X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=templates%2Fweb.template.yml;h=532a1b1abce6f8c0bc5ac9ba22956d46ac7eef0c;hb=583397fab4d159e90a1a52822e1be740cd897bbb;hp=1784206bb56cdf2a42eba0bc466a661978bc3383;hpb=9c41ab1788a08b6297828138691c37e0064f4883;p=discourse_docker.git diff --git a/templates/web.template.yml b/templates/web.template.yml index 1784206..532a1b1 100644 --- a/templates/web.template.yml +++ b/templates/web.template.yml @@ -2,6 +2,7 @@ env: # You can have redis on a different box RAILS_ENV: 'production' UNICORN_WORKERS: 3 + UNICORN_SIDEKIQS: 1 # slightly less aggressive than "recommendation" but works fine with oobgc RUBY_GC_MALLOC_LIMIT: 40000000 # this ensures we have enough heap space to handle a big pile of small reqs @@ -14,27 +15,23 @@ env: params: # SSH key is required for remote access into the container - version: HEAD + version: tests-passed home: /var/www/discourse + upload_size: 3m run: + - exec: /usr/local/bin/ruby -e 'if ENV["DISCOURSE_SMTP_ADDRESS"] == "smtp.example.com"; puts "Aborting! Mail is not configured!"; exit 1; end' - file: - path: /etc/service/copy_env/run + path: /etc/runit/1.d/copy-env chmod: "+x" contents: | #!/bin/bash + env > ~/boot_env conf=/var/www/discourse/config/discourse.conf - sudo -u discourse echo > $conf - for x in `env | /usr/bin/awk -F= '{if($1 ~ /DISCOURSE_/) print $1}'` - do - c=${x,,} - c=${c:10} - echo "$c"=${!x} >> $conf - done - # I dunno there may be a cleaner way to handle this - exec sleep 2147483647 + # find DISCOURSE_ env vars, strip the leader, lowercase the key + /usr/local/bin/ruby -e 'ENV.each{|k,v| puts "#{$1.downcase} = #{v}" if k =~ /^DISCOURSE_(.*)/}' > $conf - file: path: /etc/service/unicorn/run @@ -44,29 +41,32 @@ run: exec 2>&1 # redis # postgres - sv start copy_env || exit 1 cd $home - exec sudo -E -u discourse LD_PRELOAD=/usr/lib/libjemalloc.so.1 bundle exec config/unicorn_launcher -E production -c config/unicorn.conf.rb + chown -R discourse:www-data /shared/log/rails + LD_PRELOAD=/usr/lib/libjemalloc.so.1 HOME=/home/discourse USER=discourse exec chpst -u discourse:www-data -U discourse:www-data bundle exec config/unicorn_launcher -E production -c config/unicorn.conf.rb - file: - path: /etc/service/sidekiq/run + path: /etc/service/nginx/run chmod: "+x" contents: | - #!/bin/bash + #!/bin/sh exec 2>&1 - # redis - # postgres - sv start copy_env || exit 1 - cd $home - exec sudo -E -u discourse LD_PRELOAD=/usr/lib/libjemalloc.so.1 bundle exec sidekiq + mkdir -p /var/log/nginx + exec /usr/sbin/nginx - file: - path: /etc/service/nginx/run + path: /etc/runit/3.d/01-nginx chmod: "+x" contents: | - #!/bin/sh - exec 2>&1 - exec /usr/sbin/nginx + #!/bin/bash + sv stop nginx + + - file: + path: /etc/runit/3.d/02-unicorn + chmod: "+x" + contents: | + #!/bin/bash + sv stop unicorn - exec: cd: $home @@ -74,26 +74,25 @@ run: cmd: - git reset --hard - git clean -f + - git remote set-branches --add origin master - git pull + - git fetch origin $version - git checkout $version - - touch tmp/.gitkeep - mkdir -p tmp/pids - mkdir -p tmp/sockets - - mkdir -p /shared/log/rails - - mkdir -p /shared/uploads - - mkdir -p /shared/backups - - rm -r log - - ln -s /shared/log/rails $home/log - - ln -s /shared/uploads $home/public/uploads - - ln -s /shared/backups $home/public/backups - - chown -R discourse:www-data /shared/log/rails - - chown -R discourse:www-data /shared/uploads - - chown -R discourse:www-data /shared/backups - + - touch tmp/.gitkeep + - mkdir -p /shared/log/rails + - bash -c "touch -a /shared/log/rails/{production,production_errors,unicorn.stdout,unicorn.stderr}.log" + - bash -c "ln -s /shared/log/rails/{production,production_errors,unicorn.stdout,unicorn.stderr}.log $home/log" + - bash -c "mkdir -p /shared/{uploads,backups}" + - bash -c "ln -s /shared/{uploads,backups} $home/public" + - chown -R discourse:www-data /shared/log/rails /shared/uploads /shared/backups + - exec: cmd: - "cp $home/config/nginx.sample.conf /etc/nginx/conf.d/discourse.conf" - "rm /etc/nginx/sites-enabled/default" + - "mkdir -p /var/nginx/cache" - replace: filename: /etc/nginx/nginx.conf @@ -112,15 +111,118 @@ run: from: /server_name.