Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Unified Diff: modules/discourse/manifests/init.pp

Issue 9377123: Set up proper FastCGI environment for Discourse and use nginx (Closed)
Patch Set: Created Feb. 15, 2013, 9:29 p.m.
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « modules/discourse/files/sudoers ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: modules/discourse/manifests/init.pp
===================================================================
--- a/modules/discourse/manifests/init.pp
+++ b/modules/discourse/manifests/init.pp
@@ -28,44 +28,136 @@ class discourse {
}
package {'bundler':
ensure => present,
provider => gem
}
$gem_dependencies = ['git', 'build-essential', 'ruby1.9.1-dev', 'libxml2-dev',
- 'libxslt-dev', 'libpq-dev']
+ 'libxslt-dev', 'libpq-dev', 'libfcgi-dev']
package {$gem_dependencies: ensure => present}
- file {'/etc/discourse': ensure => directory}
+ file {'/opt/discourse':
+ ensure => directory,
+ mode => 755,
+ owner => discourse,
+ group => www-data
+ }
- file {'/etc/discourse/database.yml':
- mode => 640,
+ file {'/opt/discourse/discourse.fcgi':
+ mode => 755,
+ owner => discourse,
+ group => www-data,
+ source => 'puppet:///modules/discourse/discourse.fcgi',
+ require => Exec['fetch-discourse']
+ }
+
+ file {'/opt/discourse/config/database.yml':
+ mode => 600,
+ owner => discourse,
+ group => www-data,
+ source => 'puppet:///modules/discourse/database.yml',
+ require => Exec['fetch-discourse']
+ }
+
+ file {'/opt/discourse/config/redis.yml':
+ mode => 600,
+ owner => discourse,
+ group => www-data,
+ source => 'puppet:///modules/discourse/redis.yml',
+ require => Exec['fetch-discourse']
+ }
+
+ file {'/usr/local/bin/init-discourse':
+ mode => 0755,
owner => root,
group => root,
- source => 'puppet:///modules/discourse/database.yml'
+ source => 'puppet:///modules/discourse/init-discourse'
}
- file {'/etc/discourse/redis.yml':
- mode => 640,
+ user {'discourse':
+ ensure => present,
+ comment => 'Discourse user',
+ home => '/home/discourse',
+ gid => www-data,
+ password => '*',
+ managehome => true
+ }
+
+ file {'/etc/sudoers.d/discourse':
+ ensure => present,
owner => root,
group => root,
- source => 'puppet:///modules/discourse/redis.yml'
+ mode => 0440,
+ source => 'puppet:///modules/discourse/sudoers',
+ require => User['discourse']
}
- file {'/usr/local/bin/deploy-discourse':
- mode => 0744,
- owner => root,
- group => root,
- source => 'puppet:///modules/discourse/deploy-discourse'
+ exec {'fetch-discourse':
+ command => "hg clone https://hg.adblockplus.org/discourse /opt/discourse && echo gem \\'fcgi\\' >> /opt/discourse/Gemfile",
+ path => ["/usr/bin/", "/bin/"],
+ user => discourse,
+ group => www-data,
+ require => [Package['mercurial'], File['/opt/discourse']],
+ onlyif => "test ! -d /opt/discourse/.hg"
}
- exec {'/usr/local/bin/deploy-discourse':
- subscribe => File['/usr/local/bin/deploy-discourse'],
+ exec {'/usr/local/bin/init-discourse':
+ subscribe => File['/usr/local/bin/init-discourse'],
refreshonly => true,
+ user => discourse,
+ group => www-data,
timeout => 0,
+ logoutput => true,
require => [Package['bundler', 'postgresql-contrib', $gem_dependencies],
- File['/etc/discourse/database.yml', '/etc/discourse/redis.yml']]
+ User['discourse'], File['/etc/sudoers.d/discourse'],
+ Exec['fetch-discourse'],
+ File['/opt/discourse/discourse.fcgi'],
+ File['/opt/discourse/config/database.yml'],
+ File['/opt/discourse/config/redis.yml']]
}
- # TODO: Set up thin to run the app, with nginx as a proxy if necessary
+ class {'spawn-fcgi':}
+
+ spawn-fcgi::pool {'discourse-fastcgi':
+ ensure => 'present',
+ user => 'discourse',
+ group => 'www-data',
+ mode => 0664,
+ fcgi_app => '/opt/discourse/discourse.fcgi',
+ socket => '/tmp/discourse-fastcgi.sock',
+ require => File['/opt/discourse/discourse.fcgi'],
+ }
+
+ class {'nginx':
+ worker_processes => 1,
+ worker_connections => 500
+ }
+
+ file {'/etc/nginx/sites-available/adblockplus.org_sslcert.key':
+ ensure => file,
+ notify => Service['nginx'],
+ before => Nginx::Hostconfig['intraforum.adblockplus.org'],
+ require => Package['nginx'],
+ source => 'puppet:///modules/private/adblockplus.org_sslcert.key'
+ }
+
+ file {'/etc/nginx/sites-available/adblockplus.org_sslcert.pem':
+ ensure => file,
+ mode => 0400,
+ notify => Service['nginx'],
+ before => Nginx::Hostconfig['intraforum.adblockplus.org'],
+ require => Package['nginx'],
+ source => 'puppet:///modules/private/adblockplus.org_sslcert.pem'
+ }
+
+ nginx::hostconfig{'intraforum.adblockplus.org':
+ source => 'puppet:///modules/discourse/intraforum.adblockplus.org',
+ enabled => true
+ }
+
+ file {'/etc/logrotate.d/nginx_intraforum.adblockplus.org':
+ ensure => file,
+ require => Nginx::Hostconfig['intraforum.adblockplus.org'],
+ source => 'puppet:///modules/discourse/logrotate'
+ }
}
« no previous file with comments | « modules/discourse/files/sudoers ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld