templates/web.template.yml

   1 env:
   2   # You can have redis on a different box
   3   RAILS_ENV: 'production'
   4   UNICORN_WORKERS: 3
   5   UNICORN_SIDEKIQS: 1
   6   # this gives us very good cache coverage, 96 -> 99
   7   # in practice it is 1-2% perf improvement
   8   RUBY_GLOBAL_METHOD_CACHE_SIZE: 131072
   9   # stop heap doubling in size so aggressively, this conserves memory
  10   RUBY_GC_HEAP_GROWTH_MAX_SLOTS: 40000
  11   RUBY_GC_HEAP_INIT_SLOTS: 400000
  12   RUBY_GC_HEAP_OLDOBJECT_LIMIT_FACTOR: 1.5
  13
  14   DISCOURSE_DB_SOCKET: /var/run/postgresql
  15   DISCOURSE_DB_HOST:
  16   DISCOURSE_DB_PORT:
  17
  18
  19 params:
  20   version: tests-passed
  21
  22   home: /var/www/discourse
  23   upload_size: 10m
  24
  25 run:
  26   - exec: thpoff echo "thpoff is installed!"
  27   - exec: /usr/local/bin/ruby -e 'if ENV["DISCOURSE_SMTP_ADDRESS"] == "smtp.example.com"; puts "Aborting! Mail is not configured!"; exit 1; end'
  28   - exec: /usr/local/bin/ruby -e 'if ENV["DISCOURSE_HOSTNAME"] == "discourse.example.com"; puts "Aborting! Domain is not configured!"; exit 1; end'
  29   - exec: /usr/local/bin/ruby -e 'if (ENV["DISCOURSE_CDN_URL"] || "")[0..1] == "//"; puts "Aborting! CDN must have a protocol specified. Once fixed you should rebake your posts now to correct all posts."; exit 1; end'
  30   - exec: chown -R discourse /home/discourse
  31   # TODO: move to base image (anacron can not be fired up using rc.d)
  32   - exec: rm -f /etc/cron.d/anacron
  33   - file:
  34      path: /etc/cron.d/anacron
  35      contents: |
  36         SHELL=/bin/sh
  37         PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
  38
  39         30 7    * * *   root    /usr/sbin/anacron -s >/dev/null
  40   - file:
  41      path: /etc/runit/1.d/copy-env
  42      chmod: "+x"
  43      contents: |
  44         #!/bin/bash
  45         env > ~/boot_env
  46         conf=/var/www/discourse/config/discourse.conf
  47
  48         # find DISCOURSE_ env vars, strip the leader, lowercase the key
  49         /usr/local/bin/ruby -e 'ENV.each{|k,v| puts "#{$1.downcase} = '\''#{v}'\''" if k =~ /^DISCOURSE_(.*)/}' > $conf
  50
  51   - file:
  52      path: /etc/service/unicorn/run
  53      chmod: "+x"
  54      contents: |
  55         #!/bin/bash
  56         exec 2>&1
  57         # redis
  58         # postgres
  59         cd $home
  60         chown -R discourse:www-data /shared/log/rails
  61         LD_PRELOAD=$RUBY_ALLOCATOR HOME=/home/discourse USER=discourse exec thpoff chpst -u discourse:www-data -U discourse:www-data bundle exec config/unicorn_launcher -E production -c config/unicorn.conf.rb
  62
  63   - file:
  64      path: /etc/service/nginx/run
  65      chmod: "+x"
  66      contents: |
  67         #!/bin/sh
  68         exec 2>&1
  69         exec /usr/sbin/nginx
  70
  71   - file:
  72      path: /etc/runit/3.d/01-nginx
  73      chmod: "+x"
  74      contents: |
  75        #!/bin/bash
  76        sv stop nginx
  77
  78   - file:
  79      path: /etc/runit/3.d/02-unicorn
  80      chmod: "+x"
  81      contents: |
  82        #!/bin/bash
  83        sv stop unicorn
  84
  85   - exec:
  86       cd: $home
  87       hook: code
  88       cmd:
  89         - git reset --hard
  90         - git clean -f
  91         - git remote set-branches --add origin master
  92         - git pull
  93         - git fetch origin $version
  94         - git checkout $version
  95         - mkdir -p tmp
  96         - chown discourse:www-data tmp
  97         - mkdir -p tmp/pids
  98         - mkdir -p tmp/sockets
  99         - touch tmp/.gitkeep
 100         - mkdir -p                    /shared/log/rails
 101         - bash -c "touch -a           /shared/log/rails/{production,production_errors,unicorn.stdout,unicorn.stderr,sidekiq}.log"
 102         - bash -c "ln    -s           /shared/log/rails/{production,production_errors,unicorn.stdout,unicorn.stderr,sidekiq}.log $home/log"
 103         - bash -c "mkdir -p           /shared/{uploads,backups}"
 104         - bash -c "ln    -s           /shared/{uploads,backups} $home/public"
 105         - bash -c "mkdir -p           /shared/tmp/{backups,restores}"
 106         - bash -c "ln    -s           /shared/tmp/{backups,restores} $home/tmp"
 107         - chown -R discourse:www-data /shared/log/rails /shared/uploads /shared/backups /shared/tmp
 108         # scrub broken symlinks from plugins that have been removed
 109         - find public/plugins/ -maxdepth 1 -xtype l -delete
 110
 111   - exec:
 112       cmd:
 113         - "cp $home/config/nginx.sample.conf /etc/nginx/conf.d/discourse.conf"
 114         - "rm /etc/nginx/sites-enabled/default"
 115         - "mkdir -p /var/nginx/cache"
 116
 117   - replace:
 118       filename: /etc/nginx/nginx.conf
 119       from: pid /run/nginx.pid;
 120       to: daemon off;
 121
 122   - replace:
 123       filename: "/etc/nginx/conf.d/discourse.conf"
 124       from: /upstream[^\}]+\}/m
 125       to: "upstream discourse {
 126         server 127.0.0.1:3000;
 127       }"
 128
 129   - replace:
 130       filename: "/etc/nginx/conf.d/discourse.conf"
 131       from: /server_name.+$/
 132       to: server_name _ ;
 133
 134   - replace:
 135       filename: "/etc/nginx/conf.d/discourse.conf"
 136       from: /client_max_body_size.+$/
