From 126b5f8dd51906d7bf2767db7b06e30bd8d431d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Wed, 10 Apr 2019 11:46:50 +0200 Subject: [PATCH] Update the kosmos-mastodon cookbook to use the new postgresql cookbook Don't depend on the deprecated database cookbook to create the database --- data_bags/credentials/postgresql.json | 19 ++++++--- site-cookbooks/kosmos-mastodon/metadata.rb | 2 +- .../kosmos-mastodon/recipes/default.rb | 42 ++++++++++--------- .../templates/default/env.production.erb | 8 +++- 4 files changed, 44 insertions(+), 27 deletions(-) diff --git a/data_bags/credentials/postgresql.json b/data_bags/credentials/postgresql.json index 87a3edf..d05711a 100644 --- a/data_bags/credentials/postgresql.json +++ b/data_bags/credentials/postgresql.json @@ -1,16 +1,23 @@ { "id": "postgresql", "ejabberd_user_password": { - "encrypted_data": "S/vdx+qZ4FWtbM29yDRoIgjvFORoArJVlanPm/el1nCM0se0pnxw\n", - "iv": "ARRo7yYYb7fve7Fv\n", - "auth_tag": "q7AGIahxB50jHjD+/9po0g==\n", + "encrypted_data": "OTwgFCOLHgoFLsdcHs1U04sJf7ZzVepeDwlNmPMtO8FtyzpfySY9\n", + "iv": "k9wX2WEsJyJn+OYs\n", + "auth_tag": "fL/HNcno/MuWE+yQOFCC3g==\n", "version": 3, "cipher": "aes-256-gcm" }, "server_password": { - "encrypted_data": "guWsuw7EqHQGMawW9P77Q12P8tUslpXE3AwRbobJlaTClVU08kcz\n", - "iv": "ELRNrSW+zKYfL/eb\n", - "auth_tag": "zayCIjABap1NsOewJDzapA==\n", + "encrypted_data": "4Y87daXYAxzfYxRIkR8b+DLOp4+dYJnc91hN22iWmOfO3umv8wZU\n", + "iv": "LDeMAKUEIq9oe2Zu\n", + "auth_tag": "uVaRO+t/KSFebrEB6wp+yQ==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "mastodon_user_password": { + "encrypted_data": "s/XxLUwjZsJ/XidEVi50oePBR4OQ0z/3czs9uOcw1fA1c6qqEzb98iHXpw==\n", + "iv": "pKvwLeC05f7P+cke\n", + "auth_tag": "/yHUD+RSCMhLhrnQJAZqrw==\n", "version": 3, "cipher": "aes-256-gcm" } diff --git a/site-cookbooks/kosmos-mastodon/metadata.rb b/site-cookbooks/kosmos-mastodon/metadata.rb index 40bf21c..138f220 100644 --- a/site-cookbooks/kosmos-mastodon/metadata.rb +++ b/site-cookbooks/kosmos-mastodon/metadata.rb @@ -13,5 +13,5 @@ depends "poise-ruby-build" depends "application_ruby" depends "application_javascript" depends "postgresql" -depends "database" +depends "kosmos-postgresql" depends "backup" diff --git a/site-cookbooks/kosmos-mastodon/recipes/default.rb b/site-cookbooks/kosmos-mastodon/recipes/default.rb index b5b3718..42c775a 100644 --- a/site-cookbooks/kosmos-mastodon/recipes/default.rb +++ b/site-cookbooks/kosmos-mastodon/recipes/default.rb @@ -8,23 +8,21 @@ # include_recipe "kosmos-nodejs" include_recipe "kosmos-redis" +include_recipe "kosmos-postgresql" -node.override['postgresql']['enable_pgdg_apt'] = false -include_recipe "postgresql::server" -include_recipe "postgresql::ruby" -unless node.chef_environment == "development" - node.override['postgresql']['config_pgtune']['db_type'] = "web" - include_recipe "postgresql::config_pgtune" -end +# Remove the condition once we have migrated mastodon to andromeda +unless platform?('ubuntu') && node[:platform_version].to_f < 18.04 + postgresql_data_bag_item = data_bag_item('credentials', 'postgresql') -postgresql_database 'mastodon' do - connection( - host: '127.0.0.1', - port: 5432, - username: 'postgres', - password: node['postgresql']['password']['postgres'] - ) - action :create + postgresql_user 'mastodon' do + action :create + password postgresql_data_bag_item['mastodon_user_password'] + end + + postgresql_database 'mastodon' do + owner 'mastodon' + action :create + end end mastodon_path = node["kosmos-mastodon"]["directory"] @@ -112,7 +110,7 @@ application mastodon_path do revision "production" end - mastodon_credentials = Chef::EncryptedDataBagItem.load('credentials', 'mastodon') + mastodon_credentials = data_bag_item('credentials', 'mastodon') template ".env.production" do source "env.production.erb" @@ -132,7 +130,8 @@ application mastodon_path do aws_secret_access_key: mastodon_credentials['aws_secret_access_key'], s3_region: "eu-west-1", vapid_private_key: mastodon_credentials['vapid_private_key'], - vapid_public_key: mastodon_credentials['vapid_public_key'] + vapid_public_key: mastodon_credentials['vapid_public_key'], + db_pass: postgresql_data_bag_item['mastodon_user_password'] end bundle_install do @@ -184,8 +183,13 @@ end unless node.chef_environment == "development" node.override["backup"]["postgresql"]["host"] = "localhost" - node.override["backup"]["postgresql"]["username"] = "postgres" - node.override["backup"]["postgresql"]["password"] = node['postgresql']['password']['postgres'] + unless platform?('ubuntu') && node[:platform_version].to_f < 18.04 + node.override["backup"]["postgresql"]["username"] = "mastodon" + node.override["backup"]["postgresql"]["password"] = postgres_password + else + node.override["backup"]["postgresql"]["username"] = "postgres" + node.override["backup"]["postgresql"]["password"] = node['postgresql']['password']['postgres'] + end unless node["backup"]["postgresql"]["databases"].include? 'mastodon' node.override["backup"]["postgresql"]["databases"] = node["backup"]["postgresql"]["databases"].to_a << "mastodon" diff --git a/site-cookbooks/kosmos-mastodon/templates/default/env.production.erb b/site-cookbooks/kosmos-mastodon/templates/default/env.production.erb index f72cfb3..11bce2f 100644 --- a/site-cookbooks/kosmos-mastodon/templates/default/env.production.erb +++ b/site-cookbooks/kosmos-mastodon/templates/default/env.production.erb @@ -1,9 +1,15 @@ # Service dependencies REDIS_URL=<%= @redis_url %> DB_HOST=localhost -DB_USER=postgres DB_NAME=mastodon +# Remove the condition once we have migrated mastodon to andromeda +<% if node[:platform_version].to_f < 18.04 -%> +DB_USER=postgres DB_PASS=<%= node['postgresql']['password']['postgres'] %> +<% else -%> +DB_USER=mastodon +DB_PASS=<%= @db_pass %> +<% end -%> DB_PORT=5432 # Federation