capistrano-exfel 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +17 -0
- data/.rubocop.yml +20 -0
- data/Gemfile +7 -0
- data/LICENSE.txt +22 -0
- data/README.md +31 -0
- data/Rakefile +1 -0
- data/capistrano-exfel.gemspec +24 -0
- data/config/recipes/apache_http.conf +46 -0
- data/config/recipes/apache_ssl.conf +252 -0
- data/config/recipes/config/database_mysql.yml +38 -0
- data/config/recipes/config/database_postgresql.yml +41 -0
- data/config/recipes/config/database_sqlite.yml +18 -0
- data/config/recipes/config/secrets_example.yml +47 -0
- data/lib/capistrano/exfel.rb +7 -0
- data/lib/capistrano/exfel/sl6.rb +19 -0
- data/lib/capistrano/exfel/version.rb +6 -0
- data/lib/capistrano/tasks/apache.rake +354 -0
- data/lib/capistrano/tasks/app_home.rake +127 -0
- data/lib/capistrano/tasks/application.rake +224 -0
- data/lib/capistrano/tasks/database.rake +106 -0
- data/lib/capistrano/tasks/secrets.rake +106 -0
- data/lib/capistrano/tasks/util.rake +56 -0
- metadata +96 -0
@@ -0,0 +1,106 @@
|
|
1
|
+
namespace :secrets do
|
2
|
+
desc 'Create secrets.yml in shared path'
|
3
|
+
task :configure do
|
4
|
+
on roles(:app) do
|
5
|
+
set :secrets_file_path, "#{fetch(:shared_path)}/config/secrets.yml"
|
6
|
+
|
7
|
+
invoke 'secrets:set_permissions_pre_update'
|
8
|
+
invoke 'secrets:set_secrets_file'
|
9
|
+
invoke 'secrets:replace_token'
|
10
|
+
invoke 'secrets:set_permissions_post_update'
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
desc 'Update Application secret in file secrets.yml'
|
15
|
+
task :update_app_secret do
|
16
|
+
on roles(:app) do
|
17
|
+
set :secrets_file_path, "#{fetch(:shared_path)}/config/secrets.yml"
|
18
|
+
|
19
|
+
invoke 'secrets:set_permissions_pre_update'
|
20
|
+
invoke 'secrets:replace_token'
|
21
|
+
invoke 'secrets:set_permissions_post_update'
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
# desc 'Set (create or replace) secrets.yml in the shared path'
|
26
|
+
task :set_secrets_file do
|
27
|
+
on roles(:app) do
|
28
|
+
debug '#' * 50
|
29
|
+
debug 'Create and configure secrets.yml file'
|
30
|
+
secrets_file_path = "#{fetch(:secrets_file_path)}"
|
31
|
+
|
32
|
+
set :secrets_original_file_path, 'config/recipes/config/secrets_example.yml'
|
33
|
+
|
34
|
+
unless remote_file_exists?(secrets_file_path)
|
35
|
+
upload! StringIO.new(File.read("#{fetch(:secrets_original_file_path)}")), "#{fetch(:secrets_file_path)}"
|
36
|
+
end
|
37
|
+
|
38
|
+
debug '#' * 50
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
# desc 'Replace the secure secret key in your secrets.yml'
|
43
|
+
task :replace_token do
|
44
|
+
on roles(:app) do
|
45
|
+
debug '#' * 50
|
46
|
+
|
47
|
+
pattern = 'secret_key_base:.*'
|
48
|
+
new_secret = "secret_key_base: '#{SecureRandom.hex(64)}'"
|
49
|
+
secrets_file_path = "#{fetch(:secrets_file_path)}"
|
50
|
+
|
51
|
+
if remote_file_exists?(secrets_file_path)
|
52
|
+
num_occurrences = get_num_occurrences_in_file(secrets_file_path, pattern)
|
53
|
+
|
54
|
+
if num_occurrences == 0
|
55
|
+
error "no secret token found in #{secrets_file_path}"
|
56
|
+
exit 1
|
57
|
+
end
|
58
|
+
else
|
59
|
+
error "file #{secrets_file_path} not found"
|
60
|
+
exit 1
|
61
|
+
end
|
62
|
+
|
63
|
+
command = "sed -i -e \"s/#{pattern}/#{new_secret}/g\" #{secrets_file_path}"
|
64
|
+
debug command
|
65
|
+
execute command
|
66
|
+
|
67
|
+
debug 'Secret token successfully replaced'
|
68
|
+
debug '#' * 50
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
# desc 'Correct secrets.yml file permissions before change the file'
|
73
|
+
task :set_permissions_pre_update do
|
74
|
+
on roles(:app) do
|
75
|
+
sudo_cmd = "echo #{fetch(:password)} | sudo -S"
|
76
|
+
|
77
|
+
debug '#' * 50
|
78
|
+
|
79
|
+
chmod_command = "chmod -f 777 #{fetch(:secrets_file_path)} || true"
|
80
|
+
debug chmod_command
|
81
|
+
execute "#{sudo_cmd} #{chmod_command}"
|
82
|
+
|
83
|
+
debug '#' * 50
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
# desc 'Correct secrets.yml file permissions after change the file'
|
88
|
+
task :set_permissions_post_update do
|
89
|
+
on roles(:app) do
|
90
|
+
sudo_cmd = "echo #{fetch(:password)} | sudo -S"
|
91
|
+
|
92
|
+
debug '#' * 50
|
93
|
+
|
94
|
+
# Update database.yml user and group owners
|
95
|
+
chown_command = "chown nobody.#{fetch(:app_group_owner)} #{fetch(:secrets_file_path)}"
|
96
|
+
debug chown_command
|
97
|
+
execute "#{sudo_cmd} #{chown_command}"
|
