diff --git a/config/roles/integration_server.rb b/config/roles/integration_server.rb index c2c15ff..9a9603a 100644 --- a/config/roles/integration_server.rb +++ b/config/roles/integration_server.rb @@ -1,3 +1,6 @@ name "integration_server" description "Application that manages user authentication, visual integration and gamification" -run_list 'recipe[colab]' + +# TODO colab and mailman-api should be able to run in separate hosts at some +# point in the future +run_list 'recipe[mailman-api]', 'recipe[colab]' diff --git a/cookbooks/colab/recipes/default.rb b/cookbooks/colab/recipes/default.rb index 16f38a8..b4014c7 100644 --- a/cookbooks/colab/recipes/default.rb +++ b/cookbooks/colab/recipes/default.rb @@ -1,7 +1,3 @@ -# TODO colab and mailman-api should be able to run in separate hosts at some -# point in the future -include_recipe 'mailman-api' - if node['platform'] == 'centos' cookbook_file '/etc/yum.repos.d/colab.repo' do owner 'root' @@ -11,6 +7,29 @@ end package 'colab' +directory '/etc/colab' do + owner 'root' + group 'root' + mode 0755 +end + +execute 'secret-key' do + f = '/etc/colab/secret.key' + command "openssl rand -hex 32 -out #{f} && chown root:colab #{f} && chmod 0640 #{f}" + not_if { File.exists?(f) } + notifies :create, 'template[/etc/colab/settings.yaml]' +end + +template '/etc/colab/settings.yaml' do + owner 'root' + group 'colab' + mode 0640 +end + +execute 'colab-admin migrate' +execute 'colab-admin collectstatic --noinput' + service 'colab' do action :start + supports :restart => true end diff --git a/cookbooks/colab/templates/settings.yaml.erb b/cookbooks/colab/templates/settings.yaml.erb new file mode 100644 index 0000000..5f89adc --- /dev/null +++ b/cookbooks/colab/templates/settings.yaml.erb @@ -0,0 +1,42 @@ +DATABASES: + default: + ENGINE: django.db.backends.postgresql_psycopg2 + NAME: colab + USER: colab + HOST: <%= node['peers']['database'] %> + +## Set to false in production +DEBUG: false +TEMPLATE_DEBUG: false + +## System admins +ADMINS: &admin +<%- node['config']['admins'].each do |admin| %> + - + <%- admin.each do |item| %> + - <%= item %> + <%- end %> +<% end %> + +MANAGERS: *admin + +COLAB_FROM_ADDRESS: '<%= node['config']['colab_from_address'] %>' +SERVER_EMAIL: '<%= node['config']['server_email'] %>' + +EMAIL_HOST: localhost +EMAIL_PORT: 25 +EMAIL_SUBJECT_PREFIX: <%= node['config']['email_subject_prefix'] %> + +SECRET_KEY: <%= File.read('/etc/colab/secret.key').strip %> + +SITE_URL: <%= node['config']['site_url'] %> +BROWSERID_AUDIENCES: + - <%= node['config']['site_url'].sub('http:', 'https:') %> + - <%= node['config']['site_url'].sub('https:', 'http:') %> + +ALLOWED_HOSTS: + - localhost # for tests + - <%= node['config']['external_hostname'] %> + +## Disable indexing +ROBOTS_NOINDEX: false diff --git a/nodes.yaml b/nodes.yaml index b8c9fad..e521782 100644 --- a/nodes.yaml +++ b/nodes.yaml @@ -2,6 +2,16 @@ vagrant@integration: run_list: - role[server] - role[integration_server] + config: &CONFIG + admins: + - + - Paulo Meirelles + - paulo@softwarelivre.org + external_hostname: beta.softwarepublico.gov.br + site_url: https://beta.softwarepublico.gov.br + colab_from_address: '"Portal do Software Publico" ' + server_email: '"Portal do Software Publico" ' + email_subject_prefix: '[spb]' peers: &PEERS integration: 10.10.10.2 email: 10.10.10.3 diff --git a/test/colab_test.sh b/test/colab_test.sh index 5c9c367..5e83727 100644 --- a/test/colab_test.sh +++ b/test/colab_test.sh @@ -1,11 +1,19 @@ . $(dirname $0)/test_helper.sh +test_database_connectivity() { + assertTrue 'colab database connectivity' 'run_on integration psql -h database -U colab < /dev/null' +} + test_colab_config_is_in_place() { - assertTrue 'colab settings.yml is in place' 'run_on colab test -f /etc/colab/settings.yml' + assertTrue 'colab settings.yml is in place' 'run_on integration test -f /etc/colab/settings.yaml' +} + +test_colab_running() { + assertTrue 'colab service running' 'run_on integration pgrep -fa colab.wsgi' } -test_colab_installed_and_running() { - assertTrue 'colab service running' 'run_on colab pgrep -fa colab.wsgi' +test_colab_responds() { + assertTrue 'colab responds' 'run_on integration curl --fail http://localhost:8001' } . shunit2 -- libgit2 0.21.2