summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorClark Boylan <clark.boylan@gmail.com>2017-01-19 15:59:56 -0800
committerClark Boylan <clark.boylan@gmail.com>2017-01-20 12:44:41 -0800
commit521672bc3525f8c73ecfe0e2ffd9901b381ccb3a (patch)
tree4584d6e368b393d12735f0ac58c5e68a69258bcd
parentf8d123d2bab3a99a24e49086f919ac164641145b (diff)
Convert from etherpad to ethercalc
This begins the conversion process. We keep the bulk of the nodejs and apache configuration. Remove mysql and replace with redis and so on. This is not a complete conversion, future work should include authenticated redis configuration and systemd support. However, this should be able to get the service running with a basic set of features and functionality. Change-Id: Id10247211d9643e81bb1b6e8fb67377ba6de873a
Notes
Notes (review): Code-Review+2: Jeremy Stanley <fungi@yuggoth.org> Code-Review+2: James E. Blair <corvus@inaugust.com> Workflow+1: Clark Boylan <cboylan@sapwetik.org> Verified+2: Jenkins Submitted-by: Jenkins Submitted-at: Tue, 24 Jan 2017 23:07:27 +0000 Reviewed-on: https://review.openstack.org/422921 Project: openstack-infra/puppet-ethercalc Branch: refs/heads/master
-rw-r--r--.gitreview2
-rw-r--r--README.md4
-rw-r--r--files/apache-connection-tuning4
-rw-r--r--files/pad.js7
-rw-r--r--manifests/apache.pp19
-rw-r--r--manifests/buildsource.pp38
-rw-r--r--manifests/init.pp130
-rw-r--r--manifests/mysql.pp32
-rw-r--r--manifests/plugin.pp13
-rw-r--r--manifests/redis.pp17
-rw-r--r--manifests/site.pp68
-rw-r--r--metadata.json14
-rw-r--r--templates/ethercalc.vhost.erb86
-rw-r--r--templates/etherpad-lite_settings.json.erb120
-rw-r--r--templates/etherpadlite.vhost.erb113
-rw-r--r--templates/upstart.erb31
16 files changed, 211 insertions, 487 deletions
diff --git a/.gitreview b/.gitreview
index 43b79fe..6b6a38b 100644
--- a/.gitreview
+++ b/.gitreview
@@ -1,4 +1,4 @@
1[gerrit] 1[gerrit]
2host=review.openstack.org 2host=review.openstack.org
3port=29418 3port=29418
4project=openstack-infra/puppet-etherpad_lite.git 4project=openstack-infra/puppet-ethercalc.git
diff --git a/README.md b/README.md
index c839b51..f25348c 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,3 @@
1# OpenStack Etherpad Lite Module 1# OpenStack Ethercalc Module
2 2
3This module installs and configures Etherpad Lite 3This module installs and configures Ethercalc
diff --git a/files/apache-connection-tuning b/files/apache-connection-tuning
index 158adb0..12c688f 100644
--- a/files/apache-connection-tuning
+++ b/files/apache-connection-tuning
@@ -9,9 +9,9 @@
9# MaxClients: maximum number of simultaneous client connections 9# MaxClients: maximum number of simultaneous client connections
10# MaxRequestsPerChild: maximum number of requests a server process serves 10# MaxRequestsPerChild: maximum number of requests a server process serves
11# 11#
12# Etherpad Lite clients create a lot of connections. To be able to support 12# Ethercalc clients create a lot of connections. To be able to support
13# Several hundred concurrent users we need to make sure that we allow a few 13# Several hundred concurrent users we need to make sure that we allow a few
14# thousand concurrent connections. This should be ok as typical etherpad use 14# thousand concurrent connections. This should be ok as typical ethercalc use
15# involves a couple writers then a bunch of lurkers. The cost of lurkers 15# involves a couple writers then a bunch of lurkers. The cost of lurkers
16# is basically the TCP connection as they don't create DB writes and so on. 16# is basically the TCP connection as they don't create DB writes and so on.
17# In addition to allowing for connection growth, keep a healthy number of 17# In addition to allowing for connection growth, keep a healthy number of
diff --git a/files/pad.js b/files/pad.js
deleted file mode 100644
index 1fe0210..0000000
--- a/files/pad.js
+++ /dev/null
@@ -1,7 +0,0 @@
1function customStart()
2{
3 //define your javascript here
4 //jquery is available - except index.js
5 //you can load extra scripts with $.getScript http://api.jquery.com/jQuery.getScript/
6 chat.stickToScreen(true);
7}
diff --git a/manifests/apache.pp b/manifests/apache.pp
index b3c60f0..4a7fa04 100644
--- a/manifests/apache.pp
+++ b/manifests/apache.pp
@@ -1,7 +1,7 @@
1# == Class: etherpad_lite::apache 1# == Class: ethercalc::apache
2# 2#
3class etherpad_lite::apache ( 3class ethercalc::apache (
4 $docroot = '/srv/etherpad-lite', 4 $docroot = '/srv/ethercalc',
5 $serveradmin = "webmaster@${::fqdn}", 5 $serveradmin = "webmaster@${::fqdn}",
6 $ssl_cert_file = '', 6 $ssl_cert_file = '',
7 $ssl_cert_file_contents = '', # If left empty puppet will not create file. 7 $ssl_cert_file_contents = '', # If left empty puppet will not create file.
