From 3a5a038f7e7616edcf3d757eb014517fe3334776 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= <greg@karekinian.com>
Date: Wed, 28 Jun 2023 18:53:59 +0200
Subject: [PATCH] Replace application cookbook with git resource

---
 site-cookbooks/kosmos-hubot/metadata.rb       |   1 -
 .../recipes/botka_irc-libera-chat.rb          | 143 +++++++-------
 .../kosmos-hubot/recipes/hal8000_xmpp.rb      | 181 +++++++++---------
 .../default/nodejs.systemd.service.erb        |  19 --
 4 files changed, 163 insertions(+), 181 deletions(-)
 delete mode 100644 site-cookbooks/kosmos-hubot/templates/default/nodejs.systemd.service.erb

diff --git a/site-cookbooks/kosmos-hubot/metadata.rb b/site-cookbooks/kosmos-hubot/metadata.rb
index 75f13c4..4867b00 100644
--- a/site-cookbooks/kosmos-hubot/metadata.rb
+++ b/site-cookbooks/kosmos-hubot/metadata.rb
@@ -10,6 +10,5 @@ depends 'kosmos-base'
 depends 'kosmos-nodejs'
 depends 'kosmos-ipfs'
 depends 'firewall'
-depends 'application_javascript'
 depends 'git'
 depends 'redisio'
diff --git a/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb b/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb
index 52d4c87..1e51b9e 100644
--- a/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb
+++ b/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb
@@ -18,85 +18,86 @@ include_recipe "kosmos-hubot::_user"
 include_recipe "kosmos-hubot::_nodejs"
 include_recipe "kosmos-base::firewall"
 
-application app_path do
-  credentials = Chef::EncryptedDataBagItem.load('credentials', app_name)
+credentials = Chef::EncryptedDataBagItem.load('credentials', app_name)
 
+git app_path do
+  user       app_user
+  group      app_group
+  repository "https://gitea.kosmos.org/kosmos/botka.git"
+  revision   "master"
+  notifies :restart, "systemd_unit[#{app_name}.service]", :delayed
+end
+
+file "#{app_path}/external-scripts.json" do
+  mode  "0640"
   owner app_user
   group app_group
+  content [
+    "hubot-help",
+    "hubot-redis-brain",
+    "hubot-remotestorage-logger",
+    "hubot-web-push-notifications",
+  ].to_json
+end
 
-  git do
-    user       app_user
-    group      app_group
-    repository "https://gitea.kosmos.org/kosmos/botka.git"
-    revision   "master"
-  end
+execute "npm install" do
+  cwd app_path
+  environment "HOME" => app_path
+  user app_user
+end
 
-  file "#{app_path}/external-scripts.json" do
-    mode  "0640"
-    owner app_user
-    group app_group
-    content [
-      "hubot-help",
-      "hubot-redis-brain",
-      "hubot-remotestorage-logger",
-      "hubot-web-push-notifications",
-    ].to_json
-  end
+service_env = {
+  "HUBOT_LOG_LEVEL"             => node.chef_environment == "development" ? "debug" : "info",
+  "HUBOT_IRC_USESSL"            => "true",
+  "HUBOT_IRC_SERVER"            => credentials["znc_host"],
+  "HUBOT_IRC_PORT"              => credentials["znc_port"],
+  "HUBOT_IRC_NICK"              => "botka",
+  "HUBOT_IRC_USERNAME"          => credentials['znc_user'],
+  "HUBOT_IRC_PASSWORD"          => credentials['znc_password'],
+  "HUBOT_IRC_REALNAME"          => "botka (kosmos)",
+  "HUBOT_IRC_ROOMS"             => "#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub,#mastodon",
+  "HUBOT_IRC_UNFLOOD"           => "100",
+  "HUBOT_RSS_PRINTSUMMARY"      => "false",
+  "HUBOT_RSS_PRINTERROR"        => "false",
+  "HUBOT_RSS_IRCCOLORS"         => "true",
+  "REDIS_URL"                   => "redis://localhost:6379/botka",
+  "EXPRESS_PORT"                => node[app_name]['http_port'],
+  "HUBOT_AUTH_ADMIN"            => "bkero,raucao",
+  "HUBOT_HELP_REPLY_IN_PRIVATE" => "true",
+  "RS_LOGGER_USER"              => "kosmos@5apps.com",
+  "RS_LOGGER_TOKEN"             => credentials['rs_logger_token'],
+  "RS_LOGGER_SERVER_NAME"       => "irc.libera.chat",
+  "RS_LOGGER_PUBLIC"            => "true",
+  "GCM_API_KEY"                 => credentials['gcm_api_key'],
+  "VAPID_SUBJECT"               => "https://kosmos.org",
+  "VAPID_PUBLIC_KEY"            => credentials['vapid_public_key'],
+  "VAPID_PRIVATE_KEY"           => credentials['vapid_private_key']
+}
 
