58b5e5ac22
This prevents a crash on the initial Chef run due to the service files not being there yet before the services gets notified to restart
192 lines
5.5 KiB
Ruby
192 lines
5.5 KiB
Ruby
#
|
|
# Cookbook Name:: kosmos-mastodon
|
|
# Recipe:: default
|
|
#
|
|
# Copyright 2017, Kosmos
|
|
#
|
|
# All rights reserved - Do Not Redistribute
|
|
#
|
|
include_recipe "kosmos-nodejs"
|
|
include_recipe "kosmos-redis"
|
|
|
|
node.override['postgresql']['enable_pgdg_apt'] = false
|
|
include_recipe "postgresql::server"
|
|
include_recipe "postgresql::ruby"
|
|
unless node.chef_environment == "development"
|
|
node.override['postgresql']['config_pgtune']['db_type'] = "web"
|
|
include_recipe "postgresql::config_pgtune"
|
|
end
|
|
|
|
postgresql_database 'mastodon' do
|
|
connection(
|
|
host: '127.0.0.1',
|
|
port: 5432,
|
|
username: 'postgres',
|
|
password: node['postgresql']['password']['postgres']
|
|
)
|
|
action :create
|
|
end
|
|
|
|
mastodon_path = node["kosmos-mastodon"]["directory"]
|
|
|
|
group "mastodon" do
|
|
gid 62786
|
|
end
|
|
|
|
user "mastodon" do
|
|
comment "mastodon user"
|
|
uid 62786
|
|
gid 62786
|
|
shell "/bin/bash"
|
|
home mastodon_path
|
|
end
|
|
|
|
package %w(imagemagick ffmpeg libxml2-dev libxslt1-dev file git curl pkg-config
|
|
libprotobuf-dev protobuf-compiler libidn11 libidn11-dev libjemalloc1)
|
|
|
|
npm_package "yarn" do
|
|
version "1.6.0"
|
|
end
|
|
|
|
ruby_version = "2.6.0"
|
|
|
|
execute "systemctl daemon-reload" do
|
|
command "systemctl daemon-reload"
|
|
action :nothing
|
|
end
|
|
|
|
# mastodon-web service
|
|
#
|
|
template "/lib/systemd/system/mastodon-web.service" do
|
|
source "mastodon-web.systemd.service.erb"
|
|
variables user: user,
|
|
app_dir: mastodon_path,
|
|
port: node["kosmos-mastodon"]["puma_port"],
|
|
bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle"
|
|
notifies :run, "execute[systemctl daemon-reload]", :immediately
|
|
notifies :restart, "service[mastodon-web]", :delayed
|
|
end
|
|
|
|
# mastodon-sidekiq service
|
|
#
|
|
template "/lib/systemd/system/mastodon-sidekiq.service" do
|
|
source "mastodon-sidekiq.systemd.service.erb"
|
|
variables user: user,
|
|
app_dir: mastodon_path,
|
|
bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle",
|
|
sidekiq_threads: node["kosmos-mastodon"]["sidekiq_threads"]
|
|
notifies :run, "execute[systemctl daemon-reload]", :immediately
|
|
notifies :restart, "service[mastodon-sidekiq]", :delayed
|
|
end
|
|
|
|
# mastodon-streaming service
|
|
#
|
|
template "/lib/systemd/system/mastodon-streaming.service" do
|
|
source "mastodon-streaming.systemd.service.erb"
|
|
variables user: user,
|
|
app_dir: mastodon_path,
|
|
port: node["kosmos-mastodon"]["streaming_port"]
|
|
notifies :run, "execute[systemctl daemon-reload]", :immediately
|
|
notifies :restart, "service[mastodon-streaming]", :delayed
|
|
end
|
|
|
|
application mastodon_path do
|
|
owner "mastodon"
|
|
group "mastodon"
|
|
|
|
environment "HOME" => mastodon_path
|
|
|
|
ruby_runtime ruby_version do
|
|
provider :ruby_build
|
|
version ruby_version
|
|
end
|
|
|
|
git do
|
|
user "mastodon"
|
|
group "mastodon"
|
|
repository "https://gitea.kosmos.org/kosmos/mastodon.git"
|
|
revision "production"
|
|
end
|
|
|
|
mastodon_credentials = Chef::EncryptedDataBagItem.load('credentials', 'mastodon')
|
|
|
|
template ".env.production" do
|
|
source "env.production.erb"
|
|
mode "0640"
|
|
owner "mastodon"
|
|
group "mastodon"
|
|
variables redis_url: node["kosmos-mastodon"]["redis_url"],
|
|
domain: node["kosmos-mastodon"]["server_name"],
|
|
paperclip_secret: mastodon_credentials['paperclip_secret'],
|
|
secret_key_base: mastodon_credentials['secret_key_base'],
|
|
otp_secret: mastodon_credentials['otp_secret'],
|
|
smtp_login: mastodon_credentials['smtp_user_name'],
|
|
smtp_password: mastodon_credentials['smtp_password'],
|
|
smtp_from_address: "mail@#{node['kosmos-mastodon']['server_name']}",
|
|
s3_bucket: "kosmos-social",
|
|
aws_access_key_id: mastodon_credentials['aws_access_key_id'],
|
|
aws_secret_access_key: mastodon_credentials['aws_secret_access_key'],
|
|
s3_region: "eu-west-1",
|
|
vapid_private_key: mastodon_credentials['vapid_private_key'],
|
|
vapid_public_key: mastodon_credentials['vapid_public_key']
|
|
end
|
|
|
|
bundle_install do
|
|
user "mastodon"
|
|
deployment true
|
|
without %w(development test)
|
|
end
|
|
|
|
execute do
|
|
environment "HOME" => mastodon_path
|
|
user "mastodon"
|
|
cwd mastodon_path
|
|
command "yarn install --pure-lockfile"
|
|
end
|
|
|
|
rails do
|
|
migrate true
|
|
rails_env "production"
|
|
precompile_assets false # buggy, done manually below
|
|
end
|
|
|
|
# This is the only way I could find that makes compiling the assets
|
|
# successfully for now. application_ruby's precompile_assets crashes because
|
|
# it cannot find the bundled gems
|
|
execute 'rake assets:precompile' do
|
|
environment "RAILS_ENV" => "production", "HOME" => mastodon_path
|
|
user "mastodon"
|
|
group "mastodon"
|
|
cwd mastodon_path
|
|
command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" /opt/ruby_build/builds/#{ruby_version}/bin/bundle exec rake assets:precompile"
|
|
end
|
|
|
|
service "mastodon-web" do
|
|
action [:enable, :start]
|
|
end
|
|
|
|
service "mastodon-sidekiq" do
|
|
action [:enable, :start]
|
|
end
|
|
|
|
service "mastodon-streaming" do
|
|
action [:enable, :start]
|
|
end
|
|
end
|
|
|
|
#
|
|
# Backup
|
|
#
|
|
|
|
unless node.chef_environment == "development"
|
|
node.override["backup"]["postgresql"]["host"] = "localhost"
|
|
node.override["backup"]["postgresql"]["username"] = "postgres"
|
|
node.override["backup"]["postgresql"]["password"] = node['postgresql']['password']['postgres']
|
|
unless node["backup"]["postgresql"]["databases"].include? 'mastodon'
|
|
node.override["backup"]["postgresql"]["databases"] =
|
|
node["backup"]["postgresql"]["databases"].to_a << "mastodon"
|
|
end
|
|
|
|
include_recipe "backup"
|
|
end
|