+$/ to: server_name _ ; + - replace: + filename: "/etc/nginx/conf.d/discourse.conf" + from: /client_max_body_size.+$/ + to: client_max_body_size $upload_size ; + - exec: cmd: echo "done configuring web" hook: web_config - exec: cd: $home + hook: web cmd: + # ensure we are on latest bundler + - gem update bundler - chown -R discourse $home - - sudo -E -u discourse bundle install --deployment --verbose --without test --without development - - sudo -E -u discourse bundle exec rake db:migrate - - sudo -E -u discourse bundle exec rake assets:precompile + - su discourse -c 'bundle install --deployment --verbose --without test --without development' + - su discourse -c 'bundle exec rake db:migrate' + - su discourse -c 'bundle exec rake assets:precompile' + - file: + path: /usr/local/bin/discourse + chmod: +x + contents: | + #!/bin/bash + (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec script/discourse "$@") + + - file: + path: /usr/local/bin/rails + chmod: +x + contents: | + #!/bin/bash + # If they requested a console, load pry instead + if [ "$@" == "c" -o "$@" == "console" ] + then + (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec pry -r ./config/environment) + else + (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec script/rails "$@") + fi + + - file: + path: /usr/local/bin/rake + chmod: +x + contents: | + #!/bin/bash + (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec bin/rake "$@") + + - file: + path: /etc/update-motd.d/10-web + chmod: +x + contents: | + #!/bin/bash + echo + echo Use: rails, rake or discourse to execute commands in production + echo + + - file: + path: /etc/logrotate.d/rails + contents: | + /shared/log/rails/*.log + { + rotate 14 + dateext + daily + missingok + notifempty + delaycompress + compress + postrotate + sv 1 unicorn + endscript + } + + - replace: + filename: "/etc/logrotate.d/nginx" + from: "weekly" + to: "daily" + + - replace: + filename: "/etc/logrotate.d/nginx" + from: "52" + to: "14" + + # move state out of the container this fancy is done to support rapid rebuilds of containers, + # we store anacron and logrotate state outside the container to ensure its maintained across builds + # later move this snipped into an intialization script + # we also ensure all the symlinks we need to /shared are in place in the correct structure + # this allows us to bootstrap on one machine and then run on another + - file: + path: /etc/runit/1.d/00-ensure-links + chmod: +x + contents: | + #!/bin/bash + if [[ ! -L /var/lib/logrotate ]]; then + rm -fr /var/lib/logrotate + mkdir -p /shared/state/logrotate + ln -s /shared/state/logrotate /var/lib/logrotate + fi + if [[ ! -L /var/spool/anacron ]]; then + rm -fr /var/spool/anacron + mkdir -p /shared/state/anacron-spool + ln -s /shared/state/anacron-spool /var/spool/anacron + fi + if [[ ! -d /shared/log/rails ]]; then + mkdir -p /shared/log/rails + chown -R discourse:www-data /shared/log/rails + fi + if [[ ! -d /shared/uploads ]]; then + mkdir -p /shared/uploads + chown -R discourse:www-data /shared/uploads + fi + if [[ ! -d /shared/backups ]]; then + mkdir -p /shared/backups + chown -R discourse:www-data /shared/backups + fi