RubyGems - danarchy_deploy - Versions diffs - 0.1.3 → 0.2.2 - Mend

danarchy_deploy 0.1.3 → 0.2.2

Files changed (39) hide show

checksums.yaml +5 -5
data/.gitignore +1 -0
data/Gemfile.lock +9 -20
data/README.md +10 -9
data/Rakefile +0 -4
data/bin/danarchy_deploy +24 -10
data/danarchy_deploy.gemspec +4 -3
data/lib/danarchy_deploy.rb +186 -55
data/lib/danarchy_deploy/applicator.rb +39 -0
data/lib/danarchy_deploy/applicator/nginx.rb +86 -0
data/lib/danarchy_deploy/applicator/phpfpm.rb +84 -0
data/lib/danarchy_deploy/applicator/redmine.rb +40 -0
data/lib/danarchy_deploy/applicator/ssl.rb +14 -0
data/lib/danarchy_deploy/applicator/wordpress.rb +146 -0
data/lib/danarchy_deploy/applicator/wordpress/wpcli.rb +67 -0
data/lib/danarchy_deploy/applicator/wordpress/wpcli_install.sh +36 -0
data/lib/danarchy_deploy/applicator/wordpress/wpconfig.rb +49 -0
data/lib/danarchy_deploy/archiver.rb +9 -7
data/lib/danarchy_deploy/archiver/svn.rb +17 -0
data/lib/danarchy_deploy/hash_deep_merge.rb +9 -0
data/lib/danarchy_deploy/helpers.rb +42 -10
data/lib/danarchy_deploy/services.rb +12 -25
data/lib/danarchy_deploy/services/init.rb +52 -0
data/lib/danarchy_deploy/services/init/openrc.rb +72 -0
data/lib/danarchy_deploy/services/init/systemd.rb +69 -0
data/lib/danarchy_deploy/services/mongodb.rb +162 -0
data/lib/danarchy_deploy/services/mysql.rb +58 -0
data/lib/danarchy_deploy/services/mysql/new_server.rb +72 -0
data/lib/danarchy_deploy/services/mysql/privileges.rb +35 -0
data/lib/danarchy_deploy/system.rb +86 -0
data/lib/danarchy_deploy/system/centos.rb +17 -0
data/lib/danarchy_deploy/system/debian.rb +61 -0
data/lib/danarchy_deploy/system/gentoo.rb +66 -0
data/lib/danarchy_deploy/system/opensuse.rb +22 -0
data/lib/danarchy_deploy/templater.rb +53 -13
data/lib/danarchy_deploy/users.rb +29 -19
data/lib/danarchy_deploy/version.rb +1 -1
data/templates/deploy_template.json +3 -3
metadata +34 -12

