kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Migrate hal8000 to new kredits and nodejs VM #445

Merged
greg merged 4 commits from feature/migrate_hal8000 into master 2022-11-04 18:14:18 +00:00
Conversation 1 Commits 4 Files Changed 17 +125 -316
17 changed files with 125 additions and 316 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nodes/fornax.kosmos.org.json
View File

@ -33,6 +33,8 @@
"kosmos_website::default", "kosmos_website::default",
"kosmos-ejabberd::nginx", "kosmos-ejabberd::nginx",
"kosmos-akkounts::nginx_api", "kosmos-akkounts::nginx_api",
"kosmos-hubot::nginx_botka_irc-libera-chat",
"kosmos-hubot::nginx_hal8000_xmpp",
"remotestorage_discourse::nginx", "remotestorage_discourse::nginx",
"kosmos_zerotier::controller", "kosmos_zerotier::controller",
"kosmos_zerotier::firewall", "kosmos_zerotier::firewall",

4
nodes/ipfs-1.json
View File

@ -74,8 +74,6 @@
"run_list": [ "run_list": [
"recipe[kosmos-base]", "recipe[kosmos-base]",
"role[kvm_guest]", "role[kvm_guest]",
"recipe[kosmos-ipfs]", "role[ipfs_gateway]"
"recipe[kosmos-ipfs::public_gateway]",
"recipe[kosmos-ipfs::kredits_pinner]"
] ]
} }

14
nodes/nodejs-4.json
View File

@ -12,7 +12,9 @@
"hostname": "nodejs-4", "hostname": "nodejs-4",
"ipaddress": "192.168.122.106", "ipaddress": "192.168.122.106",
"roles": [ "roles": [
"base",
"kvm_guest", "kvm_guest",
"hubot",
"kredits_github", "kredits_github",
"sockethub" "sockethub"
], ],
@ -21,6 +23,7 @@
"kosmos-base::default", "kosmos-base::default",
"kosmos_kvm::guest", "kosmos_kvm::guest",
"kosmos-hubot::botka_irc-libera-chat", "kosmos-hubot::botka_irc-libera-chat",
"kosmos-hubot::hal8000_xmpp",
"kredits-github", "kredits-github",
"kredits-github::default", "kredits-github::default",
"kredits-github::nginx", "kredits-github::nginx",
@ -48,11 +51,11 @@
"redisio::disable_os_default", "redisio::disable_os_default",
"redisio::configure", "redisio::configure",
"redisio::enable", "redisio::enable",
"kosmos-hubot::_user",
"kosmos-hubot::_nodejs",
"kosmos-nodejs::default", "kosmos-nodejs::default",
"nodejs::nodejs_from_package", "nodejs::nodejs_from_package",
"nodejs::repo", "nodejs::repo",
"kosmos-hubot::_user",
"kosmos-base::letsencrypt",
"kosmos-nginx::default", "kosmos-nginx::default",
"nginx::default", "nginx::default",
"nginx::package", "nginx::package",
@ -65,7 +68,8 @@
"kosmos-nginx::firewall", "kosmos-nginx::firewall",
"nodejs::npm", "nodejs::npm",
"nodejs::install", "nodejs::install",
"sockethub::firewall" "sockethub::firewall",
"kosmos-base::letsencrypt"
], ],
"platform": "ubuntu", "platform": "ubuntu",
"platform_version": "20.04", "platform_version": "20.04",
@ -82,9 +86,9 @@
} }
}, },
"run_list": [ "run_list": [
"recipe[kosmos-base]", "role[base]",
"role[kvm_guest]", "role[kvm_guest]",
"recipe[kosmos-hubot::botka_irc-libera-chat]", "role[hubot]",
"role[kredits_github]", "role[kredits_github]",
"role[sockethub]" "role[sockethub]"
] ]

12
roles/hubot.rb Normal file
View File

@ -0,0 +1,12 @@
name "hubot"
default_run_list = %w(
kosmos-hubot::botka_irc-libera-chat
kosmos-hubot::hal8000_xmpp
)
env_run_lists(
'_default' => default_run_list,
'development' => [],
'production' => default_run_list
)

