Left: | ||
Right: |
OLD | NEW |
---|---|
1 class discourse( | 1 class discourse( |
2 $domain, | 2 $domain, |
3 $certificate, | 3 $certificate, |
4 $private_key, | 4 $private_key, |
5 $is_default = false | 5 $is_default = false |
6 ) inherits private::discourse { | 6 ) inherits private::discourse { |
7 | 7 |
8 class { 'postgresql::globals': | |
9 manage_package_repo => true, | |
10 version => '9.3', | |
11 }-> | |
8 class {"postgresql::server":} | 12 class {"postgresql::server":} |
9 | 13 |
14 class {"postgresql::server::contrib": | |
15 package_ensure => 'present', | |
16 } | |
17 | |
10 postgresql::server::database {'discourse':} | 18 postgresql::server::database {'discourse':} |
11 | 19 |
12 postgresql::server::role {'discourse': | 20 postgresql::server::role {'discourse': |
13 password_hash => postgresql_password('discourse', $database_password), | 21 password_hash => postgresql_password('discourse', $database_password), |
14 db => 'discourse', | 22 db => 'discourse', |
15 login => true, | 23 login => true, |
16 superuser => true, | 24 superuser => true, |
17 require => Postgresql::Server::Database['discourse'] | 25 require => Postgresql::Server::Database['discourse'] |
18 } | 26 } |
19 | 27 |
20 $basic_dependencies = ['postgresql-contrib', 'redis-server', 'ruby1.9.1', | 28 $rvm_dependencies = ['curl', 'git-core', 'patch', 'build-essential', 'bison', |
21 'libjemalloc1', 'curl'] | 29 'zlib1g-dev', 'libssl-dev', 'libxml2-dev', 'sqlite3', 'libsqlite3-dev', |
22 $gem_dependencies = ['git', 'build-essential', 'ruby1.9.1-dev', 'libxml2-dev', | 30 'autotools-dev', 'libxslt1-dev', 'libyaml-0-2', 'autoconf', 'automake', |
23 'libxslt-dev', 'libpq-dev'] | 31 'libreadline6-dev', 'libyaml-dev', 'libtool', 'libgdbm-dev', |
32 'libncurses5-dev', 'libffi-dev', 'pkg-config', 'gawk'] | |
33 $discourse_dependencies = ['redis-server', 'libjemalloc1'] | |
34 $gem_dependencies = ['libpq-dev'] | |
24 $image_optim_dependencies = ['advancecomp', 'gifsicle', 'jhead', 'jpegoptim', | 35 $image_optim_dependencies = ['advancecomp', 'gifsicle', 'jhead', 'jpegoptim', |
25 'libjpeg-progs', 'optipng', 'pngcrush'] | 36 'libjpeg-progs', 'optipng', 'pngcrush'] |
26 $image_sorcery_dependencies = 'imagemagick' | 37 $image_sorcery_dependencies = 'imagemagick' |
27 | 38 |
28 package {[$basic_dependencies, $gem_dependencies, $image_optim_dependencies, $ image_sorcery_dependencies]: | 39 package {[$rvm_dependencies, $discourse_dependencies, $gem_dependencies, $imag e_optim_dependencies, $image_sorcery_dependencies]: |
29 ensure => present | 40 ensure => present |
30 } | 41 } |
31 | 42 |
32 Exec {path => '/bin:/usr/bin:/usr/sbin:/usr/local/bin'} | 43 Exec <| tag == 'rvm' |> { |
33 | 44 path => '/bin:/usr/bin:/usr/sbin:/usr/local/bin:/home/discourse/.rvm/bin', |
mathias
2015/05/09 15:34:19
Do you know why the directory precedence here is i
Wladimir Palant
2015/05/11 15:00:42
Done.
