Commit | Line | Data |
---|---|---|
7cae8e4b SS |
1 | # expose: |
2 | # expose public port 80 to map to private docker port 80 (web) | |
3 | # - "80:80" | |
4 | # expose public port 2222 to map to private docker port 22 (ssh) | |
5 | # - "2222:22" | |
6 | ||
7 | # ENV is baked in to the image, any changes here require ./launcher bootstrap to run | |
8 | env: | |
9 | # Comma delimited list of emails, required if you want admin access for first account | |
10 | DEVELOPER_EMAILS: 'YOUR_EMAIL@EMAIL.COM1' | |
11 | # You can have redis on a different box | |
12 | # REDIS_PROVIDER_URL: 'redis://l.discourse:6379' | |
13 | RAILS_ENV: 'production' | |
7cae8e4b | 14 | UNICORN_WORKERS: 3 |
6b84f5e5 | 15 | # slightly less aggressive than "recommendation" but works fine with oobgc |
a5461bf7 | 16 | RUBY_GC_MALLOC_LIMIT: 40000000 |
769c7f06 SS |
17 | # this ensures we have enough heap space to handle a big pile of small reqs |
18 | RUBY_HEAP_MIN_SLOTS: 800000 | |
7cae8e4b SS |
19 | |
20 | params: | |
21 | # SSH key is required for remote access into the container | |
22 | ssh_key: YOUR_SSH_KEY_HERE | |
23 | version: HEAD | |
24 | ||
25 | home: /var/www/discourse | |
26 | ||
27 | # You can connect to any DB you wish to | |
28 | database_yml: | |
29 | production: | |
30 | database: discourse | |
31 | username: discourse | |
32 | socket: /var/run/postgresql | |
33 | password: | |
34 | host: | |
35 | host_names: | |
36 | - YOUR_HOSTNAME_HERE | |
37 | ||
38 | run: | |
c266ef4b MB |
39 | - file: |
40 | path: /etc/service/cron/run | |
41 | chmod: "+x" | |
42 | contents: | | |
43 | #!/bin/bash | |
44 | exec 2>&1 | |
45 | cd / | |
46 | exec cron | |
47 | ||
48 | - file: | |
49 | path: /var/lib/postgresql/take-database-backup | |
50 | chown: postgres:postgres | |
51 | chmod: "+x" | |
52 | contents: | | |
53 | #!/bin/bash | |
54 | ID=db-$(date +%F_%T) | |
55 | FILENAME=/shared/postgres_backup/$ID.tar.gz | |
56 | pg_basebackup --format=tar --pgdata=- --xlog --gzip --label=$ID > $FILENAME | |
57 | echo $FILENAME | |
58 | ||
59 | - file: | |
60 | path: /var/spool/cron/crontabs/postgres | |
61 | contents: | | |
62 | # m h dom mon dow command | |
63 | #MAILTO=? | |
64 | 0 */4 * * * /var/lib/postgresql/take-database-backup | |
65 | ||
7cae8e4b SS |
66 | - file: |
67 | path: /etc/service/unicorn/run | |
68 | chmod: "+x" | |
69 | contents: | | |
70 | #!/bin/bash | |
71 | exec 2>&1 | |
72 | $env | |
73 | sv start redis || exit 1 | |
74 | sv start postgres || exit 1 | |
75 | cd $home | |
556a9de5 | 76 | exec sudo -E -u discourse LD_PRELOAD=/usr/lib/libjemalloc.so.1 bundle exec config/unicorn_launcher -E production -c config/unicorn.conf.rb |
7cae8e4b SS |
77 | |
78 | - file: | |
79 | path: /etc/service/sidekiq/run | |
80 | chmod: "+x" | |
81 | contents: | | |
82 | #!/bin/bash | |
83 | exec 2>&1 | |
84 | $env | |
85 | sv start redis || exit 1 | |
86 | sv start postgres || exit 1 | |
87 | cd $home | |
556a9de5 | 88 | exec sudo -E -u discourse LD_PRELOAD=/usr/lib/libjemalloc.so.1 bundle exec sidekiq |
