $gem_dependencies], |
| - File['/etc/discourse/database.yml', '/etc/discourse/redis.yml']] |
| + User['discourse'], File['/etc/sudoers.d/discourse'], |
| + Exec['fetch-discourse'], |
| + File['/opt/discourse/discourse.fcgi'], |
| + File['/opt/discourse/config/database.yml'], |
| + File['/opt/discourse/config/redis.yml']] |
| } |
| - # TODO: Set up thin to run the app, with nginx as a proxy if necessary |
| + class {'spawn-fcgi':} |
| + |
| + spawn-fcgi::pool {'discourse-fastcgi': |
| + ensure => 'present', |
| + user => 'discourse', |
| + group => 'www-data', |
| + mode => 0664, |
| + fcgi_app => '/opt/discourse/discourse.fcgi', |
| + socket => '/tmp/discourse-fastcgi.sock', |
| + require => File['/opt/discourse/discourse.fcgi'], |
| + } |
| + |
| + class {'nginx': |
| + worker_processes => 1, |
| + worker_connections => 500 |
| + } |
| + |
| + file {'/etc/nginx/sites-available/adblockplus.org_sslcert.key': |
|
Felix Dahlke
2013/02/21 15:56:02
Any reason why the SSL certificate and key are in
|
| + ensure => file, |
| + notify => Service['nginx'], |
| + before => Nginx::Hostconfig['intraforum.adblockplus.org'], |
| + require => Package['nginx'], |
| + source => 'puppet:///modules/private/adblockplus.org_sslcert.key' |
| + } |
| + |
| + file {'/etc/nginx/sites-available/adblockplus.org_sslcert.pem': |
| + ensure => file, |
| + mode => 0400, |
| + notify => Service['nginx'], |
| + before => Nginx::Hostconfig['intraforum.adblockplus.org'], |
| + require => Package['nginx'], |
| + source => 'puppet:///modules/private/adblockplus.org_sslcert.pem' |
| + } |
| + |
| + nginx::hostconfig{'intraforum.adblockplus.org': |
| + source => 'puppet:///modules/discourse/intraforum.adblockplus.org', |
| + enabled => true |
| + } |
| + |
| + file {'/etc/logrotate.d/nginx_intraforum.adblockplus.org': |
| + ensure => file, |
| + require => Nginx::Hostconfig['intraforum.adblockplus.org'], |
| + source => 'puppet:///modules/discourse/logrotate' |
| + } |
| } |
« modules/discourse/files/discourse.fcgi ('K')
|
« modules/discourse/files/sudoers ('k')
|
no next file »
|
no next file with comments »
