[discourse_docker.git] / standalone.template.yml

# expose:
  # expose public port 80 to map to private docker port 80 (web)
  # - "80:80"
  # expose public port 2222 to map to private docker port 22 (ssh)
  # - "2222:22"

# ENV is baked in to the image, any changes here require ./launcher bootstrap to run
env:
  # Comma delimited list of emails, required if you want admin access for first account
  DEVELOPER_EMAILS: 'YOUR_EMAIL@EMAIL.COM1'
  # You can have redis on a different box
  # REDIS_PROVIDER_URL: 'redis://l.discourse:6379'
  RAILS_ENV: 'production'
  UNICORN_WORKERS: 3
  # slightly less aggressive than "recommendation" but works fine with oobgc
  RUBY_GC_MALLOC_LIMIT: 40000000
  # this ensures we have enough heap space to handle a big pile of small reqs
  RUBY_HEAP_MIN_SLOTS: 800000

params:
  # SSH key is required for remote access into the container
  ssh_key: YOUR_SSH_KEY_HERE
  version: HEAD

  home: /var/www/discourse

  # You can connect to any DB you wish to
  database_yml:
    production:
      database: discourse
      username: discourse
      socket: /var/run/postgresql
      password:
      host:
      host_names:
        - YOUR_HOSTNAME_HERE

run:
  - file:
     path: /etc/service/cron/run
     chmod: "+x"
     contents: |
        #!/bin/bash
        exec 2>&1
        cd /
        exec cron

  - file:
     path: /var/lib/postgresql/take-database-backup
     chown: postgres:postgres
     chmod: "+x"
     contents: |
        #!/bin/bash
        ID=db-$(date +%F_%T)
        FILENAME=/shared/postgres_backup/$ID.tar.gz
        pg_basebackup --format=tar --pgdata=- --xlog --gzip --label=$ID > $FILENAME
        echo $FILENAME

  - file:
     path: /var/spool/cron/crontabs/postgres
     contents: |
        # m h  dom mon dow   command
        #MAILTO=?
        0 */4 * * * /var/lib/postgresql/take-database-backup

  - file:
     path: /etc/service/unicorn/run
     chmod: "+x"
     contents: |
        #!/bin/bash
        exec 2>&1
        $env
        sv start redis || exit 1
        sv start postgres || exit 1
        cd $home
        exec sudo -E -u discourse LD_PRELOAD=/usr/lib/libjemalloc.so.1 bundle exec config/unicorn_launcher -E production -c config/unicorn.conf.rb

  - file:
     path: /etc/service/sidekiq/run
     chmod: "+x"
     contents: |
        #!/bin/bash
        exec 2>&1
        $env
        sv start redis || exit 1
        sv start postgres || exit 1
        cd $home
        exec sudo -E -u discourse LD_PRELOAD=/usr/lib/libjemalloc.so.1 bundle exec sidekiq

  - file:
     path: /etc/service/sshd/run
     chmod: "+x"
     contents: |
        #!/bin/sh
        exec 2>&1
        exec /usr/sbin/sshd -D -e

  - file:
     path: /etc/service/redis/run
     chmod: "+x"
     contents: |
        #!/bin/sh
        exec 2>&1
        exec sudo -u redis /usr/bin/redis-server /etc/redis/redis.conf

  - file:
     path: /etc/service/nginx/run
     chmod: "+x"
     contents: |
        #!/bin/sh
        exec 2>&1
        exec /usr/sbin/nginx

  - file:
     path: /etc/service/postgres/run
     chmod: "+x"
     contents: |
        #!/bin/sh
        exec 2>&1
        exec sudo -u postgres /usr/lib/postgresql/9.2/bin/postmaster -D /etc/postgresql/9.2/main

  - exec:
      cmd:
        - mkdir -p /var/run/sshd
        - mkdir -p /root/.ssh
        - echo $ssh_key >> /root/.ssh/authorized_keys

  - exec:
      cd: $home
      hook: code
      cmd:
        - git reset --hard
        - git clean -f
        - git pull
        - git checkout $head
        - cp config/database.yml.production-sample config/database.yml
        - cp config/redis.yml.sample config/redis.yml
        - cp config/environments/production.rb.sample config/environments/production.rb
        - mkdir -p tmp/pids
        - mkdir -p tmp/sockets
        - touch tmp/.gitkeep
        - mkdir -p /shared/log/rails
        - rm -r log
        - ln -s /shared/log/rails $home/log
        - mkdir -p /shared/uploads
        - ln -s /shared/uploads $home/public/uploads
        - chown -R discourse /shared/uploads
        - chown -R discourse /shared/log/rails
  - exec:
      cmd:
        - "cp $home/config/nginx.sample.conf /etc/nginx/conf.d/discourse.conf"
        - "rm /etc/nginx/sites-enabled/default"

