capistrano-exfel 0.0.1

data/lib/capistrano/tasks/secrets.rake

@@ -0,0 +1,106 @@
+namespace :secrets do
+  desc 'Create secrets.yml in shared path'
+  task :configure do
+    on roles(:app) do
+      set :secrets_file_path, "#{fetch(:shared_path)}/config/secrets.yml"
+
+      invoke 'secrets:set_permissions_pre_update'
+      invoke 'secrets:set_secrets_file'
+      invoke 'secrets:replace_token'
+      invoke 'secrets:set_permissions_post_update'
+    end
+  end
+
+  desc 'Update Application secret in file secrets.yml'
+  task :update_app_secret do
+    on roles(:app) do
+      set :secrets_file_path, "#{fetch(:shared_path)}/config/secrets.yml"
+
+      invoke 'secrets:set_permissions_pre_update'
+      invoke 'secrets:replace_token'
+      invoke 'secrets:set_permissions_post_update'
+    end
+  end
+
+  # desc 'Set (create or replace) secrets.yml in the shared path'
+  task :set_secrets_file do
+    on roles(:app) do
+      debug '#' * 50
+      debug 'Create and configure secrets.yml file'
+      secrets_file_path = "#{fetch(:secrets_file_path)}"
+
+      set :secrets_original_file_path, 'config/recipes/config/secrets_example.yml'
+
+      unless remote_file_exists?(secrets_file_path)
+        upload! StringIO.new(File.read("#{fetch(:secrets_original_file_path)}")), "#{fetch(:secrets_file_path)}"
+      end
+
+      debug '#' * 50
+    end
+  end
+
+  # desc 'Replace the secure secret key in your secrets.yml'
+  task :replace_token do
+    on roles(:app) do
+      debug '#' * 50
+
+      pattern = 'secret_key_base:.*'
+      new_secret = "secret_key_base: '#{SecureRandom.hex(64)}'"
+      secrets_file_path = "#{fetch(:secrets_file_path)}"
+
+      if remote_file_exists?(secrets_file_path)
+        num_occurrences = get_num_occurrences_in_file(secrets_file_path, pattern)
+
+        if num_occurrences == 0
+          error "no secret token found in #{secrets_file_path}"
+          exit 1
+        end
+      else
+        error "file #{secrets_file_path} not found"
+        exit 1
+      end
+
+      command = "sed -i -e \"s/#{pattern}/#{new_secret}/g\" #{secrets_file_path}"
+      debug command
+      execute command
+
+      debug 'Secret token successfully replaced'
+      debug '#' * 50
+    end
+  end
+
+  # desc 'Correct secrets.yml file permissions before change the file'
+  task :set_permissions_pre_update do
+    on roles(:app) do
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      debug '#' * 50
+
+      chmod_command = "chmod -f 777 #{fetch(:secrets_file_path)} || true"
+      debug chmod_command
+      execute "#{sudo_cmd} #{chmod_command}"
+
+      debug '#' * 50
+    end
+  end
+
+  # desc 'Correct secrets.yml file permissions after change the file'
+  task :set_permissions_post_update do
+    on roles(:app) do
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      debug '#' * 50
+
+      # Update database.yml user and group owners
+      chown_command = "chown nobody.#{fetch(:app_group_owner)} #{fetch(:secrets_file_path)}"
+      debug chown_command
+      execute "#{sudo_cmd} #{chown_command}"
+
+      chmod_command = "chmod 440 #{fetch(:secrets_file_path)}"
+      debug chmod_command
+      execute "#{sudo_cmd} #{chmod_command}"
+
+      debug '#' * 50
+    end
+  end
+end

data/lib/capistrano/tasks/util.rake

@@ -0,0 +1,56 @@
+def remote_file_exists?(full_path)
+  'true' == get_command_output("if [ -e #{full_path} ]; then echo 'true'; fi")
+end
+
+def get_num_occurrences_in_file(file_path, string)
+  get_command_output("less #{file_path} | grep '#{string}' | wc -l").to_i
+end
+
+def get_command_output(command)
+  capture("#{command}").strip
+end
+
+def execute_rake_command(task)
+  within release_path do
+    execute :rake, task, "RAILS_ENV=#{fetch(:environment)}"
+  end
+end
+
+namespace :util do
+  desc 'Report Server Uptimes'
+  task :uptime do
+    on roles(:all) do |host|
+      info "Host #{host} (#{host.roles.to_a.join(', ')}):\t#{get_command_output(:uptime)}"
+    end
+  end
+
+  desc 'Run rake command'
+  task :runrake do
+    # Usage: cap [development|test|production] util:runrake task=secret
+    on roles(:all), in: :sequence, wait: 5 do
+      execute_rake_command(ENV['task'])
+    end
+  end
+
+  desc 'Report Server klist (Kerberos Tickets)'
+  task :klist do
+    on roles(:app, :web) do
+      info '#' * 100
+      info '#' * 10 + ' ===> KLIST <=== '
+      info '#' * 10 + execute_rake_command('klist').to_s
+      info '#' * 100
+    end
+  end
+
+  task :query_interactive do
+    on roles(:web) do
+      info execute_rake_command("[[ $- == *i* ]] && echo 'Interactive' || echo 'Not interactive'")
+    end
+  end
+
+  task :query_login do
+    on roles(:web) do
+      info execute_rake_command("shopt -q login_shell && echo 'Login shell' || echo 'Not login shell'")
+    end
+  end
+end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification
+name: capistrano-exfel
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Luis Maia
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-03-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+description: Deployment of Ruby on Rails 4 Applications in EXFEL VMs gem (Scientific
+  Linux + Apache + RVM + Phusion Passenger) using Capistrano3
+email:
+- luisgoncalo.maia@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rubocop.yml"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- capistrano-exfel.gemspec
+- config/recipes/apache_http.conf
+- config/recipes/apache_ssl.conf
+- config/recipes/config/database_mysql.yml
+- config/recipes/config/database_postgresql.yml
+- config/recipes/config/database_sqlite.yml
+- config/recipes/config/secrets_example.yml
+- lib/capistrano/exfel.rb
+- lib/capistrano/exfel/sl6.rb
+- lib/capistrano/exfel/version.rb
+- lib/capistrano/tasks/apache.rake
+- lib/capistrano/tasks/app_home.rake
+- lib/capistrano/tasks/application.rake
+- lib/capistrano/tasks/database.rake
+- lib/capistrano/tasks/secrets.rake
+- lib/capistrano/tasks/util.rake
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.3
+signing_key: 
+specification_version: 4
+summary: Deploy Ruby on Rails 4 Applications in EXFEL VMs (Scientific Linux using
+  Apache and Passenger)
+test_files: []