Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ssl and error logs support #75

Open
wants to merge 33 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
bf1864f
Adding SSL support and error log.
alejandrod Apr 12, 2016
1e209ae
Adding SSL support and error log.
alejandrod Jun 15, 2016
929a462
Adding SSL support and error log.
alejandrod Jun 15, 2016
c694641
Fixing issue with ipaddress
alejandrod Jun 18, 2016
7761a75
Updating mysql2_chef_gem
alejandrod Jun 23, 2016
27a2e83
Fixing wordpress template
alejandrod Oct 10, 2016
f40c081
Fixing wordpress template
alejandrod Oct 10, 2016
63dfbb8
Using mod_php as mod_php5 is deprecated
alejandrod Jan 29, 2017
d7c5ef9
Fixing path to apache2 cookbook
alejandrod Jan 29, 2017
d4fc667
Adding ssl config
alejandrod Jul 20, 2017
0f59d05
Bumping versions
alejandrod Jul 21, 2017
4bd6766
Fixing nginx version
alejandrod Jul 21, 2017
a8ec4a3
Bumping apache2 support
alejandrod Jul 21, 2017
50f8e77
Bumping mysql
alejandrod Jul 21, 2017
7ef996c
Changes to allow wordpress to be installed in a sub dir
alejandrod Sep 27, 2017
cd861e9
Bumping dependencies
alejandrod Dec 5, 2017
0dee038
Bumping dependencies
alejandrod Mar 12, 2018
87fa11e
Bumping dependencies
alejandrod Mar 12, 2018
3ef06bf
Removing deprecated cookbook
alejandrod Mar 17, 2018
04670ef
Fixing mysql issue
alejandrod Mar 17, 2018
56c03e9
Adding basic auth to wordpress
alejandrod Aug 15, 2018
b7086cd
Bumping upload
alejandrod Dec 18, 2018
5df9d3e
Bumping nginx
alejandrod Jul 29, 2019
aa6cf6c
Rolling back nginx
alejandrod Jul 29, 2019
2eca6f1
Using Berksfile.lock
alejandrod Nov 5, 2019
2bd5d06
Bumping version
alejandrod Nov 5, 2019
a155b4a
Using nginx 8.1.6 because of chef
alejandrod Nov 5, 2019
f5d20b6
Mysql 8.0
alejandrod Dec 2, 2019
2074ab2
php7.2-mysql
alejandrod Dec 3, 2019
59b40f3
database for mysql 8
alejandrod Dec 3, 2019
4574a58
Bumping cookbooks
alejandrod Dec 3, 2019
2344d8d
Using version '8.0'
alejandrod Dec 4, 2019
843335f
Adding mysql repo
alejandrod Dec 4, 2019
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
.vagrant
Berksfile.lock
.idea
Gemfile.lock
*~
*#
Expand All @@ -12,3 +12,5 @@ Gemfile.lock
.kitchen
bin
.kitchen.local.yml

*.iml
10 changes: 9 additions & 1 deletion Berksfile
Original file line number Diff line number Diff line change
@@ -1,7 +1,15 @@
source "https://supermarket.getchef.com"
source "https://supermarket.chef.io"

metadata

cookbook 'php', '>= 4.5.0'
cookbook 'apache2', '>= 3.2.2', git: 'https://github.com/sous-chefs/apache2.git'
cookbook 'nginx', '= 8.1.6', git: 'https://github.com/sous-chefs/nginx.git', tag: "v8.1.6"

cookbook 'database', git: 'https://github.com/alejandrod/database.git'
cookbook 'mysql', git: 'https://github.com/alejandrod/mysql.git'
cookbook 'mysql2_chef_gem', '>= 2.1.0', git: 'https://github.com/alejandrod/mysql2_chef_gem.git'

group :integration do
cookbook 'apt', '~> 2.6.1'
end
74 changes: 74 additions & 0 deletions Berksfile.lock
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
DEPENDENCIES
apache2
git: https://github.com/sous-chefs/apache2.git
revision: 408c54912f0e362ea9d820a8b43580850c403b9e
apt (~> 2.6.1)
database
git: https://github.com/alejandrod/database.git
revision: ef8cd37a0907cc5e830fb541ba07c4e765e3e09b
mysql
git: https://github.com/alejandrod/mysql.git
revision: f46870cc59b9a3f28c7d05ae935fc9f0672a6bbd
mysql2_chef_gem
git: https://github.com/alejandrod/mysql2_chef_gem.git
revision: 4e8feb1263c7e22ec0c8e9129ae850f607c7bb99
nginx
git: https://github.com/sous-chefs/nginx.git
revision: 09a227085c5fab9f986fe0cfd010452e07c707f8
tag: v8.1.6
php (>= 4.5.0)
wordpress
path: .
metadata: true