  - replace:
      filename: /etc/nginx/nginx.conf
      from: pid /run/nginx.pid;
      to: daemon off;

  - replace:
      filename: "/etc/nginx/conf.d/discourse.conf"
      from: /upstream[^\}]+\}/m
      to: "upstream discourse {
        server 127.0.0.1:3000;
      }"

  - replace:
      filename: "/etc/nginx/conf.d/discourse.conf"
      from: /server_name.+$/
      to: server_name _ ;

  - replace:
      filename: "/etc/redis/redis.conf"
      from: "daemonize yes"
      to: ""
  - replace:
      filename: "/etc/redis/redis.conf"
      from: /^pidfile.*$/
      to: ""

  - exec:
      cmd:
        - install -d -m 0755 -o redis -g redis /shared/redis_data

  - replace:
      filename: "/etc/redis/redis.conf"
      from: /^logfile.*$/
      to: "logfile \"\""

  - replace:
      filename: "/etc/redis/redis.conf"
      from: /^dir .*$/
      to: "dir /shared/redis_data"

  # we can not migrate without redis
  - exec:
      background: true
      cmd: "sudo -u redis /usr/bin/redis-server /etc/redis/redis.conf"

  - merge: $home/config/database.yml $database_yml

  - exec:
      cmd:
        - chown -R root /var/lib/postgresql/9.2/main
        - "[ ! -e /shared/postgres_data ] && cp -r /var/lib/postgresql/9.2/main /shared/postgres_data || exit 0"
        - chown -R postgres:postgres /shared/postgres_data

  - replace:
      filename: "/etc/postgresql/9.2/main/postgresql.conf"
      from: "data_directory = '/var/lib/postgresql/9.2/main'"
      to: "data_directory = '/shared/postgres_data'"

  # Necessary to enable backups
  - exec:
      cmd:
        - install -d -m 0755 -o postgres -g postgres /shared/postgres_backup

  - replace:
      filename: "/etc/postgresql/9.2/main/postgresql.conf"
      from: /#?max_wal_senders *=.*/
      to: "max_wal_senders = 4"

  - replace:
      filename: "/etc/postgresql/9.2/main/postgresql.conf"
      from: /#?wal_level *=.*/
      to: "wal_level = hot_standby"

  - replace:
      filename: "/etc/postgresql/9.2/main/pg_hba.conf"
      from: /^#local +replication +postgres +peer$/
      to: "local replication postgres  peer"

  - exec:
      background: true
      cmd: "sudo -u postgres /usr/lib/postgresql/9.2/bin/postmaster -D /etc/postgresql/9.2/main"

  # give db a few secs to start up
  - exec: "sleep 5"

  - exec: sudo -u postgres createdb discourse || exit 0
  - exec:
      stdin: |
        create user discourse;
      cmd: sudo -u postgres psql discourse
      raise_on_fail: false

  - exec:
      stdin: |
        grant all privileges on database discourse to discourse;
      cmd: sudo -u postgres psql discourse
      raise_on_fail: false

  - exec: /bin/bash -c 'sudo -u postgres psql discourse <<< "create extension if not exists hstore;"'
  - exec: /bin/bash -c 'sudo -u postgres psql discourse <<< "create extension if not exists pg_trgm;"'


