.chef/config.rb

@@ -16,4 +16,4 @@ cookbook_email         'mail@kosmos.org'
 # Enable knife-solo's Berkshelf integration
 knife[:berkshelf] = true
 # Set Chef version installed by `knife solo prepare`
-knife[:bootstrap_version] = "13.8.5"
+knife[:bootstrap_version] = "14.11.21"

Berksfile

@@ -4,23 +4,20 @@ source 'https://supermarket.chef.io'
 
 cookbook 'mediawiki',
          git: 'https://github.com/67P/mediawiki-cookbook.git',
-         ref: 'f8d0f6b19af4381fdc390aaa32c51a54bd73afdc'
+         ref: '70ae159e8ecc0c2a2d8d94465cc4211e8deb0eaa'
-cookbook 'wordpress',
-         git: 'https://github.com/67P/wordpress-cookbook.git',
-         ref: 'relax_dependencies'
 cookbook 'redis',
          git: 'https://github.com/phlipper/chef-redis.git',
          ref: 'v0.5.6'
 cookbook 'postfix',                '= 5.0.2'
-cookbook 'php-fpm',                '= 0.7.9'
+cookbook 'php-fpm',                '~> 0.8.0'
-cookbook 'php',                    '= 4.2.0'
+cookbook 'php',                    '~> 6.1.1'
 cookbook 'composer',               '~> 2.6.1'
 cookbook 'poise-ruby-build',       '~> 1.1.0'
 cookbook 'application',            '~> 5.2.0'
 cookbook 'application_javascript', '~> 1.0.0'
 cookbook 'application_ruby',       '~> 4.1.0'
 cookbook 'application_git',        '= 1.1.0' # 1.2.0 doesn't work with knife-solo
-cookbook 'poise',                  '~> 2.8.1'
+cookbook 'poise',                  '~> 2.8.2'
 cookbook 'poise-languages',        '~> 2.1.1'
 cookbook 'poise-ruby',             '~> 2.4.0'
 cookbook 'poise-javascript',       git: 'https://github.com/poise/poise-javascript.git',
@@ -28,17 +25,18 @@ cookbook 'poise-javascript',       git: 'https://github.com/poise/poise-javascri
 cookbook 'poise-archive',          '~> 1.5.0'
 cookbook 'poise-service',          '~> 1.5.2'
 cookbook 'users',                  '~> 5.3.1'
-cookbook 'sudo',                   '~> 5.3.3'
 cookbook 'hostname',               '= 0.4.2'
 cookbook 'firewall',               '~> 2.6.3'
 cookbook 'nginx',                  '= 9.0.0'
-cookbook 'build-essential',        '~> 8.1.1'
+# Remove when cookbooks stop depending on it, the build_essential resource is
-cookbook 'mysql',                  '= 6.1.3'
+# part of Chef 14 (https://docs.chef.io/resource_build_essential.html)
-cookbook 'postgresql',             '= 6.1.1'
+cookbook 'build-essential',        '~> 8.2.1'
+cookbook 'mysql',                  '~> 8.5.1'
+cookbook 'postgresql',             '= 7.1.4'
 cookbook 'apt',                    '~> 7.0.0'
 cookbook 'git',                    '= 6.0.0'
 cookbook 'hostsfile',              '= 2.4.5'
-cookbook 'ohai',                   '= 5.0.4'
+cookbook 'ohai',                   '~> 5.2.5'
 cookbook 'nodejs',                 '~> 5.0.0'
 # Deprecated, but wordpress and mediawiki depend on it and it would painful
 # to change it without moving the databases
@@ -48,20 +46,13 @@ cookbook 'chef_client_updater',    '= 1.1.1'
 cookbook 'timezone_iii',           '= 1.0.4'
 cookbook 'ark',                    '= 3.1.0'
 cookbook 'logrotate',              '= 2.2.0'
-cookbook 'openssl',                '= 7.1.0'
+cookbook 'openssl',                '~> 8.5.5'
 cookbook 'ntp',                    '= 3.4.0'
-cookbook 'yum',                    '= 3.13.0'
-cookbook 'yum-epel',               '= 0.3.6'
-cookbook 'yum-mysql-community',    '= 2.1.0'
 cookbook 'apache2',                '= 3.3.0'
 cookbook 'chef-sugar',             '= 3.3.0'
 cookbook 'compat_resource',        '= 12.19.0'
-cookbook 'dmg',                    '= 4.0.0'
 cookbook 'homebrew',               '= 3.0.0'
-cookbook 'windows',                '= 3.1.1'
-cookbook 'iis',                    '= 6.7.1'
 cookbook 'mariadb',                '= 0.3.1'
-cookbook 'mingw',                  '= 2.0.0'
 cookbook 'ipfs',
          git: 'https://github.com/67P/ipfs-cookbook.git',
          ref: 'v0.1.2'

Berksfile.lock

@@ -6,19 +6,17 @@ DEPENDENCIES
   application_ruby (= 4.1.0)
   apt (~> 7.0.0)
   ark (= 3.1.0)
-  build-essential (~> 8.1.1)
+  build-essential (~> 8.2.1)
   chef-sugar (= 3.3.0)
   chef_client_updater (= 1.1.1)
   compat_resource (= 12.19.0)
   composer (~> 2.6.1)
   database (= 6.1.1)
-  dmg (= 4.0.0)
   firewall (~> 2.6.3)
   git (= 6.0.0)
   homebrew (= 3.0.0)
   hostname (= 0.4.2)
   hostsfile (= 2.4.5)
-  iis (= 6.7.1)
   ipfs
     git: https://github.com/67P/ipfs-cookbook.git
     revision: 78d3edfd78c56a25494ac84528e152762f38b3be
@@ -27,19 +25,18 @@ DEPENDENCIES
   mariadb (= 0.3.1)
   mediawiki
     git: https://github.com/67P/mediawiki-cookbook.git
-    revision: f8d0f6b19af4381fdc390aaa32c51a54bd73afdc
+    revision: 70ae159e8ecc0c2a2d8d94465cc4211e8deb0eaa
-    ref: f8d0f6b
+    ref: 70ae159
-  mingw (= 2.0.0)
+  mysql (~> 8.5.1)
-  mysql (= 6.1.3)
   mysql2_chef_gem (= 1.1.0)
   nginx (= 9.0.0)
   nodejs (~> 5.0.0)
   ntp (= 3.4.0)
-  ohai (= 5.0.4)
+  ohai (~> 5.2.5)
-  openssl (= 7.1.0)
+  openssl (~> 8.5.5)
-  php (= 4.2.0)
+  php (= 6.1.1)
-  php-fpm (= 0.7.9)
+  php-fpm (~> 0.8.0)
-  poise (= 2.8.1)
+  poise (~> 2.8.2)
   poise-archive (~> 1.5.0)
   poise-javascript (~> 1.2.0)
   poise-languages (= 2.1.1)
@@ -47,22 +44,13 @@ DEPENDENCIES
   poise-ruby-build (= 1.1.0)
   poise-service (~> 1.5.2)
   postfix (= 5.0.2)
-  postgresql (= 6.1.1)
+  postgresql (= 7.1.4)
   redis
     git: https://github.com/phlipper/chef-redis.git
     revision: 7476279fc9c8727f082b8d77b5e1922dc2ef437b
     ref: v0.5.6
-  sudo (~> 5.3.3)
   timezone_iii (= 1.0.4)
   users (~> 5.3.1)
-  windows (= 3.1.1)
-  wordpress
-    git: https://github.com/67P/wordpress-cookbook.git
-    revision: 593ad2c7957fc427da739510de59f36ad648ee5e
-    ref: relax_d
-  yum (= 3.13.0)
-  yum-epel (= 0.3.6)
-  yum-mysql-community (= 2.1.0)
 
