danarchy_deploy 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: bc77046b77757e8d847424bced87d9b0a78131a9
+  data.tar.gz: f07bf23008b48a3dd3f84b35d1bd87cb9e0a379a
+SHA512:
+  metadata.gz: d017636ab2096321579edeb48973913374dd23680328fafada853012394af638c80e9e107b21cfaad81b10a6bc51e93f937e5c81b2368bcfe0a0b3430a399d9a
+  data.tar.gz: 91523adf0a963049251406efe47516c91689f89f0a1b423870c71ddb56a65f3fddeefc6541e2da26a62afd0f5b190e1e5a53190bcee332ee2d2b6439473c55e7

data/.gitignore

@@ -0,0 +1,11 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.2.8
+before_install: gem install bundler -v 1.16.0

data/Gemfile

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+
+# git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in danarchy_deploy.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,37 @@
+PATH
+  remote: .
+  specs:
+    danarchy_deploy (0.1.0)
+      danarchy_couchdb (~> 0.1.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    danarchy_couchdb (0.1.2)
+    diff-lcs (1.3)
+    rake (10.5.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.1)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.16)
+  danarchy_deploy!
+  rake (~> 10.0)
+  rspec (~> 3.0)
+
+BUNDLED WITH
+   1.16.1

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 Dan Heneise
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,46 @@
+# DanarchyDeploy
+
+dAnarchy Deploy is a template-driven Ruby gem to deploy locally or remotely to Gentoo systems (and debian/ubuntu, more being added). This can take a .JSON or .YAML input file, or a CouchDB connection as a deployment template and install necessary packages, add users and groups, write ERB templates, and decompress tar/zip archives. More documentation incoming.
+
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'danarchy_deploy'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install danarchy_deploy
+
+!! Since dAnarchy Deploy takes several actions that require root/sudo access, I install the gem with sudo as any remote deployment will on the target host:
+
+    $ sudo gem install danarchy_deploy
+
+
+## Usage
+
+dAnarchy Deploy usage info can be read with -h/--help:
+```ruby
+$ danarchy_deploy -h
+Usage: sudo /usr/local/bin/danarchy_deploy (local|remote) --json /path/to/deployment.json [options]
+	-j, --json=file                  Read configuration from JSON file.
+	-y, --yaml=file                  Read configuration from YAML file.
+	-p, --pretend                    Pretend run: Don't take any action.
+	-f, --first-run                  First Run: Run as a first run causing services to run all init actions.
+	-d, --deploy-dir                 Deployment directory. Defaults to '/danarchy/deploy'.
+	--ssh-verbose                Verbose SSH stdout/stderr output.
+	--version                    Print /usr/local/bin/danarchy_deploy version.
+	-h, --help                       Print this help info.
+
+DanarchyDeploy: 0.1.0
+Exiting! Must be run with sudo!
+```
+
+More documentation incoming...

