diff --git a/pillars/roles/laradev/bbs.sls b/pillars/roles/laradev/bbs.sls
index c81d4c1..d02d439 100644
--- a/pillars/roles/laradev/bbs.sls
+++ b/pillars/roles/laradev/bbs.sls
@@ -1,5 +1,3 @@
laradev:
bbs:
repo: "https://git.actcur.com/bowens/web.git"
- path: "/usr/share/webapps/bbs"
- prefix: ""
diff --git a/pillars/roles/laradev/init.sls b/pillars/roles/laradev/init.sls
index c8ab74b..4ec56df 100644
--- a/pillars/roles/laradev/init.sls
+++ b/pillars/roles/laradev/init.sls
@@ -4,10 +4,13 @@ include:
{%- if grains['roles'] is defined -%}
{%- if grains['roles'] is not none -%}
- {%- for role in grains['roles'] %}
- {%- if 'pillars.roles.laradev.'+role in states %}
+ {%- if 'laradev' in grains['roles'] -%}
+ {%- for state in states %}
+ {%- if state.startswith("pillars.roles.laradev.") -%}
+ {%- set role = state.split('.')[3] %}
- roles.laradev.{{ role }}
- {%- endif -%}
- {%- endfor -%}
+ {%- endif -%}
+ {%- endfor -%}
+ {%- endif -%}
{%- endif -%}
{%- endif -%}
diff --git a/pillars/roles/laradev/ra.sls b/pillars/roles/laradev/ra.sls
new file mode 100644
index 0000000..f109570
--- /dev/null
+++ b/pillars/roles/laradev/ra.sls
@@ -0,0 +1,3 @@
+laradev:
+ ra:
+ repo: "https://git.actcur.com/redactedaudio/web.git"
diff --git a/pillars/roles/nginx/bbs.sls b/pillars/roles/nginx/bbs.sls
deleted file mode 100644
index fee7200..0000000
--- a/pillars/roles/nginx/bbs.sls
+++ /dev/null
@@ -1,13 +0,0 @@
-nginx:
- bbs:
- auth: none
- https:
- port: 8000
- prot: http
-
-portal:
- Dev:
- bbs:
- name: BBS Web Site - Dev
- summary: New Bowens Bus Service web site
- public: false
diff --git a/pillars/roles/nginx/lara.sls b/pillars/roles/nginx/lara.sls
deleted file mode 100644
index b430ef0..0000000
--- a/pillars/roles/nginx/lara.sls
+++ /dev/null
@@ -1,13 +0,0 @@
-nginx:
- ra:
- auth: none
- https:
- port: 8080
- prot: http
-
-portal:
- Media:
- ra:
- name: Redacted Audio
- summary: Redacted Audio Test Server
- public: true
\ No newline at end of file
diff --git a/pillars/roles/nginx/laradev.sls b/pillars/roles/nginx/laradev.sls
new file mode 100644
index 0000000..e8986d8
--- /dev/null
+++ b/pillars/roles/nginx/laradev.sls
@@ -0,0 +1,22 @@
+nginx:
+ ra:
+ auth: none
+ https:
+ port: 4433
+ prot: https
+ bbs:
+ auth: none
+ https:
+ port: 4433
+ prot: https
+
+portal:
+ Dev:
+ ra:
+ name: Redacted Audio
+ summary: Redacted Audio Dev Server Site
+ public: false
+ bbs:
+ name: BBS Web Site
+ summary: Bowens Bus Service Dev Site
+ public: false
diff --git a/pillars/servers/env/init.sls b/pillars/servers/env/init.sls
index 276f0a6..61f1599 100644
--- a/pillars/servers/env/init.sls
+++ b/pillars/servers/env/init.sls
@@ -1,2 +1,2 @@
include:
- - servers.env.server.{{ grains['host'] }}
+ - servers.env.server.{{ grains['host'] }}
\ No newline at end of file
diff --git a/pillars/servers/env/server/lara.sls b/pillars/servers/env/server/lara.sls
new file mode 100644
index 0000000..2fdef9a
--- /dev/null
+++ b/pillars/servers/env/server/lara.sls
@@ -0,0 +1 @@
+env: prod
diff --git a/pillars/servers/roles/init.sls b/pillars/servers/roles/init.sls
index 65ff040..eedffac 100644
--- a/pillars/servers/roles/init.sls
+++ b/pillars/servers/roles/init.sls
@@ -1,2 +1,3 @@
+{% set states = salt['cp.list_states'](saltenv) %}
include:
- servers.roles.server.{{ grains['host'] }}
diff --git a/pillars/servers/roles/server/lara.sls b/pillars/servers/roles/server/lara.sls
new file mode 100644
index 0000000..901ff79
--- /dev/null
+++ b/pillars/servers/roles/server/lara.sls
@@ -0,0 +1,7 @@
+grains:
+ roles:
+ - server
+ - ssh
+ - nrpe
+ - saltminion
+ - laradev
diff --git a/states/roles/maintain/laradev/git_branches.sh b/states/roles/maintain/laradev/git_branches.sh
index 1130d9c..022908b 100644
--- a/states/roles/maintain/laradev/git_branches.sh
+++ b/states/roles/maintain/laradev/git_branches.sh
@@ -1,31 +1,41 @@
-mkdir -p "/usr/share/webapps/laradev"
-chown http:http /srv/http
{% if pillar['laradev'] is defined %}
