capistrano-exfel 0.2.2 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a12ee64c6c95bd3aa5e82e0ccef17dc88b1e434ee2148a346bb6d61357467fd5
-  data.tar.gz: e9a15450e04f59f14fde3e420096496fbeaf9a99b4db9eef348f94b15cf70735
+  metadata.gz: d086fd4c9e4f16c7f68d37876de7ef24704e010fc19a41faec2447ecc86072b2
+  data.tar.gz: 01e8177b84dc63483b996d26e4ebd8cd7589ff7d0c6aaf1b6ff533f60d76ed56
 SHA512:
-  metadata.gz: e436f864ca19dc36c026c58b4ef611c94522db49e2ee4a004033822cbd3efee947e7267bf17a93dc5f9e144f7b270c11c0be0a28d5a3bd136770ffcbeca5e13e
-  data.tar.gz: fb090a9da42207a3df66ac37f7c88dc520d79ea0d8868674aba4056a8a29464aba68af57a61923d7ba22e60822e4891abf9dd880432ca471ddf6030f9188d5b7
+  metadata.gz: 83c826336eef52236f1d1f264a1a355916652023b583858e4fb949e6a1b7dd2b14203db5d8b37286aff507ad711df99f31eac896bee8403ed29962a1d3414b1b
+  data.tar.gz: 517745ce8bd5d2646f460582c48f4145749df2334ed17f177e99760ff92c00278546e835a3417e021748b36a00d5ef883784031c25d3c956beaacb64b3a9d14a

data/.rubocop.yml

@@ -24,12 +24,6 @@ Style/Lambda:
 Metrics/BlockLength:
   Max: 160 # Default 25
 
-#
-# Use 2 spaces for indentation in a heredoc by using some library(e.g. ActiveSupport's String#strip_heredoc).
-Style/IndentHeredoc:
-  Exclude:
-    - 'lib/capistrano/tasks/apache_sl6.rake'
-
 # Use meaningful heredoc delimiters.
 Naming/HeredocDelimiterNaming:
   Enabled: false

data/Gemfile

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 # Specify your gem's dependencies in capistrano-exfel.gemspec
 gemspec
 
 # Use Rubocop to validate ruby code syntax
-gem 'rubocop', '0.60.0', require: false, group: :development
+gem 'rubocop', '0.79.0', require: false, group: :development

data/README.md

@@ -9,8 +9,8 @@ Installation of Phusion Passenger and RVM are also required to this gem.
 Add these lines to your application's Gemfile:
 
     # Use Capistrano for deployment
-    gem 'capistrano', '3.11.0', require: false
-    gem 'capistrano-exfel', '0.2.2', require: false
+    gem 'capistrano', '3.11.2', require: false
+    gem 'capistrano-exfel', '0.3.0', require: false
     gem 'capistrano-rails', '1.4.0', require: false
     gem 'capistrano-rvm', '0.1.2', require: false
 

data/Rakefile

@@ -1 +1,3 @@
+# frozen_string_literal: true
+
 require 'bundler/gem_tasks'

data/capistrano-exfel.gemspec

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'capistrano/exfel/version'
@@ -9,7 +11,7 @@ Gem::Specification.new do |spec|
   spec.email         = %w[luisgoncalo.maia@gmail.com maurizio.manetti@xfel.eu]
   spec.summary       = 'Deploy Ruby on Rails 4 and 5 Applications in EXFEL Virtual Machines'
   spec.description = 'Deployment of Ruby on Rails Applications in EXFEL Virtual Machines ' \
-                        '(Scientific Linux / CentOS 7 / Ubuntu 14 + Apache + RVM + Phusion Passenger) ' \
+                        '(CentOS 7 + Apache + RVM + Phusion Passenger) ' \
                         'using Capistrano3 and LDAP'
   spec.homepage      = 'https://github.com/luismaia/capistrano-exfel'
   spec.license       = 'MIT'
@@ -19,6 +21,6 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ['lib']
 
