capistrano-mb 0.22.0

data/lib/capistrano/tasks/seed.rake

@@ -0,0 +1,16 @@
+mb_recipe :seed do
+  prior_to "deploy:publishing", "mb:seed"
+end
+
+namespace :mb do
+  desc "Run rake db:seed"
+  task :seed do
+    on primary(:app) do
+      within release_path do
+        with :rails_env => fetch(:rails_env) do
+          execute :rake, "db:seed"
+        end
+      end
+    end
+  end
+end

data/lib/capistrano/tasks/sidekiq.rake

@@ -0,0 +1,39 @@
+mb_recipe :sidekiq do
+  during :provision, "init_d"
+  during "deploy:start", "start"
+  during "deploy:stop", "stop"
+  during "deploy:restart", "restart"
+  during "deploy:publishing", "restart"
+end
+
+namespace :mb do
+  namespace :sidekiq do
+    desc "Install sidekiq service script"
+    task :init_d do
+      privileged_on roles(fetch(:mb_sidekiq_role)) do |host, user|
+        template "sidekiq_init.erb",
+                 "/etc/init.d/sidekiq_#{application_basename}",
+                 :mode => "a+rx",
+                 :binding => binding,
+                 :sudo => true
+
+        execute "sudo update-rc.d -f sidekiq_#{application_basename} defaults"
+      end
+    end
+
+    %w[start stop].each do |command|
+      desc "#{command} sidekiq"
+      task command do
+        on roles(fetch(:mb_sidekiq_role)) do
+          execute "service sidekiq_#{application_basename} #{command}"
+        end
+      end
+    end
+
+    desc "restart sidekiq"
+    task :restart do
+      invoke "mb:sidekiq:stop"
+      invoke "mb:sidekiq:start"
+    end
+  end
+end

data/lib/capistrano/tasks/ssl.rake

@@ -0,0 +1,57 @@
+mb_recipe :ssl do
+  during :provision, "generate_dh"
+  during :provision, "generate_self_signed_crt"
+end
+
+namespace :mb do
+  namespace :ssl do
+    desc "Generate an SSL key and CSR for Ngnix HTTPS"
+    task :generate_csr do
+      _run_ssl_script
+      _copy_to_all_web_servers(%w(.key .csr))
+    end
+
+    desc "Generate an SSL key, CSR, and self-signed cert for Ngnix HTTPS"
+    task :generate_self_signed_crt do
+      _run_ssl_script("--self")
+      _copy_to_all_web_servers(%w(.key .csr .crt))
+    end
+
+    desc "Generate unique DH group"
+    task :generate_dh do
+      privileged_on roles(:web) do
+        unless test("sudo [ -f /etc/ssl/dhparams.pem ]")
+          execute :sudo, "openssl dhparam -out /etc/ssl/dhparams.pem 2048"
+          execute :sudo, "chmod 600 /etc/ssl/dhparams.pem"
+        end
+      end
+    end
+
+    def _run_ssl_script(opt="")
+      privileged_on primary(:web) do
+        files_exist = %w(.key .csr .crt).any? do |ext|
+          test("sudo [ -f /etc/ssl/#{application_basename}#{ext} ]")
+        end
+
+        if files_exist
+          info("Files exist; skipping SSL key generation.")
+        else
+          config = "/tmp/csr_config"
+          ssl_script = "/tmp/ssl_script"
+
+          template("csr_config.erb", config, :sudo => true)
+          template("ssl_setup", ssl_script, :mode => "+x", :sudo => true)
+
+          within "/etc/ssl" do
+            execute :sudo, ssl_script, opt, application_basename, config
+            execute :sudo, "rm", ssl_script, config
+          end
+        end
+      end
+    end
+
+    def _copy_to_all_web_servers(extensions)
+      # TODO
+    end
+  end
+end

data/lib/capistrano/tasks/ufw.rake

@@ -0,0 +1,32 @@
+mb_recipe :ufw do
+  during :provision, "configure"
+end
+
+namespace :mb do
+  namespace :ufw do
+    desc "Configure role-based ufw rules on each server"
+    task :configure do
+      rules = fetch(:mb_ufw_rules, {})
+      distinct_roles = rules.values.flatten.uniq
+
+      # First reset the firewall on all affected servers
+      privileged_on roles(*distinct_roles) do
+        execute "sudo ufw --force reset"
+        execute "sudo ufw default deny incoming"
+        execute "sudo ufw default allow outgoing"
+      end
+
+      # Then set up all ufw rules according to the mb_ufw_rules hash
+      rules.each do |command, *role_names|
+        privileged_on roles(*role_names.flatten) do
+          execute "sudo ufw #{command}"
+        end
+      end
+
+      # Finally, enable the firewall on all affected servers
+      privileged_on roles(*distinct_roles) do
+        execute "sudo ufw --force enable"
+      end
+    end
+  end
+end

data/lib/capistrano/tasks/unicorn.rake

@@ -0,0 +1,42 @@
+mb_recipe :unicorn do
+  during :provision, %w(init_d config_rb)
+  during "deploy:start", "start"
+  during "deploy:stop", "stop"
+  during "deploy:restart", "restart"
+  during "deploy:publishing", "restart"
+end
+
+namespace :mb do
+  namespace :unicorn do
+    desc "Install service script for unicorn"
+    task :init_d do
+      privileged_on roles(:app) do |host, user|
+        unicorn_user = fetch(:mb_unicorn_user) || user
+
+        template "unicorn_init.erb",
+                 "/etc/init.d/unicorn_#{application_basename}",
+                 :mode => "a+rx",
+                 :binding => binding,
+                 :sudo => true
+
+        execute "sudo update-rc.d -f unicorn_#{application_basename} defaults"
+      end
+    end
+
+    desc "Create config/unicorn.rb"
+    task :config_rb do
+      on release_roles(:all) do
+        template "unicorn.rb.erb", "#{shared_path}/config/unicorn.rb"
+      end
+    end
+
+    %w[start stop restart].each do |command|
+      desc "#{command} unicorn"
+      task command do
+        on roles(:app) do
+          execute "service unicorn_#{application_basename} #{command}"
+        end
+      end
+    end
+  end
+end

data/lib/capistrano/tasks/user.rake

@@ -0,0 +1,32 @@
+mb_recipe :user do
+  during :provision, %w(add install_public_key)
+end
+
+namespace :mb do
+  namespace :user do
+    desc "Create the UNIX user if it doesn't already exist"
+    task :add do
+      privileged_on roles(:all) do |host, user|
+        unless test("sudo grep -q #{user}: /etc/passwd")
+          execute :sudo, "adduser", "--disabled-password", user, "</dev/null"
+        end
+      end
+    end
+
+    desc "Copy root's authorized_keys to the user account if it doesn't "\
+         "already have its own keys"
+    task :install_public_key do
+      root = fetch(:mb_privileged_user)
+
+      privileged_on roles(:all) do |host, user|
+        unless test("sudo [ -f /home/#{user}/.ssh/authorized_keys ]")
+          execute :sudo, "mkdir", "-p", "/home/#{user}/.ssh"
+          execute :sudo, "cp", "~#{root}/.ssh/authorized_keys",
+                               "/home/#{user}/.ssh"
+          execute :sudo, "chown", "-R", "#{user}:#{user}", "/home/#{user}/.ssh"
+          execute :sudo, "chmod", "600", "/home/#{user}/.ssh/authorized_keys"
+        end
+      end
+    end
+  end
+end

data/lib/capistrano/tasks/version.rake

@@ -0,0 +1,34 @@
+mb_recipe :version do
+  during "deploy:updating", "write_initializer"
+end
+
+namespace :mb do
+  namespace :version do
+    desc "Write initializers/version.rb with git version and date information"
+    task :write_initializer do
+      git_version = {}
+      branch = fetch(:branch)
+
+      on release_roles(:all).first do
+        with fetch(:git_environmental_variables) do
+          within repo_path do
+            git_version[:tag] = \
+              capture(:git, "describe", branch, "--always --tag").chomp
+            git_version[:date] = \
+              capture(:git, "log", branch, '-1 --format="%ad" --date=short')\
+              .chomp
+            git_version[:time] = \
+              capture(:git, "log", branch, '-1 --format="%ad" --date=iso')\
+              .chomp
+          end
+        end
+      end
+
+      on release_roles(:all) do
+        template "version.rb.erb",
+                 "#{release_path}/config/initializers/version.rb",
+                 :binding => binding
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,165 @@
+--- !ruby/object:Gem::Specification
+name: capistrano-mb
+version: !ruby/object:Gem::Version
+  version: 0.22.0
+platform: ruby
+authors:
+- Matt Brictson
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-06-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: capistrano
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.3.5
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.3.5
+- !ruby/object:Gem::Dependency
+  name: sshkit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.1
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: chandler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 'Production-ready provisioning and deployment recipes for the full Rails
+  4 stack. Installs and configures Ruby, Nginx, Unicorn, PostgreSQL, dotenv, and more
+  onto Ubuntu 14.04 LTS using Capistrano. (Note: this gem was formerly called capistrano-fiftyfive.)'
+email: matt@mattbrictson.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- CHANGELOG.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- capistrano-mb.gemspec
+- lib/capistrano/fiftyfive.rb
+- lib/capistrano/mb.rb
+- lib/capistrano/mb/compatibility.rb
+- lib/capistrano/mb/dsl.rb
+- lib/capistrano/mb/recipe.rb
+- lib/capistrano/mb/templates/crontab.erb
+- lib/capistrano/mb/templates/csr_config.erb
+- lib/capistrano/mb/templates/delayed_job_init.erb
+- lib/capistrano/mb/templates/logrotate.erb
+- lib/capistrano/mb/templates/maintenance.html.erb
+- lib/capistrano/mb/templates/nginx.erb
+- lib/capistrano/mb/templates/nginx_unicorn.erb
+- lib/capistrano/mb/templates/pgpass.erb
+- lib/capistrano/mb/templates/postgresql-backup-logrotate.erb
+- lib/capistrano/mb/templates/rbenv_bashrc
+- lib/capistrano/mb/templates/sidekiq_init.erb
+- lib/capistrano/mb/templates/ssl_setup
+- lib/capistrano/mb/templates/unicorn.rb.erb
+- lib/capistrano/mb/templates/unicorn_init.erb
+- lib/capistrano/mb/templates/version.rb.erb
+- lib/capistrano/mb/version.rb
+- lib/capistrano/tasks/aptitude.rake
+- lib/capistrano/tasks/crontab.rake
+- lib/capistrano/tasks/defaults.rake
+- lib/capistrano/tasks/delayed_job.rake
+- lib/capistrano/tasks/dotenv.rake
+- lib/capistrano/tasks/fiftyfive.rake
+- lib/capistrano/tasks/logrotate.rake
+- lib/capistrano/tasks/maintenance.rake
+- lib/capistrano/tasks/migrate.rake
+- lib/capistrano/tasks/nginx.rake
+- lib/capistrano/tasks/postgresql.rake
+- lib/capistrano/tasks/provision.rake
+- lib/capistrano/tasks/rake.rake
+- lib/capistrano/tasks/rbenv.rake
+- lib/capistrano/tasks/seed.rake
+- lib/capistrano/tasks/sidekiq.rake
+- lib/capistrano/tasks/ssl.rake
+- lib/capistrano/tasks/ufw.rake
+- lib/capistrano/tasks/unicorn.rake
+- lib/capistrano/tasks/user.rake
+- lib/capistrano/tasks/version.rake
+homepage: https://github.com/mattbrictson/capistrano-mb
+licenses:
+- MIT
+metadata: {}
+post_install_message: capistrano-fiftyfive has been renamed to capistrano-mb. Please
+  update your Gemfile.
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.8
+signing_key: 
+specification_version: 4
+summary: Additional Capistrano 3 recipes
+test_files: []