bard 2.0.0.beta → 2.0.1

data/lib/bard/deploy_strategy/ssh.rb

@@ -1,19 +0,0 @@
-require "bard/deploy_strategy"
-
-module Bard
-  class DeployStrategy
-    class SSH < DeployStrategy
-      def deploy
-        # Require SSH capability
-        target.require_capability!(:ssh)
-
-        # Determine branch
-        branch = target.instance_variable_get(:@branch) || "master"
-
-        # Run git pull and setup on remote server
-        target.run! "git pull origin #{branch}"
-        target.run! "bin/setup"
-      end
-    end
-  end
-end

data/lib/bard/github_pages.rb

@@ -1,134 +0,0 @@
-require 'delegate'
-require 'fileutils'
-require 'bard/git'
-
-module Bard
-  class GithubPages < SimpleDelegator
-    def deploy server
-      @sha = Git.sha_of(Git.current_branch)
-      @build_dir = "tmp/github-build-#{@sha}"
-      @branch = "gh-pages"
-      @domain = server.ping.first
-      @domain = URI.parse(@domain).hostname if @domain
-
-      puts "Starting deployment to GitHub Pages..."
-
-      build_site
-      tree_sha = create_tree_from_build
-      new_commit = create_commit(tree_sha)
-      commit_and_push new_commit
-    end
-
-    private
-
-    def build_site
-      with_locked_port do |port|
-        system "rm -rf #{@build_dir.sub(@sha, "*")}"
-        run! <<~SH
-          set -e
-          RAILS_ENV=production bundle exec rails s -p #{port} -d --pid tmp/pids/server.pid
-          OUTPUT=$(bundle exec rake assets:clean assets:precompile 2>&1) || echo "$OUTPUT"
-
-          # Create the output directory and enter it
-          BUILD=#{@build_dir}
-          rm -rf $BUILD
-          mkdir -p $BUILD
-          cp -R public/assets $BUILD/
-          cd $BUILD
-
-          # wait until server responds
-          echo waiting...
-          curl -s --retry 5 --retry-delay 2 http://localhost:#{port} >/dev/null 2>&1
-
-          echo copying...
-          # Mirror the site to the build folder, ignoring links with query params
-          wget -nv -r -l inf --no-remove-listing -FEnH --reject-regex "(\\.*)\\?(.*)" http://localhost:#{port}/ 2>&1
-
-          echo #{@domain} > CNAME
-        SH
-      ensure # cleanup
-        run! <<~SH
-          cat tmp/pids/server.pid | xargs -I {} kill {}
-          rm -rf public/assets
-        SH
-      end
-    end
-
-    def with_locked_port
-      (3000..3020).each do |port|
-        lock_file = "/tmp/bard_github_pages_#{port}.lock"
-        file = File.open(lock_file, File::RDWR | File::CREAT, 0644)
-        if file.flock(File::LOCK_EX | File::LOCK_NB)
-          begin
-            yield port
-            return
-          ensure
-            file.flock(File::LOCK_UN)
-            file.close
-          end
-        else
-          file.close
-        end
-      end
-      raise "Could not find an available port for GitHub Pages deployment (checked 3000-3020)."
-    end
-
-    def create_tree_from_build
-      # Create temporary index
-      git_index_file = ".git/tmp-index"
-      git = "GIT_INDEX_FILE=#{git_index_file} git"
-      run! "#{git} read-tree --empty"
-
-      # Add build files to temporary index
-      Dir.chdir(@build_dir) do
-        Dir.glob('**/*', File::FNM_DOTMATCH).each do |file|
-          next if file == '.' || file == '..'
-          if File.file?(file)
-            run! "#{git} update-index --add --cacheinfo 100644 $(#{git} hash-object -w #{file}) #{file}"
-          end
-        end
-      end
-
-      # Create tree object from index
-      tree_sha = `#{git} write-tree`.chomp
-
-      # Clean up temporary index
-      FileUtils.rm_f(git_index_file)
-
-      tree_sha
-    end
-
-    def create_commit tree_sha
-      # Get parent commit if branch exists
-      parent = get_parent_commit
-
-      # Create commit object
-      message = "'Deploying to #{@branch} from @ #{@sha} 🚀'"
-      args = ['commit-tree', tree_sha]
-      args += ['-p', parent] if parent
-      args += ['-m', message]
-
-      commit_sha = `git #{args.join(' ')}`.chomp
-
-      commit_sha
-    end
-
-    def get_parent_commit
-      Git.sha_of("#{@branch}^{commit}")
-    end
-
-    def commit_and_push commit_sha
-      if branch_exists?
-        run! "git update-ref refs/heads/#{@branch} #{commit_sha}"
-      else
-        run! "git branch #{@branch} #{commit_sha}"
-      end
-      run! "git push -f origin #{@branch}:refs/heads/#{@branch}"
-    end
-
-    def branch_exists?
-      system("git show-ref --verify --quiet refs/heads/#{@branch}")
-    end
-  end
-end
-

