capistrano-exts 1.3.4 → 1.3.5

data/README.md

@@ -17,7 +17,7 @@ gem install capistrano-exts
 or add it to your Gemfile
 
 ```ruby
-gem 'capistrano-exts', '>=1.3.4'
+gem 'capistrano-exts', '>=1.3.5'
 ```
 
 Setup

data/examples/php_fpm/deploy/development.rb

@@ -123,6 +123,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/examples/php_fpm/deploy/production.rb

@@ -123,6 +123,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/examples/php_fpm/deploy/staging.rb

@@ -123,6 +123,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/examples/rails_passenger/deploy/development.rb

@@ -123,6 +123,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/examples/rails_passenger/deploy/production.rb

@@ -123,6 +123,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/examples/rails_passenger/deploy/staging.rb

@@ -123,6 +123,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/examples/rails_reverse_proxy/deploy/development.rb

@@ -123,6 +123,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/examples/rails_reverse_proxy/deploy/production.rb

@@ -123,6 +123,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/examples/rails_reverse_proxy/deploy/staging.rb

@@ -123,6 +123,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/lib/capistrano-exts/receipts/contao.rb

@@ -22,6 +22,7 @@ Capistrano::Configuration.instance(:must_exist).load do
   namespace :contao do
     desc "[internal] Setup contao shared contents"
     task :setup, :roles => :app, :except => { :no_release => true } do
+      shared_path = fetch :shared_path
       run <<-CMD
         #{try_sudo} mkdir -p #{shared_path}/logs &&
         #{try_sudo} mkdir -p #{shared_path}/config &&
@@ -31,6 +32,11 @@ Capistrano::Configuration.instance(:must_exist).load do
         #{try_sudo} mkdir -p #{shared_path}/contents/audio &&
         #{try_sudo} mkdir -p #{shared_path}/contents/pdf
       CMD
+
+      deny_htaccess = "order deny,allow"
+      deny_htaccess << "deny from all"
+
+      put deny_htaccess, "#{shared_path}/logs/.htaccess"
     end
 
     desc "[internal] Setup contao's localconfig"
@@ -53,7 +59,7 @@ Capistrano::Configuration.instance(:must_exist).load do
         localconfig.gsub!(/#DB_NAME#/, mysql_db_name)
       end
 
-      put localconfig, "#{shared_path}/config/localconfig.php"
+      put localconfig, "#{fetch :shared_path}/config/localconfig.php"
     end
 
     desc "[internal] Setup .htaccess"
@@ -74,18 +80,21 @@ Capistrano::Configuration.instance(:must_exist).load do
     desc "[internal] Fix contao's symlinks to the shared path"
     task :fix_links, :roles => :app, :except => { :no_release => true } do
       contents_path = fetch :contents_path, "#{fetch :public_path}/tl_files/contents"
+      current_path = fetch :current_path
+      latest_release = fetch :latest_release
+      shared_path = fetch :shared_path
 
       # At this point, the current_path does not exists and by running an mkdir
       # later, we're actually breaking stuff.
       # So replace current_path with latest_release in the contents_path string
-      contents_path.gsub!(%r{#{current_path}}, fetch(:latest_release))
+      contents_path.gsub! %r{#{current_path}}, latest_release
 
       # Remove files
       run <<-CMD
         #{try_sudo} rm -f #{contents_path} &&
-        #{try_sudo} rm -rf #{fetch :latest_release}/public/system/logs &&
-        #{try_sudo} rm -f #{fetch :latest_release}/public/system/config/localconfig.php &&
-        #{try_sudo} rm -f #{fetch :latest_release}/public/.htaccess
+        #{try_sudo} rm -rf #{latest_release}/public/system/logs &&
+        #{try_sudo} rm -f #{latest_release}/public/system/config/localconfig.php &&
+        #{try_sudo} rm -f #{latest_release}/public/.htaccess
       CMD
 
       run <<-CMD
@@ -94,10 +103,10 @@ Capistrano::Configuration.instance(:must_exist).load do
 
       # Create symlinks
       run <<-CMD
-        #{try_sudo} ln -nsf #{fetch :shared_path}/contents #{contents_path} &&
-        #{try_sudo} ln -nsf #{fetch :shared_path}/config/htaccess.txt #{fetch :latest_release}/public/.htaccess &&
-        #{try_sudo} ln -nsf #{fetch :shared_path}/config/localconfig.php #{fetch :latest_release}/public/system/config/localconfig.php &&
-        #{try_sudo} ln -nsf #{fetch :shared_path}/logs #{fetch :latest_release}/public/system/logs
+        #{try_sudo} ln -nsf #{shared_path}/contents #{contents_path} &&
+        #{try_sudo} ln -nsf #{shared_path}/config/htaccess.txt #{latest_release}/public/.htaccess &&
+        #{try_sudo} ln -nsf #{shared_path}/config/localconfig.php #{latest_release}/public/system/config/localconfig.php &&
+        #{try_sudo} ln -nsf #{shared_path}/logs #{latest_release}/public/system/logs
       CMD
     end
   end

data/lib/capistrano-exts/receipts/servers/web_server/nginx.rb

@@ -24,6 +24,7 @@ Capistrano::Configuration.instance(:must_exist).load do
             nginx.public_path = fetch :public_path
             nginx.logs_path   = fetch :logs_path
             nginx.application_url = fetch :application_url
+            nginx.denied_access = fetch :denied_access if exists?(:denied_access)
 
             nginx.listen_port = fetch(:web_server_listen_port) if exists?(:web_server_listen_port)
 

data/lib/capistrano-exts/templates/multistage.rb

@@ -121,6 +121,10 @@ set :application_url, %w(example.com www.example.com)
 # What are the names of the indexes
 set :web_server_indexes, %w(index.php index.html)
 
+# Deny access ?
+# Define here an array of files/pathes to deny access from.
+set :denied_access, [ ".htaccess" ]
+
 # HTTP Basic Authentifications
 # Uncomment this if you would like to add HTTP Basic authentifications,
 #

data/lib/capistrano-exts/templates/web_servers/nginx.conf.erb

@@ -41,9 +41,11 @@ server {
   <% end %>
   }
 
-  location ~ /\.ht {
-    deny  all;
-  }
+  <% @denied_access.each do |f| %>
+    location ~ <%= Regexp.escape f %> {
+      deny  all;
+    }
+  <% end if @denied_access.present? %>
 
 <% if php_fpm? %>
   location ~ .php$ {

data/lib/capistrano-exts/version.rb

@@ -3,7 +3,7 @@ module Capistrano
     module Version #:nodoc:
       MAJOR = 1
       MINOR = 3
-      TINY = 4
+      TINY = 5
 
       ARRAY  = [MAJOR, MINOR, TINY]
       STRING = ARRAY.join(".")

data/spec/rendered_templates/nginx_php_fpm.conf

@@ -23,9 +23,7 @@ server {
   
   }
 
-  location ~ /\.ht {
-    deny  all;
-  }
+  
 
   location ~ .php$ {
     fastcgi_pass   localhost:30313;

data/spec/servers/web_server/nginx_spec.rb

@@ -208,6 +208,12 @@ describe Nginx do
         subject.php_fpm_port = 5454
         subject.render.should =~ %r{\s+fastcgi_pass\s+localhost:5454.+$}
       end
+
+      it "should render 'denied_access'" do
+        subject.denied_access = ["/system/logs", "/tl_file/.htaccess"]
+        subject.render.should =~ /location ~ \/system\/logs {.*deny\s+all;.*}/m
+        subject.render.should =~ /location ~ \/tl_file\/\\.htaccess {.*deny\s+all;.*}/m
+      end
     end
 
     describe ":passenger" do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: capistrano-exts
 version: !ruby/object:Gem::Version
-  version: 1.3.4
+  version: 1.3.5
   prerelease: 
 platform: ruby
 authors:
@@ -13,7 +13,7 @@ date: 2011-09-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capistrano
-  requirement: &2152783480 !ruby/object:Gem::Requirement
+  requirement: &2151902980 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
         version: 2.8.0
   type: :runtime
   prerelease: false
-  version_requirements: *2152783480
+  version_requirements: *2151902980
 - !ruby/object:Gem::Dependency
   name: i18n
-  requirement: &2152683500 !ruby/object:Gem::Requirement
+  requirement: &2151900160 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: 0.6.0
   type: :runtime
   prerelease: false
-  version_requirements: *2152683500
+  version_requirements: *2151900160
 - !ruby/object:Gem::Dependency
   name: activesupport
-  requirement: &2152629920 !ruby/object:Gem::Requirement
+  requirement: &2151897680 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,10 +43,10 @@ dependencies:
         version: 3.1.0
   type: :runtime
   prerelease: false
-  version_requirements: *2152629920
+  version_requirements: *2151897680
 - !ruby/object:Gem::Dependency
   name: guard
-  requirement: &2152451100 !ruby/object:Gem::Requirement
+  requirement: &2151896080 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,10 +54,10 @@ dependencies:
         version: 0.6.2
   type: :development
   prerelease: false
-  version_requirements: *2152451100
+  version_requirements: *2151896080
 - !ruby/object:Gem::Dependency
   name: guard-bundler
-  requirement: &2152414620 !ruby/object:Gem::Requirement
+  requirement: &2151910960 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -65,10 +65,10 @@ dependencies:
         version: 0.1.3
   type: :development
   prerelease: false
-  version_requirements: *2152414620
+  version_requirements: *2151910960
 - !ruby/object:Gem::Dependency
   name: guard-rspec
-  requirement: &2156285880 !ruby/object:Gem::Requirement
+  requirement: &2151910240 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -76,10 +76,10 @@ dependencies:
         version: 0.4.3
   type: :development
   prerelease: false
-  version_requirements: *2156285880
+  version_requirements: *2151910240
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &2151922700 !ruby/object:Gem::Requirement
+  requirement: &2151908780 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -87,7 +87,7 @@ dependencies:
         version: 2.6.0
   type: :development
   prerelease: false
-  version_requirements: *2151922700
+  version_requirements: *2151908780
 description: Handy extensions for Capistrano
 email:
 - wael.nasreddine@gmail.com