 GRAPH
   apache2 (3.3.0)
@@ -88,7 +76,7 @@ GRAPH
     build-essential (>= 0.0.0)
     seven_zip (>= 0.0.0)
     windows (>= 0.0.0)
-  build-essential (8.1.1)
+  build-essential (8.2.1)
     mingw (>= 1.1)
     seven_zip (>= 0.0.0)
   chef-sugar (3.3.0)
@@ -101,7 +89,7 @@ GRAPH
     windows (>= 0.0.0)
   database (6.1.1)
     postgresql (>= 1.0.0)
-  dmg (4.0.0)
+  dmg (4.1.1)
   firewall (2.6.3)
     chef-sugar (>= 0.0.0)
   git (6.0.0)
@@ -112,8 +100,6 @@ GRAPH
   hostname (0.4.2)
     hostsfile (>= 0.0.0)
   hostsfile (2.4.5)
-  iis (6.7.1)
-    windows (>= 2.0)
   ipfs (0.1.2)
     ark (>= 0.0.0)
   logrotate (2.2.0)
@@ -125,15 +111,12 @@ GRAPH
     apache2 (>= 0.0.0)
     database (>= 0.0.0)
     mysql (>= 0.0.0)
-    mysql2_chef_gem (>= 0.0.0)
     nginx (>= 0.0.0)
     php (>= 0.0.0)
     php-fpm (>= 0.0.0)
-  mingw (2.0.0)
+  mingw (2.1.0)
     seven_zip (>= 0.0.0)
-  mysql (6.1.3)
+  mysql (8.5.1)
-    smf (>= 0.0.0)
-    yum-mysql-community (>= 0.0.0)
   mysql2_chef_gem (1.1.0)
     build-essential (>= 0.0.0)
     mariadb (>= 0.0.0)
@@ -146,17 +129,13 @@ GRAPH
     ark (>= 2.0.2)
     build-essential (>= 0.0.0)
   ntp (3.4.0)
-  ohai (5.0.4)
+  ohai (5.2.5)
-  openssl (7.1.0)
+  openssl (8.5.5)
-  php (4.2.0)
+  php (6.1.1)
-    build-essential (>= 0.0.0)
+    build-essential (>= 5.0)
-    mysql (>= 6.0.0)
-    xml (>= 0.0.0)
     yum-epel (>= 0.0.0)
-  php-fpm (0.7.9)
+  php-fpm (0.8.0)
-    apt (>= 0.0.0)
+  poise (2.8.2)
-    yum (>= 3.0)
-  poise (2.8.1)
   poise-archive (1.5.0)
     poise (~> 2.6)
   poise-build-essential (1.0.0)
@@ -181,41 +160,13 @@ GRAPH
   poise-service (1.5.2)
     poise (~> 2.0)
   postfix (5.0.2)
-  postgresql (6.1.1)
+  postgresql (7.1.4)
-    build-essential (>= 2.0.0)
-    compat_resource (>= 12.16.3)
-    openssl (>= 4.0)
-  rbac (1.0.3)
   redis (0.5.6)
     apt (>= 0.0.0)
-  selinux (0.9.0)
   seven_zip (2.0.2)
     windows (>= 1.2.2)
-  smf (2.2.8)
-    rbac (>= 1.0.1)
-  sudo (5.3.3)
-  tar (2.2.0)
   timezone_iii (1.0.4)
   users (5.3.1)
-  windows (3.1.1)
+  windows (5.3.0)
-    ohai (>= 4.0.0)
+  yum (5.1.0)
-  wordpress (3.1.0)
+  yum-epel (3.3.0)
-    apache2 (>= 2.0.0)
-    build-essential (>= 0.0.0)
-    database (>= 1.6.0)
-    iis (>= 1.6.2)
-    mysql (>= 6.0)
-    mysql2_chef_gem (>= 1.0.1)
-    nginx (>= 0.0.0)
-    openssl (>= 0.0.0)
-    php (>= 0.0.0)
-    php-fpm (>= 0.0.0)
-    selinux (~> 0.7)
-    tar (>= 0.3.1)
-  xml (3.1.2)
-    build-essential (>= 0.0.0)
-  yum (3.13.0)
-  yum-epel (0.3.6)
-    yum (~> 3.0)
-  yum-mysql-community (2.1.0)
-    compat_resource (>= 12.16.3)

Gemfile

@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-gem 'chef', '~> 14.9.13'
+gem 'chef', '~> 14.11.21'
 gem 'berkshelf', '~> 7.0'
 gem 'knife-solo', '~> 0.7.0'
 gem 'knife-solo_data_bag'

Gemfile.lock

@@ -18,10 +18,10 @@ GEM
       solve (~> 4.0)
       thor (>= 0.20)
     builder (3.2.3)
-    chef (14.9.13)
+    chef (14.11.21)
       addressable
       bundler (>= 1.10)
-      chef-config (= 14.9.13)
+      chef-config (= 14.11.21)
       chef-zero (>= 13.0)
       diff-lcs (~> 1.2, >= 1.2.4)
       erubis (~> 2.7)
@@ -48,16 +48,16 @@ GEM
       specinfra (~> 2.10)
       syslog-logger (~> 1.6)
       uuidtools (~> 2.1.5)
-    chef-config (14.9.13)
+    chef-config (14.11.21)
       addressable
       fuzzyurl
       mixlib-config (>= 2.2.12, < 3.0)
       mixlib-shellout (~> 2.0)
       tomlrb (~> 1.2)
-    chef-zero (14.0.11)
+    chef-zero (14.0.12)
       ffi-yajl (~> 2.2)
       hashie (>= 2.0, < 4.0)
-      mixlib-log (~> 2.0)
+      mixlib-log (>= 2.0, < 4.0)
       rack (~> 2.0, >= 2.0.6)
       uuidtools (~> 2.1)
     cleanroom (1.0.0)
@@ -92,7 +92,7 @@ GEM
       little-plugger (~> 1.1)
       multi_json (~> 1.10)
     minitar (0.8)
-    mixlib-archive (0.4.19)
+    mixlib-archive (0.4.20)
       mixlib-log
     mixlib-authentication (2.1.1)
     mixlib-cli (1.7.0)
@@ -122,15 +122,15 @@ GEM
     nori (2.6.0)
     octokit (4.13.0)
       sawyer (~> 0.8.0, >= 0.5.3)
-    ohai (14.8.10)
+    ohai (14.8.11)
       chef-config (>= 12.8, < 15)
       ffi (~> 1.9)
       ffi-yajl (~> 2.2)
       ipaddress
       mixlib-cli (>= 1.7.0)
-      mixlib-config (~> 2.0)
+      mixlib-config (>= 2.0, < 4.0)
-      mixlib-log (~> 2.0, >= 2.0.1)
+      mixlib-log (>= 2.0.1, < 4.0)
-      mixlib-shellout (~> 2.0)
+      mixlib-shellout (>= 2.0, < 4.0)
       plist (~> 3.1)
       systemu (~> 2.6.4)
       wmi-lite (~> 1.0)
@@ -186,7 +186,7 @@ GEM
     solve (4.0.2)
       molinillo (~> 0.6)
       semverse (>= 1.1, < 4.0)
-    specinfra (2.76.9)
+    specinfra (2.77.0)
       net-scp
       net-ssh (>= 2.7)
       net-telnet (= 0.1.1)
@@ -231,7 +231,7 @@ PLATFORMS
 
 DEPENDENCIES
   berkshelf (~> 7.0)
-  chef (~> 14.9.13)
+  chef (~> 14.11.21)
   cookstyle
   knife-solo (~> 0.7.0)
   knife-solo_data_bag