7cae8e4b SS |
89 | |
90 | - file: | |
91 | path: /etc/service/sshd/run | |
92 | chmod: "+x" | |
93 | contents: | | |
94 | #!/bin/sh | |
95 | exec 2>&1 | |
96 | exec /usr/sbin/sshd -D -e | |
97 | ||
98 | - file: | |
99 | path: /etc/service/redis/run | |
100 | chmod: "+x" | |
101 | contents: | | |
102 | #!/bin/sh | |
103 | exec 2>&1 | |
104 | exec sudo -u redis /usr/bin/redis-server /etc/redis/redis.conf | |
105 | ||
106 | - file: | |
107 | path: /etc/service/nginx/run | |
108 | chmod: "+x" | |
109 | contents: | | |
110 | #!/bin/sh | |
111 | exec 2>&1 | |
112 | exec /usr/sbin/nginx | |
113 | ||
114 | - file: | |
115 | path: /etc/service/postgres/run | |
116 | chmod: "+x" | |
117 | contents: | | |
118 | #!/bin/sh | |
119 | exec 2>&1 | |
120 | exec sudo -u postgres /usr/lib/postgresql/9.2/bin/postmaster -D /etc/postgresql/9.2/main | |
121 | ||
d1cf6900 SS |
122 | - exec: |
123 | cmd: | |
124 | - mkdir -p /var/run/sshd | |
125 | - mkdir -p /root/.ssh | |
126 | - echo $ssh_key >> /root/.ssh/authorized_keys | |
7cae8e4b SS |
127 | |
128 | - exec: | |
129 | cd: $home | |
d0cd2c4d | 130 | hook: code |
7cae8e4b SS |
131 | cmd: |
132 | - git reset --hard | |
133 | - git clean -f | |
134 | - git pull | |
135 | - git checkout $head | |
136 | - cp config/database.yml.production-sample config/database.yml | |
137 | - cp config/redis.yml.sample config/redis.yml | |
138 | - cp config/environments/production.rb.sample config/environments/production.rb | |
139 | - mkdir -p tmp/pids | |
140 | - mkdir -p tmp/sockets | |
a61858b8 | 141 | - touch tmp/.gitkeep |
8788612e SS |
142 | - mkdir -p /shared/log/rails |
143 | - rm -r log | |
144 | - ln -s /shared/log/rails $home/log | |
145 | - mkdir -p /shared/uploads | |
146 | - ln -s /shared/uploads $home/public/uploads | |
147 | - chown -R discourse /shared/uploads | |
148 | - chown -R discourse /shared/log/rails | |
7cae8e4b SS |
149 | - exec: |
150 | cmd: | |
151 | - "cp $home/config/nginx.sample.conf /etc/nginx/conf.d/discourse.conf" | |
152 | - "rm /etc/nginx/sites-enabled/default" | |
153 | ||
154 | - replace: | |
155 | filename: /etc/nginx/nginx.conf | |
156 | from: pid /run/nginx.pid; | |
157 | to: daemon off; | |
158 | ||
159 | - replace: | |
160 | filename: "/etc/nginx/conf.d/discourse.conf" | |
161 | from: /upstream[^\}]+\}/m | |
162 | to: "upstream discourse { | |
163 | server 127.0.0.1:3000; | |
164 | }" | |
165 | ||
166 | - replace: | |
167 | filename: "/etc/nginx/conf.d/discourse.conf" | |
168 | from: /server_name.+$/ | |
169 | to: server_name _ ; | |
170 | ||
171 | - replace: | |
172 | filename: "/etc/redis/redis.conf" | |
173 | from: "daemonize yes" | |
174 | to: "" | |
175 | - replace: | |
176 | filename: "/etc/redis/redis.conf" | |
177 | from: /^pidfile.*$/ | |
178 | to: "" | |
179 | ||
180 | - exec: | |
181 | cmd: | |
c266ef4b | 182 | - install -d -m 0755 -o redis -g redis /shared/redis_data |
7cae8e4b SS |
183 | |
184 | - replace: | |