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/danarchy_deploy

@@ -0,0 +1,114 @@
+#!/usr/bin/env ruby
+require_relative '../lib/danarchy_deploy'
+require 'danarchy_couchdb'
+require 'date'
+require 'optparse'
+
+deployment = nil
+options = { couchdb: "/home/#{ENV['SUDO_USER']}/.danarchy/danarchy_deploy/danarchy_deploy.json",
+            deploy_dir: '/danarchy/deploy',
+            deploy_file: nil,
+            pretend: false,
+            ssh_verbose: false,
+            first_run: false }
+
+ARGV.push('--help') if ARGV.empty?
+optparse = OptionParser.new do |opts|
+  opts.banner = "Usage: sudo #{$PROGRAM_NAME} (local|remote) --json /path/to/deployment.json [options]"
+
+  opts.on('-j=file', '--json=file', 'Read configuration from JSON file.') do |file|
+    require 'json'
+    options[:deploy_file] = file
+    deployment = JSON.parse(File.read(file), symbolize_names: true)
+  end
+
+  opts.on('-y=file', '--yaml=file', 'Read configuration from YAML file.') do |file|
+    require 'yaml'
+    options[:deploy_file] = file
+    deployment = YAML.load_file(file)
+  end
+
+  opts.on('-p', '--pretend', 'Pretend run: Don\'t take any action.') do |val|
+    options[:pretend] = true
+  end
+
+  opts.on('-f', '--first-run', 'First Run: Run as a first run causing services to run all init actions.') do |val|
+    options[:first_run] = true
+  end
+
+  opts.on('-d', '--deploy-dir', "Deployment directory. Defaults to '/danarchy/deploy'.") do |val|
+    options[:deploy_dir] = val.gsub(/\/$/, '')
+  end
+
+  opts.on('--ssh-verbose', "Verbose SSH stdout/stderr output.") do |val|
+    options[:ssh_verbose] = true
+  end
+
+  opts.on('--version', "Print #{$PROGRAM_NAME} version.") do |val|
+    puts "DanarchyDeploy: #{DanarchyDeploy::VERSION}"
+  end
+
+  opts.on('-h', '--help', 'Print this help info.') do |val|
+    puts opts, ''
+  end
+end.parse!
+
+puts "DanarchyDeploy: #{DanarchyDeploy::VERSION}"
+abort('Exiting! Must be run with sudo!') if Process.uid != 0
+
+location = ARGV.delete('remote') || ARGV.delete('local') || abort("ERROR: Need an option 'local' or 'remote' to know what to do!")
+cdb_config = File.exist?(options[:couchdb]) ? JSON.parse(File.read(options[:couchdb]), symbolize_names: true)[:couchdb] : nil
+cdb = DanarchyCouchDB::Connection.new(cdb_config) if cdb_config
+
+if !deployment && !options[:deploy_file] && cdb
+  deployment_name = ARGV.shift
+  abort("Need a deployment name!") if !deployment_name
+  puts "DanarchyCouchDB: #{DanarchyCouchDB::VERSION}"
+  puts "CouchDB connection found! Loading deployment for #{cdb_config[:database]}:#{deployment_name}"
+  deployment = cdb.get(cdb_config[:database], deployment_name)
+  abort("ERROR: Deployment #{deployment_name} => #{deployment[:reason]}") if deployment[:error]
+  puts "Found deployment: #{deployment[:_id]} | rev => #{deployment[:_rev]}"
+  options[:deploy_file] = "#{options[:deploy_dir]}/#{deployment_name}/#{deployment_name}.json"
+  puts "Temp JSON path: #{options[:deploy_file]}"
+  File.write(options[:deploy_file], deployment.to_json)
+end  
+
+if !deployment[:last_deploy] || deployment[:last_deploy].empty?
+  puts "This looks like a first-time run since a last_deploy time wasn't found."
+  options[:first_run] = true
+end
+  
+if location == 'remote'
+  deployment = DanarchyDeploy::RemoteDeploy.new(deployment, options)
+elsif location == 'local'
+  puts "Deploying #{deployment[:hostname]} locally to #{`hostname`.chomp}."
+
+  if !options[:pretend]
+    puts ' ! Ctrl-c out if this is not what you want to do!'
+    10.downto(0) do |i|
+      trap('SIGINT') { abort("\nExiting!") }
+      print "\rDeploying in #{i} seconds"
+      sleep(1)
+    end
+
+    puts "\nDeploying!"
+  end
+
+  deployment = DanarchyDeploy::LocalDeploy.new(deployment, options)
+end
+
+if deployment && cdb && !options[:pretend]
+  puts "Saving deployment to CouchDB."
+  old_rev = cdb.get(cdb_config[:database], deployment_name)[:_rev]
+  save = cdb.put(cdb_config[:database], deployment[:_id], deployment)
+
+  if save[:ok] == true
+    puts '   |+ Saved deployment to CouchDB!'
+    puts "      |_id:  #{save[:id]}"
+    puts "      |_rev: #{save[:rev]}\n\n"
+  else
+    puts '   ! Unable to save deployment to CouchDB'
+    puts "      |_error: #{save[:error]}"
+    puts "      |_rev:   #{old_rev[:rev]}\n\n"
+  end
+end

data/bin/danarchy_deploy-console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "danarchy_deploy"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/danarchy_deploy.gemspec

@@ -0,0 +1,36 @@
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "danarchy_deploy/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "danarchy_deploy"
+  spec.version       = DanarchyDeploy::VERSION
+  spec.authors       = ["Dan James"]
+  spec.email         = ["dan@danarchy.me"]
+
+  spec.summary       = %q{Pushes deployments locally or remotely based on a JSON/YAML/CouchDB template.}
+  spec.description   = %q{DanarchyDeploy intends to simplify Gentoo Linux (and other distro) deployments down to a single template from an input JSON or YAML file, or from a CouchDB file.}
+  spec.homepage      = "https://github.com/danarchy85/danarchy_deploy"
+  spec.license       = "MIT"
+
+  if spec.respond_to?(:metadata)
+    spec.metadata["allowed_push_host"] = "https://rubygems.org"
+  else
+    raise "RubyGems 2.0 or newer is required to protect against " \
+      "public gem pushes."
+  end
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = "bin"
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "danarchy_couchdb", "~> 0.1.0"
+
+  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

