From 42609cbc7343ecee2acdb32e1376e2b59f0605ee Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Jul 21 2020 19:25:06 +0000 Subject: Merge branch 'hellcp/tsp-fixup' into 'production' Small fixes to tsp profile See merge request infra/salt!425 --- diff --git a/pillar/role/web_tsp.sls b/pillar/role/web_tsp.sls index 328d403..4090f09 100644 --- a/pillar/role/web_tsp.sls +++ b/pillar/role/web_tsp.sls @@ -15,14 +15,20 @@ nginx: managed: tsp.opensuse.org.conf: config: + - upstream tsp: + - server: unix:///var/cache/tsp/puma.socket - server: - listen: - 80 - default_server - server_name: tsp.opensuse.org - - root: /srv/www/htdocs - - location /: - - proxy_pass: http://127.0.0.1:3000 + - root: /srv/www/travel-support-program/public + - keepalive_timeout: 5 + - try_files $uri/index.html $uri @app + - location @tsp: + - proxy_set_header: X-Forwarded-For $proxy_add_x_forwarded_for + - proxy_set_header: Host $http_host + - proxy_pass http://tsp - error_page: 500 502 503 504 /50x.html - location = /50x.html: - root: /srv/www/htdocs @@ -36,3 +42,10 @@ sudoers: groups: tsp-admins: - 'ALL=(ALL) ALL' + +zypper: + repositories: + openSUSE:infrastructure:tsp: + baseurl: http://download.infra.opensuse.org/repositories/openSUSE:/infrastructure:/tsp/openSUSE_Leap_$releasever/ + priority: 100 + refresh: True diff --git a/salt/profile/postgresql/files/postgresql/pg_hba.conf b/salt/profile/postgresql/files/postgresql/pg_hba.conf index cd77b7a..dba6d96 100644 --- a/salt/profile/postgresql/files/postgresql/pg_hba.conf +++ b/salt/profile/postgresql/files/postgresql/pg_hba.conf @@ -154,3 +154,7 @@ host dimension matrix 192.168.47.102/32 md5 host identification identification 192.168.47.4/32 md5 host identification identification 192.168.47.101/32 md5 host identification identification 192.168.47.102/32 md5 +# tsp.infra.opensuse.org +host tsp web_tsp 192.168.47.4/32 md5 +host tsp web_tsp 192.168.47.101/32 md5 +host tsp web_tsp 192.168.47.102/32 md5 \ No newline at end of file diff --git a/salt/profile/tsp/files/puma.rb b/salt/profile/tsp/files/puma.rb new file mode 100644 index 0000000..c96954d --- /dev/null +++ b/salt/profile/tsp/files/puma.rb @@ -0,0 +1,10 @@ +#!/usr/bin/env puma + +application_path = '/srv/www/travel-support-program' +directory application_path +environment 'production' + +daemonize false + +stdout_redirect "/var/log/tsp/puma.stdout.log", "/var/log/tsp/puma.stderr.log" +bind "unix:///var/cache/tsp/puma.socket" diff --git a/salt/profile/tsp/files/site.yml b/salt/profile/tsp/files/site.yml index 3e0c41d..0a41fc4 100644 --- a/salt/profile/tsp/files/site.yml +++ b/salt/profile/tsp/files/site.yml @@ -28,7 +28,7 @@ common: &common opensuse_connect: enabled: false - api_key: "{{ pillar['profile']['web_tsp']['api_key'] }}" + api_key: "{{ pillar['profile']['web_tsp']['connect_api_key'] }}" base_url: "http://connect.opensuse.org" check_request_template: "check_request_2pages.pdf" diff --git a/salt/profile/tsp/files/tsp.service b/salt/profile/tsp/files/tsp.service index edb1951..d5274ab 100644 --- a/salt/profile/tsp/files/tsp.service +++ b/salt/profile/tsp/files/tsp.service @@ -9,7 +9,7 @@ User=wwwrun WorkingDirectory=/srv/www/travel-support-program -ExecStart=/usr/bin/bundler exec puma -C /srv/www/travel-support-program/config/puma.rb ../config.ru +ExecStart=/usr/bin/bundler exec puma -C /srv/www/travel-support-program/config/puma.rb ./config.ru Restart=always diff --git a/salt/profile/tsp/files/tsp.socket b/salt/profile/tsp/files/tsp.socket new file mode 100644 index 0000000..21a91fa --- /dev/null +++ b/salt/profile/tsp/files/tsp.socket @@ -0,0 +1,14 @@ +[Unit] +Description=Travel Support Program Socket + +[Socket] +SocketUser=wwwrun +SocketGroup=www +ListenStream=/var/cache/tsp/puma.socket + +NoDelay=true +ReusePort=true +Backlog=1024 + +[Install] +WantedBy=sockets.target diff --git a/salt/profile/tsp/init.sls b/salt/profile/tsp/init.sls index 5184cd2..78192f8 100644 --- a/salt/profile/tsp/init.sls +++ b/salt/profile/tsp/init.sls @@ -2,15 +2,36 @@ tsp_dependencies: pkg.installed: - pkgs: - git + - tar + - make + - gcc-c++ + - zlib-devel + - libqt4-devel + - libQtWebKit4-devel + - postgresql-devel + - postgresql-server-devel - ruby-devel - ruby2.5-rubygem-bundler - ruby2.5-rubygem-pg - ruby2.5-rubygem-puma + - system-user-wwwrun tsp_user: user.present: - name: tsp +/srv/www/travel-support-program: + file.directory: + - user: tsp + +/var/cache/tsp: + file.directory: + - user: wwwrun + +/var/log/tsp: + file.directory: + - user: wwwrun + https://github.com/openSUSE/travel-support-program.git: git.latest: - branch: master @@ -18,18 +39,53 @@ https://github.com/openSUSE/travel-support-program.git: - rev: master - user: tsp +/srv/www/travel-support-program/tmp: + file.directory: + - user: wwwrun + +/srv/www/travel-support-program/log: + file.directory: + - user: wwwrun + tsp_ruby_dependencies: cmd.run: - name: bundler install --deployment - cwd: /srv/www/travel-support-program - runas: tsp +tsp_db_migration: + cmd.run: + - name: rake db:migrate + - cwd: /srv/www/travel-support-program + - env: RAILS_ENV=production + - runas: tsp + +tsp_assets_precompile: + cmd.run: + - name: rake assets:precompile + - cwd: /srv/www/travel-support-program + - env: RAILS_ENV=production + - runas: tsp + /etc/systemd/system/tsp.service: file.managed: - source: salt://profile/tsp/files/tsp.service - require_in: - service: tsp_service +/etc/systemd/system/tsp.socket: + file.managed: + - source: salt://profile/tsp/files/tsp.socket + - require_in: + - service: tsp_service + +/srv/www/travel-support-program/config/puma.rb: + file.managed: + - source: salt://profile/tsp/files/puma.rb + - user: tsp + - require_in: + - service: tsp_service + /srv/www/travel-support-program/config/site.yml: file.managed: - source: salt://profile/tsp/files/site.yml