Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Unified Diff: modules/discourse/manifests/init.pp

Issue 29347356: Issue 4234 - Migrate Discourse to a Docker-based setup (Closed)
Patch Set: Updated to Discourse 1.6.0 beta11 and increased memory size Created July 12, 2016, 4:56 p.m.
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: modules/discourse/manifests/init.pp
===================================================================
--- a/modules/discourse/manifests/init.pp
+++ b/modules/discourse/manifests/init.pp
@@ -1,356 +1,88 @@
class discourse(
$domain,
$certificate,
$private_key,
- $is_default = false
- ) inherits private::discourse {
+ $site_settings,
+ $is_default = false,
+ $admins = hiera('discourse::admins', [])
+ ) {
- class { 'postgresql::globals':
- manage_package_repo => true,
- version => '9.3',
- }->
- class {"postgresql::server":}
-
- class {"postgresql::server::contrib":
- package_ensure => 'present',
+ apt::source {'docker':
+ location => 'https://apt.dockerproject.org/repo',
+ release => 'ubuntu-precise',
+ repos => 'main',
+ key => '58118E89F3A912897C070ADBF76221572C52609D',
+ key_content => template('discourse/dockersource.gpg.key'),
+ include_src => false,
}
- postgresql::server::database {'discourse':}
-
- postgresql::server::role {'discourse':
- password_hash => postgresql_password('discourse', $database_password),
- db => 'discourse',
- login => true,
- superuser => true,
- require => Postgresql::Server::Database['discourse']
+ package {'docker-engine':
+ ensure => '1.11.0-0~precise',
+ require => Apt::Source['docker'],
}
- $rvm_dependencies = ['curl', 'git-core', 'patch', 'build-essential', 'bison',
- 'zlib1g-dev', 'libssl-dev', 'libxml2-dev', 'sqlite3', 'libsqlite3-dev',
- 'autotools-dev', 'libxslt1-dev', 'libyaml-0-2', 'autoconf', 'automake',
- 'libreadline6-dev', 'libyaml-dev', 'libtool', 'libgdbm-dev',
- 'libncurses5-dev', 'libffi-dev', 'pkg-config', 'gawk']
- $discourse_dependencies = ['redis-server', 'libjemalloc1']
- $gem_dependencies = ['libpq-dev']
- $image_optim_dependencies = ['advancecomp', 'gifsicle', 'jhead', 'jpegoptim',
- 'libjpeg-progs', 'optipng', 'pngcrush']
- $image_sorcery_dependencies = 'imagemagick'
-
- package {[$rvm_dependencies, $discourse_dependencies, $gem_dependencies, $image_optim_dependencies, $image_sorcery_dependencies]:
- ensure => present
+ package {'git':
+ ensure => present,
}
- Exec <| tag == 'rvm' |> {
- path => '/bin:/usr/bin:/usr/sbin:/usr/local/bin:/home/discourse/.rvm/bin',
- user => discourse,
- group => www-data,
- environment => ['HOME=/home/discourse'],
+ service {'docker':
+ ensure => running,
+ require => Package['docker-engine'],
}
- exec {'install-rvm-key':
- command => 'gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3',
- tag => 'rvm',
- unless => 'gpg --list-keys | grep D39DC0E3',
+ file {'/var/discourse':
+ ensure => directory,
+ mode => 755,
+ owner => root,
+ group => root
}
- exec {'install-ruby':
- command => 'curl -sSL https://get.rvm.io | bash -s stable --ruby=2.1.2',
- tag => 'rvm',
- creates => '/home/discourse/.rvm',
+ exec {'fetch-discourse-docker':
+ command => "hg clone https://hg.adblockplus.org/discourse_docker /var/discourse",
+ path => ["/usr/bin/", "/bin/"],
+ user => root,
timeout => 0,
- logoutput => true,
- require => [Exec['install-rvm-key'], Package[$rvm_dependencies]],
+ require => [Package['mercurial'], File['/var/discourse']],
+ onlyif => "test ! -d /var/discourse/.hg"
mathias 2016/07/13 17:48:03 Using exec resource parameter "unless" is more str
Wladimir Palant 2016/07/13 18:01:12 The more important question is whether we should e