| |
34 exec {'update-alternatives --set ruby "/usr/bin/ruby1.9.1"': | 45 user => discourse, |
35 unless => 'test $(readlink "/etc/alternatives/ruby") == "/usr/bin/ruby1.9.1" ', | 46 group => www-data, |
36 require => Package['ruby1.9.1'] | 47 environment => ['HOME=/home/discourse'], |
37 } | 48 } |
38 | 49 |
39 exec {'update-alternatives --set gem "/usr/bin/gem1.9.1"': | 50 exec {'install-rvm-key': |
40 unless => 'test $(readlink "/etc/alternatives/gem") == "/usr/bin/gem1.9.1"', | 51 command => 'gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C2754 62A1703113804BB82D39DC0E3', |
41 require => Package['ruby1.9.1'], | 52 tag => 'rvm', |
42 before => Exec['update_gem'] | 53 unless => 'gpg --list-keys | grep D39DC0E3', |
43 } | 54 } |
44 | 55 |
45 exec {'update_gem': | 56 exec {'install-ruby': |
46 command => '/usr/bin/gem update --system 1.8.25', | 57 command => 'curl -sSL https://get.rvm.io | bash -s stable --ruby=2.1.2', |
mathias
2015/05/09 15:34:19
Note that this does not cover upgrading to future
Wladimir Palant
2015/05/11 15:00:42
Yes, I had RVM and Ruby installation separate init
| |
47 unless => 'test $(gem -v) == "1.8.25"', | 58 tag => 'rvm', |
48 environment => 'REALLY_GEM_UPDATE_SYSTEM=1', | 59 creates => '/home/discourse/.rvm', |
60 timeout => 0, | |
61 logoutput => true, | |
62 require => [Exec['install-rvm-key'], Package[$rvm_dependencies]], | |
49 } | 63 } |
50 | 64 |
51 package {'bundler': | 65 exec {'install-bundler': |
mathias
2015/05/09 15:34:19
Note that this would be better handled as a Packag
Wladimir Palant
2015/05/11 15:00:42
We need two different Ruby versions: one for Puppe
| |
52 ensure => present, | 66 command => 'rvm default do gem install bundler', |
53 provider => gem, | 67 tag => 'rvm', |
54 require => Exec['update_gem'] | 68 unless => 'rvm default do gem list | grep "^bundler ")', |
69 require => Exec['install-ruby'], | |
55 } | 70 } |
56 | 71 |
57 file {'/opt/discourse': | 72 file {'/opt/discourse': |
58 ensure => directory, | 73 ensure => directory, |
59 mode => 755, | 74 mode => 755, |
60 owner => discourse, | 75 owner => discourse, |
61 group => www-data | 76 group => www-data |
62 } | 77 } |
63 | 78 |
64 file {['/opt/discourse/tmp', '/opt/discourse/tmp/pids']: | 79 file {['/opt/discourse/tmp', '/opt/discourse/tmp/pids']: |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
101 mode => 0440, | 116 mode => 0440, |
102 source => 'puppet:///modules/discourse/sudoers', | 117 source => 'puppet:///modules/discourse/sudoers', |
103 require => User['discourse'] | 118 require => User['discourse'] |
104 } | 119 } |
105 | 120 |
106 exec {'fetch-discourse': | 121 exec {'fetch-discourse': |
107 command => "hg clone https://hg.adblockplus.org/discourse /opt/discourse", | 122 command => "hg clone https://hg.adblockplus.org/discourse /opt/discourse", |
108 path => ["/usr/bin/", "/bin/"], | 123 path => ["/usr/bin/", "/bin/"], |
109 user => discourse, | 124 user => discourse, |
110 group => www-data, | 125 group => www-data, |
126 timeout => 0, | |
111 require => [Package['mercurial'], File['/opt/discourse']], | 127 require => [Package['mercurial'], File['/opt/discourse']], |
112 notify => Exec['/usr/local/bin/init-discourse'], | 128 notify => Exec['init-discourse'], |
113 onlyif => "test ! -d /opt/discourse/.hg" | 129 onlyif => "test ! -d /opt/discourse/.hg" |