 137       to: client_max_body_size $upload_size ;
 138
 139   - exec:
 140       cmd: echo "done configuring web"
 141       hook: web_config
 142
 143   - exec:
 144       cd: $home
 145       hook: web
 146       cmd:
 147         # ensure we are on latest bundler
 148         - gem update bundler
 149         - find $home ! -user discourse -exec chown discourse {} \+
 150
 151   - exec:
 152       cd: $home
 153       hook: bundle_exec
 154       cmd:
 155         - su discourse -c 'bundle install --deployment --retry 3 --jobs 4 --verbose --without test development'
 156
 157   - exec:
 158       cd: $home
 159       cmd:
 160         - su discourse -c 'bundle exec rake plugin:pull_compatible_all'
 161       raise_on_fail: false
 162
 163   - exec:
 164       cd: $home
 165       hook: db_migrate
 166       cmd:
 167         - su discourse -c 'bundle exec rake db:migrate'
 168   - exec:
 169       cd: $home
 170       hook: assets_precompile
 171       cmd:
 172         - su discourse -c 'bundle exec rake assets:precompile'
 173   - file:
 174      path: /usr/local/bin/discourse
 175      chmod: +x
 176      contents: |
 177        #!/bin/bash
 178        (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec script/discourse "$@")
 179
 180   - file:
 181      path: /usr/local/bin/rails
 182      chmod: +x
 183      contents: |
 184        #!/bin/bash
 185        # If they requested a console, load pry instead
 186        if [ "$*" == "c" -o "$*" == "console" ]
 187        then
 188         (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec pry -r ./config/environment)
 189        else
 190         (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec script/rails "$@")
 191        fi
 192
 193   - file:
 194      path: /usr/local/bin/rake
 195      chmod: +x
 196      contents: |
 197        #!/bin/bash
 198        (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec bin/rake "$@")
 199
 200   - file:
 201      path: /usr/local/bin/rbtrace
 202      chmod: +x
 203      contents: |
 204        #!/bin/bash
 205        (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec rbtrace "$@")
 206
 207   - file:
 208      path: /usr/local/bin/stackprof
 209      chmod: +x
 210      contents: |
 211        #!/bin/bash
 212        (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec stackprof "$@")
 213
 214   - file:
 215      path: /etc/update-motd.d/10-web
 216      chmod: +x
 217      contents: |
 218        #!/bin/bash
 219        echo
 220        echo Use: rails, rake or discourse to execute commands in production
 221        echo
 222
 223   - file:
 224      path: /etc/logrotate.d/rails
 225      contents: |
 226         /shared/log/rails/*.log
 227         {
 228                 rotate 7
 229                 dateext
 230                 daily
 231                 missingok
 232                 delaycompress
 233                 compress
 234                 postrotate
 235                 sv 1 unicorn
 236                 endscript
 237         }
 238
 239   - file:
 240      path: /etc/logrotate.d/nginx
 241      contents: |
 242         /var/log/nginx/*.log {
 243           daily
 244           missingok
 245           rotate 7
 246           compress
 247           delaycompress
 248           create 0644 www-data www-data
 249           sharedscripts
 250           postrotate
 251             sv 1 nginx
 252           endscript
 253         }
 254
 255   # move state out of the container this fancy is done to support rapid rebuilds of containers,
 256   # we store anacron and logrotate state outside the container to ensure its maintained across builds
 257   # later move this snipped into an intialization script
 258   # we also ensure all the symlinks we need to /shared are in place in the correct structure
 259   # this allows us to bootstrap on one machine and then run on another
 260   - file:
 261       path: /etc/runit/1.d/00-ensure-links
 262       chmod: +x
 263       contents: |
 264         #!/bin/bash
 265         if [[ ! -L /var/lib/logrotate ]]; then
 266           rm -fr /var/lib/logrotate
 267           mkdir -p /shared/state/logrotate
 268           ln -s /shared/state/logrotate /var/lib/logrotate
 269         fi
 270         if [[ ! -L /var/spool/anacron ]]; then
 271           rm -fr /var/spool/anacron
 272           mkdir -p /shared/state/anacron-spool
 273           ln -s /shared/state/anacron-spool /var/spool/anacron
 274         fi
 275         if [[ ! -d /shared/log/rails ]]; then
 276           mkdir -p /shared/log/rails
 277           chown -R discourse:www-data /shared/log/rails
 278         fi
 279         if [[ ! -d /shared/uploads ]]; then
 280           mkdir -p /shared/uploads
 281           chown -R discourse:www-data /shared/uploads
 282         fi
 283         if [[ ! -d /shared/backups ]]; then
 284           mkdir -p /shared/backups
 285           chown -R discourse:www-data /shared/backups
 286         fi
 287
 288         rm -rf /shared/tmp/{backups,restores}
 289         mkdir -p /shared/tmp/{backups,restores}
 290         chown -R discourse:www-data /shared/tmp/{backups,restores}
 291
 292   # change login directory to Discourse home
 293   - file:
 294      path: /root/.bash_profile
 295      chmod: 644
 296      contents: |
 297         cd $home