From 267c02294d7d5c1f161921f9dade6b692a7029a2 Mon Sep 17 00:00:00 2001
From: Ward Vandewege <ward@curii.com>
Date: Wed, 27 Apr 2022 17:56:26 -0400
Subject: [PATCH] 19015: installer fix: work around a Passenger issue with the
 detection of RVM

This fixes the on-demand building of passenger_native_support.so when
RVM is in use.

Arvados-DCO-1.1-Signed-off-by: Ward Vandewege <ward@curii.com>
---
 .../aws/pillars/nginx_passenger.sls           |  2 +
 .../multi_host/aws/states/passenger_rvm.sls   | 43 +++++++++++++++++++
 .../pillars/nginx_passenger.sls               |  2 +
 .../states/passenger_rvm.sls                  | 43 +++++++++++++++++++
 .../pillars/nginx_passenger.sls               |  2 +
 .../single_hostname/states/passenger_rvm.sls  | 43 +++++++++++++++++++
 tools/salt-install/provision.sh               |  2 +
 7 files changed, 137 insertions(+)
 create mode 100644 tools/salt-install/config_examples/multi_host/aws/states/passenger_rvm.sls
 create mode 100644 tools/salt-install/config_examples/single_host/multiple_hostnames/states/passenger_rvm.sls
 create mode 100644 tools/salt-install/config_examples/single_host/single_hostname/states/passenger_rvm.sls