-  spec.add_development_dependency 'bundler', '~> 1.17'
-  spec.add_development_dependency 'rake', '~> 12.0'
+  spec.add_development_dependency 'bundler', '~> 2.0'
+  spec.add_development_dependency 'rake', '~> 13.0'
 end

data/capistrano.graph

@@ -1,66 +1,96 @@
 digraph {
-
-	rankdir=LR; 
+    rankdir=LR;
+    ordering=out ;
+	edge [arrowhead=open;fontname=Arial;labeldistance=0];
 	node [shape=box;fontname=Arial];
+	// splines=ortho;
 
-	"application:deploy_first_time" -> "app_home:deploy_first_time_start_msg";
-	"application:deploy_first_time" -> "app_home:create_all";
-	"application:deploy_first_time" -> "database:configure_mysql";
-	"application:deploy_first_time" -> "secrets:configure";
-	"application:deploy_first_time" -> "apache:configure_and_start";
-	"application:deploy_first_time" -> "apache:check_write_permissions";
-	"application:deploy_first_time" -> deploy;
-	"application:deploy_first_time" -> "app_home:correct_shared_permissions";
-	"application:deploy_first_time" -> "application:restart";
-
-	"application:deploy" -> "app_home:deploy_start_msg";
-	"application:deploy" -> "secrets:update_app_secret";
-	"application:deploy" -> deploy;
-	"application:deploy" -> "app_home:correct_shared_permissions";
-	"application:deploy" -> "application:restart";
-
-	"application:restart" -> "apache:restart";
-	"application:restart" -> "app_home:reload_server_cache";
-	"application:restart" -> "app_home:deploy_success_msg";
-	
-	"application:reconfigure_apache" -> "apache_co7:configure";
-	"application:reconfigure_apache" -> "application:restart";
-
-	"app_home:create_all" -> "app_home:create_deploy_folder";
-	"app_home:create_all" -> "app_home:create_shared_folder"; 
-	"app_home:create_all" -> "app_home:create_revisions_file";
+    subgraph cluster_application {
+        labeljust="l";
+        label="application.rake";
+        fontname="Arial";
+        "application:deploy_first_time" -> "deploy"[label="7",color=orange];
+        "application:deploy_first_time" -> "application:restart"[label="9",color=brown];
+        "application:deploy" -> "deploy"[label="3",color=purple];
+        "application:deploy" -> "application:restart"[label="5",color=yellow];
+        "application:reconfigure_apache" -> "application:restart"[label="2",color=blue];
+        "application:show_variables";
+        "load:defaults";
+    }
 
-	"apache:configure_and_start" -> "apache_co7:configure";
-	"apache:configure_and_start" -> "apache:chkconfig_on";
-	"apache:configure_and_start" -> "apache_co7:secure_apache";
-	"apache:configure_and_start" -> "apache:create_symbolic_link";
+    subgraph cluster_apache {
+        label="apache.rake";
+        labeljust="l";
+        fontname="Arial";
+        "apache:configure_and_start" -> "apache:chkconfig_on"[label="2",color=blue];
+        "application:deploy_first_time" -> "apache:configure_and_start"[label="5",color=yellow];
+        "application:restart" -> "apache:restart"[label="1",color=black];
+        "application:reconfigure_apache" -> "apache:configure"[label="1",color=black];
+        "apache:configure_and_start" -> "apache:configure"[label="1",color=black];
+        "apache:configure" -> "apache:create_apache_sites_folder"[label="2",color=blue];
+        "apache:configure" -> "apache:configure_apache_modules"[label="3",color=purple];
+        "apache:configure" -> "apache:configure_app_ssl_conf_file"[label="4",color=red];
+        "apache:configure_and_start" -> "apache:secure_apache"[label="3",color=purple];
+        "apache:configure" -> "apache:create_apache_shared_folder"[label="1",color=black];
+        "apache:configure_and_start" -> "apache:create_symbolic_link"[label="4",color=red];
+        "application:deploy_first_time" -> "apache:check_write_permissions"[label="6",color=green];
+        "apache:check_write_permissions" -> "apache:check_write_permissions_on_deploy"[label="1",color=black];
+        "apache:check_write_permissions" -> "apache:check_write_permissions_on_document_root"[label="2",color=blue];
+    }
 
