Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Side by Side Diff: modules/discourse/manifests/init.pp

Issue 29347356: Issue 4234 - Migrate Discourse to a Docker-based setup (Closed)
Patch Set: Finalized changes Created July 10, 2016, 4:36 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff | Download patch
OLDNEW
1 class discourse( 1 class discourse(
2 $domain, 2 $domain,
3 $certificate, 3 $certificate,
4 $private_key, 4 $private_key,
5 $is_default = false 5 $site_settings,
6 ) inherits private::discourse { 6 $is_default = false,
7 $admins = hiera('discourse::admins', [])
8 ) {
7 9
8 class { 'postgresql::globals': 10 apt::source {'docker':
9 manage_package_repo => true, 11 location => 'https://apt.dockerproject.org/repo',
10 version => '9.3', 12 release => 'ubuntu-precise',
11 }-> 13 repos => 'main',
12 class {"postgresql::server":} 14 key => '58118E89F3A912897C070ADBF76221572C52609D',
13 15 key_content => template('discourse/dockersource.gpg.key'),
14 class {"postgresql::server::contrib": 16 include_src => false,
15 package_ensure => 'present',
16 } 17 }
17 18
18 postgresql::server::database {'discourse':} 19 package {'docker-engine':
19 20 ensure => '1.11.0-0~precise',
20 postgresql::server::role {'discourse': 21 require => Apt::Source['docker'],
21 password_hash => postgresql_password('discourse', $database_password),
22 db => 'discourse',
23 login => true,
24 superuser => true,
25 require => Postgresql::Server::Database['discourse']
26 } 22 }
27 23
28 $rvm_dependencies = ['curl', 'git-core', 'patch', 'build-essential', 'bison', 24 package {'git':
29 'zlib1g-dev', 'libssl-dev', 'libxml2-dev', 'sqlite3', 'libsqlite3-dev', 25 ensure => present,
30 'autotools-dev', 'libxslt1-dev', 'libyaml-0-2', 'autoconf', 'automake',
31 'libreadline6-dev', 'libyaml-dev', 'libtool', 'libgdbm-dev',
32 'libncurses5-dev', 'libffi-dev', 'pkg-config', 'gawk']
33 $discourse_dependencies = ['redis-server', 'libjemalloc1']
34 $gem_dependencies = ['libpq-dev']
35 $image_optim_dependencies = ['advancecomp', 'gifsicle', 'jhead', 'jpegoptim',
36 'libjpeg-progs', 'optipng', 'pngcrush']
37 $image_sorcery_dependencies = 'imagemagick'
38
39 package {[$rvm_dependencies, $discourse_dependencies, $gem_dependencies, $imag e_optim_dependencies, $image_sorcery_dependencies]:
40 ensure => present
41 } 26 }
42 27
43 Exec <| tag == 'rvm' |> { 28 service {'docker':
44 path => '/bin:/usr/bin:/usr/sbin:/usr/local/bin:/home/discourse/.rvm/bin', 29 ensure => running,
45 user => discourse, 30 require => Package['docker-engine'],
46 group => www-data,
47 environment => ['HOME=/home/discourse'],
48 } 31 }
49 32
50 exec {'install-rvm-key': 33 file {'/var/discourse':
51 command => 'gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C2754 62A1703113804BB82D39DC0E3', 34 ensure => directory,
52 tag => 'rvm', 35 mode => 755,
53 unless => 'gpg --list-keys | grep D39DC0E3', 36 owner => root,
37 group => root
54 } 38 }
55 39
56 exec {'install-ruby': 40 exec {'fetch-discourse-docker':
57 command => 'curl -sSL https://get.rvm.io | bash -s stable --ruby=2.1.2', 41 command => "hg clone https://hg.adblockplus.org/discourse_docker /var/discou rse",
58 tag => 'rvm', 42 path => ["/usr/bin/", "/bin/"],
59 creates => '/home/discourse/.rvm', 43 user => root,
60 timeout => 0, 44 timeout => 0,
61 logoutput => true, 45 require => [Package['mercurial'], File['/var/discourse']],
62 require => [Exec['install-rvm-key'], Package[$rvm_dependencies]], 46 onlyif => "test ! -d /var/discourse/.hg"
63 } 47 }
64 48
65 exec {'install-bundler': 49 file {'/var/discourse/containers/app.yml':
66 command => 'rvm default do gem install bundler', 50 ensure => file,
67 tag => 'rvm', 51 mode => 600,
68 unless => 'rvm default do gem list | grep "^bundler ")', 52 owner => root,
69 require => Exec['install-ruby'], 53 group => root,
54 content => template('discourse/app.yml.erb'),
