Deploy kosmos assets with Openresty
This commit is contained in:
parent
c1e2145ba1
commit
d79dcd8e65
@ -27,7 +27,7 @@ knife[:automatic_attribute_whitelist] = %w[
|
||||
]
|
||||
|
||||
knife[:default_attribute_whitelist] = []
|
||||
knife[:normal_attribute_whitelist] = ['knife_zero', 'kosmos_kvm', 'kosmos-ejabberd']
|
||||
knife[:normal_attribute_whitelist] = ['knife_zero', 'kosmos_kvm', 'kosmos-ejabberd', 'openresty']
|
||||
knife[:override_attribute_whitelist] = []
|
||||
|
||||
knife[:allowed_normal_attributes] = ['knife_zero', 'kosmos_kvm', 'kosmos-ejabberd']
|
||||
knife[:allowed_normal_attributes] = ['knife_zero', 'kosmos_kvm', 'kosmos-ejabberd', 'openresty']
|
||||
|
@ -7,4 +7,5 @@ long_description 'Configures static asset Web hosting'
|
||||
version '1.0.0'
|
||||
chef_version '>= 15.10' if respond_to?(:chef_version)
|
||||
|
||||
depends "kosmos-nginx"
|
||||
depends "kosmos-base"
|
||||
depends "kosmos_openresty"
|
||||
|
@ -1,38 +1,35 @@
|
||||
#
|
||||
# Cookbook:: kosmos_assets
|
||||
# Recipe:: nginx_site
|
||||
# Recipe:: openresty_site
|
||||
#
|
||||
|
||||
include_recipe "kosmos-nginx"
|
||||
include_recipe "kosmos_openresty"
|
||||
|
||||
domain = node["kosmos_assets"]["domain"]
|
||||
|
||||
nginx_certbot_site domain
|
||||
tls_cert_for domain do
|
||||
auth "gandi_dns"
|
||||
action :create
|
||||
end
|
||||
|
||||
directory "/var/www/#{domain}/site" do
|
||||
user node["nginx"]["user"]
|
||||
group node["nginx"]["group"]
|
||||
user node["openresty"]["user"]
|
||||
group node["openresty"]["group"]
|
||||
mode "0755"
|
||||
recursive true
|
||||
end
|
||||
|
||||
git "/var/www/#{domain}/site" do
|
||||
user node["nginx"]["user"]
|
||||
group node["nginx"]["group"]
|
||||
user node["openresty"]["user"]
|
||||
group node["openresty"]["group"]
|
||||
repository node["kosmos_assets"]["repo"]
|
||||
revision node["kosmos_assets"]["revision"]
|
||||
action :sync
|
||||
end
|
||||
|
||||
template "#{node["nginx"]["dir"]}/sites-available/#{domain}" do
|
||||
source "nginx_conf_assets.erb"
|
||||
owner node["nginx"]["user"]
|
||||
mode 0640
|
||||
openresty_site domain do
|
||||
template "nginx_conf_assets.erb"
|
||||
variables domain: domain,
|
||||
ssl_cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem",
|
||||
ssl_key: "/etc/letsencrypt/live/#{domain}/privkey.pem"
|
||||
notifies :reload, "service[nginx]", :delayed
|
||||
end
|
||||
|
||||
nginx_site domain do
|
||||
action :enable
|
||||
ssl_cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem",
|
||||
ssl_key: "/etc/letsencrypt/live/#{domain}/privkey.pem"
|
||||
end
|
||||
|
@ -2,7 +2,7 @@
|
||||
# Generated by Chef
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name <%= @domain %>;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user