attributes/mysql.rb

@@ -1,6 +0,0 @@
-require 'securerandom'
-
-node.default['db']['name'] = "#{node['app']['name']}"
-node.default['db']['user'] = "#{node['app']['name']}"
-node.default['db']['root_password'] = SecureRandom.hex(13)
-node.default['db']['password'] = SecureRandom.hex(13)

attributes/nodejs.rb

@@ -1,4 +1,3 @@
-default['nodejs']['env_path'] = "/opt/theta42/#{node['app']['name']}/env/node"
 default['NodeJS']['version'] = 8
 default['NodeJS']['working-dir'] = 'src/nodejs'
 default['NodeJS']['exec_file'] = 'app.js'

attributes/postgres.rb

@@ -1,5 +0,0 @@
-require 'securerandom'
-
-default['db']['name'] = node['app']['name']
-default['db']['user'] = node['app']['name']
-default['db']['password'] = SecureRandom.hex(13)

attributes/python.rb

@@ -1,3 +0,0 @@
-default['python']['env_path'] = "/opt/theta42/#{node['app']['name']}/env/python"
-default['python']['version'] = '3.6'
-default['python']['pip_requirements_path'] = 'requirements.txt'

attributes/redis.rb

@@ -1 +0,0 @@
-default['redis']['unix']['path'] = '/var/run/redis/redis.sock'

metadata.rb

@@ -4,13 +4,9 @@ maintainer_email 'you@example.com'
 license 'All Rights Reserved'
 description 'Installs/Configures t42-common'
 long_description 'Installs/Configures t42-common'
-version '0.1.11'
+version '0.1.0'
 chef_version '>= 13.0'
 
-depends 'nodejs'
-depends 'postgresql'
-depends 'mysql'
-
 # The `issues_url` points to the location where issues for this cookbook are
 # tracked.  A `View Issues` link will be displayed on this cookbook's page when
 # uploaded to a Supermarket.

recipes/mysql.rb

@@ -1,21 +0,0 @@
-mysql_service node['app']['name'] do
-  # version '5.7'
-  bind_address node['db']['bind_address']
-  port node['db']['port']
-  # data_dir '/data'
-  initial_root_password node['db']['root_password']
-
-  action [:create, :start]
-end
-
-
-bash 'Make mysql Database and User' do
-	code <<~EOH
-		mysql -h 127.0.0.1 -uroot -p"#{node['db']['root_password']}" -e "CREATE DATABASE '#{node['db']['name']}' /*\!40100 DEFAULT CHARACTER SET utf8 */;"
-	    mysql -h 127.0.0.1 -uroot -p"#{node['db']['root_password']}" -e "CREATE USER '#{node['db']['user']}'@localhost IDENTIFIED BY '#{node['db']['password']}';"
-	    mysql -h 127.0.0.1 -uroot -p"#{node['db']['root_password']}" -e "GRANT ALL PRIVILEGES ON '#{node['db']['name']}'.* TO '#{node['db']['user']}'@'%';"
-	    mysql -h 127.0.0.1 -uroot -p"#{node['db']['root_password']}" -e "FLUSH PRIVILEGES;"
-
-	EOH
-	not_if "mysql -h 127.0.0.1 -uroot -p\"#{node['db']['root_password']}\" -e 'use #{node['db']['name']}'"
-end

recipes/nodejs.rb

@@ -11,47 +11,33 @@ version = {
 	}
 }
 
-unless node['nodejs']['working-dir'][0] == '/'
+unless node['node']['working-dir'][0] == '/'
-	node.override['nodejs']['working-dir'] = "#{node['working-dir']}/#{node['nodejs']['working-dir']}"
+	node.override['node']['working-dir'] = "#{node['working-dir']}/#{node['node']['working-dir']}"
 end
 
-unless node['nodejs']['install_version']
+unless node['node']['version']
-	node.default['nodejs']['install_version'] = 8
+	node.default['node']['version'] = 8
 end
 
-unless version.key?(node['nodejs']['install_version'])
+unless version.key?(node['node']['version'])
 	raise <<~EOH
-		Unsupported NodeJS version #{node['nodejs']['install_version']}.
+		Unsupported NodeJS version #{node['node']['version']}.
 		Supports #{version.keys}.
 	EOH
 end
 
