capistrano-exfel 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +17 -0
- data/.rubocop.yml +20 -0
- data/Gemfile +7 -0
- data/LICENSE.txt +22 -0
- data/README.md +31 -0
- data/Rakefile +1 -0
- data/capistrano-exfel.gemspec +24 -0
- data/config/recipes/apache_http.conf +46 -0
- data/config/recipes/apache_ssl.conf +252 -0
- data/config/recipes/config/database_mysql.yml +38 -0
- data/config/recipes/config/database_postgresql.yml +41 -0
- data/config/recipes/config/database_sqlite.yml +18 -0
- data/config/recipes/config/secrets_example.yml +47 -0
- data/lib/capistrano/exfel.rb +7 -0
- data/lib/capistrano/exfel/sl6.rb +19 -0
- data/lib/capistrano/exfel/version.rb +6 -0
- data/lib/capistrano/tasks/apache.rake +354 -0
- data/lib/capistrano/tasks/app_home.rake +127 -0
- data/lib/capistrano/tasks/application.rake +224 -0
- data/lib/capistrano/tasks/database.rake +106 -0
- data/lib/capistrano/tasks/secrets.rake +106 -0
- data/lib/capistrano/tasks/util.rake +56 -0
- metadata +96 -0
@@ -0,0 +1,106 @@
|
|
1
|
+
namespace :secrets do
|
2
|
+
desc 'Create secrets.yml in shared path'
|
3
|
+
task :configure do
|
4
|
+
on roles(:app) do
|
5
|
+
set :secrets_file_path, "#{fetch(:shared_path)}/config/secrets.yml"
|
6
|
+
|
7
|
+
invoke 'secrets:set_permissions_pre_update'
|
8
|
+
invoke 'secrets:set_secrets_file'
|
9
|
+
invoke 'secrets:replace_token'
|
10
|
+
invoke 'secrets:set_permissions_post_update'
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
desc 'Update Application secret in file secrets.yml'
|
15
|
+
task :update_app_secret do
|
16
|
+
on roles(:app) do
|
17
|
+
set :secrets_file_path, "#{fetch(:shared_path)}/config/secrets.yml"
|
18
|
+
|
19
|
+
invoke 'secrets:set_permissions_pre_update'
|
20
|
+
invoke 'secrets:replace_token'
|
21
|
+
invoke 'secrets:set_permissions_post_update'
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
# desc 'Set (create or replace) secrets.yml in the shared path'
|
26
|
+
task :set_secrets_file do
|
27
|
+
on roles(:app) do
|
28
|
+
debug '#' * 50
|
29
|
+
debug 'Create and configure secrets.yml file'
|
30
|
+
secrets_file_path = "#{fetch(:secrets_file_path)}"
|
31
|
+
|
32
|
+
set :secrets_original_file_path, 'config/recipes/config/secrets_example.yml'
|
33
|
+
|
34
|
+
unless remote_file_exists?(secrets_file_path)
|
35
|
+
upload! StringIO.new(File.read("#{fetch(:secrets_original_file_path)}")), "#{fetch(:secrets_file_path)}"
|
36
|
+
end
|
37
|
+
|
38
|
+
debug '#' * 50
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
# desc 'Replace the secure secret key in your secrets.yml'
|
43
|
+
task :replace_token do
|
44
|
+
on roles(:app) do
|
45
|
+
debug '#' * 50
|
46
|
+
|
47
|
+
pattern = 'secret_key_base:.*'
|
48
|
+
new_secret = "secret_key_base: '#{SecureRandom.hex(64)}'"
|
49
|
+
secrets_file_path = "#{fetch(:secrets_file_path)}"
|
50
|
+
|
51
|
+
if remote_file_exists?(secrets_file_path)
|
52
|
+
num_occurrences = get_num_occurrences_in_file(secrets_file_path, pattern)
|
53
|
+
|
54
|
+
if num_occurrences == 0
|
55
|
+
error "no secret token found in #{secrets_file_path}"
|
56
|
+
exit 1
|
57
|
+
end
|
58
|
+
else
|
59
|
+
error "file #{secrets_file_path} not found"
|
60
|
+
exit 1
|
61
|
+
end
|
62
|
+
|
63
|
+
command = "sed -i -e \"s/#{pattern}/#{new_secret}/g\" #{secrets_file_path}"
|
64
|
+
debug command
|
65
|
+
execute command
|
66
|
+
|
67
|
+
debug 'Secret token successfully replaced'
|
68
|
+
debug '#' * 50
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
# desc 'Correct secrets.yml file permissions before change the file'
|
73
|
+
task :set_permissions_pre_update do
|
74
|
+
on roles(:app) do
|
75
|
+
sudo_cmd = "echo #{fetch(:password)} | sudo -S"
|
76
|
+
|
77
|
+
debug '#' * 50
|
78
|
+
|
79
|
+
chmod_command = "chmod -f 777 #{fetch(:secrets_file_path)} || true"
|
80
|
+
debug chmod_command
|
81
|
+
execute "#{sudo_cmd} #{chmod_command}"
|
82
|
+
|
83
|
+
debug '#' * 50
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
# desc 'Correct secrets.yml file permissions after change the file'
|
88
|
+
task :set_permissions_post_update do
|
89
|
+
on roles(:app) do
|
90
|
+
sudo_cmd = "echo #{fetch(:password)} | sudo -S"
|
91
|
+
|
92
|
+
debug '#' * 50
|
93
|
+
|
94
|
+
# Update database.yml user and group owners
|
95
|
+
chown_command = "chown nobody.#{fetch(:app_group_owner)} #{fetch(:secrets_file_path)}"
|
96
|
+
debug chown_command
|
97
|
+
execute "#{sudo_cmd} #{chown_command}"
|