185 | filename: "/etc/redis/redis.conf" | |
186 | from: /^logfile.*$/ | |
3f045585 | 187 | to: "logfile \"\"" |
7cae8e4b SS |
188 | |
189 | - replace: | |
190 | filename: "/etc/redis/redis.conf" | |
191 | from: /^dir .*$/ | |
192 | to: "dir /shared/redis_data" | |
193 | ||
194 | # we can not migrate without redis | |
195 | - exec: | |
196 | background: true | |
197 | cmd: "sudo -u redis /usr/bin/redis-server /etc/redis/redis.conf" | |
198 | ||
199 | - merge: $home/config/database.yml $database_yml | |
200 | ||
201 | - exec: | |
202 | cmd: | |
203 | - chown -R root /var/lib/postgresql/9.2/main | |
204 | - "[ ! -e /shared/postgres_data ] && cp -r /var/lib/postgresql/9.2/main /shared/postgres_data || exit 0" | |
c266ef4b | 205 | - chown -R postgres:postgres /shared/postgres_data |
7cae8e4b SS |
206 | |
207 | - replace: | |
208 | filename: "/etc/postgresql/9.2/main/postgresql.conf" | |
209 | from: "data_directory = '/var/lib/postgresql/9.2/main'" | |
210 | to: "data_directory = '/shared/postgres_data'" | |
211 | ||
c266ef4b MB |
212 | # Necessary to enable backups |
213 | - exec: | |
214 | cmd: | |
215 | - install -d -m 0755 -o postgres -g postgres /shared/postgres_backup | |
216 | ||
217 | - replace: | |
218 | filename: "/etc/postgresql/9.2/main/postgresql.conf" | |
219 | from: /#?max_wal_senders *=.*/ | |
220 | to: "max_wal_senders = 4" | |
221 | ||
222 | - replace: | |
223 | filename: "/etc/postgresql/9.2/main/postgresql.conf" | |
224 | from: /#?wal_level *=.*/ | |
225 | to: "wal_level = hot_standby" | |
226 | ||
227 | - replace: | |
228 | filename: "/etc/postgresql/9.2/main/pg_hba.conf" | |
229 | from: /^#local +replication +postgres +peer$/ | |
230 | to: "local replication postgres peer" | |
231 | ||
7cae8e4b SS |
232 | - exec: |
233 | background: true | |
234 | cmd: "sudo -u postgres /usr/lib/postgresql/9.2/bin/postmaster -D /etc/postgresql/9.2/main" | |
235 | ||
236 | # give db a few secs to start up | |
237 | - exec: "sleep 5" | |
238 | ||
239 | - exec: sudo -u postgres createdb discourse || exit 0 | |
240 | - exec: | |
241 | stdin: | | |
242 | create user discourse; | |
243 | cmd: sudo -u postgres psql discourse | |
244 | raise_on_fail: false | |
245 | ||
246 | - exec: | |
247 | stdin: | | |
248 | grant all privileges on database discourse to discourse; | |
249 | cmd: sudo -u postgres psql discourse | |
250 | raise_on_fail: false | |
251 | ||
252 | - exec: /bin/bash -c 'sudo -u postgres psql discourse <<< "create extension if not exists hstore;"' | |
253 | - exec: /bin/bash -c 'sudo -u postgres psql discourse <<< "create extension if not exists pg_trgm;"' | |
254 | ||
255 | ||
256 | - exec: | |
257 | cd: $home | |
258 | cmd: | |
259 | - chown -R discourse $home | |
6b84f5e5 | 260 | - sudo -E -u discourse bundle install --deployment --without test --without development |
7cae8e4b SS |
261 | - sudo -E -u discourse bundle exec rake db:migrate |
262 | - sudo -E -u discourse bundle exec rake assets:precompile | |
263 |