  - exec:
      cd: $home
      cmd:
        - chown -R discourse $home
        - sudo -E -u discourse bundle install --deployment --without test --without development
        - sudo -E -u discourse bundle exec rake db:migrate
        - sudo -E -u discourse bundle exec rake assets:precompile
Commit	Line	Data
7cae8e4b SS	1	# expose:
	2	# expose public port 80 to map to private docker port 80 (web)
	3	# - "80:80"
	4	# expose public port 2222 to map to private docker port 22 (ssh)
	5	# - "2222:22"
	6
	7	# ENV is baked in to the image, any changes here require ./launcher bootstrap to run
	8	env:
	9	# Comma delimited list of emails, required if you want admin access for first account
	10	DEVELOPER_EMAILS: 'YOUR_EMAIL@EMAIL.COM1'
	11	# You can have redis on a different box
	12	# REDIS_PROVIDER_URL: 'redis://l.discourse:6379'
	13	RAILS_ENV: 'production'
7cae8e4b	14	UNICORN_WORKERS: 3
6b84f5e5	15	# slightly less aggressive than "recommendation" but works fine with oobgc
a5461bf7	16	RUBY_GC_MALLOC_LIMIT: 40000000
769c7f06 SS	17	# this ensures we have enough heap space to handle a big pile of small reqs
769c7f06 SS	18	RUBY_HEAP_MIN_SLOTS: 800000
7cae8e4b SS	19
	20	params:
	21	# SSH key is required for remote access into the container
	22	ssh_key: YOUR_SSH_KEY_HERE
	23	version: HEAD
	24
	25	home: /var/www/discourse
	26
	27	# You can connect to any DB you wish to
	28	database_yml:
	29	production:
	30	database: discourse
	31	username: discourse
	32	socket: /var/run/postgresql
	33	password:
	34	host:
	35	host_names:
	36	- YOUR_HOSTNAME_HERE
	37
	38	run:
c266ef4b MB	39	- file:
	40	path: /etc/service/cron/run
	41	chmod: "+x"
	42	contents: \|
	43	#!/bin/bash
	44	exec 2>&1
	45	cd /
	46	exec cron
	47
	48	- file:
	49	path: /var/lib/postgresql/take-database-backup
	50	chown: postgres:postgres
	51	chmod: "+x"
	52	contents: \|
	53	#!/bin/bash
	54	ID=db-$(date +%F_%T)
	55	FILENAME=/shared/postgres_backup/$ID.tar.gz
	56	pg_basebackup --format=tar --pgdata=- --xlog --gzip --label=$ID > $FILENAME
	57	echo $FILENAME
	58
	59	- file:
	60	path: /var/spool/cron/crontabs/postgres
	61	contents: \|
	62	# m h dom mon dow command
	63	#MAILTO=?
	64	0 /4 * * /var/lib/postgresql/take-database-backup
	65
7cae8e4b SS	66	- file:
	67	path: /etc/service/unicorn/run
	68	chmod: "+x"
	69	contents: \|
	70	#!/bin/bash
	71	exec 2>&1
	72	$env
	73	sv start redis \|\| exit 1
	74	sv start postgres \|\| exit 1
	75	cd $home
556a9de5	76	exec sudo -E -u discourse LD_PRELOAD=/usr/lib/libjemalloc.so.1 bundle exec config/unicorn_launcher -E production -c config/unicorn.conf.rb
7cae8e4b SS	77
	78	- file:
	79	path: /etc/service/sidekiq/run
	80	chmod: "+x"
	81	contents: \|
	82	#!/bin/bash
	83	exec 2>&1
	84	$env
	85	sv start redis \|\| exit 1
	86	sv start postgres \|\| exit 1
	87	cd $home
556a9de5	88	exec sudo -E -u discourse LD_PRELOAD=/usr/lib/libjemalloc.so.1 bundle exec sidekiq
7cae8e4b SS	89
	90	- file:
	91	path: /etc/service/sshd/run
	92	chmod: "+x"
	93	contents: \|
	94	#!/bin/sh
	95	exec 2>&1
	96	exec /usr/sbin/sshd -D -e
	97
	98	- file:
	99	path: /etc/service/redis/run
	100	chmod: "+x"
	101	contents: \|
	102	#!/bin/sh
	103	exec 2>&1
	104	exec sudo -u redis /usr/bin/redis-server /etc/redis/redis.conf
	105
	106	- file:
	107	path: /etc/service/nginx/run
	108	chmod: "+x"
	109	contents: \|
	110	#!/bin/sh
	111	exec 2>&1
	112	exec /usr/sbin/nginx
	113
	114	- file:
	115	path: /etc/service/postgres/run
	116	chmod: "+x"
	117	contents: \|
	118	#!/bin/sh
	119	exec 2>&1
	120	exec sudo -u postgres /usr/lib/postgresql/9.2/bin/postmaster -D /etc/postgresql/9.2/main
	121
d1cf6900 SS	122	- exec:
	123	cmd:
	124	- mkdir -p /var/run/sshd
	125	- mkdir -p /root/.ssh
	126	- echo $ssh_key >> /root/.ssh/authorized_keys
7cae8e4b SS	127
	128	- exec:
	129	cd: $home
d0cd2c4d	130	hook: code
7cae8e4b SS	131	cmd:
	132	- git reset --hard
	133	- git clean -f
	134	- git pull
	135	- git checkout $head
	136	- cp config/database.yml.production-sample config/database.yml
