fixed laradev

pillars/roles/laradev/bbs.sls

@@ -1,5 +1,3 @@
 laradev:
   bbs:
     repo: "https://git.actcur.com/bowens/web.git"
-    path: "/usr/share/webapps/bbs"
-    prefix: ""

pillars/roles/laradev/init.sls

@@ -4,10 +4,13 @@ include:
 
 {%- if grains['roles'] is defined -%}
   {%- if grains['roles'] is not none -%}
-    {%- for role in grains['roles'] %}
+    {%- if 'laradev' in grains['roles'] -%}
-      {%- if 'pillars.roles.laradev.'+role in states %}
+      {%- for state in states %}
+        {%- if state.startswith("pillars.roles.laradev.") -%}
+          {%- set role = state.split('.')[3] %}
   - roles.laradev.{{ role }}
         {%- endif -%}
       {%- endfor -%}
     {%- endif -%}
+  {%- endif -%}
 {%- endif -%}

pillars/roles/laradev/ra.sls

@@ -0,0 +1,3 @@
+laradev:
+  ra:
+    repo: "https://git.actcur.com/redactedaudio/web.git"

pillars/roles/nginx/bbs.sls

@@ -1,13 +0,0 @@
-nginx:
-  bbs:
-    auth: none
-    https:
-      port: 8000
-      prot: http
-
-portal:
-  Dev:
-    bbs:
-      name: BBS Web Site - Dev
-      summary: New Bowens Bus Service web site
-      public: false

pillars/roles/nginx/lara.sls

@@ -1,13 +0,0 @@
-nginx:
-  ra:
-    auth: none
-    https:
-      port: 8080
-      prot: http
-
-portal:
-  Media:
-    ra:
-      name: Redacted Audio
-      summary: Redacted Audio Test Server
-      public: true

pillars/roles/nginx/laradev.sls

@@ -0,0 +1,22 @@
+nginx:
+  ra:
+    auth: none
+    https:
+      port: 4433
+      prot: https
+  bbs:
+    auth: none
+    https:
+      port: 4433
+      prot: https
+
+portal:
+  Dev:
+    ra:
+      name: Redacted Audio
+      summary: Redacted Audio Dev Server Site
+      public: false
+    bbs:
+      name: BBS Web Site
+      summary: Bowens Bus Service Dev Site
+      public: false

pillars/servers/env/server/lara.sls

@@ -0,0 +1 @@
+env: prod

pillars/servers/roles/init.sls

@@ -1,2 +1,3 @@
+{% set states = salt['cp.list_states'](saltenv) %}
 include:
   - servers.roles.server.{{ grains['host'] }}

pillars/servers/roles/server/lara.sls

@@ -0,0 +1,7 @@
+grains:
+  roles:
+    - server
+    - ssh
+    - nrpe
+    - saltminion
+    - laradev

