-
Notifications
You must be signed in to change notification settings - Fork 206
/
zotonic-cloudinit.yml
88 lines (84 loc) · 3.04 KB
/
zotonic-cloudinit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#cloud-config for Ubuntu 22
#
# Example configs here:
# https://cloudinit.readthedocs.io/en/latest/topics/examples.html
#
# Add groups to the system
groups:
- ubuntu: [root,sys]
# Add users to the system. Users are added after groups are added.
users:
- default
- name: zotonic
gecos: Zotonic
sudo: null
lock_passwd: true
shell: /bin/bash
# ssh_authorized_keys:
# - <ssh pub key 1>
# - <ssh pub key 2>
packages:
- build-essential
- libcap2-bin
- libssl-dev
- automake
- autoconf
- libncurses5-dev
- git
- postgresql
- postgresql-client
- curl
- gettext
- inotify-tools
- libnotify-bin
- clamav
- clamav-daemon
- ghostscript
- file
- imagemagick
- ffmpeg
- xvfb
- wkhtmltopdf
runcmd:
- apt update
# Use kerl to install a good and recent version of Erlang
- curl -O https://raw.githubusercontent.com/kerl/kerl/master/kerl
- chmod a+x kerl
- mv kerl /usr/local/bin/kerl
- mkdir -p /usr/local/lib/erlang
- /usr/local/bin/kerl update releases
- /usr/local/bin/kerl build 26.2
- /usr/local/bin/kerl install 26.2 /usr/local/lib/erlang/26.2
- echo ". /usr/local/lib/erlang/26.2/activate" >> /etc/profile
- echo "export REBAR_CACHE_DIR=~/.cache/rebar3" >> /etc/profile
# Allow Erlang (beam.smp) to listen on restricted ports (below 1024)
- setcap 'cap_net_bind_service=+ep' /usr/local/lib/erlang/26.2/erts-*/bin/beam.smp
# Restrict epmd listen IP addresses
- echo "ERL_EPMD_ADDRESS=127.0.0.1,127.0.1.1" >> /etc/environment
# Postgres installation
- sudo --user=postgres -- psql -c "CREATE USER zotonic WITH PASSWORD 'zotonic';"
- sudo --user=postgres -- psql -c "CREATE DATABASE zotonic WITH OWNER = zotonic ENCODING = 'UTF8';"
- sudo --user=postgres -- psql -c "GRANT ALL ON DATABASE zotonic TO zotonic;"
# Set ulimit file handles
- echo "zotonic soft nofile 60000" > /etc/security/limits.d/zotonic.conf
- echo "zotonic hard nofile 60000" >> /etc/security/limits.d/zotonic.conf
# Max inotify files setting
- sudo echo "fs.inotify.max_user_watches=10000" > /etc/sysctl.d/40-max-user-watches.conf
# Enable ImageMagick PDF rendering
- sed -i 's/^.*pattern="PDF".*$/<!-- &1 -->/g' /etc/ImageMagick-6/policy.xml
# Let clamav listen on localhost and update definitions
- service clamav-daemon stop
- systemctl stop clamav-freshclam
- sed -i '1s/^/# For Zotonic listen on localhost\nTCPSocket 3310\nTCPAddr 127.0.0.1\n\n/' /etc/clamav/clamd.conf
- sed -i 's/^LocalSocket.*$/# &1/g' /etc/clamav/clamd.conf
- freshclam
- systemctl start clamav-freshclam
- service clamav-daemon start
# Generate ssh key for git urls
- sudo su zotonic -l -c "ssh-keygen -q -f /home/zotonic/.ssh/id_rsa -N ''"
# Zotonic installation
- sudo su zotonic -l -c "git clone 'https://github.com/zotonic/zotonic'"
- sudo su zotonic -l -c "mkdir -p .config/zotonic/config/1/config.d"
- sudo su zotonic -l -c "cp zotonic/cloud-init/config.d/* .config/zotonic/config/1/config.d/."
- sudo su zotonic -l -c "cd zotonic; make"
- sudo su zotonic -l -c "cd zotonic; bin/zotonic start"