Vagrantfile

@@ -12,7 +12,7 @@ Vagrant.configure(2) do |config|
 
   # Every Vagrant development environment requires a box. You can search for
   # boxes at https://atlas.hashicorp.com/search.
-  config.vm.box = "bento/ubuntu-16.04"
+  config.vm.box = "bento/ubuntu-18.04"
 
   config.vm.provider :virtualbox do |vb|
     # Customize the amount of memory on the VM:
@@ -90,7 +90,7 @@ Vagrant.configure(2) do |config|
   # SHELL
 
   config.vm.provision :chef_zero do |chef|
-    chef.version                            = '12.21.3'
+    chef.version                            = '14.11.21'
     chef.cookbooks_path                     = ['site-cookbooks']
     chef.data_bags_path                     = 'data_bags'
     chef.roles_path                         = 'roles'

data_bags/credentials/postgresql.json

@@ -0,0 +1,24 @@
+{
+  "id": "postgresql",
+  "ejabberd_user_password": {
+    "encrypted_data": "OTwgFCOLHgoFLsdcHs1U04sJf7ZzVepeDwlNmPMtO8FtyzpfySY9\n",
+    "iv": "k9wX2WEsJyJn+OYs\n",
+    "auth_tag": "fL/HNcno/MuWE+yQOFCC3g==\n",
+    "version": 3,
+    "cipher": "aes-256-gcm"
+  },
+  "server_password": {
+    "encrypted_data": "4Y87daXYAxzfYxRIkR8b+DLOp4+dYJnc91hN22iWmOfO3umv8wZU\n",
+    "iv": "LDeMAKUEIq9oe2Zu\n",
+    "auth_tag": "uVaRO+t/KSFebrEB6wp+yQ==\n",
+    "version": 3,
+    "cipher": "aes-256-gcm"
+  },
+  "mastodon_user_password": {
+    "encrypted_data": "s/XxLUwjZsJ/XidEVi50oePBR4OQ0z/3czs9uOcw1fA1c6qqEzb98iHXpw==\n",
+    "iv": "pKvwLeC05f7P+cke\n",
+    "auth_tag": "/yHUD+RSCMhLhrnQJAZqrw==\n",
+    "version": 3,
+    "cipher": "aes-256-gcm"
+  }
+}

nodes/andromeda.kosmos.org.json

@@ -1,8 +1,11 @@
 {
   "run_list": [
-    "kosmos-base",
+    "role[base]",
     "kosmos-base::andromeda_firewall",
-    "role[ipfs_cluster_with_tls]"
+    "role[ipfs_cluster_with_tls]",
+    "kosmos-mediawiki",
+    "sockethub",
+    "sockethub::proxy"
   ],
   "automatic": {
     "ipaddress": "andromeda.kosmos.org"

nodes/dev.kosmos.org.json

@@ -1,16 +1,14 @@
 {
   "run_list": [
-    "kosmos-base",
+    "role[base]",
     "kosmos-redis",
-    "sockethub",
-    "sockethub::proxy",
-    "kosmos-mediawiki",
     "kosmos-hubot",
     "5apps-xmpp_server",
     "5apps-hubot::xmpp_schlupp",
     "5apps-hubot::xmpp_botka",
     "kosmos-mastodon",
     "kosmos-mastodon::nginx",
+    "sockethub::_firewall",
     "kosmos-ipfs::cluster"
   ],
   "normal": {

roles/base.rb

@@ -0,0 +1,6 @@
+name "base"
+
+run_list %w(
+  kosmos-base::chef_client
+  kosmos-base::default
+)

site-cookbooks/backup/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/backup/attributes/default.rb

@@ -1,41 +1,41 @@
 # Directory where backup config and models are stored
-set_unless["backup"]["dir"] = "/usr/local/lib/backup"
+default["backup"]["dir"] = "/usr/local/lib/backup"
 
 # Use default backup model?
-set_unless["backup"]["default_model"] = true
+default["backup"]["default_model"] = true
 
 # Compression default settings
-set_unless["backup"]["compression"]["best"] = true
+default["backup"]["compression"]["best"] = true
-set_unless["backup"]["compression"]["fast"] = false
+default["backup"]["compression"]["fast"] = false
 
 default['backup']['user'] = 'backup'
 
 # Archive default settings
-set_unless["backup"]["archives"] = {}
+default["backup"]["archives"] = {}
 
 # MongoDB default settings
 if node["mongodb"]
-  set_unless["backup"]["mongodb"]["databases"] = []
+  default["backup"]["mongodb"]["databases"] = []
-  set_unless["backup"]["mongodb"]["host"]      = "localhost"
+  default["backup"]["mongodb"]["host"]      = "localhost"
-  set_unless["backup"]["mongodb"]["ipv6"]      = false
+  default["backup"]["mongodb"]["ipv6"]      = false
-  set_unless["backup"]["mongodb"]["lock"]      = false
+  default["backup"]["mongodb"]["lock"]      = false
 end
 
 # MySQL default settings
-set_unless["backup"]["mysql"]["databases"] = []
+default["backup"]["mysql"]["databases"] = []
-set_unless["backup"]["mysql"]["username"]  = "root"
+default["backup"]["mysql"]["username"]  = "root"
-set_unless["backup"]["mysql"]["host"]      = "localhost"
+default["backup"]["mysql"]["host"]      = "localhost"
 
 # PostgreSQL default settings
-set_unless["backup"]["postgresql"]["databases"] = []
+default["backup"]["postgresql"]["databases"] = []
-set_unless["backup"]["postgresql"]["host"]      = "localhost"
+default["backup"]["postgresql"]["host"]      = "localhost"
-set_unless["backup"]["postgresql"]["port"]      = 5432
+default["backup"]["postgresql"]["port"]      = 5432
 
 # Redis default settings
-set_unless["backup"]["redis"]["databases"]   = []
+default["backup"]["redis"]["databases"]   = []
-set_unless["backup"]["redis"]["host"]        = "localhost"
+default["backup"]["redis"]["host"]        = "localhost"
-set_unless["backup"]["redis"]["invoke_save"] = false
+default["backup"]["redis"]["invoke_save"] = false
-set_unless["backup"]["redis"]["dump_dir"]    = "/var/lib/redis"
+default["backup"]["redis"]["dump_dir"]    = "/var/lib/redis"
 
 default['backup']['orbit']['keep'] = 10
 default['backup']['cron']['hour'] = "05"

site-cookbooks/backup/metadata.rb

@@ -1,6 +1,6 @@
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      "Installs/configures backup via the Backup gem"
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
 version "0.5.0"

site-cookbooks/backup/recipes/default.rb

@@ -25,7 +25,8 @@
 
 build_essential 'backup gem'
 
-package ["ruby"]
+# Don't try to install packages on older Ubuntu, the repositories are 404
+package ["ruby", "ruby-dev"] if node[:platform_version].to_f >= 16.04
 
 gem_package 'backup' do
   version '5.0.0.beta.2'
@@ -64,6 +65,7 @@ include_recipe 'logrotate'
 # Install MySQL client (includes mysqldump)
 mysql_client 'default' do
   action :create
+  version '5.7' if node[:platform_version].to_f == 18.04
   not_if { node["backup"]["mysql"]["databases"].empty? }
 end
 

site-cookbooks/kosmos-base/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/kosmos-base/metadata.rb