55 require => Exec['fetch-discourse-docker'],
70 } 56 }
71 57
72 file {'/opt/discourse': 58 exec {'rebuild':
73 ensure => directory, 59 command => '/var/discourse/launcher rebuild app --skip-prereqs',
74 mode => 755, 60 user => root,
75 owner => discourse, 61 subscribe => File['/var/discourse/containers/app.yml'],
76 group => www-data 62 refreshonly => true,
63 logoutput => 'on_failure',
64 timeout => 0,
65 require => [Exec['fetch-discourse-docker'],
66 Service['docker'],
67 Package['git']],
77 } 68 }
78 69
79 file {['/opt/discourse/tmp', '/opt/discourse/tmp/pids']: 70 exec {'start':
80 ensure => directory, 71 command => '/var/discourse/launcher start app --skip-prereqs',
81 mode => 755, 72 user => root,
82 owner => discourse, 73 logoutput => 'on_failure',
83 group => www-data, 74 require => Exec['rebuild'],
84 require => Exec['fetch-discourse']
85 }
86
87 file {'/opt/discourse/config/discourse.conf':
88 mode => 600,
89 owner => discourse,
90 group => www-data,
91 content => template('discourse/discourse.conf.erb'),
92 notify => Service['discourse'],
93 require => Exec['fetch-discourse']
94 }
95
96 file {'/usr/local/bin/init-discourse':
97 mode => 0755,
98 owner => root,
99 group => root,
100 source => 'puppet:///modules/discourse/init-discourse'
101 }
102
103 user {'discourse':
104 ensure => present,
105 comment => 'Discourse user',
106 home => '/home/discourse',
107 gid => www-data,
108 password => '*',
109 managehome => true
110 }
111
112 file {'/etc/sudoers.d/discourse':
113 ensure => present,
114 owner => root,
115 group => root,
116 mode => 0440,
117 source => 'puppet:///modules/discourse/sudoers',
118 require => User['discourse']
119 }
120
121 exec {'fetch-discourse':
122 command => "hg clone https://hg.adblockplus.org/discourse /opt/discourse",
123 path => ["/usr/bin/", "/bin/"],
124 user => discourse,
125 group => www-data,
126 timeout => 0,
127 require => [Package['mercurial'], File['/opt/discourse']],
128 notify => Exec['init-discourse'],
129 onlyif => "test ! -d /opt/discourse/.hg"
130 }
131
132 file {'/opt/discourse/config/initializers/airbrake.rb':
133 ensure => absent,
134 before => Exec['init-discourse'],
135 }
136
137 file {'/opt/discourse/config/version.rb':
138 ensure => present,
139 owner => discourse,
140 group => www-data,
141
142 # This is hardcoded here so that Discourse doesn't try to extract it from
143 # the repository. Ideally, we should update it when updating Discourse.
144 content => '$git_version = "a324c71869cad20a40f7979354cd731041878276"',
145 require => Exec['fetch-discourse'],
146 before => Exec['init-discourse'],
147 }
148
149 exec {'init-discourse':
150 command => 'rvm default do /usr/local/bin/init-discourse',
151 tag => 'rvm',
152 subscribe => File['/usr/local/bin/init-discourse'],
153 refreshonly => true,
154 timeout => 0,
155 logoutput => true,
156 require => [Exec['install-bundler'],
157 Package[$discourse_dependencies, $gem_dependencies],
158 User['discourse'], File['/etc/sudoers.d/discourse'],
159 Exec['fetch-discourse'],
160 File['/opt/discourse/config/discourse.conf'],
161 Postgresql::Server::Role['discourse']]
162 }
163
164 Discourse::Sitesetting <| |> {
165 require => Exec['init-discourse']
166 }
167
168 discourse::sitesetting {'title':
169 ensure => present,
170 type => 1,
171 value => 'Adblock Plus internal discussions'
172 }
173
174 discourse::sitesetting {'notification_email':
175 ensure => present,
176 type => 1,
177 value => 'donotreply@adblockplus.org'
178 }
179
180 discourse::sitesetting {'contact_email':
181 ensure => present,
182 type => 1,
183 value => 'admins@adblockplus.org'
184 }
185
186 discourse::sitesetting {'site_contact_username':
187 ensure => present,
188 type => 1,
189 value => 'system'
190 }
191
192 discourse::sitesetting {'must_approve_users':
193 ensure => present,
194 type => 5,
195 value => 'f'
196 }
197
