bcalloway-slicehost 0.0.2.6 → 0.0.3.0

data/lib/capistrano/ext/slicehost/templates/nanorc.erb

@@ -0,0 +1,260 @@
+## Sample initialization file for GNU nano.
+##
+## Please note that you must have configured nano with --enable-nanorc
+## for this file to be read!  Also note that this file should not be in
+## DOS or Mac format, and that characters specially interpreted by the
+## shell should not be escaped here.
+##
+## To make sure a value is disabled, use "unset <option>".
+##
+## For the options that take parameters, the default value is given.
+## Other options are unset by default.
+##
+## Quotes inside string parameters don't have to be escaped with
+## backslashes.  The last double quote in the string will be treated as
+## its end.  For example, for the "brackets" option, ""')>]}" will match
+## ", ', ), >, ], and }.
+
+## Use auto-indentation.
+# set autoindent
+
+## Backup files to filename~.
+# set backup
+
+## The directory to put unique backup files in.
+# set backupdir ""
+
+## Do backwards searches by default.
+# set backwards
+
+## Use bold text instead of reverse video text.
+# set boldtext
+
+## The characters treated as closing brackets when justifying
+## paragraphs.  They cannot contain blank characters.  Only closing
+## punctuation, optionally followed by closing brackets, can end
+## sentences.
+##
+# set brackets ""')>]}"
+
+## Do case sensitive searches by default.
+# set casesensitive
+
+## Constantly display the cursor position in the statusbar.  Note that
+## this overrides "quickblank".
+# set const
+
+## Use cut to end of line by default.
+# set cut
+
+## Set the line length for wrapping text and justifying paragraphs.
+## If fill is 0 or less, the line length will be the screen width less
+## this number.
+##
+# set fill -8
+
+## Enable ~/.nano_history for saving and reading search/replace strings.
+set historylog
+
+## The opening and closing brackets that can be found by bracket
+## searches.  They cannot contain blank characters.  The former set must
+## come before the latter set, and both must be in the same order.
+##
+# set matchbrackets "(<[{)>]}"
+
+## Use the blank line below the titlebar as extra editing space.
+# set morespace
+
+## Enable mouse support, if available for your system.  When enabled,
+## mouse clicks can be used to place the cursor, set the mark (with a
+## double click), and execute shortcuts.  The mouse will work in the X
+## Window System, and on the console when gpm is running.
+##
+# set mouse
+
+## Allow multiple file buffers (inserting a file will put it into a
+## separate buffer).  You must have configured with --enable-multibuffer
+## for this to work.
+##
+# set multibuffer
+
+## Don't convert files from DOS/Mac format.
+# set noconvert
+
+## Don't follow symlinks when writing files.
+# set nofollow
+
+## Don't display the helpful shortcut lists at the bottom of the screen.
+# set nohelp
+
+## Don't add newlines to the ends of files.
+# set nonewlines
+
+## Don't wrap text at all.
+# set nowrap
+
+## Set operating directory.  nano will not read or write files outside
+## this directory and its subdirectories.  Also, the current directory
+## is changed to here, so any files are inserted from this dir.  A blank
+## string means the operating directory feature is turned off.
+##
+# set operatingdir ""
+
+## Preserve the XON and XOFF keys (^Q and ^S).
+# set preserve
+
+## The characters treated as closing punctuation when justifying
+## paragraphs.  They cannot contain blank characters.  Only closing
+## punctuation, optionally followed by closing brackets, can end
+## sentences.
+##
+# set punct "!.?"
+
+## Do quick statusbar blanking.  Statusbar messages will disappear after
+## 1 keystroke instead of 26.  Note that "const" overrides this.
+##
+# set quickblank
+
+## The email-quote string, used to justify email-quoted paragraphs.
+## This is an extended regular expression if your system supports them,
+## otherwise a literal string.  Default:
+# set quotestr "^([ 	]*[#:>\|}])+"
+## if you have extended regular expression support, otherwise:
+# set quotestr "> "
+
+## Fix Backspace/Delete confusion problem.
+set rebinddelete
+
+## Fix numeric keypad key confusion problem.
+# set rebindkeypad
+
+## Do extended regular expression searches by default.
+# set regexp
+
+## Make the Home key smarter.  When Home is pressed anywhere but at the
+## very beginning of non-whitespace characters on a line, the cursor
+## will jump to that beginning (either forwards or backwards).  If the
+## cursor is already at that position, it will jump to the true
+## beginning of the line.
+# set smarthome
+
+## Use smooth scrolling as the default.
+# set smooth
+
+## Use this spelling checker instead of the internal one.  This option
+## does not properly have a default value.
+##
+# set speller "aspell -x -c"
+
+## Allow nano to be suspended.
+set suspend
+
+## Use this tab size instead of the default; it must be greater than 0.
+# set tabsize 8
+
+## Convert typed tabs to spaces.
+# set tabstospaces
+
+## Save automatically on exit, don't prompt.
+# set tempfile
+
+## Disallow file modification.  Why would you want this in an rcfile? ;)
+# set view
+
+## The two single-column characters used to display the first characters
+## of tabs and spaces.  187 in ISO 8859-1 (0000BB in Unicode) and 183 in
+## ISO-8859-1 (0000B7 in Unicode) seem to be good values for these.
+# set whitespace "  "
+
+## Detect word boundaries more accurately by treating punctuation
+## characters as parts of words.
+# set wordbounds
+
+
+## Color setup
+##
+## Format:
+##
+## syntax "short description" ["filename regex" ...]
+##
+## The "none" syntax is reserved; specifying it on the command line is
+## the same as not having a syntax at all.  The "default" syntax is
+## special: it takes no filename regexes, and applies to files that
+## don't match any other syntax's filename regexes.
+##
+## color foreground,background "regex" ["regex"...]
+## or
+## icolor foreground,background "regex" ["regex"...]
+##
+## "color" will do case sensitive matches, while "icolor" will do case
+## insensitive matches.
+##
+## Valid colors: white, black, red, blue, green, yellow, magenta, cyan.
+## For foreground colors, you may use the prefix "bright" to get a
+## stronger highlight.
+##
+## To use multi-line regexes, use the start="regex" end="regex"
+## [start="regex" end="regex"...] format.
+##
+## If your system supports transparency, not specifying a background
+## color will use a transparent color.  If you don't want this, be sure
+## to set the background color to black or white.
+##
+## If you wish, you may put your syntaxes in separate files.  You can
+## make use of such files (which can only include "syntax", "color", and
+## "icolor" commands) as follows:
+##
+## include "/path/to/syntax_file.nanorc"
+##
+## Unless otherwise noted, the name of the syntax file (without the
+## ".nanorc" extension) should be the same as the "short description"
+## name inside that file.  These names are kept fairly short to make
+## them easier to remember and faster to type using nano's -Y option.
+##
+## All regexes should be extended regular expressions.
+
+
+## Nanorc files
+# include "/usr/share/nano/nanorc.nanorc"
+
+## C/C++
+# include "/usr/share/nano/c.nanorc"
+
+## HTML
+# include "/usr/share/nano/html.nanorc"
+
+## TeX
+# include "/usr/share/nano/tex.nanorc"
+
+## Quoted emails (under e.g. mutt)
+# include "/usr/share/nano/mutt.nanorc"
+
+## Patch files
+# include "/usr/share/nano/patch.nanorc"
+
+## Manpages
+# include "/usr/share/nano/man.nanorc"
+
+## Groff
+# include "/usr/share/nano/groff.nanorc"
+
+## Perl
+# include "/usr/share/nano/perl.nanorc"
+
+## Python
+# include "/usr/share/nano/python.nanorc"
+
+## Ruby
+# include "/usr/share/nano/ruby.nanorc"
+
+## Java
+# include "/usr/share/nano/java.nanorc"
+
+## Assembler
+# include "/usr/share/nano/asm.nanorc"
+
+## Bourne shell scripts
+# include "/usr/share/nano/sh.nanorc"
+
+## POV-Ray
+# include "/usr/share/nano/pov.nanorc"