states/roles/maintain/laradev/git_branches.sh

@@ -1,31 +1,41 @@
-mkdir -p "/usr/share/webapps/laradev"
-chown http:http /srv/http
 {% if pillar['laradev'] is defined %}
   {%- for project in pillar['laradev'] %}
-    {%- set repo = pillar['laradev'][project]['repo'] -%}
+    {%- set repo = pillar['laradev'][project]['repo'] %}
-    {%- set path = pillar['laradev'][project]['path'] -%}
+#{{project}}
-    {%- set prefix = pillar['laradev'][project]['prefix'] -%}
+mkdir -p "/sites/{{project}}"
-mkdir -p "{{ path }}"
+cd "/sites/{{project}}"
 branches=`git ls-remote {{repo}} | grep -o -P "(?<=refs/heads/).*"`
+echo "Branches:<br/>" > /sites/{{project}}/index.php
 for branch in $branches; do
+echo " <a href='$branch/public'>$branch<br/>" >> /sites/{{project}}/index.php
   #clone new branch if necessary
-  if [ ! -d "{{path}}/$branch" ];then
+  if [ ! -d "$branch" ];then
-    git clone -b $branch {{ repo }} "{{path}}/$branch"
+    git clone -b $branch {{repo}} "$branch"
-    ln -s "{{path}}/$branch/public" "/usr/share/webapps/laradev/{{prefix}}$branch"
+    chown http:http -R "$branch"
-    chown http:http -R "{{path}}/$branch"
+    cd "$branch"
-    cd "{{path}}/$branch"
     su -s /bin/bash http -c "composer install"
     cp .env.example .env
-    sed -i "s/DB_DATABASE=homestead/DB_DATABASE=laradev_$prefix$branch/" .env
+    mysql -u root -e "CREATE DATABASE laradev_{{project}}_$branch"
+    mysql -u root -e "GRANT ALL ON laradev_{{project}}_$branch.* TO laradev@localhost"
+    sed -i "s/DB_DATABASE=homestead/DB_DATABASE=laradev_{{project}}_$branch/" .env
     sed -i "s/DB_USERNAME=homestead/DB_USERNAME=laradev/" .env
     php artisan key:generate
+    php artisan migrate
+    php artisan db:seed
+    php artisan vendor:publish
+    php artisan storage:link
+    cd "/sites/{{project}}"
   fi
   #update to latest commit, dropping all local changes
-  cd "{{path}}/$branch"
+  cd "$branch"
   git fetch --all
   git reset --hard origin/$branch
+  chown http:http -R "$branch"
+  su -s /bin/bash http -c "composer install"
   php artisan migrate
-  chown http:http -R "{{path}}/$branch"
+  cd "/sites/{{project}}"
+  chown http:http -R "$branch"
 done
+chown http:http "/sites/{{project}}" -R
   {%- endfor -%}
 {% endif %}

states/roles/maintain/laradev/git_branches.timer

@@ -1,8 +1,8 @@
 [Unit]
-Description=Runs git_branches every 10 seconds
+Description=Runs git_branches every 10 minutes
 
 [Timer]
-OnCalendar=*:*:0/10
+OnCalendar=*:0/10
 Unit=git_branches.service
 
 [Install]

states/roles/maintain/laradev/init.sls

@@ -1,3 +1,8 @@
+{%- set os=grains['os'] -%}
+
+laradev-unzip:
+  pkg.installed:
+    - name: unzip
 laradev-php:
   pkg.installed:
     - name: php
@@ -13,6 +18,23 @@ laradev-php-fpm:
     - watch:
       - file: /etc/php/php.ini
       
+laradev-sqlite:
+  pkg.installed:
+    - name: sqlite
+laradev-phpsqlite:
+  pkg.installed:
+    - name: php-sqlite
+laradev-phpxsl:
+  pkg.installed:
+    - name: php-xsl
+
+database-directory:
+  file.directory:
+    - name: /sites/databases
+    - makedirs: true
+/var/lib/mysql:
+  file.symlink:
+      - target: /sites/databases/
 laradev-mysql:
   pkg.installed:
     - name: mariadb
@@ -21,8 +43,8 @@ laradev-mysql-python:
     - name: mysql-python
 laradev-init-mysql:
   cmd.run:
-    - name: mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
+    - name: mysql_install_db --user=mysql --basedir=/usr --datadir=/sites/databases/
-    - unless: 'test -e /var/lib/mysql/mysql'
+    - unless: 'test -e /sites/databases/mysql'
 laradev-mysql-service:
   service.running:
     - name: mysqld
@@ -36,14 +58,44 @@ laradev-user:
     - password: "secret"
     - connection_user: root
 
-/etc/nginx/conf.d/laradev.conf:
+laradev-nginx-conf:
   file.managed:
+    - name: /etc/nginx/nginx.conf
+    - source: salt://roles/maintain/nginx-proxy/nginx.conf
+    - user: root
+    - group: root
+    - mode: 644
+
+{%- if pillar['laradev'] is defined -%}
+{%- for server in pillar['laradev'] %}
+"/etc/nginx/certs/{{server}}.actcur.com/":
+  file.recurse:
+    - source: salt://secure/certs/{{server}}.actcur.com/
+{%- if os=="CentOS" or os=="RedHat" %}
+    - user: nginx
+    - user: nginx
+{%- elif os=="Arch" or os=="Manjaro" %}
+    - user: http
+    - group: http
+{%- endif %}
+    - dir_mode: 755
+    - file_mode: 400
+    - clean: true
+
+/etc/nginx/conf.d/{{ server }}.conf:
+  file.managed:
+    - makedirs: true
     - source: salt://roles/maintain/laradev/nginx.conf
     - user: root
     - group: root
     - mode: 644
-    - makedirs: true
     - template: jinja
+    - context:
+      server: {{ server }}
+      
+{% endfor %}
+{% endif %}
+
 /etc/php/php.ini:
   file.managed:
     - source: salt://roles/maintain/laradev/php.ini