}
- exec {'install-bundler':
- command => 'rvm default do gem install bundler',
- tag => 'rvm',
- unless => 'rvm default do gem list | grep "^bundler ")',
- require => Exec['install-ruby'],
+ file {'/var/discourse/containers/app.yml':
+ ensure => file,
+ mode => 600,
+ owner => root,
+ group => root,
+ content => template('discourse/app.yml.erb'),
+ require => Exec['fetch-discourse-docker'],
}
- file {'/opt/discourse':
- ensure => directory,
- mode => 755,
- owner => discourse,
- group => www-data
+ exec {'rebuild':
+ command => '/var/discourse/launcher rebuild app --skip-prereqs',
+ user => root,
+ subscribe => File['/var/discourse/containers/app.yml'],
+ refreshonly => true,
+ logoutput => 'on_failure',
+ timeout => 0,
+ require => [Exec['fetch-discourse-docker'],
+ Service['docker'],
+ Package['git']],
}
- file {['/opt/discourse/tmp', '/opt/discourse/tmp/pids']:
- ensure => directory,
- mode => 755,
- owner => discourse,
- group => www-data,
- require => Exec['fetch-discourse']
- }
-
- file {'/opt/discourse/config/discourse.conf':
- mode => 600,
- owner => discourse,
- group => www-data,
- content => template('discourse/discourse.conf.erb'),
- notify => Service['discourse'],
- require => Exec['fetch-discourse']
- }
-
- file {'/usr/local/bin/init-discourse':
- mode => 0755,
- owner => root,
- group => root,
- source => 'puppet:///modules/discourse/init-discourse'
- }
-
- user {'discourse':
- ensure => present,
- comment => 'Discourse user',
- home => '/home/discourse',
- gid => www-data,
- password => '*',
- managehome => true
- }
-
- file {'/etc/sudoers.d/discourse':
- ensure => present,
- owner => root,
- group => root,
- mode => 0440,
- source => 'puppet:///modules/discourse/sudoers',
- require => User['discourse']
- }
-
- exec {'fetch-discourse':
- command => "hg clone https://hg.adblockplus.org/discourse /opt/discourse",
- path => ["/usr/bin/", "/bin/"],
- user => discourse,
- group => www-data,
- timeout => 0,
- require => [Package['mercurial'], File['/opt/discourse']],
- notify => Exec['init-discourse'],
- onlyif => "test ! -d /opt/discourse/.hg"
- }
-
- file {'/opt/discourse/config/initializers/airbrake.rb':
- ensure => absent,
- before => Exec['init-discourse'],
- }
-
- file {'/opt/discourse/config/version.rb':
- ensure => present,
- owner => discourse,
- group => www-data,
-
- # This is hardcoded here so that Discourse doesn't try to extract it from
- # the repository. Ideally, we should update it when updating Discourse.
- content => '$git_version = "a324c71869cad20a40f7979354cd731041878276"',
- require => Exec['fetch-discourse'],
- before => Exec['init-discourse'],
- }
-
- exec {'init-discourse':
- command => 'rvm default do /usr/local/bin/init-discourse',
- tag => 'rvm',
- subscribe => File['/usr/local/bin/init-discourse'],
- refreshonly => true,
- timeout => 0,
- logoutput => true,
- require => [Exec['install-bundler'],
- Package[$discourse_dependencies, $gem_dependencies],
- User['discourse'], File['/etc/sudoers.d/discourse'],
- Exec['fetch-discourse'],
- File['/opt/discourse/config/discourse.conf'],
- Postgresql::Server::Role['discourse']]
- }
-
- Discourse::Sitesetting <| |> {
- require => Exec['init-discourse']
- }
-
- discourse::sitesetting {'title':
- ensure => present,
- type => 1,
- value => 'Adblock Plus internal discussions'
- }
-
- discourse::sitesetting {'notification_email':
- ensure => present,
- type => 1,
- value => 'donotreply@adblockplus.org'
- }
-
- discourse::sitesetting {'contact_email':
- ensure => present,
- type => 1,
- value => 'admins@adblockplus.org'
- }
-
- discourse::sitesetting {'site_contact_username':