data/lib/danarchy_deploy.rb

@@ -0,0 +1,130 @@
+require_relative 'danarchy_deploy/version'
+
+module DanarchyDeploy
+  require_relative './danarchy_deploy/archiver'
+  require_relative './danarchy_deploy/groups'
+  require_relative './danarchy_deploy/helpers'
+  require_relative './danarchy_deploy/installer'
+  require_relative './danarchy_deploy/users'
+  require_relative './danarchy_deploy/services'
+  require_relative './danarchy_deploy/templater'
+
+  class LocalDeploy
+    def self.new(deployment, options)
+      puts "\n" + self.name
+      puts "Pretend run! Not making any changes." if options[:pretend]
+        
+      puts 'Begining Deployment:'
+      printf("%12s %0s\n", 'Hostname:', deployment[:hostname])
+      printf("%12s %0s\n", 'OS:', deployment[:os])
+      printf("%12s %0s\n", 'Packages:', deployment[:packages].join(', ')) if deployment[:packages]
+
+      deployment = DanarchyDeploy::Installer.new(deployment, options)
+      deployment = DanarchyDeploy::Services.new(deployment, options)  if deployment[:services]
+      deployment = DanarchyDeploy::Groups.new(deployment, options)    if deployment[:groups]
+      deployment = DanarchyDeploy::Users.new(deployment, options)     if deployment[:users]
+      deployment = DanarchyDeploy::Services.init(deployment, options) if deployment[:services]
+
+      deployment[:last_deploy] = DateTime.now.strftime("%Y/%m/%d %H:%M:%S")
+      puts "\nFinished Local Deployment at #{deployment[:last_deploy]}!"
+      File.write(options[:deploy_file], deployment.to_json) if options[:deploy_file].end_with?('.json')
+      File.write(options[:deploy_file], deployment.to_yaml) if options[:deploy_file].end_with?('.yaml')
+      deployment
+    end
+  end
+
+  class RemoteDeploy
+    def self.new(deployment, options)
+      puts "\n" + self.name
+      options[:working_dir] = options[:deploy_dir] + '/' + deployment[:hostname]
+      connector = { hostname: deployment[:hostname],
+                    ipv4:     deployment[:ipv4],
+                    ssh_user: deployment[:ssh_user],
+                    ssh_key:  deployment[:ssh_key] }
+
+      install_gem(connector, options)
+      push_deployment(connector, options)
+      deploy_result = remote_LocalDeploy(connector, options)
+
+      if deploy_result[:stderr]
+        puts '   ! Deployment failed!'
+        abort("STDERR:\n#{deploy_result[:stderr]}")
+      else
+        puts deploy_result[:stdout]
+      end
+
+      pull_deployment(connector, options)
+      remote_Cleanup(connector, options)
+
+      puts "\nRemote deployment complete!"
+      deployment = JSON.parse(File.read(options[:deploy_file]), symbolize_names: true) if options[:deploy_file].end_with?('.json')
+      deployment = YAML.load_file(options[:deploy_file]) if options[:deploy_file].end_with?('.yaml')
+      deployment
+    end
+
+    private
+    def self.install_gem(connector, options)
+      puts "\n > Installing danarchy_deploy on #{connector[:hostname]}"
+      install_result = DanarchyDeploy::Helpers.run_command("ssh -i #{connector[:ssh_key]} #{connector[:ssh_user]}@#{connector[:ipv4]} -o ConnectTimeout=30 'sudo gem install -f danarchy_deploy && test -d #{options[:working_dir]} || sudo mkdir -vp #{options[:working_dir]} && sudo chown -Rc #{connector[:ssh_user]}:#{connector[:ssh_user]} #{options[:working_dir]}'", options)
+
+      if install_result[:stderr]
+        puts '   ! Gem install failed!'
+        abort("STDERR:\n#{install_result[:stderr]}")
+      else
+        puts "   |+ Gem installed!"
+      end
+    end
+
+    # Add ssh-keygen function, then update 
+    def self.push_deployment(connector, options)
+      puts "\n > Pushing deployment: #{options[:deploy_file]}"
+      push_result = DanarchyDeploy::Helpers.run_command("rsync --rsh 'ssh -i #{connector[:ssh_key]}' -Havzu --delete #{options[:working_dir]}/ #{connector[:ssh_user]}@#{connector[:ipv4]}:#{options[:working_dir]}/", options)
+      # push_result = DanarchyDeploy::Helpers.run_command("scp -i #{connector[:ssh_key]} #{options[:deploy_file]} #{connector[:ssh_user]}@#{connector[:ipv4]}:#{options[:deploy_dir]}/#{connector[:hostname]}/", options)
+      
+      if push_result[:stderr]
+        puts '   ! Deployment push failed!'
+        abort("STDERR:\n#{push_result[:stderr]}")
+      else
+        puts "   |+ Deployment pushed!"
+      end
+    end
+
+    def self.remote_LocalDeploy(connector, options)
+      puts "\n > Running LocalDeploy on #{connector[:hostname]}\n\tOutput will return at the end of deployment."
+
+      deployment =  "ssh -i #{connector[:ssh_key]} #{connector[:ssh_user]}@#{connector[:ipv4]} 'sudo danarchy_deploy local "
+      deployment += '--first-run '   if options[:first_run]
+      deployment += '--ssh-verbose ' if options[:ssh_verbose]
+      deployment += '--pretend '     if options[:pretend]
+      deployment += '--json '        if options[:deploy_file].end_with?('.json')
+      deployment += '--yaml '        if options[:deploy_file].end_with?('.yaml')
+      deployment += options[:deploy_file] + '\''
+
+      DanarchyDeploy::Helpers.run_command(deployment, options)
+    end
+
+    def self.pull_deployment(connector, options)
+      puts "\n > Pulling deployment: #{options[:deploy_file]}"
+      pull_result = DanarchyDeploy::Helpers.run_command("scp -i #{connector[:ssh_key]} #{connector[:ssh_user]}@#{connector[:ipv4]}:#{options[:deploy_file]} #{options[:deploy_file]}", options)
+      
+      if pull_result[:stderr]
+        puts '   ! Deployment pull failed!'
+        abort("STDERR:\n#{pull_result[:stderr]}")
+      else
+        puts "   |+ Deployment pulled!"
+      end
+    end
+
+    def self.remote_Cleanup(connector, options)
+      puts "\n > Cleaning up: #{options[:deploy_dir]}"
+      cleanup_result = DanarchyDeploy::Helpers.run_command("ssh -i #{connector[:ssh_key]} #{connector[:ssh_user]}@#{connector[:ipv4]} 'sudo rm -rfv #{options[:working_dir]}'", options)
+
+      if cleanup_result[:stderr]
+        puts '   ! Deployment cleanup failed!'
+        abort("STDERR:\n#{cleanup_result[:stderr]}")
+      else
+        puts "   |+ Deployment cleaned up!"
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/archiver.rb