-  npm_install do
-    user app_user
-  end
+systemd_unit "#{app_name}.service" do
+  content({
+    Unit: {
+      Description: app_name,
+      Requires: "redis@6379.service",
+      After: "redis@6379.service"
+    },
 
-  execute "systemctl daemon-reload" do
-    command "systemctl daemon-reload"
-    action :nothing
-  end
+    Service: {
+      ExecStart: "#{app_path}/bin/hubot -a irc",
+      WorkingDirectory: app_path,
+      User: app_user,
+      Group: app_group,
+      Environment: service_env.map { |k, v| "'#{k}=#{v}'" },
+      Restart: 'always'
+    },
 
-  template "/lib/systemd/system/#{app_name}.service" do
-    source 'nodejs.systemd.service.erb'
-    owner 'root'
-    group 'root'
-    mode '0644'
-    variables(
-      user: app_user,
-      group: app_group,
-      app_dir: app_path,
-      entry: "#{app_path}/bin/hubot -a irc",
-      environment: {
-        "HUBOT_LOG_LEVEL"             => node.chef_environment == "development" ? "debug" : "info",
-        "HUBOT_IRC_USESSL"            => "true",
-        "HUBOT_IRC_SERVER"            => credentials["znc_host"],
-        "HUBOT_IRC_PORT"              => credentials["znc_port"],
-        "HUBOT_IRC_NICK"              => "botka",
-        "HUBOT_IRC_USERNAME"          => credentials['znc_user'],
-        "HUBOT_IRC_PASSWORD"          => credentials['znc_password'],
-        "HUBOT_IRC_REALNAME"          => "botka (kosmos)",
-        "HUBOT_IRC_ROOMS"             => "#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub,#mastodon",
-        "HUBOT_IRC_UNFLOOD"           => "100",
-        "HUBOT_RSS_PRINTSUMMARY"      => "false",
-        "HUBOT_RSS_PRINTERROR"        => "false",
-        "HUBOT_RSS_IRCCOLORS"         => "true",
-        "REDIS_URL"                   => "redis://localhost:6379/botka",
-        "EXPRESS_PORT"                => node[app_name]['http_port'],
-        "HUBOT_AUTH_ADMIN"            => "bkero,raucao",
-        "HUBOT_HELP_REPLY_IN_PRIVATE" => "true",
-        "RS_LOGGER_USER"              => "kosmos@5apps.com",
-        "RS_LOGGER_TOKEN"             => credentials['rs_logger_token'],
-        "RS_LOGGER_SERVER_NAME"       => "irc.libera.chat",
-        "RS_LOGGER_PUBLIC"            => "true",
-        "GCM_API_KEY"                 => credentials['gcm_api_key'],
-        "VAPID_SUBJECT"               => "https://kosmos.org",
-        "VAPID_PUBLIC_KEY"            => credentials['vapid_public_key'],
-        "VAPID_PRIVATE_KEY"           => credentials['vapid_private_key']
-      }
-    )
-    notifies :run, "execute[systemctl daemon-reload]", :delayed
-    notifies :restart, "service[#{app_name}]", :delayed
-  end
-
-  service app_name do
-    action [:enable, :start]
-  end
+    Install: {
+      WantedBy: 'multi-user.target'
+    }
+  })
+  verify false
+  triggers_reload true
+  action [:create, :enable, :start]
 end
 
 firewall_rule app_name do
diff --git a/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb b/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb
index f83e084..3afc8df 100644
--- a/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb
+++ b/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb
@@ -18,41 +18,40 @@ include_recipe "kosmos-hubot::_user"
 include_recipe "kosmos-hubot::_nodejs"
 include_recipe "kosmos-base::firewall"
 
