Set up an instance of Mastodon for Kosmos

Refs #19 Use new application cookbook, update our cookbooks
2017-04-06 21:20:51 +02:00
parent a3f5c5f646
commit de11c0d691
345 changed files with 22591 additions and 3473 deletions
--- a/site-cookbooks/5apps-hubot/metadata.rb
+++ b/site-cookbooks/5apps-hubot/metadata.rb
@@ -7,5 +7,6 @@ long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
 version          '0.1.0'

 depends 'kosmos-nodejs'
-depends 'application'
-depends 'application_nodejs'
+depends 'application_javascript'
+depends 'application_git'
+depends 'firewall'
--- a/site-cookbooks/5apps-hubot/recipes/xmpp_botka.rb
+++ b/site-cookbooks/5apps-hubot/recipes/xmpp_botka.rb
@@ -7,59 +7,99 @@
 # All rights reserved - Do Not Redistribute
 #

-firewall_rule 'hubot_express_botka_xmpp' do
-  port     8082
-  protocol :tcp
-  command  :allow
+unless node.chef_environment == "development"
+  include_recipe "firewall"
+  firewall_rule 'hubot_express_botka_xmpp' do
+    port     8082
+    protocol :tcp
+    command  :allow
+  end
+end
+
+group "hubot" do
+  gid 48268
+end
+
+user "hubot" do
+  system true
+  manage_home true
+  comment "hubot user"
+  uid 48268
+  gid 48268
+
+  shell "/bin/bash"
 end

 botka_xmpp_data_bag_item = Chef::EncryptedDataBagItem.load('credentials', '5apps_botka_xmpp')

-application "botka_xmpp" do
-  path "/srv/botka_xmpp"
+botka_xmpp_path = "/opt/botka_xmpp"
+application botka_xmpp_path do
  owner "hubot"
  group "hubot"

-  action :deploy
-
-  before_restart do
-    file "#{new_resource.release_path}/external-scripts.json" do
-      mode  "0640"
-      owner "hubot"
-      group "hubot"
-      content [
-        "hubot-help",
-        "hubot-remotestorage-logger"
-      ].to_json
-    end
-
-    file "#{new_resource.release_path}/external-scripts.json" do
-      mode  "0640"
-      owner "hubot"
-      group "hubot"
-      content [].to_json
-    end
+  git do
+    user       "hubot"
+    group      "hubot"
+    repository "https://github.com/67P/botka.git"
+    revision   "master"
  end

-  repository "https://github.com/67P/botka.git"
-  revision   "master"
+  file "external-scripts.json" do
+    mode  "0640"
+    owner "hubot"
+    group "hubot"
+    content [
+      "hubot-help",
+      "hubot-remotestorage-logger"
+    ].to_json
+  end