98
|
+
|
99
|
+
chmod_command = "chmod 440 #{fetch(:secrets_file_path)}"
|
100
|
+
debug chmod_command
|
101
|
+
execute "#{sudo_cmd} #{chmod_command}"
|
102
|
+
|
103
|
+
debug '#' * 50
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
@@ -0,0 +1,56 @@
|
|
1
|
+
def remote_file_exists?(full_path)
|
2
|
+
'true' == get_command_output("if [ -e #{full_path} ]; then echo 'true'; fi")
|
3
|
+
end
|
4
|
+
|
5
|
+
def get_num_occurrences_in_file(file_path, string)
|
6
|
+
get_command_output("less #{file_path} | grep '#{string}' | wc -l").to_i
|
7
|
+
end
|
8
|
+
|
9
|
+
def get_command_output(command)
|
10
|
+
capture("#{command}").strip
|
11
|
+
end
|
12
|
+
|
13
|
+
def execute_rake_command(task)
|
14
|
+
within release_path do
|
15
|
+
execute :rake, task, "RAILS_ENV=#{fetch(:environment)}"
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
namespace :util do
|
20
|
+
desc 'Report Server Uptimes'
|
21
|
+
task :uptime do
|
22
|
+
on roles(:all) do |host|
|
23
|
+
info "Host #{host} (#{host.roles.to_a.join(', ')}):\t#{get_command_output(:uptime)}"
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
desc 'Run rake command'
|
28
|
+
task :runrake do
|
29
|
+
# Usage: cap [development|test|production] util:runrake task=secret
|
30
|
+
on roles(:all), in: :sequence, wait: 5 do
|
31
|
+
execute_rake_command(ENV['task'])
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
desc 'Report Server klist (Kerberos Tickets)'
|
36
|
+
task :klist do
|
37
|
+
on roles(:app, :web) do
|
38
|
+
info '#' * 100
|
39
|
+
info '#' * 10 + ' ===> KLIST <=== '
|
40
|
+
info '#' * 10 + execute_rake_command('klist').to_s
|
41
|
+
info '#' * 100
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
task :query_interactive do
|
46
|
+
on roles(:web) do
|
47
|
+
info execute_rake_command("[[ $- == *i* ]] && echo 'Interactive' || echo 'Not interactive'")
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
task :query_login do
|
52
|
+
on roles(:web) do
|
53
|
+
info execute_rake_command("shopt -q login_shell && echo 'Login shell' || echo 'Not login shell'")
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
metadata
ADDED
@@ -0,0 +1,96 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: capistrano-exfel
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Luis Maia
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-03-30 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.7'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.7'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '10.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '10.0'
|
41
|
+
description: Deployment of Ruby on Rails 4 Applications in EXFEL VMs gem (Scientific
|
42
|
+
Linux + Apache + RVM + Phusion Passenger) using Capistrano3
|
43
|
+
email:
|
44
|
+
- luisgoncalo.maia@gmail.com
|
45
|
+
executables: []
|
46
|
+
extensions: []
|
47
|
+
extra_rdoc_files: []
|
48
|
+
files:
|
49
|
+
- ".gitignore"
|
50
|
+
- ".rubocop.yml"
|
51
|
+
- Gemfile
|
52
|
+
- LICENSE.txt
|
53
|
+
- README.md
|
54
|
+
- Rakefile
|
55
|
+
- capistrano-exfel.gemspec
|
56
|
+
- config/recipes/apache_http.conf
|
57
|
+
- config/recipes/apache_ssl.conf
|
58
|
+
- config/recipes/config/database_mysql.yml
|
59
|
+
- config/recipes/config/database_postgresql.yml
|
60
|
+
- config/recipes/config/database_sqlite.yml
|
61
|
+
- config/recipes/config/secrets_example.yml
|
62
|
+
- lib/capistrano/exfel.rb
|
63
|
+
- lib/capistrano/exfel/sl6.rb
|
64
|
+
- lib/capistrano/exfel/version.rb
|
65
|
+
- lib/capistrano/tasks/apache.rake
|
66
|
+
- lib/capistrano/tasks/app_home.rake
|
67
|
+
- lib/capistrano/tasks/application.rake
|
68
|
+
- lib/capistrano/tasks/database.rake
|
69
|
+
- lib/capistrano/tasks/secrets.rake
|
70
|
+
- lib/capistrano/tasks/util.rake
|
71
|
+
homepage: ''
|
72
|
+
licenses:
|
73
|
+
- MIT
|
74
|
+
metadata: {}
|
75
|
+
post_install_message:
|
76
|
+
rdoc_options: []
|
77
|
+
require_paths:
|
78
|
+
- lib
|
79
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '0'
|
84
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
85
|
+
requirements:
|
86
|
+
- - ">="
|
87
|
+
- !ruby/object:Gem::Version
|
88
|
+
version: '0'
|
89
|
+
requirements: []
|
90
|
+
rubyforge_project:
|
91
|
+
rubygems_version: 2.4.3
|
92
|
+
signing_key:
|
93
|
+
specification_version: 4
|
94
|
+
summary: Deploy Ruby on Rails 4 Applications in EXFEL VMs (Scientific Linux using
|
95
|
+
Apache and Passenger)
|
96
|
+
test_files: []
|