{%- for project in pillar['laradev'] %}
- {%- set repo = pillar['laradev'][project]['repo'] -%}
- {%- set path = pillar['laradev'][project]['path'] -%}
- {%- set prefix = pillar['laradev'][project]['prefix'] -%}
-mkdir -p "{{ path }}"
+ {%- set repo = pillar['laradev'][project]['repo'] %}
+#{{project}}
+mkdir -p "/sites/{{project}}"
+cd "/sites/{{project}}"
branches=`git ls-remote {{repo}} | grep -o -P "(?<=refs/heads/).*"`
+echo "Branches:
" > /sites/{{project}}/index.php
for branch in $branches; do
+echo " $branch
" >> /sites/{{project}}/index.php
#clone new branch if necessary
- if [ ! -d "{{path}}/$branch" ];then
- git clone -b $branch {{ repo }} "{{path}}/$branch"
- ln -s "{{path}}/$branch/public" "/usr/share/webapps/laradev/{{prefix}}$branch"
- chown http:http -R "{{path}}/$branch"
- cd "{{path}}/$branch"
+ if [ ! -d "$branch" ];then
+ git clone -b $branch {{repo}} "$branch"
+ chown http:http -R "$branch"
+ cd "$branch"
su -s /bin/bash http -c "composer install"
cp .env.example .env
- sed -i "s/DB_DATABASE=homestead/DB_DATABASE=laradev_$prefix$branch/" .env
+ mysql -u root -e "CREATE DATABASE laradev_{{project}}_$branch"
+ mysql -u root -e "GRANT ALL ON laradev_{{project}}_$branch.* TO laradev@localhost"
+ sed -i "s/DB_DATABASE=homestead/DB_DATABASE=laradev_{{project}}_$branch/" .env
sed -i "s/DB_USERNAME=homestead/DB_USERNAME=laradev/" .env
php artisan key:generate
+ php artisan migrate
+ php artisan db:seed
+ php artisan vendor:publish
+ php artisan storage:link
+ cd "/sites/{{project}}"
fi
#update to latest commit, dropping all local changes
- cd "{{path}}/$branch"
+ cd "$branch"
git fetch --all
git reset --hard origin/$branch
+ chown http:http -R "$branch"
+ su -s /bin/bash http -c "composer install"
php artisan migrate
- chown http:http -R "{{path}}/$branch"
+ cd "/sites/{{project}}"
+ chown http:http -R "$branch"
done
+chown http:http "/sites/{{project}}" -R
{%- endfor -%}
{% endif %}
diff --git a/states/roles/maintain/laradev/git_branches.timer b/states/roles/maintain/laradev/git_branches.timer
index b72c995..07f1037 100644
--- a/states/roles/maintain/laradev/git_branches.timer
+++ b/states/roles/maintain/laradev/git_branches.timer
@@ -1,8 +1,8 @@
[Unit]
-Description=Runs git_branches every 10 seconds
+Description=Runs git_branches every 10 minutes
[Timer]
-OnCalendar=*:*:0/10
+OnCalendar=*:0/10
Unit=git_branches.service
[Install]
diff --git a/states/roles/maintain/laradev/init.sls b/states/roles/maintain/laradev/init.sls
index 1b89e13..b230946 100644
--- a/states/roles/maintain/laradev/init.sls
+++ b/states/roles/maintain/laradev/init.sls
@@ -1,3 +1,8 @@
+{%- set os=grains['os'] -%}
+
+laradev-unzip:
+ pkg.installed:
+ - name: unzip
laradev-php:
pkg.installed:
- name: php
@@ -12,7 +17,24 @@ laradev-php-fpm:
- enable: true
- watch:
- file: /etc/php/php.ini
+
+laradev-sqlite:
+ pkg.installed:
+ - name: sqlite
+laradev-phpsqlite:
+ pkg.installed:
+ - name: php-sqlite
+laradev-phpxsl:
+ pkg.installed:
+ - name: php-xsl
+database-directory:
+ file.directory:
+ - name: /sites/databases
+ - makedirs: true
+/var/lib/mysql:
+ file.symlink:
+ - target: /sites/databases/
laradev-mysql:
pkg.installed:
- name: mariadb
@@ -21,8 +43,8 @@ laradev-mysql-python:
- name: mysql-python
laradev-init-mysql:
cmd.run:
- - name: mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
- - unless: 'test -e /var/lib/mysql/mysql'
+ - name: mysql_install_db --user=mysql --basedir=/usr --datadir=/sites/databases/
+ - unless: 'test -e /sites/databases/mysql'
laradev-mysql-service:
service.running:
- name: mysqld
@@ -36,14 +58,44 @@ laradev-user:
- password: "secret"
- connection_user: root
-/etc/nginx/conf.d/laradev.conf:
+laradev-nginx-conf:
file.managed:
+ - name: /etc/nginx/nginx.conf
+ - source: salt://roles/maintain/nginx-proxy/nginx.conf
+ - user: root
+ - group: root
+ - mode: 644
+
+{%- if pillar['laradev'] is defined -%}
+{%- for server in pillar['laradev'] %}