-  nodejs do
-    entry_point "/srv/botka_xmpp/current/bin/hubot -a xmpp --name botka"
-    # Use our own systemd service that depends on redis-server
-    template "nodejs.systemd.service.erb"
-    environment "HUBOT_XMPP_USERNAME"         => "botka@5apps.com/hubot",
-                "HUBOT_XMPP_PASSWORD"         => botka_xmpp_data_bag_item['password'],
-                "HUBOT_XMPP_ROOMS"            => "5info@muc.5apps.com,5ops@muc.5apps.com,core@muc.5apps.com,deploy@muc.5apps.com,storage@muc.5apps.com,watercooler@muc.5apps.com,hilti@muc.5apps.com,gymapp@muc.5apps.com",
-                "HUBOT_XMPP_HOST"             => "xmpp.5apps.com",
-                "HUBOT_RSS_PRINTSUMMARY"      => "false",
-                "EXPRESS_PORT"                => "8082",
-                "HUBOT_RSS_HEADER"            => "Update:",
-                "HUBOT_AUTH_ADMIN"            => "basti,garret,greg",
-                "REDIS_URL"                   => "redis://localhost:6379/5apps_botka_xmpp",
-                "RS_LOGGER_USER"              => "5apps@5apps.com",
-                "RS_LOGGER_TOKEN"             => botka_xmpp_data_bag_item['rs_logger_token'],
-                "RS_LOGGER_SERVER_NAME"       => "5apps",
-                "WEBHOOK_TOKEN"               => botka_xmpp_data_bag_item['webhook_token']
+  file "external-scripts.json" do
+    mode  "0640"
+    owner "hubot"
+    group "hubot"
+    content [].to_json
+  end
+
+  npm_install do
+    user "hubot"
+  end
+
+  execute "systemctl daemon-reload" do
+    command "systemctl daemon-reload"
+    action :nothing
+  end
+
+  template "/lib/systemd/system/botka_xmpp_nodejs.service" do
+    source 'nodejs.systemd.service.erb'
+    owner 'root'
+    group 'root'
+    mode '0644'
+    variables(
+      :user => "hubot",
+      :group => "hubot",
+      :app_dir => botka_xmpp_path,
+      :entry => "#{botka_xmpp_path}/bin/hubot -a xmpp --name botka",
+      :environment  => { "HUBOT_XMPP_USERNAME"         => "botka@5apps.com/hubot",
+                          "HUBOT_XMPP_PASSWORD"         => botka_xmpp_data_bag_item['password'],
+                          "HUBOT_XMPP_ROOMS"            => "5info@muc.5apps.com,5ops@muc.5apps.com,core@muc.5apps.com,deploy@muc.5apps.com,storage@muc.5apps.com,watercooler@muc.5apps.com,hilti@muc.5apps.com,gymapp@muc.5apps.com",
+                          "HUBOT_XMPP_HOST"             => "xmpp.5apps.com",
+                          "HUBOT_RSS_PRINTSUMMARY"      => "false",
+                          "EXPRESS_PORT"                => "8082",
+                          "HUBOT_RSS_HEADER"            => "Update:",
+                          "HUBOT_AUTH_ADMIN"            => "basti,garret,greg",
+                          "REDIS_URL"                   => "redis://localhost:6379/5apps_botka_xmpp",
+                          "RS_LOGGER_USER"              => "5apps@5apps.com",
+                          "RS_LOGGER_TOKEN"             => botka_xmpp_data_bag_item['rs_logger_token'],
+                          "RS_LOGGER_SERVER_NAME"       => "5apps",
+                          "WEBHOOK_TOKEN"               => botka_xmpp_data_bag_item['webhook_token'] }
+    )
+
+    notifies :run, "execute[systemctl daemon-reload]", :delayed
+    notifies :restart, "service[botka_xmpp_nodejs]", :delayed
+  end
+
+  service "botka_xmpp_nodejs" do
+    action [:enable, :start]
  end
 end
--- a/site-cookbooks/5apps-hubot/recipes/xmpp_schlupp.rb
+++ b/site-cookbooks/5apps-hubot/recipes/xmpp_schlupp.rb
@@ -7,62 +7,99 @@
 # All rights reserved - Do Not Redistribute
 #

-firewall_rule 'hubot_express_schlupp_xmpp' do
-  port     8083
-  protocol :tcp
-  command  :allow
+unless node.chef_environment == "development"
+  include_recipe "firewall"
+  firewall_rule 'hubot_express_schlupp_xmpp' do
+    port     8083
+    protocol :tcp
+    command  :allow
+  end
+end
+
+group "hubot" do
+  gid 48268
+end
+
+user "hubot" do
+  system true
+  manage_home true
+  comment "hubot user"
+  uid 48268
+  gid 48268
+  shell "/bin/bash"
 end

 schlupp_xmpp_data_bag_item = Chef::EncryptedDataBagItem.load('credentials', '5apps_schlupp_xmpp')

-application "schlupp_xmpp" do
-  path "/srv/schlupp_xmpp"
+schlupp_xmpp_path = "/opt/schlupp_xmpp"
+application schlupp_xmpp_path do
  owner "hubot"
  group "hubot"

-  action :deploy
-
-  before_restart do
-    # No hubot-remotestorage-logger, botka takes care of that
-    file "#{new_resource.release_path}/external-scripts.json" do
-      mode  "0640"
-      owner "hubot"
-      group "hubot"
-      content [
-        "hubot-auth",
-        "hubot-help",
-        "hubot-redis-brain",
-        "hubot-rules",
-        "hubot-shipit",
-        "hubot-plusplus",
-        "hubot-tell",
-        "hubot-seen",
-        "hubot-rss-reader",
-        "hubot-incoming-webhook",
-        "hubot-yubikey-invalidation"
-      ].to_json
-    end
+  git "git@gitlab.com:5apps/schlupp.git" do
+    user       "hubot"
+    group      "hubot"
+    revision   "master"
+    deploy_key schlupp_xmpp_data_bag_item['deploy_key']
  end

