Migrate nginx sites to openresty #511
@ -43,6 +43,8 @@
|
||||
"kosmos_drone::nginx",
|
||||
"kosmos_rsk::nginx_testnet",
|
||||
"kosmos_rsk::nginx_mainnet",
|
||||
"kosmos_website",
|
||||
"kosmos_website::default",
|
||||
"kosmos_encfs",
|
||||
"kosmos_encfs::default",
|
||||
"kosmos-ejabberd::firewall",
|
||||
|
||||
@ -7,5 +7,5 @@ long_description 'Configures the main kosmos.org website'
|
||||
version '1.0.0'
|
||||
chef_version '>= 15.10' if respond_to?(:chef_version)
|
||||
|
||||
depends "kosmos-nginx"
|
||||
depends 'git'
|
||||
depends "kosmos_openresty"
|
||||
|
||||
@ -3,20 +3,16 @@
|
||||
# Recipe:: default
|
||||
#
|
||||
|
||||
include_recipe "kosmos-nginx"
|
||||
include_recipe "git"
|
||||
|
||||
domain = node["kosmos_website"]["domain"]
|
||||
|
||||
nginx_certbot_site domain
|
||||
|
||||
directory "/var/www/#{domain}/site" do
|
||||
user node["nginx"]["user"]
|
||||
group node["nginx"]["group"]
|
||||
mode "0755"
|
||||
tls_cert_for domain do
|
||||
auth "gandi_dns"
|
||||
action :create
|
||||
end
|
||||
|
||||
git "/var/www/#{domain}/site" do
|
||||
git "/var/www/#{domain}" do
|
||||
user node["nginx"]["user"]
|
||||
group node["nginx"]["group"]
|
||||
repository node["kosmos_website"]["repo"]
|
||||
@ -24,16 +20,9 @@ git "/var/www/#{domain}/site" do
|
||||
action :sync
|
||||
end
|
||||
|
||||
template "#{node["nginx"]["dir"]}/sites-available/#{domain}" do
|
||||
source "nginx_conf_website.erb"
|
||||
owner node["nginx"]["user"]
|
||||
mode 0640
|
||||
openresty_site domain do
|
||||
template "nginx_conf_website.erb"
|
||||
variables domain: domain,
|
||||
ssl_cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem",
|
||||
ssl_key: "/etc/letsencrypt/live/#{domain}/privkey.pem"
|
||||
notifies :reload, "service[nginx]", :delayed
|
||||
end
|
||||
|
||||
nginx_site domain do
|
||||
action :enable
|
||||
end
|
||||
|
||||
@ -1,12 +1,11 @@
|
||||
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
|
||||
# Generated by Chef
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name <%= @domain %>;
|
||||
listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
|
||||
root /var/www/<%= @domain %>/site/public;
|
||||
root /var/www/<%= @domain %>/public;
|
||||
|
||||
access_log off;
|
||||
gzip_static on;
|
||||
@ -29,4 +28,3 @@ server {
|
||||
proxy_pass https://accounts.kosmos.org;
|
||||
}
|
||||
}
|
||||
<% end -%>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user