13
roles/ipfs_gateway.rb Normal file
View File

@ -0,0 +1,13 @@
name "ipfs_gateway"
default_run_list = %w(
kosmos-ipfs
kosmos-ipfs::public_gateway
kosmos-ipfs::kredits_pinner
)
env_run_lists(
'_default' => default_run_list,
'development' => default_run_list,
'production' => default_run_list
)

2
roles/nginx_proxy.rb
View File

@ -8,6 +8,8 @@ default_run_list = %w(
kosmos_website::default kosmos_website::default
kosmos-ejabberd::nginx kosmos-ejabberd::nginx
kosmos-akkounts::nginx_api kosmos-akkounts::nginx_api
kosmos-hubot::nginx_botka_irc-libera-chat
kosmos-hubot::nginx_hal8000_xmpp
remotestorage_discourse::nginx remotestorage_discourse::nginx
) )

10
site-cookbooks/kosmos-hubot/attributes/default.rb
View File

@ -3,14 +3,14 @@ node.default['hal8000']['http_port'] = 8080
node.default['botka_irc-libera-chat']['http_port'] = 8081 node.default['botka_irc-libera-chat']['http_port'] = 8081
node.default['hal8000_xmpp']['http_port'] = 8082 node.default['hal8000_xmpp']['http_port'] = 8082
node.default['hal8000_xmpp']['domain'] = "hal8000.chat.kosmos.org" node.default['hal8000_xmpp']['domain'] = "hal8000.kosmos.chat"
node.default['wormhole']['http_port'] = 8083 node.default['wormhole']['http_port'] = 8083
node.default['hal8000_xmpp']['hubot_scripts'] = [ node.default['hal8000_xmpp']['hubot_scripts'] = [
"hubot-help", "hubot-redis-brain", "hubot-rules", "hubot-shipit", "hubot-help", "hubot-redis-brain", "hubot-rules", "hubot-shipit",
"hubot-plusplus", "hubot-tell", "hubot-seen", "hubot-incoming-webhook", "hubot-tell", "hubot-seen", "hubot-incoming-webhook",
"hubot-auth", "hubot-kredits", "hubot-schedule" "hubot-auth", "hubot-schedule", "@kredits/hubot-kredits"
] ]
node.default['hal8000_xmpp']['rooms'] = [ node.default['hal8000_xmpp']['rooms'] = [
@ -27,8 +27,8 @@ node.default['hal8000_xmpp']['kredits']['ipfs_host'] = 'localhost'
node.default['hal8000_xmpp']['kredits']['ipfs_port'] = '5001' node.default['hal8000_xmpp']['kredits']['ipfs_port'] = '5001'
node.default['hal8000_xmpp']['kredits']['ipfs_protocol'] = 'http' node.default['hal8000_xmpp']['kredits']['ipfs_protocol'] = 'http'
node.default['hal8000_xmpp']['kredits']['room'] = 'kredits@kosmos.chat' node.default['hal8000_xmpp']['kredits']['room'] = 'kredits@kosmos.chat'
node.default['hal8000_xmpp']['kredits']['provider_url'] = 'https://rinkeby.infura.io/v3/c5e74367261d475ab935e2f0e726482f' node.default['hal8000_xmpp']['kredits']['provider_url'] = 'https://rsk-testnet.kosmos.org'
node.default['hal8000_xmpp']['kredits']['network_id'] = '4' node.default['hal8000_xmpp']['kredits']['network_id'] = '31'
node.default['hal8000_xmpp']['kredits']['wallet_path'] = 'wallet.json' node.default['hal8000_xmpp']['kredits']['wallet_path'] = 'wallet.json'
node.default['hal8000_xmpp']['kredits']['mediawiki_url'] = 'https://wiki.kosmos.org/' node.default['hal8000_xmpp']['kredits']['mediawiki_url'] = 'https://wiki.kosmos.org/'
node.default['hal8000_xmpp']['kredits']['github_repo_blacklist'] = '67P/test-one-two' node.default['hal8000_xmpp']['kredits']['github_repo_blacklist'] = '67P/test-one-two'

3
site-cookbooks/kosmos-hubot/metadata.rb
View File

@ -6,9 +6,10 @@ description 'Configures Kosmos chat bots'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version '0.2.0' version '0.2.0'
depends 'kosmos-base'
depends 'kosmos-nodejs' depends 'kosmos-nodejs'
depends 'kosmos-ipfs'
depends 'firewall' depends 'firewall'
depends 'application_javascript' depends 'application_javascript'
depends 'kosmos-ipfs'
depends 'git' depends 'git'
depends 'redisio' depends 'redisio'