states/roles/maintain/laradev/nginx.conf

@@ -1,44 +1,41 @@
 server {
-  listen *:8000;
+    listen 443;
-  server_name {{ grains['fqdn'] }};
+    server_name {{server}}.actcur.com;
+    root /sites/{{server}};
 
-  root /usr/share/webapps/laradev; #Path of laradev symlink directory - should contain symlinks to public folder for each branch of the project
+    ssl on;
-  index index.php;
+    ssl_certificate /etc/nginx/certs/{{server}}.actcur.com/fullchain.pem;
-  access_log /var/log/nginx/laradev_access.log;
+    ssl_certificate_key /etc/nginx/certs/{{server}}.actcur.com/privkey.pem;
-  error_log /var/log/nginx/laradev_error.log;
 
-  location = /favicon.ico {
+    index index.html index.htm index.php;
-    log_not_found off;
-    access_log off;
-    expires max;
-  }
 
-  location ~ /\. {
+    charset utf-8;
-    deny all;
-    access_log off;
-    log_not_found off;
-  }
 
-  location ~ \..*/.*\.php$ {
+    rewrite_log on;
-    return 403;
-  }
 
-  if (!-d $request_filename) {
+    location @laravel {
-    rewrite ^/(.+)/$ /$1 permanent;
+        rewrite ^(/[^/]+/[^/]+)/(.*)$ $1/index.php?$2 last;
     }
 
     location / {
-    try_files $1 $uri $uri/ /index.php$is_args$args;
+        try_files $uri $uri/ @laravel;
     }
 
-  location ~ ^/(.*)/index\.php(.*)$ {
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location = /robots.txt  { access_log off; log_not_found off; }
+
+    error_page 404 /index.php;
+
+    location ~ \.php$ {
+        fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
         fastcgi_index index.php;
-    include /etc/nginx/fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
-    try_files $uri =404;
+        include fastcgi_params;
-    fastcgi_split_path_info ^(.+\.php)(/.+)$;
-    fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
-    fastcgi_param SCRIPT_FILENAME /usr/share/webapps/laradev/$1/index.php;
-    fastcgi_param LARADEV_CONFIGDIR /etc/laradev; #Not strictly needed
-    fastcgi_param REMOTE_USER $remote_user;
     }
+
+    location ~ /\.(?!well-known).* {
+        deny all;
+    }
+    error_log /var/log/nginx/ra_error.log notice;
+    access_log /var/log/nginx/ra_access.log;
 }

states/roles/maintain/laradev/php.ini

@@ -889,17 +889,17 @@ default_socket_timeout = 60
 extension=curl.so
 ;extension=dba.so
 ;extension=enchant.so
-;extension=exif.so
+extension=exif.so
 ;extension=ftp.so
-;extension=gd.so
+extension=gd.so
 extension=gettext.so
 ;extension=gmp.so
-;extension=iconv.so
+extension=iconv.so
 ;extension=imap.so
 ;extension=intl.so
 extension=ldap.so
 ;extension=mcrypt.so
-;extension=mysqli.so
+extension=mysqli.so
 ;extension=odbc.so
 ;zend_extension=opcache.so
 ;extension=pdo_dblib.so

states/roles/maintain/nginx-proxy/local.conf

@@ -28,6 +28,7 @@ server {
     proxy_pass $backend;
     proxy_set_header Host $host;
     proxy_set_header X-Forwarded-Proto https;
+    proxy_set_header X-Forwarded-Port 443;
     proxy_set_header X-Real-IP  $remote_addr;
     proxy_set_header X-Forwarded-For $remote_addr;
     proxy_set_header X-Forwarded-Ssl on;