-set_version = version[node['nodejs']['install_version']]
+set_version = version[node['node']['version']]
 
 node.default['nodejs']['install_method'] = 'binary'
-node.default['nodejs']['version'] = set_version['version'].to_str
+node.default['nodejs']['version'] = set_version['version']
 node.default['nodejs']['binary']['url'] = set_version['url']
 node.default['nodejs']['binary']['checksum'] = set_version['checksum']
 
-node.default['nodejs']['env_path'] = "/opt/theta42/#{node['app']['name']}/env/node"
-
 include_recipe "nodejs"
 
-directory node['nodejs']['env_path'] do
-	recursive true
-end
-
-file "#{node['nodejs']['env_path']}/package.json" do
-  owner 'root'
-  group 'root'
-  mode 0755
-  content ::File.open("#{node['nodejs']['working-dir']}/package.json").read
-  action :create
-end
-
 execute 'Install NPM package.json' do
-	cwd node['nodejs']['env_path']
+	cwd node['node']['working-dir']
-	command "npm --prefix #{node['nodejs']['env_path']} install #{node['nodejs']['env_path']}"
+	command "npm --prefix \"#{node['node']['working-dir']}\" install"
 end
 
 directory "/var/log/node/#{node['app']['name']}" do

recipes/openresty.rb

@@ -1,64 +0,0 @@
-# apt_repository 'open resty repo' do
-#   uri 'http://openresty.org/package/ubuntu'
-#   key 'https://openresty.org/package/pubkey.gpg'
-#   components   ['main']
-# end
-
-apt_package 'software-properties-common'
-
-execute 'add key' do
-	command 'wget -qO - https://openresty.org/package/pubkey.gpg | sudo apt-key add -'
-end
-
-execute 'add repo' do
-	command 'add-apt-repository -y "deb http://openresty.org/package/ubuntu $(lsb_release -sc) main"; apt update'
-end
-
-apt_package 'openresty'
-
-if node['web']['do_ssl']
-	apt_package 'luarocks'
-
-	execute 'install lua-resty-auto-ssl' do
-	  command 'luarocks install lua-resty-auto-ssl'
-	end
-
-	directory '/etc/ssl' do
-	  mode '0755'
-	  action :create
-	end
-
-	execute 'defualt ssl' do
-		command "openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509   -subj '/CN=sni-support-required-for-valid-ssl'   -keyout /etc/ssl/resty-auto-ssl-fallback.key   -out /etc/ssl/resty-auto-ssl-fallback.crt"
-	end
-
-	execute 'defualt ssl' do
-		command "openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509   -subj '/CN=sni-support-required-for-valid-ssl'   -keyout /etc/ssl/resty-auto-ssl-fallback.key   -out /etc/ssl/resty-auto-ssl-fallback.crt"
-	end
-
-	template '/etc/openresty/autossl.conf' do
-		source 'autossl.conf.erb'
-	end
-end
-
-template '/etc/openresty/nginx.conf' do
-	source 'nginx.conf.erb'
-end
-
-directory '/etc/openresty/sites-enabled' do
-  mode '0755'
-  action :create
-end
-
-directory '/var/log/nginx/' do
-	mode '0775'
-	action :create
-end
-
-template '/etc/openresty/sites-enabled/host.conf' do
-	source 'host.conf.erb'
-end
-
-systemd_unit 'openresty' do
-	action :reload
-end

recipes/php.rb

@@ -1,14 +0,0 @@
-unless node['php']['working-dir'][0] == '/'
-	node.override['php']['working-dir'] = "#{node['working-dir']}/#{node['php']['working-dir']}"
-end
-
-[
-	'php',
-	'libapache2-mod-php',
-].each do |pkg|
-	apt_package pkg
-end
-
-systemd_unit 'apache2.service' do
-	action :restart
-end