-	"apache:check_write_permissions" -> "apache:check_write_permissions_on_deploy";
-	"apache:check_write_permissions" -> "apache:check_write_permissions_on_document_root";
+    subgraph cluster_secrets {
+        label="secrets.rake";
+        labeljust="l";
+        fontname="Arial";
+        "application:deploy" -> "secrets:update_app_secret"[label="2",color=blue];
+        "secrets:update_app_secret" -> "secrets:set_permissions_pre_update"[label="1",color=black];
+        "secrets:update_app_secret" -> "secrets:replace_token"[label="2",color=blue];
+        "secrets:update_app_secret" -> "secrets:set_permissions_post_update"[label="3",color=purple];
+        "application:deploy_first_time" -> "secrets:configure"[label="4",color=red];
+        "secrets:configure" -> "secrets:set_permissions_pre_update"[label="1",color=black];
+        "secrets:configure" -> "secrets:set_secrets_file"[label="2",color=blue];
+        "secrets:configure" -> "secrets:replace_token"[label="3",color=purple];
+        "secrets:configure" -> "secrets:set_permissions_post_update"[label="4",color=red];
+    }
 
-	"apache_co7:configure" -> "apache:create_apache_shared_folder";
-	"apache_co7:configure" -> "apache_co7:configure_apache_modules";
-	"apache_co7:configure" -> "apache_co7:configure_app_conf_file";
-	"apache_co7:configure" -> "apache_co7:configure_app_ssl_conf_file";
+    subgraph cluster_app_home {
+       label="app_home.rake";
+       labeljust="l";
+       fontname="Arial";
+       "application:deploy" -> "app_home:deploy_start_msg"[label="1",color=black];
+       "application:deploy_first_time" -> "app_home:deploy_first_time_start_msg"[label="1",color=black];
+       "application:deploy_first_time" -> "app_home:create_all"[label="2",color=blue];
+       "application:deploy_first_time" -> "app_home:correct_shared_permissions"[label="8",color=pink];
+       "app_home:create_all" -> "app_home:create_deploy_folder"[label="1",color=black];
+       "app_home:create_all" -> "app_home:create_shared_folder"[label="2",color=blue];
+       "app_home:create_all" -> "app_home:create_revisions_file"[label="3",color=purple];
+       "application:deploy" -> "app_home:correct_shared_permissions"[label="4",color=red];
+       "application:restart" -> "app_home:reload_server_cache"[label="2",color=blue];
+       "application:restart" -> "app_home:deploy_success_msg"[label="3",color=purple];
+       "app_home:correct_public_folder_permissions";
+       "app_home:clear_tmp_files";
+       "app_home:restart";
+    }
 
-	deploy -> "deploy:compile_assets";
-	"deploy:compile_assets" -> "deploy:assets_precompile";
-	"deploy:compile_assets" -> "deploy:assets_backup_manifest";
+    subgraph cluster_database {
+       label="database.rake";
+       labeljust="l";
+       fontname="Arial";
+	   "application:deploy_first_time" -> "database:configure_mysql"[label="3",color=purple];
+	   "database:configure_mysql" -> "database:configure_database_file";
+	   "database:configure_database_file" -> "database:set_permissions_pre_update"[label="1",color=black];
+	   "database:configure_database_file" -> "database:set_database_file"[label="2",color=blue];
+	   "database:configure_database_file" -> "database:set_permissions_post_update"[label="3",color=purple];
+	   "database:seed";
+	}
 
-	"database:configure_mysql" -> "database:configure_database_file";
-	"database:configure_database_file" -> "database:set_permissions_pre_update";
-	"database:configure_database_file" -> "database:set_database_file";
-	"database:configure_database_file" -> "database:set_permissions_post_update";
-
-	"secrets:configure" -> "secrets:set_permissions_pre_update";
-	"secrets:configure" -> "secrets:set_secrets_file";
-	"secrets:configure" -> "secrets:replace_token";
-	"secrets:configure" -> "secrets:set_permissions_post_update";
-
-	"secrets:update_app_secret" -> "secrets:set_permissions_pre_update";
-	"secrets:update_app_secret" -> "secrets:replace_token";
-	"secrets:update_app_secret" -> "secrets:set_permissions_post_update"
+    subgraph cluster_assets {
+       label="assets.rake";
+       labeljust="l";
+       fontname="Arial";
+       deploy -> "deploy:compile_assets";
+       "deploy:compile_assets" -> "deploy:assets_precompile"[label="1",color=black];
+       "deploy:compile_assets" -> "deploy:assets_backup_manifest"[label="2",color=blue];
+    }
 
 }
-
-

data/lib/capistrano/exfel.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'capistrano/exfel/version'
 
 # module Capistrano

data/lib/capistrano/exfel/co7.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Load DSL and Setup Up Stages
 require 'capistrano/setup'
 
@@ -10,9 +12,7 @@ require 'capistrano/rvm'
 # Includes tasks for rails
 require 'capistrano/rails'
 
-load File.expand_path('../tasks/apache_common.rake', __dir__)
-load File.expand_path('../tasks/apache_rpm.rake', __dir__)
-load File.expand_path('../tasks/apache_co7.rake', __dir__)
+load File.expand_path('../tasks/apache.rake', __dir__)
 load File.expand_path('../tasks/app_home.rake', __dir__)
 load File.expand_path('../tasks/assets.rake', __dir__)
 load File.expand_path('../tasks/application.rake', __dir__)

data/lib/capistrano/exfel/version.rb

@@ -1,6 +1,8 @@
+# frozen_string_literal: true
+
 module Capistrano
   # Capistrano::Exfel version information
   module Exfel
-    VERSION = '0.2.2'.freeze
+    VERSION = '0.3.0'
   end
 end

data/lib/capistrano/recipes/{ub14/apache.conf → apache/app_ssl.conf}

@@ -1,15 +1,22 @@
+  # <<APPLICATION_NAME>> - Ruby on Rails Application
+  #
+  # Application secured by SSL
+
   Alias /<<APPLICATION_NAME>> /var/www/html/<<APPLICATION_NAME>>
 
   #
-  # Application
+  # Application configuration
   #
-
-  <Directory "/var/www/html/<<APPLICATION_NAME>>">
+  <Directory "/var/www/html/<<APPLICATION_NAME>>/">
     RackBaseURI /<<APPLICATION_NAME>>
     RailsEnv <<ENVIRONMENT>>
 
     PassengerUser nobody
-    PassengerGroup nogroup
+    # CentOS: nobody / Ubuntu/Debian: nogroup
+    PassengerGroup nobody
+
+    # which ruby version to use
+    PassengerRuby <<RUBY_PATH>>
 
     # This relaxes Apache security settings.
     Options -Indexes +MultiViews +FollowSymLinks

data/lib/capistrano/recipes/{co7 → apache}/httpd.conf

@@ -27,6 +27,12 @@ DocumentRoot "/var/www/html"
     Options Indexes FollowSymLinks
     AllowOverride None
     Require all granted
+
+    # Redirect all HTTP to https://%{SERVER_NAME}/, keeping the requested path
+    RewriteEngine On
+    RewriteCond %{HTTPS} !=on
+    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
+
 </Directory>
 
 <IfModule dir_module>

data/lib/capistrano/recipes/apache/ssl.conf

@@ -0,0 +1,49 @@
+Listen 443 https
+
+SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
+
+SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
+SSLSessionCacheTimeout  300
+
+SSLRandomSeed startup file:/dev/urandom  256
+SSLRandomSeed connect builtin
+
+SSLCryptoDevice builtin
+
+##
+## SSL Virtual Host Context
+##
+
+<VirtualHost _default_:443>
+
+ErrorLog logs/ssl_error_log
+LogLevel warn
+
+SSLEngine on
+
+SSLProtocol all -SSLv2 -SSLv3
+
+SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA
+
+SSLCertificateFile /etc/pki/tls/certs/localhost.crt
+
+SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
+
+<Files ~ "\.(cgi|shtml|phtml|php3?)$">
+    SSLOptions +StdEnvVars
+</Files>
+<Directory "/var/www/cgi-bin">
+    SSLOptions +StdEnvVars
+</Directory>
+
+BrowserMatch "MSIE [2-5]" \
+         nokeepalive ssl-unclean-shutdown \
+         downgrade-1.0 force-response-1.0
+
+RemoteIPHeader X-Forwarded-For
+LogFormat "%t - %a - %s - %{Host}i - \"%r\" \"%{Referer}i\" \"%{User-agent}i\" %D" xfel
+CustomLog logs/ssl_access_log xfel
+
+IncludeOptional sites.d/*.conf
+
+</VirtualHost>