@@ -36,7 +36,7 @@ class etherpad_lite::apache (
36 port => 443, 36 port => 443,
37 docroot => $docroot, 37 docroot => $docroot,
38 priority => '50', 38 priority => '50',
39 template => 'etherpad_lite/etherpadlite.vhost.erb', 39 template => 'ethercalc/ethercalc.vhost.erb',
40 ssl => true, 40 ssl => true,
41 } 41 }
42 42
@@ -55,6 +55,11 @@ class etherpad_lite::apache (
55 ensure => present, 55 ensure => present,
56 } 56 }
57 } 57 }
58 if !defined(Mod['proxy_wstunnel']) {
59 httpd::mod { 'proxy_wstunnel':
60 ensure => present,
61 }
62 }
58 if ($auth_openid != undef) { 63 if ($auth_openid != undef) {
59 if !defined(Package['libapache2-mod-auth-openid']) { 64 if !defined(Package['libapache2-mod-auth-openid']) {
60 package { 'libapache2-mod-auth-openid': 65 package { 'libapache2-mod-auth-openid':
@@ -88,7 +93,7 @@ class etherpad_lite::apache (
88 owner => 'root', 93 owner => 'root',
89 group => 'root', 94 group => 'root',
90 mode => '0644', 95 mode => '0644',
91 source => 'puppet:///modules/etherpad_lite/apache-connection-tuning', 96 source => 'puppet:///modules/ethercalc/apache-connection-tuning',
92 notify => Service['httpd'], 97 notify => Service['httpd'],
93 require => File['/etc/apache2/conf.d'], 98 require => File['/etc/apache2/conf.d'],
94 } 99 }
@@ -105,7 +110,7 @@ class etherpad_lite::apache (
105 owner => 'root', 110 owner => 'root',
106 group => 'root', 111 group => 'root',
107 mode => '0644', 112 mode => '0644',
108 source => 'puppet:///modules/etherpad_lite/apache-connection-tuning', 113 source => 'puppet:///modules/ethercalc/apache-connection-tuning',
109 require => File['/etc/apache2/conf-available'], 114 require => File['/etc/apache2/conf-available'],
110 } 115 }
111 116
@@ -133,7 +138,7 @@ class etherpad_lite::apache (
133 138
134 file { "${docroot}/robots.txt": 139 file { "${docroot}/robots.txt":
135 ensure => present, 140 ensure => present,
136 source => 'puppet:///modules/etherpad_lite/robots.txt', 141 source => 'puppet:///modules/ethercalc/robots.txt',
137 owner => 'root', 142 owner => 'root',
138 group => 'root', 143 group => 'root',
139 mode => '0444', 144 mode => '0444',
diff --git a/manifests/buildsource.pp b/manifests/buildsource.pp
deleted file mode 100644
index 2b0c9fd..0000000
--- a/manifests/buildsource.pp
+++ /dev/null
@@ -1,38 +0,0 @@
1# == Define: buildsource
2#
3# define to build from source using ./configure && make && make install.
4#
5define etherpad_lite::buildsource(
6 $creates = '/nonexistant/file',
7 $dir = $title,
8 $timeout = 300,
9 $user = 'root',
10) {
11
12 exec { "./configure in ${dir}":
13 command => './configure',
14 path => "/usr/bin:/bin:/usr/local/bin:${dir}",
15 user => $user,
16 cwd => $dir,
17 creates => $creates,
18 before => Exec["make in ${dir}"],
19 }
20
21 exec { "make in ${dir}":
22 command => 'make',
23 path => '/usr/bin:/bin',
24 user => $user,
25 cwd => $dir,
26 timeout => $timeout,
27 creates => $creates,
28 before => Exec["make install in ${dir}"],
29 }
30
31 exec { "make install in ${dir}":
32 command => 'make install',
33 path => '/usr/bin:/bin',
34 user => $user,
35 cwd => $dir,
36 creates => $creates,
37 }
38}
diff --git a/manifests/init.pp b/manifests/init.pp
index 80c2362..8241a48 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,54 +1,45 @@
1# == Class: etherpad_lite 1# == Class: ethercalc
2# 2#
3# Class to install etherpad lite. Puppet acts a lot like a package manager 3# Class to install ethercalc.
4# through this class.
