Base ready

ops/cookbooks/vendor/t42-common/recipes/apache.rb

@@ -0,0 +1,52 @@
+[
+	'apache2',
+	'apache2-dev',
+	'libapache2-mod-wsgi-py3',
+].each do |pkg|
+	apt_package pkg
+end
+
+file '/etc/apache2/sites-enabled/000-default.conf' do
+	action :delete
+end
+
+execute 'enable apache mods' do
+	command 'a2enmod expires'
+end
+
+if node['web']['do_ssl']
+	apt_repository 'certbot apt repo' do
+	  uri 'ppa:certbot/certbot'
+	  repo_name 'ppa-certbot'
+	  deb_src true
+	  action :add
+	end
+
+	apt_update
+	
+	[
+		'software-properties-common',
+		'certbot',
+		'python-certbot-apache',
+	].each do |pkg|
+		apt_package pkg
+	end
+
+	execute 'apache certbot' do
+		command "sudo certbot certonly --standalone -d #{node['app']['domain']} --non-interactive --agree-tos --email #{node['web']['admin_email']}"
+	end
+end
+
+if node['web']['socket.io']
+	execute 'enable apache mods' do
+		command 'a2enmod rewrite; a2enmod proxy_wstunnel; a2enmod proxy_http'
+	end
+end
+
+template '/etc/apache2/sites-enabled/000-server.conf' do
+	source 'apache/vhost.conf.erb'
+end
+
+systemd_unit 'apache2.service' do
+	action :restart
+end

ops/cookbooks/vendor/t42-common/recipes/mysql.rb

@@ -0,0 +1,21 @@
+mysql_service node['db']['name'] do
+  # version '5.7'
+  bind_address '127.0.0.1'
+  port '3306'
+  # data_dir '/data'
+  initial_root_password node['db']['root_password']
+
+  action [:create, :start]
+end
+
+
+bash 'Make mysql Database and User' do
+	code <<~EOH
+		mysql -h 127.0.0.1 -uroot -p"#{node['db']['root_password']}" -e "CREATE DATABASE #{node['db']['user']} /*\!40100 DEFAULT CHARACTER SET utf8 */;"
+	    mysql -h 127.0.0.1 -uroot -p"#{node['db']['root_password']}" -e "CREATE USER #{node['db']['user']}@localhost IDENTIFIED BY '#{node['db']['password']}';"
+	    mysql -h 127.0.0.1 -uroot -p"#{node['db']['root_password']}" -e "GRANT ALL PRIVILEGES ON #{node['db']['user']}.* TO '#{node['db']['user']}'@'localhost';"
+	    mysql -h 127.0.0.1 -uroot -p"#{node['db']['root_password']}" -e "FLUSH PRIVILEGES;"
+
+	EOH
+	not_if "mysql -h 127.0.0.1 -uroot -p\"#{node['db']['root_password']}\" -e 'use #{node['db']['name']}'"
+end

ops/cookbooks/vendor/t42-common/recipes/nodejs.rb

@@ -0,0 +1,59 @@
+version = {
+	8 => {
+		'version' => '8.16.0',
+		'url' => 'https://nodejs.org/dist/latest-v8.x/node-v8.16.0-linux-x64.tar.gz',
+		'checksum' => 'b391450e0fead11f61f119ed26c713180cfe64b363cd945bac229130dfab64fa'
+	},
+	10 => {
+		'version' => '10.15.3',
+		'url' => 'https://nodejs.org/dist/latest-v10.x/node-v10.15.3-linux-x64.tar.gz',
+		'checksum' => '6c35b85a7cd4188ab7578354277b2b2ca43eacc864a2a16b3669753ec2369d52'
+	}
+}
+
+unless node['nodejs']['working-dir'][0] == '/'
+	node.override['nodejs']['working-dir'] = "#{node['working-dir']}/#{node['nodejs']['working-dir']}"
+end
+
+unless node['nodejs']['install_version']
+	node.default['nodejs']['install_version'] = 8
+end
+
+unless version.key?(node['nodejs']['install_version'])
+	raise <<~EOH
+		Unsupported NodeJS version #{node['nodejs']['install_version']}.
+		Supports #{version.keys}.
+	EOH
+end
+
+set_version = version[node['nodejs']['install_version']]
+
+node.default['nodejs']['install_method'] = 'binary'
+node.default['nodejs']['version'] = set_version['version'].to_str
+node.default['nodejs']['binary']['url'] = set_version['url']
+node.default['nodejs']['binary']['checksum'] = set_version['checksum']
+
+node.default['nodejs']['env_path'] = "/opt/theta42/#{node['app']['name']}/env/node"
+
+include_recipe "nodejs"
+
+directory node['nodejs']['env_path'] do
+	recursive true
+end
+
+file "#{node['nodejs']['env_path']}/package.json" do
+  owner 'root'
+  group 'root'
+  mode 0755
+  content ::File.open("#{node['nodejs']['working-dir']}/package.json").read
+  action :create
+end
+
+execute 'Install NPM package.json' do
+	cwd node['nodejs']['env_path']
+	command "npm --prefix #{node['nodejs']['env_path']} install #{node['nodejs']['env_path']}"
+end
+
+directory "/var/log/node/#{node['app']['name']}" do
+	recursive true
+end