data/lib/bard/provision/app.rb

@@ -1,10 +0,0 @@
-# run bin/setup
-
-class Bard::Provision::App < Bard::Provision
-  def call
-    print "App:"
-    provision_server.run! "bin/setup"
-    puts " ✓"
-  end
-end
-

data/lib/bard/provision/apt.rb

@@ -1,16 +0,0 @@
-# apt sanity
-
-class Bard::Provision::Apt < Bard::Provision
-  def call
-    print "Apt:"
-    provision_server.run! [
-      %(echo "\\$nrconf{restart} = \\"a\\";" | sudo tee /etc/needrestart/conf.d/90-autorestart.conf),
-      "sudo apt-get update -y",
-      "sudo apt-get upgrade -y",
-      "sudo apt-get install -y curl",
-    ].join("; "), home: true
-
-    puts " ✓"
-  end
-end
-

data/lib/bard/provision/authorizedkeys.rb

@@ -1,25 +0,0 @@
-# install public keys if missing
-
-class Bard::Provision::AuthorizedKeys < Bard::Provision
-  def call
-    print "Authorized Keys:"
-
-    KEYS.each do |search_text, full_key|
-      file = "~/.ssh/authorized_keys"
-      provision_server.run! <<~SH, home: true
-        if ! grep -F -q "#{search_text}" #{file}; then
-          echo "#{full_key}" >> #{file}
-        fi
-      SH
-    end
-
-    puts " ✓"
-  end
-
-  KEYS = {
-    "micah@haku" => "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDAH235mtpxPQucd0bIgdufo1bR3By2+a+NPHiZS1P7SpI73evN9+hY7ri+gLscPLRWeoy1ig/TbyfN1AqJmfqIaskZdYOdcEQdOum4AwDMY5L6OAq2o5NER047RqDxE6Pjm2nfRVVw2Dz38eeco+ouchCI+sY5pJL/wEZItrCpPjKvwo56uln1rL6Smd4Kh98ZBKTGL8xKs95rNmFdBCCq4eUE28JDgkJAiLDZ/4u2LNrgEr7/brkUieZjaZ4BacBi8EQvyvMWmZ0g2MoG+Ptxn/3K2nd1QqdhfINqHBVCi8UbkP08B0Msif/7Dycuxd7DU9cVZ3RgnhLtbIsQ8HaYVj5yCKB6CuX3lv3H4YKBghBC/TnJD5Nq5xcSYTW0BKKrusCb/OoOk5AUV+BGM1+R70fno8reVEBUlZDkWapHxmqgNnf1byL7Aol/L5SWgyfSLT6b5FjI6g/U+dhaecYY9T9g/GWo+JiwZktc094O0ujlQHoibMY2M0csVfvO9Oc= micah@haku",
-    "gubs@Theia.local" => "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApJh0E8ZlaLbMUWGvryAhEBRnnI519ZKz586vdQTuIPlDb9xhe5m3Ys8Fk9LKqJUQNxBV6qCGOXNgNdWySkk2ChmmgDnPfr7/31ZuOAASFbUY0PtaDXUsMVvs1Uu2VhtRU9gSduGonEHG7iBpAuBI23CxU4yPS6o3pv7L9xwnmULes5F9S4/nDvPig15h9byInyHOLDV0XjHFS+2OlSWO/xC8uqH5CdlxXFAmPQ0R69qmILl0rcTPyNMLJGcJGUzb/LMRJX/RDyTpZeJPjH4V+zksQ/4YQ3LWvLrlZL6QLuM285ve4mQa3vBY4WMqNlp4Ig3ZCFOpMKmpvTn7pFUmKw== gubs@Theia.local",
-  }
-end
-
-

data/lib/bard/provision/data.rb

@@ -1,27 +0,0 @@
-# copy data from production
-
-class Bard::Provision::Data < Bard::Provision
-  def call
-    print "Data:"
-
-    print " Dumping #{server.key} database to file"
-    server.run! "bin/rake db:dump"
-
-    print " Transfering file from #{server.key},"
-    server.copy_file "db/data.sql.gz", to: provision_server, verbose: false
-
-    print " Loading file into database,"
-    provision_server.run! "bin/rake db:load"
-
-    config.data.each do |path|
-      print " Synchronizing files in #{path},"
-      server.copy_dir path, to: provision_server, verbose: false
-    end
-
-    puts " ✓"
-  end
-end
-
-
-
-

data/lib/bard/provision/deploy.rb

@@ -1,10 +0,0 @@
-# run bard deploy
-
-class Bard::Provision::Deploy < Bard::Provision
-  def call
-    print "Deploy:"
-    provision_server.run! "bin/setup"
-    puts " ✓"
-  end
-end
-

data/lib/bard/provision/http.rb

@@ -1,16 +0,0 @@
-require "uri"
-
-# test for existence
-
-class Bard::Provision::HTTP < Bard::Provision
-  def call
-    print "HTTP:"
-    target_host = URI.parse(server.ping.first).host
-    if system "curl -s --resolve #{target_host}:80:#{provision_server.ssh_uri.host} http://#{target_host} -I | grep -i \"x-powered-by: phusion passenger\" >/dev/null 2>&1"
-      puts " ✓"
-    else
-      puts " !!! not serving a rails app from #{provision_server.ssh_uri.host}"
-    end
-  end
-end
-

data/lib/bard/provision/logrotation.rb

@@ -1,30 +0,0 @@
-# install log rotation if missing
-
-class Bard::Provision::LogRotation < Bard::Provision
-  def call
-    print "Log Rotation:"
-
-    provision_server.run! <<~SH, quiet: true
-      file=/etc/logrotate.d/#{server.project_name}
-      if [ ! -f $file ]; then
-        sudo tee $file > /dev/null <<EOF
-      $(pwd)/log/*.log {
-        weekly
-        size 100M
-        missingok
-        rotate 52
-        delaycompress
-        notifempty
-        copytruncate
-        create 664 www www
-      }
-      EOF
-      fi
-    SH
-
-    puts " ✓"
-  end
-end
-
-
-

data/lib/bard/provision/masterkey.rb

@@ -1,18 +0,0 @@
-require "bard/copy"
-
-# copy master key if missing
-
-class Bard::Provision::MasterKey < Bard::Provision
-  def call
-    print "Master Key:"
-    if File.exist?("config/master.key")
-      if !provision_server.run "[ -f config/master.key ]", quiet: true
-        print " Uploading config/master.key,"
-        Bard::Copy.new("config/master.key").scp_using_local(:to, provision_server)
-      end
-    end
-
-    puts " ✓"
-  end
-end
-