5# 4#
6# To use etherpad lite you will want the following includes: 5# To use ethercalc you will want the following includes:
7# include etherpad_lite 6# include ethercalc
8# include etherpad_lite::mysql # necessary to use mysql as the backend 7# include ethercalc::redis # necessary to use mysql as the backend
9# include etherpad_lite::site # configures etherpad lite instance 8# include ethercalc::site # configures ethercalc instance
10# include etherpad_lite::apache # will add reverse proxy on localhost 9# include ethercalc::apache # will add reverse proxy on localhost
11# The defaults for all the classes should just work (tm) 10# The defaults for all the classes should just work (tm)
12# 11#
13# 12#
14class etherpad_lite ( 13class ethercalc (
15 $base_install_dir = '/opt/etherpad-lite', 14 $base_install_dir = '/opt/ethercalc',
16 $base_log_dir = '/var/log', 15 $base_log_dir = '/var/log',
17 $ep_ensure = 'present', 16 $ethercalc_user = 'ethercalc',
18 $ep_user = 'eplite', 17 $ethercalc_version= '0.20161220.1',
19 $eplite_version = 'develop',
20 # If set to system will install system package. 18 # If set to system will install system package.
21 $nodejs_version = 'node_0.10', 19 $nodejs_version = 'node_4.x',
22) { 20) {
23 21
24 # where the modules are, needed to easily install modules later 22 $path = '/usr/local/bin:/usr/bin:/bin'
25 $modules_dir = "${base_install_dir}/etherpad-lite/node_modules"
26 $path = "/usr/local/bin:/usr/bin:/bin:${base_install_dir}/etherpad-lite"
27 23
28 user { $ep_user: 24 group { $ethercalc_user:
29 shell => '/usr/sbin/nologin', 25 ensure => present,
30 home => "${base_log_dir}/${ep_user}",
31 system => true,
32 gid => $ep_user,
33 require => Group[$ep_user],
34 } 26 }
35 27
36 group { $ep_user: 28 user { $ethercalc_user:
37 ensure => present, 29 shell => '/usr/sbin/nologin',
30 home => $base_install_dir,
31 system => true,
32 gid => $ethercalc_user,
33 require => Group[$ethercalc_user],
38 } 34 }
39 35
40 # Below is what happens when you treat puppet as a package manager.
41 # This is probably bad, but it works and you don't need to roll .debs.
42 file { $base_install_dir: 36 file { $base_install_dir:
43 ensure => directory, 37 ensure => directory,
44 group => $ep_user, 38 owner => $ethercalc_user,
39 group => $ethercalc_user,
45 mode => '0664', 40 mode => '0664',
46 } 41 }
47 42
48 package { 'abiword':
49 ensure => present,
50 }
51
52 package { 'curl': 43 package { 'curl':
53 ensure => present, 44 ensure => present,
54 } 45 }
@@ -76,48 +67,61 @@ class etherpad_lite (
76 67
77 anchor { 'nodejs-anchor': } 68 anchor { 'nodejs-anchor': }
78 69
79 vcsrepo { "${base_install_dir}/etherpad-lite": 70 exec { 'install-ethercalc':
80 ensure => $ep_ensure, 71 command => "npm install ethercalc@${ethercalc_version}",
81 provider => git, 72 unless => "npm ls --parseable | grep ethercalc@${ethercalc_version}",
82 source => 'https://github.com/ether/etherpad-lite.git', 73 path => $path,
83 owner => $ep_user, 74 cwd => $base_install_dir,
84 revision => $eplite_version, 75 require => Anchor['nodejs-anchor'],
85 require => [
86 Package['git'],
87 User[$ep_user],
88 ],
89 } 76 }
90 77
91 exec { 'install_etherpad_dependencies': 78 file { '/etc/init/ethercalc.conf':
92 command => './bin/installDeps.sh',
93 path => $path,
94 user => $ep_user,
95 cwd => "${base_install_dir}/etherpad-lite",
96 environment => "HOME=${base_log_dir}/${ep_user}",
97 require => [
98 Package['curl'],
99 Vcsrepo["${base_install_dir}/etherpad-lite"],
100 Anchor['nodejs-anchor'],
101 ],
102 before => File["${base_install_dir}/etherpad-lite/settings.json"],
103 creates => "${base_install_dir}/etherpad-lite/node_modules",
104 }
105
106 file { '/etc/init/etherpad-lite.conf':
107 ensure => present, 79 ensure => present,
108 content => template('etherpad_lite/upstart.erb'), 80 content => template('ethercalc/upstart.erb'),
109 replace => true, 81 replace => true,
110 owner => 'root', 82 owner => 'root',
111 } 83 }
112 84
113 file { '/etc/init.d/etherpad-lite': 85 file { '/etc/init.d/ethercalc':