- ensure => present,
- type => 1,
- value => 'system'
- }
-
- discourse::sitesetting {'must_approve_users':
- ensure => present,
- type => 5,
- value => 'f'
- }
-
- discourse::sitesetting {'login_required':
- ensure => present,
- type => 5,
- value => 't'
- }
-
- discourse::sitesetting {'email_domains_blacklist':
- ensure => present,
- type => 1,
- value => ''
- }
-
- discourse::sitesetting {'email_domains_whitelist':
- ensure => present,
- type => 1,
- value => 'adblockplus.org|eyeo.com'
- }
-
- discourse::sitesetting {'use_https':
- ensure => present,
- type => 5,
- value => 't'
- }
-
- discourse::sitesetting {'company_full_name':
- ensure => present,
- type => 1,
- value => 'Eyeo GmbH'
- }
-
- discourse::sitesetting {'company_short_name':
- ensure => present,
- type => 1,
- value => 'Eyeo'
- }
-
- discourse::sitesetting {'company_domain':
- ensure => present,
- type => 1,
- value => 'eyeo.com'
- }
-
- discourse::sitesetting {'enable_local_logins':
- ensure => present,
- type => 5,
- value => 'f'
- }
-
- discourse::sitesetting {'enable_local_account_create':
- ensure => present,
- type => 5,
- value => 'f'
- }
-
- discourse::sitesetting {'enable_google_logins':
- ensure => present,
- type => 5,
- value => 'f'
- }
-
- discourse::sitesetting {'enable_google_oauth2_logins':
- ensure => present,
- type => 5,
- value => 't'
- }
-
- discourse::sitesetting {'google_oauth2_client_id':
- ensure => present,
- type => 1,
- value => $google_client_id
- }
-
- discourse::sitesetting {'google_oauth2_client_secret':
- ensure => present,
- type => 1,
- value => $google_client_secret
- }
-
- discourse::sitesetting {'enable_facebook_logins':
- ensure => present,
- type => 5,
- value => 'f'
- }
-
- discourse::sitesetting {'enable_twitter_logins':
- ensure => present,
- type => 5,
- value => 'f'
- }
-
- discourse::sitesetting {'enable_github_logins':
- ensure => present,
- type => 5,
- value => 'f'
- }
-
- discourse::sitesetting {'enable_yahoo_logins':
- ensure => present,
- type => 5,
- value => 'f'
- }
-
- discourse::sitesetting {'enforce_global_nicknames':
- ensure => present,
- type => 5,
- value => 'f'
- }
-
- discourse::sitesetting {'allow_user_locale':
- ensure => present,
- type => 5,
- value => 't'
- }
-
- discourse::sitesetting {'white_listed_spam_host_domains':
- ensure => present,
- type => 1,
- value => 'adblockplus.org,eyeo.com'
- }
-
- discourse::sitesetting {'max_mentions_per_post':
- ensure => present,
- type => 3,
- value => '50',
- }
-
- Customservice {
- user => 'discourse',
- workdir => '/opt/discourse',
- env => ['RAILS_ENV=production', 'RUBY_GC_MALLOC_LIMIT=90000000',
- 'UNICORN_WORKERS=2', 'LD_PRELOAD=/usr/lib/libjemalloc.so.1'],
- require => Exec['init-discourse']
- }
-
- customservice {'discourse':
- command => '/home/discourse/.rvm/bin/rvm default do bundle exec config/unicorn_launcher -c config/unicorn.conf.rb',
- require => File['/opt/discourse/tmp/pids'],
- }
-
- customservice {'sidekiq':
- command => '/home/discourse/.rvm/bin/rvm default do bundle exec sidekiq'
+ exec {'start':
+ command => '/var/discourse/launcher start app --skip-prereqs',
+ user => root,
+ logoutput => 'on_failure',
+ require => Exec['rebuild'],
}
class {'nginx':
worker_connections => 500
}
- nginx::hostconfig{$domain:
+ nginx::hostconfig {$domain:
source => 'puppet:///modules/discourse/site.conf',
- global_config => '
- upstream discourse {
- server localhost:3000;
- }',
is_default => $is_default,
certificate => $certificate,
private_key => $private_key,
log => 'access_log_intraforum'
}
}

Powered by Google App Engine
This is Rietveld