	137	- cp config/redis.yml.sample config/redis.yml
	138	- cp config/environments/production.rb.sample config/environments/production.rb
	139	- mkdir -p tmp/pids
	140	- mkdir -p tmp/sockets
a61858b8	141	- touch tmp/.gitkeep
8788612e SS	142	- mkdir -p /shared/log/rails
	143	- rm -r log
	144	- ln -s /shared/log/rails $home/log
	145	- mkdir -p /shared/uploads
	146	- ln -s /shared/uploads $home/public/uploads
	147	- chown -R discourse /shared/uploads
	148	- chown -R discourse /shared/log/rails
7cae8e4b SS	149	- exec:
	150	cmd:
	151	- "cp $home/config/nginx.sample.conf /etc/nginx/conf.d/discourse.conf"
	152	- "rm /etc/nginx/sites-enabled/default"
	153
	154	- replace:
	155	filename: /etc/nginx/nginx.conf
	156	from: pid /run/nginx.pid;
	157	to: daemon off;
	158
	159	- replace:
	160	filename: "/etc/nginx/conf.d/discourse.conf"
	161	from: /upstream[^\}]+\}/m
	162	to: "upstream discourse {
	163	server 127.0.0.1:3000;
	164	}"
	165
	166	- replace:
	167	filename: "/etc/nginx/conf.d/discourse.conf"
	168	from: /server_name.+$/
	169	to: server_name _ ;
	170
	171	- replace:
	172	filename: "/etc/redis/redis.conf"
	173	from: "daemonize yes"
	174	to: ""
	175	- replace:
	176	filename: "/etc/redis/redis.conf"
	177	from: /^pidfile.*$/
	178	to: ""
	179
	180	- exec:
	181	cmd:
c266ef4b	182	- install -d -m 0755 -o redis -g redis /shared/redis_data
7cae8e4b SS	183
	184	- replace:
	185	filename: "/etc/redis/redis.conf"
	186	from: /^logfile.*$/
3f045585	187	to: "logfile \"\""
7cae8e4b SS	188
	189	- replace:
	190	filename: "/etc/redis/redis.conf"
	191	from: /^dir .*$/
	192	to: "dir /shared/redis_data"
	193
	194	# we can not migrate without redis
	195	- exec:
	196	background: true
	197	cmd: "sudo -u redis /usr/bin/redis-server /etc/redis/redis.conf"
	198
	199	- merge: $home/config/database.yml $database_yml
	200
	201	- exec:
	202	cmd:
	203	- chown -R root /var/lib/postgresql/9.2/main
	204	- "[ ! -e /shared/postgres_data ] && cp -r /var/lib/postgresql/9.2/main /shared/postgres_data \|\| exit 0"
c266ef4b	205	- chown -R postgres:postgres /shared/postgres_data
7cae8e4b SS	206
	207	- replace:
	208	filename: "/etc/postgresql/9.2/main/postgresql.conf"
	209	from: "data_directory = '/var/lib/postgresql/9.2/main'"
	210	to: "data_directory = '/shared/postgres_data'"
	211
c266ef4b MB	212	# Necessary to enable backups
	213	- exec:
	214	cmd:
	215	- install -d -m 0755 -o postgres -g postgres /shared/postgres_backup
	216
	217	- replace:
	218	filename: "/etc/postgresql/9.2/main/postgresql.conf"
	219	from: /#?max_wal_senders =./
	220	to: "max_wal_senders = 4"
	221
	222	- replace:
	223	filename: "/etc/postgresql/9.2/main/postgresql.conf"
	224	from: /#?wal_level =./
	225	to: "wal_level = hot_standby"
	226
	227	- replace:
	228	filename: "/etc/postgresql/9.2/main/pg_hba.conf"
	229	from: /^#local +replication +postgres +peer$/
	230	to: "local replication postgres peer"
	231
7cae8e4b SS	232	- exec:
	233	background: true
	234	cmd: "sudo -u postgres /usr/lib/postgresql/9.2/bin/postmaster -D /etc/postgresql/9.2/main"
	235
	236	# give db a few secs to start up
	237	- exec: "sleep 5"
	238
	239	- exec: sudo -u postgres createdb discourse \|\| exit 0
	240	- exec:
	241	stdin: \|
	242	create user discourse;
	243	cmd: sudo -u postgres psql discourse
	244	raise_on_fail: false
	245
	246	- exec:
	247	stdin: \|
	248	grant all privileges on database discourse to discourse;
	249	cmd: sudo -u postgres psql discourse
	250	raise_on_fail: false
	251
	252	- exec: /bin/bash -c 'sudo -u postgres psql discourse <<< "create extension if not exists hstore;"'
	253	- exec: /bin/bash -c 'sudo -u postgres psql discourse <<< "create extension if not exists pg_trgm;"'
	254
	255
	256	- exec:
	257	cd: $home
	258	cmd:
	259	- chown -R discourse $home
6b84f5e5	260	- sudo -E -u discourse bundle install --deployment --without test --without development
7cae8e4b SS	261	- sudo -E -u discourse bundle exec rake db:migrate
	262	- sudo -E -u discourse bundle exec rake assets:precompile
	263