mathias
2015/05/09 15:34:19
(Not part of this patch-set, but a bug that needs
Wladimir Palant
2015/05/11 15:00:42
Why would it be non-empty? It's created right befo
| |
114 } | 130 } |
115 | 131 |
116 exec {'/usr/local/bin/init-discourse': | 132 file {'/opt/discourse/config/initializers/airbrake.rb': |
133 ensure => absent, | |
134 before => Exec['init-discourse'], | |
135 } | |
136 | |
137 file {'/opt/discourse/config/version.rb': | |
138 ensure => present, | |
139 owner => discourse, | |
140 group => www-data, | |
141 | |
142 # This is hardcoded here so that Discourse doesn't try to extract it from | |
143 # the repository. Ideally, we should update it when updating Discourse. | |
144 content => '$git_version = "8a3a02421a39f53b6adf3ca9a6fdba73f42bc932"', | |
145 require => Exec['fetch-discourse'], | |
146 before => Exec['init-discourse'], | |
147 } | |
148 | |
149 exec {'init-discourse': | |
150 command => 'rvm default do /usr/local/bin/init-discourse', | |
151 tag => 'rvm', | |
117 subscribe => File['/usr/local/bin/init-discourse'], | 152 subscribe => File['/usr/local/bin/init-discourse'], |
118 refreshonly => true, | 153 refreshonly => true, |
119 environment => ["AIRBRAKE_KEY=${airbrake_key}"], | |
120 user => discourse, | |
121 group => www-data, | |
122 timeout => 0, | 154 timeout => 0, |
123 logoutput => true, | 155 logoutput => true, |
124 require => [Package['bundler', $gem_dependencies], | 156 require => [Exec['install-bundler'], |
157 Package[$discourse_dependencies, $gem_dependencies], | |
125 User['discourse'], File['/etc/sudoers.d/discourse'], | 158 User['discourse'], File['/etc/sudoers.d/discourse'], |
126 Exec['fetch-discourse'], | 159 Exec['fetch-discourse'], |
127 File['/opt/discourse/config/discourse.conf'], | 160 File['/opt/discourse/config/discourse.conf'], |
128 Postgresql::Server::Role['discourse']] | 161 Postgresql::Server::Role['discourse']] |
129 } | 162 } |
130 | 163 |
131 Discourse::Sitesetting <| |> { | 164 Discourse::Sitesetting <| |> { |
132 require => Exec['/usr/local/bin/init-discourse'] | 165 require => Exec['init-discourse'] |
133 } | 166 } |
134 | 167 |
135 discourse::sitesetting {'title': | 168 discourse::sitesetting {'title': |
136 ensure => present, | 169 ensure => present, |
137 type => 1, | 170 type => 1, |
138 value => 'Adblock Plus internal discussions' | 171 value => 'Adblock Plus internal discussions' |
139 } | 172 } |
140 | 173 |
141 discourse::sitesetting {'notification_email': | 174 discourse::sitesetting {'notification_email': |
142 ensure => present, | 175 ensure => present, |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
209 type => 5, | 242 type => 5, |
210 value => 'f' | 243 value => 'f' |
211 } | 244 } |
212 | 245 |
213 discourse::sitesetting {'enable_local_account_create': | 246 discourse::sitesetting {'enable_local_account_create': |
214 ensure => present, | 247 ensure => present, |
215 type => 5, | 248 type => 5, |
216 value => 'f' | 249 value => 'f' |
217 } | 250 } |
218 | 251 |
252 discourse::sitesetting {'enable_google_logins': | |
253 ensure => present, | |
254 type => 5, | |
255 value => 'f' | |
256 } | |
257 | |
258 discourse::sitesetting {'enable_google_oauth2_logins': | |
259 ensure => present, | |
260 type => 5, | |
261 value => 't' | |
262 } | |
263 | |
