Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Side by Side Diff: modules/discourse/manifests/init.pp

Issue 9377123: Set up proper FastCGI environment for Discourse and use nginx (Closed)
Patch Set: Converted init_discourse script to Python Created Feb. 18, 2013, 2:03 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff | Download patch
OLDNEW
1 class discourse { 1 class discourse {
2 include postgresql::server 2 include postgresql::server
3 3
4 postgresql::database {'discourse':} 4 postgresql::database {'discourse':}
5 5
6 postgresql::role {'discourse': 6 postgresql::role {'discourse':
7 password_hash => 'vagrant', 7 password_hash => 'vagrant',
8 db => 'discourse', 8 db => 'discourse',
9 login => true, 9 login => true,
10 superuser => true 10 superuser => true
(...skipping 15 matching lines...) Expand all
26 require => Package['ruby1.9.1'], 26 require => Package['ruby1.9.1'],
27 before => Package['bundler'] 27 before => Package['bundler']
28 } 28 }
29 29
30 package {'bundler': 30 package {'bundler':
31 ensure => present, 31 ensure => present,
32 provider => gem 32 provider => gem
33 } 33 }
34 34
35 $gem_dependencies = ['git', 'build-essential', 'ruby1.9.1-dev', 'libxml2-dev', 35 $gem_dependencies = ['git', 'build-essential', 'ruby1.9.1-dev', 'libxml2-dev',
36 'libxslt-dev', 'libpq-dev'] 36 'libxslt-dev', 'libpq-dev', 'libfcgi-dev']
37 package {$gem_dependencies: ensure => present} 37 package {$gem_dependencies: ensure => present}
38 38
39 file {'/etc/discourse': ensure => directory} 39 file {'/opt/discourse':
40 ensure => directory,
41 mode => 755,
42 owner => discourse,
43 group => www-data
44 }
40 45
41 file {'/etc/discourse/database.yml': 46 file {'/opt/discourse/discourse.fcgi':
42 mode => 640, 47 mode => 755,
48 owner => discourse,
49 group => www-data,
50 source => 'puppet:///modules/discourse/discourse.fcgi',
51 require => Exec['fetch-discourse']
52 }
53
54 file {'/opt/discourse/config/database.yml':
55 mode => 600,
56 owner => discourse,
57 group => www-data,
58 source => 'puppet:///modules/discourse/database.yml',
59 require => Exec['fetch-discourse']
60 }
61
62 file {'/opt/discourse/config/redis.yml':
63 mode => 600,
64 owner => discourse,
65 group => www-data,
66 source => 'puppet:///modules/discourse/redis.yml',
67 require => Exec['fetch-discourse']
68 }
69
70 file {'/usr/local/bin/init-discourse':
71 mode => 0755,
43 owner => root, 72 owner => root,
44 group => root, 73 group => root,
45 source => 'puppet:///modules/discourse/database.yml' 74 source => 'puppet:///modules/discourse/init-discourse'
46 } 75 }
47 76
48 file {'/etc/discourse/redis.yml': 77 user {'discourse':
49 mode => 640, 78 ensure => present,
79 comment => 'Discourse user',
80 home => '/home/discourse',
81 gid => www-data,
82 password => '*',
83 managehome => true
84 }
85
86 file {'/etc/sudoers.d/discourse':
87 ensure => present,
50 owner => root, 88 owner => root,
51 group => root, 89 group => root,
52 source => 'puppet:///modules/discourse/redis.yml' 90 mode => 0440,
91 source => 'puppet:///modules/discourse/sudoers',
92 require => User['discourse']
53 } 93 }
54 94
55 file {'/usr/local/bin/deploy-discourse': 95 exec {'fetch-discourse':
56 mode => 0744, 96 command => "hg clone https://hg.adblockplus.org/discourse /opt/discourse",
57 owner => root, 97 path => ["/usr/bin/", "/bin/"],
58 group => root, 98 user => discourse,
59 source => 'puppet:///modules/discourse/deploy-discourse' 99 group => www-data,
100 require => [Package['mercurial'], File['/opt/discourse']],
101 onlyif => "test ! -d /opt/discourse/.hg"
60 } 102 }
61 103
62 exec {'/usr/local/bin/deploy-discourse': 104 exec {'/usr/local/bin/init-discourse':
63 subscribe => File['/usr/local/bin/deploy-discourse'], 105 subscribe => File['/usr/local/bin/init-discourse'],
64 refreshonly => true, 106 refreshonly => true,
107 user => discourse,
108 group => www-data,
65 timeout => 0, 109 timeout => 0,
110 logoutput => true,
66 require => [Package['bundler', 'postgresql-contrib', $gem_dependencies], 111 require => [Package['bundler', 'postgresql-contrib', $gem_dependencies],
67 File['/etc/discourse/database.yml', '/etc/discourse/redis.yml']] 112 User['discourse'], File['/etc/sudoers.d/discourse'],
113 Exec['fetch-discourse'],
114 File['/opt/discourse/discourse.fcgi'],
115 File['/opt/discourse/config/database.yml'],
116 File['/opt/discourse/config/redis.yml']]
68 } 117 }
69 118
70 # TODO: Set up thin to run the app, with nginx as a proxy if necessary 119 class {'spawn-fcgi':}
120
121 spawn-fcgi::pool {'discourse-fastcgi':
122 ensure => 'present',
123 user => 'discourse',
124 group => 'www-data',
125 mode => 0664,
126 fcgi_app => '/opt/discourse/discourse.fcgi',
127 socket => '/tmp/discourse-fastcgi.sock',
128 require => File['/opt/discourse/discourse.fcgi'],
129 }
130
131 class {'nginx':
132 worker_processes => 1,
133 worker_connections => 500
134 }
135
136 file {'/etc/nginx/sites-available/adblockplus.org_sslcert.key':
Felix Dahlke 2013/02/21 15:56:02 Any reason why the SSL certificate and key are in
137 ensure => file,
138 notify => Service['nginx'],
139 before => Nginx::Hostconfig['intraforum.adblockplus.org'],
140 require => Package['nginx'],
141 source => 'puppet:///modules/private/adblockplus.org_sslcert.key'
142 }
143
144 file {'/etc/nginx/sites-available/adblockplus.org_sslcert.pem':
145 ensure => file,
146 mode => 0400,
147 notify => Service['nginx'],
148 before => Nginx::Hostconfig['intraforum.adblockplus.org'],
149 require => Package['nginx'],
150 source => 'puppet:///modules/private/adblockplus.org_sslcert.pem'
151 }
152
153 nginx::hostconfig{'intraforum.adblockplus.org':
154 source => 'puppet:///modules/discourse/intraforum.adblockplus.org',
155 enabled => true
156 }
157
158 file {'/etc/logrotate.d/nginx_intraforum.adblockplus.org':
159 ensure => file,
160 require => Nginx::Hostconfig['intraforum.adblockplus.org'],
161 source => 'puppet:///modules/discourse/logrotate'
162 }
71 } 163 }
OLDNEW
« modules/discourse/files/discourse.fcgi ('K') | « modules/discourse/files/sudoers ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld