RubyGems - danarchy_deploy - Versions diffs - 0.1.2 → 0.2.1 - Mend

danarchy_deploy 0.1.2 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

checksums.yaml +5 -5
data/.gitignore +1 -0
data/Gemfile.lock +9 -20
data/README.md +10 -9
data/Rakefile +0 -4
data/bin/danarchy_deploy +24 -10
data/danarchy_deploy.gemspec +4 -3
data/lib/danarchy_deploy.rb +186 -55
data/lib/danarchy_deploy/applicator.rb +39 -0
data/lib/danarchy_deploy/applicator/nginx.rb +86 -0
data/lib/danarchy_deploy/applicator/phpfpm.rb +84 -0
data/lib/danarchy_deploy/applicator/redmine.rb +40 -0
data/lib/danarchy_deploy/applicator/ssl.rb +14 -0
data/lib/danarchy_deploy/applicator/wordpress.rb +146 -0
data/lib/danarchy_deploy/applicator/wordpress/wpcli.rb +67 -0
data/lib/danarchy_deploy/applicator/wordpress/wpcli_install.sh +36 -0
data/lib/danarchy_deploy/applicator/wordpress/wpconfig.rb +49 -0
data/lib/danarchy_deploy/archiver.rb +9 -7
data/lib/danarchy_deploy/archiver/svn.rb +17 -0
data/lib/danarchy_deploy/hash_deep_merge.rb +9 -0
data/lib/danarchy_deploy/helpers.rb +42 -10
data/lib/danarchy_deploy/installer.rb +2 -2
data/lib/danarchy_deploy/services.rb +12 -25
data/lib/danarchy_deploy/services/init.rb +52 -0
data/lib/danarchy_deploy/services/init/openrc.rb +72 -0
data/lib/danarchy_deploy/services/init/systemd.rb +69 -0
data/lib/danarchy_deploy/services/mongodb.rb +162 -0
data/lib/danarchy_deploy/services/mysql.rb +58 -0
data/lib/danarchy_deploy/services/mysql/new_server.rb +72 -0
data/lib/danarchy_deploy/services/mysql/privileges.rb +35 -0
data/lib/danarchy_deploy/system.rb +86 -0
data/lib/danarchy_deploy/system/centos.rb +17 -0
data/lib/danarchy_deploy/system/debian.rb +61 -0
data/lib/danarchy_deploy/system/gentoo.rb +66 -0
data/lib/danarchy_deploy/system/opensuse.rb +22 -0
data/lib/danarchy_deploy/templater.rb +53 -13
data/lib/danarchy_deploy/users.rb +29 -19
data/lib/danarchy_deploy/version.rb +1 -1
metadata +34 -12

data/lib/danarchy_deploy/services/mongodb.rb ADDED

@@ -0,0 +1,162 @@
+require 'mongo'
+module DanarchyDeploy
+  module Services
+    class MongoDB
+      def self.new(os, mongodb, options)
+        @mongodb = mongodb
+        @options = options
+        puts "\n" + self.name
+        puts "\n > Configuring MongoDB service."
+        DanarchyDeploy::Services::Init.init_manager(os, 'mongodb', 'start', options) if ! options[:pretend]
+        Mongo::Logger.logger.level = Logger::FATAL
+        mongodb_conf, updated_conf = self.load_mongodb_conf
+        host_port = mongodb_conf['net']['bindIp'].split(',').first + ':' + mongodb_conf['net']['port'].to_s
+        admin_user, new_admin   = self.load_admin_user
+        if new_admin == true
+          client = Mongo::Client.new(['127.0.0.1'], database: 'admin')
+          self.ensure_user(client.database, admin_user)
+        end
+        if ! options[:pretend] && updated_conf == true || new_admin == true
+          puts 'Stopping MongoDB'
+          DanarchyDeploy::Services::Init.init_manager(os, 'mongodb', 'stop', options)
+          self.save_mongodb_conf(mongodb_conf)
+          puts 'Starting MongoDB'
+          DanarchyDeploy::Services::Init.init_manager(os, 'mongodb', 'start', options)
+        end
+        client = Mongo::Client.new([host_port], database: 'admin',
+                                   user: admin_user[:user], password: Base64.decode64(admin_user[:password]))
+        self.ensure_user(client.database, admin_user)
+        if databases = @mongodb[:databases]
+          databases.each do |database, params|
+            print "\n   |+ Fake Run: " if options[:pretend]
+            puts "\n  Reviewing database: #{database}"
+            db = client.use(database).database
+            params[:users].each do |user|
+              puts "  > Checking user: #{user[:user]}"
+              self.ensure_user(db, user)
+            end
+          end
+        end
+      end
+      private
+      def self.load_mongodb_conf
+        updated_conf = false
+        @mongodb[:mongodb_conf] = @mongodb[:mongodb_conf] ?
+                                    @mongodb[:mongodb_conf] :
+                                    '/etc/mongodb.conf'
+        mongodb_conf = File.exist?(@mongodb[:mongodb_conf]) ? YAML.load_file(@mongodb[:mongodb_conf]) : Hash.new
+        generated_mongodb_conf = self.generate_mongodb_conf
+        updated_conf = mongodb_conf != generated_mongodb_conf
+        [generated_mongodb_conf, updated_conf]
+      end
+      def self.generate_mongodb_conf
+        if ! File.readlines('/etc/security/limits.conf').grep(/mongodb/)
+          entry =  'mongodb         soft     nofile          32000'
+          entry += 'mongodb         hard     nofile          64000'
+          File.open('/etc/security/limits.conf', 'a+') do |f|
+            f.write entry
+          end
+        end
+        mongodb_conf = {
+          'net'       => { 'port'    => 27017, 'bindIp' => '127.0.0.1' },
+          'storage'   => { 'dbPath' => '/var/lib/mongodb' },
+          'systemLog' => { 'destination' => 'file',
+                           'path'        => '/var/log/mongodb/mongodb.log',
+                           'quiet'       => true,
+                           'logAppend'   => true }
+        }
+        if @mongodb[:config]
+          mdb_conf = DanarchyDeploy::Helpers.hash_symbols_to_strings(@mongodb[:config])
+          mongodb_conf = mongodb_conf.deep_merge(mdb_conf)
+        end
+        mongodb_conf
+      end
+      def self.save_mongodb_conf(mongodb_conf)
+        if @options[:pretend]
+          puts "\n   |+ Fake run: Saving MongoDB Configuration"
+        else
+          puts 'Saving MongoDB Configuration'
+          File.write(@mongodb[:mongodb_conf], mongodb_conf.to_yaml)
+        end
+      end
+      # def self.ensure_admin_user(host_port, admin_user)
+      #   begin
+      #     client = Mongo::Client.new([host_port], database: 'admin',
+      #                                username: admin_user[:user], password: admin_user[:password])
+      #     database = client.database
+      #     database.users.info(admin_user[:user])
+      #   rescue Mongo::Auth::Unauthorized, Mongo::Error => e
+      #     puts e.message
+      #     if @options[:pretend]
+      #       puts "   |+ Fake Run:   Creating admin user #{admin_user[:user]}"
+      #     else
+      #       client = Mongo::Client.new([host_port], database: 'admin')
+      #       db = client.database
+      #       self.ensure_user(db, admin_user)
+      #     end
+      #   end
+      # end
+      def self.generate_admin_user
+        password = @mongodb[:admin_password] ?
+                     @mongodb[:admin_password].chomp :
+                     Base64.encode64(SecureRandom.base64(14)).chomp
+        { user:     "admin",
+          password: password,
+          roles: [{ role: "root", db: "admin" },
+                  { role: "userAdminAnyDatabase", db: "admin" },
+                  { role: "dbAdminAnyDatabase",   db: "admin" },
+                  { role: "readWriteAnyDatabase", db: "admin" }] }
+      end
+      def self.load_admin_user
+        admin_user = nil
+        new_user   = false
+        if File.exist?('/root/.mdb_admin_user.json')
+          admin_user = JSON.parse(File.read('/root/.mdb_admin_user.json'), symbolize_names: true)
+        else
+          admin_user = self.generate_admin_user
+          self.save_admin_user(admin_user) if ! @options[:pretend]
+          new_user = true
+        end
+        [admin_user, new_user]
+      end
+      def self.save_admin_user(admin_user)
+        File.write('/root/.mdb_admin_user.json', JSON.pretty_generate(admin_user))
+      end
+      def self.ensure_user(db, user)
+        puts user if @options[:vars_verbose]
+        password = Base64.decode64(user[:password]).chomp
+        if @options[:pretend]
+          puts "\n    |+ Fake Run: Creating/Updating user: #{user[:user]}"
+        elsif db.users.info(user[:user]).empty?
+          puts "\n    |+ Creating user: #{user[:user]}"
+          db.users.create(user[:user], password: password, roles: user[:roles])
+        else
+          puts "\n    |+ Updating user: #{user[:user]}"
+          db.users.update(user[:user], password: password, roles: user[:roles])
+        end
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/services/mysql.rb ADDED

@@ -0,0 +1,58 @@
+require_relative 'mysql/new_server'
+require_relative 'mysql/privileges'
+module DanarchyDeploy
+  module Services
+    class MySQL
+      def self.new(os, mysql, options)
+        puts "\n" + self.name
+        puts "\n > Configuring MySQL service."
+        mysql = self.set_parameters(mysql)
+        self.generate_my_cnf(mysql, options)
+        if File.exist?(mysql[:my_cnf]) && Dir.exist?(mysql[:datadir] + '/mysql')
+          puts "   |+ Using existing MySQL service."
+        else
+          MySQL::NewServer.new(os, mysql, options)
+        end
+        if mysql[:privileges]
+          puts "\n > Configuring MySQL Privileges"
+          MySQL::Privileges.new(mysql, options)
+        end
+      end
+      def self.set_parameters(mysql)
+        mysql[:default_file] = mysql[:default_file] ?
+                                 mysql[:default_file] :
+                                 '/root/.my.cnf'
+        mysql[:my_cnf] = mysql[:my_cnf] ?
+                           mysql[:my_cnf] :
+                           '/etc/mysql/my.cnf'
+        mysql[:datadir] = mysql[:datadir] ?
+                            mysql[:datadir] :
+                            '/var/lib/mysql'
+        mysql[:bind_address] = mysql[:bind_address] ?
+                                 mysql[:bind_address] :
+                                 '127.0.0.1'
+        mysql
+      end
+      def self.generate_my_cnf(mysql, options)
+        source = options[:deploy_dir] +
+                 '/templates/services/mysql/my.cnf.erb'
+        templates = [{ target: mysql[:my_cnf],
+                       source: source,
+                       variables: {
+                         datadir:      mysql[:datadir],
+                         bind_address: mysql[:bind_address] }
+                     }]
+        DanarchyDeploy::Templater.new(templates, options)
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/services/mysql/new_server.rb ADDED

@@ -0,0 +1,72 @@
+module DanarchyDeploy
+  module Services
+    class MySQL
+      class NewServer
+        def self.new(os, mysql, options)
+          self.generate_root_mycnf(mysql, options)
+          if os == 'gentoo'
+            self.gentoo_new_mysql(mysql, options)
+          elsif os == 'opensuse'
+            self.opensuse_new_mysql(mysql, options)
+          elsif %w[debian ubuntu].include?(os)
+            self.debian_new_mysql(mysql, options)
+          elsif %w[centos redhat].include?(os)
+            self.centos_new_mysql(mysql, options)
+          end
+        end
+        private
+        def self.gentoo_new_mysql(mysql, options)
+          puts "\n > Performing first time MySQL configuration."
+          cmd = 'emerge --config mariadb'
+          config_result = DanarchyDeploy::Helpers.run_command(cmd, options)
+          if config_result[:stderr]
+            abort('   |! ERROR: Failed to configure MySQL')
+          else config_result[:stdout]
+            puts "   |+ MySQL configured successfully"
+            puts config_result[:stdout]
+          end
+          puts "\n > Starting MySQL."
+          DanarchyDeploy::Services::Init.init_manager('gentoo', 'mysql', 'start', options)
+        end
+        def self.debian_new_mysql(mysql, options)
+          puts "   ! Debian/Ubuntu MySQL configuration not yet implemented!"
+        end
+        def self.centos_new_mysql(mysql, options)
+          puts "   ! CentOS/Redhat MySQL configuration not yet implemented!"
+        end
+        def self.opensuse_new_mysql(mysql, options)
+          puts "   ! OpenSUSE MySQL configuration not yet implemented!"
+        end
+        def self.generate_root_mycnf(mysql, options)
+          return if File.exist?(mysql[:default_file])
+          puts "   |+ Generating #{mysql[:default_file]} file."
+          password = SecureRandom.base64(14)
+          source = options[:deploy_dir] +
+                   '/templates/services/mysql/root_my.cnf.erb'
+          templates = [{ target: mysql[:default_file],
+                         source: source,
+                         variables: {
+                           host: 'localhost',
+                           user: 'root',
+                           pass: password,
+                           port: '3306' }
+                       }]
+          DanarchyDeploy::Templater.new(templates, options)
+        end
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/services/mysql/privileges.rb ADDED

@@ -0,0 +1,35 @@
+# require 'mysql2'
+# Need to run with CLI rather than Ruby gem to reduce dependencies when this isn't used.
+module DanarchyDeploy
+  module Services
+    class MySQL
+      class Privileges
+        def self.new(mysql, options)
+          sql_grants = sql_template(mysql, options)
+          run_sql_grants(mysql, sql_grants, options)
+        end
+        def self.sql_template(mysql, options)
+          sql_grants = '/root/.user_grants.sql'
+          source = options[:deploy_dir] +
+                   '/templates/services/mysql/user_db_grants.sql.erb'
+          templates = [{ target: sql_grants,
+                         source: source,
+                         variables: mysql[:privileges] }]
+          DanarchyDeploy::Templater.new(templates, options)
+          sql_grants
+        end
+        def self.run_sql_grants(mysql, sql_grants, options)
+          # Using CLI commands for now;
+          #   mysql2 requires mysql client be installed even if we won't be using it.
+          # client = Mysql2::Client.new(:default_file => default_file)
+          cmd = "mysql --defaults-file=#{mysql[:default_file]} -v < #{sql_grants}"
+          DanarchyDeploy::Helpers.run_command(cmd, options)
+        end
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/system.rb ADDED

@@ -0,0 +1,86 @@
+require_relative 'system/centos'
+require_relative 'system/debian'
+require_relative 'system/gentoo'
+require_relative 'system/opensuse'
+module DanarchyDeploy
+  module System
+    def self.new(deployment, options)
+      abort('Operating System not defined! Exiting!') if !deployment[:os]
+      puts "\n" + self.name
+      installer, updater, cleaner = prep_operating_system(deployment, options)
+      install_result = nil
+      if deployment[:packages] && !deployment[:packages].empty?
+        packages = deployment[:packages].join(' ')
+        puts "\nInstalling packages..."
+        install_result = DanarchyDeploy::Helpers.run_command("#{installer} #{packages}", options)
+        puts install_result[:stdout] if install_result[:stdout]
+      else
+        puts "\nNo packages to install."
+      end
+      if !options[:pretend]
+        puts "\nRunning system updates..."
+        updater_result = DanarchyDeploy::Helpers.run_command(updater, options)
+        puts updater_result[:stdout] if updater_result[:stdout]
+        puts "\nCleaning up unused packages..."
+        cleanup_result = DanarchyDeploy::Helpers.run_command(cleaner, options)
+        puts cleanup_result[:stdout] if cleanup_result[:stdout]
+      end
+      deployment
+    end
+    private
+    def self.prep_operating_system(deployment, options)
+      (installer, updater, cleaner) = nil
+      os = deployment[:os]
+      if deployment[:system]
+        if deployment[:system][:archives]
+          puts " > Deploying system archives"
+          DanarchyDeploy::Archiver.new(deployment[:system][:archives], options)
+        end
+        if deployment[:system][:templates]
+          puts "\n > Configuring system templates for #{deployment[:os]}"
+          DanarchyDeploy::Templater.new(deployment[:system][:templates], options)
+          # Add deployment[:system][:dmcrypt], deployment[:system][:lvm], and deployment[:system][:fstab] here
+          deployment[:system][:templates].each do |t|
+            if t[:target] == '/etc/fstab'
+              t[:variables].each do |v|
+                if !Dir.exist?(v[:mountpoint])
+                  puts "Creating mountpoint: #{v[:mountpoint]}"
+                  FileUtils.mkdir_p(v[:mountpoint]) if !options[:pretend]
+                end
+              end
+            end
+          end
+        end
+      end
+      puts "\n > Mounting Filesystems"
+      if !options[:pretend]
+        mount_result = DanarchyDeploy::Helpers.run_command('mount -a', options)
+        abort('   |! Failed to mount filesystems!') if mount_result[:stderr]
+      end
+      if os.downcase == 'gentoo'
+        (installer, updater, cleaner) = DanarchyDeploy::System::Gentoo.new(deployment, options)
+      elsif %w[debian ubuntu].include?(os.downcase)
+        (installer, updater, cleaner) = DanarchyDeploy::System::Debian.new(deployment, options)
+      elsif os.downcase == 'opensuse'
+        puts 'OpenSUSE is not fully supported yet!'
+        (installer, updater, cleaner) = DanarchyDeploy::System::OpenSUSE.new(deployment, options)
+      elsif %w[centos redhat].include?(os.downcase)
+        puts 'CentOS/RedHat is not fully supported yet!'
+        (installer, updater, cleaner) = DanarchyDeploy::System::CentOS.new(deployment, options)
+      end
+      [installer, updater, cleaner]
+    end
+  end
+end