114 ensure => link, 86 ensure => link,
115 target => '/lib/init/upstart-job', 87 target => '/lib/init/upstart-job',
116 } 88 }
117 89
118 file { "${base_log_dir}/${ep_user}": 90 file { "${base_log_dir}/${ethercalc_user}":
119 ensure => directory, 91 ensure => directory,
120 owner => $ep_user, 92 owner => $ethercalc_user,
93 }
94
95 service { 'ethercalc':
96 ensure => running,
97 enable => true,
98 require => File['/etc/init/ethercalc.conf'],
99 }
100
101 include ::logrotate
102 logrotate::file { 'ethercalc_error':
103 log => "${base_log_dir}/${ethercalc_user}/error.log",
104 options => [
105 'compress',
106 'copytruncate',
107 'missingok',
108 'rotate 7',
109 'daily',
110 'notifempty',
111 ],
112 require => Service['ethercalc'],
113 }
114
115 logrotate::file { 'ethercalc_access':
116 log => "${base_log_dir}/${ethercalc_user}/access.log",
117 options => [
118 'compress',
119 'copytruncate',
120 'missingok',
121 'rotate 7',
122 'daily',
123 'notifempty',
124 ],
125 require => Service['ethercalc'],
121 } 126 }
122 # end package management ugliness
123} 127}
diff --git a/manifests/mysql.pp b/manifests/mysql.pp
deleted file mode 100644
index 7f30dfd..0000000
--- a/manifests/mysql.pp
+++ /dev/null
@@ -1,32 +0,0 @@
1# == Class: puppet-etherpad_lite::mysql
2#
3class etherpad_lite::mysql(
4 $database_password,
5 $mysql_root_password,
6 $database_name = 'etherpad-lite',
7 $database_user = 'eplite',
8) {
9 class { '::mysql::server':
10 root_password => $mysql_root_password,
11 override_options => {
12 'mysqld' => {
13 'default-storage-engine' => 'InnoDB',
14 }
15 }
16 }
17
18 include ::mysql::server::account_security
19
20 mysql::db { $database_name:
21 user => $database_user,
22 password => $database_password,
23 host => 'localhost',
24 grant => ['all'],
25 charset => 'utf8mb4',
26 collate => 'utf8mb4_unicode_ci',
27 require => [
28 Class['mysql::server'],
29 Class['mysql::server::account_security'],
30 ],
31 }
32}
diff --git a/manifests/plugin.pp b/manifests/plugin.pp
deleted file mode 100644
index f319a71..0000000
--- a/manifests/plugin.pp
+++ /dev/null
@@ -1,13 +0,0 @@
1# Define to install etherpad lite plugins
2#
3define etherpad_lite::plugin {
4 $plugin_name = $name
5 exec { "npm install ${plugin_name}":
6 cwd => $etherpad_lite::modules_dir,
7 path => $etherpad_lite::path,
8 user => $etherpad_lite::ep_user,
9 environment => "HOME=${etherpad_lite::base_log_dir}/${etherpad_lite::ep_user}",
10 creates => "${etherpad_lite::modules_dir}/${plugin_name}",
11 require => Class['etherpad_lite']
12 }
13}
diff --git a/manifests/redis.pp b/manifests/redis.pp
new file mode 100644
index 0000000..fadde50
--- /dev/null
+++ b/manifests/redis.pp
@@ -0,0 +1,17 @@
1# == Class: ethercalc::redis
2#
3class ethercalc::redis(
4 $redis_port = '6379',
5 $redis_max_memory = '1gb',
6 $redis_bind = '127.0.0.1',
7 $redis_password = undef,
8 $redis_version = '2.8.4',
9) {
10 class { '::redis':
11 redis_port => $redis_port,
12 redis_max_memory => $redis_max_memory,
13 redis_bind => $redis_bind,
14 redis_password => $redis_password,
15 version => $redis_version ,
16 }
17}
diff --git a/manifests/site.pp b/manifests/site.pp
deleted file mode 100644
index cb2c3ae..0000000
--- a/manifests/site.pp
+++ /dev/null
@@ -1,68 +0,0 @@
1# == Class: etherpad_lite::site
2#
3class etherpad_lite::site (
4 $database_password,
5 $etherpad_title,
6 $database_host = 'localhost',
7 $database_name = 'etherpad-lite',
8 $database_user = 'eplite',
9 $db_type = 'mysql',
10 $session_key = '',
11) {
12
13 include ::etherpad_lite
14
15 $base = $etherpad_lite::base_install_dir
16
17 service { 'etherpad-lite':
18 ensure => running,
19 enable => true,
20 subscribe => File["${base}/etherpad-lite/settings.json"],
21 }
22
23 file { "${base}/etherpad-lite/settings.json":
24 ensure => present,
25 content => template('etherpad_lite/etherpad-lite_settings.json.erb'),
26 replace => true,
27 owner => $etherpad_lite::ep_user,
28 group => $etherpad_lite::ep_user,
29 mode => '0600',
