読者です 読者をやめる 読者になる 読者になる

Itamae で Redmine 環境

とりあえずできた。
参考にしたものをつなぎ合わせただけだけど。
また、itamae の便利な plugin は基本使わないことにして、コードをコピっただけにした。
後で見てわけわかんなくなりそうだったので。

追記: postgesql の起動タイミングを間違っていたので修正。
再追記: さらに間違えてたので修正。また、Postfixipv6 無効対応をした。他にもあるかもしれないし、そもそも無効にしなくてもいいのでは・・・と思ってきた。

参考

rbenv

qiita.com
ほぼ丸パクリさせていただいた

SELINUX 無効

github.com
disabled のところ丸パクリさせていただいた

IPv6 無効

FAQ/CentOS7 - CentOS Wiki
IPv6 は使わないが、敢えて無効にする必要ないと思っていたが、
Redmine から PostgreSQL に接続するさい、IPv6 で接続しにいってしまったので

PostgreSQL

yuumi3.hatenablog.com
PostgreSQL のインストール部分をパクらせていただいた

Redmine の 追加 Plugin と Theme について

Issue Template を入れてと要望があったのでwww.r-labs.org

Theme は常にこれgithub.com

Vagrant の設定

Box自体は前に作ったものを使う。また、Vagrantfile の以下部分のコメント外しておいた。

  • Vagrantfile
  config.vm.network "private_network", ip: "192.168.33.10"

Itamae ファイル

今回関係ないパッケージも別件で使うので入れてしまってる
IPv6 を無効にしているのは、RedminePostgreSQLに対して IPv6 で接続しに移行としてた。
pg_hba.conf で IPv6コメントアウトしてたので。

  • recipes/base.rb
# SELinux disabled
execute 'setenforce 0' do
  not_if 'getenforce | grep Disabled'
end

file '/etc/selinux/config' do
  action :edit
  block do |content|
    next if content =~ /^SELINUX=disabled/
    content.gsub!(/^SELINUX=.*/, "SELINUX=disabled")
  end
end

# update
execute "update yum repo" do
  command "yum -y update"
end

# EPEL
package "epel-release"

# Base Library
package "asciidoc"
package "compat-libcap1"
package "compat-libstdc++-33"
package "gcc"
package "gcc-c++"
package "git"
package "java-1.8.0-openjdk"
package "java-1.8.0-openjdk-devel"
package "libaio-devel"
package "libcurl-devel"
package "libstdc++"
package "libstdc++-devel"
package "libxml2-devel"
package "libxslt-devel"
package "libyaml-devel"
package "openssl-devel"
package "readline-devel"
package "tmux"
package "vim"
package "zlib-devel"
package "ipa-gothic-fonts"
package "ipa-pgothic-fonts"
package "ipa-mincho-fonts"
package "ipa-pmincho-fonts"

# IPv6 Disable
file "/etc/sysctl.conf" do
  user "root"
  action :edit
  block do |content|
    unless content =~ /ipv6/
      content.concat <<-CONF
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
      CONF
    end
  end
end

execute "IPv6 Disable" do
  command <<-CMD
sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1
  CMD
end

# Postfix
file "/etc/sysctl.conf" do
  user "root"
  action :edit
  block do |content|
    unless content =~ /inet_protocols = all/
      content.gsub!("all", "ipv4")
    end
  end
end
  • recipes/rbenv.rb
RBENV_DIR = "/usr/local/rbenv"
RBENV_SCRIPT = "/etc/profile.d/rbenv.sh"

remote_file RBENV_SCRIPT do
  owner "root"
  group "root"
  source "remote_files/rbenv.sh"
end

execute "rbenv install" do
  user "root"
  command <<-CMD
git clone git://github.com/sstephenson/rbenv.git #{RBENV_DIR}
git clone git://github.com/sstephenson/ruby-build.git #{RBENV_DIR}/plugins/ruby-build
  CMD
  not_if "test -e #{RBENV_DIR}"
end

node["rbenv"]["versions"].each do |version|
  execute "install ruby #{version}" do
    user "root"
    command "source #{RBENV_SCRIPT}; rbenv install #{version}"
    not_if "source #{RBENV_SCRIPT}; rbenv versions | grep #{version}"
  end
end

execute "set global ruby #{node["rbenv"]["global"]}" do
  command "source #{RBENV_SCRIPT}; rbenv global #{node["rbenv"]["global"]}; rbenv rehash"
  not_if "source #{RBENV_SCRIPT}; rbenv global | grep #{node["rbenv"]["global"]}"
end

node["rbenv"]["gems"].each do |gem|
  execute "gem install #{gem}" do
    user "root"
    command "source #{RBENV_SCRIPT}; gem install #{gem}; rbenv rehash"
    not_if "source #{RBENV_SCRIPT}; gem list | grep #{gem}"
  end
end

execute "update gem" do
  command "source #{RBENV_SCRIPT}; gem update -- --system; rbenv rehash"
end
# PostgreSQL Install
ver = node[:postgresql][:ver]
short_ver = node[:postgresql][:short_ver]

package node[:postgresql][:pgdg] do
  not_if "rpm -q #{File.basename(node[:postgresql][:pgdg], ".rpm")}"
end

package "postgresql#{short_ver}"
package "postgresql#{short_ver}-server"
package "postgresql#{short_ver}-contrib"
package "postgresql#{short_ver}-devel"
package "postgresql#{short_ver}-libs"

execute "initdb" do
  command "PGSETUP_INITDB_OPTIONS='--encoding UTF8 --no-locale' /usr/pgsql-#{ver}/bin/postgresql#{short_ver}-setup initdb"
  not_if "test -e /var/lib/pgsql/#{ver}/data/postgresql.conf"
end