198 discourse::sitesetting {'login_required':
199 ensure => present,
200 type => 5,
201 value => 't'
202 }
203
204 discourse::sitesetting {'email_domains_blacklist':
205 ensure => present,
206 type => 1,
207 value => ''
208 }
209
210 discourse::sitesetting {'email_domains_whitelist':
211 ensure => present,
212 type => 1,
213 value => 'adblockplus.org|eyeo.com'
214 }
215
216 discourse::sitesetting {'use_https':
217 ensure => present,
218 type => 5,
219 value => 't'
220 }
221
222 discourse::sitesetting {'company_full_name':
223 ensure => present,
224 type => 1,
225 value => 'Eyeo GmbH'
226 }
227
228 discourse::sitesetting {'company_short_name':
229 ensure => present,
230 type => 1,
231 value => 'Eyeo'
232 }
233
234 discourse::sitesetting {'company_domain':
235 ensure => present,
236 type => 1,
237 value => 'eyeo.com'
238 }
239
240 discourse::sitesetting {'enable_local_logins':
241 ensure => present,
242 type => 5,
243 value => 'f'
244 }
245
246 discourse::sitesetting {'enable_local_account_create':
247 ensure => present,
248 type => 5,
249 value => 'f'
250 }
251
252 discourse::sitesetting {'enable_google_logins':
253 ensure => present,
254 type => 5,
255 value => 'f'
256 }
257
258 discourse::sitesetting {'enable_google_oauth2_logins':
259 ensure => present,
260 type => 5,
261 value => 't'
262 }
263
264 discourse::sitesetting {'google_oauth2_client_id':
265 ensure => present,
266 type => 1,
267 value => $google_client_id
268 }
269
270 discourse::sitesetting {'google_oauth2_client_secret':
271 ensure => present,
272 type => 1,
273 value => $google_client_secret
274 }
275
276 discourse::sitesetting {'enable_facebook_logins':
277 ensure => present,
278 type => 5,
279 value => 'f'
280 }
281
282 discourse::sitesetting {'enable_twitter_logins':
283 ensure => present,
284 type => 5,
285 value => 'f'
286 }
287
288 discourse::sitesetting {'enable_github_logins':
289 ensure => present,
290 type => 5,
291 value => 'f'
292 }
293
294 discourse::sitesetting {'enable_yahoo_logins':
295 ensure => present,
296 type => 5,
297 value => 'f'
298 }
299
300 discourse::sitesetting {'enforce_global_nicknames':
301 ensure => present,
302 type => 5,
303 value => 'f'
304 }
305
306 discourse::sitesetting {'allow_user_locale':
307 ensure => present,
308 type => 5,
309 value => 't'
310 }
311
312 discourse::sitesetting {'white_listed_spam_host_domains':
313 ensure => present,
314 type => 1,
315 value => 'adblockplus.org,eyeo.com'
316 }
317
318 discourse::sitesetting {'max_mentions_per_post':
319 ensure => present,
320 type => 3,
321 value => '50',
322 }
323
324 Customservice {
325 user => 'discourse',
326 workdir => '/opt/discourse',
327 env => ['RAILS_ENV=production', 'RUBY_GC_MALLOC_LIMIT=90000000',
328 'UNICORN_WORKERS=2', 'LD_PRELOAD=/usr/lib/libjemalloc.so.1'],
329 require => Exec['init-discourse']
330 }
331
332 customservice {'discourse':
333 command => '/home/discourse/.rvm/bin/rvm default do bundle exec config/unico rn_launcher -c config/unicorn.conf.rb',
334 require => File['/opt/discourse/tmp/pids'],
335 }
336
337 customservice {'sidekiq':
338 command => '/home/discourse/.rvm/bin/rvm default do bundle exec sidekiq'
339 } 75 }
340 76
341 class {'nginx': 77 class {'nginx':
342 worker_connections => 500 78 worker_connections => 500
343 } 79 }
344 80
345 nginx::hostconfig{$domain: 81 nginx::hostconfig {$domain:
346 source => 'puppet:///modules/discourse/site.conf', 82 source => 'puppet:///modules/discourse/site.conf',
347 global_config => '
348 upstream discourse {
349 server localhost:3000;
350 }',
351 is_default => $is_default, 83 is_default => $is_default,
352 certificate => $certificate, 84 certificate => $certificate,
353 private_key => $private_key, 85 private_key => $private_key,
354 log => 'access_log_intraforum' 86 log => 'access_log_intraforum'
355 } 87 }
356 } 88 }
OLDNEW

Powered by Google App Engine
This is Rietveld