projects / discourse_docker.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
add comment
[discourse_docker.git] / templates / web.template.yml
1 env:
2 # You can have redis on a different box
3 RAILS_ENV: 'production'
4 UNICORN_WORKERS: 3
5 UNICORN_SIDEKIQS: 1
6 # slightly less aggressive than "recommendation" but works fine with oobgc
7 RUBY_GC_MALLOC_LIMIT: 40000000
8 # this ensures we have enough heap space to handle a big pile of small reqs
9 RUBY_HEAP_MIN_SLOTS: 800000
10
11 DISCOURSE_DB_SOCKET: /var/run/postgresql
12 DISCOURSE_DB_HOST:
13 DISCOURSE_DB_PORT:
14
15
16 params:
17 # SSH key is required for remote access into the container
18 version: tests-passed
19
20 home: /var/www/discourse
21 upload_size: 10m
22
23 run:
24 # see: https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
25 - replace:
26 filename: /usr/local/etc/ImageMagick-6/policy.xml
27 from: "<policymap>"
28 to: |
29 <policymap>
30 <policy domain="coder" rights="none" pattern="EPHEMERAL" />
31 <policy domain="coder" rights="none" pattern="HTTPS" />
32 <policy domain="coder" rights="none" pattern="MVG" />
33 <policy domain="coder" rights="none" pattern="MSL" />
34
35 - exec: /usr/local/bin/ruby -e 'if ENV["DISCOURSE_SMTP_ADDRESS"] == "smtp.example.com"; puts "Aborting! Mail is not configured!"; exit 1; end'
36 - exec: /usr/local/bin/ruby -e 'if ENV["DISCOURSE_HOSTNAME"] == "discourse.example.com"; puts "Aborting! Domain is not configured!"; exit 1; end'
37 - exec: chown -R discourse /home/discourse
38 - file:
39 path: /etc/runit/1.d/copy-env
40 chmod: "+x"
41 contents: |
42 #!/bin/bash
43 env > ~/boot_env
44 conf=/var/www/discourse/config/discourse.conf
45
46 # find DISCOURSE_ env vars, strip the leader, lowercase the key
47 /usr/local/bin/ruby -e 'ENV.each{|k,v| puts "#{$1.downcase} = #{v}" if k =~ /^DISCOURSE_(.*)/}' > $conf
48
49 - file:
50 path: /etc/runit/1.d/ensure-web-nginx-read
51 chmod: "+x"
52 contents: |
53 #!/bin/bash
54 mkdir -p /var/log/nginx
55 chgrp -R www-data /var/log/nginx
56 chgrp www-data /var/log/nginx
57
58 - file:
59 path: /etc/service/unicorn/run
60 chmod: "+x"
61 contents: |
62 #!/bin/bash
63 exec 2>&1
64 # redis
65 # postgres
66 cd $home
67 chown -R discourse:www-data /shared/log/rails
68 LD_PRELOAD=/usr/lib/libjemalloc.so.1 HOME=/home/discourse USER=discourse exec chpst -u discourse:www-data -U discourse:www-data bundle exec config/unicorn_launcher -E production -c config/unicorn.conf.rb
69
70 - file:
71 path: /etc/service/nginx/run
72 chmod: "+x"
73 contents: |
74 #!/bin/sh
75 exec 2>&1
76 exec /usr/sbin/nginx
77
78 - file:
79 path: /etc/runit/3.d/01-nginx
80 chmod: "+x"
81 contents: |
82 #!/bin/bash
83 sv stop nginx
84
85 - file:
86 path: /etc/runit/3.d/02-unicorn
87 chmod: "+x"
88 contents: |
89 #!/bin/bash
90 sv stop unicorn
91
92 - exec:
93 cd: $home
94 hook: code
95 cmd:
96 - git reset --hard
97 - git clean -f
98 - git remote set-branches --add origin master
99 - git pull
100 - git fetch origin $version
101 - git checkout $version
102 - mkdir -p tmp/pids
103 - mkdir -p tmp/sockets
104 - touch tmp/.gitkeep
105 - mkdir -p /shared/log/rails
106 - bash -c "touch -a /shared/log/rails/{production,production_errors,unicorn.stdout,unicorn.stderr}.log"
107 - bash -c "ln -s /shared/log/rails/{production,production_errors,unicorn.stdout,unicorn.stderr}.log $home/log"
108 - bash -c "mkdir -p /shared/{uploads,backups}"
109 - bash -c "ln -s /shared/{uploads,backups} $home/public"
110 - chown -R discourse:www-data /shared/log/rails /shared/uploads /shared/backups
111
112 - exec:
113 cmd:
114 - "cp $home/config/nginx.sample.conf /etc/nginx/conf.d/discourse.conf"
115 - "rm /etc/nginx/sites-enabled/default"
116 - "mkdir -p /var/nginx/cache"
117
118 - replace:
119 filename: /etc/nginx/nginx.conf
120 from: pid /run/nginx.pid;