-application app_path do
-  data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name)
+data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name)
 
+git app_path do
+  user       app_user
+  group      app_group
+  repository "https://gitea.kosmos.org/kosmos/hal8000.git"
+  revision   "master"
+  notifies :restart, "systemd_unit[#{app_name}.service]", :delayed
+end
+
+file "#{app_path}/external-scripts.json" do
+  mode  "0640"
   owner app_user
   group app_group
+  content node[app_name]['hubot_scripts'].to_json
+end
 
-  git do
-    user       app_user
-    group      app_group
-    repository "https://gitea.kosmos.org/kosmos/hal8000.git"
-    revision   "master"
-  end
+execute "npm install" do
+  cwd app_path
+  environment "HOME" => app_path
+  user app_user
+end
 
-  file "#{app_path}/external-scripts.json" do
-    mode  "0640"
-    owner app_user
-    group app_group
-    content node[app_name]['hubot_scripts'].to_json
-  end
+ipfs_host = search(:node, "role:ipfs_gateway").first["knife_zero"]["host"]
+node.override[app_name]['kredits']['ipfs_host'] = ipfs_host
 
-  npm_install do
-    user app_user
-  end
+rsk_node_ip = search(:node, "role:rskj_testnet").first["knife_zero"]["host"]
+node.override[app_name]['kredits']['provider_url'] = "http://#{rsk_node_ip}:4444"
 
-  ipfs_host = search(:node, "role:ipfs_gateway").first["knife_zero"]["host"]
-  node.override[app_name]['kredits']['ipfs_host'] = ipfs_host
-
-  rsk_node_ip = search(:node, "role:rskj_testnet").first["knife_zero"]["host"]
-  node.override[app_name]['kredits']['provider_url'] = "http://#{rsk_node_ip}:4444"
-
-  file "#{app_path}/node_modules/@kredits/hubot-kredits/.env" do
-    mode "0600"
-    owner app_user
-    group app_group
-    content <<-EOF
+file "#{app_path}/node_modules/@kredits/hubot-kredits/.env" do
+  mode "0600"
+  owner app_user
+  group app_group
+  content <<-EOF
 GITEA_TOKEN=#{data_bag['gitea_token']}
 GITHUB_TOKEN=#{data_bag['github_token']}
 KREDITS_PROVIDER_URL=#{node[app_name]['kredits']['provider_url']}
@@ -61,72 +60,74 @@ IPFS_API_PORT=#{node[app_name]['kredits']['ipfs_port']}
 IPFS_API_PROTOCOL=#{node[app_name]['kredits']['ipfs_protocol']}
 KREDITS_WALLET_PATH=../../#{node[app_name]['kredits']['wallet_path']}
 KREDITS_WALLET_PASSWORD=#{data_bag['kredits_wallet_password']}
-    EOF
-  end
+  EOF
+end
 
-  execute "systemctl daemon-reload" do
-    command "systemctl daemon-reload"
-    action :nothing
-  end
+cookbook_file "#{app_path}/wallet.json" do
+  source "wallet.json"
+end
 
