139 lines
4.7 KiB
Ruby
139 lines
4.7 KiB
Ruby
#
|
|
# Cookbook Name:: kosmos-hubot
|
|
# Recipe:: botka_freenode
|
|
#
|
|
# Copyright:: 2019, Kosmos Developers
|
|
#
|
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
# of this software and associated documentation files (the "Software"), to deal
|
|
# in the Software without restriction, including without limitation the rights
|
|
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
# copies of the Software, and to permit persons to whom the Software is
|
|
# furnished to do so, subject to the following conditions:
|
|
#
|
|
# The above copyright notice and this permission notice shall be included in
|
|
# all copies or substantial portions of the Software.
|
|
#
|
|
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
# THE SOFTWARE.
|
|
#
|
|
app_name = "botka_freenode"
|
|
app_path = "/opt/#{app_name}"
|
|
app_user = "hubot"
|
|
app_group = "hubot"
|
|
|
|
build_essential app_name do
|
|
compile_time true
|
|
end
|
|
|
|
include_recipe "kosmos-nodejs"
|
|
include_recipe "kosmos-redis"
|
|
|
|
application app_path do
|
|
data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name)
|
|
|
|
owner app_user
|
|
group app_group
|
|
|
|
git do
|
|
user app_user
|
|
group app_group
|
|
repository "https://gitea.kosmos.org/kosmos/botka.git"
|
|
revision "master"
|
|
end
|
|
|
|
file "#{app_path}/external-scripts.json" do
|
|
mode "0640"
|
|
owner app_user
|
|
group app_group
|
|
content [
|
|
"hubot-help",
|
|
"hubot-redis-brain",
|
|
"hubot-remotestorage-logger",
|
|
"hubot-web-push-notifications",
|
|
].to_json
|
|
end
|
|
|
|
npm_install do
|
|
user app_user
|
|
end
|
|
|
|
execute "systemctl daemon-reload" do
|
|
command "systemctl daemon-reload"
|
|
action :nothing
|
|
end
|
|
|
|
template "/lib/systemd/system/#{app_name}.service" do
|
|
source 'nodejs.systemd.service.erb'
|
|
owner 'root'
|
|
group 'root'
|
|
mode '0644'
|
|
variables(
|
|
user: app_user,
|
|
group: app_group,
|
|
app_dir: app_path,
|
|
entry: "#{app_path}/bin/hubot -a irc",
|
|
environment: {
|
|
"HUBOT_LOG_LEVEL" => node.chef_environment == "development" ? "debug" : "info",
|
|
"HUBOT_IRC_SERVER" => "irc.freenode.net",
|
|
"HUBOT_IRC_ROOMS" => "#5apps,#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub,#opensourcedesign,#openknot,#emberjs,#mastodon,#indieweb,#lnd",
|
|
"HUBOT_IRC_NICK" => "botka",
|
|
"HUBOT_IRC_NICKSERV_USERNAME" => "botka",
|
|
"HUBOT_IRC_NICKSERV_PASSWORD" => data_bag['nickserv_password'],
|
|
"HUBOT_IRC_UNFLOOD" => "100",
|
|
"HUBOT_RSS_PRINTSUMMARY" => "false",
|
|
"HUBOT_RSS_PRINTERROR" => "false",
|
|
"HUBOT_RSS_IRCCOLORS" => "true",
|
|
"REDIS_URL" => "redis://localhost:6379/botka",
|
|
"EXPRESS_PORT" => node[app_name]['http_port'],
|
|
"HUBOT_AUTH_ADMIN" => "derbumi,galfert,gregkare,slvrbckt,raucao",
|
|
"HUBOT_HELP_REPLY_IN_PRIVATE" => "true",
|
|
"RS_LOGGER_USER" => "kosmos@5apps.com",
|
|
"RS_LOGGER_TOKEN" => data_bag['rs_logger_token'],
|
|
"RS_LOGGER_SERVER_NAME" => "freenode",
|
|
"RS_LOGGER_PUBLIC" => "true",
|
|
"GCM_API_KEY" => data_bag['gcm_api_key'],
|
|
"VAPID_SUBJECT" => "https://kosmos.org",
|
|
"VAPID_PUBLIC_KEY" => data_bag['vapid_public_key'],
|
|
"VAPID_PRIVATE_KEY" => data_bag['vapid_private_key']
|
|
}
|
|
)
|
|
notifies :run, "execute[systemctl daemon-reload]", :delayed
|
|
notifies :restart, "service[#{app_name}]", :delayed
|
|
end
|
|
|
|
service app_name do
|
|
action [:enable, :start]
|
|
end
|
|
end
|
|
|
|
#
|
|
# Nginx reverse proxy
|
|
#
|
|
unless node.chef_environment == "development"
|
|
include_recipe "kosmos-base::letsencrypt"
|
|
include_recipe "kosmos-nginx"
|
|
|
|
template "#{node['nginx']['dir']}/sites-available/#{node[app_name]['domain']}" do
|
|
source 'nginx_conf_hubot.erb'
|
|
owner node["nginx"]["user"]
|
|
mode 0640
|
|
variables express_port: node[app_name]['http_port'],
|
|
server_name: node[app_name]['domain'],
|
|
ssl_cert: "/etc/letsencrypt/live/#{node[app_name]['domain']}/fullchain.pem",
|
|
ssl_key: "/etc/letsencrypt/live/#{node[app_name]['domain']}/privkey.pem"
|
|
notifies :reload, 'service[nginx]', :delayed
|
|
end
|
|
|
|
nginx_site node[app_name]['domain'] do
|
|
action :enable
|
|
end
|
|
|
|
nginx_certbot_site node[app_name]['domain']
|
|
end
|