From 3cf9c3868b10c7a9d17e30e1301f98fc8c6d7e63 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Wed, 28 Jun 2023 17:23:05 +0200 Subject: [PATCH] Deploy mastodon without the application cookbooks --- site-cookbooks/kosmos-mastodon/metadata.rb | 4 +- .../kosmos-mastodon/recipes/default.rb | 219 ++++++++++-------- .../default/{env.production.erb => env.erb} | 0 3 files changed, 117 insertions(+), 106 deletions(-) rename site-cookbooks/kosmos-mastodon/templates/default/{env.production.erb => env.erb} (100%) diff --git a/site-cookbooks/kosmos-mastodon/metadata.rb b/site-cookbooks/kosmos-mastodon/metadata.rb index fa0b6f4..81fc2bf 100644 --- a/site-cookbooks/kosmos-mastodon/metadata.rb +++ b/site-cookbooks/kosmos-mastodon/metadata.rb @@ -6,16 +6,14 @@ description 'Installs/Configures Mastodon' long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) version '0.2.1' -depends 'application' -depends 'application_git' depends 'backup' depends 'elasticsearch' depends 'java' depends 'firewall' depends 'redisio' depends 'tor-full' -depends 'poise-ruby-build' depends 'postgresql' depends 'kosmos-nginx' depends 'kosmos-nodejs' depends 'kosmos_postgresql' +depends 'ruby_build' diff --git a/site-cookbooks/kosmos-mastodon/recipes/default.rb b/site-cookbooks/kosmos-mastodon/recipes/default.rb index 67db8ad..6b08a2e 100644 --- a/site-cookbooks/kosmos-mastodon/recipes/default.rb +++ b/site-cookbooks/kosmos-mastodon/recipes/default.rb @@ -71,6 +71,15 @@ npm_package "yarn" do end ruby_version = "3.0.4" +# ruby_version = "3.2.2" + +ruby_path = "/opt/ruby_build/builds/#{ruby_version}" +bundle_path = "#{ruby_path}/bin/bundle" + +ruby_build_install 'v20230615' +ruby_build_definition ruby_version do + prefix_path ruby_path +end execute "systemctl daemon-reload" do command "systemctl daemon-reload" @@ -85,7 +94,7 @@ template "/lib/systemd/system/mastodon-web.service" do app_dir: mastodon_path, bind: bind_ip, port: node["kosmos-mastodon"]["app_port"], - bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle" + bundle_path: bundle_path notifies :run, "execute[systemctl daemon-reload]", :immediately notifies :restart, "service[mastodon-web]", :delayed end @@ -96,7 +105,7 @@ template "/lib/systemd/system/mastodon-sidekiq.service" do source "mastodon-sidekiq.systemd.service.erb" variables user: mastodon_user, app_dir: mastodon_path, - bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle", + bundle_path: bundle_path, sidekiq_threads: node["kosmos-mastodon"]["sidekiq_threads"] notifies :run, "execute[systemctl daemon-reload]", :immediately notifies :restart, "service[mastodon-sidekiq]", :delayed @@ -108,7 +117,7 @@ template "/lib/systemd/system/mastodon-sidekiq-scheduler.service" do source "mastodon-sidekiq-scheduler.systemd.service.erb" variables user: mastodon_user, app_dir: mastodon_path, - bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle", + bundle_path: bundle_path, sidekiq_threads: 1 notifies :run, "execute[systemctl daemon-reload]", :immediately notifies :restart, "service[mastodon-sidekiq-scheduler]", :delayed @@ -126,110 +135,114 @@ template "/lib/systemd/system/mastodon-streaming.service" do notifies :restart, "service[mastodon-streaming]", :delayed end -application mastodon_path do - owner "mastodon" - group "mastodon" +rails_env = node.chef_environment == "development" ? "development" : "production" +deploy_env = { + # FIXME: /usr/bin was missing from PATH when running `yarn install` + "PATH" => "#{ruby_path}/bin:/usr/bin:$PATH", + "HOME" => mastodon_path, + "RAILS_ENV" => rails_env, + "NODE_ENV" => rails_env, + "SKIP_POST_DEPLOYMENT_MIGRATIONS" => "true" +} - # Take care of application restarts manually, in the git resource - action_on_update false +git mastodon_path do + user mastodon_user + group mastodon_user - environment "HOME" => mastodon_path, - "PATH" => "/opt/ruby_build/builds/#{ruby_version}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin" - - ruby_runtime ruby_version do - provider :ruby_build - version ruby_version - end - - git do - user mastodon_user - group mastodon_user - repository node["kosmos-mastodon"]["repo"] - revision node["kosmos-mastodon"]["revision"] - # Restart services on deployments - notifies :restart, "application[#{mastodon_path}]", :delayed - end - - mastodon_credentials = data_bag_item('credentials', 'mastodon') - - template ".env.production" do - source "env.production.erb" - mode "0640" - owner mastodon_user - group mastodon_user - variables redis_url: node["kosmos-mastodon"]["redis_url"], - domain: node["kosmos-mastodon"]["domain"], - alternate_domains: node["kosmos-mastodon"]["alternate_domains"], - paperclip_secret: mastodon_credentials['paperclip_secret'], - secret_key_base: mastodon_credentials['secret_key_base'], - otp_secret: mastodon_credentials['otp_secret'], - smtp_login: mastodon_credentials['smtp_user_name'], - smtp_password: mastodon_credentials['smtp_password'], - smtp_from_address: "mail@#{node['kosmos-mastodon']['domain']}", - s3_endpoint: node["kosmos-mastodon"]["s3_endpoint"], - s3_region: node["kosmos-mastodon"]["s3_region"], - s3_bucket: node["kosmos-mastodon"]["s3_bucket"], - s3_alias_host: node["kosmos-mastodon"]["s3_alias_host"], - aws_access_key_id: mastodon_credentials['s3_key_id'], - aws_secret_access_key: mastodon_credentials['s3_secret_key'], - vapid_private_key: mastodon_credentials['vapid_private_key'], - vapid_public_key: mastodon_credentials['vapid_public_key'], - db_pass: postgresql_data_bag_item['mastodon_user_password'], - db_host: "pg.kosmos.local", - default_locale: node["kosmos-mastodon"]["default_locale"], - allowed_private_addresses: node["kosmos-mastodon"]["allowed_private_addresses"], - libre_translate_endpoint: node["kosmos-mastodon"]["libre_translate_endpoint"] - notifies :restart, "application[#{mastodon_path}]", :delayed - end - - execute "bundle install" do - environment "HOME" => mastodon_path - user mastodon_user - cwd mastodon_path - command "/opt/ruby_build/builds/#{ruby_version}/bin/bundle install --without development,test --deployment" - end - - execute "yarn install" do - environment "HOME" => mastodon_path, "NODE_ENV" => "production" - user mastodon_user - cwd mastodon_path - command "yarn install --pure-lockfile" - end - - execute 'rake db:migrate' do - environment "RAILS_ENV" => "production", "HOME" => mastodon_path, "SKIP_POST_DEPLOYMENT_MIGRATIONS" => "true" - user mastodon_user - group mastodon_user - cwd mastodon_path - command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake db:migrate" - end - - execute 'rake assets:precompile' do - environment "RAILS_ENV" => "production", "HOME" => mastodon_path - user mastodon_user - group mastodon_user - cwd mastodon_path - command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake assets:precompile" - end - - service "mastodon-web" do - action [:enable, :start] - end - - service "mastodon-sidekiq" do - action [:enable, :start] - end - - service "mastodon-sidekiq-scheduler" do - action [:enable, :start] - end - - service "mastodon-streaming" do - action [:enable, :start] - end + repository node["kosmos-mastodon"]["repo"] + revision node["kosmos-mastodon"]["revision"] + # Restart services on deployments + notifies :run, "execute[restart mastodon services]", :delayed end -firewall_rule 'mastodon_app' do +execute "restart mastodon services" do + command "true" + action :nothing + notifies :restart, "service[mastodon-web]", :delayed + notifies :restart, "service[mastodon-sidekiq]", :delayed + notifies :restart, "service[mastodon-sidekiq-scheduler]", :delayed + notifies :restart, "service[mastodon-streaming]", :delayed +end + +mastodon_credentials = data_bag_item('credentials', 'mastodon') + +template "#{mastodon_path}/.env.#{rails_env}" do + source "env.erb" + mode "0640" + owner mastodon_user + group mastodon_user + variables redis_url: node["kosmos-mastodon"]["redis_url"], + domain: node["kosmos-mastodon"]["domain"], + alternate_domains: node["kosmos-mastodon"]["alternate_domains"], + paperclip_secret: mastodon_credentials['paperclip_secret'], + secret_key_base: mastodon_credentials['secret_key_base'], + otp_secret: mastodon_credentials['otp_secret'], + smtp_login: mastodon_credentials['smtp_user_name'], + smtp_password: mastodon_credentials['smtp_password'], + smtp_from_address: "mail@#{node['kosmos-mastodon']['domain']}", + s3_endpoint: node["kosmos-mastodon"]["s3_endpoint"], + s3_region: node["kosmos-mastodon"]["s3_region"], + s3_bucket: node["kosmos-mastodon"]["s3_bucket"], + s3_alias_host: node["kosmos-mastodon"]["s3_alias_host"], + aws_access_key_id: mastodon_credentials['s3_key_id'], + aws_secret_access_key: mastodon_credentials['s3_secret_key'], + vapid_private_key: mastodon_credentials['vapid_private_key'], + vapid_public_key: mastodon_credentials['vapid_public_key'], + db_pass: postgresql_data_bag_item['mastodon_user_password'], + db_host: "pg.kosmos.local", + default_locale: node["kosmos-mastodon"]["default_locale"], + allowed_private_addresses: node["kosmos-mastodon"]["allowed_private_addresses"], + libre_translate_endpoint: node["kosmos-mastodon"]["libre_translate_endpoint"] + notifies :run, "execute[restart mastodon services]", :delayed +end + +execute "bundle install" do + environment deploy_env + user mastodon_user + cwd mastodon_path + command "bundle install --without development,test --deployment" +end + +execute "yarn install" do + environment deploy_env + user mastodon_user + cwd mastodon_path + command "yarn install --pure-lockfile" +end + +execute "rake db:migrate" do + environment deploy_env + user mastodon_user + group mastodon_user + cwd mastodon_path + command "bundle exec rake db:migrate" +end + +execute "rake assets:precompile" do + environment deploy_env + user mastodon_user + group mastodon_user + cwd mastodon_path + command "bundle exec rake assets:precompile" +end + +service "mastodon-web" do + action [:enable, :start] +end + +service "mastodon-sidekiq" do + action [:enable, :start] +end + +service "mastodon-sidekiq-scheduler" do + action [:enable, :start] +end + +service "mastodon-streaming" do + action [:enable, :start] +end + +firewall_rule "mastodon_app" do port node['kosmos-mastodon']['app_port'] source "10.1.1.0/24" protocol :tcp diff --git a/site-cookbooks/kosmos-mastodon/templates/default/env.production.erb b/site-cookbooks/kosmos-mastodon/templates/default/env.erb similarity index 100% rename from site-cookbooks/kosmos-mastodon/templates/default/env.production.erb rename to site-cookbooks/kosmos-mastodon/templates/default/env.erb