data/lib/bard/provision/mysql.rb

@@ -1,22 +0,0 @@
-# install mysql
-
-class Bard::Provision::MySQL < Bard::Provision
-  def call
-    print "MySQL:"
-    if !mysql_responding?
-      print " Installing,"
-      provision_server.run! [
-        "sudo apt-get install -y mysql-server",
-        %(sudo mysql -uroot -e "ALTER USER \\"'\\"root\\"'\\"@\\"'\\"localhost\\"'\\" IDENTIFIED WITH mysql_native_password BY \\"'\\"\\"'\\", \\"'\\"root\\"'\\"@\\"'\\"localhost\\"'\\" PASSWORD EXPIRE NEVER; FLUSH PRIVILEGES;"),
-        %(mysql -uroot -e "UPDATE mysql.user SET password_lifetime = NULL WHERE user = \\"'\\"root\\"'\\" AND host = \\"'\\"localhost\\"'\\";"),
-      ].join("; "), home: true
-    end
-
-    puts " ✓"
-  end
-
-  def mysql_responding?
-    provision_server.run "sudo systemctl is-active --quiet mysql", home: true, quiet: true
-  end
-end
-

data/lib/bard/provision/passenger.rb

@@ -1,37 +0,0 @@
-# install nginx & passenger
-
-class Bard::Provision::Passenger < Bard::Provision
-  def call
-    print "Passenger:"
-    if !http_responding?
-      print " Installing nginx & Passenger,"
-      provision_server.run! [
-        %(grep -qxF "RAILS_ENV=production" /etc/environment || echo "RAILS_ENV=production" | sudo tee -a /etc/environment),
-        %(grep -qxF "EDITOR=vim" /etc/environment || echo "EDITOR=vim" | sudo tee -a /etc/environment),
-        "sudo apt-get install -y vim dirmngr gnupg apt-transport-https ca-certificates",
-        "curl https://oss-binaries.phusionpassenger.com/auto-software-signing-gpg-key.txt | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/phusion.gpg >/dev/null",
-        %(echo "deb https://oss-binaries.phusionpassenger.com/apt/passenger jammy main" | sudo tee /etc/apt/sources.list.d/passenger.list),
-        "sudo apt-get update -y",
-        "sudo apt-get install -y nginx libnginx-mod-http-passenger",
-        "sudo rm /etc/nginx/sites-enabled/default",
-      ].join("; "), home: true
-    end
-
-    if !app_configured?
-      print " Creating nginx config for app,"
-      provision_server.run! "bard setup"
-    end
-
-    puts " ✓"
-  end
-
-  def http_responding?
-    system "nc -zv #{provision_server.ssh_uri.host} 80 2>/dev/null"
-  end
-
-  def app_configured?
-    provision_server.run "[ -f /etc/nginx/sites-enabled/#{server.project_name} ]", quiet: true
-  end
-end
-
-

data/lib/bard/provision/repo.rb

@@ -1,72 +0,0 @@
-require "bard/github"
-
-# generate and install ssh public key into deploy keys
-# add repo to known hosts
-# clone repo
-
-class Bard::Provision::Repo < Bard::Provision
-  def call
-    print "Repo:"
-    if !already_cloned?
-      if !can_clone_project?
-        if !ssh_keypair?
-          print " Generating keypair in ~/.ssh,"
-          provision_server.run! "ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa -q -N \"\"", home: true
-        end
-        print " Add public key to GitHub repo deploy keys,"
-        title = "#{server.ssh_uri.user}@#{server.ssh_uri.host}"
-        key = provision_server.run "cat ~/.ssh/id_rsa.pub", home: true
-        Bard::Github.new(server.project_name).add_deploy_key title:, key:
-      end
-      print " Cloning repo,"
-      provision_server.run! "git clone git@github.com:botandrosedesign/#{project_name}", home: true
-    else
-      if !on_latest_master?
-        print " Updating to latest master,"
-        update_to_latest_master!
-      end
-    end
-
-    puts " ✓"
-  end
-
-  private
-
-  def ssh_keypair?
-    provision_server.run "[ -f ~/.ssh/id_rsa.pub ]", home: true, quiet: true
-  end
-
-  def already_cloned?
-    provision_server.run "[ -d ~/#{project_name}/.git ]", home: true, quiet: true
-  end
-
-  def can_clone_project?
-    github_url = "git@github.com:botandrosedesign/#{project_name}"
-    provision_server.run [
-      "needle=$(ssh-keyscan -t ed25519 github.com 2>/dev/null | cut -d \" \" -f 2-3)",
-      "grep -q \"$needle\" ~/.ssh/known_hosts || ssh-keyscan -H github.com >> ~/.ssh/known_hosts 2>/dev/null",
-      "git ls-remote #{github_url}",
-    ].join("; "), home: true, quiet: true
-  end
-
-  def project_name
-    server.project_name
-  end
-
-  def on_latest_master?
-    provision_server.run [
-      "cd ~/#{project_name}",
-      "git fetch origin",
-      "[ $(git rev-parse HEAD) = $(git rev-parse origin/master) ]"
-    ].join(" && "), home: true, quiet: true
-  end
-
-  def update_to_latest_master!
-    provision_server.run! [
-      "cd ~/#{project_name}",
-      "git checkout master",
-      "git reset --hard origin/master"
-    ].join(" && "), home: true
-  end
-end
-

