kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Update the kosmos-mastodon cookbook to use the new postgresql cookbook

Browse Source 
Don't depend on the deprecated database cookbook to create the database
This commit is contained in:
Greg Karékinian 2019-04-10 11:46:50 +02:00
parent f6d88bbd66
commit 126b5f8dd5
4 changed files with 44 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
data_bags/credentials/postgresql.json
View File

@ -1,16 +1,23 @@
{ {
"id": "postgresql", "id": "postgresql",
"ejabberd_user_password": { "ejabberd_user_password": {
"encrypted_data": "S/vdx+qZ4FWtbM29yDRoIgjvFORoArJVlanPm/el1nCM0se0pnxw\n", "encrypted_data": "OTwgFCOLHgoFLsdcHs1U04sJf7ZzVepeDwlNmPMtO8FtyzpfySY9\n",
"iv": "ARRo7yYYb7fve7Fv\n", "iv": "k9wX2WEsJyJn+OYs\n",
"auth_tag": "q7AGIahxB50jHjD+/9po0g==\n", "auth_tag": "fL/HNcno/MuWE+yQOFCC3g==\n",
"version": 3, "version": 3,
"cipher": "aes-256-gcm" "cipher": "aes-256-gcm"
}, },
"server_password": { "server_password": {
"encrypted_data": "guWsuw7EqHQGMawW9P77Q12P8tUslpXE3AwRbobJlaTClVU08kcz\n", "encrypted_data": "4Y87daXYAxzfYxRIkR8b+DLOp4+dYJnc91hN22iWmOfO3umv8wZU\n",
"iv": "ELRNrSW+zKYfL/eb\n", "iv": "LDeMAKUEIq9oe2Zu\n",
"auth_tag": "zayCIjABap1NsOewJDzapA==\n", "auth_tag": "uVaRO+t/KSFebrEB6wp+yQ==\n",
"version": 3,
"cipher": "aes-256-gcm"
},
"mastodon_user_password": {
"encrypted_data": "s/XxLUwjZsJ/XidEVi50oePBR4OQ0z/3czs9uOcw1fA1c6qqEzb98iHXpw==\n",
"iv": "pKvwLeC05f7P+cke\n",
"auth_tag": "/yHUD+RSCMhLhrnQJAZqrw==\n",
"version": 3, "version": 3,
"cipher": "aes-256-gcm" "cipher": "aes-256-gcm"
} }

2
site-cookbooks/kosmos-mastodon/metadata.rb
View File

@ -13,5 +13,5 @@ depends "poise-ruby-build"
depends "application_ruby" depends "application_ruby"
depends "application_javascript" depends "application_javascript"
depends "postgresql" depends "postgresql"
depends "database" depends "kosmos-postgresql"
depends "backup" depends "backup"

36
site-cookbooks/kosmos-mastodon/recipes/default.rb
View File

@ -8,23 +8,21 @@
# #
include_recipe "kosmos-nodejs" include_recipe "kosmos-nodejs"
include_recipe "kosmos-redis" include_recipe "kosmos-redis"
include_recipe "kosmos-postgresql"
node.override['postgresql']['enable_pgdg_apt'] = false # Remove the condition once we have migrated mastodon to andromeda
include_recipe "postgresql::server" unless platform?('ubuntu') && node[:platform_version].to_f < 18.04
include_recipe "postgresql::ruby" postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
unless node.chef_environment == "development"
node.override['postgresql']['config_pgtune']['db_type'] = "web"
include_recipe "postgresql::config_pgtune"
end
postgresql_database 'mastodon' do postgresql_user 'mastodon' do
connection(
host: '127.0.0.1',
port: 5432,
username: 'postgres',
password: node['postgresql']['password']['postgres']
)
action :create action :create
password postgresql_data_bag_item['mastodon_user_password']
end
postgresql_database 'mastodon' do
owner 'mastodon'
action :create
end
end end
mastodon_path = node["kosmos-mastodon"]["directory"] mastodon_path = node["kosmos-mastodon"]["directory"]
@ -112,7 +110,7 @@ application mastodon_path do
revision "production" revision "production"
end end
mastodon_credentials = Chef::EncryptedDataBagItem.load('credentials', 'mastodon') mastodon_credentials = data_bag_item('credentials', 'mastodon')
template ".env.production" do template ".env.production" do
source "env.production.erb" source "env.production.erb"
@ -132,7 +130,8 @@ application mastodon_path do
aws_secret_access_key: mastodon_credentials['aws_secret_access_key'], aws_secret_access_key: mastodon_credentials['aws_secret_access_key'],
s3_region: "eu-west-1", s3_region: "eu-west-1",
vapid_private_key: mastodon_credentials['vapid_private_key'], vapid_private_key: mastodon_credentials['vapid_private_key'],
vapid_public_key: mastodon_credentials['vapid_public_key'] vapid_public_key: mastodon_credentials['vapid_public_key'],
db_pass: postgresql_data_bag_item['mastodon_user_password']
end end
bundle_install do bundle_install do
@ -184,8 +183,13 @@ end
unless node.chef_environment == "development" unless node.chef_environment == "development"
node.override["backup"]["postgresql"]["host"] = "localhost" node.override["backup"]["postgresql"]["host"] = "localhost"
unless platform?('ubuntu') && node[:platform_version].to_f < 18.04
node.override["backup"]["postgresql"]["username"] = "mastodon"
node.override["backup"]["postgresql"]["password"] = postgres_password
else
node.override["backup"]["postgresql"]["username"] = "postgres" node.override["backup"]["postgresql"]["username"] = "postgres"
node.override["backup"]["postgresql"]["password"] = node['postgresql']['password']['postgres'] node.override["backup"]["postgresql"]["password"] = node['postgresql']['password']['postgres']
end
unless node["backup"]["postgresql"]["databases"].include? 'mastodon' unless node["backup"]["postgresql"]["databases"].include? 'mastodon'
node.override["backup"]["postgresql"]["databases"] = node.override["backup"]["postgresql"]["databases"] =
node["backup"]["postgresql"]["databases"].to_a << "mastodon" node["backup"]["postgresql"]["databases"].to_a << "mastodon"

8
site-cookbooks/kosmos-mastodon/templates/default/env.production.erb
View File

@ -1,9 +1,15 @@
# Service dependencies # Service dependencies
REDIS_URL=<%= @redis_url %> REDIS_URL=<%= @redis_url %>
DB_HOST=localhost DB_HOST=localhost
DB_USER=postgres
DB_NAME=mastodon DB_NAME=mastodon
# Remove the condition once we have migrated mastodon to andromeda
<% if node[:platform_version].to_f < 18.04 -%>
DB_USER=postgres
DB_PASS=<%= node['postgresql']['password']['postgres'] %> DB_PASS=<%= node['postgresql']['password']['postgres'] %>
<% else -%>
DB_USER=mastodon
DB_PASS=<%= @db_pass %>
<% end -%>
DB_PORT=5432 DB_PORT=5432
# Federation # Federation