Itamae で Redmine 環境
とりあえずできた。
参考にしたものをつなぎ合わせただけだけど。
また、itamae の便利な plugin は基本使わないことにして、コードをコピっただけにした。
後で見てわけわかんなくなりそうだったので。
追記: postgesql の起動タイミングを間違っていたので修正。
再追記: さらに間違えてたので修正。また、Postfix も ipv6 無効対応をした。他にもあるかもしれないし、そもそも無効にしなくてもいいのでは・・・と思ってきた。
参考
rbenv
qiita.com
ほぼ丸パクリさせていただいた
SELINUX 無効
github.com
disabled のところ丸パクリさせていただいた
IPv6 無効
FAQ/CentOS7 - CentOS Wiki
IPv6 は使わないが、敢えて無効にする必要ないと思っていたが、
Redmine から PostgreSQL に接続するさい、IPv6 で接続しにいってしまったので
PostgreSQL
yuumi3.hatenablog.com
PostgreSQL のインストール部分をパクらせていただいた
Vagrant の設定
Box自体は前に作ったものを使う。また、Vagrantfile の以下部分のコメント外しておいた。
- Vagrantfile
config.vm.network "private_network", ip: "192.168.33.10"
Itamae ファイル
今回関係ないパッケージも別件で使うので入れてしまってる
IPv6 を無効にしているのは、Redmine が PostgreSQLに対して IPv6 で接続しに移行としてた。
pg_hba.conf で IPv6 はコメントアウトしてたので。
- recipes/base.rb
# SELinux disabled execute 'setenforce 0' do not_if 'getenforce | grep Disabled' end file '/etc/selinux/config' do action :edit block do |content| next if content =~ /^SELINUX=disabled/ content.gsub!(/^SELINUX=.*/, "SELINUX=disabled") end end # update execute "update yum repo" do command "yum -y update" end # EPEL package "epel-release" # Base Library package "asciidoc" package "compat-libcap1" package "compat-libstdc++-33" package "gcc" package "gcc-c++" package "git" package "java-1.8.0-openjdk" package "java-1.8.0-openjdk-devel" package "libaio-devel" package "libcurl-devel" package "libstdc++" package "libstdc++-devel" package "libxml2-devel" package "libxslt-devel" package "libyaml-devel" package "openssl-devel" package "readline-devel" package "tmux" package "vim" package "zlib-devel" package "ipa-gothic-fonts" package "ipa-pgothic-fonts" package "ipa-mincho-fonts" package "ipa-pmincho-fonts" # IPv6 Disable file "/etc/sysctl.conf" do user "root" action :edit block do |content| unless content =~ /ipv6/ content.concat <<-CONF net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 CONF end end end execute "IPv6 Disable" do command <<-CMD sysctl -w net.ipv6.conf.all.disable_ipv6=1 sysctl -w net.ipv6.conf.default.disable_ipv6=1 CMD end # Postfix file "/etc/sysctl.conf" do user "root" action :edit block do |content| unless content =~ /inet_protocols = all/ content.gsub!("all", "ipv4") end end end
- recipes/rbenv.rb
RBENV_DIR = "/usr/local/rbenv" RBENV_SCRIPT = "/etc/profile.d/rbenv.sh" remote_file RBENV_SCRIPT do owner "root" group "root" source "remote_files/rbenv.sh" end execute "rbenv install" do user "root" command <<-CMD git clone git://github.com/sstephenson/rbenv.git #{RBENV_DIR} git clone git://github.com/sstephenson/ruby-build.git #{RBENV_DIR}/plugins/ruby-build CMD not_if "test -e #{RBENV_DIR}" end node["rbenv"]["versions"].each do |version| execute "install ruby #{version}" do user "root" command "source #{RBENV_SCRIPT}; rbenv install #{version}" not_if "source #{RBENV_SCRIPT}; rbenv versions | grep #{version}" end end execute "set global ruby #{node["rbenv"]["global"]}" do command "source #{RBENV_SCRIPT}; rbenv global #{node["rbenv"]["global"]}; rbenv rehash" not_if "source #{RBENV_SCRIPT}; rbenv global | grep #{node["rbenv"]["global"]}" end node["rbenv"]["gems"].each do |gem| execute "gem install #{gem}" do user "root" command "source #{RBENV_SCRIPT}; gem install #{gem}; rbenv rehash" not_if "source #{RBENV_SCRIPT}; gem list | grep #{gem}" end end execute "update gem" do command "source #{RBENV_SCRIPT}; gem update -- --system; rbenv rehash" end
- recipes/postgresql.rb
# PostgreSQL Install ver = node[:postgresql][:ver] short_ver = node[:postgresql][:short_ver] package node[:postgresql][:pgdg] do not_if "rpm -q #{File.basename(node[:postgresql][:pgdg], ".rpm")}" end package "postgresql#{short_ver}" package "postgresql#{short_ver}-server" package "postgresql#{short_ver}-contrib" package "postgresql#{short_ver}-devel" package "postgresql#{short_ver}-libs" execute "initdb" do command "PGSETUP_INITDB_OPTIONS='--encoding UTF8 --no-locale' /usr/pgsql-#{ver}/bin/postgresql#{short_ver}-setup initdb" not_if "test -e /var/lib/pgsql/#{ver}/data/postgresql.conf" end %w(pg_hba.conf postgresql.conf).each do |file| remote_file "/var/lib/pgsql/#{ver}/data/#{file}" do source "remote_files/#{file}" owner "postgres" group "postgres" mode "0600" end end [:enable, :restart].each do |act| service "postgresql-#{ver}" do action act end end # Firewall execute "firewall port open" do command "firewall-cmd --add-port=5432/tcp --zone=public --permanent" not_if "grep -c 5432 /etc/firewalld/zones/public.xml" end execute "Firewall reload" do command "firewall-cmd --reload" end
- recipes/redmine.rb
