diff --git a/nodes/fornax.kosmos.org.json b/nodes/fornax.kosmos.org.json index ba22c12..8be8647 100644 --- a/nodes/fornax.kosmos.org.json +++ b/nodes/fornax.kosmos.org.json @@ -33,6 +33,8 @@ "kosmos_website::default", "kosmos-ejabberd::nginx", "kosmos-akkounts::nginx_api", + "kosmos-hubot::nginx_botka_irc-libera-chat", + "kosmos-hubot::nginx_hal8000_xmpp", "remotestorage_discourse::nginx", "kosmos_zerotier::controller", "kosmos_zerotier::firewall", diff --git a/nodes/ipfs-1.json b/nodes/ipfs-1.json index c26d26b..7ac3f1b 100644 --- a/nodes/ipfs-1.json +++ b/nodes/ipfs-1.json @@ -74,8 +74,6 @@ "run_list": [ "recipe[kosmos-base]", "role[kvm_guest]", - "recipe[kosmos-ipfs]", - "recipe[kosmos-ipfs::public_gateway]", - "recipe[kosmos-ipfs::kredits_pinner]" + "role[ipfs_gateway]" ] -} \ No newline at end of file +} diff --git a/nodes/nodejs-4.json b/nodes/nodejs-4.json index c974ec9..d711ed9 100644 --- a/nodes/nodejs-4.json +++ b/nodes/nodejs-4.json @@ -12,7 +12,9 @@ "hostname": "nodejs-4", "ipaddress": "192.168.122.106", "roles": [ + "base", "kvm_guest", + "hubot", "kredits_github", "sockethub" ], @@ -21,6 +23,7 @@ "kosmos-base::default", "kosmos_kvm::guest", "kosmos-hubot::botka_irc-libera-chat", + "kosmos-hubot::hal8000_xmpp", "kredits-github", "kredits-github::default", "kredits-github::nginx", @@ -48,11 +51,11 @@ "redisio::disable_os_default", "redisio::configure", "redisio::enable", + "kosmos-hubot::_user", + "kosmos-hubot::_nodejs", "kosmos-nodejs::default", "nodejs::nodejs_from_package", "nodejs::repo", - "kosmos-hubot::_user", - "kosmos-base::letsencrypt", "kosmos-nginx::default", "nginx::default", "nginx::package", @@ -65,7 +68,8 @@ "kosmos-nginx::firewall", "nodejs::npm", "nodejs::install", - "sockethub::firewall" + "sockethub::firewall", + "kosmos-base::letsencrypt" ], "platform": "ubuntu", "platform_version": "20.04", @@ -82,9 +86,9 @@ } }, "run_list": [ - "recipe[kosmos-base]", + "role[base]", "role[kvm_guest]", - "recipe[kosmos-hubot::botka_irc-libera-chat]", + "role[hubot]", "role[kredits_github]", "role[sockethub]" ] diff --git a/roles/hubot.rb b/roles/hubot.rb new file mode 100644 index 0000000..9bdc549 --- /dev/null +++ b/roles/hubot.rb @@ -0,0 +1,12 @@ +name "hubot" + +default_run_list = %w( + kosmos-hubot::botka_irc-libera-chat + kosmos-hubot::hal8000_xmpp +) + +env_run_lists( + '_default' => default_run_list, + 'development' => [], + 'production' => default_run_list +) diff --git a/roles/ipfs_gateway.rb b/roles/ipfs_gateway.rb new file mode 100644 index 0000000..de87101 --- /dev/null +++ b/roles/ipfs_gateway.rb @@ -0,0 +1,13 @@ +name "ipfs_gateway" + +default_run_list = %w( + kosmos-ipfs + kosmos-ipfs::public_gateway + kosmos-ipfs::kredits_pinner +) + +env_run_lists( + '_default' => default_run_list, + 'development' => default_run_list, + 'production' => default_run_list +) diff --git a/roles/nginx_proxy.rb b/roles/nginx_proxy.rb index 55a64a3..8f4109b 100644 --- a/roles/nginx_proxy.rb +++ b/roles/nginx_proxy.rb @@ -8,6 +8,8 @@ default_run_list = %w( kosmos_website::default kosmos-ejabberd::nginx kosmos-akkounts::nginx_api + kosmos-hubot::nginx_botka_irc-libera-chat + kosmos-hubot::nginx_hal8000_xmpp remotestorage_discourse::nginx ) diff --git a/site-cookbooks/kosmos-hubot/attributes/default.rb b/site-cookbooks/kosmos-hubot/attributes/default.rb index 250134f..bfac99f 100644 --- a/site-cookbooks/kosmos-hubot/attributes/default.rb +++ b/site-cookbooks/kosmos-hubot/attributes/default.rb @@ -3,14 +3,14 @@ node.default['hal8000']['http_port'] = 8080 node.default['botka_irc-libera-chat']['http_port'] = 8081 node.default['hal8000_xmpp']['http_port'] = 8082 -node.default['hal8000_xmpp']['domain'] = "hal8000.chat.kosmos.org" +node.default['hal8000_xmpp']['domain'] = "hal8000.kosmos.chat" node.default['wormhole']['http_port'] = 8083 node.default['hal8000_xmpp']['hubot_scripts'] = [ "hubot-help", "hubot-redis-brain", "hubot-rules", "hubot-shipit", - "hubot-plusplus", "hubot-tell", "hubot-seen", "hubot-incoming-webhook", - "hubot-auth", "hubot-kredits", "hubot-schedule" + "hubot-tell", "hubot-seen", "hubot-incoming-webhook", + "hubot-auth", "hubot-schedule", "@kredits/hubot-kredits" ] node.default['hal8000_xmpp']['rooms'] = [ @@ -27,8 +27,8 @@ node.default['hal8000_xmpp']['kredits']['ipfs_host'] = 'localhost' node.default['hal8000_xmpp']['kredits']['ipfs_port'] = '5001' node.default['hal8000_xmpp']['kredits']['ipfs_protocol'] = 'http' node.default['hal8000_xmpp']['kredits']['room'] = 'kredits@kosmos.chat' -node.default['hal8000_xmpp']['kredits']['provider_url'] = 'https://rinkeby.infura.io/v3/c5e74367261d475ab935e2f0e726482f' -node.default['hal8000_xmpp']['kredits']['network_id'] = '4' +node.default['hal8000_xmpp']['kredits']['provider_url'] = 'https://rsk-testnet.kosmos.org' +node.default['hal8000_xmpp']['kredits']['network_id'] = '31' node.default['hal8000_xmpp']['kredits']['wallet_path'] = 'wallet.json' node.default['hal8000_xmpp']['kredits']['mediawiki_url'] = 'https://wiki.kosmos.org/' node.default['hal8000_xmpp']['kredits']['github_repo_blacklist'] = '67P/test-one-two' diff --git a/site-cookbooks/kosmos-hubot/metadata.rb b/site-cookbooks/kosmos-hubot/metadata.rb index b2094c9..75f13c4 100644 --- a/site-cookbooks/kosmos-hubot/metadata.rb +++ b/site-cookbooks/kosmos-hubot/metadata.rb @@ -6,9 +6,10 @@ description 'Configures Kosmos chat bots' long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) version '0.2.0' +depends 'kosmos-base' depends 'kosmos-nodejs' +depends 'kosmos-ipfs' depends 'firewall' depends 'application_javascript' -depends 'kosmos-ipfs' depends 'git' depends 'redisio' diff --git a/site-cookbooks/kosmos-hubot/recipes/_nodejs.rb b/site-cookbooks/kosmos-hubot/recipes/_nodejs.rb new file mode 100644 index 0000000..3a0fb57 --- /dev/null +++ b/site-cookbooks/kosmos-hubot/recipes/_nodejs.rb @@ -0,0 +1,8 @@ +# +# Cookbook Name:: kosmos-hubot +# Recipe:: _nodejs +# + +node.override["nodejs"]["repo"] = "https://deb.nodesource.com/node_16.x" + +include_recipe "kosmos-nodejs" diff --git a/site-cookbooks/kosmos-hubot/recipes/botka_freenode.rb b/site-cookbooks/kosmos-hubot/recipes/botka_freenode.rb deleted file mode 100644 index 16cd272..0000000 --- a/site-cookbooks/kosmos-hubot/recipes/botka_freenode.rb +++ /dev/null @@ -1,120 +0,0 @@ -# -# Cookbook Name:: kosmos-hubot -# Recipe:: botka_freenode -# - -app_name = "botka_freenode" -app_path = "/opt/#{app_name}" -app_user = "hubot" -app_group = "hubot" - -build_essential app_name do - compile_time true -end - -include_recipe 'redisio::default' -include_recipe 'redisio::enable' -include_recipe "kosmos-nodejs" - -application app_path do - data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name) - - owner app_user - group