30 require => Class['etherpad_lite'],
31 }
32
33 file { "${base}/etherpad-lite/src/static/custom/pad.js":
34 ensure => present,
35 source => 'puppet:///modules/etherpad_lite/pad.js',
36 owner => $etherpad_lite::ep_user,
37 group => $etherpad_lite::ep_user,
38 mode => '0644',
39 require => Class['etherpad_lite'],
40 }
41
42 include ::logrotate
43 logrotate::file { 'epliteerror':
44 log => "${base}/${etherpad_lite::ep_user}/error.log",
45 options => [
46 'compress',
47 'copytruncate',
48 'missingok',
49 'rotate 7',
50 'daily',
51 'notifempty',
52 ],
53 require => Service['etherpad-lite'],
54 }
55
56 logrotate::file { 'epliteaccess':
57 log => "${base}/${etherpad_lite::ep_user}/access.log",
58 options => [
59 'compress',
60 'copytruncate',
61 'missingok',
62 'rotate 7',
63 'daily',
64 'notifempty',
65 ],
66 require => Service['etherpad-lite'],
67 }
68}
diff --git a/metadata.json b/metadata.json
index 413f28a..7611a3a 100644
--- a/metadata.json
+++ b/metadata.json
@@ -1,11 +1,15 @@
1{ 1{
2 "name": "openstackinfra-etherpad_lite", 2 "name": "openstackinfra-ethercalc",
3 "version": "0.0.1", 3 "version": "0.0.1",
4 "author": "Openstack CI", 4 "author": "Openstack CI",
5 "summary": "Puppet module for Etherpad Lite", 5 "summary": "Puppet module for Ethercalc",
6 "license": "Apache 2.0", 6 "license": "Apache 2.0",
7 "source": "git://git.openstack.org/openstack-infra/puppet-etherpad_lite.git", 7 "source": "git://git.openstack.org/openstack-infra/puppet-ethercalc.git",
8 "project_page": "http://docs.openstack.org/infra/system-config/", 8 "project_page": "http://docs.openstack.org/infra/system-config/",
9 "issues_url": "https://storyboard.openstack.org/#!/project/800", 9 "issues_url": "https://storyboard.openstack.org/#!/project/858",
10 "dependencies": [] 10 "dependencies": [
11 {"name":"openstackinfra/httpd"},
12 {"name":"openstackinfra/redis"},
13 {"name":"voxpupuli/nodejs"}
14 ]
11} 15}
diff --git a/templates/ethercalc.vhost.erb b/templates/ethercalc.vhost.erb
new file mode 100644
index 0000000..5c587fd
--- /dev/null
+++ b/templates/ethercalc.vhost.erb
@@ -0,0 +1,86 @@
1<VirtualHost *:80>
2 ServerName <%= scope.lookupvar("ethercalc::apache::vhost_name") %>
3 ServerAdmin <%= scope.lookupvar("ethercalc::apache::serveradmin") %>
4
5 ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("ethercalc::apache::vhost_name") %>-error.log
6
7 LogLevel warn
8
9 CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("ethercalc::apache::vhost_name") %>-access.log combined
10
11 Redirect / https://<%= scope.lookupvar("ethercalc::apache::vhost_name") %>/
12
13</VirtualHost>
14
15<IfModule mod_ssl.c>
16<VirtualHost *:443>
17 ServerName <%= scope.lookupvar("ethercalc::apache::vhost_name") %>
18 ServerAdmin <%= scope.lookupvar("ethercalc::apache::serveradmin") %>
19
20 ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("ethercalc::apache::vhost_name") %>-ssl-error.log
21
22 LogLevel warn
23
24 CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("ethercalc::apache::vhost_name") %>-ssl-access.log combined
25
26 SSLEngine on
27 SSLProtocol All -SSLv2 -SSLv3
28
29 SSLCertificateFile <%= scope.lookupvar("ethercalc::apache::ssl_cert_file") %>
30 SSLCertificateKeyFile <%= scope.lookupvar("ethercalc::apache::ssl_key_file") %>
31 <% if scope.lookupvar("ethercalc::apache::ssl_chain_file") != "" %>
32 SSLCertificateChainFile <%= scope.lookupvar("ethercalc::apache::ssl_chain_file") %>
33 <% end %>
34
35 BrowserMatch "MSIE [2-6]" \
36 nokeepalive ssl-unclean-shutdown \
37 downgrade-1.0 force-response-1.0
38 # MSIE 7 and newer should be able to use keepalive
39 BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
40
41 <% if @auth_openid != nil %>
42 <Location />
43 AuthType OpenID
44 AuthName "<%= @auth_openid['banner'] %>"
45 AuthOpenIDSecureCookie On
46 AuthOpenIDCookieLifespan 3600
47 AuthOpenIDTrustRoot https://<%= scope.lookupvar("ethercalc::apache::vhost_name") %>
48 AuthOpenIDServerName https://<%= scope.lookupvar("ethercalc::apache::vhost_name") %>
49 AuthOpenIDSingleIdP <%= @auth_openid['singleIdp'] %>