@@ -1,14 +1,14 @@
 name             'kosmos-base'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'The Kosmos base cookbook'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version          '0.1.1'
+version          '0.2.0'
+chef_version     '>= 14.0' # Uses the new sudo resource
 
 depends 'apt'
 depends 'users'
-depends 'sudo'
 depends 'kosmos-postfix'
 depends 'hostname'
 depends 'firewall'

site-cookbooks/kosmos-base/recipes/andromeda_firewall.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-base
 # Recipe:: andromeda_firewall
 #
-# Copyright 2018, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 # Temporary extra rules for Andromeda
 

site-cookbooks/kosmos-base/recipes/chef_client.rb

@@ -0,0 +1,31 @@
+#
+# Cookbook Name:: kosmos-base
+# Recipe:: chef_client
+#
+# The MIT License (MIT)
+#
+# Copyright:: 2019, Kosmos Developers
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+# Update chef to the chosen version
+chef_version = '14.11.21'
+chef_client_updater "Install #{chef_version}" do
+  version chef_version
+end

site-cookbooks/kosmos-base/recipes/default.rb

@@ -2,21 +2,32 @@
 # Cookbook Name:: kosmos-base
 # Recipe:: default
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 include_recipe 'apt'
 include_recipe 'timezone_iii'
 include_recipe 'ntp'
 
-# Update chef to the chosen version
-chef_version = '12.22.3'
-chef_client_updater "Install #{chef_version}" do
-  version chef_version
-end
-
 package 'mailutils'
 package 'mosh'
 
@@ -30,18 +41,17 @@ unless node.chef_environment == "development"
     action [:remove, :create]
   end
 
-  node.override['authorization']['sudo']['sudoers_defaults'] = [
+  sudo "sysadmin" do
+    groups "sysadmin"
+    nopasswd true
+    defaults [
     # not default on Ubuntu, explicitely enable. Uses a minimal white list of
     # environment variables
     'env_reset',
     # Send emails on unauthorized attempts
     'mail_badpass',
     'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"',
-  ]
+    ]
-  include_recipe "sudo"
-  sudo "sysadmin" do
-    group "sysadmin"
-    nopasswd true
   end
 
   include_recipe 'kosmos-base::firewall'

site-cookbooks/kosmos-base/recipes/firewall.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-base
 # Recipe:: firewall
 #
-# Copyright 2015, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 # enable default firewall
 firewall 'default'

site-cookbooks/kosmos-base/recipes/letsencrypt.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-base
 # Recipe:: letsencrypt
 #
-# Copyright 2018, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 # Install certbot and set up hooks
 
@@ -29,11 +46,13 @@ else
  end
 end
 
-directory "/etc/letsencrypt/renewal-hooks" do
+%w(deploy post pre).each do |subdir|
-  recursive true
+  directory "/etc/letsencrypt/renewal-hooks/#{subdir}" do
-  mode 0755
+    recursive true
-  owner "root"
+    mode 0755
-  group "root"
+    owner "root"
+    group "root"
+  end
 end
 
 file "/etc/letsencrypt/renewal-hooks/deploy/nginx" do

site-cookbooks/kosmos-hubot/metadata.rb

@@ -10,4 +10,4 @@ depends 'kosmos-nodejs'
 depends 'kosmos-redis'
 depends 'firewall'
 depends 'application_javascript'
-depends 'ipfs'
+depends 'kosmos-ipfs'

site-cookbooks/kosmos-hubot/recipes/_user.rb

@@ -0,0 +1,18 @@
+#
+# Cookbook Name:: kosmos-hubot
+# Recipe:: _user
+#
+# Copyright 2019, Kosmos
+#
+
+group "hubot" do
+  gid 48268
+end
+
+user "hubot" do
+  comment "hubot user"
+  manage_home true
+  uid 48268
+  gid 48268
+  shell "/bin/bash"
+end

site-cookbooks/kosmos-hubot/recipes/botka_freenode.rb

@@ -4,6 +4,11 @@
 #
 # Copyright 2017-2018, Kosmos
 #
+
+build_essential 'botka' do
+  compile_time true
+end
+
 include_recipe "kosmos-nodejs"
 include_recipe "kosmos-redis"
 

site-cookbooks/kosmos-hubot/recipes/default.rb

@@ -17,16 +17,6 @@ end
 include_recipe "kosmos-nodejs"
 include_recipe "kosmos-redis"
 
-group "hubot" do
+include_recipe "kosmos-hubot::_user"
-  gid 48268
-end
-
-user "hubot" do
-  comment "hubot user"
-  uid 48268
-  gid 48268
-  shell "/bin/bash"
-end
-
 include_recipe "kosmos-hubot::hal8000"
 include_recipe "kosmos-hubot::botka_freenode"

site-cookbooks/kosmos-hubot/recipes/hal8000.rb

@@ -4,8 +4,14 @@
 #
 # Copyright 2017-2018, Kosmos
 #
+
+build_essential 'hal8000' do
+  compile_time true
+end
+
 include_recipe "kosmos-nodejs"
 include_recipe "kosmos-redis"
+include_recipe "kosmos-hubot::_user"
 
 # Needed for hubot-kredits
 include_recipe "kosmos-ipfs"

site-cookbooks/kosmos-ipfs/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/kosmos-ipfs/metadata.rb

@@ -1,7 +1,7 @@
 name             'kosmos-ipfs'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'Installs/Configures kosmos-ipfs'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
 version          '0.1.0'

site-cookbooks/kosmos-ipfs/recipes/cluster.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-ipfs
 # Recipe:: cluster
 #
-# Copyright 2018, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 node.override['ipfs']['cluster']['version'] = '0.9.0'
 

site-cookbooks/kosmos-ipfs/recipes/default.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-ipfs
 # Recipe:: default
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 node.override['ipfs']['version'] = '0.4.18'
 node.override['ipfs']['checksum'] = '21e6c44c0fa8edf91a727f1e8257342a4c3a879462e656861b0a179e1f6a03f6'

site-cookbooks/kosmos-ipfs/recipes/letsencrypt.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-ipfs
 # Recipe:: letsencrypt
 #
-# Copyright 2019, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 include_recipe "kosmos-nginx"
 

site-cookbooks/kosmos-mastodon/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/kosmos-mastodon/metadata.rb

@@ -1,7 +1,7 @@
 name             'kosmos-mastodon'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'Installs/Configures kosmos-mastodon'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
 version          '0.1.0'
@@ -13,5 +13,5 @@ depends "poise-ruby-build"
 depends "application_ruby"
 depends "application_javascript"
 depends "postgresql"
-depends "database"
+depends "kosmos-postgresql"
 depends "backup"

site-cookbooks/kosmos-mastodon/recipes/default.rb

@@ -2,38 +2,58 @@
 # Cookbook Name:: kosmos-mastodon
 # Recipe:: default
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
 include_recipe "kosmos-nodejs"
 include_recipe "kosmos-redis"
+include_recipe "kosmos-postgresql"
 
-node.override['postgresql']['enable_pgdg_apt'] = false
+# TODO: Remove the condition once we have migrated mastodon to andromeda
-include_recipe "postgresql::server"
+unless platform?('ubuntu') && node[:platform_version].to_f < 18.04
-include_recipe "postgresql::ruby"
+  postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
-unless node.chef_environment == "development"
-  node.override['postgresql']['config_pgtune']['db_type'] = "web"
-  include_recipe "postgresql::config_pgtune"
-end
 
-postgresql_database 'mastodon' do
+  postgresql_user 'mastodon' do
-  connection(
+    action :create
-    host:     '127.0.0.1',
+    password postgresql_data_bag_item['mastodon_user_password']
-    port:     5432,
+  end
-    username: 'postgres',
+
-    password: node['postgresql']['password']['postgres']
+  postgresql_database 'mastodon' do
-  )
+    owner 'mastodon'
-  action :create
+    action :create
+  end
+else
+  postgresql_data_bag_item = {}
 end
 
 mastodon_path = node["kosmos-mastodon"]["directory"]
 
-group "mastodon" do
+mastodon_user = "mastodon"
+
+group mastodon_user do
   gid 62786
 end
 
-user "mastodon" do
+user mastodon_user do
   comment "mastodon user"
   uid 62786
   gid 62786
@@ -50,6 +70,46 @@ end
 
 ruby_version = "2.6.0"
 