recipes/postgres.rb

@@ -1,49 +0,0 @@
-execute 'add key' do
-  command 'wget -qO - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -'
-end
-
-execute 'add repo' do
-  command 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
-end
-
-
-apt_update 'update' do
-end.run_action(:update) if platform_family?('debian')
-
-postgresql_server_install 'My PostgreSQL Server install' do
-  initdb_locale 'en_US.utf8'
-  action :install
-end
-
-postgresql_server_install 'Setup my PostgreSQL 9.6 server' do
-  initdb_locale 'en_US.utf8'
-  action :create
-end
-
-postgresql_access 'local_postgres_superuser' do
-  comment 'Local postgres superuser access'
-  access_type 'local'
-  access_db 'all'
-  access_user 'postgres'
-  access_addr nil
-  access_method 'ident'
-end
-
-postgresql_user 'DB user' do
-  create_user node['db']['user']
-  password node['db']['password']
-  createrole true
-end
-
-# Hack for creating a database, this cook book is broken with debian...
-
-execute 'add database' do
-	command "createdb #{node['db']['name']}"
-	user 'postgres'
-	not_if "psql -lqt | grep -w \"#{node['db']['name']}\"", :user => 'postgres'
-end
-
-execute 'Grant DB user' do
-	command "echo \"grant all privileges on database #{node['db']['name']} to #{node['db']['user']} ;\" | psql"
-	user 'postgres'
-end

recipes/python.rb

@@ -1,42 +0,0 @@
-#
-# Cookbook:: django-bakend
-# Recipe:: default
-#
-# Copyright:: 2019, The Authors, All Rights Reserved.
-
-unless node['python']['working-dir'][0] == '/'
-	node.override['python']['working-dir'] = "#{node['working-dir']}/#{node['python']['working-dir']}"
-end
-
-
-apt_repository 'Python apt repo' do
-  uri 'ppa:deadsnakes/ppa'
-  repo_name 'ppa-deadsnakes'
-  deb_src true
-  action :add
-end
-
-apt_update
-
-[
-	"python#{node['python']['version']}",
-	"python#{node['python']['version']}-dev",
-	"python#{node['python']['version'][0]}-pip",
-
-].each do |pkg|
-	apt_package pkg
-end
-
-execute 'Install virtual' do
-	command "pip#{node['python']['version'][0]} install virtualenv"
-end
-
-bash 'Install python requirements file' do
-	# user 'root'
-	# cwd  '/mydir'
-	code <<~EOH
-		virtualenv #{node['python']['env_path']}
-		source #{node['python']['env_path']}/bin/activate
-		pip install -r #{node['python']['working-dir']}/#{node['python']['pip_requirements_path']}
-	EOH
-end

recipes/redis.rb

@@ -1,19 +0,0 @@
-apt_package 'redis-server'
-
-template '/etc/redis/local.conf' do
-	source 'redis/local.conf'
-end
-
-if node['redis']['unix']['perm']
-	bash 'append_to_config' do
-	  user 'root'
-	  code <<~EOF
-	      echo "include /etc/redis/local.conf" >> /etc/redis/redis.conf
-	  EOF
-	  not_if 'grep -q "/etc/redis/local.conf" /etc/redis/redis.conf'
-	end
-end
-
-systemd_unit 'redis-server.service' do
-	action :restart
-end

templates/apache/vhost.conf.erb

@@ -41,25 +41,14 @@
       </FilesMatch>
     </IfModule>
 
-    <% if node['web']['root'] %>
-    DocumentRoot <%= node['web']['root'] %>
-    <Directory <%= node['web']['root'] %>/>
-    Options Indexes FollowSymLinks
-    AllowOverride None
-    Require all granted
-    </Directory>
-    <% end -%>
-
-    <% if node['web']['static'] %>
     <% node['web']['static'].each do |static| -%>
     Alias <%= static['uri'] %> <%= node['working-dir'] %>/<%= static['path'] %>
 