50 AuthOpenIDTrusted <%= @auth_openid['trusted'] %>
51 <% if @auth_openid['any_valid_user'] %>
52 Require valid-user
53 <% elsif !@auth_openid['users'].empty? %>
54 <% @auth_openid['users'].each do |user| -%>
55 Require user <%= user %>
56 <% end -%>
57 <% end %>
58 </Location>
59 <% end %>
60
61 # Proxy pass to the node.js server (port 8000)
62 ProxyPass / http://127.0.0.1:8000/
63 ProxyPassReverse / http://127.0.0.1:8000/
64
65 RewriteEngine On
66
67 # Do not rewrite the /server-status URL (though by default, this
68 # is only accessible from localhost). Connect to it with:
69 # ssh -L 8443:localhost:443 $HOSTNAME
70 # https://localhost:8443/server-status
71 RewriteRule ^/server-status$ /server-status [L]
72
73 # Set up websockets to work through the proxy
74 RewriteCond %{REQUEST_URI} ^/socket.io [NC]
75 RewriteCond %{QUERY_STRING} transport=websocket [NC]
76 RewriteRule /(.*) ws://localhost:8000/$1 [P,L]
77
78
79 # Set up an alias for static files. Saves having to serve them from node.js
80 Alias /robots.txt <%= scope.lookupvar("ethercalc::apache::docroot") %>/robots.txt
81 Alias /static <%= scope.lookupvar("ethercalc::base_install_dir") %>/node_modules/ethercalc/static
82 Alias /l10n <%= scope.lookupvar("ethercalc::base_install_dir") %>/node_modules/ethercalc/l10n
83 Alias /images <%= scope.lookupvar("ethercalc::base_install_dir") %>/node_modules/ethercalc/images
84
85</VirtualHost>
86</IfModule>
diff --git a/templates/etherpad-lite_settings.json.erb b/templates/etherpad-lite_settings.json.erb
deleted file mode 100644
index b6572ba..0000000
--- a/templates/etherpad-lite_settings.json.erb
+++ /dev/null
@@ -1,120 +0,0 @@
1/*
2 This file must be valid JSON. But comments are allowed
3
4 Please edit settings.json, not settings.json.template
5*/
6{
7 // Name your instance!
8 "title": "<%= @etherpad_title %>",
9
10 //Ip and port which etherpad should bind at
11 "ip": "127.0.0.1",
12 "port" : 9001,
13
14 // favicon default name
15 "favicon": "favicon.ico",
16
17 // Session Key, used for reconnecting user sessions
18 // Set this to a secure string at least 10 characters long. Do not share this value.
19 "sessionKey" : "<%= @session_key %>",
20
21 //The Type of the database. You can choose between dirty, sqlite and mysql
22 //You should use mysql or sqlite for anything else than testing or development
23 "dbType" : "<%= @db_type %>",
24 //the database specific settings
25 "dbSettings" : {
26 "user" : "<%= @database_user %>",
27 "host" : "<%= @database_host %>",
28 "password": "<%= @database_password %>",
29 "database": "<%= @database_name %>"
30 },
31 //the default text of a pad
32 "defaultPadText" : "Welcome to Etherpad Lite!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nEtherpad Lite on Github: http:\/\/j.mp/ep-lite\n",
33
34 /* Users must have a session to access pads. This effectively allows only group pads to be accessed. */
35 "requireSession" : false,
36
37 /* Users may edit pads but not create new ones. Pad creation is only via the API. This applies both to group pads and regular pads. */
38 "editOnly" : false,
39
40 /* if true, all css & js will be minified before sending to the client. This will improve the loading performance massivly,
41 but makes it impossible to debug the javascript/css */
42 "minify" : true,
43
44 /* How long may clients use served javascript code? Without versioning this
45 is may cause problems during deployment. */
46 "maxAge" : 21600000, // 6 hours
47
48 /* This is the path to the Abiword executable. Setting it to null, disables abiword.
49 Abiword is needed to enable the import/export of pads*/
50 "abiword" : "/usr/bin/abiword",
51
52 /* This setting is used if you require authentication of all users.
53 Note: /admin always requires authentication. */
54 "requireAuthentication": false,
55
56 /* Require authorization by a module, or a user with is_admin set, see below. */
57 "requireAuthorization": false,
58
59 /* Users for basic authentication. is_admin = true gives access to /admin.