app_group - - git do - user app_user - group app_group - repository "https://gitea.kosmos.org/kosmos/botka.git" - revision "master" - end - - file "#{app_path}/external-scripts.json" do - mode "0640" - owner app_user - group app_group - content [ - "hubot-help", - "hubot-redis-brain", - "hubot-remotestorage-logger", - "hubot-web-push-notifications", - ].to_json - end - - npm_install do - user app_user - end - - execute "systemctl daemon-reload" do - command "systemctl daemon-reload" - action :nothing - end - - template "/lib/systemd/system/#{app_name}.service" do - source 'nodejs.systemd.service.erb' - owner 'root' - group 'root' - mode '0644' - variables( - user: app_user, - group: app_group, - app_dir: app_path, - entry: "#{app_path}/bin/hubot -a irc", - environment: { - "HUBOT_LOG_LEVEL" => node.chef_environment == "development" ? "debug" : "info", - "HUBOT_IRC_SERVER" => "irc.freenode.net", - "HUBOT_IRC_ROOMS" => "#5apps,#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub,#opensourcedesign,#openknot,#emberjs,#mastodon,#indieweb,#lnd", - "HUBOT_IRC_NICK" => "botka", - "HUBOT_IRC_NICKSERV_USERNAME" => "botka", - "HUBOT_IRC_NICKSERV_PASSWORD" => data_bag['nickserv_password'], - "HUBOT_IRC_UNFLOOD" => "100", - "HUBOT_RSS_PRINTSUMMARY" => "false", - "HUBOT_RSS_PRINTERROR" => "false", - "HUBOT_RSS_IRCCOLORS" => "true", - "REDIS_URL" => "redis://localhost:6379/botka", - "EXPRESS_PORT" => node[app_name]['http_port'], - "HUBOT_AUTH_ADMIN" => "derbumi,galfert,gregkare,slvrbckt,raucao", - "HUBOT_HELP_REPLY_IN_PRIVATE" => "true", - "RS_LOGGER_USER" => "kosmos@5apps.com", - "RS_LOGGER_TOKEN" => data_bag['rs_logger_token'], - "RS_LOGGER_SERVER_NAME" => "freenode", - "RS_LOGGER_PUBLIC" => "true", - "GCM_API_KEY" => data_bag['gcm_api_key'], - "VAPID_SUBJECT" => "https://kosmos.org", - "VAPID_PUBLIC_KEY" => data_bag['vapid_public_key'], - "VAPID_PRIVATE_KEY" => data_bag['vapid_private_key'] - } - ) - notifies :run, "execute[systemctl daemon-reload]", :delayed - notifies :restart, "service[#{app_name}]", :delayed - end - - service app_name do - action [:enable, :start] - end -end - -# -# Nginx reverse proxy -# -unless node.chef_environment == "development" - include_recipe "kosmos-base::letsencrypt" - include_recipe "kosmos-nginx" - - template "#{node['nginx']['dir']}/sites-available/#{node[app_name]['domain']}" do - source 'nginx_conf_hubot.erb' - owner node["nginx"]["user"] - mode 0640 - variables express_port: node[app_name]['http_port'], - server_name: node[app_name]['domain'], - ssl_cert: "/etc/letsencrypt/live/#{node[app_name]['domain']}/fullchain.pem", - ssl_key: "/etc/letsencrypt/live/#{node[app_name]['domain']}/privkey.pem" - notifies :reload, 'service[nginx]', :delayed - end - - nginx_site node[app_name]['domain'] do - action :enable - end - - nginx_certbot_site node[app_name]['domain'] -end diff --git a/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb b/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb index d30ad9d..52d4c87 100644 --- a/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb +++ b/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb @@ -7,7 +7,6 @@ app_name = "botka_irc-libera-chat" app_path = "/opt/#{app_name}" app_user = "hubot" app_group = "hubot" -domain = "irc-libera-chat.botka.kosmos.chat" build_essential app_name do compile_time true @@ -15,8 +14,9 @@ end include_recipe 