-    <% end -%>
     <% end -%>
 
     <% if node['web']['wsgi'] %>
     
-    WSGIDaemonProcess <%= node['app']['name'] %> python-path=<%= node['python']['working-dir'] %> python-home=<%= node['python']['env_path'] %>
+    WSGIDaemonProcess <%= node['app']['name'] %> python-path=<%= node['python']['working-dir'] %> python-home=<%= node['python']['virtualenv_path'] %>
     WSGIProcessGroup <%= node['app']['name'] %>
     WSGIScriptAlias / <%= node['working-dir'] %>/<%= node['web']['wsgi']['wsgi_path'] %>
 

templates/openresty/autossl.conf.erb

@@ -1,17 +0,0 @@
-  ssl_protocols     TLSv1 TLSv1.1 TLSv1.2;
-  ssl_prefer_server_ciphers  on;
-  ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
-
-  ssl_certificate_by_lua_block {
-    auto_ssl:ssl_certificate()
-  }
-
-  location /.well-known/acme-challenge/ {
-    content_by_lua_block {
-      auto_ssl:challenge_server()
-    }
-  }
-
-  ssl_certificate /etc/ssl/resty-auto-ssl-fallback.crt;
-  ssl_certificate_key /etc/ssl/resty-auto-ssl-fallback.key;
-  

templates/openresty/nginx.conf.erb

@@ -1,75 +0,0 @@
-#user  nobody;
-worker_processes 4;
-
-#error_log  logs/error.log;
-#error_log  logs/error.log  notice;
-#error_log  logs/error.log  info;
-
-#pid        logs/nginx.pid;
-
-
-events {
-    worker_connections  1024;
-}
-
-
-http {
-    client_max_body_size 4g;
-
-
-    lua_shared_dict auto_ssl 100m;
-    lua_shared_dict auto_ssl_settings 64k;
-
-    resolver 8.8.4.4 8.8.8.8;
-
-    init_by_lua_block {
-        auto_ssl = (require "resty.auto-ssl").new()
-	auto_ssl:set("storage_adapter", "resty.auto-ssl.storage_adapters.redis")
-        auto_ssl:set("allow_domain", function(domain)
-            return true
-        end)
-        auto_ssl:init()
-    }
-
-    init_worker_by_lua_block {
-      auto_ssl:init_worker()
-    }
-
-    ssl_session_cache   shared:SSL:10m;
-    ssl_session_timeout 10m;
-
-    server {
-      listen 127.0.0.1:8999;
-
-      # Increase the body buffer size, to ensure the internal POSTs can always
-      # parse the full POST contents into memory.
-      client_body_buffer_size 128k;
-      client_max_body_size 128k;
-
-      location / {
-        content_by_lua_block {
-          auto_ssl:hook_server()
-        }
-      }
-    }
-
-    include       mime.types;
-    default_type  application/octet-stream;
-
-    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
-    #                  '$status $body_bytes_sent "$http_referer" '
-    #                  '"$http_user_agent" "$http_x_forwarded_for"';
-
-    access_log /var/log/nginx/access.log;
-    error_log /var/log/nginx/error.log;
-
-    sendfile        on;
-    #tcp_nopush     on;
-
-    #keepalive_timeout  0;
-    keepalive_timeout  65;
-
-    #gzip  on;
-    include sites-enabled/*;
-
-}

templates/openresty/simple-proxy.conf.erb

@@ -1,28 +0,0 @@
-server {
-    listen   80;
-    <% if node['web']['do_ssl'] %>
-    listen  443 ssl;
-    <% end %>
-    server_name <%= node['app']['domain'] %>;
-
-    <% if node['web']['do_ssl'] %>
-    include autossl.conf;
-    <% end %>
-
-    proxy_set_header X-Forwarded-For $remote_addr;
-
-    location / {
-         proxy_pass         http://localhost:3000;
-         proxy_set_header   Host $host;
-         proxy_set_header   X-Real-IP $remote_addr;
-         proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
-         proxy_set_header   X-Forwarded-Host $server_name;
-         proxy_read_timeout  1200s;
-
-         # used for view/edit office file via Office Online Server
-         client_max_body_size 0;
-    }
-
-     access_log      /var/log/nginx/<%= node['app']['name'] %>.access.log;
-     error_log       /var/log/nginx/<%= node['app']['name'] %>.error.log;
-}

templates/redis/local.conf

@@ -1,7 +0,0 @@
-# Specify the path for the Unix socket that will be used to listen for
-# incoming connections. There is no default, so Redis will not listen
-# on a unix socket when not specified.
-#
-
-unixsocket <%= node['redis']['unix']['path'] %> 
-unixsocketperm <%= node['redis']['unix']['perm'] %>