8
site-cookbooks/kosmos-hubot/recipes/_nodejs.rb Normal file
View File

@ -0,0 +1,8 @@
#
# Cookbook Name:: kosmos-hubot
# Recipe:: _nodejs
#
node.override["nodejs"]["repo"] = "https://deb.nodesource.com/node_16.x"
include_recipe "kosmos-nodejs"

120
site-cookbooks/kosmos-hubot/recipes/botka_freenode.rb
View File

@ -1,120 +0,0 @@
#
# Cookbook Name:: kosmos-hubot
# Recipe:: botka_freenode
#
app_name = "botka_freenode"
app_path = "/opt/#{app_name}"
app_user = "hubot"
app_group = "hubot"
build_essential app_name do
compile_time true
end
include_recipe 'redisio::default'
include_recipe 'redisio::enable'
include_recipe "kosmos-nodejs"
application app_path do
data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name)
owner app_user
group app_group
git do
user app_user
group app_group
repository "https://gitea.kosmos.org/kosmos/botka.git"
revision "master"
end
file "#{app_path}/external-scripts.json" do
mode "0640"
owner app_user
group app_group
content [
"hubot-help",
"hubot-redis-brain",
"hubot-remotestorage-logger",
"hubot-web-push-notifications",
].to_json
end
npm_install do
user app_user
end
execute "systemctl daemon-reload" do
command "systemctl daemon-reload"
action :nothing
end
template "/lib/systemd/system/#{app_name}.service" do
source 'nodejs.systemd.service.erb'
owner 'root'
group 'root'
mode '0644'
variables(
user: app_user,
group: app_group,
app_dir: app_path,
entry: "#{app_path}/bin/hubot -a irc",
environment: {
"HUBOT_LOG_LEVEL" => node.chef_environment == "development" ? "debug" : "info",
"HUBOT_IRC_SERVER" => "irc.freenode.net",
"HUBOT_IRC_ROOMS" => "#5apps,#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub,#opensourcedesign,#openknot,#emberjs,#mastodon,#indieweb,#lnd",
"HUBOT_IRC_NICK" => "botka",
"HUBOT_IRC_NICKSERV_USERNAME" => "botka",
"HUBOT_IRC_NICKSERV_PASSWORD" => data_bag['nickserv_password'],
"HUBOT_IRC_UNFLOOD" => "100",
"HUBOT_RSS_PRINTSUMMARY" => "false",
"HUBOT_RSS_PRINTERROR" => "false",
"HUBOT_RSS_IRCCOLORS" => "true",
"REDIS_URL" => "redis://localhost:6379/botka",
"EXPRESS_PORT" => node[app_name]['http_port'],
"HUBOT_AUTH_ADMIN" => "derbumi,galfert,gregkare,slvrbckt,raucao",
"HUBOT_HELP_REPLY_IN_PRIVATE" => "true",
"RS_LOGGER_USER" => "kosmos@5apps.com",
"RS_LOGGER_TOKEN" => data_bag['rs_logger_token'],
"RS_LOGGER_SERVER_NAME" => "freenode",
"RS_LOGGER_PUBLIC" => "true",
"GCM_API_KEY" => data_bag['gcm_api_key'],
"VAPID_SUBJECT" => "https://kosmos.org",
"VAPID_PUBLIC_KEY" => data_bag['vapid_public_key'],
"VAPID_PRIVATE_KEY" => data_bag['vapid_private_key']
}
)
notifies :run, "execute[systemctl daemon-reload]", :delayed
notifies :restart, "service[#{app_name}]", :delayed
end
service app_name do
action [:enable, :start]
end
end
#
# Nginx reverse proxy
#
unless node.chef_environment == "development"
include_recipe "kosmos-base::letsencrypt"
include_recipe "kosmos-nginx"
template "#{node['nginx']['dir']}/sites-available/#{node[app_name]['domain']}" do
source 'nginx_conf_hubot.erb'
owner node["nginx"]["user"]
mode 0640
variables express_port: node[app_name]['http_port'],
server_name: node[app_name]['domain'],
ssl_cert: "/etc/letsencrypt/live/#{node[app_name]['domain']}/fullchain.pem",
ssl_key: "/etc/letsencrypt/live/#{node[app_name]['domain']}/privkey.pem"
notifies :reload, 'service[nginx]', :delayed
end
nginx_site node[app_name]['domain'] do
action :enable
end
nginx_certbot_site node[app_name]['domain']
end