'redisio::default' include_recipe 'redisio::enable' -include_recipe "kosmos-nodejs" include_recipe "kosmos-hubot::_user" +include_recipe "kosmos-hubot::_nodejs" +include_recipe "kosmos-base::firewall" application app_path do credentials = Chef::EncryptedDataBagItem.load('credentials', app_name) @@ -99,27 +99,9 @@ application app_path do end end -# -# Nginx reverse proxy -# -unless node.chef_environment == "development" - include_recipe "kosmos-base::letsencrypt" - include_recipe "kosmos-nginx" - - template "#{node['nginx']['dir']}/sites-available/#{domain}" do - source 'nginx_conf_hubot.erb' - owner node["nginx"]["user"] - mode 0640 - variables express_port: node[app_name]['http_port'], - server_name: domain, - ssl_cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem", - ssl_key: "/etc/letsencrypt/live/#{domain}/privkey.pem" - notifies :reload, 'service[nginx]', :delayed - end - - nginx_site domain do - action :enable - end - - nginx_certbot_site domain +firewall_rule app_name do + port node[app_name]['http_port'] + source "10.1.1.0/24" + protocol :tcp + command :allow end diff --git a/site-cookbooks/kosmos-hubot/recipes/default.rb b/site-cookbooks/kosmos-hubot/recipes/default.rb deleted file mode 100644 index bd18edc..0000000 --- a/site-cookbooks/kosmos-hubot/recipes/default.rb +++ /dev/null @@ -1,12 +0,0 @@ -# -# Cookbook Name:: kosmos-hubot -# Recipe:: default -# - -include_recipe 'redisio::default' -include_recipe 'redisio::enable' -include_recipe "kosmos-nodejs" - -include_recipe "kosmos-hubot::_user" -include_recipe "kosmos-hubot::hal8000" -include_recipe "kosmos-hubot::botka_freenode" diff --git a/site-cookbooks/kosmos-hubot/recipes/hal8000.rb b/site-cookbooks/kosmos-hubot/recipes/hal8000.rb deleted file mode 100644 index 20a5983..0000000 --- a/site-cookbooks/kosmos-hubot/recipes/hal8000.rb +++ /dev/null @@ -1,103 +0,0 @@ -# -# Cookbook Name:: kosmos-hubot -# Recipe:: hal8000 -# - -build_essential 'hal8000' do - compile_time true -end - -include_recipe 'redisio::default' -include_recipe 'redisio::enable' -include_recipe "kosmos-nodejs" -include_recipe "kosmos-hubot::_user" - -unless node.chef_environment == "development" - include_recipe 'firewall' - firewall_rule 'hubot_express_hal8000_freenode' do - port node['hal8000']['http_port'] - protocol :tcp - command :allow - end -end - -hal8000_freenode_data_bag_item = Chef::EncryptedDataBagItem.load('credentials', 'hal8000_freenode') - -hal8000_path = "/opt/hal8000" -application hal8000_path do - owner "hubot" - group "hubot" - - git do - user "hubot" - group "hubot" - repository "https://gitea.kosmos.org/kosmos/hal8000.git" - revision "master" - end - - file "#{name}/external-scripts.json" do - mode "0640" - owner "hubot" - group "hubot" - content [ - "hubot-help", - "hubot-read-tweet", - "hubot-redis-brain", - "hubot-rules", - "hubot-shipit", - "hubot-plusplus", - "hubot-tell", - "hubot-seen", - "hubot-incoming-webhook", - "hubot-auth", - "hubot-schedule" - ].to_json - end - - npm_install do - user "hubot" - end - - execute "systemctl daemon-reload" do - command "systemctl daemon-reload" - action :nothing - end - - template "/lib/systemd/system/hal8000_nodejs.service" do - source 'nodejs.systemd.service.erb' - owner 'root' - group 'root' - mode '0644' - variables( - user: "hubot", - group: "hubot", - app_dir: hal8000_path, - entry: "#{hal8000_path}/bin/hubot -a irc", - environment: { - # "HUBOT_LOG_LEVEL" => "error", - "HUBOT_IRC_SERVER" => "irc.freenode.net", - "HUBOT_IRC_ROOMS" => "#5apps,#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub", - "HUBOT_IRC_NICK" => "hal8000", - "HUBOT_IRC_NICKSERV_USERNAME" => "hal8000", - "HUBOT_IRC_NICKSERV_PASSWORD" => hal8000_freenode_data_bag_item['nickserv_password'], - "HUBOT_IRC_UNFLOOD" => "100", - "HUBOT_RSS_PRINTSUMMARY" => "false", - "HUBOT_RSS_PRINTERROR" => "false", - "HUBOT_RSS_IRCCOLORS" => "true", - "HUBOT_PLUSPLUS_POINTS_TERM" => "karma,karma", - "HUBOT_RSS_HEADER" => "Update:", - "HUBOT_AUTH_ADMIN" => "bkero,derbumi,galfert,gregkare,slvrbckt,raucao", - "HUBOT_HELP_REPLY_IN_PRIVATE" => "true", - "WEBHOOK_TOKEN" => hal8000_freenode_data_bag_item['webhook_token'], - "EXPRESS_PORT" => node['hal8000']['http_port'] - } - ) - notifies :run, "execute[systemctl daemon-reload]", :delayed - notifies :restart, "service[hal8000_nodejs]", :delayed - end - - service "hal8000_nodejs" do - action [:enable, :start] - end -end - diff --git a/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb b/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb index 818ff6e..f83e084 100644 --- a/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb +++ b/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb @@ -14,20 +14,9 @@ end include_recipe 'redisio::default' include_recipe 'redisio::enable' -include_recipe "kosmos-nodejs" include_recipe "kosmos-hubot::_user" - -# Needed for hubot-kredits -include_recipe "kosmos-ipfs" - -unless node.chef_environment == "development" - include_recipe 'firewall' - firewall_rule 'ipfs_swarm_p2p' do - port 4001 - protocol :tcp - command :allow - end -end +include_recipe "kosmos-hubot::_nodejs" +include_recipe "kosmos-base::firewall" application app_path do data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name) @@ -53,7 +42,13 @@ application app_path do user app_user end - file "#{app_path}/node_modules/hubot-kredits/.env" do + ipfs_host = search(:node, "role:ipfs_gateway").first["knife_zero"]["host"] + node.override[app_name]['kredits']['ipfs_host'] = ipfs_host + + rsk_node_ip = search(:node, "role:rskj_testnet").first["knife_zero"]["host"] + node.override[app_name]['kredits']['provider_url'] = "http://#{rsk_node_ip}:4444" + + file "#{app_path}/node_modules/@kredits/hubot-kredits/.env" do mode "0600" owner app_user group app_group @@ -107,7 +102,6 @@ KREDITS_WALLET_PASSWORD=#{data_bag['kredits_wallet_password']} "KREDITS_ROOM" => node[app_name]['kredits']['room'], "KREDITS_WEBHOOK_TOKEN" => data_bag['kredits_webhook_token'], "KREDITS_PROVIDER_URL" => node[app_name]['kredits']['provider_url'], - "KREDITS_NETWORK_ID" => node[app_name]['kredits']['network_id'], "KREDITS_WALLET_PATH" => node[app_name]['kredits']['wallet_path'], "KREDITS_WALLET_PASSWORD" => data_bag['kredits_wallet_password'], "KREDITS_MEDIAWIKI_URL" => node[app_name]['kredits']['mediawiki_url'], @@ -135,27 +129,9 @@ KREDITS_WALLET_PASSWORD=#{data_bag['kredits_wallet_password']} end end -# -# Nginx reverse proxy -# -unless node.chef_environment == "development" - include_recipe "kosmos-base::letsencrypt" - include_recipe "kosmos-nginx" - - template "#{node['nginx']['dir']}/sites-available/#{node[app_name]['domain']}" do - source 'nginx_conf_hubot.erb' - owner node["nginx"]["user"] - mode 0640 - variables express_port: node[app_name]['http_port'], - server_name: node[app_name]['domain'], - ssl_cert: "/etc/letsencrypt/live/#{node[app_name]['domain']}/fullchain.pem", - ssl_key: "/etc/letsencrypt/live/#{node[app_name]['domain']}/privkey.pem" - notifies :reload, 'service[nginx]', :delayed - end - - nginx_site node[app_name]['domain'] do - action :enable - end - - nginx_certbot_site node[app_name]['domain'] +firewall_rule app_name do + port node[app_name]['http_port'] + source "10.1.1.0/24" + protocol :tcp + command :allow end diff --git a/site-cookbooks/kosmos-hubot/recipes/nginx_botka_irc-libera-chat.rb b/site-cookbooks/kosmos-hubot/recipes/nginx_botka_irc-libera-chat.rb new file mode 100644 index 0000000..df0ba8f --- /dev/null +++ b/site-cookbooks/kosmos-hubot/recipes/nginx_botka_irc-libera-chat.rb @@ -0,0 +1,24 @@ +include_recipe "kosmos-base::letsencrypt" +include_recipe "kosmos-nginx" + +domain = "irc-libera-chat.botka.kosmos.chat" + +nginx_certbot_site domain + +upstream_host = search(:node, "role:hubot").first["knife_zero"]["host"] + +template "#{node['nginx']['dir']}/sites-available/#{domain}" do + source 'nginx_conf_hubot.erb' + owner node["nginx"]["user"] + mode 0640 + variables express_port: node['botka_irc-libera-chat']['http_port'], + server_name: domain, + ssl_cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem", + ssl_key: "/etc/letsencrypt/live/#{domain}/privkey.pem", + upstream_host: upstream_host + notifies :reload, 'service[nginx]', :delayed +end + +nginx_site domain do + action :enable +end diff --git a/site-cookbooks/kosmos-hubot/recipes/nginx_hal8000_xmpp.rb b/site-cookbooks/kosmos-hubot/recipes/nginx_hal8000_xmpp.rb new file mode 100644 index 0000000..75f9d12 --- /dev/null +++ b/site-cookbooks/kosmos-hubot/recipes/nginx_hal8000_xmpp.rb @@ -0,0 +1,24 @@ +include_recipe "kosmos-base::letsencrypt" +include_recipe "kosmos-nginx" + +app_name = "hal8000_xmpp" + +nginx_certbot_site node[app_name]['domain'] + +upstream_host = search(:node, "role:hubot").first["knife_zero"]["host"] + +template "#{node['nginx']['dir']}/sites-available/#{node[app_name]['domain']}" do + source 'nginx_conf_hubot.erb' + owner node["nginx"]["user"] + mode 0640 + variables express_port: node[app_name]['http_port'], + server_name: node[app_name]['domain'], + ssl_cert: "/etc/letsencrypt/live/#{node[app_name]['domain']}/fullchain.pem", + ssl_key: "/etc/letsencrypt/live/#{node[app_name]['domain']}/privkey.pem", + upstream_host: upstream_host + notifies :reload, 'service[nginx]', :delayed +end + +nginx_site node[app_name]['domain'] do + action :enable +end diff --git a/site-cookbooks/kosmos-hubot/templates/default/nginx_conf_hubot.erb b/site-cookbooks/kosmos-hubot/templates/default/nginx_conf_hubot.erb index e7848c1..6265688 100644 --- a/site-cookbooks/kosmos-hubot/templates/default/nginx_conf_hubot.erb +++ b/site-cookbooks/kosmos-hubot/templates/default/nginx_conf_hubot.erb @@ -2,10 +2,9 @@ # Generated by Chef # upstream _express_<%= @server_name.gsub(".", "_") %> { - server localhost:<%= @express_port %>; + server <%= @upstream_host || "localhost" %>:<%= @express_port %>; } -<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%> server { listen 443 ssl http2; server_name <%= @server_name %>; @@ -26,4 +25,3 @@ server { ssl_certificate <%= @ssl_cert %>; ssl_certificate_key <%= @ssl_key %>; } -<% end -%>