diff --git a/tools/salt-install/config_examples/multi_host/aws/pillars/nginx_passenger.sls b/tools/salt-install/config_examples/multi_host/aws/pillars/nginx_passenger.sls
index fbd42bd7a3..2b6b96c3a4 100644
--- a/tools/salt-install/config_examples/multi_host/aws/pillars/nginx_passenger.sls
+++ b/tools/salt-install/config_examples/multi_host/aws/pillars/nginx_passenger.sls
@@ -25,6 +25,8 @@ nginx:
   ### SERVER
   server:
     config:
+      # Needed for RVM, harmless otherwise. Cf. https://dev.arvados.org/issues/19015
+      env: GEM_HOME
       # As we now differentiate where passenger is required or not, we need to
       # load this module conditionally, so we add this conditional just to use
       # the same pillar file
diff --git a/tools/salt-install/config_examples/multi_host/aws/states/passenger_rvm.sls b/tools/salt-install/config_examples/multi_host/aws/states/passenger_rvm.sls
new file mode 100644
index 0000000000..cb6799f2d6
--- /dev/null
+++ b/tools/salt-install/config_examples/multi_host/aws/states/passenger_rvm.sls
@@ -0,0 +1,43 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+{%- if grains.os_family in ('RedHat',) %}
+  {%- set group = 'nginx' %}
+{%- else %}
+  {%- set group = 'www-data' %}
+{%- endif %}
+
+# Make sure that /var/www/.passenger exists with the proper ownership
+# so that passenger can build passenger_native_support.so
+extra_var_www_passenger:
+  file.directory:
+    - name: /var/www/.passenger
+    - user: {{ group }}
+    - group: {{ group }}
+    - mode: '0755'
+    - makedirs: True
+
+{%- if grains.osfinger in ('CentOS Linux-7', 'Ubuntu-18.04', 'Debian-10') %}
+# Work around passenger issue when RVM is in use, cf
+# https://dev.arvados.org/issues/19015
+extra_nginx_set_gem_home:
+  file.managed:
+    - name: /etc/systemd/system/nginx.service.d/override.conf
+    - mode: '0644'
+    - user: root
+    - group: root
+    - makedirs: True
+    - replace: False
+    - contents: |
+        [Service]
+        ExecStart=
+        ExecStart=/bin/bash -a -c "GEM_HOME=`/usr/local/rvm/bin/rvm-exec default env |grep GEM_HOME=|cut -f2 -d=` && /usr/sbin/nginx -g 'daemon on; master_process on;'"
+  cmd.run:
+    - name: systemctl daemon-reload
+    - require:
+      - file: extra_nginx_set_gem_home
+      - file: extra_var_www_passenger
+    - onchanges:
+      - file: extra_nginx_set_gem_home
+{%- endif -%}
diff --git a/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/nginx_passenger.sls b/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/nginx_passenger.sls
index dbf21c2651..e51ec21eb9 100644
--- a/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/nginx_passenger.sls
+++ b/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/nginx_passenger.sls
@@ -25,6 +25,8 @@ nginx:
   ### SERVER
   server:
     config:
+      # Needed for RVM, harmless otherwise. Cf. https://dev.arvados.org/issues/19015
+      env: GEM_HOME
       # As we now differentiate where passenger is required or not, we need to
       # load this module conditionally, so we add this conditional just to use
       # the same pillar file
diff --git a/tools/salt-install/config_examples/single_host/multiple_hostnames/states/passenger_rvm.sls b/tools/salt-install/config_examples/single_host/multiple_hostnames/states/passenger_rvm.sls
new file mode 100644
index 0000000000..cb6799f2d6
--- /dev/null
+++ b/tools/salt-install/config_examples/single_host/multiple_hostnames/states/passenger_rvm.sls
@@ -0,0 +1,43 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+{%- if grains.os_family in ('RedHat',) %}
+  {%- set group = 'nginx' %}
+{%- else %}
+  {%- set group = 'www-data' %}
+{%- endif %}
+
+# Make sure that /var/www/.passenger exists with the proper ownership
+# so that passenger can build passenger_native_support.so
+extra_var_www_passenger:
+  file.directory:
+    - name: /var/www/.passenger
+    - user: {{ group }}
+    - group: {{ group }}
+    - mode: '0755'
+    - makedirs: True
+
+{%- if grains.osfinger in ('CentOS Linux-7', 'Ubuntu-18.04', 'Debian-10') %}
+# Work around passenger issue when RVM is in use, cf
+# https://dev.arvados.org/issues/19015
+extra_nginx_set_gem_home:
+  file.managed:
+    - name: /etc/systemd/system/nginx.service.d/override.conf
+    - mode: '0644'
+    - user: root
+    - group: root
+    - makedirs: True
+    - replace: False
+    - contents: |
+        [Service]
+        ExecStart=
+        ExecStart=/bin/bash -a -c "GEM_HOME=`/usr/local/rvm/bin/rvm-exec default env |grep GEM_HOME=|cut -f2 -d=` && /usr/sbin/nginx -g 'daemon on; master_process on;'"
+  cmd.run:
+    - name: systemctl daemon-reload
+    - require:
+      - file: extra_nginx_set_gem_home
+      - file: extra_var_www_passenger
+    - onchanges:
+      - file: extra_nginx_set_gem_home
+{%- endif -%}
diff --git a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_passenger.sls b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_passenger.sls
index c25720c60a..2b764eb2c2 100644
--- a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_passenger.sls
+++ b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_passenger.sls
@@ -25,6 +25,8 @@ nginx:
   ### SERVER
   server:
     config:
+      # Needed for RVM, harmless otherwise. Cf. https://dev.arvados.org/issues/19015
+      env: GEM_HOME
       # As we now differentiate where passenger is required or not, we need to
       # load this module conditionally, so we add this conditional just to use
       # the same pillar file
diff --git a/tools/salt-install/config_examples/single_host/single_hostname/states/passenger_rvm.sls b/tools/salt-install/config_examples/single_host/single_hostname/states/passenger_rvm.sls
new file mode 100644
index 0000000000..cb6799f2d6
--- /dev/null
+++ b/tools/salt-install/config_examples/single_host/single_hostname/states/passenger_rvm.sls
@@ -0,0 +1,43 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+{%- if grains.os_family in ('RedHat',) %}
+  {%- set group = 'nginx' %}
+{%- else %}
+  {%- set group = 'www-data' %}
+{%- endif %}
+
+# Make sure that /var/www/.passenger exists with the proper ownership
+# so that passenger can build passenger_native_support.so
+extra_var_www_passenger:
+  file.directory:
+    - name: /var/www/.passenger
+    - user: {{ group }}
+    - group: {{ group }}
+    - mode: '0755'
+    - makedirs: True
+
+{%- if grains.osfinger in ('CentOS Linux-7', 'Ubuntu-18.04', 'Debian-10') %}
+# Work around passenger issue when RVM is in use, cf
+# https://dev.arvados.org/issues/19015
+extra_nginx_set_gem_home:
+  file.managed:
+    - name: /etc/systemd/system/nginx.service.d/override.conf
+    - mode: '0644'
+    - user: root
+    - group: root
+    - makedirs: True
+    - replace: False
+    - contents: |
+        [Service]
+        ExecStart=
+        ExecStart=/bin/bash -a -c "GEM_HOME=`/usr/local/rvm/bin/rvm-exec default env |grep GEM_HOME=|cut -f2 -d=` && /usr/sbin/nginx -g 'daemon on; master_process on;'"
+  cmd.run:
+    - name: systemctl daemon-reload
+    - require:
+      - file: extra_nginx_set_gem_home
+      - file: extra_var_www_passenger
+    - onchanges:
+      - file: extra_nginx_set_gem_home
+{%- endif -%}
diff --git a/tools/salt-install/provision.sh b/tools/salt-install/provision.sh
index 669d04d92f..ad01c691b9 100755
--- a/tools/salt-install/provision.sh
+++ b/tools/salt-install/provision.sh
@@ -565,6 +565,7 @@ if [ -z "${ROLES}" ]; then
   echo "    - arvados" >> ${S_DIR}/top.sls
   echo "    - extra.shell_sudo_passwordless" >> ${S_DIR}/top.sls
   echo "    - extra.shell_cron_add_login_sync" >> ${S_DIR}/top.sls
+  echo "    - extra.passenger_rvm" >> ${S_DIR}/top.sls
 
   # Pillars
   echo "    - docker" >> ${P_DIR}/top.sls
@@ -657,6 +658,7 @@ else
         else
           echo "    - nginx.passenger" >> ${S_DIR}/top.sls
         fi
+        echo "    - extra.passenger_rvm" >> ${S_DIR}/top.sls
         ### If we don't install and run LE before arvados-api-server, it fails and breaks everything
         ### after it. So we add this here as we are, after all, sharing the host for api and controller
         if [ "${SSL_MODE}" = "lets-encrypt" ]; then
-- 
2.30.2