139 lines
4.8 KiB
Ruby
139 lines
4.8 KiB
Ruby
#
|
|
# Cookbook Name:: kosmos-hubot
|
|
# Recipe:: hal8000_xmpp
|
|
#
|
|
|
|
app_name = "hal8000_xmpp"
|
|
app_path = "/opt/#{app_name}"
|
|
app_user = "hubot"
|
|
app_group = "hubot"
|
|
|
|
build_essential app_name do
|
|
compile_time true
|
|
end
|
|
|
|
include_recipe 'redisio::default'
|
|
include_recipe 'redisio::enable'
|
|
include_recipe "kosmos-hubot::_user"
|
|
include_recipe "kosmos-hubot::_nodejs"
|
|
include_recipe "kosmos-base::firewall"
|
|
|
|
data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name)
|
|
|
|
git app_path do
|
|
user app_user
|
|
group app_group
|
|
repository "https://gitea.kosmos.org/kosmos/hal8000.git"
|
|
revision "master"
|
|
notifies :restart, "systemd_unit[#{app_name}.service]", :delayed
|
|
end
|
|
|
|
file "#{app_path}/external-scripts.json" do
|
|
mode "0640"
|
|
owner app_user
|
|
group app_group
|
|
content node[app_name]['hubot_scripts'].to_json
|
|
end
|
|
|
|
execute "npm install" do
|
|
cwd app_path
|
|
environment "HOME" => app_path
|
|
user app_user
|
|
end
|
|
|
|
ipfs_host = search(:node, "role:ipfs_gateway").first["knife_zero"]["host"]
|
|
node.override[app_name]['kredits']['ipfs_host'] = ipfs_host
|
|
|
|
rsk_node_ip = search(:node, "role:rskj_testnet").first["knife_zero"]["host"]
|
|
node.override[app_name]['kredits']['provider_url'] = "http://#{rsk_node_ip}:4444"
|
|
|
|
file "#{app_path}/node_modules/@kredits/hubot-kredits/.env" do
|
|
mode "0600"
|
|
owner app_user
|
|
group app_group
|
|
content <<-EOF
|
|
GITEA_TOKEN=#{data_bag['gitea_token']}
|
|
GITHUB_TOKEN=#{data_bag['github_token']}
|
|
KREDITS_PROVIDER_URL=#{node[app_name]['kredits']['provider_url']}
|
|
IPFS_API_HOST=#{node[app_name]['kredits']['ipfs_host']}
|
|
IPFS_API_PORT=#{node[app_name]['kredits']['ipfs_port']}
|
|
IPFS_API_PROTOCOL=#{node[app_name]['kredits']['ipfs_protocol']}
|
|
KREDITS_WALLET_PATH=../../#{node[app_name]['kredits']['wallet_path']}
|
|
KREDITS_WALLET_PASSWORD=#{data_bag['kredits_wallet_password']}
|
|
EOF
|
|
end
|
|
|
|
cookbook_file "#{app_path}/wallet.json" do
|
|
source "wallet.json"
|
|
end
|
|
|
|
service_env = {
|
|
"HUBOT_LOG_LEVEL" => node.chef_environment == "development" ? "debug" : "info",
|
|
"HUBOT_XMPP_USERNAME" => "hal8000@kosmos.org/hubot",
|
|
"HUBOT_XMPP_PASSWORD" => data_bag['xmpp_password'],
|
|
"HUBOT_XMPP_HOST" => "xmpp.kosmos.org",
|
|
"HUBOT_XMPP_ROOMS" => node[app_name]['rooms'].join(','),
|
|
"HUBOT_AUTH_ADMIN" => node[app_name]['auth_admins'].join(','),
|
|
"HUBOT_RSS_PRINTSUMMARY" => "false",
|
|
"HUBOT_RSS_PRINTERROR" => "false",
|
|
"HUBOT_RSS_IRCCOLORS" => "true",
|
|
"HUBOT_PLUSPLUS_POINTS_TERM" => "karma,karma",
|
|
"HUBOT_RSS_HEADER" => "Update:",
|
|
"HUBOT_HELP_REPLY_IN_PRIVATE" => "true",
|
|
"REDIS_URL" => "redis://localhost:6379/#{app_name}",
|
|
"EXPRESS_PORT" => node[app_name]['http_port'],
|
|
"WEBHOOK_TOKEN" => data_bag['webhook_token'],
|
|
"IPFS_API_HOST" => node[app_name]['kredits']['ipfs_host'],
|
|
"IPFS_API_PORT" => node[app_name]['kredits']['ipfs_port'],
|
|
"IPFS_API_PROTOCOL" => node[app_name]['kredits']['ipfs_protocol'],
|
|
"KREDITS_WEB_URL" => node[app_name]['kredits']['web_url'],
|
|
"KREDITS_ROOM" => node[app_name]['kredits']['room'],
|
|
"KREDITS_WEBHOOK_TOKEN" => data_bag['kredits_webhook_token'],
|
|
"KREDITS_PROVIDER_URL" => node[app_name]['kredits']['provider_url'],
|
|
"KREDITS_WALLET_PATH" => node[app_name]['kredits']['wallet_path'],
|
|
"KREDITS_WALLET_PASSWORD" => data_bag['kredits_wallet_password'],
|
|
"KREDITS_MEDIAWIKI_URL" => node[app_name]['kredits']['mediawiki_url'],
|
|
"KREDITS_GITHUB_REPO_BLACKLIST" => node[app_name]['kredits']['github_repo_blacklist'],
|
|
"KREDITS_GITEA_REPO_BLACKLIST" => node[app_name]['kredits']['gitea_repo_blacklist'],
|
|
"KREDITS_GRANT_HOST" => node[app_name]['domain'],
|
|
"KREDITS_GRANT_PROTOCOL" => "https",
|
|
"KREDITS_SESSION_SECRET" => data_bag['kredits_session_secret'],
|
|
"KREDITS_GITHUB_KEY" => data_bag['kredits_github_key'],
|
|
"KREDITS_GITHUB_SECRET" => data_bag['kredits_github_secret'],
|
|
"KREDITS_ZOOM_JWT" => data_bag['kredits_zoom_jwt'],
|
|
"KREDITS_ZOOM_MEETING_WHITELIST" => "414901303,82557072771"
|
|
}
|
|
|
|
systemd_unit "#{app_name}.service" do
|
|
content({
|
|
Unit: {
|
|
Description: app_name,
|
|
Requires: "redis@6379.service",
|
|
After: "redis@6379.service"
|
|
},
|
|
|
|
Service: {
|
|
ExecStart: "#{app_path}/bin/hubot -a xmpp --name hal8000",
|
|
WorkingDirectory: app_path,
|
|
User: app_user,
|
|
Group: app_group,
|
|
Environment: service_env.map { |k, v| "'#{k}=#{v}'" },
|
|
Restart: 'always'
|
|
},
|
|
|
|
Install: {
|
|
WantedBy: 'multi-user.target'
|
|
}
|
|
})
|
|
verify false
|
|
triggers_reload true
|
|
action [:create, :enable, :start]
|
|
end
|
|
|
|
firewall_rule app_name do
|
|
port node[app_name]['http_port']
|
|
source "10.1.1.0/24"
|
|
protocol :tcp
|
|
command :allow
|
|
end
|