+"/etc/nginx/certs/{{server}}.actcur.com/":
+ file.recurse:
+ - source: salt://secure/certs/{{server}}.actcur.com/
+{%- if os=="CentOS" or os=="RedHat" %}
+ - user: nginx
+ - user: nginx
+{%- elif os=="Arch" or os=="Manjaro" %}
+ - user: http
+ - group: http
+{%- endif %}
+ - dir_mode: 755
+ - file_mode: 400
+ - clean: true
+
+/etc/nginx/conf.d/{{ server }}.conf:
+ file.managed:
+ - makedirs: true
- source: salt://roles/maintain/laradev/nginx.conf
- user: root
- group: root
- mode: 644
- - makedirs: true
- template: jinja
+ - context:
+ server: {{ server }}
+
+{% endfor %}
+{% endif %}
+
/etc/php/php.ini:
file.managed:
- source: salt://roles/maintain/laradev/php.ini
diff --git a/states/roles/maintain/laradev/nginx.conf b/states/roles/maintain/laradev/nginx.conf
index 8b3eead..95cd2f7 100644
--- a/states/roles/maintain/laradev/nginx.conf
+++ b/states/roles/maintain/laradev/nginx.conf
@@ -1,44 +1,41 @@
server {
- listen *:8000;
- server_name {{ grains['fqdn'] }};
+ listen 443;
+ server_name {{server}}.actcur.com;
+ root /sites/{{server}};
- root /usr/share/webapps/laradev; #Path of laradev symlink directory - should contain symlinks to public folder for each branch of the project
- index index.php;
- access_log /var/log/nginx/laradev_access.log;
- error_log /var/log/nginx/laradev_error.log;
+ ssl on;
+ ssl_certificate /etc/nginx/certs/{{server}}.actcur.com/fullchain.pem;
+ ssl_certificate_key /etc/nginx/certs/{{server}}.actcur.com/privkey.pem;
- location = /favicon.ico {
- log_not_found off;
- access_log off;
- expires max;
- }
+ index index.html index.htm index.php;
- location ~ /\. {
- deny all;
- access_log off;
- log_not_found off;
- }
+ charset utf-8;
- location ~ \..*/.*\.php$ {
- return 403;
- }
+ rewrite_log on;
- if (!-d $request_filename) {
- rewrite ^/(.+)/$ /$1 permanent;
- }
+ location @laravel {
+ rewrite ^(/[^/]+/[^/]+)/(.*)$ $1/index.php?$2 last;
+ }
- location / {
- try_files $1 $uri $uri/ /index.php$is_args$args;
- }
+ location / {
+ try_files $uri $uri/ @laravel;
+ }
- location ~ ^/(.*)/index\.php(.*)$ {
- fastcgi_index index.php;
- include /etc/nginx/fastcgi_params;
- try_files $uri =404;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
- fastcgi_param SCRIPT_FILENAME /usr/share/webapps/laradev/$1/index.php;
- fastcgi_param LARADEV_CONFIGDIR /etc/laradev; #Not strictly needed
- fastcgi_param REMOTE_USER $remote_user;
- }
-}
+ location = /favicon.ico { access_log off; log_not_found off; }
+ location = /robots.txt { access_log off; log_not_found off; }
+
+ error_page 404 /index.php;
+
+ location ~ \.php$ {
+ fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
+ include fastcgi_params;
+ }
+
+ location ~ /\.(?!well-known).* {
+ deny all;
+ }
+ error_log /var/log/nginx/ra_error.log notice;
+ access_log /var/log/nginx/ra_access.log;
+}
\ No newline at end of file
diff --git a/states/roles/maintain/laradev/php.ini b/states/roles/maintain/laradev/php.ini
index 5c857bc..555281a 100644
--- a/states/roles/maintain/laradev/php.ini
+++ b/states/roles/maintain/laradev/php.ini
@@ -889,17 +889,17 @@ default_socket_timeout = 60
extension=curl.so
;extension=dba.so
;extension=enchant.so
-;extension=exif.so
+extension=exif.so
;extension=ftp.so
-;extension=gd.so
+extension=gd.so
extension=gettext.so
;extension=gmp.so
-;extension=iconv.so
+extension=iconv.so
;extension=imap.so
;extension=intl.so
extension=ldap.so
;extension=mcrypt.so
-;extension=mysqli.so
+extension=mysqli.so
;extension=odbc.so
;zend_extension=opcache.so
;extension=pdo_dblib.so
diff --git a/states/roles/maintain/nginx-proxy/local.conf b/states/roles/maintain/nginx-proxy/local.conf
index cbc1570..e784ad0 100644
--- a/states/roles/maintain/nginx-proxy/local.conf
+++ b/states/roles/maintain/nginx-proxy/local.conf
@@ -28,6 +28,7 @@ server {
proxy_pass $backend;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto https;
+ proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Ssl on;