fixed laradev

2019-04-29 02:10:40 -05:00 · 2019-04-29 02:10:40 -05:00 · 3831a9ba3e
commit 3831a9ba3e
parent 1b23cdd52f
16 changed files with 162 additions and 93 deletions
--- a/pillars/roles/laradev/bbs.sls
+++ b/pillars/roles/laradev/bbs.sls
@ -1,5 +1,3 @@
 laradev:
  bbs:
    repo: "https://git.actcur.com/bowens/web.git"
    path: "/usr/share/webapps/bbs"
    prefix: ""
--- a/pillars/roles/laradev/init.sls
+++ b/pillars/roles/laradev/init.sls
@ -4,10 +4,13 @@ include:
 {%- if grains['roles'] is defined -%}
  {%- if grains['roles'] is not none -%}
-    {%- for role in grains['roles'] %}
+    {%- if 'laradev' in grains['roles'] -%}
-      {%- if 'pillars.roles.laradev.'+role in states %}
+      {%- for state in states %}
        {%- if state.startswith("pillars.roles.laradev.") -%}
          {%- set role = state.split('.')[3] %}
  - roles.laradev.{{ role }}
-      {%- endif -%}
+        {%- endif -%}
-    {%- endfor -%}
+      {%- endfor -%}
    {%- endif -%}
  {%- endif -%}
 {%- endif -%}
--- a/pillars/roles/laradev/ra.sls
+++ b/pillars/roles/laradev/ra.sls
@ -0,0 +1,3 @@
 laradev:
  ra:
    repo: "https://git.actcur.com/redactedaudio/web.git"
--- a/pillars/roles/nginx/bbs.sls
+++ b/pillars/roles/nginx/bbs.sls
@ -1,13 +0,0 @@
 nginx:
  bbs:
    auth: none
    https:
      port: 8000
      prot: http
 portal:
  Dev:
    bbs:
      name: BBS Web Site - Dev
      summary: New Bowens Bus Service web site
      public: false
--- a/pillars/roles/nginx/lara.sls
+++ b/pillars/roles/nginx/lara.sls
@ -1,13 +0,0 @@
 nginx:
  ra:
    auth: none
    https:
      port: 8080
      prot: http
 portal:
  Media:
    ra:
      name: Redacted Audio
      summary: Redacted Audio Test Server
      public: true
--- a/pillars/roles/nginx/laradev.sls
+++ b/pillars/roles/nginx/laradev.sls
@ -0,0 +1,22 @@
 nginx:
  ra:
    auth: none
    https:
      port: 4433
      prot: https
  bbs:
    auth: none
    https:
      port: 4433
      prot: https
 portal:
  Dev:
    ra:
      name: Redacted Audio
      summary: Redacted Audio Dev Server Site
      public: false
    bbs:
      name: BBS Web Site
      summary: Bowens Bus Service Dev Site
      public: false
--- a/pillars/servers/env/init.sls
+++ b/pillars/servers/env/init.sls
@ -1,2 +1,2 @@
 include:
-  - servers.env.server.{{ grains['host'] }}
+  - servers.env.server.{{ grains['host'] }}
--- a/pillars/servers/env/server/lara.sls
+++ b/pillars/servers/env/server/lara.sls
@ -0,0 +1 @@
 env: prod
--- a/pillars/servers/roles/init.sls
+++ b/pillars/servers/roles/init.sls
@ -1,2 +1,3 @@
 {% set states = salt['cp.list_states'](saltenv) %}
 include:
  - servers.roles.server.{{ grains['host'] }}
--- a/pillars/servers/roles/server/lara.sls
+++ b/pillars/servers/roles/server/lara.sls
@ -0,0 +1,7 @@
 grains:
  roles:
    - server
    - ssh
    - nrpe
    - saltminion
    - laradev
--- a/states/roles/maintain/laradev/git_branches.sh
+++ b/states/roles/maintain/laradev/git_branches.sh
@ -1,31 +1,41 @@
 mkdir -p "/usr/share/webapps/laradev"
 chown http:http /srv/http
 {% if pillar['laradev'] is defined %}
  {%- for project in pillar['laradev'] %}
-    {%- set repo = pillar['laradev'][project]['repo'] -%}
+    {%- set repo = pillar['laradev'][project]['repo'] %}
-    {%- set path = pillar['laradev'][project]['path'] -%}
+#{{project}}
-    {%- set prefix = pillar['laradev'][project]['prefix'] -%}
+mkdir -p "/sites/{{project}}"
-mkdir -p "{{ path }}"
+cd "/sites/{{project}}"
 branches=`git ls-remote {{repo}} | grep -o -P "(?<=refs/heads/).*"`
 echo "Branches:<br/>" > /sites/{{project}}/index.php
 for branch in $branches; do
 echo " <a href='$branch/public'>$branch<br/>" >> /sites/{{project}}/index.php