data/lib/capistrano/tasks/apache.rake

@@ -0,0 +1,268 @@
+# frozen_string_literal: true
+
+# apache tasks
+
+namespace :apache do
+  desc 'Configure Apache (httpd) and restart it'
+  task :configure_and_start do
+    invoke 'apache:configure'
+    invoke 'apache:chkconfig_on' # This task should go to Puppet or installation script
+    invoke 'apache:replace_apache_defaults' # This task should go to Puppet or installation script
+    invoke 'apache:create_symbolic_link'
+  end
+
+  # This task should be moved into Puppet or the installation script
+  desc 'Configure Apache to start at bootup'
+  task :chkconfig_on do
+    on roles(:web) do
+      info 'In task apache:chkconfig_on'
+
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      debug '#' * 50
+
+      debug 'chkconfig httpd on'
+      execute "#{sudo_cmd} chkconfig httpd on"
+
+      info 'Configured Apache to start at bootup'
+      debug '#' * 50
+    end
+  end
+
+  desc 'Restart Apache (httpd) service'
+  task :restart do
+    on roles(:web) do
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      debug '#' * 50
+
+      debug 'service httpd stop'
+      execute "#{sudo_cmd} service httpd stop"
+
+      debug 'pkill -9 httpd || true'
+      execute "#{sudo_cmd} pkill -9 httpd || true"
+
+      debug 'service httpd start'
+      execute "#{sudo_cmd} service httpd start"
+
+      info 'Restarted Apache (httpd) service'
+      debug '#' * 50
+    end
+  end
+
+  desc 'Configure Apache configuration files'
+  task :configure do
+    invoke 'apache:create_apache_shared_folder'
+    invoke 'apache:create_apache_sites_folder'
+    invoke 'apache:configure_apache_modules'
+    invoke 'apache:configure_app_ssl_conf_file'
+  end
+
+  # This task should be moved into Puppet or the installation script
+  desc 'Create Apache multi-site configuration folder'
+  task :create_apache_sites_folder do
+    on roles(:app) do
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      debug '#' * 50
+      debug 'Create Apache multi-site configuration folder'
+
+      debug 'mkdir -p /etc/httpd/sites.d'
+      execute "#{sudo_cmd} mkdir -p /etc/httpd/sites.d"
+
+      debug '#' * 50
+    end
+  end
+
+  # This task should be moved into Puppet or the installation script
+  desc 'Configure Apache modules'
+  task :configure_apache_modules do
+    on roles(:app) do
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      debug '#' * 50
+      debug 'Configure (HTTP) Apache Passenger module'
+
+      set :shared_passenger_file, '/etc/httpd/conf.modules.d/00-passenger.conf'
+      passenger_file = File.expand_path('../recipes/apache/00-passenger.conf', __dir__)
+
+      # Create a temporary copy of the passenger module file
+      set :tmp_passenger_file, '/tmp/00-passenger.conf'
+
+      upload! StringIO.new(File.read(passenger_file)), fetch(:tmp_passenger_file).to_s
+
+      passenger_root = get_command_output("/usr/local/rvm/bin/rvm #{fetch(:rvm_ruby_version)} do passenger-config --root")
+      ruby_path = "/#{passenger_root.split('/')[1..5].join('/')}/wrappers/ruby"
+
+      debug "sed -i 's|<<PASSENGER_ROOT>>|#{passenger_root}|g' #{fetch(:tmp_passenger_file)}"
+      execute "sed -i 's|<<PASSENGER_ROOT>>|#{passenger_root}|g' #{fetch(:tmp_passenger_file)}"
+      execute "sed -i 's|<<RUBY_PATH>>|#{ruby_path}|g' #{fetch(:tmp_passenger_file)}"
+
+      # Replace the passenger module file
+      execute "#{sudo_cmd} mv -f #{fetch(:tmp_passenger_file)} #{fetch(:shared_passenger_file)}"