264 discourse::sitesetting {'google_oauth2_client_id': | |
265 ensure => present, | |
266 type => 1, | |
267 value => $google_client_id | |
268 } | |
269 | |
270 discourse::sitesetting {'google_oauth2_client_secret': | |
271 ensure => present, | |
272 type => 1, | |
273 value => $google_client_secret | |
274 } | |
275 | |
219 discourse::sitesetting {'enable_facebook_logins': | 276 discourse::sitesetting {'enable_facebook_logins': |
220 ensure => present, | 277 ensure => present, |
221 type => 5, | 278 type => 5, |
222 value => 'f' | 279 value => 'f' |
223 } | 280 } |
224 | 281 |
225 discourse::sitesetting {'enable_twitter_logins': | 282 discourse::sitesetting {'enable_twitter_logins': |
226 ensure => present, | 283 ensure => present, |
227 type => 5, | 284 type => 5, |
228 value => 'f' | 285 value => 'f' |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
262 ensure => present, | 319 ensure => present, |
263 type => 3, | 320 type => 3, |
264 value => '50', | 321 value => '50', |
265 } | 322 } |
266 | 323 |
267 Discourse::Customservice <| |> { | 324 Discourse::Customservice <| |> { |
268 user => 'discourse', | 325 user => 'discourse', |
269 workdir => '/opt/discourse', | 326 workdir => '/opt/discourse', |
270 env => ['RAILS_ENV=production', 'RUBY_GC_MALLOC_LIMIT=90000000', | 327 env => ['RAILS_ENV=production', 'RUBY_GC_MALLOC_LIMIT=90000000', |
271 'UNICORN_WORKERS=2', 'LD_PRELOAD=/usr/lib/libjemalloc.so.1'], | 328 'UNICORN_WORKERS=2', 'LD_PRELOAD=/usr/lib/libjemalloc.so.1'], |
272 require => Exec['/usr/local/bin/init-discourse'] | 329 require => Exec['init-discourse'] |
mathias
2015/05/09 15:34:19
Wouldn't it make more sense to make it subscribe t
Wladimir Palant
2015/05/11 15:00:42
Not sure whether the services should really be con
| |
273 } | 330 } |
274 | 331 |
275 discourse::customservice {'discourse': | 332 discourse::customservice {'discourse': |
276 command => 'bundle exec config/unicorn_launcher -c config/unicorn.conf.rb', | 333 command => '/home/discourse/.rvm/bin/rvm default do bundle exec config/unico rn_launcher -c config/unicorn.conf.rb', |
277 require => File['/opt/discourse/tmp/pids'], | 334 require => File['/opt/discourse/tmp/pids'], |
278 } | 335 } |
279 | 336 |
280 discourse::customservice {'sidekiq': | 337 discourse::customservice {'sidekiq': |
281 command => 'bundle exec sidekiq' | 338 command => '/home/discourse/.rvm/bin/rvm default do bundle exec sidekiq' |
282 } | 339 } |
283 | 340 |
284 class {'nginx': | 341 class {'nginx': |
285 worker_processes => 1, | 342 worker_processes => 1, |
286 worker_connections => 500 | 343 worker_connections => 500 |
287 } | 344 } |
288 | 345 |
289 nginx::hostconfig{$domain: | 346 nginx::hostconfig{$domain: |
290 source => 'puppet:///modules/discourse/site.conf', | 347 source => 'puppet:///modules/discourse/site.conf', |
291 global_config => ' | 348 global_config => ' |
292 upstream discourse { | 349 upstream discourse { |
293 server localhost:3000; | 350 server localhost:3000; |
294 }', | 351 }', |
295 is_default => $is_default, | 352 is_default => $is_default, |
296 certificate => $certificate, | 353 certificate => $certificate, |
297 private_key => $private_key, | 354 private_key => $private_key, |
298 log => 'access_log_intraforum' | 355 log => 'access_log_intraforum' |
299 } | 356 } |
300 } | 357 } |
OLD | NEW |