51 lines
1.2 KiB
Ruby
51 lines
1.2 KiB
Ruby
#
|
|
# Cookbook Name:: sockethub
|
|
# Recipe:: proxy
|
|
#
|
|
# Copyright 2015, Kosmos
|
|
#
|
|
# All rights reserved - Do Not Redistribute
|
|
#
|
|
|
|
firewall_rule 'sockethub' do
|
|
port node['sockethub']['external_port'].to_i
|
|
protocol :tcp
|
|
action :allow
|
|
end
|
|
|
|
include_recipe 'kosmos-nginx'
|
|
|
|
data_bag_item = Chef::EncryptedDataBagItem.load('certificates', 'wildcard_kosmos_org')
|
|
|
|
ssl_cert_path = "/etc/ssl/private/wildcard.kosmos.org.crt"
|
|
file ssl_cert_path do
|
|
content data_bag_item['ssl_cert']
|
|
mode 0600
|
|
owner 'www-data'
|
|
sensitive true
|
|
end
|
|
|
|
ssl_key_path = "/etc/ssl/private/wildcard.kosmos.org.key"
|
|
file ssl_key_path do
|
|
content data_bag_item['ssl_key']
|
|
mode 0600
|
|
owner 'www-data'
|
|
sensitive true
|
|
end
|
|
|
|
template "#{node['nginx']['dir']}/sites-available/sockethub" do
|
|
source 'nginx_conf_sockethub.erb'
|
|
owner 'www-data'
|
|
mode 0640
|
|
variables sockethub_port: node['sockethub']['port'],
|
|
sockethub_external_port: node['sockethub']['external_port'],
|
|
server_name: 'sockethub.kosmos.org',
|
|
ssl_cert: ssl_cert_path,
|
|
ssl_key: ssl_key_path
|
|
notifies :reload, 'service[nginx]', :delayed
|
|
end
|
|
|
|
nginx_site 'sockethub' do
|
|
enable true
|
|
end
|