  #clone new branch if necessary
-  if [ ! -d "{{path}}/$branch" ];then
+  if [ ! -d "$branch" ];then
-    git clone -b $branch {{ repo }} "{{path}}/$branch"
+    git clone -b $branch {{repo}} "$branch"
-    ln -s "{{path}}/$branch/public" "/usr/share/webapps/laradev/{{prefix}}$branch"
+    chown http:http -R "$branch"
-    chown http:http -R "{{path}}/$branch"
+    cd "$branch"
    cd "{{path}}/$branch"
    su -s /bin/bash http -c "composer install"
    cp .env.example .env
-    sed -i "s/DB_DATABASE=homestead/DB_DATABASE=laradev_$prefix$branch/" .env
+    mysql -u root -e "CREATE DATABASE laradev_{{project}}_$branch"
    mysql -u root -e "GRANT ALL ON laradev_{{project}}_$branch.* TO laradev@localhost"
    sed -i "s/DB_DATABASE=homestead/DB_DATABASE=laradev_{{project}}_$branch/" .env
    sed -i "s/DB_USERNAME=homestead/DB_USERNAME=laradev/" .env
    php artisan key:generate
    php artisan migrate
    php artisan db:seed
    php artisan vendor:publish
    php artisan storage:link
    cd "/sites/{{project}}"
  fi
  #update to latest commit, dropping all local changes
-  cd "{{path}}/$branch"
+  cd "$branch"
  git fetch --all
  git reset --hard origin/$branch
  chown http:http -R "$branch"
  su -s /bin/bash http -c "composer install"
  php artisan migrate
-  chown http:http -R "{{path}}/$branch"
+  cd "/sites/{{project}}"
  chown http:http -R "$branch"
 done
 chown http:http "/sites/{{project}}" -R
  {%- endfor -%}
 {% endif %}
--- a/states/roles/maintain/laradev/git_branches.timer
+++ b/states/roles/maintain/laradev/git_branches.timer
@ -1,8 +1,8 @@
 [Unit]
-Description=Runs git_branches every 10 seconds
+Description=Runs git_branches every 10 minutes
 [Timer]
-OnCalendar=*:*:0/10
+OnCalendar=*:0/10
 Unit=git_branches.service
 [Install]
--- a/states/roles/maintain/laradev/init.sls
+++ b/states/roles/maintain/laradev/init.sls
@ -1,3 +1,8 @@
 {%- set os=grains['os'] -%}
 laradev-unzip:
  pkg.installed:
    - name: unzip
 laradev-php:
  pkg.installed:
    - name: php
@ -12,7 +17,24 @@ laradev-php-fpm:
    - enable: true
    - watch:
      - file: /etc/php/php.ini
 laradev-sqlite:
  pkg.installed:
    - name: sqlite
 laradev-phpsqlite:
  pkg.installed:
    - name: php-sqlite
 laradev-phpxsl:
  pkg.installed:
    - name: php-xsl
 database-directory:
  file.directory:
    - name: /sites/databases
    - makedirs: true
 /var/lib/mysql:
  file.symlink:
      - target: /sites/databases/
 laradev-mysql:
  pkg.installed:
    - name: mariadb
@ -21,8 +43,8 @@ laradev-mysql-python:
    - name: mysql-python
 laradev-init-mysql:
  cmd.run:
-    - name: mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
+    - name: mysql_install_db --user=mysql --basedir=/usr --datadir=/sites/databases/
-    - unless: 'test -e /var/lib/mysql/mysql'
+    - unless: 'test -e /sites/databases/mysql'
 laradev-mysql-service:
  service.running:
    - name: mysqld
@ -36,14 +58,44 @@ laradev-user:
    - password: "secret"
    - connection_user: root
-/etc/nginx/conf.d/laradev.conf:
+laradev-nginx-conf:
  file.managed:
    - name: /etc/nginx/nginx.conf
    - source: salt://roles/maintain/nginx-proxy/nginx.conf
    - user: root
    - group: root
    - mode: 644
 {%- if pillar['laradev'] is defined -%}
 {%- for server in pillar['laradev'] %}
 "/etc/nginx/certs/{{server}}.actcur.com/":
  file.recurse:
    - source: salt://secure/certs/{{server}}.actcur.com/
 {%- if os=="CentOS" or os=="RedHat" %}
    - user: nginx
    - user: nginx
 {%- elif os=="Arch" or os=="Manjaro" %}
    - user: http
    - group: http
 {%- endif %}
    - dir_mode: 755
    - file_mode: 400
    - clean: true
 /etc/nginx/conf.d/{{ server }}.conf:
