Extract the nginx config for discourse to a recipe

Get the upstream servers automatically from Chef nodes

site-cookbooks/kosmos_discourse/recipes/default.rb

@@ -2,30 +2,8 @@
 # Cookbook:: kosmos_discourse
 # Recipe:: default
 #
-# The MIT License (MIT)
-#
-# Copyright:: 2020, Kosmos Developers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
 
 package "docker-compose"
-domain = "community.kosmos.org"
 deploy_path = "/opt/discourse"
 
 repo = "https://github.com/discourse/discourse_docker"
@@ -54,21 +32,3 @@ systemd_unit "discourse.service" do
            }})
   action [:create, :enable]
 end
-
-template "#{node['nginx']['dir']}/sites-available/#{domain}" do
-  source "nginx_conf.erb"
-  owner 'www-data'
-  mode 0640
-  variables server_name:   domain,
-            ssl_cert:      "/etc/letsencrypt/live/#{domain}/fullchain.pem",
-            ssl_key:       "/etc/letsencrypt/live/#{domain}/privkey.pem",
-            upstream_port: 3001
-
-  notifies :reload, 'service[nginx]', :delayed
-end
-
-nginx_site domain do
-  action :enable
-end
-
-nginx_certbot_site domain

site-cookbooks/kosmos_discourse/recipes/nginx.rb

@@ -0,0 +1,32 @@
+#
+# Cookbook:: kosmos_discourse
+# Recipe:: nginx
+#
+
+domain = "community.kosmos.org"
+
+upstream_ip_addresses = []
+search(:node, "role:discourse").each do |n|
+  upstream_ip_addresses << n["knife_zero"]["host"]
+end
+# No Discourse host, stop here
+return if upstream_ip_addresses.empty?
+
+template "#{node['nginx']['dir']}/sites-available/#{domain}" do
+  source "nginx_conf.erb"
+  owner 'www-data'
+  mode 0640
+  variables server_name:           domain,
+            ssl_cert:              "/etc/letsencrypt/live/#{domain}/fullchain.pem",
+            ssl_key:               "/etc/letsencrypt/live/#{domain}/privkey.pem",
+            upstream_port:         3001,
+            upstream_ip_addresses: upstream_ip_addresses
+
+  notifies :reload, 'service[nginx]', :delayed
+end
+
+nginx_site domain do
+  action :enable
+end
+
+nginx_certbot_site domain

site-cookbooks/kosmos_discourse/templates/nginx_conf.erb

@@ -1,6 +1,8 @@
 # Generated by Chef
 upstream _discourse {
-  server   localhost:<%= @upstream_port %>;
+  <% @upstream_ip_addresses.each do |upstream_ip_address| -%>
+  server   <%= upstream_ip_address %>:<%= @upstream_port %>;
+  <% end -%>
 }
 
 <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>