%w(pg_hba.conf postgresql.conf).each do |file|
  remote_file "/var/lib/pgsql/#{ver}/data/#{file}" do
    source "remote_files/#{file}"
    owner "postgres"
    group "postgres"
    mode "0600"
  end
end

[:enable, :restart].each do |act|
  service "postgresql-#{ver}" do
    action act
  end
end

# Firewall
execute "firewall port open" do
  command "firewall-cmd --add-port=5432/tcp --zone=public --permanent"
  not_if "grep -c 5432 /etc/firewalld/zones/public.xml"
end

execute "Firewall reload" do
  command "firewall-cmd --reload"
end
package "httpd"
package "httpd-devel"
package "httpd-tools"
package "ImageMagick"
package "ImageMagick-devel"
package "subversion"
package "mercurial"

include_recipe "postgresql.rb"

RBENV_SCRIPT = "/etc/profile.d/rbenv.sh"
PSQL = "/usr/bin/psql"
BASE_DIR = node[:redmine][:base_dir]

remote_file RBENV_SCRIPT do
  source "remote_files/rbenv.sh"
end

execute "passenger install" do
  user "root"
  command "source #{RBENV_SCRIPT}; gem i passenger -v #{node[:passenger][:ver]}; rbenv rehash"
  not_if "source #{RBENV_SCRIPT}; gem list | grep -c passenger"
end

execute "passenger-install-apache2-module" do
  user "root"
  command "source #{RBENV_SCRIPT}; passenger-install-apache2-module --auto"
  not_if "test -e #{node[:passenger][:so]}"
end

remote_file "/etc/httpd/conf.d/redmine.conf" do
  owner "apache"
  group "apache"
  source "remote_files/redmine.conf"
end

execute "install redmine" do
  command "svn co  #{node[:redmine][:svn]} #{BASE_DIR}"
  not_if "test -e #{BASE_DIR}"
end

execute "chown redmine directory" do
  command "chown -R apache:apache #{BASE_DIR}"
end

execute "create redmine role" do
  user "postgres"
  command <<-CMD
#{PSQL} -c "CREATE ROLE redmine LOGIN ENCRYPTED PASSWORD 'pass'
    NOINHERIT VALID UNTIL 'infinity'"
  CMD

  not_if <<-CMD
#{PSQL} -c "SELECT rolname FROM pg_roles WHERE rolname = 'redmine'" | grep -c redmine
  CMD
end

execute "create redmine database" do
  user "postgres"
  command <<-CMD
#{PSQL} -c "CREATE DATABASE redmine WITH ENCODING='UTF8' OWNER=redmine"
  CMD

  not_if <<-CMD
#{PSQL} -l | grep -c redmine
  CMD
end

remote_file "#{BASE_DIR}/config/database.yml" do
  owner "apache"
  group "apache"
  source "remote_files/database.yml"
end

# Issue Template
execute "Issue Template" do
  cwd "#{BASE_DIR}/plugins"
  command "hg clone https://bitbucket.org/akiko_pusu/redmine_issue_templates"
  not_if "test -e redmine_issue_templates"
end

# Farend Fancy Theme
git "#{BASE_DIR}/public/themes/farend_fancy" do
  repository "git://github.com/farend/redmine_theme_farend_fancy.git"
end

execute "bundle install" do
  cwd BASE_DIR
  command <<-CMD
source #{RBENV_SCRIPT}
PATH=/usr/pgsql-#{node[:postgresql][:ver]}/bin:$PATH gem i pg
bundle install --without development test
bundle exec rake generate_secret_token
bundle exec rake db:migrate RAILS_ENV=production
bundle exec rake redmine:plugins:migrate RAILS_ENV=production
  CMD
end

# httpd
file "/etc/httpd/conf/httpd.conf" do
  action :edit
  block do |content|
    next if content =~ /redmine/
    content.gsub!(/^DocumentRoot "\/var\/www\/html"/, %Q(DocumentRoot "#{BASE_DIR}/public"))
  end
end

[:enable, :restart].each do |act|
  service "httpd" do
    action act
  end
end

# Firewall
execute "firewall port open" do
  command "firewall-cmd --add-service=http --zone=public --permanent"
  not_if "grep -c http /etc/firewalld/zones/public.xml"
end

execute "Firewall reload" do
  command "firewall-cmd --reload"
end
  • node.yml
rbenv:
  global:
    2.2.3
  versions:
    - 2.2.3
  gems: [bundler]
  rbenv_root: /usr/local/rbenv

passenger:
  ver: 5.0.21
  so: /usr/local/rbenv/versions/2.2.3/lib/ruby/gems/2.2.0/gems/passenger-5.0.21/buildout/apache2/mod_passenger.so

postgresql:
  pgdg: http://yum.postgresql.org/9.5/redhat/rhel-7-x86_64/pgdg-centos95-9.5-2.noarch.rpm
  ver: 9.5
  short_ver: 95

redmine:
  base_dir: /var/lib/redmine
  svn: http://svn.redmine.org/redmine/branches/3.1-stable
  • run.rb

上記を実行するスクリプト

include_recipe "recipes/base.rb"
include_recipe "recipes/rbenv.rb"
include_recipe "recipes/redmine.rb"
  • 実行
% itamae ssh --host localhost -p 2222 -u vagrant ./run.rb -y node.yml

http://192.168.33.10/ にアクセスするとRedmineが動作してるはず
f:id:yossk:20151031004848j:plain
f:id:yossk:20151031004857j:plain