-  template "/lib/systemd/system/#{app_name}.service" do
-    source 'nodejs.systemd.service.erb'
-    owner 'root'
-    group 'root'
-    mode '0644'
-    variables(
-      user: app_user,
-      group: app_user,
-      app_dir: app_path,
-      entry: "#{app_path}/bin/hubot -a xmpp --name hal8000",
-      environment: {
-        "HUBOT_LOG_LEVEL"                => node.chef_environment == "development" ? "debug" : "info",
-        "HUBOT_XMPP_USERNAME"            => "hal8000@kosmos.org/hubot",
-        "HUBOT_XMPP_PASSWORD"            => data_bag['xmpp_password'],
-        "HUBOT_XMPP_HOST"                => "xmpp.kosmos.org",
-        "HUBOT_XMPP_ROOMS"               => node[app_name]['rooms'].join(','),
-        "HUBOT_AUTH_ADMIN"               => node[app_name]['auth_admins'].join(','),
-        "HUBOT_RSS_PRINTSUMMARY"         => "false",
-        "HUBOT_RSS_PRINTERROR"           => "false",
-        "HUBOT_RSS_IRCCOLORS"            => "true",
-        "HUBOT_PLUSPLUS_POINTS_TERM"     => "karma,karma",
-        "HUBOT_RSS_HEADER"               => "Update:",
-        "HUBOT_HELP_REPLY_IN_PRIVATE"    => "true",
-        "REDIS_URL"                      => "redis://localhost:6379/#{app_name}",
-        "EXPRESS_PORT"                   => node[app_name]['http_port'],
-        "WEBHOOK_TOKEN"                  => data_bag['webhook_token'],
-        "IPFS_API_HOST"                  => node[app_name]['kredits']['ipfs_host'],
-        "IPFS_API_PORT"                  => node[app_name]['kredits']['ipfs_port'],
-        "IPFS_API_PROTOCOL"              => node[app_name]['kredits']['ipfs_protocol'],
-        "KREDITS_WEB_URL"                => node[app_name]['kredits']['web_url'],
-        "KREDITS_ROOM"                   => node[app_name]['kredits']['room'],
-        "KREDITS_WEBHOOK_TOKEN"          => data_bag['kredits_webhook_token'],
-        "KREDITS_PROVIDER_URL"           => node[app_name]['kredits']['provider_url'],
-        "KREDITS_WALLET_PATH"            => node[app_name]['kredits']['wallet_path'],
-        "KREDITS_WALLET_PASSWORD"        => data_bag['kredits_wallet_password'],
-        "KREDITS_MEDIAWIKI_URL"          => node[app_name]['kredits']['mediawiki_url'],
-        "KREDITS_GITHUB_REPO_BLACKLIST"  => node[app_name]['kredits']['github_repo_blacklist'],
-        "KREDITS_GITEA_REPO_BLACKLIST"   => node[app_name]['kredits']['gitea_repo_blacklist'],
-        "KREDITS_GRANT_HOST"             => node[app_name]['domain'],
-        "KREDITS_GRANT_PROTOCOL"         => "https",
-        "KREDITS_SESSION_SECRET"         => data_bag['kredits_session_secret'],
-        "KREDITS_GITHUB_KEY"             => data_bag['kredits_github_key'],
-        "KREDITS_GITHUB_SECRET"          => data_bag['kredits_github_secret'],
-        "KREDITS_ZOOM_JWT"               => data_bag['kredits_zoom_jwt'],
-        "KREDITS_ZOOM_MEETING_WHITELIST" => "414901303,82557072771"
-      }
-    )
-    notifies :run, "execute[systemctl daemon-reload]", :delayed
-    notifies :restart, "service[#{app_name}]", :delayed
-  end
+service_env = {
+  "HUBOT_LOG_LEVEL"                => node.chef_environment == "development" ? "debug" : "info",
+  "HUBOT_XMPP_USERNAME"            => "hal8000@kosmos.org/hubot",
+  "HUBOT_XMPP_PASSWORD"            => data_bag['xmpp_password'],
+  "HUBOT_XMPP_HOST"                => "xmpp.kosmos.org",
+  "HUBOT_XMPP_ROOMS"               => node[app_name]['rooms'].join(','),
+  "HUBOT_AUTH_ADMIN"               => node[app_name]['auth_admins'].join(','),
+  "HUBOT_RSS_PRINTSUMMARY"         => "false",
+  "HUBOT_RSS_PRINTERROR"           => "false",
+  "HUBOT_RSS_IRCCOLORS"            => "true",
+  "HUBOT_PLUSPLUS_POINTS_TERM"     => "karma,karma",
+  "HUBOT_RSS_HEADER"               => "Update:",
+  "HUBOT_HELP_REPLY_IN_PRIVATE"    => "true",
+  "REDIS_URL"                      => "redis://localhost:6379/#{app_name}",
+  "EXPRESS_PORT"                   => node[app_name]['http_port'],
+  "WEBHOOK_TOKEN"                  => data_bag['webhook_token'],
+  "IPFS_API_HOST"                  => node[app_name]['kredits']['ipfs_host'],
+  "IPFS_API_PORT"                  => node[app_name]['kredits']['ipfs_port'],
+  "IPFS_API_PROTOCOL"              => node[app_name]['kredits']['ipfs_protocol'],
+  "KREDITS_WEB_URL"                => node[app_name]['kredits']['web_url'],
+  "KREDITS_ROOM"                   => node[app_name]['kredits']['room'],
+  "KREDITS_WEBHOOK_TOKEN"          => data_bag['kredits_webhook_token'],
+  "KREDITS_PROVIDER_URL"           => node[app_name]['kredits']['provider_url'],
+  "KREDITS_WALLET_PATH"            => node[app_name]['kredits']['wallet_path'],
+  "KREDITS_WALLET_PASSWORD"        => data_bag['kredits_wallet_password'],
+  "KREDITS_MEDIAWIKI_URL"          => node[app_name]['kredits']['mediawiki_url'],
+  "KREDITS_GITHUB_REPO_BLACKLIST"  => node[app_name]['kredits']['github_repo_blacklist'],
+  "KREDITS_GITEA_REPO_BLACKLIST"   => node[app_name]['kredits']['gitea_repo_blacklist'],
+  "KREDITS_GRANT_HOST"             => node[app_name]['domain'],
+  "KREDITS_GRANT_PROTOCOL"         => "https",
+  "KREDITS_SESSION_SECRET"         => data_bag['kredits_session_secret'],
+  "KREDITS_GITHUB_KEY"             => data_bag['kredits_github_key'],
+  "KREDITS_GITHUB_SECRET"          => data_bag['kredits_github_secret'],
+  "KREDITS_ZOOM_JWT"               => data_bag['kredits_zoom_jwt'],
+  "KREDITS_ZOOM_MEETING_WHITELIST" => "414901303,82557072771"
+}
 