32
site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb
View File

@ -7,7 +7,6 @@ app_name = "botka_irc-libera-chat"
app_path = "/opt/#{app_name}" app_path = "/opt/#{app_name}"
app_user = "hubot" app_user = "hubot"
app_group = "hubot" app_group = "hubot"
domain = "irc-libera-chat.botka.kosmos.chat"
build_essential app_name do build_essential app_name do
compile_time true compile_time true
@ -15,8 +14,9 @@ end
include_recipe 'redisio::default' include_recipe 'redisio::default'
include_recipe 'redisio::enable' include_recipe 'redisio::enable'
include_recipe "kosmos-nodejs"
include_recipe "kosmos-hubot::_user" include_recipe "kosmos-hubot::_user"
include_recipe "kosmos-hubot::_nodejs"
include_recipe "kosmos-base::firewall"
application app_path do application app_path do
credentials = Chef::EncryptedDataBagItem.load('credentials', app_name) credentials = Chef::EncryptedDataBagItem.load('credentials', app_name)
@ -99,27 +99,9 @@ application app_path do
end end
end end
# firewall_rule app_name do
# Nginx reverse proxy port node[app_name]['http_port']
# source "10.1.1.0/24"
unless node.chef_environment == "development" protocol :tcp
include_recipe "kosmos-base::letsencrypt" command :allow
include_recipe "kosmos-nginx"
template "#{node['nginx']['dir']}/sites-available/#{domain}" do
source 'nginx_conf_hubot.erb'
owner node["nginx"]["user"]
mode 0640
variables express_port: node[app_name]['http_port'],
server_name: domain,
ssl_cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem",
ssl_key: "/etc/letsencrypt/live/#{domain}/privkey.pem"
notifies :reload, 'service[nginx]', :delayed
end
nginx_site domain do
action :enable
end
nginx_certbot_site domain
end end

12
site-cookbooks/kosmos-hubot/recipes/default.rb
View File

@ -1,12 +0,0 @@
#
# Cookbook Name:: kosmos-hubot
# Recipe:: default
#
include_recipe 'redisio::default'
include_recipe 'redisio::enable'
include_recipe "kosmos-nodejs"
include_recipe "kosmos-hubot::_user"
include_recipe "kosmos-hubot::hal8000"
include_recipe "kosmos-hubot::botka_freenode"