data/lib/bard/provision/rvm.rb

@@ -1,22 +0,0 @@
-# install rvm if missing
-
-class Bard::Provision::RVM < Bard::Provision
-  def call
-    print "RVM:"
-    if !provision_server.run "[ -d ~/.rvm ]", quiet: true
-      print " Installing RVM,"
-      provision_server.run! [
-        %(sed -i "1i[[ -s \\"$HOME/.rvm/scripts/rvm\\" ]] && source \\"$HOME/.rvm/scripts/rvm\\" # Load RVM into a shell session *as a function*" ~/.bashrc),
-        "gpg --keyserver keyserver.ubuntu.com --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB",
-        "curl -sSL https://get.rvm.io | bash -s stable",
-      ].join("; ")
-      version = File.read(".ruby-version").chomp
-      print " Installing Ruby #{version},"
-      provision_server.run! "rvm install #{version}"
-    end
-
-    puts " ✓"
-  end
-end
-
-

data/lib/bard/provision/ssh.rb

@@ -1,72 +0,0 @@
-# move ssh port
-# add to known hosts
-
-class Bard::Provision::SSH < Bard::Provision
-  def call
-    print "SSH:"
-
-    if password_auth_enabled?
-      print " Disabling password authentication,"
-      disable_password_auth!
-    end
-
-    if !ssh_available?(provision_server.ssh_uri, port: target_port)
-      if !ssh_available?(provision_server.ssh_uri)
-        raise "can't find SSH on port #{target_port} or #{provision_server.ssh_uri.port || 22}"
-      end
-      if !ssh_known_host?(provision_server.ssh_uri)
-        print " Adding known host,"
-        add_ssh_known_host!(provision_server.ssh_uri)
-      end
-      print " Reconfiguring port to #{target_port},"
-      provision_server.run! %(echo "Port #{target_port}" | sudo tee /etc/ssh/sshd_config.d/port_#{target_port}.conf; sudo service ssh restart), home: true
-    end
-
-    if !ssh_known_host?(provision_server.ssh_uri)
-      print " Adding known host,"
-      add_ssh_known_host!(provision_server.ssh_uri)
-    end
-
-    # provision with new target port from now on
-    ssh_url.gsub!(/:\d+$/, "")
-    ssh_url << ":#{target_port}"
-    puts " ✓"
-  end
-
-  private
-
-  def target_port
-    server.ssh_uri.port || 22
-  end
-
-  def ssh_available? ssh_uri, port: nil
-    port ||= ssh_uri.port || 22
-    system "nc -zv #{ssh_uri.host} #{port} 2>/dev/null"
-  end
-
-  def ssh_known_host? ssh_uri
-    port ||= ssh_uri.port || 22
-    system "grep -q \"$(ssh-keyscan -t ed25519 -p#{port} #{ssh_uri.host} 2>/dev/null | cut -d ' ' -f 2-3)\" ~/.ssh/known_hosts"
-  end
-
-  def add_ssh_known_host! ssh_uri
-    port ||= ssh_uri.port || 22
-    system "ssh-keyscan -p#{port} -H #{ssh_uri.host} >> ~/.ssh/known_hosts 2>/dev/null"
-  end
-
-  def password_auth_enabled?
-    result = provision_server.run!(
-      %q{grep -E '^\s*PasswordAuthentication\s+yes' /etc/ssh/sshd_config /etc/ssh/sshd_config.d/*.conf 2>/dev/null || true},
-      home: true,
-      capture: true
-    )
-    !!(result && !result.strip.empty?)
-  end
-
-  def disable_password_auth!
-    provision_server.run!(
-      %q{echo "PasswordAuthentication no" | sudo tee /etc/ssh/sshd_config.d/disable_password_auth.conf; sudo service ssh restart},
-      home: true
-    )
-  end
-end