-  cookbook_file "#{app_path}/wallet.json" do
-    source "wallet.json"
-  end
+systemd_unit "#{app_name}.service" do
+  content({
+    Unit: {
+      Description: app_name,
+      Requires: "redis@6379.service",
+      After: "redis@6379.service"
+    },
 
-  service app_name do
-    action [:enable, :start]
-  end
+    Service: {
+      ExecStart: "#{app_path}/bin/hubot -a xmpp --name hal8000",
+      WorkingDirectory: app_path,
+      User: app_user,
+      Group: app_group,
+      Environment: service_env.map { |k, v| "'#{k}=#{v}'" },
+      Restart: 'always'
+    },
+
+    Install: {
+      WantedBy: 'multi-user.target'
+    }
+  })
+  verify false
+  triggers_reload true
+  action [:create, :enable, :start]
 end
 
 firewall_rule app_name do
diff --git a/site-cookbooks/kosmos-hubot/templates/default/nodejs.systemd.service.erb b/site-cookbooks/kosmos-hubot/templates/default/nodejs.systemd.service.erb
deleted file mode 100644
index b254622..0000000
--- a/site-cookbooks/kosmos-hubot/templates/default/nodejs.systemd.service.erb
+++ /dev/null
@@ -1,19 +0,0 @@
-[Unit]
-Description=Start nodejs app
-<% unless @without_redis %>
-Requires=redis@6379.service
-After=redis@6379.service
-<% end %>
-
-[Service]
-ExecStart=<%= @entry %>
-WorkingDirectory=<%= @app_dir %>
-User=<%= @user %>
-Group=<%= @group %>
-<% unless @environment.empty? -%>
-Environment=<% @environment.each do |key, value| -%>'<%= key %>=<%= value %>' <% end %>
-<% end -%>
-Restart=always
-
-[Install]
-WantedBy=multi-user.target