capistrano3-nginx 2.0.3 → 2.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: da34c825fe392851478096964b1e097cbdfdfc87
-  data.tar.gz: b7b89cab7c7bc9a51e806ed30182dceacc07f24c
+  metadata.gz: d6c36175c240e56d54ac11b590af9a7c6e5defc2
+  data.tar.gz: 37600630f2ce5e64308173efd71579756525733b
 SHA512:
-  metadata.gz: a73e1ece05374418c0e888d6830fbcf19b07d74b1545637e54ac23273277ff7649fbbb28c1c1db72668084b8f9f3bac09cef963f59baebccc5c4e861f75f4f27
-  data.tar.gz: e71dc20374bd4a5dd23a93542d64b9178097e0db730e6783774f07dcb4a2f83f2196474edf294dfaf19c124751b6a425b284cac8e5e450e5a2f5477e11a9ce3e
+  metadata.gz: 4af5c0e6330e52b6b92e37445aed121f0c22c4bcb89518928e77776381d634a8b05bc5765d96314e060b2093e2f980aa702615b5ec96ef7fe3553bdb7b1aafea
+  data.tar.gz: f0cd6472ba9161f2b9d4412a1d89cfa8d5b02b32530eb3a544ac5b66edde994f0d2f7f95567412254dde12169a96faa7b5fc98552f5f984230e2cff1cc3f8ed2

data/.gitignore

@@ -0,0 +1 @@
+pkg/

data/README.md

@@ -46,6 +46,17 @@ Configurable options (copy into deploy.rb), shown here with examples:
 # No default vaue
 set :nginx_domains, "foo.bar.com"
 
+# Sudo usage can be enables on task and/or path level.
+# If sudo is enabled for a specific task (i.e. 'nginx:site:add') every
+# command in that task will be run using sudo priviliges.
+# If sudo is enables for a specific path (i.e. :nginx_sites_enabled_dir)
+# only command manipulating that directory will be run using sudo privileges.
+# Note: When options overlap, sudo is used if either option permits it.
+#
+# Everything is run as sudo per default.
+# set :nginx_sudo_paths, [:nginx_log_path, :nginx_sites_enabled_dir, :nginx_sites_available_dir]
+# set :nginx_sudo_tasks, ['nginx:start', 'nginx:stop', 'nginx:restart', 'nginx:reload', 'nginx:configtest', 'nginx:site:add', 'nginx:site:disable', 'nginx:site:enable', 'nginx:site:remove' ]
+
 # nginx service script
 # Defaults to using the 'service' convinience script.
 # You might prefer using the init.d instead depending on sudo privilages.
@@ -70,11 +81,11 @@ set :nginx_static_dir, "my_static_folder"
 
 # Path where nginx available site are stored
 # default value: "sites-available"
-set :nginx_sites_available, "sites-available"
+set :nginx_sites_available_dir, "sites-available"
 
 # Path where nginx available site are stored
 # default value: "sites-enabled"
-set :nginx_sites_enabled, "sites-enabled"
+set :nginx_sites_enabled_dir, "sites-enabled"
 
 # Path to look for custom config template
 # `:default` will use the bundled nginx template
@@ -130,3 +141,15 @@ Thansk for the inspiration on several nginx recipes out there
 3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)
 5. Create new Pull Request
+
+## Credits
+
+Thank you [contributors](https://github.com/platanus/guides/graphs/contributors)!
+
+<img src="http://platan.us/gravatar_with_text.png" alt="Platanus" width="250"/>
+
+capistrano3-nginx is maintained by [platanus](http://platan.us).
+
+## License
+
+Guides is © 2014 platanus, spa. It is free software and may be redistributed under the terms specified in the LICENSE file.

data/capistrano3-nginx.gemspec

@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 
 Gem::Specification.new do |spec|
   spec.name          = 'capistrano3-nginx'
-  spec.version       = '2.0.3'
+  spec.version       = '2.0.4'
   spec.authors       = ['Juan Ignacio Donoso']
   spec.email         = ['jidonoso@gmail.com']
   spec.description   = %q{Adds suuport to nginx for Capistrano 3.x}

data/lib/capistrano/tasks/nginx.rake

@@ -1,45 +1,90 @@
 namespace :load do
   task :defaults do
-    set :nginx_service_path, -> { 'service nginx' }
-    set :nginx_roles, -> { :web }
-    set :nginx_log_path, -> { "#{shared_path}/log" }
-    set :nginx_root_path, -> { "/etc/nginx" }
-    set :nginx_static_dir, -> { "public" }
-    set :nginx_sites_enabled, -> { "sites-enabled" }
-    set :nginx_sites_available, -> { "sites-available" }
-    set :nginx_template, -> { :default }
-    set :nginx_use_ssl, -> { false }
-    set :nginx_ssl_certificate, -> { "#{fetch(:application)}.crt" }
-    set :nginx_ssl_certificate_path, -> { '/etc/ssl/certs' }
-    set :nginx_ssl_certificate_key, -> { "#{fetch(:application)}.crt" }
+    set :nginx_sudo_paths,          -> { [:nginx_log_path, :nginx_sites_enabled_dir, :nginx_sites_available_dir] }
+    set :nginx_sudo_tasks,          -> { ['nginx:start', 'nginx:stop', 'nginx:restart', 'nginx:reload', 'nginx:configtest', 'nginx:site:add', 'nginx:site:disable', 'nginx:site:enable', 'nginx:site:remove' ] }
+    set :nginx_log_path,            -> { "#{shared_path}/log" }
+    set :nginx_root_path,           -> { "/etc/nginx" }
+    set :nginx_service_path,        -> { 'service nginx' }
+    set :nginx_static_dir,          -> { "public" }
+    set :nginx_sites_enabled_dir,   -> { "sites-enabled" }
+    set :nginx_sites_available_dir, -> { "sites-available" }
+    set :nginx_roles,               -> { :web }
+    set :nginx_template,            -> { :default }
+    set :nginx_use_ssl,             -> { false }
+    set :nginx_ssl_certificate,          -> { "#{fetch(:application)}.crt" }
+    set :nginx_ssl_certificate_path,     -> { '/etc/ssl/certs' }
+    set :nginx_ssl_certificate_key,      -> { "#{fetch(:application)}.crt" }
     set :nginx_ssl_certificate_key_path, -> { '/etc/ssl/private' }
-    set :app_server, -> { true }
+    set :app_server,                     -> { true }
   end
 end
 
 namespace :nginx do
+
+  # prepend :sudo to list if arguments if :key is in :nginx_use_sudo_for list
+  def add_sudo_if_required argument_list, *keys
+    keys.each do | key |
+      if use_sudo? key
+        argument_list.unshift(:sudo)
+        break
+      end
+    end
+  end
+
+  def use_sudo? key
+    return (fetch(:nginx_sudo_tasks).include?(key) || fetch(:nginx_sudo_paths).include?(key))
+  end
+
+  def valid_nginx_config?
+    test_sudo = use_sudo?('nginx:configtest') ? 'sudo ' : ''
+    nginx_service = fetch(:nginx_service_path)
+    test "[ $(#{test_sudo}#{nginx_service} configtest | grep -c 'fail') -eq 0 ]"
+  end
+
   task :load_vars do
-    set :sites_available, -> { File.join(fetch(:nginx_root_path), fetch(:nginx_sites_available)) }
-    set :sites_enabled, -> { File.join(fetch(:nginx_root_path), fetch(:nginx_sites_enabled)) }
-    set :enabled_application, -> { File.join(fetch(:sites_enabled), fetch(:application)) }
+    set :sites_available,       -> { File.join(fetch(:nginx_root_path), fetch(:nginx_sites_available_dir)) }
+    set :sites_enabled,         -> { File.join(fetch(:nginx_root_path), fetch(:nginx_sites_enabled_dir)) }
+    set :enabled_application,   -> { File.join(fetch(:sites_enabled),   fetch(:application)) }
     set :available_application, -> { File.join(fetch(:sites_available), fetch(:application)) }
   end
 
+  # validate_sudo_settings
+  task :validate_user_settings do
+    path_and_dir_keys = [:nginx_log_path, :nginx_sites_enabled_dir, :nginx_sites_available_dir]
+    nginx_task_keys   = ['nginx:start', 'nginx:stop', 'nginx:restart', 'nginx:reload', 'nginx:configtest', 'nginx:site:add', 'nginx:site:disable', 'nginx:site:enable', 'nginx:site:remove' ]
+
+    fetch(:nginx_sudo_paths).each do | path |
+      abort("Invalid value in :nginx_sudo_paths, Unknown symbol '#{path}'") unless path_and_dir_keys.include? path
+    end
+    fetch(:nginx_sudo_tasks).each do | task |
+      abort("Invalid symbol in :nginx_tasks! Unknown symbol '#{task}'") unless nginx_task_keys.include? task
+    end
+  end
+
+  desc "Configtest nginx service"
+  task :configtest do
+    on release_roles fetch(:nginx_roles) do
+      abort("nginx configuration is invalid! (Make sure nginx configuration files are readable and correctly formated.)") unless valid_nginx_config?
+    end
+  end
+
   %w[start stop restart reload].each do |command|
     desc "#{command.capitalize} nginx service"
-    task command do
-      nginx_service = fetch(:nginx_service_path)
+    task command => ['nginx:validate_user_settings'] do
       on release_roles fetch(:nginx_roles) do
-        if command === 'stop' || (test "[ $(sudo #{nginx_service} configtest | grep -c 'fail') -eq 0 ]")
-          execute :sudo, "#{nginx_service} #{command}"
-        end
+        arguments = fetch(:nginx_service_path), command
+        add_sudo_if_required arguments, "nginx:#{command}"
+        execute *arguments
       end
     end
+    before "nginx:#{command}", 'nginx:configtest' unless command == 'stop'
   end
 
   after 'deploy:check', nil do
     on release_roles fetch(:nginx_roles) do
-      execute :mkdir, '-pv', fetch(:nginx_log_path)
+      arguments = :mkdir, '-pv', fetch(:nginx_log_path)
+      add_sudo_if_required arguments, :nginx_log_path
+      execute *arguments
     end
   end
 
@@ -54,7 +99,7 @@ namespace :nginx do
 
   namespace :site do
     desc 'Creates the site configuration and upload it to the available folder'
-    task :add => ['nginx:load_vars'] do
+    task :add => ['nginx:load_vars', 'nginx:validate_user_settings'] do
       on release_roles fetch(:nginx_roles) do
         within fetch(:sites_available) do
           config_file = fetch(:nginx_template)
@@ -63,40 +108,46 @@ namespace :nginx do
           end
           config = ERB.new(File.read(config_file)).result(binding)
           upload! StringIO.new(config), '/tmp/nginx.conf'
-
-          execute :sudo, :mv, '/tmp/nginx.conf', fetch(:application)
+          arguments = :mv, '/tmp/nginx.conf', fetch(:application)
+          add_sudo_if_required arguments, 'nginx:sites:add', :nginx_sites_available_dir
+          execute *arguments
         end
       end
     end
 
     desc 'Enables the site creating a symbolic link into the enabled folder'
-    task :enable => ['nginx:load_vars'] do
+    task :enable => ['nginx:load_vars', 'nginx:validate_user_settings'] do
       on release_roles fetch(:nginx_roles) do
         if test "! [ -h #{fetch(:enabled_application)} ]"
           within fetch(:sites_enabled) do
-            execute :sudo, :ln, '-nfs', fetch(:available_application), fetch(:enabled_application)
+            arguments = :ln, '-nfs', fetch(:available_application), fetch(:enabled_application)
+            add_sudo_if_required arguments, 'nginx:sites:enable', :nginx_sites_enabled_dir
+            execute *arguments
           end
         end
       end
     end
 
     desc 'Disables the site removing the symbolic link located in the enabled folder'
-    task :disable => ['nginx:load_vars'] do
+    task :disable => ['nginx:load_vars', 'nginx:validate_user_settings'] do
       on release_roles fetch(:nginx_roles) do
         if test "[ -f #{fetch(:enabled_application)} ]"
           within fetch(:sites_enabled) do
-            execute :sudo, :rm, '-f', fetch(:application)
+            arguments = :rm, '-f', fetch(:application)
+            add_sudo_if_required arguments, 'nginx:sites:disable', :nginx_sites_enabled_dir
           end
         end
       end
     end
 
-    desc 'Removes the site removing the configuration file from the available folder'
-    task :remove => ['nginx:load_vars'] do
+    desc 'Removes the site by removing the configuration file from the available folder'
+    task :remove => ['nginx:load_vars', 'nginx:validate_user_settings'] do
       on release_roles fetch(:nginx_roles) do
         if test "[ -f #{fetch(:available_application)} ]"
           within fetch(:sites_available) do
-            execute :sudo, :rm, fetch(:application)
+            arguments = :rm, fetch(:application)
+            add_sudo_if_required arguments, 'nginx:sites:remove', :nginx_sites_available_dir
+            execute *arguments
           end
         end
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: capistrano3-nginx
 version: !ruby/object:Gem::Version
-  version: 2.0.3
+  version: 2.0.4
 platform: ruby
 authors:
 - Juan Ignacio Donoso
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-11-17 00:00:00.000000000 Z
+date: 2014-12-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capistrano
@@ -45,6 +45,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- .gitignore
 - Gemfile
 - LICENSE
 - LICENSE.txt