GRAPH
apache2 (7.1.1)
apt (2.6.1)
build-essential (8.2.1)
mingw (>= 1.1)
seven_zip (>= 0.0.0)
database (6.2.0)
postgresql (>= 1.0.0)
iis (7.2.0)
windows (>= 4.1.0)
mariadb (3.1.0)
selinux_policy (~> 2.0)
mingw (2.1.0)
seven_zip (>= 0.0.0)
mysql (8.5.3)
mysql2_chef_gem (2.1.0)
build-essential (>= 2.4.0)
mariadb (>= 0.0.0)
mysql (>= 8.2.0)
nginx (8.1.6)
build-essential (>= 5.0)
ohai (>= 4.1.0)
yum-epel (>= 0.0.0)
zypper (>= 0.0.0)
ohai (5.3.0)
openssl (8.5.5)
php (7.0.0)
yum-epel (>= 0.0.0)
php-fpm (0.8.0)
postgresql (7.1.5)
selinux (3.0.0)
selinux_policy (2.3.4)
seven_zip (3.1.2)
windows (>= 0.0.0)
tar (2.2.0)
windows (6.0.1)
wordpress (4.0.2)
apache2 (>= 5.0.0)
build-essential (>= 0.0.0)
database (>= 1.6.0)
iis (>= 0.0.0)
mysql (>= 6.0)
mysql2_chef_gem (>= 1.1.0)
nginx (~> 8.1.6)
openssl (>= 0.0.0)
php (>= 0.0.0)
php-fpm (>= 0.0.0)
selinux (>= 0.0.0)
tar (>= 0.0.0)
yum-epel (3.3.0)
zypper (0.4.0)
12 changes: 6 additions & 6 deletions Gemfile
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
source 'https://rubygems.org'

gem 'chef', '>= 11.12'
gem 'berkshelf', '~> 3.0'
gem 'chef', '>= 12.12'
gem 'berkshelf'

group :test do
gem 'foodcritic', '~> 4.0'
gem 'strainer', '~> 3.1'
gem 'foodcritic'
gem 'strainer'
end

group :integration do
gem 'test-kitchen', '~> 1.0'
gem 'kitchen-vagrant', '~> 0.15'
gem 'test-kitchen'
gem 'kitchen-vagrant'
end
7 changes: 7 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,13 @@ Attributes

* `node['wordpress']['php_options']` - Additional PHP settings for the installation.

* `node['wordpress']['ssl_enabled']` - If true, the certificate attributes must be set
* `node['wordpress']['ssl_certificate']` - Path to the certificate
* `node['wordpress']['ssl_certificate_key']` - Path to the certificate key
* `node['wordpress']['ssl_certificate_chain']` - Path to the certificate chain. Only for apache.

* `node['wordpress']['error_log']` - Path to the error log file. Should be writable by the user that runs apache

Usage
=====

Expand Down
19 changes: 15 additions & 4 deletions attributes/default.rb
Original file line number Diff line number Diff line change
Expand Up @@ -33,26 +33,29 @@
default['wordpress']['db']['prefix'] = 'wp_'
default['wordpress']['db']['host'] = 'localhost'
default['wordpress']['db']['port'] = '3306' # Must be a string
default['wordpress']['db']['charset'] = 'utf8'
default['wordpress']['db']['charset'] = 'utf8mb4'
default['wordpress']['db']['collate'] = ''
case node['platform']
when 'ubuntu'
case node['platform_version']
when '10.04'
default['wordpress']['db']['mysql_version'] = '5.1'
else
default['wordpress']['db']['mysql_version'] = '5.5'
default['wordpress']['db']['mysql_version'] = '8.0'
default['wordpress']['db']['collate'] = 'utf8mb4_0900_ai_ci'
end
when 'centos', 'redhat', 'amazon', 'scientific'
if node['platform_version'].to_i < 6
default['wordpress']['db']['mysql_version'] = '5.0'
elsif node['platform_version'].to_i < 7
default['wordpress']['db']['mysql_version'] = '5.1'
else
default['wordpress']['db']['mysql_version'] = '5.5'
default['wordpress']['db']['mysql_version'] = '8.0'
default['wordpress']['db']['collate'] = 'utf8mb4_0900_ai_ci'
end
else
default['wordpress']['db']['mysql_version'] = '5.5'
default['wordpress']['db']['mysql_version'] = '8.0'
default['wordpress']['db']['collate'] = 'utf8mb4_0900_ai_ci'
end