+execute "systemctl daemon-reload" do
+  command "systemctl daemon-reload"
+  action :nothing
+end
+
+# mastodon-web service
+#
+template "/lib/systemd/system/mastodon-web.service" do
+  source "mastodon-web.systemd.service.erb"
+  variables user: mastodon_user,
+            app_dir: mastodon_path,
+            port: node["kosmos-mastodon"]["puma_port"],
+            bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle"
+  notifies :run, "execute[systemctl daemon-reload]", :immediately
+  notifies :restart, "service[mastodon-web]", :delayed
+end
+
+# mastodon-sidekiq service
+#
+template "/lib/systemd/system/mastodon-sidekiq.service" do
+  source "mastodon-sidekiq.systemd.service.erb"
+  variables user: mastodon_user,
+            app_dir: mastodon_path,
+            bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle",
+            sidekiq_threads: node["kosmos-mastodon"]["sidekiq_threads"]
+  notifies :run, "execute[systemctl daemon-reload]", :immediately
+  notifies :restart, "service[mastodon-sidekiq]", :delayed
+end
+
+# mastodon-streaming service
+#
+template "/lib/systemd/system/mastodon-streaming.service" do
+  source "mastodon-streaming.systemd.service.erb"
+  variables user: mastodon_user,
+            app_dir: mastodon_path,
+            port: node["kosmos-mastodon"]["streaming_port"]
+  notifies :run, "execute[systemctl daemon-reload]", :immediately
+  notifies :restart, "service[mastodon-streaming]", :delayed
+end
+
 application mastodon_path do
   owner "mastodon"
   group "mastodon"
@@ -62,19 +122,19 @@ application mastodon_path do
   end
 
   git do
-    user "mastodon"
+    user mastodon_user
-    group "mastodon"
+    group mastodon_user
     repository "https://gitea.kosmos.org/kosmos/mastodon.git"
     revision   "production"
   end
 
-  mastodon_credentials = Chef::EncryptedDataBagItem.load('credentials', 'mastodon')
+  mastodon_credentials = data_bag_item('credentials', 'mastodon')
 
   template ".env.production" do
     source "env.production.erb"
     mode  "0640"
-    owner "mastodon"
+    owner mastodon_user
-    group "mastodon"
+    group mastodon_user
     variables redis_url: node["kosmos-mastodon"]["redis_url"],
               domain: node["kosmos-mastodon"]["server_name"],
               paperclip_secret: mastodon_credentials['paperclip_secret'],
@@ -88,87 +148,57 @@ application mastodon_path do
               aws_secret_access_key: mastodon_credentials['aws_secret_access_key'],
               s3_region: "eu-west-1",
               vapid_private_key: mastodon_credentials['vapid_private_key'],
-              vapid_public_key: mastodon_credentials['vapid_public_key']
+              vapid_public_key: mastodon_credentials['vapid_public_key'],
-  end
+              db_pass: postgresql_data_bag_item['mastodon_user_password']
-
-  bundle_install do
-    user "mastodon"
-    deployment true
-    without %w(development test)
   end
 
   execute do
     environment "HOME" => mastodon_path
-    user "mastodon"
+    user mastodon_user
+    cwd mastodon_path
+    command "/opt/ruby_build/builds/#{ruby_version}/bin/bundle install --without development,test --deployment"
+  end
+
+  execute do
+    environment "HOME" => mastodon_path
+    user mastodon_user
     cwd mastodon_path
     command "yarn install --pure-lockfile"
   end
 
   rails do
-    migrate true
+    migrate false
     rails_env "production"
     precompile_assets false # buggy, done manually below
   end
 
+  execute 'rake db:migrate' do
+    environment "RAILS_ENV" => "production", "HOME" => mastodon_path
+    user mastodon_user
+    group mastodon_user
+    cwd mastodon_path
+    command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake db:migrate"
+  end
+
   # This is the only way I could find that makes compiling the assets
   # successfully for now. application_ruby's precompile_assets crashes because
   # it cannot find the bundled gems
   execute 'rake assets:precompile' do
     environment "RAILS_ENV" => "production", "HOME" => mastodon_path
-    user "mastodon"
+    user mastodon_user
-    group "mastodon"
+    group mastodon_user
     cwd mastodon_path
-    command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" /opt/ruby_build/builds/#{ruby_version}/bin/bundle exec rake assets:precompile"
+    command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake assets:precompile"
-  end
-
-  execute "systemctl daemon-reload" do
-    command "systemctl daemon-reload"
-    action :nothing
-  end
-
-  # mastodon-web service
-  #
-  template "/lib/systemd/system/mastodon-web.service" do
-    source "mastodon-web.systemd.service.erb"
-    variables user: user,
-              app_dir: mastodon_path,
-              port: node["kosmos-mastodon"]["puma_port"],
-              bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle"
-    notifies :run, "execute[systemctl daemon-reload]", :delayed
-    notifies :restart, "service[mastodon-web]", :delayed
   end
 
   service "mastodon-web" do
     action [:enable, :start]
   end
 
-  # mastodon-sidekiq service
-  #
-  template "/lib/systemd/system/mastodon-sidekiq.service" do
-    source "mastodon-sidekiq.systemd.service.erb"
-    variables user: user,
-              app_dir: mastodon_path,
-              bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle",
-              sidekiq_threads: node["kosmos-mastodon"]["sidekiq_threads"]
-    notifies :run, "execute[systemctl daemon-reload]", :delayed
-    notifies :restart, "service[mastodon-sidekiq]", :delayed
-  end
-
   service "mastodon-sidekiq" do
     action [:enable, :start]
   end
 
-  # mastodon-streaming service
-  #
-  template "/lib/systemd/system/mastodon-streaming.service" do
-    source "mastodon-streaming.systemd.service.erb"
-    variables user: user,
-              app_dir: mastodon_path,
-              port: node["kosmos-mastodon"]["streaming_port"]
-    notifies :run, "execute[systemctl daemon-reload]", :delayed
-    notifies :restart, "service[mastodon-streaming]", :delayed
-  end
-
   service "mastodon-streaming" do
     action [:enable, :start]
   end
@@ -180,8 +210,13 @@ end
 
 unless node.chef_environment == "development"
   node.override["backup"]["postgresql"]["host"]     = "localhost"
-  node.override["backup"]["postgresql"]["username"] = "postgres"
+  unless platform?('ubuntu') && node[:platform_version].to_f < 18.04
-  node.override["backup"]["postgresql"]["password"] = node['postgresql']['password']['postgres']
+    node.override["backup"]["postgresql"]["username"] = "mastodon"
+    node.override["backup"]["postgresql"]["password"] = postgres_password
+  else
+    node.override["backup"]["postgresql"]["username"] = "postgres"
+    node.override["backup"]["postgresql"]["password"] = node['postgresql']['password']['postgres']
+  end
   unless node["backup"]["postgresql"]["databases"].include? 'mastodon'
     node.override["backup"]["postgresql"]["databases"] =
       node["backup"]["postgresql"]["databases"].to_a << "mastodon"

site-cookbooks/kosmos-mastodon/recipes/nginx.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-mastodon
 # Recipe:: nginx
 #
-# Copyright 2019, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 mastodon_path = node["kosmos-mastodon"]["directory"]
 server_name   = node["kosmos-mastodon"]["server_name"]

site-cookbooks/kosmos-mastodon/templates/default/env.production.erb

@@ -1,9 +1,15 @@
 # Service dependencies
 REDIS_URL=<%= @redis_url %>
 DB_HOST=localhost
-DB_USER=postgres
 DB_NAME=mastodon
+# TODO: Remove the condition once we have migrated mastodon to andromeda
+<% if node[:platform_version].to_f < 18.04 -%>
+DB_USER=postgres
 DB_PASS=<%= node['postgresql']['password']['postgres'] %>
+<% else -%>
+DB_USER=mastodon
+DB_PASS=<%= @db_pass %>
+<% end -%>
 DB_PORT=5432
 