@@ -0,0 +1,70 @@
+
+module DanarchyDeploy
+  class Archiver
+    def self.new(archives, options)
+      puts "\n" + self.name
+
+      archives.each do |archive|
+        abort("No target destination set for archive: #{archive[:source]}!") if !archive[:target]
+
+        tmparchive = false
+        if !archive[:source]
+          archive[:source] = options[:deploy_dir] + "/.tmp_archive_#{DateTime.now.strftime("%Y%m%d_%H%M%S")}"
+          tmparchive = true
+        end
+
+        if archive[:data]
+          data = DanarchyDeploy::Helpers.decode_base64(archive[:data])
+          write_tmp_archive(archive[:source], data)
+        end
+        
+        puts " > Extracting #{archive[:source]} to #{archive[:target]}"
+
+        if !File.exist?(archive[:source])
+          puts "    ! Source file not found!: #{archive[:source]}"
+          return false
+        end
+
+        Dir.exist?(archive[:target]) || FileUtils.mkdir_p(archive[:target])
+        command = prep_extraction(archive, options)
+        archive_result = DanarchyDeploy::Helpers.run_command(command, options)
+
+        if archive_result[:stderr]
+          puts '   ! Archive extraction failed!'
+          abort("STDERR:\n#{archive_result[:stderr]}")
+        else
+          puts "   |+ Archive extracted: #{archive[:source]}\n"
+        end
+
+        cleanup_source_archive(archive[:source]) if tmparchive
+      end
+    end
+
+    private
+    def self.prep_extraction(archive, options)
+      file_type = `file #{archive[:source]}`
+      command = 'tar xvf '  if file_type.include?('POSIX tar archive')
+      command = 'tar xvfj ' if file_type.include?('bzip2 compressed data')
+      command = 'tar xvfz ' if file_type.include?('gzip compressed data')
+      command = 'unzip '    if file_type.include?('Zip archive data')
+
+      if options[:pretend]
+        command  = command.gsub(/x/, 't') if command.start_with?('tar')
+        command += '-t ' if command.start_with?('unzip')
+      end
+
+      command += archive[:source]
+      command += " -C #{archive[:target]}" if command.start_with?('tar')
+      command += " -d #{archive[:target]}" if command.start_with?('unzip')
+      command
+    end
+
+    def self.write_tmp_archive(source, data)
+      File.write(source, data)
+    end
+
+    def self.cleanup_source_archive(source)
+      File.delete(source)
+    end
+  end
+end

data/lib/danarchy_deploy/groups.rb

@@ -0,0 +1,49 @@
+
+module DanarchyDeploy
+  class Groups
+    def self.new(deployment, options)
+      puts "\n" + self.name
+      (groupadd_result, groupdel_result) = nil
+
+      deployment[:groups].each do |group|
+        puts " > Checking if group '#{group[:groupname]}' already exists."
+        groupcheck_result = groupcheck(group, options)
+
+        if groupcheck_result[:stdout]
+          puts "   - Group: #{group[:groupname]} already exists!"
+        else
+          puts "   |+ Adding group: #{group[:groupname]}"
+          groupadd_result = groupadd(group, options)
+        end
+      end
+
+      # [groupadd_result, groupdel_result]
+      deployment
+    end
+
+    private
+    def self.groupadd(group, options)
+      groupadd_cmd  = "groupadd #{group[:groupname]} "
+      groupadd_cmd += "--gid #{group[:gid]} " if group[:gid]
+      groupadd_cmd += "--system " if group[:system]
+      if options[:pretend]
+        puts "\tFake run: #{groupadd_cmd}"
+      else
+        DanarchyDeploy::Helpers.run_command(groupadd_cmd, options)
+      end
+    end
+
+    def self.groupdel(group, options)
+      groupdel_cmd = "groupdel #{group[:groupname]}"
+      if options[:pretend]
+        puts "\tFake run: #{groupdel_cmd}"
+      else
+        DanarchyDeploy::Helpers.run_command(groupdel_cmd, options)
+      end
+    end
+
+    def self.groupcheck(group, options)
+      DanarchyDeploy::Helpers.run_command("/usr/bin/getent group #{group[:groupname]}", options)
+    end
+  end
+end

data/lib/danarchy_deploy/helpers.rb

@@ -0,0 +1,28 @@
+require 'open3'
+
+module DanarchyDeploy
+  class Helpers
+    def self.run_command(command, options)
+      pid, stdout, stderr = nil
+      printf("%14s %0s\n", 'Running:', "#{command}")
+      Open3.popen3(command) do |i, o, e, t|
+        pid    = t.pid
+        (out, err) = o.read, e.read
+        stdout = !out.empty? ? out : nil
+        stderr = !err.empty? ? err : nil
+      end
+
+      if options[:ssh_verbose]
+        puts "------\nSTDOUT: ", stdout, '------' if stdout
+        puts "------\nSTDERR: ", stderr, '------' if stderr
+      end
+      
+      { pid: pid, stdout: stdout, stderr: stderr }
+    end
+
+    def self.decode_base64(data)
+      require 'base64'
+      Base64.decode64(data)
+    end
+  end
+end