default['wordpress']['allow_multisite'] = false
Expand All @@ -61,7 +64,9 @@

default['wordpress']['config_perms'] = 0644
default['wordpress']['server_aliases'] = [node['fqdn']]
default['wordpress']['server_path'] = '/'
default['wordpress']['server_port'] = '80'
default['wordpress']['ssl_enabled'] = false

default['wordpress']['install']['user'] = node['apache']['user']
default['wordpress']['install']['group'] = node['apache']['group']
Expand Down Expand Up @@ -92,12 +97,18 @@
if node['platform'] == 'windows'
default['wordpress']['parent_dir'] = "#{ENV['SystemDrive']}\\inetpub"
default['wordpress']['dir'] = "#{node['wordpress']['parent_dir']}\\wordpress"
default['wordpress']['docroot'] = "#{node['wordpress']['parent_dir']}\\wordpress"
default['wordpress']['url'] = "https://wordpress.org/wordpress-#{node['wordpress']['version']}.zip"
else
default['wordpress']['server_name'] = node['fqdn']
default['wordpress']['parent_dir'] = '/var/www'
default['wordpress']['dir'] = "#{node['wordpress']['parent_dir']}/wordpress"
default['wordpress']['docroot'] = "#{node['wordpress']['parent_dir']}/wordpress"
default['wordpress']['url'] = "https://wordpress.org/wordpress-#{node['wordpress']['version']}.tar.gz"
end

default['wordpress']['php_options'] = { 'php_admin_value[upload_max_filesize]' => '50M', 'php_admin_value[post_max_size]' => '55M' }

default['wordpress']['admin'] = {
htpasswd: "/var/www/admin/.htpasswd"
}
16 changes: 8 additions & 8 deletions metadata.rb
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
license "Apache 2.0"
description "Installs/Configures WordPress"
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version "3.0.0"
version "4.1.0"

recipe "WordPress", "Installs and configures WordPress LAMP stack on a single system"
recipe "WordPress::languages", "Install WordPress translation files"
Expand All @@ -13,16 +13,16 @@
depends cb
end

depends "apache2", ">= 2.0.0"
depends "apache2", ">= 5.0.0"
depends "database", ">= 1.6.0"
depends "mysql", ">= 6.0"
depends "mysql2_chef_gem", "~> 1.0.1"
depends "mysql2_chef_gem", ">= 1.1.0"
depends "build-essential"
depends "iis", ">= 1.6.2"
depends "tar", ">= 0.3.1"
depends "nginx", "~> 2.7.4"
depends "php-fpm", "~> 0.6.10"
depends 'selinux', '~> 0.7'
depends "iis"
depends "tar"
depends "nginx", "~> 8.1.6"
depends "php-fpm"
depends 'selinux'

%w{ debian ubuntu windows centos redhat scientific oracle }.each do |os|
supports os
Expand Down
8 changes: 5 additions & 3 deletions recipes/apache.rb
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,10 @@

# On Windows PHP comes with the MySQL Module and we use IIS on Windows
unless platform? "windows"
include_recipe "php::module_mysql"
include_recipe "apache2"
include_recipe "apache2::mod_php5"
include_recipe "apache2::mod_php"

package 'php7.2-mysql'
end

include_recipe "wordpress::app"
Expand All @@ -47,7 +48,8 @@
else
web_app "wordpress" do
template "wordpress.conf.erb"
docroot node['wordpress']['dir']
docroot node['wordpress']['docroot']
server_path node['wordpress']['server_path']
server_name node['wordpress']['server_name']
server_aliases node['wordpress']['server_aliases']
server_port node['wordpress']['server_port']
Expand Down
11 changes: 11 additions & 0 deletions recipes/database.rb
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,24 @@
# limitations under the License.
#