60 If you do not uncomment this, /admin will not be available! */
61 /*
62 "users": {
63 "admin": {
64 "password": "changeme1",
65 "is_admin": true
66 },
67 "user": {
68 "password": "changeme1",
69 "is_admin": false
70 }
71 },
72 */
73
74 // restrict socket.io transport methods
75 "socketTransportProtocols" : ["websocket", "xhr-polling", "jsonp-polling", "htmlfile"],
76
77 /* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */
78 "loglevel": "INFO",
79
80 //Logging configuration. See log4js documentation for further information
81 // https://github.com/nomiddlename/log4js-node
82 // You can add as many appenders as you want here:
83 "logconfig" :
84 { "appenders": [
85 { "type": "console"
86 //, "category": "access"// only logs pad access
87 }
88 /*
89 , { "type": "file"
90 , "filename": "/var/log/eplite/etherpad-lite.log"
91 , "maxLogSize": 1024
92 , "backups": 30 // how many log files there're gonna be at max
93 //, "category": "test" // only log a specific category
94 }*/
95 /*
96 , { "type": "logLevelFilter"
97 , "level": "warn" // filters out all log messages that have a lower level than "error"
98 , "appender":
99 { Use whatever appender you want here }
100 }*/
101 /*
102 , { "type": "logLevelFilter"
103 , "level": "error" // filters out all log messages that have a lower level than "error"
104 , "appender":
105 { "type": "smtp"
106 , "subject": "An error occured in your EPL instance!"
107 , "recipients": "bar@blurdybloop.com, baz@blurdybloop.com"
108 , "sendInterval": 60*5 // in secs -- will buffer log messages; set to 0 to send a mail for every message
109 , "transport": "SMTP", "SMTP": { // see https://github.com/andris9/Nodemailer#possible-transport-methods
110 "host": "smtp.example.com", "port": 465,
111 "secureConnection": true,
112 "auth": {
113 "user": "foo@example.com",
114 "pass": "bar_foo"
115 }
116 }
117 }
118 }*/
119 ] }
120}
diff --git a/templates/etherpadlite.vhost.erb b/templates/etherpadlite.vhost.erb
deleted file mode 100644
index 5cd0147..0000000
--- a/templates/etherpadlite.vhost.erb
+++ /dev/null
@@ -1,113 +0,0 @@
1<VirtualHost *:80>
2 ServerName <%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
3 ServerAdmin <%= scope.lookupvar("etherpad_lite::apache::serveradmin") %>
4
5 ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-error.log
6
7 LogLevel warn
8
9 CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-access.log combined
10
11 Redirect / https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/
12
13</VirtualHost>
14
15<IfModule mod_ssl.c>
16<VirtualHost *:443>
17 ServerName <%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
18 ServerAdmin <%= scope.lookupvar("etherpad_lite::apache::serveradmin") %>
19
20 ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-error.log
21
22 LogLevel warn
23
24 CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-access.log combined
25
26 SSLEngine on
27 SSLProtocol All -SSLv2 -SSLv3
28
29 SSLCertificateFile <%= scope.lookupvar("etherpad_lite::apache::ssl_cert_file") %>
30 SSLCertificateKeyFile <%= scope.lookupvar("etherpad_lite::apache::ssl_key_file") %>
31 <% if scope.lookupvar("etherpad_lite::apache::ssl_chain_file") != "" %>
32 SSLCertificateChainFile <%= scope.lookupvar("etherpad_lite::apache::ssl_chain_file") %>
33 <% end %>
34
35 BrowserMatch "MSIE [2-6]" \
36 nokeepalive ssl-unclean-shutdown \
37 downgrade-1.0 force-response-1.0
38 # MSIE 7 and newer should be able to use keepalive
39 BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
40
41 <% if @auth_openid != nil %>
42 <Location /p/>
43 AuthType OpenID
44 AuthName "<%= @auth_openid['banner'] %>"
45 AuthOpenIDSecureCookie On
46 AuthOpenIDCookieLifespan 3600
47 AuthOpenIDTrustRoot https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
48 AuthOpenIDServerName https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
49 AuthOpenIDSingleIdP <%= @auth_openid['singleIdp'] %>
50 AuthOpenIDTrusted <%= @auth_openid['trusted'] %>
51 <% if @auth_openid['any_valid_user'] %>
52 Require valid-user
53 <% elsif !@auth_openid['users'].empty? %>
54 <% @auth_openid['users'].each do |user| -%>
55 Require user <%= user %>
56 <% end -%>
57 <% end %>
58 </Location>
59 <% end %>
60
61 <IfModule mod_proxy.c>
62 # The following redirects "nice" urls such as https://etherpad.example.org/padname
63 # to https://etherpad.example.org/p/padname. It was problematic directly
64 # supporting "nice" urls as etherpad hardcodes /p/ in many places.