data/lib/danarchy_deploy/installer.rb

@@ -0,0 +1,86 @@
+
+module DanarchyDeploy
+  class Installer
+    def self.new(deployment, options)
+      # available opts: { pretend: true|false }
+      abort('Operating System not defined! Exiting!') if !deployment[:os]
+      puts "\n" + self.name
+
+      os = deployment[:os]
+      packages = deployment[:packages]
+      installer, updater, cleaner, packages = prep_operating_system(os, packages, options)
+      install_result = nil
+      if packages
+        install_result = DanarchyDeploy::Helpers.run_command("#{installer} #{packages}", options)
+      else
+        puts 'No packages to install.'
+      end
+
+      if !options[:pretend]
+        puts "\nRunning system updates..."
+        updater_result = DanarchyDeploy::Helpers.run_command(updater, options)
+        puts updater_result[:stdout] if updater_result[:stdout]
+        puts "\nCleaning up unused packages..."
+        cleanup_result = DanarchyDeploy::Helpers.run_command(cleaner, options)
+        puts cleanup_result[:stdout] if cleanup_result[:stdout]
+      end
+
+      # [install_result, cleanup_result, updater_result]
+      deployment
+    end
+
+    private
+    def self.prep_operating_system(os, packages, options)
+      (installer, updater, cleaner) = nil
+      if os.downcase == 'gentoo'
+        puts "#{os.capitalize} detected! Using emerge."
+
+        if packages
+          installer  =  'emerge --usepkg --quiet --noreplace '
+          installer += '--pretend ' if options[:pretend]
+
+          packages.each do |pkg|
+            IO.popen("qlist -I #{pkg}") do |o|
+              packages.delete(pkg) if !o.read.empty?
+            end
+          end
+        end
+
+        cleaner  = 'emerge --depclean --quiet '
+        cleaner += '--pretend ' if options[:pretend]
+
+        updater  = 'emerge --update --deep --newuse --quiet --with-bdeps=y @world'
+        updater += ' --pretend' if options[:pretend]
+      elsif %w[debian ubuntu].include?(os.downcase)
+        puts "#{os.capitalize} detected! Using apt."
+        installer  = 'export DEBIAN_FRONTEND=noninteractive ; apt install -y -qq '
+        installer += '--dry-run ' if options[:pretend]
+        updater = 'apt-get upgrade -y -qq'
+        cleaner = 'apt-get autoclean -y -qq'
+      elsif os.downcase == 'opensuse'
+        puts "#{os.capitalize} detected! Using zypper."
+        installer = 'zypper install '
+        updater = nil
+        cleaner = nil
+        # Needs package checking & testing
+      elsif %w[centos redhat].include?(os.downcase)
+        # needs more testing
+        puts "#{os.capitalize} detected! Using yum."
+        if packages
+          installer = 'yum install -y '
+
+          packages.each do |pkg|
+            IO.popen("rpm -q #{pkg}") do |o|
+              packages.delete(pkg) if !o.read.include?('not installed')
+            end
+          end
+        end
+
+        updater = nil
+        cleaner = nil
+      end
+
+      [installer, updater, cleaner, packages.join(' ')]
+    end
+  end
+end

data/lib/danarchy_deploy/services.rb

@@ -0,0 +1,51 @@
+
+module DanarchyDeploy
+  class Services
+    def self.new(deployment, options)
+      puts "\n" + self.name
+
+      deployment[:services].each do |service, params|
+        puts "Configuring service: #{service}"
+
+        if params[:templates] && !params[:templates].empty?
+          puts " > COnfiguring templates for #{service}"
+          DanarchyDeploy::Templater.new(params[:templates], options)
+        end
+
+        if params[:archives] && !params[:archives].empty?
+          puts "\n" + self.name
+          puts " > Deploying archives for #{service}"
+          DanarchyDeploy::Archiver.new(params[:archives], options)
+        end
+      end
+
+      deployment
+    end
+
+    private
+    def self.init(deployment, options)
+      puts "\n" + self.name
+
+      deployment[:services].each do |service, params|
+        next if !params[:init]
+        if options[:first_run] == false
+          puts "    ! Not a first-time run! Setting actions to 'reload'.\n\tUse --first-run to run actions: #{params[:init].join(' ,')}\n"
+          params[:init] = ['reload']
+        end
+
+        params[:init].each do |action|
+          puts " > Taking action: #{action} on #{service}"
+          command = "systemctl #{action} #{service}"
+
+          if options[:pretend]
+            puts "    Fake run: #{command}\n"
+          else
+            DanarchyDeploy::Helpers.run_command(command, options)
+          end
+        end
+      end
+
+      deployment
+    end
+  end
+end