data/lib/capistrano/ext/slicehost/templates/passenger.conf.erb

@@ -0,0 +1,2 @@
+PassengerRoot /opt/<%= ruby_enterprise_version %>/lib/ruby/gems/1.8/gems/passenger-<%= passenger_version %>
+PassengerRuby /opt/<%= ruby_enterprise_version %>/bin/ruby

data/lib/capistrano/ext/slicehost/templates/passenger.load.erb

@@ -0,0 +1 @@
+LoadModule passenger_module /opt/<%= ruby_enterprise_version %>/lib/ruby/gems/1.8/gems/passenger-<%= passenger_version %>/ext/apache2/mod_passenger.so

data/lib/capistrano/ext/slicehost/templates/sshd_config.erb

@@ -0,0 +1,81 @@
+# Package generated configuration file
+# See the sshd(8) manpage for details
+
+# What ports, IPs and protocols we listen for
+Port <%= ssh_options[:port] %>
+# Use these options to restrict which interfaces/protocols sshd will bind to
+#ListenAddress ::
+#ListenAddress 0.0.0.0
+Protocol 2
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+#Privilege Separation is turned on for security
+UsePrivilegeSeparation yes
+
+# Lifetime and size of ephemeral version 1 server key
+KeyRegenerationInterval 3600
+ServerKeyBits 768
+
+# Logging
+SyslogFacility AUTH
+LogLevel INFO
+
+# Authentication:
+LoginGraceTime 120
+PermitRootLogin no
+StrictModes yes
+
+RSAAuthentication yes
+PubkeyAuthentication yes
+#AuthorizedKeysFile	%h/.ssh/authorized_keys
+
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+# For this to work you will also need host keys in /etc/ssh_known_hosts
+RhostsRSAAuthentication no
+# similar for protocol version 2
+HostbasedAuthentication no
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#IgnoreUserKnownHosts yes
+
+# To enable empty passwords, change to yes (NOT RECOMMENDED)
+PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
+
+# Change to no to disable tunnelled clear text passwords
+PasswordAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosGetAFSToken no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+
+# GSSAPI options
+GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+X11Forwarding no
+X11DisplayOffset 10
+PrintMotd no
+PrintLastLog yes
+KeepAlive yes
+#UseLogin no
+
+#MaxStartups 10:30:60
+#Banner /etc/issue.net
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+UsePAM no
+
+UseDNS no
+
+AllowUsers <%= user %>

data/lib/capistrano/ext/slicehost/templates/vhost.erb

@@ -0,0 +1,8 @@
+<VirtualHost *:80>
+
+  ServerName  <%= domain %>
+  ServerAlias www.<%= domain %>
+
+  DocumentRoot <%= current_path %>/public
+
+</VirtualHost>

data/lib/capistrano/ext/slicehost/templates/vhost_nginx.erb

@@ -0,0 +1,23 @@
+server {
+    listen 80;
+    server_name <%= domain %>;
+    
+    root <%= current_path %>/public;
+    
+    client_max_body_size 10m;
+    client_body_buffer_size 128k;
+    
+    access_log <%= nginx_path %>/logs/<%= domain %>.access.log;
+    error_log <%= nginx_path %>/logs/<%= domain %>.error.log;
+        
+    
+    passenger_enabled on;
+    rails_env production;
+    
+    # this rewrites all the requests to the maintenance.html
+    # page if it exists in the doc root. This is for capistrano's
+    # disable web task
+    if (-f $document_root/system/maintenance.html) {
+      rewrite  ^(.*)$  /system/maintenance.html break;    
+    }
+}

data/lib/capistrano/ext/slicehost/templates/vimrc.erb

@@ -0,0 +1,4 @@
+set nocompatible
+syntax enable
+set autoindent
+filetype plugin indent on

data/lib/capistrano/ext/slicehost/useradd.rb

@@ -0,0 +1,68 @@
+ssh_options = { :keys => [File.expand_path("~/.ssh/id_dsa"),File.expand_path("~/.ssh/id_rsa") ], :port => 22 }
+
+namespace :useradd do
+
+	def ask_with_default(var, default)
+		set(var) do
+			Capistrano::CLI.ui.ask "#{var}? [#{default}] : "
+		end
+		
+		set var, default if eval("#{var.to_s}.empty?")
+	end
+
+  desc <<-DESC
+    Check that %sudo entry exists in the /etc/sudoers file. If the entry \
+    for the sudo group is not found then %sudo ALL=NOPASSWD: ALL is appended \
+    to the file. This makes it easy to create sudo users with this command.
+    
+    NOTE: this tasks requires the role 'gateway_as_root', i.e., root@host.com.
+  DESC
+	task :check_sudoers, :roles => :gateway_as_root do    	
+      sudo <<-END
+        sh -c 'grep -F "^%sudo " /etc/sudoers > /dev/null 2>&1 || test ! -f /etc/sudoers || echo "%sudo ALL=NOPASSWD: ALL" >> /etc/sudoers'
+      END
+  end
+
+  desc <<-DESC
+    Interactive adduser with login, groups and shell.
+    
+    Creates a login account on the remote host and uploads your local \
+    public SSH keys to the server. The keys are placed into the .ssh folder of \
+    the newly created account.
+    
+    A final check is done to make sure %sudo entry exists in the \
+    /etc/sudoers file. If the entry for the sudo group is not found then %sudo \   
+    ALL=NOPASSWD: ALL is appended to the file. This makes it easy to create sudo \
+    users with this command.
+    
+    NOTE: this tasks requires the role 'gateway_as_root', i.e., root@host.com.
+  DESC
+	task :setup, :roles => :gateway_as_root do    	
+		ask_with_default(:username, user)
+		ask_with_default(:groups, "users,sudo")
+		ask_with_default(:login_shell, "/bin/bash")
+	
+    authorized_keys = ssh_options[:keys].collect { |key|
+      begin
+        File.read("#{key}.pub")
+      rescue Errno::ENOENT
+      end
+    }.join("\n")
+ 
+		sudo "useradd -s #{login_shell} -G #{groups} -m #{username}"
+    
+    put(authorized_keys, 
+      "/tmp/authorized_keys.#{username}.tmp", :mode => 0600 )
+    cmds = [
+        "mkdir -p ~#{username}/.ssh",
+        "mv /tmp/authorized_keys.#{username}.tmp ~#{username}/.ssh/authorized_keys",
+        "chown -R #{username}:#{username} ~#{username}/.ssh",
+        "chmod 700 ~#{username}/.ssh"
+      ]
+      cmds.each do |cmd|
+        sudo cmd
+      end
+    
+    check_sudoers
+	end
+end