 # Federation

site-cookbooks/kosmos-mediawiki/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/kosmos-mediawiki/metadata.rb

@@ -1,7 +1,7 @@
 name             'kosmos-mediawiki'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'Installs/Configures kosmos-mediawiki'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
 version          '0.1.0'

site-cookbooks/kosmos-mediawiki/recipes/default.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-mediawiki
 # Recipe:: default
 #
-# Copyright 2016, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 include_recipe 'apt'
 include_recipe 'ark'
@@ -16,10 +33,10 @@ server_name = 'wiki.kosmos.org'
 # FIXME: For now run the update script manually after updating:
 #
 # sudo su - /var/www/mediawiki-1.xx.y/maintenance/update.php
-node.override['mediawiki']['version']         = "1.28.0"
+node.override['mediawiki']['version']         = "1.32.0"
 node.override['mediawiki']['webdir']          = "#{node['mediawiki']['docroot_dir']}/mediawiki-#{node['mediawiki']['version']}"
 node.override['mediawiki']['tarball']['name'] = "mediawiki-#{node['mediawiki']['version']}.tar.gz"
-node.override['mediawiki']['tarball']['url']  = "https://releases.wikimedia.org/mediawiki/1.28/#{node['mediawiki']['tarball']['name']}"
+node.override['mediawiki']['tarball']['url']  = "https://releases.wikimedia.org/mediawiki/1.32/#{node['mediawiki']['tarball']['name']}"
 node.override['mediawiki']['language_code']   = 'en'
 node.override['mediawiki']['server_name']     = server_name
 node.override['mediawiki']['site_name']       = 'Kosmos Wiki'
@@ -84,7 +101,7 @@ nginx_site server_name do
   action :enable
 end
 
-nginx_certbot_site server_name
+nginx_certbot_site server_name unless node.chef_environment == "development"
 
 #
 # Extensions

site-cookbooks/kosmos-mediawiki/templates/default/nginx.conf.erb

@@ -1,6 +1,9 @@
-<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
 server {
+        <% if node.chef_environment != "development" && File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
         listen 443 ssl;
+        <% else -%>
+        listen 80;
+        <% end -%>
         server_name <%= @server_name %>;
 
         access_log   /var/log/nginx/<%= @server_name %>.access.log;
@@ -24,7 +27,8 @@ server {
         }
 
         add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
+        <% if node.chef_environment != "development" && File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
         ssl_certificate <%= @ssl_cert %>;
         ssl_certificate_key <%= @ssl_key %>;
+        <% end -%>
 }
-<% end -%>

site-cookbooks/kosmos-nginx/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/kosmos-nginx/metadata.rb

@@ -1,7 +1,7 @@
 name             'kosmos-nginx'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'Installs/Configures kosmos-nginx'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
 version          '0.2.0'

site-cookbooks/kosmos-nginx/recipes/default.rb

@@ -2,10 +2,28 @@
 # Cookbook Name:: kosmos-nginx
 # Recipe:: default
 #
-# Copyright 2015, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
 node.override['nginx']['default_site_enabled'] = false
 node.override['nginx']['server_tokens']        = 'off'
 node.override['nginx']['log_formats']['json']  = <<-EOF

site-cookbooks/kosmos-nodejs/metadata.rb

@@ -1,7 +1,7 @@
 name             'kosmos-nodejs'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'Installs/Configures kosmos-nodejs'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
 version          '0.1.1'

site-cookbooks/kosmos-nodejs/recipes/default.rb

@@ -2,20 +2,40 @@
 # Cookbook Name:: kosmos-nodejs
 # Recipe:: default
 #
-# Copyright 2015, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 # Get package for trusty when still using vivid
 if node['lsb']['codename'] == "vivid"
-  node.override['nodejs']['install_repo'] = false
+  node.override["nodejs"]["install_repo"] = false
-  apt_repository 'node.js' do
+  apt_repository "node.js" do
     uri "https://deb.nodesource.com/node_8.x"
     distribution "trusty"
-    components ['main']
+    components ["main"]
-    keyserver node['nodejs']['keyserver']
+    keyserver node["nodejs"]["keyserver"]
-    key node['nodejs']['key']
+    key node["nodejs"]["key"]
   end
+  include_recipe "nodejs"
+else
+  node.override["nodejs"]["repo"] = "https://deb.nodesource.com/node_10.x"
+  include_recipe "nodejs::nodejs_from_package"
 end
-include_recipe 'nodejs'

site-cookbooks/kosmos-parity/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/kosmos-parity/metadata.rb

@@ -1,7 +1,7 @@
 name             'kosmos-parity'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'Installs/Configures kosmos-parity'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
 version          '0.1.0'

site-cookbooks/kosmos-parity/recipes/create_package_from_github.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-parity
 # Recipe:: create_package_from_github
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 include_recipe 'kosmos-parity::user'
 include_recipe 'build-essential'

site-cookbooks/kosmos-parity/recipes/default.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-parity
 # Recipe:: default
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 include_recipe 'kosmos-parity::user'
 

site-cookbooks/kosmos-parity/recipes/from_package.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-parity
 # Recipe:: default
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 include_recipe 'kosmos-parity::user'
 

site-cookbooks/kosmos-parity/recipes/node_dev.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-parity
 # Recipe:: node_dev
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 # Sets up a parity node running on the dev chain on port 8545 (behind nginx,
 # with HTTPS)

site-cookbooks/kosmos-parity/recipes/node_mainnet.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-parity
 # Recipe:: node_mainnet
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 # Sets up a parity node running on the mainnet chain on port 8547 (behind
 # nginx, with HTTPS)

site-cookbooks/kosmos-parity/recipes/node_testnet.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-parity
 # Recipe:: node_testnet
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 # Sets up a parity node running on the testnet chain on port 8546 (behind
 # nginx, with HTTPS)

site-cookbooks/kosmos-parity/recipes/user.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-parity
 # Recipe:: user
 #
-# Copyright 2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 group "parity" do
   gid 72748

site-cookbooks/kosmos-postfix/metadata.rb

@@ -1,7 +1,7 @@
 name             'kosmos-postfix'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'A wrapper cookbook for postfix'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
 version          '0.1.0'

site-cookbooks/kosmos-postfix/recipes/default.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-postfix
 # Recipe:: default
 #
-# Copyright 2015, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 smtp_credentials = Chef::EncryptedDataBagItem.load('credentials', 'smtp')
 

site-cookbooks/kosmos-postgresql/.gitignore

@@ -0,0 +1,22 @@
+.vagrant
+*~
+*#
+.#*
+\#*#
+.*.sw[a-z]
+*.un~
+
+# Bundler
+Gemfile.lock
+gems.locked
+bin/*
+.bundle/*
+
+# test kitchen
+.kitchen/
+.kitchen.local.yml
+
+# Chef
+Berksfile.lock
+.zero-knife.rb
+Policyfile.lock.json

site-cookbooks/kosmos-postgresql/Berksfile

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+source 'https://supermarket.chef.io'
+
+metadata

site-cookbooks/kosmos-postgresql/CHANGELOG.md

@@ -0,0 +1,5 @@
+# kosmos-postgresql CHANGELOG
+
+# 0.1.0
+
+Initial release.

site-cookbooks/kosmos-postgresql/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/kosmos-postgresql/README.md

