147 lines
4.5 KiB
Ruby
147 lines
4.5 KiB
Ruby
#
|
|
# Cookbook:: kosmos-akkounts
|
|
# Recipe:: default
|
|
#
|
|
# The MIT License (MIT)
|
|
# Copyright:: 2020, Kosmos Developers
|
|
#
|
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
# of this software and associated documentation files (the "Software"), to deal
|
|
# in the Software without restriction, including without limitation the rights
|
|
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
# copies of the Software, and to permit persons to whom the Software is
|
|
# furnished to do so, subject to the following conditions:
|
|
#
|
|
# The above copyright notice and this permission notice shall be included in
|
|
# all copies or substantial portions of the Software.
|
|
#
|
|
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
# THE SOFTWARE.
|
|
#
|
|
app_name = "akkounts"
|
|
deploy_user = "deploy"
|
|
deploy_group = "deploy"
|
|
deploy_path = "/opt/#{app_name}"
|
|
credentials = Chef::EncryptedDataBagItem.load('credentials', app_name)
|
|
|
|
group deploy_group
|
|
|
|
user deploy_user do
|
|
group deploy_group
|
|
manage_home true
|
|
shell "/bin/bash"
|
|
end
|
|
|
|
package "libpq-dev"
|
|
|
|
include_recipe 'kosmos-nodejs'
|
|
|
|
npm_package "yarn" do
|
|
version "1.22.4"
|
|
end
|
|
|
|
ruby_version = "2.6.6"
|
|
bundle_path = "/opt/ruby_build/builds/#{ruby_version}/bin/bundle"
|
|
rails_env = node.chef_environment == "development" ? "development" : "production"
|
|
|
|
systemd_unit "akkounts.service" do
|
|
content({
|
|
Unit: {
|
|
Description: "Kosmos account management",
|
|
Documentation: ["https://gitea.kosmos.org/kosmos/akkounts"],
|
|
After: "network.target"
|
|
},
|
|
Service: {
|
|
Type: "simple",
|
|
User: deploy_user,
|
|
WorkingDirectory: deploy_path,
|
|
Environment: "RAILS_ENV=#{rails_env}",
|
|
ExecStart: "#{bundle_path} exec puma -C config/puma.rb --pidfile #{deploy_path}/tmp/puma.pid",
|
|
ExecStop: "#{bundle_path} exec puma -C config/puma.rb --pidfile #{deploy_path}/tmp/puma.pid stop",
|
|
ExecReload: "#{bundle_path} exec pumactl -F config/puma.rb --pidfile #{deploy_path}/tmp/puma.pid phased-restart",
|
|
PIDFile: "#{deploy_path}/tmp/puma.pid",
|
|
TimeoutSec: "10",
|
|
Restart: "always",
|
|
},
|
|
Install: {
|
|
WantedBy: "multi-user.target"
|
|
}
|
|
})
|
|
verify false
|
|
triggers_reload true
|
|
action [:create, :enable]
|
|
end
|
|
|
|
application deploy_path do
|
|
owner deploy_user
|
|
group deploy_group
|
|
|
|
# Take care of application restarts manually, in the git resource
|
|
action_on_update false
|
|
|
|
environment "HOME" => deploy_path,
|
|
"PATH" => "/opt/ruby_build/builds/#{ruby_version}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin"
|
|
|
|
ruby_runtime ruby_version do
|
|
provider :ruby_build
|
|
version ruby_version
|
|
end
|
|
|
|
git do
|
|
user deploy_user
|
|
group deploy_group
|
|
repository node[app_name]["repo"]
|
|
revision node[app_name]["revision"]
|
|
# Restart services on deployments
|
|
notifies :restart, "application[#{deploy_path}]", :delayed
|
|
end
|
|
|
|
file "#{deploy_path}/config/master.key" do
|
|
content credentials['rails_master_key']
|
|
mode '0400'
|
|
owner deploy_user
|
|
group deploy_group
|
|
end
|
|
|
|
execute "bundle install" do
|
|
environment "HOME" => deploy_path
|
|
user deploy_user
|
|
cwd deploy_path
|
|
command "/opt/ruby_build/builds/#{ruby_version}/bin/bundle install --without development,test --deployment"
|
|
end
|
|
|
|
execute "yarn install" do
|
|
environment "HOME" => deploy_path, "NODE_ENV" => "production"
|
|
user deploy_user
|
|
cwd deploy_path
|
|
command "yarn install --pure-lockfile"
|
|
end
|
|
|
|
execute 'rake db:migrate' do
|
|
environment "RAILS_ENV" => rails_env, "HOME" => deploy_path
|
|
user deploy_user
|
|
group deploy_group
|
|
cwd deploy_path
|
|
command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake db:migrate"
|
|
end
|
|
|
|
execute 'rake assets:precompile' do
|
|
environment "RAILS_ENV" => rails_env, "HOME" => deploy_path
|
|
user deploy_user
|
|
group deploy_group
|
|
cwd deploy_path
|
|
command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake assets:precompile"
|
|
end
|
|
|
|
service "akkounts" do
|
|
action [:enable, :start]
|
|
end
|
|
end
|
|
|
|
include_recipe 'kosmos-akkounts::nginx'
|