ops/cookbooks/vendor/t42-common/recipes/openresty.rb

@@ -0,0 +1,64 @@
+# apt_repository 'open resty repo' do
+#   uri 'http://openresty.org/package/ubuntu'
+#   key 'https://openresty.org/package/pubkey.gpg'
+#   components   ['main']
+# end
+
+apt_package 'software-properties-common'
+
+execute 'add key' do
+	command 'wget -qO - https://openresty.org/package/pubkey.gpg | sudo apt-key add -'
+end
+
+execute 'add repo' do
+	command 'add-apt-repository -y "deb http://openresty.org/package/ubuntu $(lsb_release -sc) main"; apt update'
+end
+
+apt_package 'openresty'
+
+if node['web']['do_ssl']
+	apt_package 'luarocks'
+
+	execute 'install lua-resty-auto-ssl' do
+	  command 'luarocks install lua-resty-auto-ssl'
+	end
+
+	directory '/etc/ssl' do
+	  mode '0755'
+	  action :create
+	end
+
+	execute 'defualt ssl' do
+		command "openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509   -subj '/CN=sni-support-required-for-valid-ssl'   -keyout /etc/ssl/resty-auto-ssl-fallback.key   -out /etc/ssl/resty-auto-ssl-fallback.crt"
+	end
+
+	execute 'defualt ssl' do
+		command "openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509   -subj '/CN=sni-support-required-for-valid-ssl'   -keyout /etc/ssl/resty-auto-ssl-fallback.key   -out /etc/ssl/resty-auto-ssl-fallback.crt"
+	end
+
+	template '/etc/openresty/autossl.conf' do
+		source 'autossl.conf.erb'
+	end
+end
+
+template '/etc/openresty/nginx.conf' do
+	source 'nginx.conf.erb'
+end
+
+directory '/etc/openresty/sites-enabled' do
+  mode '0755'
+  action :create
+end
+
+directory '/var/log/nginx/' do
+	mode '0775'
+	action :create
+end
+
+template '/etc/openresty/sites-enabled/host.conf' do
+	source 'host.conf.erb'
+end
+
+systemd_unit 'openresty' do
+	action :reload
+end

ops/cookbooks/vendor/t42-common/recipes/php.rb

@@ -0,0 +1,6 @@
+[
+	'php',
+	'libapache2-mod-php',
+].each do |pkg|
+	apt_package pkg
+end

ops/cookbooks/vendor/t42-common/recipes/postgres.rb

@@ -0,0 +1,49 @@
+execute 'add key' do
+  command 'wget -qO - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -'
+end
+
+execute 'add repo' do
+  command 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
+end
+
+
+apt_update 'update' do
+end.run_action(:update) if platform_family?('debian')
+
+postgresql_server_install 'My PostgreSQL Server install' do
+  initdb_locale 'en_US.utf8'
+  action :install
+end
+
+postgresql_server_install 'Setup my PostgreSQL 9.6 server' do
+  initdb_locale 'en_US.utf8'
+  action :create
+end
+
+postgresql_access 'local_postgres_superuser' do
+  comment 'Local postgres superuser access'
+  access_type 'local'
+  access_db 'all'
+  access_user 'postgres'
+  access_addr nil
+  access_method 'ident'
+end
+
+postgresql_user 'DB user' do
+  create_user node['db']['user']
+  password node['db']['password']
+  createrole true
+end
+
+# Hack for creating a database, this cook book is broken with debian...
+
+execute 'add database' do
+	command "createdb #{node['db']['name']}"
+	user 'postgres'
+	not_if "psql -lqt | grep -w \"#{node['db']['name']}\"", :user => 'postgres'
+end
+
+execute 'Grant DB user' do
+	command "echo \"grant all privileges on database #{node['db']['name']} to #{node['db']['user']} ;\" | psql"
+	user 'postgres'
+end

ops/cookbooks/vendor/t42-common/recipes/python.rb

@@ -0,0 +1,42 @@
+#
+# Cookbook:: django-bakend
+# Recipe:: default
+#
+# Copyright:: 2019, The Authors, All Rights Reserved.
+
+unless node['python']['working-dir'][0] == '/'
+	node.override['python']['working-dir'] = "#{node['working-dir']}/#{node['python']['working-dir']}"
+end
+
+
+apt_repository 'Python apt repo' do
+  uri 'ppa:deadsnakes/ppa'
+  repo_name 'ppa-deadsnakes'
+  deb_src true
+  action :add
+end
+
+apt_update
+
+[
+	"python#{node['python']['version']}",
+	"python#{node['python']['version']}-dev",
+	"python#{node['python']['version'][0]}-pip",
+
+].each do |pkg|
+	apt_package pkg
+end
+
+execute 'Install virtual' do
+	command "pip#{node['python']['version'][0]} install virtualenv"
+end
+
+bash 'Install python requirements file' do
+	# user 'root'
+	# cwd  '/mydir'
+	code <<~EOH
+		virtualenv #{node['python']['env_path']}
+		source #{node['python']['env_path']}/bin/activate
+		pip install -r #{node['python']['working-dir']}/#{node['python']['pip_requirements_path']}
+	EOH
+end

ops/cookbooks/vendor/t42-common/recipes/redis.rb

@@ -0,0 +1,19 @@
+apt_package 'redis-server'
+
+template '/etc/redis/local.conf' do
+	source 'redis/local.conf'
+end
+
+if node['redis']['unix']['perm']
+	bash 'append_to_config' do
+	  user 'root'
+	  code <<~EOF
+	      echo "include /etc/redis/local.conf" >> /etc/redis/redis.conf
+	  EOF
+	  not_if 'grep -q "/etc/redis/local.conf" /etc/redis/redis.conf'
+	end
+end
+
+systemd_unit 'redis-server.service' do
+	action :restart
+end