behemphi/gist:5421091

## gistfile1.txt
#
# Cookbook Name:: fm_nginx
# Recipe:: default
#
# Copyright 2013, Feedmagnet Corp.
#
# All rights reserved - Do Not Redistribute
#

# Nginx will run as www-data, so we are going to add this user to the
# fm group.
group 'fm' do
  action :modify
  append true
  members 'www-data'
end

# Setting down our document root.  All application and implementation code
# will be served out of here.
directory '/var/www/' do
  group 'fm'
  mode '2774'
  owner 'www-data'
end

# Apply Access control list to the document root so that everyone can play
# nicely there pulling code and implementations into the doc root.
bash 'enable acl on var/www' do
  code <<-EOH
    setfacl -bR /var/www
    setfacl -R --set-file=/usr/local/share/acl_template /var/www
  EOH
  user 'root'
end

# setting down the location for nginx to cache static objects.
directory '/var/www/cache' do
  group 'fm'
  mode '2775'
  owner 'www-data'
end

# Now it's time to stop and disable any running apache services
service "apache2" do
  action [ :stop, :disable ]
  provider Chef::Provider::Service::Init::Debian
end

# The community cookbook nginx now installs the server from source.
include_recipe 'nginx::default'
include_recipe 'nginx::source'

# Set up the deployment host server block.  This will be based on one of
# two templates, depending on whether it is large or a smaller instance.

if node.chef_environment.include?('large')
  dash_index = node.hostname.index("-")
  base_server_name = node.hostname[0,dash_index]
  # Large template
  template '/etc/nginx/sites-available/deployment' do
    group 'root'
    mode  '644'
    owner 'root'
    source  'deployment_large.erb'
    variables({
      :load_balanced_server_name => base_server_name
    })
  end
else
  # The non-large template
  template '/etc/nginx/sites-available/deployment' do
    group 'root'
    mode '644'
    owner 'root'
    source 'deployment.erb'
  end
end

# Catch undefined requests and return a "No can has."
template '/etc/nginx/sites-available/undefined_reqs' do
  group 'root'
  mode '644'
  owner 'root'
  source 'undefined_reqs.erb'
end

link '/etc/nginx/sites-enabled/undefined_reqs' do
  to '/etc/nginx/sites-available/undefined_reqs'
end

# Common and repeated uwsgi configuration for various location blocks.
template '/etc/nginx/uwsgi.conf' do
  group 'root'
  mode '644'
  owner 'root'
  source 'uwsgi.erb'
end

# Common uwsgi config for longer cached (24h) blocks.
template '/etc/nginx/uwsgi_long_cache.conf' do
  group 'root'
  mode  '644'
  owner 'root'
  source  'uwsgi_long_cache.erb'
end

link '/etc/nginx/sites-enabled/deployment' do
  to '/etc/nginx/sites-available/deployment'
end

# Create directory for SSL key storage.
directory '/etc/nginx/ssl' do
  group 'root'
  mode '644'
  owner 'root'
end

# Add FeedMagnet SSL Cert/Key
cookbook_file '/etc/nginx/ssl/feedmagnet-ssl.crt' do
  group 'root'
  mode '644'
  owner 'root'
  source 'feedmagnet-ssl.crt'
end

cookbook_file '/etc/nginx/ssl/feedmagnet-ssl.key' do
  group 'root'
  mode '644'
  owner 'root'
  source 'feedmagnet-ssl.key'
end

# Set up serving customer implementations
if node.chef_environment.include?('large')
  dash_index = node.hostname.index("-")
  base_server_name = node.hostname[0,dash_index]
  # Large template
  template '/etc/nginx/sites-available/customer_implementations' do
    group 'root'
    mode  '644'
    owner 'root'
    source  'customer_implementations_large.erb'
    variables({
      :load_balanced_server_name => base_server_name
    })
  end
else
  template '/etc/nginx/sites-available/customer_implementations' do
    group 'root'
    mode '644'
    owner 'root'
    source 'customer_implementations.erb'
  end
end

link '/etc/nginx/sites-enabled/customer_implementations' do
  to '/etc/nginx/sites-available/customer_implementations'
end