data/lib/danarchy_deploy/system/centos.rb ADDED

@@ -0,0 +1,17 @@
+module DanarchyDeploy
+  module System
+    class CentOS
+      def self.new(deployment, options)
+        puts "\n" + self.name
+        puts "#{deployment[:os].capitalize} detected! Using yum."
+        # needs more testing
+        installer = 'yum install -y '
+        updater = 'yum upgrade -y'
+        cleaner = 'yum clean all'
+        [installer, updater, cleaner]
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/system/debian.rb ADDED

@@ -0,0 +1,61 @@
+require 'net/http'
+module DanarchyDeploy
+  module System
+    class Debian
+      def self.new(deployment, options)
+        puts "\n" + self.name
+        puts "#{deployment[:os].capitalize} detected! Using apt."
+        if deployment[:apt]
+          if deployment[:apt][:templates]
+            puts "\nChecking Apt configs."
+            DanarchyDeploy::Templater.new(deployment[:apt][:templates], options)
+          end
+          if deployment[:apt][:gpgkeys]
+            puts "\nInstalling Apt GPG Keys."
+            install_gpgkeys(deployment[:apt][:gpgkeys], options)
+          end
+        end
+        nonint = 'export DEBIAN_FRONTEND=noninteractive ; '
+        installer  = nonint + 'apt-get install -y '
+        installer += '--dry-run ' if options[:pretend]
+        updater = nonint + 'apt-get upgrade -y '
+        cleaner = nonint + 'apt-get autoclean -y '
+        puts "\nUpdating Apt repos..."
+        DanarchyDeploy::Helpers.run_command(nonint + 'apt-get update', options)
+        [installer, updater, cleaner]
+      end
+      private
+      def self.install_gpgkeys(gpgkeys, options)
+        gpgkeys.each do |url|
+          puts "\n > Acquiring GPG key from: #{url}"
+          tmpfile = '/var/tmp/' + `date +%s`.chomp + '.gpgkey.tmp'
+          gpgkey = Net::HTTP.get(URI(url))
+          if ! gpgkey
+            abort('  ! GPG key download failed!')
+          else
+            puts "   |+ GPG key successfully downloaded!"
+            File.write(tmpfile, gpgkey)
+            abort("  ! Failed to write tmpfile for url: #{url} => #{tmpfile}") if ! File.exist?(tmpfile)
+            # Silence noise about non-TTY terminal thanks to apt-key
+            gpgcmd = "export APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=false; apt-key add -qq #{tmpfile}"
+            gpg_result = DanarchyDeploy::Helpers.run_command(gpgcmd, { quiet: true })
+            if gpg_result[:stderr]
+              abort("    ! Failed to write key for: #{url}")
+            elsif gpg_result[:stdout]
+              puts "   |+ GPG Key saved!"
+            end
+          end
+        end
+      end
+    end
+  end
+end