package "httpd" package "httpd-devel" package "httpd-tools" package "ImageMagick" package "ImageMagick-devel" package "subversion" package "mercurial" include_recipe "postgresql.rb" RBENV_SCRIPT = "/etc/profile.d/rbenv.sh" PSQL = "/usr/bin/psql" BASE_DIR = node[:redmine][:base_dir] remote_file RBENV_SCRIPT do source "remote_files/rbenv.sh" end execute "passenger install" do user "root" command "source #{RBENV_SCRIPT}; gem i passenger -v #{node[:passenger][:ver]}; rbenv rehash" not_if "source #{RBENV_SCRIPT}; gem list | grep -c passenger" end execute "passenger-install-apache2-module" do user "root" command "source #{RBENV_SCRIPT}; passenger-install-apache2-module --auto" not_if "test -e #{node[:passenger][:so]}" end remote_file "/etc/httpd/conf.d/redmine.conf" do owner "apache" group "apache" source "remote_files/redmine.conf" end execute "install redmine" do command "svn co #{node[:redmine][:svn]} #{BASE_DIR}" not_if "test -e #{BASE_DIR}" end execute "chown redmine directory" do command "chown -R apache:apache #{BASE_DIR}" end execute "create redmine role" do user "postgres" command <<-CMD #{PSQL} -c "CREATE ROLE redmine LOGIN ENCRYPTED PASSWORD 'pass' NOINHERIT VALID UNTIL 'infinity'" CMD not_if <<-CMD #{PSQL} -c "SELECT rolname FROM pg_roles WHERE rolname = 'redmine'" | grep -c redmine CMD end execute "create redmine database" do user "postgres" command <<-CMD #{PSQL} -c "CREATE DATABASE redmine WITH ENCODING='UTF8' OWNER=redmine" CMD not_if <<-CMD #{PSQL} -l | grep -c redmine CMD end remote_file "#{BASE_DIR}/config/database.yml" do owner "apache" group "apache" source "remote_files/database.yml" end # Issue Template execute "Issue Template" do cwd "#{BASE_DIR}/plugins" command "hg clone https://bitbucket.org/akiko_pusu/redmine_issue_templates" not_if "test -e redmine_issue_templates" end # Farend Fancy Theme git "#{BASE_DIR}/public/themes/farend_fancy" do repository "git://github.com/farend/redmine_theme_farend_fancy.git" end execute "bundle install" do cwd BASE_DIR command <<-CMD source #{RBENV_SCRIPT} PATH=/usr/pgsql-#{node[:postgresql][:ver]}/bin:$PATH gem i pg bundle install --without development test bundle exec rake generate_secret_token bundle exec rake db:migrate RAILS_ENV=production bundle exec rake redmine:plugins:migrate RAILS_ENV=production CMD end # httpd file "/etc/httpd/conf/httpd.conf" do action :edit block do |content| next if content =~ /redmine/ content.gsub!(/^DocumentRoot "\/var\/www\/html"/, %Q(DocumentRoot "#{BASE_DIR}/public")) end end [:enable, :restart].each do |act| service "httpd" do action act end end # Firewall execute "firewall port open" do command "firewall-cmd --add-service=http --zone=public --permanent" not_if "grep -c http /etc/firewalld/zones/public.xml" end execute "Firewall reload" do command "firewall-cmd --reload" end
- node.yml
rbenv: global: 2.2.3 versions: - 2.2.3 gems: [bundler] rbenv_root: /usr/local/rbenv passenger: ver: 5.0.21 so: /usr/local/rbenv/versions/2.2.3/lib/ruby/gems/2.2.0/gems/passenger-5.0.21/buildout/apache2/mod_passenger.so postgresql: pgdg: http://yum.postgresql.org/9.5/redhat/rhel-7-x86_64/pgdg-centos95-9.5-2.noarch.rpm ver: 9.5 short_ver: 95 redmine: base_dir: /var/lib/redmine svn: http://svn.redmine.org/redmine/branches/3.1-stable
- run.rb
上記を実行するスクリプト
include_recipe "recipes/base.rb" include_recipe "recipes/rbenv.rb" include_recipe "recipes/redmine.rb"
- 実行
% itamae ssh --host localhost -p 2222 -u vagrant ./run.rb -y node.yml
http://192.168.33.10/ にアクセスするとRedmineが動作してるはず