103
site-cookbooks/kosmos-hubot/recipes/hal8000.rb
View File

@ -1,103 +0,0 @@
#
# Cookbook Name:: kosmos-hubot
# Recipe:: hal8000
#
build_essential 'hal8000' do
compile_time true
end
include_recipe 'redisio::default'
include_recipe 'redisio::enable'
include_recipe "kosmos-nodejs"
include_recipe "kosmos-hubot::_user"
unless node.chef_environment == "development"
include_recipe 'firewall'
firewall_rule 'hubot_express_hal8000_freenode' do
port node['hal8000']['http_port']
protocol :tcp
command :allow
end
end
hal8000_freenode_data_bag_item = Chef::EncryptedDataBagItem.load('credentials', 'hal8000_freenode')
hal8000_path = "/opt/hal8000"
application hal8000_path do
owner "hubot"
group "hubot"
git do
user "hubot"
group "hubot"
repository "https://gitea.kosmos.org/kosmos/hal8000.git"
revision "master"
end
file "#{name}/external-scripts.json" do
mode "0640"
owner "hubot"
group "hubot"
content [
"hubot-help",
"hubot-read-tweet",
"hubot-redis-brain",
"hubot-rules",
"hubot-shipit",
"hubot-plusplus",
"hubot-tell",
"hubot-seen",
"hubot-incoming-webhook",
"hubot-auth",
"hubot-schedule"
].to_json
end
npm_install do
user "hubot"
end
execute "systemctl daemon-reload" do
command "systemctl daemon-reload"
action :nothing
end
template "/lib/systemd/system/hal8000_nodejs.service" do
source 'nodejs.systemd.service.erb'
owner 'root'
group 'root'
mode '0644'
variables(
user: "hubot",
group: "hubot",
app_dir: hal8000_path,
entry: "#{hal8000_path}/bin/hubot -a irc",
environment: {
# "HUBOT_LOG_LEVEL" => "error",
"HUBOT_IRC_SERVER" => "irc.freenode.net",
"HUBOT_IRC_ROOMS" => "#5apps,#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub",
"HUBOT_IRC_NICK" => "hal8000",
"HUBOT_IRC_NICKSERV_USERNAME" => "hal8000",
"HUBOT_IRC_NICKSERV_PASSWORD" => hal8000_freenode_data_bag_item['nickserv_password'],
"HUBOT_IRC_UNFLOOD" => "100",
"HUBOT_RSS_PRINTSUMMARY" => "false",
"HUBOT_RSS_PRINTERROR" => "false",
"HUBOT_RSS_IRCCOLORS" => "true",
"HUBOT_PLUSPLUS_POINTS_TERM" => "karma,karma",
"HUBOT_RSS_HEADER" => "Update:",
"HUBOT_AUTH_ADMIN" => "bkero,derbumi,galfert,gregkare,slvrbckt,raucao",
"HUBOT_HELP_REPLY_IN_PRIVATE" => "true",
"WEBHOOK_TOKEN" => hal8000_freenode_data_bag_item['webhook_token'],
"EXPRESS_PORT" => node['hal8000']['http_port']
}
)
notifies :run, "execute[systemctl daemon-reload]", :delayed
notifies :restart, "service[hal8000_nodejs]", :delayed
end
service "hal8000_nodejs" do
action [:enable, :start]
end
end

52
site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb
View File

@ -14,20 +14,9 @@ end
include_recipe 'redisio::default' include_recipe 'redisio::default'
include_recipe 'redisio::enable' include_recipe 'redisio::enable'
include_recipe "kosmos-nodejs"
include_recipe "kosmos-hubot::_user" include_recipe "kosmos-hubot::_user"
include_recipe "kosmos-hubot::_nodejs"
# Needed for hubot-kredits include_recipe "kosmos-base::firewall"
include_recipe "kosmos-ipfs"
unless node.chef_environment == "development"
include_recipe 'firewall'
firewall_rule 'ipfs_swarm_p2p' do
port 4001
protocol :tcp
command :allow
end
end
application app_path do application app_path do
data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name) data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name)
@ -53,7 +42,13 @@ application app_path do
user app_user user app_user
end end
file "#{app_path}/node_modules/hubot-kredits/.env" do ipfs_host = search(:node, "role:ipfs_gateway").first["knife_zero"]["host"]
node.override[app_name]['kredits']['ipfs_host'] = ipfs_host
rsk_node_ip = search(:node, "role:rskj_testnet").first["knife_zero"]["host"]
node.override[app_name]['kredits']['provider_url'] = "http://#{rsk_node_ip}:4444"
file "#{app_path}/node_modules/@kredits/hubot-kredits/.env" do
mode "0600" mode "0600"
owner app_user owner app_user
group app_group group app_group
@ -107,7 +102,6 @@ KREDITS_WALLET_PASSWORD=#{data_bag['kredits_wallet_password']}
"KREDITS_ROOM" => node[app_name]['kredits']['room'], "KREDITS_ROOM" => node[app_name]['kredits']['room'],
"KREDITS_WEBHOOK_TOKEN" => data_bag['kredits_webhook_token'], "KREDITS_WEBHOOK_TOKEN" => data_bag['kredits_webhook_token'],
"KREDITS_PROVIDER_URL" => node[app_name]['kredits']['provider_url'], "KREDITS_PROVIDER_URL" => node[app_name]['kredits']['provider_url'],
"KREDITS_NETWORK_ID" => node[app_name]['kredits']['network_id'],
"KREDITS_WALLET_PATH" => node[app_name]['kredits']['wallet_path'], "KREDITS_WALLET_PATH" => node[app_name]['kredits']['wallet_path'],
"KREDITS_WALLET_PASSWORD" => data_bag['kredits_wallet_password'], "KREDITS_WALLET_PASSWORD" => data_bag['kredits_wallet_password'],
"KREDITS_MEDIAWIKI_URL" => node[app_name]['kredits']['mediawiki_url'], "KREDITS_MEDIAWIKI_URL" => node[app_name]['kredits']['mediawiki_url'],
@ -135,27 +129,9 @@ KREDITS_WALLET_PASSWORD=#{data_bag['kredits_wallet_password']}
end end
end end
# firewall_rule app_name do
# Nginx reverse proxy port node[app_name]['http_port']
# source "10.1.1.0/24"
unless node.chef_environment == "development" protocol :tcp
include_recipe "kosmos-base::letsencrypt" command :allow
include_recipe "kosmos-nginx"
template "#{node['nginx']['dir']}/sites-available/#{node[app_name]['domain']}" do
source 'nginx_conf_hubot.erb'
owner node["nginx"]["user"]
mode 0640
variables express_port: node[app_name]['http_port'],
server_name: node[app_name]['domain'],
ssl_cert: "/etc/letsencrypt/live/#{node[app_name]['domain']}/fullchain.pem",
ssl_key: "/etc/letsencrypt/live/#{node[app_name]['domain']}/privkey.pem"
notifies :reload, 'service[nginx]', :delayed
end
nginx_site node[app_name]['domain'] do
action :enable
end
nginx_certbot_site node[app_name]['domain']
end end