  file.managed:
    - makedirs: true
    - source: salt://roles/maintain/laradev/nginx.conf
    - user: root
    - group: root
    - mode: 644
    - makedirs: true
    - template: jinja
    - context:
      server: {{ server }}
 {% endfor %}
 {% endif %}
 /etc/php/php.ini:
  file.managed:
    - source: salt://roles/maintain/laradev/php.ini
--- a/states/roles/maintain/laradev/nginx.conf
+++ b/states/roles/maintain/laradev/nginx.conf
@ -1,44 +1,41 @@
 server {
-  listen *:8000;
+    listen 443;
-  server_name {{ grains['fqdn'] }};
+    server_name {{server}}.actcur.com;
    root /sites/{{server}};
-  root /usr/share/webapps/laradev; #Path of laradev symlink directory - should contain symlinks to public folder for each branch of the project
+    ssl on;
-  index index.php;
+    ssl_certificate /etc/nginx/certs/{{server}}.actcur.com/fullchain.pem;
-  access_log /var/log/nginx/laradev_access.log;
+    ssl_certificate_key /etc/nginx/certs/{{server}}.actcur.com/privkey.pem;
  error_log /var/log/nginx/laradev_error.log;
-  location = /favicon.ico {
+    index index.html index.htm index.php;
    log_not_found off;
    access_log off;
    expires max;
  }
-  location ~ /\. {
+    charset utf-8;
    deny all;
    access_log off;
    log_not_found off;
  }
-  location ~ \..*/.*\.php$ {
+    rewrite_log on;
    return 403;
  }
-  if (!-d $request_filename) {
+    location @laravel {
-    rewrite ^/(.+)/$ /$1 permanent;
+        rewrite ^(/[^/]+/[^/]+)/(.*)$ $1/index.php?$2 last;
-  }
+    }
-  location / {
+    location / {
-    try_files $1 $uri $uri/ /index.php$is_args$args;
+        try_files $uri $uri/ @laravel;
-  }
+    }
-  location ~ ^/(.*)/index\.php(.*)$ {
+    location = /favicon.ico { access_log off; log_not_found off; }
-    fastcgi_index index.php;
+    location = /robots.txt  { access_log off; log_not_found off; }
-    include /etc/nginx/fastcgi_params;
+
-    try_files $uri =404;
+    error_page 404 /index.php;
-    fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
-    fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
+    location ~ \.php$ {
-    fastcgi_param SCRIPT_FILENAME /usr/share/webapps/laradev/$1/index.php;
+        fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
-    fastcgi_param LARADEV_CONFIGDIR /etc/laradev; #Not strictly needed
+        fastcgi_index index.php;
-    fastcgi_param REMOTE_USER $remote_user;
+        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
-  }
+        include fastcgi_params;
-}
+    }
    location ~ /\.(?!well-known).* {
        deny all;
    }
    error_log /var/log/nginx/ra_error.log notice;
    access_log /var/log/nginx/ra_access.log;
 }
--- a/states/roles/maintain/laradev/php.ini
+++ b/states/roles/maintain/laradev/php.ini
@ -889,17 +889,17 @@ default_socket_timeout = 60
 extension=curl.so
 ;extension=dba.so
 ;extension=enchant.so
-;extension=exif.so
+extension=exif.so
 ;extension=ftp.so
-;extension=gd.so
+extension=gd.so
 extension=gettext.so
 ;extension=gmp.so
-;extension=iconv.so
+extension=iconv.so
 ;extension=imap.so
 ;extension=intl.so
 extension=ldap.so
 ;extension=mcrypt.so
-;extension=mysqli.so
+extension=mysqli.so
 ;extension=odbc.so
 ;zend_extension=opcache.so
 ;extension=pdo_dblib.so
--- a/states/roles/maintain/nginx-proxy/local.conf
+++ b/states/roles/maintain/nginx-proxy/local.conf
@ -28,6 +28,7 @@ server {
    proxy_pass $backend;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-Port 443;
    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Ssl on;
`@ -1,2 +1,2 @@`
	`include:`	`include:`
	`- servers.env.server.{{ grains['host'] }}`	`- servers.env.server.{{ grains['host'] }}`