65 # Adapted from https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy
66 RewriteEngine on
67
68 # Do not rewrite the /server-status URL (though by default, this
69 # is only accessible from localhost). Connect to it with:
70 # ssh -L 8443:localhost:443 $HOSTNAME
71 # https://localhost:8443/server-status
72 RewriteRule ^/server-status$ /server-status [L]
73
74 RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
75 RewriteRule ^.*$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %> [L,R=301]
76
77 # Server robots.txt directly so that it does not affect
78 # etherpad-lite installation.
79 RewriteRule ^/robots.txt$ <%= scope.lookupvar("etherpad_lite::apache::docroot") %>/robots.txt [L]
80
81 RewriteCond %{REQUEST_URI} !^/p/
82 RewriteCond %{REQUEST_URI} !^/locales/
83 RewriteCond %{REQUEST_URI} !^/locales.json
84 RewriteCond %{REQUEST_URI} !^/admin
85 RewriteCond %{REQUEST_URI} !^/p/
86 RewriteCond %{REQUEST_URI} !^/static/
87 RewriteCond %{REQUEST_URI} !^/pluginfw/
88 RewriteCond %{REQUEST_URI} !^/javascripts/
89 RewriteCond %{REQUEST_URI} !^/socket.io/
90 RewriteCond %{REQUEST_URI} !^/ep/
91 RewriteCond %{REQUEST_URI} !^/minified/
92 RewriteCond %{REQUEST_URI} !^/api/
93 RewriteCond %{REQUEST_URI} !^/ro/
94 RewriteCond %{REQUEST_URI} !^/error/
95 RewriteCond %{REQUEST_URI} !^/jserror
96 RewriteCond %{REQUEST_URI} !/favicon.ico
97 RewriteCond %{REQUEST_URI} !/robots.txt
98 RewriteRule ^/+(.+)$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/p/$1 [NC,L,R=301]
99
100 <IfModule mod_proxy_wstunnel.c>
101 RewriteCond %{REQUEST_URI} ^/socket.io [NC]
102 RewriteCond %{QUERY_STRING} transport=websocket [NC]
103 RewriteRule /(.*) ws://localhost:9001/$1 [P,L]
104 ProxyPass /socket.io http://localhost:9001/socket.io retry=0
105 ProxyPassReverse /socket.io http://localhost:9001/socket.io
106 </IfModule>
107
108 ProxyPass / http://localhost:9001/ retry=0
109 ProxyPassReverse / http://localhost:9001/
110 </IfModule>
111
112</VirtualHost>
113</IfModule>
diff --git a/templates/upstart.erb b/templates/upstart.erb
index 1281da7..993cbab 100644
--- a/templates/upstart.erb
+++ b/templates/upstart.erb
@@ -1,29 +1,28 @@
1description "etherpad-lite" 1description "ethercalc"
2 2
3start on started networking 3start on started networking
4stop on runlevel [!2345] 4stop on runlevel [!2345]
5 5
6env EPHOME=<%= @base_install_dir %>/etherpad-lite 6env ETHERCALC_HOME=<%= @base_install_dir %>
7env EPLOGS=<%= @base_log_dir %>/<%= @ep_user %> 7env ETHERCALC_LOGS=<%= @base_log_dir %>/<%= @ethercalc_user %>
8env EPUSER=<%= @ep_user %> 8env ETHERCALC_USER=<%= @ethercalc_user %>
9 9
10respawn 10respawn
11 11
12pre-start script 12pre-start script
13 chdir $EPHOME 13 chdir $ETHERCALC_HOME
14 mkdir $EPLOGS ||true 14 mkdir $ETHERCALC_LOGS ||true
15 chown -R $EPUSER:admin $EPLOGS ||true 15 chown -R $ETHERCALC_USER:admin $ETHERCALC_LOGS ||true
16 chmod 0755 $EPLOGS ||true 16 chmod 0755 $ETHERCALC_LOGS ||true
17 chown -R $EPUSER:admin $EPHOME/var ||true 17 chown -R $ETHERCALC_USER:admin $ETHERCALC_HOME/var ||true
18 bin/installDeps.sh >> $EPLOGS/error.log || { stop; exit 1; }
19end script 18end script
20 19
21setuid <%= @ep_user %> 20setuid <%= @ethercalc_user %>
22setgid <%= @ep_user %> 21setgid <%= @ethercalc_user %>
23limit nofile 8192 16384 22limit nofile 8192 16384
24script 23script
25 cd $EPHOME 24 cd $ETHERCALC_HOME
26 /usr/local/bin/node --stack_size=1968 node_modules/ep_etherpad-lite/node/server.js \ 25 /bin/bash node_modules/ethercalc/bin/run.sh \
27 >> $EPLOGS/access.log \ 26 >> $ETHERCALC_LOGS/access.log \
28 2>> $EPLOGS/error.log 27 2>> $ETHERCALC_LOGS/error.log
29end script 28end script