-
Notifications
You must be signed in to change notification settings - Fork 1
/
cloud_config.yaml
120 lines (115 loc) · 3.55 KB
/
cloud_config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
#cloud-config
users:
- name: etoa
lock_passwd: true
shell: /bin/bash
package_upgrade: true
package_update: true
packages:
- apache2
- php-fpm
- php-xml
- php-gd
- php-curl
- php-mysql
- php-zip
- php-mbstring
- composer
- unzip
- mysql-server
- git
- htop
- vim
- build-essential
- cmake
- libmysql++-dev
- libboost-all-dev
- certbot
- python-certbot-apache
- postfix
write_files:
- content: |
<VirtualHost *:80>
ServerName ${hostname}
ServerAdmin [email protected]
DocumentRoot /var/www/etoa/htdocs
ErrorLog $${APACHE_LOG_DIR}/etoa_error.log
CustomLog $${APACHE_LOG_DIR}/etoa_access.log combined
<Location />
Script PUT /api.php
Script DELETE /api.php
</Location>
</VirtualHost>
path: /etc/apache2/sites-available/etoa.conf
- content: |
<IfModule !mod_php7.c>
<IfModule proxy_fcgi_module>
# Enable http authorization headers
<IfModule setenvif_module>
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.2-etoa-fpm.sock|fcgi://localhost"
</FilesMatch>
<FilesMatch ".+\.phps$">
Require all denied
</FilesMatch>
<FilesMatch "^\.ph(ar|p|ps|tml)$">
Require all denied
</FilesMatch>
</IfModule>
</IfModule>
path: /etc/apache2/conf-available/php7.2-etoa-fpm.conf
- content: |
[etoa]
user = etoa
group = etoa
listen = /run/php/php7.2-etoa-fpm.sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
path: /etc/php/7.2/fpm/pool.d/etoa.conf
- content: |
auto eth0:1
iface eth0:1 inet static
address ${public_ip}
netmask 32
path: /etc/network/interfaces.d/60-my-floating-ip.cfg
- content: |
SET GLOBAL sql_mode=(SELECT REPLACE(@@sql_mode,'ONLY_FULL_GROUP_BY',''));
SET GLOBAL sql_mode=(SELECT REPLACE(@@sql_mode,'STRICT_TRANS_TABLES',''));
CREATE DATABASE IF NOT EXISTS etoa;
GRANT USAGE ON *.* TO etoa@localhost IDENTIFIED BY 'etoa';
GRANT ALL PRIVILEGES ON etoa.* TO etoa@localhost;
FLUSH PRIVILEGES;
path: /root/init.sql
- content: |
[mysqld]
sql_mode = "NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
path: /etc/mysql/conf.d/mysql.cnf
bootcmd:
- ip addr add ${public_ip} dev eth0
- mkdir -p /mnt/data; mount -o discard,defaults ${data_disk} /mnt/data
- mkdir -p /var/lib/mysql /mnt/data/mysql; mount --bind /mnt/data/mysql /var/lib/mysql
- mkdir -p /var/www /mnt/data/www; mount --bind /mnt/data/www /var/www
runcmd:
- if [ -d /var/www/etoa ]; then cd /var/www/etoa; git checkout ${webapp_branch}; git pull; else git clone --branch ${webapp_branch} https://github.com/etoa/etoa-gui.git /var/www/etoa; fi
- chown -R etoa:etoa /var/www/etoa
- su etoa -s /bin/bash -c "cd /var/www/etoa; composer install"
- a2enmod proxy_fcgi setenvif actions
- a2enconf php7.2-etoa-fpm
- a2ensite etoa
- a2dissite 000-default
- a2enmod http2
- echo "Protocols h2 http/1.1" >> /etc/apache2/apache2.conf
- systemctl reload apache2
- rm /etc/php/7.2/fpm/pool.d/www.conf
- systemctl reload php7.2-fpm.service
- mysql -u root < /root/init.sql
- certbot --apache --agree-tos -m [email protected] -d ${hostname} --non-interactive --redirect
- rm -f /var/www/etoa/htdocs/tmp/eventhandler.pid
- su etoa -s /bin/bash -c "cd /var/www/etoa/eventhandler && cmake . && make"