data/lib/bard/provision/swapfile.rb

@@ -1,21 +0,0 @@
-# setup swapfile
-
-class Bard::Provision::Swapfile < Bard::Provision
-  def call
-    print "Swapfile:"
-
-    provision_server.run! <<~SH
-      if [ ! -f /swapfile ]; then
-        sudo fallocate -l $(grep MemTotal /proc/meminfo | awk '{print $2}')K /swapfile
-      fi
-      sudo chmod 600 /swapfile
-      sudo swapon --show | grep -q '/swapfile' || sudo mkswap /swapfile
-      sudo swapon --show | grep -q '/swapfile' || sudo swapon /swapfile
-      grep -q '/swapfile none swap sw 0 0' /etc/fstab || echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
-    SH
-
-    puts " ✓"
-  end
-end
-
-

data/lib/bard/provision/user.rb

@@ -1,42 +0,0 @@
-# rename user
-
-class Bard::Provision::User < Bard::Provision
-  def call
-    print "User:"
-
-    if !ssh_with_user?(provision_server.ssh_uri, user: new_user)
-      if !ssh_with_user?(provision_server.ssh_uri)
-        raise "can't ssh in with user #{new_user} or #{old_user}"
-      end
-      print " Adding user #{new_user},"
-      provision_server.run! [
-        "sudo useradd -m -s /bin/bash #{new_user}",
-        "sudo usermod -aG sudo #{new_user}",
-        "echo \"#{new_user} ALL=(ALL) NOPASSWD:ALL\" | sudo tee -a /etc/sudoers",
-        "sudo mkdir -p ~#{new_user}/.ssh",
-        "sudo cp ~/.ssh/authorized_keys ~#{new_user}/.ssh/authorized_keys",
-        "sudo chown -R #{new_user}:#{new_user} ~#{new_user}/.ssh",
-        "sudo chmod +rx ~#{new_user}", # so nginx and passenger can read it
-      ].join("; "), home: true
-    end
-
-    # provision with new user from now on
-    ssh_url.gsub!("#{old_user}@", "#{new_user}@")
-    puts " ✓"
-  end
-
-  private
-
-  def new_user
-    server.ssh_uri.user
-  end
-
-  def old_user
-    provision_server.ssh_uri.user
-  end
-
-  def ssh_with_user? ssh_uri, user: ssh_uri.user
-    system "ssh -o ConnectTimeout=2 -p#{ssh_uri.port || 22} #{user}@#{ssh_uri.host} : >/dev/null 2>&1"
-  end
-end
-

data/lib/bard/provision.rb

@@ -1,16 +0,0 @@
-module Bard
-  class Provision < Struct.new(:config, :ssh_url)
-    def self.call(...) = new(...).call
-
-    private
-
-    def server
-      config[:production]
-    end
-
-    def provision_server
-      server.with(ssh: ssh_url)
-    end
-  end
-end
-