121 to: daemon off;
122
123 - replace:
124 filename: "/etc/nginx/conf.d/discourse.conf"
125 from: /upstream[^\}]+\}/m
126 to: "upstream discourse {
127 server 127.0.0.1:3000;
128 }"
129
130 - replace:
131 filename: "/etc/nginx/conf.d/discourse.conf"
132 from: /server_name.+$/
133 to: server_name _ ;
134
135 - replace:
136 filename: "/etc/nginx/conf.d/discourse.conf"
137 from: /client_max_body_size.+$/
138 to: client_max_body_size $upload_size ;
139
140 - exec:
141 cmd: echo "done configuring web"
142 hook: web_config
143
144 - exec:
145 cd: $home
146 hook: web
147 cmd:
148 # ensure we are on latest bundler
149 - gem update bundler
150 - chown -R discourse $home
151
152 - exec:
153 cd: $home
154 hook: bundle_exec
155 cmd:
156 - su discourse -c 'bundle install --deployment --verbose --without test --without development'
157 - su discourse -c 'bundle exec rake db:migrate'
158 - su discourse -c 'bundle exec rake assets:precompile'
159
160 - file:
161 path: /usr/local/bin/discourse
162 chmod: +x
163 contents: |
164 #!/bin/bash
165 (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec script/discourse "$@")
166
167 - file:
168 path: /usr/local/bin/rails
169 chmod: +x
170 contents: |
171 #!/bin/bash
172 # If they requested a console, load pry instead
173 if [ "$*" == "c" -o "$*" == "console" ]
174 then
175 (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec pry -r ./config/environment)
176 else
177 (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec script/rails "$@")
178 fi
179
180 - file:
181 path: /usr/local/bin/rake
182 chmod: +x
183 contents: |
184 #!/bin/bash
185 (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec bin/rake "$@")
186
187 - file:
188 path: /etc/update-motd.d/10-web
189 chmod: +x
190 contents: |
191 #!/bin/bash
192 echo
193 echo Use: rails, rake or discourse to execute commands in production
194 echo
195
196 - file:
197 path: /etc/logrotate.d/rails
198 contents: |
199 /shared/log/rails/*.log
200 {
201 rotate 14
202 dateext
203 daily
204 missingok
205 notifempty
206 delaycompress
207 compress
208 postrotate
209 sv 1 unicorn
210 endscript
211 }
212
213 - file:
214 path: /etc/logrotate.d/nginx
215 contents: |
216 /var/log/nginx/*.log {
217 daily
218 missingok
219 rotate 14
220 compress
221 delaycompress
222 notifempty
223 create 0640 www-data www-data
224 sharedscripts
225 postrotate
226 sv 1 nginx
227 endscript
228 }
229
230 # move state out of the container this fancy is done to support rapid rebuilds of containers,
231 # we store anacron and logrotate state outside the container to ensure its maintained across builds
232 # later move this snipped into an intialization script
233 # we also ensure all the symlinks we need to /shared are in place in the correct structure
234 # this allows us to bootstrap on one machine and then run on another
235 - file:
236 path: /etc/runit/1.d/00-ensure-links
237 chmod: +x
238 contents: |
239 #!/bin/bash
240 if [[ ! -L /var/lib/logrotate ]]; then
241 rm -fr /var/lib/logrotate
242 mkdir -p /shared/state/logrotate
243 ln -s /shared/state/logrotate /var/lib/logrotate
244 fi
245 if [[ ! -L /var/spool/anacron ]]; then
246 rm -fr /var/spool/anacron
247 mkdir -p /shared/state/anacron-spool
248 ln -s /shared/state/anacron-spool /var/spool/anacron
249 fi
250 if [[ ! -d /shared/log/rails ]]; then
251 mkdir -p /shared/log/rails
252 chown -R discourse:www-data /shared/log/rails
253 fi
254 if [[ ! -d /shared/uploads ]]; then
255 mkdir -p /shared/uploads
256 chown -R discourse:www-data /shared/uploads
257 fi
258 if [[ ! -d /shared/backups ]]; then
259 mkdir -p /shared/backups
260 chown -R discourse:www-data /shared/backups
261 fi
262
263 # change login directory to Discourse home
264 - file:
265 path: /root/.bash_profile
266 chmod: 644
267 contents: |
268 cd $home