24
site-cookbooks/kosmos-hubot/recipes/nginx_botka_irc-libera-chat.rb Normal file
View File

@ -0,0 +1,24 @@
include_recipe "kosmos-base::letsencrypt"
include_recipe "kosmos-nginx"
domain = "irc-libera-chat.botka.kosmos.chat"
nginx_certbot_site domain
upstream_host = search(:node, "role:hubot").first["knife_zero"]["host"]
template "#{node['nginx']['dir']}/sites-available/#{domain}" do
source 'nginx_conf_hubot.erb'
owner node["nginx"]["user"]
mode 0640
variables express_port: node['botka_irc-libera-chat']['http_port'],
server_name: domain,
ssl_cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem",
ssl_key: "/etc/letsencrypt/live/#{domain}/privkey.pem",
upstream_host: upstream_host
notifies :reload, 'service[nginx]', :delayed
end
nginx_site domain do
action :enable
end

24
site-cookbooks/kosmos-hubot/recipes/nginx_hal8000_xmpp.rb Normal file
View File

@ -0,0 +1,24 @@
include_recipe "kosmos-base::letsencrypt"
include_recipe "kosmos-nginx"
app_name = "hal8000_xmpp"
nginx_certbot_site node[app_name]['domain']
upstream_host = search(:node, "role:hubot").first["knife_zero"]["host"]
template "#{node['nginx']['dir']}/sites-available/#{node[app_name]['domain']}" do
source 'nginx_conf_hubot.erb'
owner node["nginx"]["user"]
mode 0640
variables express_port: node[app_name]['http_port'],
server_name: node[app_name]['domain'],
ssl_cert: "/etc/letsencrypt/live/#{node[app_name]['domain']}/fullchain.pem",
ssl_key: "/etc/letsencrypt/live/#{node[app_name]['domain']}/privkey.pem",
upstream_host: upstream_host
notifies :reload, 'service[nginx]', :delayed
end
nginx_site node[app_name]['domain'] do
action :enable
end

4
site-cookbooks/kosmos-hubot/templates/default/nginx_conf_hubot.erb
View File

@ -2,10 +2,9 @@
# Generated by Chef # Generated by Chef
# #
upstream _express_<%= @server_name.gsub(".", "_") %> { upstream _express_<%= @server_name.gsub(".", "_") %> {
server localhost:<%= @express_port %>; server <%= @upstream_host || "localhost" %>:<%= @express_port %>;
} }
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
server { server {
listen 443 ssl http2; listen 443 ssl http2;
server_name <%= @server_name %>; server_name <%= @server_name %>;
@ -26,4 +25,3 @@ server {
ssl_certificate <%= @ssl_cert %>; ssl_certificate <%= @ssl_cert %>;
ssl_certificate_key <%= @ssl_key %>; ssl_certificate_key <%= @ssl_key %>;
} }
<% end -%>