class role::cryptoportfolio {
include "base_installation"
+ include "profile::tools"
include "profile::postgresql"
+ include "profile::apache"
$password_seed = lookup("base_installation::puppet_pass_seed") |$key| { {} }
$cf_env = "prod"
$cf_front_app_host = "cryptoportfolio.immae.eu"
$cf_front_app_port = ""
- $cf_front_app_ssl = "false"
+ $cf_front_app_ssl = "true"
$cf_front_app = "${cf_home}/go/src/immae.eu/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front"
$cf_front_app_api_workdir = "${cf_front_app}/cmd/app"
$cf_front_app_api_bin = "${cf_front_app_api_workdir}/cryptoportfolio-app"
order => "b0",
}
- class { 'nginx': }
+ letsencrypt::certonly { $cf_front_app_host: ;
+ default: * => $::profile::apache::letsencrypt_certonly_default;
+ }
- nginx::resource::server { $cf_front_app_host:
- listen_port => 80,
- proxy => 'http://localhost:8000',
+ class { 'apache::mod::headers': }
+ apache::vhost { $cf_front_app_host:
+ port => '443',
+ docroot => false,
+ manage_docroot => false,
+ proxy_dest => "http://localhost:8000",
+ request_headers => 'set X-Forwarded-Proto "https"',
+ ssl => true,
+ ssl_cert => "/etc/letsencrypt/live/$cf_front_app_host/cert.pem",
+ ssl_key => "/etc/letsencrypt/live/$cf_front_app_host/privkey.pem",
+ ssl_chain => "/etc/letsencrypt/live/$cf_front_app_host/chain.pem",
+ require => Letsencrypt::Certonly[$cf_front_app_host],
+ proxy_preserve_host => true;
+ default: * => $::profile::apache::apache_vhost_default;
}
user { $cf_user:
group => $cf_group,
mode => "0600",
content => template("role/cryptoportfolio/static_conf.env.erb"),
+ notify => Exec["remove build ${cf_front_app}/cmd/web/build/"],
}
exec { "web-cryptoportfolio-dependencies":
environment => ["HOME=${cf_home}"],
command => "/usr/bin/make install",
creates => "${cf_front_app}/cmd/web/node_modules",
+ notify => Exec["remove build ${cf_front_app}/cmd/web/build/"],
require => [Package["npm"], Package["nodejs"], Package["yarn"]]
}
+ exec { "remove build ${cf_front_app}/cmd/web/build/":
+ command => "/usr/bin/rm -rf '${cf_front_app}/cmd/web/build/'",
+ refreshonly => true,
+ before => Exec["web-cryptoportfolio-build"]
+ }
+
exec { "web-cryptoportfolio-build":
cwd => "${cf_front_app}/cmd/web",
environment => ["HOME=${cf_home}"],