-  repository "git@gitlab.com:5apps/schlupp.git"
-  revision   "master"
-  deploy_key schlupp_xmpp_data_bag_item['deploy_key']
+  file "external-scripts.json" do
+    mode  "0640"
+    owner "hubot"
+    group "hubot"
+    content [
+      "hubot-auth",
+      "hubot-help",
+      "hubot-redis-brain",
+      "hubot-rules",
+      "hubot-shipit",
+      "hubot-plusplus",
+      "hubot-tell",
+      "hubot-seen",
+      "hubot-rss-reader",
+      "hubot-incoming-webhook",
+      "hubot-yubikey-invalidation"
+    ].to_json
+  end

-  nodejs do
-    entry_point "/srv/schlupp_xmpp/current/bin/hubot -a xmpp --name schlupp"
-    # Use our own systemd service that depends on redis-server
-    template "nodejs.systemd.service.erb"
-    environment "HUBOT_XMPP_USERNAME"         => "schlupp@5apps.com/hubot",
-                "HUBOT_XMPP_PASSWORD"         => schlupp_xmpp_data_bag_item['password'],
-                "HUBOT_XMPP_ROOMS"            => "5info@muc.5apps.com,5ops@muc.5apps.com,core@muc.5apps.com,deploy@muc.5apps.com,storage@muc.5apps.com,watercooler@muc.5apps.com,hilti@muc.5apps.com,test@muc.5apps.com,gymapp@muc.5apps.com",
-                "HUBOT_XMPP_HOST"             => "xmpp.5apps.com",
-                "HUBOT_RSS_PRINTSUMMARY"      => "false",
-                "EXPRESS_PORT"                => "8083",
-                "HUBOT_RSS_HEADER"            => "Update:",
-                "HUBOT_AUTH_ADMIN"            => "basti,garret,greg",
-                "REDIS_URL"                   => "redis://localhost:6379/5apps_schlupp_xmpp",
-                "RS_OPS_TOKEN"                => schlupp_xmpp_data_bag_item['rs_ops_token'],
-                "WEBHOOK_TOKEN"               => schlupp_xmpp_data_bag_item['webhook_token'],
-                "AIRTABLE_API_KEY"            => schlupp_xmpp_data_bag_item['airtable_api_key']
+  npm_install do
+    user "hubot"
+  end
+
+  execute "systemctl daemon-reload" do
+    command "systemctl daemon-reload"
+    action :nothing
+  end
+
+  template "/lib/systemd/system/schlupp_xmpp_nodejs.service" do
+    source 'nodejs.systemd.service.erb'
+    owner 'root'
+    group 'root'
+    mode '0644'
+    variables(
+      :user => "hubot",
+      :group => "hubot",
+      :app_dir => schlupp_xmpp_path,
+      :entry => "#{schlupp_xmpp_path}/bin/hubot -a xmpp --name schlupp",
+      :environment => { "HUBOT_XMPP_USERNAME"         => "schlupp@5apps.com/hubot",
+                        "HUBOT_XMPP_PASSWORD"         => schlupp_xmpp_data_bag_item['password'],
+                        "HUBOT_XMPP_ROOMS"            => "5info@muc.5apps.com,5ops@muc.5apps.com,core@muc.5apps.com,deploy@muc.5apps.com,storage@muc.5apps.com,watercooler@muc.5apps.com,hilti@muc.5apps.com,test@muc.5apps.com,gymapp@muc.5apps.com",
+                        "HUBOT_XMPP_HOST"             => "xmpp.5apps.com",
+                        "HUBOT_RSS_PRINTSUMMARY"      => "false",
+                        "EXPRESS_PORT"                => "8083",
+                        "HUBOT_RSS_HEADER"            => "Update:",
+                        "HUBOT_AUTH_ADMIN"            => "basti,garret,greg",
+                        "REDIS_URL"                   => "redis://localhost:6379/5apps_schlupp_xmpp",
+                        "RS_OPS_TOKEN"                => schlupp_xmpp_data_bag_item['rs_ops_token'],
+                        "WEBHOOK_TOKEN"               => schlupp_xmpp_data_bag_item['webhook_token'],
+                        "AIRTABLE_API_KEY"            => schlupp_xmpp_data_bag_item['airtable_api_key'] }
+    )
+
+    notifies :run, "execute[systemctl daemon-reload]", :delayed
+    notifies :restart, "service[schlupp_xmpp_nodejs]", :delayed
+  end
+
+  service "schlupp_xmpp_nodejs" do
+    action [:enable, :start]
  end
 end