data/lib/danarchy_deploy/services/mongodb.rb ADDED

@@ -0,0 +1,162 @@
+require 'mongo'
+module DanarchyDeploy
+  module Services
+    class MongoDB
+      def self.new(os, mongodb, options)
+        @mongodb = mongodb
+        @options = options
+        puts "\n" + self.name
+        puts "\n > Configuring MongoDB service."
+        DanarchyDeploy::Services::Init.init_manager(os, 'mongodb', 'start', options) if ! options[:pretend]
+        Mongo::Logger.logger.level = Logger::FATAL
+        mongodb_conf, updated_conf = self.load_mongodb_conf
+        host_port = mongodb_conf['net']['bindIp'].split(',').first + ':' + mongodb_conf['net']['port'].to_s
+        admin_user, new_admin   = self.load_admin_user
+        if new_admin == true
+          client = Mongo::Client.new(['127.0.0.1'], database: 'admin')
+          self.ensure_user(client.database, admin_user)
+        end
+        if ! options[:pretend] && updated_conf == true || new_admin == true
+          puts 'Stopping MongoDB'
+          DanarchyDeploy::Services::Init.init_manager(os, 'mongodb', 'stop', options)
+          self.save_mongodb_conf(mongodb_conf)
+          puts 'Starting MongoDB'
+          DanarchyDeploy::Services::Init.init_manager(os, 'mongodb', 'start', options)
+        end
+        client = Mongo::Client.new([host_port], database: 'admin',
+                                   user: admin_user[:user], password: Base64.decode64(admin_user[:password]))
+        self.ensure_user(client.database, admin_user)
+        if databases = @mongodb[:databases]
+          databases.each do |database, params|
+            print "\n   |+ Fake Run: " if options[:pretend]
+            puts "\n  Reviewing database: #{database}"
+            db = client.use(database).database
+            params[:users].each do |user|
+              puts "  > Checking user: #{user[:user]}"
+              self.ensure_user(db, user)
+            end
+          end
+        end
+      end
+      private
+      def self.load_mongodb_conf
+        updated_conf = false
+        @mongodb[:mongodb_conf] = @mongodb[:mongodb_conf] ?
+                                    @mongodb[:mongodb_conf] :
+                                    '/etc/mongodb.conf'
+        mongodb_conf = File.exist?(@mongodb[:mongodb_conf]) ? YAML.load_file(@mongodb[:mongodb_conf]) : Hash.new
+        generated_mongodb_conf = self.generate_mongodb_conf
+        updated_conf = mongodb_conf != generated_mongodb_conf
+        [generated_mongodb_conf, updated_conf]
+      end
+      def self.generate_mongodb_conf
+        if File.readlines('/etc/security/limits.conf').grep(/mongodb/).empty?
+          entry =  'mongodb         soft     nofile          32000'
+          entry += 'mongodb         hard     nofile          64000'
+          File.open('/etc/security/limits.conf', 'a+') do |f|
+            f.write entry
+          end
+        end
+        mongodb_conf = {
+          'net'       => { 'port'    => 27017, 'bindIp' => '127.0.0.1' },
+          'storage'   => { 'dbPath' => '/var/lib/mongodb' },
+          'systemLog' => { 'destination' => 'file',
+                           'path'        => '/var/log/mongodb/mongodb.log',
+                           'quiet'       => true,
+                           'logAppend'   => true }
+        }
+        if @mongodb[:config]
+          mdb_conf = DanarchyDeploy::Helpers.hash_symbols_to_strings(@mongodb[:config])
+          mongodb_conf = mongodb_conf.deep_merge(mdb_conf)
+        end
+        mongodb_conf
+      end
+      def self.save_mongodb_conf(mongodb_conf)
+        if @options[:pretend]
+          puts "\n   |+ Fake run: Saving MongoDB Configuration"
+        else
+          puts 'Saving MongoDB Configuration'
+          File.write(@mongodb[:mongodb_conf], mongodb_conf.to_yaml)
+        end
+      end
+      # def self.ensure_admin_user(host_port, admin_user)
+      #   begin
+      #     client = Mongo::Client.new([host_port], database: 'admin',
+      #                                username: admin_user[:user], password: admin_user[:password])
+      #     database = client.database
+      #     database.users.info(admin_user[:user])
+      #   rescue Mongo::Auth::Unauthorized, Mongo::Error => e
+      #     puts e.message
+      #     if @options[:pretend]
+      #       puts "   |+ Fake Run:   Creating admin user #{admin_user[:user]}"
+      #     else
+      #       client = Mongo::Client.new([host_port], database: 'admin')
+      #       db = client.database
+      #       self.ensure_user(db, admin_user)
+      #     end
+      #   end
+      # end
+      def self.generate_admin_user
+        password = @mongodb[:admin_password] ?
+                     @mongodb[:admin_password].chomp :
+                     Base64.encode64(SecureRandom.base64(14)).chomp
+        { user:     "admin",
+          password: password,
+          roles: [{ role: "root", db: "admin" },
+                  { role: "userAdminAnyDatabase", db: "admin" },
+                  { role: "dbAdminAnyDatabase",   db: "admin" },
+                  { role: "readWriteAnyDatabase", db: "admin" }] }
+      end
+      def self.load_admin_user
+        admin_user = nil
+        new_user   = false
+        if File.exist?('/root/.mdb_admin_user.json')
+          admin_user = JSON.parse(File.read('/root/.mdb_admin_user.json'), symbolize_names: true)
+        else
+          admin_user = self.generate_admin_user
+          self.save_admin_user(admin_user) if ! @options[:pretend]
+          new_user = true
+        end
+        [admin_user, new_user]
+      end
+      def self.save_admin_user(admin_user)
+        File.write('/root/.mdb_admin_user.json', JSON.pretty_generate(admin_user))
+      end
+      def self.ensure_user(db, user)
+        puts user if @options[:vars_verbose]
+        password = Base64.decode64(user[:password]).chomp
+        if @options[:pretend]
+          puts "\n    |+ Fake Run: Creating/Updating user: #{user[:user]}"
+        elsif db.users.info(user[:user]).empty?
+          puts "\n    |+ Creating user: #{user[:user]}"
+          db.users.create(user[:user], password: password, roles: user[:roles])
+        else
+          puts "\n    |+ Updating user: #{user[:user]}"
+          db.users.update(user[:user], password: password, roles: user[:roles])
+        end
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/services/mysql.rb ADDED