+      execute "#{sudo_cmd} chown root.root #{fetch(:shared_passenger_file)}"
+
+      debug '#' * 50
+      debug 'Deactivate unnecessary Apache modules'
+      %w[00-dav.conf 00-lua.conf 00-proxy.conf 01-cgi.conf].each do |file|
+        if remote_file_exists?("/etc/httpd/conf.modules.d/#{file}")
+          # only perform backup of Apache modules files unless already done
+          unless remote_file_exists?("/etc/httpd/conf.modules.d/#{file}_bck")
+            execute "#{sudo_cmd} cp /etc/httpd/conf.modules.d/#{file} /etc/httpd/conf.modules.d/#{file}_bck"
+          end
+          execute "#{sudo_cmd} truncate -s 0 /etc/httpd/conf.modules.d/#{file}"
+        end
+      end
+      debug '#' * 50
+    end
+  end
+
+  desc 'Configure (HTTPS) Apache Application configuration files'
+  task :configure_app_ssl_conf_file do
+    on roles(:app), in: :sequence do
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      debug '#' * 50
+      debug 'Configure (HTTPS) Apache Application configuration files'
+
+      set :shared_apache_conf_ssl_file, "#{fetch(:shared_apache_path)}/app_#{fetch(:app_name_uri)}_ssl.conf"
+      http_ssl_file = File.expand_path('../recipes/apache/app_ssl.conf', __dir__)
+      upload! StringIO.new(File.read(http_ssl_file)), fetch(:shared_apache_conf_ssl_file).to_s
+
+      debug "chmod g+w #{fetch(:shared_apache_conf_ssl_file)}"
+      execute "chmod g+w #{fetch(:shared_apache_conf_ssl_file)}"
+
+      passenger_root = get_command_output("/usr/local/rvm/bin/rvm #{fetch(:rvm_ruby_version)} do passenger-config --root")
+      ruby_path = "/#{passenger_root.split('/')[1..5].join('/')}/wrappers/ruby"
+
+      execute "sed -i 's/<<APPLICATION_NAME>>/#{fetch(:app_name_uri)}/g' #{fetch(:shared_apache_conf_ssl_file)}"
+      execute "sed -i 's/<<ENVIRONMENT>>/#{fetch(:environment)}/g' #{fetch(:shared_apache_conf_ssl_file)}"
+      execute "sed -i 's|<<RUBY_PATH>>|#{ruby_path}|g' #{fetch(:shared_apache_conf_ssl_file)}"
+
+      execute "#{sudo_cmd} ln -sfn #{fetch(:shared_apache_conf_ssl_file)} /etc/httpd/sites.d/"
+
+      debug '#' * 50
+    end
+  end
+
+  # This task should be moved into Puppet or the installation script
+  desc 'Replace CentOS 7 default httpd.conf and ssl.conf file with our version'
+  task :replace_apache_defaults do
+    on roles(:web) do
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      debug '#' * 50
+      debug 'Update httpd.conf and ssl.conf'
+
+      set :httpd_conf_file, '/etc/httpd/conf/httpd.conf'
+
+      # Replace the original Apache configuration file
+      if remote_file_exists?('/etc/httpd/conf/httpd.conf_bck')
+        info 'Apache original configuration file already backed up at: /etc/httpd/conf/httpd.conf_bck'
+      else
+        execute "#{sudo_cmd} cp -f #{fetch(:httpd_conf_file)} /etc/httpd/conf/httpd.conf_bck"
+        info 'Apache original configuration file backed up at: /etc/httpd/conf/httpd.conf_bck'
+      end
+
+      # Create a temporary copy of the Apache configuration file
+      set :tmp_httpd_file, '/tmp/httpd.conf'
+      httpd_safe_file = File.expand_path('../recipes/apache/httpd.conf', __dir__)
+
+      upload! StringIO.new(File.read(httpd_safe_file)), fetch(:tmp_httpd_file).to_s
+
+      # Replace the original Apache configuration file
+      execute "#{sudo_cmd} mv -f #{fetch(:tmp_httpd_file)} #{fetch(:httpd_conf_file)}"
+
+      set :ssl_conf_file, '/etc/httpd/conf.d/ssl.conf'