data/lib/danarchy_deploy/templater.rb

@@ -0,0 +1,164 @@
+require 'erb'
+require 'fileutils'
+
+module DanarchyDeploy
+  class Templater
+    def self.new(templates, options)
+      puts "\n" + self.name
+
+      templates.each do |template|
+        abort("No target destination set for template: #{template[:source]}!") if !template[:target]
+        abort("No source or data for template: #{template[:target]}") if !template[:source] && !template[:data]
+        
+        target = template[:target]
+        source = template[:source] || '-- encoded data --'
+        dir_perms = template[:dir_perms]
+        file_perms = template[:file_perms]
+        @variables = template[:variables] || nil
+        puts "\n >  Checking: #{target}"
+        puts "    Source:   #{source}"
+        puts "    |> Dir  Permissions: #{dir_perms || '--undefined--'}"
+        puts "    |> File Permissions: #{file_perms || '--undefined--'}"
+        puts "    |> Variables: #{@variables}" if @variables
+
+        targetdir = File.dirname(target)
+        tmpdir = options[:deploy_dir] + '/' + File.basename(File.dirname(target))
+        p tmpdir
+        Dir.exist?(targetdir) || FileUtils.mkdir_p(targetdir, mode: 0755)
+        Dir.exist?(tmpdir) || FileUtils.mkdir_p(tmpdir, mode: 0755)
+        tmpfile = tmpdir + '/' + File.basename(target) + '.tmp'
+
+        if source == '-- encoded data --'
+          data = DanarchyDeploy::Helpers.decode_base64(template[:data])
+          source = tmpfile + '.erb'
+          write_tmpfile(source, data)
+        end
+
+        File.open(tmpfile, 'w') do |f|
+          result = ERB.new(File.read(source)).result(binding)
+          f.write(result)
+          f.close
+        end
+
+        result = { write_erb: [], verify_permissions: {} }
+        if options[:pretend]
+          diff(target, tmpfile)
+          puts "\n   - Fake Run: Not changing '#{target}'."
+          result[:verify_permissions][File.dirname(tmpfile)] = verify_permissions(File.dirname(tmpfile), dir_perms, options)
+          result[:verify_permissions][tmpfile] = verify_permissions(tmpfile, file_perms, options)
+        elsif md5sum(target,tmpfile) == true
+          puts "\n   - No change in '#{target}': Nothing to update here."
+          result[:verify_permissions][File.dirname(target)] = verify_permissions(File.dirname(target), dir_perms, options)
+          result[:verify_permissions][target] = verify_permissions(target, file_perms, options)
+        else
+          diff(target, tmpfile)
+          result[:write_erb] = enable_erb(target, tmpfile)
+          puts " => #{target} was updated!"
+          result[:verify_permissions][File.dirname(target)] = verify_permissions(File.dirname(target), dir_perms, options)
+          result[:verify_permissions][target] = verify_permissions(target, file_perms, options)
+        end
+
+        FileUtils.rm_rf(File.dirname(tmpfile))
+        result
+      end
+    end
+
+    private
+    def self.verify_permissions(target, perms, options)
+      (owner, group, mode) = nil
+      chmod = nil
+      puts "\n >  Verifying ownership and permissions for '#{target}'"
+      if perms
+        (owner, group, mode) = perms[:owner], perms[:group], perms[:mode]
+      else
+        if File.stat(target).mode & 07777 == '0777'.to_i(8)
+          puts "     ! '#{target}' has 0777 permissions! Setting those to something more sane."
+          if File.ftype(target) == 'directory'
+            puts "    |+ Setting file mode to: 0775"
+            chmod = File.chmod(0775, target) ? true : false if !options[:pretend]
+          elsif  File.ftype(target) == 'file'
+            puts "    |+ Setting file mode to: 0644"
+            chmod = File.chmod(0644, target) ? true : false if !options[:pretend]
+          end
+        else
+          puts "    - Permissions were not defined for '#{target}'! Leaving them alone."
+        end
+
+        return [chmod]
+      end
+
+      (owner, uid, group, gid) = check_user_group(owner, group)
+
+      updated = []
+      file_stat = File.stat(target)
+      if file_stat.uid != uid || file_stat.gid != gid
+        puts "    |+ Setting ownership to: #{owner}:#{group}"
+        chown = File.chown(uid, gid, target) ? true : false if !options[:pretend]
+        updated.push(chown)
+      end
+
+      if file_stat.mode & 07777 != mode.to_i(8)
+        puts "    |+ Setting file mode to: #{mode}"
+        chmod = File.chmod(mode.to_i(8), target) ? true : false if !options[:pretend]
+        updated.push(chmod)
+      end
+
+      updated
+    end
+
+    def self.check_user_group(owner, group)
+      (uid, gid) = nil
+
+      IO.popen("id -u #{owner} 2>/dev/null") do |id|
+        uid = id.gets
+        if uid == nil
+          puts "     ! User:  #{owner} not found! Using: 'root'"
+          owner = 'root'
+          uid = 0
+        end
+        uid = uid.chomp.to_i if uid.class == String
+      end
+
+      IO.popen("id -g #{group} 2>/dev/null") do |id|
+        gid = id.gets
+        if gid == nil
+          puts "     ! Group: #{group} not found! Using: 'root'"
+          group = 'root'
+          gid = 0
+        end
+        gid = gid.chomp.to_i if gid.class == String
+      end
+
+      [owner, uid, group, gid]
+    end
+
+    def self.md5sum(target, tmpfile)
+      if File.exist?(target) && File.exist?(tmpfile)
+        FileUtils.identical?(target, tmpfile)
+      elsif File.exist?(target) && !File.exist?(tmpfile)
+        return false
+      end
+    end
+
+    def self.diff(target, tmpfile)
+      if File.exist?(target) && File.exist?(tmpfile)
+        puts "\n    !! Diff between #{target} <=> #{tmpfile}"
+        IO.popen("diff -Naur #{target} #{tmpfile}") do |o|
+          puts o.read
+        end
+        puts "\n    !! End Diff \n\n"
+      elsif File.exist?(target) && !File.exist?(tmpfile)
+        return false
+      end
+    end
+
+    def self.enable_erb(target, tmpfile)
+      puts "\n    |+ Moving #{tmpfile} => #{target}"
+      system("mv #{tmpfile} #{target}")
+    end
+
+    def self.write_tmpfile(source, data)
+      File.write(source, data)
+    end
+  end
+end

data/lib/danarchy_deploy/users.rb

@@ -0,0 +1,138 @@
+
+module DanarchyDeploy
+  class Users
+    def self.new(deployment, options)
+      puts "\n" + self.name
+      (useradd_result, userdel_result, archives_result) = nil
+
+      deployment[:users].each do |user|
+        puts " > Checking if user '#{user[:username]}' already exists."
+        usercheck_result = usercheck(user, options)
+
+        if usercheck_result[:stdout]
+          puts "   - User: #{user[:username]} already exists!"
+        else
+          group = { groupname: user[:username] }
+          group[:gid] = user[:gid] ? user[:gid] : nil
+          group[:system] = user[:system] ? user[:system] : nil
+
+          groupcheck_result = DanarchyDeploy::Groups.groupcheck(group, options)
+          if !groupcheck_result[:stdout] && group[:gid]
+            puts "   |+ Adding group: #{group[:groupname]}"
+            DanarchyDeploy::Groups.groupadd(group, options)
+          end
+
+          puts "   |+ Adding user: #{user[:username]}"
+          useradd_result = useradd(user, options)
+        end
+
+        if !options[:pretend]
+          puts "\n > Checking groups for user: #{user[:username]}"
+          if user[:groups] && checkgroups(usercheck_result, user, options) == false
+            updategroups(user, options)
+            puts "   |+ Updated groups: #{user[:groups].join(',')}"
+          else
+            puts "   - No change to groups needed."
+          end
+
+          if user[:authorized_keys]
+            puts "\n > Checking on #{user[:authorized_keys].count} authorized_keys for user: #{user[:username]}"
+            authorized_keys(user)
+          end
+          
+          if user[:sudoer]
+            puts "\n > Checking sudo rules for user: #{user[:username]}"
+            sudoer(user)
+          end
+        end
+
+        if user[:archives] && !user[:archives].empty?
+          puts " > Deploying archives for #{user[:username]}"
+          DanarchyDeploy::Archiver.new(user[:archives], options)
+        end
+      end
+
+      # [useradd_result, userdel_result]
+      deployment
+    end
+
+    private
+    def self.useradd(user, options)
+      useradd_cmd  = "useradd #{user[:username]} "
+      useradd_cmd += "--home-dir #{user[:home]} " if user[:home]
+      useradd_cmd += "--uid #{user[:uid]} " if user[:uid]
+      useradd_cmd += "--gid #{user[:gid]} " if user[:gid]
+      useradd_cmd += "--groups #{user[:groups].join(',')} " if user[:groups]
+      useradd_cmd += "--shell /sbin/nologin " if user[:nologin]
+      useradd_cmd += "--system " if user[:system]
+      if options[:pretend]
+        puts "\tFake run: #{useradd_cmd}"
+      else
+        DanarchyDeploy::Helpers.run_command(useradd_cmd, options)
+      end
+    end
+
+    def self.userdel(user, options)
+      userdel_cmd  = "userdel --remove #{user[:username]}"
+      if options[:pretend]
+        puts "\tFake run: #{userdel_cmd}"
+      else
+        DanarchyDeploy::Helpers.run_command(userdel_cmd, options)
+      end
+    end
+
+    def self.usercheck(user, options)
+      DanarchyDeploy::Helpers.run_command("id #{user[:username]}", options)
+    end
+
+    def self.checkgroups(usercheck_result, user, options)
+      return nil if !usercheck_result[:stdout]
+      livegroups = usercheck_result[:stdout].split(/\s+/).last.split('=').last.gsub(/\(([^)]*)\)/, '').split(',').map(&:to_i)
+      livegroups.delete(user[:gid])
+      livegroups.sort == user[:groups].sort
+    end
+
+    def self.updategroups(user, options)
+      groups = user[:groups].join(',')
+      groupupdate_cmd = "usermod #{user[:username]} --groups #{groups}"
+      if options[:pretend]
+        puts "\tFake run: #{groupupdate_cmd}"
+      else
+        DanarchyDeploy::Helpers.run_command(groupupdate_cmd, options)
+      end
+    end
+
+    def self.authorized_keys(user)
+      ssh_path = user[:home] + '/.ssh'
+      authkeys = ssh_path + '/authorized_keys'
+
+      Dir.exist?(ssh_path) || Dir.mkdir(ssh_path)
+      File.open(authkeys, 'a+') do |f|
+        user[:authorized_keys].each do |authkey|
+          if !f.read.include?(authkey)
+            puts "   + Adding authorized_key: #{authkey}"
+            f.puts authkey
+          else
+            puts '   - No change needed'
+          end
+        end
+
+        f.close
+      end
+    end
+
+    def self.sudoer(user)
+      sudoer_file = '/etc/sudoers.d/danarchy_deploy-' + user[:username]
+      File.open(sudoer_file, 'r+') do |f|
+        if !f.read.include?(user[:sudoer])
+          puts "   |+ Added: '#{user[:sudoer]}'"
+          f.puts user[:sudoer]
+        else
+          puts '   - No change needed'
+        end
+
+        f.close
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/version.rb

@@ -0,0 +1,3 @@
+module DanarchyDeploy
+  VERSION = "0.1.0"
+end

data/templates/deploy_template.json

@@ -0,0 +1,98 @@
+{
+  "hostname": "hostname",
+  "os": "gentoo|debian|ubuntu",
+  "ipv4": "IPv4 to use for deployment",
+  "ssh_user": "deploy-user",
+  "ssh_key": "/home/path/to/deploy-user/ssh_key.",
+  "packages": [
+    "package1",
+    "package2"
+  ],
+  "users": [
+    {
+      "username": "username",
+      "home": "/home/username",
+      "uid": int,
+      "gid": int,
+      "sudoer": "username ALL = NOPASSWD: ALL",
+      "ssh-authorized_keys": [
+	"ssh-ed25519 it0C5o6GHC8lxqctpexakfdA5o7LeSe+QbMhIl+GYtZ2OCMFliLsODDrrazR+u2y user@hostname",
+	"ssh-rsa K0APeEvotGunpBrl/LvSAG/gLUldCnOrL60v47QYjuqoGJmM3Fk8V29+8jZPp9Dl user@hostname"
+      ],
+      "groups": [
+	int,
+	int
+      ],
+      "archives": [
+	{
+	  "target": "/path/to/extract/to/",
+	  "source": "/path/to/tarball.(tar.{gz,bz2}|zip)"
+	},
+	{
+	  "target": "/path/to/extract/to/",
+	  "data": "couchdb:base64_encoded_data"
+	}
+      ]
+    }
+  ],
+  "groups": [
+    {
+    "groupname": "groupname",
+    "gid": int,
+    }
+  ],
+  "services": {
+    "service_name": {
+      "init": {
+        "service": [
+          "enable",
+          "restart"
+        ]
+      }
+      "archives": [
+	{
+	  "target": "/path/to/extract/to/",
+	  "source": "/path/to/tarball.(tar.{gz,bz2}|zip)"
+	},
+	{
+	  "target": "/path/to/extract/to/",
+	  "data": "couchdb:base64_encoded_data"
+	}
+      ],
+      "templates": [
+	{
+	  "target": "/path/to/target/file",
+	  "source": "/path/to/source/erb",
+	  "dir_perms": {
+            "owner": "username",
+            "group": "groupname",
+            "mode": "0755"
+	  },
+	  "file_perms": {
+            "owner": "username",
+            "group": "groupname",
+            "mode": "0644"
+	  },
+	  "variables": {
+	    "var1": "value",
+	    "var2": "value"
+	  }
+	},
+	{
+	  "target": "/path/to/target/file",
+	  "data": "couchdb:base64_encoded_erb",
+	  "dir_perms": {
+            "owner": "username",
+            "group": "groupname",
+            "mode": "0755"
+	  },
+	  "file_perms": {
+            "owner": "username",
+            "group": "groupname",
+            "mode": "0644"
+	  }
+	}
+      ]
+    }
+  }
+}

metadata

@@ -0,0 +1,127 @@
+--- !ruby/object:Gem::Specification
+name: danarchy_deploy
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Dan James
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-03-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: danarchy_couchdb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: DanarchyDeploy intends to simplify Gentoo Linux (and other distro) deployments
+  down to a single template from an input JSON or YAML file, or from a CouchDB file.
+email:
+- dan@danarchy.me
+executables:
+- danarchy_deploy
+- danarchy_deploy-console
+- setup
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/danarchy_deploy
+- bin/danarchy_deploy-console
+- bin/setup
+- danarchy_deploy.gemspec
+- lib/danarchy_deploy.rb
+- lib/danarchy_deploy/archiver.rb
+- lib/danarchy_deploy/groups.rb
+- lib/danarchy_deploy/helpers.rb
+- lib/danarchy_deploy/installer.rb
+- lib/danarchy_deploy/services.rb
+- lib/danarchy_deploy/templater.rb
+- lib/danarchy_deploy/users.rb
+- lib/danarchy_deploy/version.rb
+- templates/deploy_template.json
+homepage: https://github.com/danarchy85/danarchy_deploy
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.14
+signing_key: 
+specification_version: 4
+summary: Pushes deployments locally or remotely based on a JSON/YAML/CouchDB template.
+test_files: []