@@ -0,0 +1,4 @@
+# kosmos-postgresql
+
+TODO: Enter the cookbook description here.
+

site-cookbooks/kosmos-postgresql/chefignore

@@ -0,0 +1,104 @@
+# Put files/directories that should be ignored in this file when uploading
+# to a chef-server or supermarket.
+# Lines that start with '# ' are comments.
+
+# OS generated files #
+######################
+.DS_Store
+Icon?
+nohup.out
+ehthumbs.db
+Thumbs.db
+
+# SASS #
+########
+.sass-cache
+
+# EDITORS #
+###########
+\#*
+.#*
+*~
+*.sw[a-z]
+*.bak
+REVISION
+TAGS*
+tmtags
+*_flymake.*
+*_flymake
+*.tmproj
+.project
+.settings
+mkmf.log
+
+## COMPILED ##
+##############
+a.out
+*.o
+*.pyc
+*.so
+*.com
+*.class
+*.dll
+*.exe
+*/rdoc/
+
+# Testing #
+###########
+.watchr
+.rspec
+spec/*
+spec/fixtures/*
+test/*
+features/*
+examples/*
+Guardfile
+Procfile
+.kitchen*
+kitchen.yml*
+.rubocop.yml
+spec/*
+Rakefile
+.travis.yml
+.foodcritic
+.codeclimate.yml
+
+# SCM #
+#######
+.git
+*/.git
+.gitignore
+.gitmodules
+.gitconfig
+.gitattributes
+.svn
+*/.bzr/*
+*/.hg/*
+*/.svn/*
+
+# Berkshelf #
+#############
+Berksfile
+Berksfile.lock
+cookbooks/*
+tmp
+
+# Bundler #
+###########
+vendor/*
+
+# Policyfile #
+##############
+Policyfile.rb
+Policyfile.lock.json
+
+# Cookbooks #
+#############
+CONTRIBUTING*
+CHANGELOG*
+TESTING*
+
+# Vagrant #
+###########
+.vagrant
+Vagrantfile

site-cookbooks/kosmos-postgresql/metadata.rb

@@ -0,0 +1,23 @@
+name 'kosmos-postgresql'
+maintainer 'Kosmos'
+maintainer_email 'ops@5apps.com'
+license 'MIT'
+description 'Installs/Configures kosmos-postgresql'
+long_description 'Installs/Configures kosmos-postgresql'
+version '0.1.0'
+chef_version '>= 12.14' if respond_to?(:chef_version)
+
+# The `issues_url` points to the location where issues for this cookbook are
+# tracked.  A `View Issues` link will be displayed on this cookbook's page when
+# uploaded to a Supermarket.
+#
+# issues_url 'https://github.com/<insert_org_here>/kosmos-postgresql/issues'
+
+# The `source_url` points to the development repository for this cookbook.  A
+# `View Source` link will be displayed on this cookbook's page when uploaded to
+# a Supermarket.
+#
+# source_url 'https://github.com/<insert_org_here>/kosmos-postgresql'
+
+depends "postgresql", ">= 7.0.0"
+depends "build-essential"

site-cookbooks/kosmos-postgresql/recipes/default.rb

@@ -0,0 +1,51 @@
+#
+# Cookbook:: kosmos-postgresql
+# Recipe:: default
+#
+# The MIT License (MIT)
+#
+# Copyright:: 2019, Kosmos Developers
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+return if platform?('ubuntu') && node[:platform_version].to_f < 18.04
+
+node.override['build-essential']['compile_time'] = true
+include_recipe 'build-essential::default'
+
+package("libpq-dev") { action :nothing }.run_action(:install)
+
+chef_gem 'pg' do
+  compile_time true
+end
+
+postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
+
+postgresql_server_install "main" do
+  version "10"
+  setup_repo false
+  password postgresql_data_bag_item['server_password']
+  action :install
+end
+
+postgresql_client_install "main" do
+  version "10"
+  setup_repo false
+  action :install
+end

site-cookbooks/kosmos-redis/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/kosmos-redis/metadata.rb

@@ -1,7 +1,7 @@
 name             'kosmos-redis'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'redis wrapper cookbook'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
 version          '0.1.0'

site-cookbooks/kosmos-redis/recipes/default.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: kosmos-redis
 # Recipe:: default
 #
-# Copyright 2015, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 node.override['redis']['unixsocket'] = ''
 include_recipe 'redis::server'

site-cookbooks/kosmos-wordpress/CHANGELOG.md

@@ -1,6 +0,0 @@
-kosmos-wordpress CHANGELOG
-==========================
-
-0.1.0
------
-- [Greg Karékinian] - Initial release of kosmos-wordpress

site-cookbooks/kosmos-wordpress/README.md

@@ -1,68 +0,0 @@
-kosmos-wordpress Cookbook
-=========================
-TODO: Enter the cookbook description here.
-
-e.g.
-This cookbook makes your favorite breakfast sandwich.
-
-Requirements
-------------
-TODO: List your cookbook requirements. Be sure to include any requirements this cookbook has on platforms, libraries, other cookbooks, packages, operating systems, etc.
-
-e.g.
-#### packages
-- `toaster` - kosmos-wordpress needs toaster to brown your bagel.
-
-Attributes
-----------
-TODO: List your cookbook attributes here.
-
-e.g.
-#### kosmos-wordpress::default
-<table>
-  <tr>
-    <th>Key</th>
-    <th>Type</th>
-    <th>Description</th>
-    <th>Default</th>
-  </tr>
-  <tr>
-    <td><tt>['kosmos-wordpress']['bacon']</tt></td>
-    <td>Boolean</td>
-    <td>whether to include bacon</td>
-    <td><tt>true</tt></td>
-  </tr>
-</table>
-
-Usage
------
-#### kosmos-wordpress::default
-TODO: Write usage instructions for each cookbook.
-
-e.g.
-Just include `kosmos-wordpress` in your node's `run_list`:
-
-```json
-{
-  "name":"my_node",
-  "run_list": [
-    "recipe[kosmos-wordpress]"
-  ]
-}
-```
-
-Contributing
-------------
-TODO: (optional) If this is a public cookbook, detail the process for contributing. If this is a private cookbook, remove this section.
-
-e.g.
-1. Fork the repository on Github
-2. Create a named feature branch (like `add_component_x`)
-3. Write your change
-4. Write tests for your change (if applicable)
-5. Run the tests, ensuring they all pass
-6. Submit a Pull Request using Github
-
-License and Authors
--------------------
-Authors: TODO: List authors

site-cookbooks/kosmos-wordpress/attributes/default.rb

@@ -1 +0,0 @@
-node.default["kosmos-wordpress"]["nginx"]["domain"] = "blog.kosmos.org"

site-cookbooks/kosmos-wordpress/metadata.rb

@@ -1,13 +0,0 @@
-name             'kosmos-wordpress'
-maintainer       'Kosmos'
-maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
-description      'Installs/Configures kosmos-wordpress'
-long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version          '0.1.0'
-
-depends 'wordpress'
-depends 'php-fpm'
-depends 'backup'
-depends 'kosmos-base'
-depends 'kosmos-nginx'

