2 # Cookbook Name:: concourse-ci
5 # Copyright 2017, whitestar
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
20 default['concourse-ci']['with_ssl_cert_cookbook'] = false
21 # If ['concourse-ci']['with_ssl_cert_cookbook'] is true,
22 # node['concourse-ci']['docker-compose']['config']
23 # are overridden by the following 'common_name' attributes.
24 default['concourse-ci']['ssl_cert']['common_name'] = node['fqdn']
25 default['concourse-ci']['docker-compose']['app_dir'] = "#{node['docker-grid']['compose']['app_dir']}/concourse"
26 default['concourse-ci']['docker-compose']['pgdata_dir'] = "#{node['concourse-ci']['docker-compose']['app_dir']}/database"
27 default['concourse-ci']['docker-compose']['web_keys_dir'] = "#{node['concourse-ci']['docker-compose']['app_dir']}/keys/web"
28 default['concourse-ci']['docker-compose']['worker_keys_dir'] = "#{node['concourse-ci']['docker-compose']['app_dir']}/keys/worker"
29 default['concourse-ci']['docker-compose']['db_password_reset'] = false
30 default['concourse-ci']['docker-compose']['db_password_vault_item'] = {
32 'vault' => 'concourse',
33 'name' => 'db_password',
34 # single password or nested hash password path delimited by slash
35 'env_context' => false,
36 'key' => 'password', # real hash path: "/password"
37 # or nested hash password path delimited by slash
38 #'env_context' => true,
39 #'key' => 'hash/path/to/password', # real hash path: "/#{node.chef_environment}/hash/path/to/password"
42 default['concourse-ci']['docker-compose']['web_password_reset'] = false
43 default['concourse-ci']['docker-compose']['web_password_vault_item'] = {
45 'vault' => 'concourse',
46 'name' => 'web_password',
47 # single password or nested hash password path delimited by slash
48 'env_context' => false,
49 'key' => 'password', # real hash path: "/password"
50 # or nested hash password path delimited by slash
51 #'env_context' => true,
52 #'key' => 'hash/path/to/password', # real hash path: "/#{node.chef_environment}/hash/path/to/password"
55 default['concourse-ci']['docker-compose']['ssh_keys_reset'] = false
57 # TODO: support version 2 format, and use `default` instead of `force_override`
58 force_override['concourse-ci']['docker-compose']['config_format_version'] = '1'
61 'restart' => 'always',
62 'image' => 'postgres:9.5',
64 #"#{node['concourse-ci']['docker-compose']['pgdata_dir']}:/database",
67 'POSTGRES_DB' => 'concourse',
68 'POSTGRES_USER' => 'concourse',
69 # Note: You should use the `['concourse-ci']['docker-compose']['db_password_vault_item']` attribute.
70 'POSTGRES_PASSWORD' => nil,
71 'PGDATA' => '/database',
75 'restart' => 'always',
76 'image' => 'concourse/concourse', # latest, 2.6.0,...
82 #'8080:8080', # If you sepecify no value, Chef will sets '8080:8080'.
86 # These volumes will be set by the concourse-ci::docker-compose recipe automatically.
87 #"#{node['concourse-ci']['docker-compose']['web_keys_dir']}:/concourse-keys",
90 #'CONCOURSE_TLS_BIND_PORT' => '8443', # activate HTTPS
91 'CONCOURSE_BASIC_AUTH_USERNAME' => 'concourse',
92 # Note: You should use the `['concourse-ci']['docker-compose']['web_password_vault_item']` attribute.
93 'CONCOURSE_BASIC_AUTH_PASSWORD' => nil,
94 # If you sepecify no value, Chef will sets "http://#{node['ipaddress']}:8080".
95 'CONCOURSE_EXTERNAL_URL' => nil,
96 # `${POSTGRES_PASSWORD}` is a placeholder of password string.
97 'CONCOURSE_POSTGRES_DATA_SOURCE' => \
98 'postgres://concourse:${POSTGRES_PASSWORD}@concourse-db:5432/concourse?sslmode=disable',
101 'concourse-worker' => {
102 'restart' => 'always',
103 'image' => 'concourse/concourse',
104 'privileged' => true,
108 'command' => 'worker',
110 # These volumes will be set by the concourse-ci::docker-compose recipe automatically.
111 #"#{node['concourse-ci']['docker-compose']['worker_keys_dir']}:/concourse-keys",
114 'CONCOURSE_TSA_HOST' => 'concourse-web',
120 new_config = Marshal.load(Marshal.dump(version_1_config)) # deep copy
121 new_config['concourse-web'].delete('links')
122 new_config['concourse-worker'].delete('links')
124 # Version 2 docker-compose format
126 'services' => new_config,
130 # Version 2 docker-compose format
134 'restart' => 'always',
135 'image' => 'postgres:9.5',
137 #"#{node['concourse-ci']['docker-compose']['pgdata_dir']}:/database",
140 'POSTGRES_DB' => 'concourse',
141 'POSTGRES_USER' => 'concourse',
142 'POSTGRES_PASSWORD' => nil,
143 'PGDATA' => '/database',
147 'restart' => 'always',
148 'image' => 'concourse/concourse', # latest, 2.6.0,...
154 "#{node['concourse-ci']['docker-compose']['web_keys_dir']}:/concourse-keys",
157 'CONCOURSE_BASIC_AUTH_USERNAME' => 'concourse',
158 'CONCOURSE_BASIC_AUTH_PASSWORD' => nil,
159 'CONCOURSE_EXTERNAL_URL' => nil,
160 'CONCOURSE_POSTGRES_DATA_SOURCE' => \
161 'postgres://concourse:<POSTGRES_PASSWORD>@concourse-db:5432/concourse?sslmode=disable',
164 'concourse-worker' => {
165 'restart' => 'always',
166 'image' => 'concourse/concourse',
167 'privileged' => true,
168 'command' => 'worker',
170 "#{node['concourse-ci']['docker-compose']['worker_keys_dir']}:/concourse-keys",
173 'CONCOURSE_TSA_HOST' => 'concourse-web',
179 default['concourse-ci']['docker-compose']['config'] = \
180 node['concourse-ci']['docker-compose']['config_format_version'] == '1' ? version_1_config : version_2_config