98
|
+
|
99
|
+
chmod_command = "chmod 440 #{fetch(:secrets_file_path)}"
|
100
|
+
debug chmod_command
|
101
|
+
execute "#{sudo_cmd} #{chmod_command}"
|
102
|
+
|
103
|
+
debug '#' * 50
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
@@ -0,0 +1,56 @@
|
|
1
|
+
def remote_file_exists?(full_path)
|
2
|
+
'true' == get_command_output("if [ -e #{full_path} ]; then echo 'true'; fi")
|
3
|
+
end
|
4
|
+
|
5
|
+
def get_num_occurrences_in_file(file_path, string)
|
6
|
+
get_command_output("less #{file_path} | grep '#{string}' | wc -l").to_i
|
7
|
+
end
|
8
|
+
|
9
|
+
def get_command_output(command)
|
10
|
+
capture("#{command}").strip
|
11
|
+
end
|
12
|
+
|
13
|
+
def execute_rake_command(task)
|
14
|
+
within release_path do
|
15
|
+
execute :rake, task, "RAILS_ENV=#{fetch(:environment)}"
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
namespace :util do
|
20
|
+
desc 'Report Server Uptimes'
|
21
|
+
task :uptime do
|
22
|
+
on roles(:all) do |host|
|
23
|
+
info "Host #{host} (#{host.roles.to_a.join(', ')}):\t#{get_command_output(:uptime)}"
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
desc 'Run rake command'
|
28
|
+
task :runrake do
|
29
|
+
# Usage: cap [development|test|production] util:runrake task=secret
|
30
|
+
on roles(:all), in: :sequence, wait: 5 do
|
31
|
+
execute_rake_command(ENV['task'])
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
desc 'Report Server klist (Kerberos Tickets)'
|
36
|
+
task :klist do
|
37
|
+
on roles(:app, :web) do
|
38
|
+
info '#' * 100
|
39
|
+
info '#' * 10 + ' ===> KLIST <=== '
|
40
|
+
info '#' * 10 + execute_rake_command('klist').to_s
|
41
|
+
info '#' * 100
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
task :query_interactive do
|
46
|
+
on roles(:web) do
|
47
|
+
info execute_rake_command("[[ $- == *i* ]] && echo 'Interactive' || echo 'Not interactive'")
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
task :query_login do
|
52
|
+
on roles(:web) do
|
53
|
+
info execute_rake_command("shopt -q login_shell && echo 'Login shell' || echo 'Not login shell'")
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
metadata
ADDED
@@ -0,0 +1,96 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: capistrano-exfel
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Luis Maia
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-03-30 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.7'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.7'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '10.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '10.0'
|
41
|
+
description: Deployment of Ruby on Rails 4 Applications in EXFEL VMs gem (Scientific
|
42
|
+
Linux + Apache + RVM + Phusion Passenger) using Capistrano3
|
43
|
+
email:
|
44
|
+
- luisgoncalo.maia@gmail.com
|
45
|
+
executables: []
|
46
|
+
extensions: []
|
47
|
+
extra_rdoc_files: []
|
48
|
+
files:
|
49
|
+
- ".gitignore"
|
50
|
+
- ".rubocop.yml"
|
51
|
+
- Gemfile
|
52
|
+
- LICENSE.txt
|
53
|
+
- README.md
|
54
|
+
- Rakefile
|
55
|
+
- capistrano-exfel.gemspec
|
56
|
+
- config/recipes/apache_http.conf
|
57
|
+
- config/recipes/apache_ssl.conf
|
58
|
+
- config/recipes/config/database_mysql.yml
|
59
|
+
- config/recipes/config/database_postgresql.yml
|
60
|
+
- config/recipes/config/database_sqlite.yml
|
61
|
+
- config/recipes/config/secrets_example.yml
|
62
|
+
- lib/capistrano/exfel.rb
|
63
|
+
- lib/capistrano/exfel/sl6.rb
|
64
|
+
- lib/capistrano/exfel/version.rb
|
65
|
+
- lib/capistrano/tasks/apache.rake
|
66
|
+
- lib/capistrano/tasks/app_home.rake
|
67
|
+
- lib/capistrano/tasks/application.rake
|
68
|
+
- lib/capistrano/tasks/database.rake
|
69
|
+
- lib/capistrano/tasks/secrets.rake
|
70
|
+
- lib/capistrano/tasks/util.rake
|
71
|
+
homepage: ''
|
72
|
+
licenses:
|
73
|
+
- MIT
|
74
|
+
metadata: {}
|
75
|
+
post_install_message:
|
76
|
+
rdoc_options: []
|
77
|
+
require_paths:
|
78
|
+
- lib
|
79
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '0'
|
84
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
85
|
+
requirements:
|
86
|
+
- - ">="
|
87
|
+
- !ruby/object:Gem::Version
|
88
|
+
version: '0'
|
89
|
+
requirements: []
|
90
|
+
rubyforge_project:
|
91
|
+
rubygems_version: 2.4.3
|
92
|
+
signing_key:
|
93
|
+
specification_version: 4
|
94
|
+
summary: Deploy Ruby on Rails 4 Applications in EXFEL VMs (Scientific Linux using
|
95
|
+
Apache and Passenger)
|
96
|
+
test_files: []
|