site-cookbooks/kosmos-wordpress/recipes/default.rb

@@ -1,38 +0,0 @@
-#
-# Cookbook Name:: kosmos-wordpress
-# Recipe:: default
-#
-# Copyright 2016, Kosmos
-#
-# All rights reserved - Do Not Redistribute
-#
-
-mysql_credentials = Chef::EncryptedDataBagItem.load('credentials', 'mysql')
-
-node.override['wordpress']['db']['root_password'] = mysql_credentials["root_password"]
-node.override['wordpress']['server_name']         = "blog.kosmos.org"
-node.override['wordpress']['server_aliases']      = ["blog.kosmos.org"]
-node.override['wordpress']['server_port']         = "443"
-credentials = Chef::EncryptedDataBagItem.load('credentials', 'wordpress')
-node.set['wordpress']['db']['pass']               = credentials["db_pass"]
-node.set['wordpress']['keys']['auth']             = credentials["keys_auth"]
-node.set['wordpress']['keys']['secure_auth']      = credentials["keys_secure_auth"]
-node.set['wordpress']['keys']['logged_in']        = credentials["keys_logged_in"]
-node.set['wordpress']['keys']['nonce']            = credentials["keys_nonce"]
-node.set['wordpress']['salt']['auth']             = credentials["keys_auth"]
-node.set['wordpress']['salt']['secure_auth']      = credentials["saltsecure_auth"]
-node.set['wordpress']['salt']['logged_in']        = credentials["salt_logged_in"]
-node.set['wordpress']['salt']['nonce']            = credentials["salt_nonce"]
-
-include_recipe 'kosmos-wordpress::nginx'
-
-unless node.chef_environment == "development"
-  node.override["backup"]["mysql"]["host"] = "localhost"
-  node.override["backup"]["mysql"]["username"] = "root"
-  node.override["backup"]["mysql"]["password"] = node["wordpress"]["db"]["root_password"]
-  unless node["backup"]["mysql"]["databases"].include? "wordpressdb"
-    node.override["backup"]["mysql"]["databases"] =
-      node["backup"]["mysql"]["databases"].to_a << "wordpressdb"
-  end
-  include_recipe "backup"
-end

site-cookbooks/kosmos-wordpress/recipes/nginx.rb

@@ -1,59 +0,0 @@
-#
-# Cookbook Name:: kosmos-wordpress
-# Recipe:: nginx
-#
-# Copyright 2016, Kosmos
-#
-# All rights reserved - Do Not Redistribute
-#
-
-node.set_unless['php-fpm']['pools'] = []
-
-include_recipe "php-fpm"
-include_recipe 'php-fpm::repository' unless node['php-fpm']['skip_repository_install']
-include_recipe "php-fpm::install"
-
-php_fpm_pool "www" do
-  enable false
-end
-
-php_fpm_pool "wordpress" do
-  listen "127.0.0.1:9001"
-  user node['wordpress']['install']['user']
-  group node['wordpress']['install']['group']
-  listen_owner node['wordpress']['install']['user']
-  listen_group node['wordpress']['install']['group']
-  php_options node['wordpress']['php_options']
-  start_servers 5
-  enable true
-end
-
-include_recipe "php::module_mysql"
-
-include_recipe "kosmos-nginx"
-
-include_recipe "wordpress::app"
-
-server_name = node['wordpress']['server_name']
-
-ssl_cert = "/etc/letsencrypt/live/#{server_name}/fullchain.pem"
-ssl_key  = "/etc/letsencrypt/live/#{server_name}/privkey.pem"
-template "#{node['nginx']['dir']}/sites-available/#{server_name}" do
-  source "nginx.conf.erb"
-  variables(
-    docroot:        node['wordpress']['dir'],
-    server_name:    server_name,
-    server_aliases: node['wordpress']['server_aliases'],
-    server_port:    node['wordpress']['server_port'],
-    ssl_cert:       ssl_cert,
-    ssl_key:        ssl_key
-  )
-  action :create
-  notifies :reload, "service[nginx]", :delayed
-end
-
-nginx_site server_name do
-  action :enable
-end
-
-nginx_certbot_site server_name

site-cookbooks/kosmos-wordpress/templates/default/nginx.conf.erb

@@ -1,44 +0,0 @@
-server {
-        listen 80;
-        <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
-        listen <%= @server_port %> ssl http2;
-        <% end -%>
-        server_name <%= @server_name %> <%= @server_aliases.join(" ") %>;
-
-        access_log   /var/log/nginx/<%= @server_name %>.access.log;
-        error_log    /var/log/nginx/<%= @server_name %>.error.log;
-
-        client_max_body_size 20m;
-
-        root <%= @docroot %>;
-        index index.php;
-
-        location / {
-                try_files $uri $uri/ /index.php?$args;
-                <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
-                set $redirect_to_ssl "no";
-                if ($ssl_protocol = "") {
-                        set $redirect_to_ssl "yes";
-                }
-                if ($redirect_to_ssl = yes) {
-                        rewrite ^(.*) https://$host$1 permanent;
-                }
-                <% end -%>
-        }
-
-        location ~ \.php$ {
-                try_files $uri =404;
-                include fastcgi_params;
-                fastcgi_pass 127.0.0.1:9001;
-                fastcgi_param  SCRIPT_FILENAME  <%= @docroot %>$fastcgi_script_name;
-                # Remove the HTTP_PROXY parameter, protect from the HTTPoxy vulnerability
-                # https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/
-                fastcgi_param HTTP_PROXY "";
-        }
-
-        <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
-        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
-        ssl_certificate <%= @ssl_cert %>;
-        ssl_certificate_key <%= @ssl_key %>;
-        <% end -%>
-}

site-cookbooks/sockethub/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2019 Kosmos Developers
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

site-cookbooks/sockethub/attributes/default.rb

@@ -1,4 +1,4 @@
 node.default['sockethub']['port']                 = '10551'
 node.default['sockethub']['external_port']        = '10550'
-node.default['sockethub']['revision']             = 'v2.0.5'
+node.default['sockethub']['revision']             = 'v3.0.1'
 node.default['sockethub']['nginx']['server_name'] = 'sockethub.kosmos.org'

site-cookbooks/sockethub/metadata.rb

@@ -1,10 +1,10 @@
 name             'sockethub'
 maintainer       'Kosmos'
 maintainer_email 'mail@kosmos.org'
-license          'All rights reserved'
+license          'MIT'
 description      'Installs/Configures sockethub'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version          '0.1.0'
+version          '0.1.1'
 
 depends 'application_javascript'
 depends 'kosmos-redis'

site-cookbooks/sockethub/recipes/_firewall.rb

@@ -0,0 +1,35 @@
+#
+# Cookbook Name:: sockethub
+# Recipe:: _firewall
+#
+# The MIT License (MIT)
+#
+# Copyright:: 2019, Kosmos Developers
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+unless node.chef_environment == "development"
+  include_recipe "firewall"
+  firewall_rule 'sockethub' do
+    port     node['sockethub']['external_port'].to_i
+    protocol :tcp
+    command  :allow
+  end
+end
+

site-cookbooks/sockethub/recipes/default.rb

@@ -2,10 +2,27 @@
 # Cookbook Name:: sockethub
 # Recipe:: default
 #
-# Copyright 2015-2017, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 include_recipe 'kosmos-nodejs'
 include_recipe 'kosmos-redis'
@@ -54,7 +71,9 @@ application path_to_deploy do
       app_dir: path_to_deploy,
       entry: "/usr/bin/node /usr/bin/npm start",
       environment: { 'DEBUG' => '*',
-                     'PORT' => node['sockethub']['port'] }
+                     'PORT' => node['sockethub']['port'],
+                     # Use the second database (index starts at 0)
+                     'REDIS_URL' => "redis://localhost:6379/1" }
     )
     notifies :run, "execute[systemctl daemon-reload]", :delayed
     notifies :restart, "service[sockethub_nodejs]", :delayed

site-cookbooks/sockethub/recipes/proxy.rb

@@ -2,20 +2,29 @@
 # Cookbook Name:: sockethub
 # Recipe:: proxy
 #
-# Copyright 2015-2019, Kosmos
+# The MIT License (MIT)
 #
-# All rights reserved - Do Not Redistribute
+# Copyright:: 2019, Kosmos Developers
 #
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
-unless node.chef_environment == "development"
+include_recipe 'sockethub::_firewall'
-  include_recipe "firewall"
-  firewall_rule 'sockethub' do
-    port     node['sockethub']['external_port'].to_i
-    protocol :tcp
-    command  :allow
-  end
-end
-
 include_recipe 'kosmos-nginx'
 server_name = node['sockethub']['nginx']['server_name']