# reload the config.
service 'nginx' do
  action :reload
end
	#
	# Cookbook Name:: fm_nginx
	# Recipe:: default
	#
	# Copyright 2013, Feedmagnet Corp.
	#
	# All rights reserved - Do Not Redistribute
	#

	# Nginx will run as www-data, so we are going to add this user to the
	# fm group.
	group 'fm' do
	action :modify
	append true
	members 'www-data'
	end

	# Setting down our document root. All application and implementation code
	# will be served out of here.
	directory '/var/www/' do
	group 'fm'
	mode '2774'
	owner 'www-data'
	end

	# Apply Access control list to the document root so that everyone can play
	# nicely there pulling code and implementations into the doc root.
	bash 'enable acl on var/www' do
	code <<-EOH
	setfacl -bR /var/www
	setfacl -R --set-file=/usr/local/share/acl_template /var/www
	EOH
	user 'root'
	end

	# setting down the location for nginx to cache static objects.
	directory '/var/www/cache' do
	group 'fm'
	mode '2775'
	owner 'www-data'
	end

	# Now it's time to stop and disable any running apache services
	service "apache2" do
	action [ :stop, :disable ]
	provider Chef::Provider::Service::Init::Debian
	end

	# The community cookbook nginx now installs the server from source.
	include_recipe 'nginx::default'
	include_recipe 'nginx::source'

	# Set up the deployment host server block. This will be based on one of
	# two templates, depending on whether it is large or a smaller instance.

	if node.chef_environment.include?('large')
	dash_index = node.hostname.index("-")
	base_server_name = node.hostname[0,dash_index]
	# Large template
	template '/etc/nginx/sites-available/deployment' do
	group 'root'
	mode '644'
	owner 'root'
	source 'deployment_large.erb'
	variables({
	:load_balanced_server_name => base_server_name
	})
	end
	else
	# The non-large template
	template '/etc/nginx/sites-available/deployment' do
	group 'root'
	mode '644'
	owner 'root'
	source 'deployment.erb'
	end
	end

	# Catch undefined requests and return a "No can has."
	template '/etc/nginx/sites-available/undefined_reqs' do
	group 'root'
	mode '644'
	owner 'root'
	source 'undefined_reqs.erb'
	end

	link '/etc/nginx/sites-enabled/undefined_reqs' do
	to '/etc/nginx/sites-available/undefined_reqs'
	end

	# Common and repeated uwsgi configuration for various location blocks.
	template '/etc/nginx/uwsgi.conf' do
	group 'root'
	mode '644'
	owner 'root'
	source 'uwsgi.erb'
	end

	# Common uwsgi config for longer cached (24h) blocks.
	template '/etc/nginx/uwsgi_long_cache.conf' do
	group 'root'
	mode '644'
	owner 'root'
	source 'uwsgi_long_cache.erb'
	end

	link '/etc/nginx/sites-enabled/deployment' do
	to '/etc/nginx/sites-available/deployment'
	end

	# Create directory for SSL key storage.
	directory '/etc/nginx/ssl' do
	group 'root'
	mode '644'
	owner 'root'
	end

	# Add FeedMagnet SSL Cert/Key
	cookbook_file '/etc/nginx/ssl/feedmagnet-ssl.crt' do
	group 'root'
	mode '644'
	owner 'root'
	source 'feedmagnet-ssl.crt'
	end

	cookbook_file '/etc/nginx/ssl/feedmagnet-ssl.key' do
	group 'root'
	mode '644'
	owner 'root'
	source 'feedmagnet-ssl.key'
	end

	# Set up serving customer implementations
	if node.chef_environment.include?('large')
	dash_index = node.hostname.index("-")
	base_server_name = node.hostname[0,dash_index]
	# Large template
	template '/etc/nginx/sites-available/customer_implementations' do
	group 'root'
	mode '644'
	owner 'root'
	source 'customer_implementations_large.erb'
	variables({
	:load_balanced_server_name => base_server_name
	})
	end
	else
	template '/etc/nginx/sites-available/customer_implementations' do
	group 'root'
	mode '644'
	owner 'root'
	source 'customer_implementations.erb'
	end
	end

	link '/etc/nginx/sites-enabled/customer_implementations' do
	to '/etc/nginx/sites-available/customer_implementations'
	end

	# reload the config.
	service 'nginx' do
	action :reload
	end