+
+      # Replace the original Apache ssl configuration file
+      if remote_file_exists?('/etc/httpd/conf.d/ssl.conf_bck')
+        info 'Apache original ssl configuration file already backed up at: /etc/httpd/conf.d/ssl.conf_bck'
+      else
+        execute "#{sudo_cmd} cp -f #{fetch(:ssl_conf_file)} /etc/httpd/conf.d/ssl.conf_bck"
+        info 'Apache original ssl configuration file backed up at: /etc/httpd/conf.d/ssl.conf_bck'
+      end
+
+      # Create a temporary copy of the Apache ssl configuration file
+      set :tmp_ssl_file, '/tmp/ssl.conf'
+      ssl_safe_file = File.expand_path('../recipes/apache/ssl.conf', __dir__)
+
+      upload! StringIO.new(File.read(ssl_safe_file)), fetch(:tmp_ssl_file).to_s
+
+      # Replace the original Apache ssl configuration file
+      execute "#{sudo_cmd} mv -f #{fetch(:tmp_ssl_file)} #{fetch(:ssl_conf_file)}"
+    end
+  end
+
+  desc 'Check that the user has write permissions in the Deploy and in Apache DocumentRoot folders'
+  task :check_write_permissions do
+    invoke 'apache:check_write_permissions_on_deploy'
+    invoke 'apache:check_write_permissions_on_document_root'
+  end
+
+  desc 'Check that we have the right permission to the folder the app should be deployed to'
+  task :check_write_permissions_on_deploy do
+    on roles(:app), in: :sequence do |host|
+      debug '#' * 50
+      debug "Checking folder '#{fetch(:deploy_to)}' (where the application has to be deployed) "\
+            "for the right permissions on Host '#{host}'"
+
+      if test("[ -w #{fetch(:deploy_to)} ]")
+        info "#{fetch(:deploy_to)} is writable on #{host}"
+      else
+        error "#{fetch(:deploy_to)} is not writable on #{host}"
+      end
+
+      debug '#' * 50
+    end
+  end
+
+  desc 'Check that we have the right permission to the Apache DocumentRoot folder'
+  task :check_write_permissions_on_document_root do
+    on roles(:web) do |host|
+      debug '#' * 50
+      debug "Checking Apache DocumentRoot folder (#{fetch(:apache_document_root)}) permissions on Host '#{host}'"
+
+      if test("[ -w #{fetch(:apache_document_root)} ]")
+        info "#{fetch(:apache_document_root)} is writable on #{host}"
+      else
+        info "#{fetch(:apache_document_root)} is not writable on #{host}"
+      end
+
+      debug '#' * 50
+    end
+  end
+
+  desc 'Create Apache configuration files shared folder'
+  task :create_apache_shared_folder do
+    on roles(:app) do
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      debug '#' * 50
+      debug 'Create Apache configuration files shared folder'
+
+      debug "mkdir -p #{fetch(:shared_apache_path)}"
+      execute "#{sudo_cmd} mkdir -p #{fetch(:shared_apache_path)}"
+
+      debug "chmod g+ws #{fetch(:shared_apache_path)}"
+      execute "#{sudo_cmd} chmod g+ws #{fetch(:shared_apache_path)}"
+
+      debug '#' * 50
+    end
+  end
+
+  desc 'Create symbolic link to application public folder in Apache DocumentRoot folder'
+  task :create_symbolic_link do
+    on roles(:web), in: :sequence do
+      sudo_cmd = "echo #{fetch(:password)} | sudo -S"
+
+      info '#' * 50
+      info 'Creating application symbolic link'
+
+      debug "ln -sfn #{fetch(:deploy_to)}/current/public #{fetch(:apache_deploy_symbolic_link)}"
+      execute "#{sudo_cmd} ln -sfn #{fetch(:deploy_to)}/current/public #{fetch(:apache_deploy_symbolic_link)}"
+
+      info '#' * 50
+    end
+  end
+end