@@ -0,0 +1,58 @@
+require_relative 'mysql/new_server'
+require_relative 'mysql/privileges'
+module DanarchyDeploy
+  module Services
+    class MySQL
+      def self.new(os, mysql, options)
+        puts "\n" + self.name
+        puts "\n > Configuring MySQL service."
+        mysql = self.set_parameters(mysql)
+        self.generate_my_cnf(mysql, options)
+        if File.exist?(mysql[:my_cnf]) && Dir.exist?(mysql[:datadir] + '/mysql')
+          puts "   |+ Using existing MySQL service."
+        else
+          MySQL::NewServer.new(os, mysql, options)
+        end
+        if mysql[:privileges]
+          puts "\n > Configuring MySQL Privileges"
+          MySQL::Privileges.new(mysql, options)
+        end
+      end
+      def self.set_parameters(mysql)
+        mysql[:default_file] = mysql[:default_file] ?
+                                 mysql[:default_file] :
+                                 '/root/.my.cnf'
+        mysql[:my_cnf] = mysql[:my_cnf] ?
+                           mysql[:my_cnf] :
+                           '/etc/mysql/my.cnf'
+        mysql[:datadir] = mysql[:datadir] ?
+                            mysql[:datadir] :
+                            '/var/lib/mysql'
+        mysql[:bind_address] = mysql[:bind_address] ?
+                                 mysql[:bind_address] :
+                                 '127.0.0.1'
+        mysql
+      end
+      def self.generate_my_cnf(mysql, options)
+        source = options[:deploy_dir] +
+                 '/templates/services/mysql/my.cnf.erb'
+        templates = [{ target: mysql[:my_cnf],
+                       source: source,
+                       variables: {
+                         datadir:      mysql[:datadir],
+                         bind_address: mysql[:bind_address] }
+                     }]
+        DanarchyDeploy::Templater.new(templates, options)
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/services/mysql/new_server.rb ADDED

@@ -0,0 +1,72 @@
+module DanarchyDeploy
+  module Services
+    class MySQL
+      class NewServer
+        def self.new(os, mysql, options)
+          self.generate_root_mycnf(mysql, options)
+          if os == 'gentoo'
+            self.gentoo_new_mysql(mysql, options)
+          elsif os == 'opensuse'
+            self.opensuse_new_mysql(mysql, options)
+          elsif %w[debian ubuntu].include?(os)
+            self.debian_new_mysql(mysql, options)
+          elsif %w[centos redhat].include?(os)
+            self.centos_new_mysql(mysql, options)
+          end
+        end
+        private
+        def self.gentoo_new_mysql(mysql, options)
+          puts "\n > Performing first time MySQL configuration."
+          cmd = 'emerge --config mariadb'
+          config_result = DanarchyDeploy::Helpers.run_command(cmd, options)
+          if config_result[:stderr]
+            abort('   |! ERROR: Failed to configure MySQL')
+          else config_result[:stdout]
+            puts "   |+ MySQL configured successfully"
+            puts config_result[:stdout]
+          end
+          puts "\n > Starting MySQL."
+          DanarchyDeploy::Services::Init.init_manager('gentoo', 'mysql', 'start', options)
+        end
+        def self.debian_new_mysql(mysql, options)
+          puts "   ! Debian/Ubuntu MySQL configuration not yet implemented!"
+        end
+        def self.centos_new_mysql(mysql, options)
+          puts "   ! CentOS/Redhat MySQL configuration not yet implemented!"
+        end
+        def self.opensuse_new_mysql(mysql, options)
+          puts "   ! OpenSUSE MySQL configuration not yet implemented!"
+        end
+        def self.generate_root_mycnf(mysql, options)
+          return if File.exist?(mysql[:default_file])
+          puts "   |+ Generating #{mysql[:default_file]} file."
+          password = SecureRandom.base64(14)
+          source = options[:deploy_dir] +
+                   '/templates/services/mysql/root_my.cnf.erb'
+          templates = [{ target: mysql[:default_file],
+                         source: source,
+                         variables: {
+                           host: 'localhost',
+                           user: 'root',
+                           pass: password,
+                           port: '3306' }
+                       }]
+          DanarchyDeploy::Templater.new(templates, options)
+        end
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/services/mysql/privileges.rb ADDED

@@ -0,0 +1,35 @@
+# require 'mysql2'
+# Need to run with CLI rather than Ruby gem to reduce dependencies when this isn't used.
+module DanarchyDeploy
+  module Services
+    class MySQL
+      class Privileges
+        def self.new(mysql, options)
+          sql_grants = sql_template(mysql, options)
+          run_sql_grants(mysql, sql_grants, options)
+        end
+        def self.sql_template(mysql, options)
+          sql_grants = '/root/.user_grants.sql'
+          source = options[:deploy_dir] +
+                   '/templates/services/mysql/user_db_grants.sql.erb'
+          templates = [{ target: sql_grants,
+                         source: source,
+                         variables: mysql[:privileges] }]
+          DanarchyDeploy::Templater.new(templates, options)
+          sql_grants
+        end
+        def self.run_sql_grants(mysql, sql_grants, options)
+          # Using CLI commands for now;
+          #   mysql2 requires mysql client be installed even if we won't be using it.
+          # client = Mysql2::Client.new(:default_file => default_file)
+          cmd = "mysql --defaults-file=#{mysql[:default_file]} -v < #{sql_grants}"
+          DanarchyDeploy::Helpers.run_command(cmd, options)
+        end
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/system.rb ADDED

@@ -0,0 +1,86 @@
+require_relative 'system/centos'
+require_relative 'system/debian'
+require_relative 'system/gentoo'
+require_relative 'system/opensuse'
+module DanarchyDeploy
+  module System
+    def self.new(deployment, options)
+      abort('Operating System not defined! Exiting!') if !deployment[:os]
+      puts "\n" + self.name
+      installer, updater, cleaner = prep_operating_system(deployment, options)
+      install_result = nil
+      if deployment[:packages] && !deployment[:packages].empty?
+        packages = deployment[:packages].join(' ')
+        puts "\nInstalling packages..."
+        install_result = DanarchyDeploy::Helpers.run_command("#{installer} #{packages}", options)
+        puts install_result[:stdout] if install_result[:stdout]
+      else
+        puts "\nNo packages to install."
+      end
+      if !options[:pretend]
+        puts "\nRunning system updates..."
+        updater_result = DanarchyDeploy::Helpers.run_command(updater, options)
+        puts updater_result[:stdout] if updater_result[:stdout]
+        puts "\nCleaning up unused packages..."
+        cleanup_result = DanarchyDeploy::Helpers.run_command(cleaner, options)
+        puts cleanup_result[:stdout] if cleanup_result[:stdout]
+      end
+      deployment
+    end
+    private
+    def self.prep_operating_system(deployment, options)
+      (installer, updater, cleaner) = nil
+      os = deployment[:os]
+      if deployment[:system]
+        if deployment[:system][:archives]
+          puts " > Deploying system archives"
+          DanarchyDeploy::Archiver.new(deployment[:system][:archives], options)
+        end
+        if deployment[:system][:templates]
+          puts "\n > Configuring system templates for #{deployment[:os]}"
+          DanarchyDeploy::Templater.new(deployment[:system][:templates], options)
+          # Add deployment[:system][:dmcrypt], deployment[:system][:lvm], and deployment[:system][:fstab] here
+          deployment[:system][:templates].each do |t|
+            if t[:target] == '/etc/fstab'
+              t[:variables].each do |v|
+                if !Dir.exist?(v[:mountpoint])
+                  puts "Creating mountpoint: #{v[:mountpoint]}"
+                  FileUtils.mkdir_p(v[:mountpoint]) if !options[:pretend]
+                end
+              end
+            end
+          end
+        end
+      end
+      puts "\n > Mounting Filesystems"
+      if !options[:pretend]
+        mount_result = DanarchyDeploy::Helpers.run_command('mount -a', options)
+        abort('   |! Failed to mount filesystems!') if mount_result[:stderr]
+      end
+      if os.downcase == 'gentoo'
+        (installer, updater, cleaner) = DanarchyDeploy::System::Gentoo.new(deployment, options)
+      elsif %w[debian ubuntu].include?(os.downcase)
+        (installer, updater, cleaner) = DanarchyDeploy::System::Debian.new(deployment, options)
+      elsif os.downcase == 'opensuse'
+        puts 'OpenSUSE is not fully supported yet!'
+        (installer, updater, cleaner) = DanarchyDeploy::System::OpenSUSE.new(deployment, options)
+      elsif %w[centos redhat].include?(os.downcase)
+        puts 'CentOS/RedHat is not fully supported yet!'
+        (installer, updater, cleaner) = DanarchyDeploy::System::CentOS.new(deployment, options)
+      end
+      [installer, updater, cleaner]
+    end
+  end
+end

data/lib/danarchy_deploy/system/centos.rb ADDED

@@ -0,0 +1,17 @@
+module DanarchyDeploy
+  module System
+    class CentOS
+      def self.new(deployment, options)
+        puts "\n" + self.name
+        puts "#{deployment[:os].capitalize} detected! Using yum."
+        # needs more testing
+        installer = 'yum install -y '
+        updater = 'yum upgrade -y'
+        cleaner = 'yum clean all'
+        [installer, updater, cleaner]
+      end
+    end
+  end
+end

data/lib/danarchy_deploy/system/debian.rb ADDED

@@ -0,0 +1,61 @@
+require 'net/http'
+module DanarchyDeploy
+  module System
+    class Debian
+      def self.new(deployment, options)
+        puts "\n" + self.name
+        puts "#{deployment[:os].capitalize} detected! Using apt."
+        if deployment[:apt]
+          if deployment[:apt][:templates]
+            puts "\nChecking Apt configs."
+            DanarchyDeploy::Templater.new(deployment[:apt][:templates], options)
+          end
+          if deployment[:apt][:gpgkeys]
+            puts "\nInstalling Apt GPG Keys."
+            install_gpgkeys(deployment[:apt][:gpgkeys], options)
+          end
+        end
+        nonint = 'export DEBIAN_FRONTEND=noninteractive ; '
+        installer  = nonint + 'apt-get install -y '
+        installer += '--dry-run ' if options[:pretend]
+        updater = nonint + 'apt-get upgrade -y '
+        cleaner = nonint + 'apt-get autoclean -y '
+        puts "\nUpdating Apt repos..."
+        DanarchyDeploy::Helpers.run_command(nonint + 'apt-get update', options)
+        [installer, updater, cleaner]
+      end
+      private
+      def self.install_gpgkeys(gpgkeys, options)
+        gpgkeys.each do |url|
+          puts "\n > Acquiring GPG key from: #{url}"
+          tmpfile = '/var/tmp/' + `date +%s`.chomp + '.gpgkey.tmp'
+          gpgkey = Net::HTTP.get(URI(url))
+          if ! gpgkey
+            abort('  ! GPG key download failed!')
+          else
+            puts "   |+ GPG key successfully downloaded!"
+            File.write(tmpfile, gpgkey)
+            abort("  ! Failed to write tmpfile for url: #{url} => #{tmpfile}") if ! File.exist?(tmpfile)
+            # Silence noise about non-TTY terminal thanks to apt-key
+            gpgcmd = "export APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=false; apt-key add -qq #{tmpfile}"
+            gpg_result = DanarchyDeploy::Helpers.run_command(gpgcmd, { quiet: true })
+            if gpg_result[:stderr]
+              abort("    ! Failed to write key for: #{url}")
+            elsif gpg_result[:stdout]
+              puts "   |+ GPG Key saved!"
+            end
+          end
+        end
+      end
+    end
+  end
+end