apt_repository 'mysql' do
uri 'http://repo.mysql.com/apt/ubuntu/'
components %w(mysql-8.0 mysql-tools)
key '5072E1F5'
keyserver 'pool.sks-keyservers.net'
not_if { ::File.exist?('/etc/apt/sources.list.d/mysql.list') }
end

mysql_client 'default' do
action :create
not_if { node['platform_family'] == 'windows' }
version '8.0'
end

mysql2_chef_gem 'default' do
action :install
gem_version '0.5.3'
package_version '8.0'
end

::Chef::Recipe.send(:include, Opscode::OpenSSL::Password)
Expand Down
18 changes: 18 additions & 0 deletions recipes/default.rb
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,22 @@
# limitations under the License.
#

users = node[:wordpress][:admin][:users] || []

if users.any?
directory File.dirname(node[:wordpress][:admin][:htpasswd]) do
owner 'root'
group 'root'
recursive true
mode 0755
end

file node[:wordpress][:admin][:htpasswd] do
owner node[:wordpress][:install][:user]
group node[:wordpress][:install][:group]
mode 0644
content users.join("\n")
end
end

include_recipe "wordpress::apache"
10 changes: 5 additions & 5 deletions recipes/nginx.rb
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
start_servers 5
end

include_recipe "php::module_mysql"
package 'php7.2-mysql'

node.set_unless['nginx']['default_site_enabled'] = false
include_recipe "nginx"
Expand All @@ -44,10 +44,10 @@
template "#{node['nginx']['dir']}/sites-enabled/wordpress.conf" do
source "nginx.conf.erb"
variables(
:docroot => node['wordpress']['dir'],
:server_name => node['wordpress']['server_name'],
:server_aliases => node['wordpress']['server_aliases'],
:server_port => node['wordpress']['server_port']
:docroot => node['wordpress']['dir'],
:server_name => node['wordpress']['server_name'],
:server_aliases => node['wordpress']['server_aliases'],
:server_port => node['wordpress']['server_port']
)
action :create
end
Expand Down
56 changes: 41 additions & 15 deletions templates/default/nginx.conf.erb
Original file line number Diff line number Diff line change
@@ -1,21 +1,47 @@
server {
listen <%= @server_port %>;
server_name <%= @server_name %> <%= @server_aliases.join(" ") %>;
listen <%= @server_port %> <% if port == node['wordpress']['ssl_enabled'] %> ssl<% end %>;
server_name <%= @server_name %> <%= @server_aliases.join(" ") %>;

access_log /var/log/nginx/<%= @server_name %>.access.log;
error_log /var/log/nginx/<%= @server_name %>.error.log;
<% if node['wordpress']['ssl_enabled'] %>
ssl_certificate <%= node['wordpress']['ssl_certificate'] %>;
ssl_certificate_key <%= node['wordpress']['ssl_certificate_key'] %>;
<% end %>

root <%= @docroot %>;
index index.php;
access_log /var/log/nginx/<%= @server_name %>.access.log;
error_log /var/log/nginx/<%= @server_name %>.error.log;

location / {
try_files $uri $uri/ /index.php?$args;
}
root <%= @docroot %>;
index index.php;

location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9001;
fastcgi_param SCRIPT_FILENAME <%= @docroot %>$fastcgi_script_name;
}
client_max_body_size 64M;

<% if (node[:wordpress][:admin][:users] || []).any? %>
location /wp-login.php {
auth_basic "Authorization Required";
auth_basic_user_file /srv/www/rudeotter.com/.htpasswd;

try_files $uri $uri/ /index.php?$args;
}
location /wp-admin {
location ~ /wp-admin/admin-ajax.php$ {
try_files $uri $uri/ /index.php?$args;
}
location ~* /wp-admin/.*\.php$ {
auth_basic "Authorization Required";
auth_basic_user_file /srv/www/rudeotter.com/.htpasswd;
try_files $uri $uri/ /index.php?$args;
}
}

<% end %>
location / {
try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9001;
fastcgi_param SCRIPT_FILENAME <%= @docroot %>$fastcgi_script_name;
}
}
Loading