Last active
May 11, 2018 14:27
-
-
Save raucao/b0def553f38b1f9ac48dee271fa74327 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Cookbook Name:: kosmos-mastodon | |
# Recipe:: default | |
# | |
include_recipe "kosmos-nodejs" | |
include_recipe "kosmos-redis" | |
node.override['postgresql']['enable_pgdg_apt'] = false | |
include_recipe "postgresql::server" | |
include_recipe "postgresql::ruby" | |
unless node.chef_environment == "development" | |
node.override['postgresql']['config_pgtune']['db_type'] = "web" | |
include_recipe "postgresql::config_pgtune" | |
end | |
postgresql_database 'mastodon' do | |
connection( | |
host: '127.0.0.1', | |
port: 5432, | |
username: 'postgres', | |
password: node['postgresql']['password']['postgres'] | |
) | |
action :create | |
end | |
mastodon_path = node["kosmos-mastodon"]["directory"] | |
group "mastodon" do | |
gid 62786 | |
end | |
user "mastodon" do | |
comment "mastodon user" | |
uid 62786 | |
gid 62786 | |
shell "/bin/bash" | |
home mastodon_path | |
end | |
package %w(imagemagick ffmpeg libxml2-dev libxslt1-dev file git curl pkg-config | |
libprotobuf-dev protobuf-compiler libidn11 libidn11-dev libjemalloc1) | |
npm_package "yarn" do | |
version "1.3.2" | |
end | |
ruby_version = "2.4.2" | |
application mastodon_path do | |
owner "mastodon" | |
group "mastodon" | |
environment "HOME" => mastodon_path | |
ruby_runtime ruby_version do | |
provider :ruby_build | |
version ruby_version | |
end | |
git do | |
user "mastodon" | |
group "mastodon" | |
repository "https://github.com/67P/mastodon.git" | |
revision "kosmos" | |
end | |
mastodon_credentials = Chef::EncryptedDataBagItem.load('credentials', 'mastodon') | |
template ".env.production" do | |
source "env.production.erb" | |
mode "0640" | |
owner "mastodon" | |
group "mastodon" | |
variables redis_url: node["kosmos-mastodon"]["redis_url"], | |
domain: node["kosmos-mastodon"]["server_name"], | |
paperclip_secret: mastodon_credentials['paperclip_secret'], | |
secret_key_base: mastodon_credentials['secret_key_base'], | |
otp_secret: mastodon_credentials['otp_secret'], | |
smtp_login: mastodon_credentials['smtp_user_name'], | |
smtp_password: mastodon_credentials['smtp_password'], | |
smtp_from_address: "mail@#{node['kosmos-mastodon']['server_name']}", | |
s3_bucket: "kosmos-social", | |
aws_access_key_id: mastodon_credentials['aws_access_key_id'], | |
aws_secret_access_key: mastodon_credentials['aws_secret_access_key'], | |
s3_region: "eu-west-1", | |
vapid_private_key: mastodon_credentials['vapid_private_key'], | |
vapid_public_key: mastodon_credentials['vapid_public_key'] | |
end | |
directory "#{mastodon_path}/public/.well-known" do | |
owner node['nginx']['user'] | |
group node['nginx']['group'] | |
recursive true | |
end | |
bundle_install do | |
user "mastodon" | |
deployment true | |
without %w(development test) | |
end | |
execute do | |
environment "HOME" => mastodon_path | |
user "mastodon" | |
cwd mastodon_path | |
command "yarn install --pure-lockfile" | |
end | |
rails do | |
migrate true | |
rails_env "production" | |
precompile_assets false # buggy, done manually below | |
end | |
# This is the only way I could find that makes compiling the assets | |
# successfully for now. application_ruby's precompile_assets crashes because | |
# it cannot find the bundled gems | |
execute 'rake assets:precompile' do | |
environment "RAILS_ENV" => "production", "HOME" => mastodon_path | |
user "mastodon" | |
group "mastodon" | |
cwd mastodon_path | |
command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" /opt/ruby_build/builds/#{ruby_version}/bin/bundle exec rake assets:precompile" | |
end | |
execute "systemctl daemon-reload" do | |
command "systemctl daemon-reload" | |
action :nothing | |
end | |
# mastodon-web service | |
# | |
template "/lib/systemd/system/mastodon-web.service" do | |
source "mastodon-web.systemd.service.erb" | |
variables user: user, | |
app_dir: mastodon_path, | |
port: node["kosmos-mastodon"]["puma_port"], | |
bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle" | |
notifies :run, "execute[systemctl daemon-reload]", :delayed | |
notifies :restart, "service[mastodon-web]", :delayed | |
end | |
service "mastodon-web" do | |
action [:enable, :start] | |
end | |
# mastodon-sidekiq service | |
# | |
template "/lib/systemd/system/mastodon-sidekiq.service" do | |
source "mastodon-sidekiq.systemd.service.erb" | |
variables user: user, | |
app_dir: mastodon_path, | |
bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle" | |
notifies :run, "execute[systemctl daemon-reload]", :delayed | |
notifies :restart, "service[mastodon-sidekiq]", :delayed | |
end | |
service "mastodon-sidekiq" do | |
action [:enable, :start] | |
end | |
# mastodon-streaming service | |
# | |
template "/lib/systemd/system/mastodon-streaming.service" do | |
source "mastodon-streaming.systemd.service.erb" | |
variables user: user, | |
app_dir: mastodon_path, | |
port: node["kosmos-mastodon"]["streaming_port"] | |
notifies :run, "execute[systemctl daemon-reload]", :delayed | |
notifies :restart, "service[mastodon-streaming]", :delayed | |
end | |
service "mastodon-streaming" do | |
action [:enable, :start] | |
end | |
end | |
unless node.chef_environment == "development" | |
# Backup the database to S3 | |
node.override["backup"]["postgresql"]["host"] = "localhost" | |
node.override["backup"]["postgresql"]["username"] = "postgres" | |
node.override["backup"]["postgresql"]["password"] = node['postgresql']['password']['postgres'] | |
include_recipe "backup" | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment