deprec 1.9.3 → 2.0.0

data/lib/deprec/templates/apache/namevirtualhosts.conf

@@ -0,0 +1,5 @@
+NameVirtualHost *:80
+ 
+<IfModule mod_ssl.c>
+  NameVirtualHost *:443
+</IfModule>

data/lib/deprec/templates/apt/sources.list

@@ -0,0 +1,18 @@
+#
+#  /etc/apt/sources.list
+#
+
+
+#
+# gutsy
+#
+deb		http://<%= apt_mirror_hostname %>/ubuntu gutsy main restricted universe multiverse
+deb     http://archive.ubuntu.com/ubuntu     gutsy-updates main restricted universe multiverse
+deb http://security.ubuntu.com/ubuntu gutsy-security main restricted universe
+
+deb-src http://archive.ubuntu.com/ubuntu     gutsy main restricted universe
+deb-src http://archive.ubuntu.com/ubuntu     gutsy-updates main restricted universe
+deb-src http://security.ubuntu.com/ubuntu gutsy-security main restricted universe
+
+
+

data/lib/deprec/templates/apt_mirror/apt-mirror-cron

@@ -0,0 +1,4 @@
+#
+# Regular cron jobs for the apt-mirror package
+#
+0 4     * * *   apt-mirror      /usr/bin/apt-mirror > /var/spool/apt-mirror/var/cron.log

data/lib/deprec/templates/apt_mirror/mirror.list

@@ -0,0 +1,33 @@
+############# config ##################
+#
+# set base_path    /var/spool/apt-mirror
+#
+# if you change the base path you must create the directories below with write privlages
+#
+# set mirror_path  $base_path/mirror
+# set skel_path    $base_path/skel
+# set var_path     $base_path/var
+# set cleanscript $var_path/clean.sh
+# set defaultarch  <running host architecture>
+set nthreads     20
+set _tilde 0
+#
+############# end config ##############
+
+<% Array(apt_releases_to_mirror).each do |release| %> 
+# <%= release %>
+deb http://archive.ubuntu.com/ubuntu <%= release %> main restricted universe multiverse
+#deb http://archive.ubuntu.com/ubuntu <%= release %>-updates main restricted universe multiverse
+#deb http://archive.ubuntu.com/ubuntu <%= release %>-backports main restricted universe multiverse
+#deb http://archive.ubuntu.com/ubuntu <%= release %>-security main restricted universe multiverse
+#deb http://archive.ubuntu.com/ubuntu <%= release %>-proposed main restricted universe multiverse
+
+deb-src http://archive.ubuntu.com/ubuntu <%= release %> main restricted universe multiverse
+#deb-src http://archive.ubuntu.com/ubuntu <%= release %>-updates main restricted universe multiverse
+#deb-src http://archive.ubuntu.com/ubuntu <%= release %>-backports main restricted universe multiverse
+#deb-src http://archive.ubuntu.com/ubuntu <%= release %>-security main restricted universe multiverse
+#deb-src http://archive.ubuntu.com/ubuntu <%= release %>-proposed main restricted universe multiverse
+<% end %>
+
+clean http://archive.ubuntu.com/ubuntu
+

data/lib/deprec/templates/ar_sendmail/logrotate.conf.erb

@@ -0,0 +1,9 @@
+<%= shared_path %>/log/ar_sendmail.log {
+  daily
+  rotate 14
+  dateext
+  missingok
+  compress
+  sharedscripts
+  copytruncate
+}

data/lib/deprec/templates/ar_sendmail/monit.conf.erb

@@ -0,0 +1,5 @@
+check process ar_sendmail-<%= application %> with pidfile <%= current_path %>/tmp/pids/ar_sendmail.pid
+        start program = "/usr/local/sbin/daemonize -c <%= current_path %> -o <%= current_path %>/log/ar_sendmail.log -e <%= current_path %>/log/ar_sendmail.log -p <%= current_path %>/tmp/pids/ar_sendmail.pid -l <%= current_path %>/tmp/pids/ar_sendmail.pid  /usr/local/bin/ar_sendmail --environment production --verbose"
+        stop program = "/usr/bin/xargs kill -9 < <%= current_path %>/tmp/pids/ar_sendmail.pid"
+
+        if 3 restarts within 5 cycles then timeout

data/lib/deprec/templates/ddclient/ddclient.conf.erb

@@ -0,0 +1,11 @@
+# Configuration file for ddclient generated by deprec
+#
+# /etc/ddclient.conf
+
+pid=/var/run/ddclient.pid
+protocol=dyndns2
+use=if, if=<%= ddclient_interface %>
+server=members.dyndns.org
+login=<%= ddclient_user %>
+password='<%= ddclient_pass %>'
+<%= Array(ddclient_domains).join(',') %>

data/lib/deprec/templates/ddclient/ddclient.erb

@@ -0,0 +1,15 @@
+# Configuration for ddclient scripts
+# generated from debconf on Sun Jan 18 09:20:43 UTC 2009
+#
+# /etc/default/ddclient
+
+# Set to "true" if ddclient should be run every time a new ppp connection is
+# established. This might be useful, if you are using dial-on-demand
+run_ipup="true"
+
+# Set to "true" if ddclient should run in daemon mode
+run_daemon="true"
+
+# Set the time interval between the updates of the dynamic DNS name in seconds.
+# This option only takes effect if the ddclient runs in daemon mode.
+daemon_interval="300"

data/lib/deprec/templates/deprec/caprc.erb

@@ -0,0 +1,14 @@
+ssh_options[:paranoid] = false
+ssh_options[:forward_agent] = true
+
+
+# Just import the general purpose tasks
+require '/deprec/general_purpose' if respond_to?(:namespace)
+
+# Enable all deprec tasks all the time. This will change the 
+# behviour of some standard cap tasks (like 'cap deploy') so
+# only enable it if you know what you're doing!
+#
+# require 'deprec/recipes' unless respond_to?(:namespace)
+
+

data/lib/deprec/templates/heartbeat/authkeys.erb

@@ -0,0 +1,2 @@
+auth 1
+1 sha1 <%= heartbeat_auth_key %>

data/lib/deprec/templates/heartbeat/ha.cf.erb

@@ -0,0 +1,15 @@
+# http://linux-ha.org/ha.cf
+logfacility     daemon
+keepalive 1
+deadtime 10
+warntime 5
+initdead 120 # depend on your hardware
+udpport 694
+ping <%= heartbeat_ping %>
+bcast <%= heartbeat_bcast %>
+auto_failback <%= heartbeat_auto_failback %>
+<% heartbeat_nodes.each do |node| -%>
+node    <%= node %>
+<% end -%>
+respawn hacluster /usr/lib/heartbeat/ipfail
+use_logd yes

data/lib/deprec/templates/heartbeat/haresources.erb

@@ -0,0 +1 @@
+<%= heartbeat_preferred_node %> <%= heartbeat_resources %>

data/lib/deprec/templates/logrotate/logrotate.conf.erb

@@ -0,0 +1,32 @@
+# see "man logrotate" for details
+# rotate log files weekly
+weekly
+
+# keep 4 weeks worth of backlogs
+rotate 4
+
+# create new (empty) log files after rotating old ones
+create
+
+# uncomment this if you want your log files compressed
+#compress
+
+# packages drop log rotation information into this directory
+include /etc/logrotate.d
+
+# no packages own wtmp, or btmp -- we'll rotate them here
+/var/log/wtmp {
+    missingok
+    monthly
+    create 0664 root utmp
+    rotate 1
+}
+
+/var/log/btmp {
+    missingok
+    monthly
+    create 0664 root utmp
+    rotate 1
+}
+
+# system-specific logs may be configured here

data/lib/deprec/templates/mongrel/apache_vhost.erb

@@ -0,0 +1,148 @@
+<VirtualHost *:80>
+  ServerName <%= domain %>
+  <%- 4.times do |counter| -%>
+  ServerAlias <%= domain.sub(/.*?\./, "assets#{counter}.") %>
+  <%- end %>
+  DocumentRoot <%= "#{current_path}/public" %>
+  ErrorLog <%= apache_log_dir %>/<%= domain %>-error_log
+  CustomLog <%= apache_log_dir %>/<%= domain %>-access_log combined
+
+  <Directory <%= "#{current_path}/public" %>>
+    Options FollowSymLinks
+    AllowOverride None
+    Order allow,deny
+    Allow from all
+  </Directory>
+
+  <Proxy *>
+    Order deny,allow
+    Allow from all
+  </Proxy>
+
+  # Configure mongrel_cluster 
+  <Proxy balancer://<%= "#{application}_cluster" %>>
+	<%- mongrel_servers.times do |counter| -%>
+    BalancerMember http://<%= "127.0.0.1:#{mongrel_port+counter}"  %>
+	<%- end -%>
+  </Proxy>
+
+  RewriteEngine On
+
+  <%- if apache_ssl_enabled && apache_ssl_forward_all -%>
+  RewriteRule ^(.*)$ https://<%= domain %>$1
+  <%- else -%>
+  # Prevent access to .svn directories
+  RewriteRule ^(.*/)?\.svn/ - [F,L]
+  ErrorDocument 403 "Access Forbidden"
+
+  # Check for maintenance file and redirect all requests
+  RewriteCond %{REQUEST_URI} !\.(css|jpg|png|gif)$
+  RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
+  RewriteCond %{SCRIPT_FILENAME} !maintenance.html
+  RewriteRule ^.*$ /system/maintenance.html [L]
+
+  # Rewrite index to check for static
+  RewriteRule ^/$ /index.html [QSA] 
+
+  # Rewrite to check for Rails cached page
+  RewriteRule ^([^.]+)$ $1.html [QSA]
+
+  # Redirect all non-static requests to cluster
+  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
+  RewriteRule ^/(.*)$ balancer://<%= "#{application}_cluster" %>%{REQUEST_URI} [P,QSA,L]
+  
+  # Deflate
+  AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript
+  BrowserMatch ^Mozilla/4 gzip-only-text/html
+  BrowserMatch ^Mozilla/4\.0[678] no-gzip
+  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
+  <%- end -%>
+</VirtualHost>
+
+
+<% if apache_ssl_enabled %>
+<VirtualHost <%= apache_ssl_ip ? apache_ssl_ip : '*' %>:443>
+  ServerName <%= domain %>
+  <%- 4.times do |counter| -%>
+  ServerAlias <%= domain.sub(/.*?\./, "assets#{counter}.") %>
+  <%- end %>
+  DocumentRoot <%= "#{current_path}/public" %>
+  ErrorLog <%= apache_log_dir %>/<%= domain %>-error_log
+  CustomLog <%= apache_log_dir %>/<%= domain %>-access_log combined       
+  CustomLog <%= apache_log_dir %>/<%= domain %>-ssl_log \
+          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+  <Directory <%= "#{current_path}/public" %>>
+    Options FollowSymLinks
+    AllowOverride None
+    Order allow,deny
+    Allow from all
+  </Directory>
+
+  <Proxy *>
+    Order deny,allow
+    Allow from all
+  </Proxy>
+
+  # Configure mongrel_cluster 
+  <Proxy balancer://<%= "#{application}_cluster" %>>
+	<%- mongrel_servers.times do |counter| -%>
+    BalancerMember http://<%= "127.0.0.1:#{mongrel_port+counter}"  %>
+	<%- end -%>
+  </Proxy>
+
+  RewriteEngine On
+
+  # Prevent access to .svn directories
+  RewriteRule ^(.*/)?\.svn/ - [F,L]
+  ErrorDocument 403 "Access Forbidden"
+
+  # Prevent access to .git directories
+  RewriteRule ^(.*/)?\.git/ - [F,L]
+  ErrorDocument 403 "Access Forbidden"
+
+  # Check for maintenance file and redirect all requests
+  RewriteCond %{REQUEST_URI} !\.(css|jpg|png|gif)$
+  RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
+  RewriteCond %{SCRIPT_FILENAME} !maintenance.html
+  RewriteRule ^.*$ /system/maintenance.html [L]
+
+  # Rewrite index to check for static
+  RewriteRule ^/$ /index.html [QSA] 
+
+  # Rewrite to check for Rails cached page
+  RewriteRule ^([^.]+)$ $1.html [QSA]
+
+  # Redirect all non-static requests to cluster
+  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
+  # Add header for Mongrel to set HTTPS environment for Rails
+  RequestHeader set X-Forwarded-Proto "https"
+  RewriteRule ^/(.*)$ balancer://<%= "#{application}_cluster" %>%{REQUEST_URI} [P,QSA,L]
+
+  # Deflate
+  AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript
+  BrowserMatch ^Mozilla/4 gzip-only-text/html
+  BrowserMatch ^Mozilla/4\.0[678] no-gzip
+  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
+
+  # SSL Engine Switch
+  SSLEngine on
+
+  # SSL Cipher Suite:
+  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+
+  # Server Certificate
+  SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
+
+  # Server Private Key
+  SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+  <% if apache_ssl_chainfile %>
+  # Intermediate keys
+  SSLCertificateChainFile /usr/local/apache2/conf/ssl.crt/<%= domain %>-chainfile.crt
+  <% end %>
+
+  BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
+
+</VirtualHost>
+<% end  %>

data/lib/deprec/templates/mongrel/logrotate.conf.erb

@@ -0,0 +1,11 @@
+<%= shared_path %>/log/<%= rails_env %>.log <%= shared_path %>/log/mongrel.*.log {
+  daily
+  rotate 14
+  dateext
+  missingok
+  compress
+  sharedscripts
+  copytruncate
+}
+	
+

data/lib/deprec/{third_party/mongrel_cluster/resources/mongrel_cluster → templates/mongrel/mongrel_cluster-init-script}

@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# Copyright (c) 2006 Bradley Taylor, bradley@railsmachine.com
+# Copyright (c) 2007 Bradley Taylor, bradley@railsmachine.com
 #
 # mongrel_cluster       Startup script for Mongrel clusters.
 #
@@ -9,9 +9,14 @@
 #              behind a load balancer.
 #              
 
+PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local:/usr/local/sbin:/usr/local/bin
 CONF_DIR=/etc/mongrel_cluster
-RETVAL=0
+PID_DIR=/var/run/mongrel_cluster
+# USER=mongrel
+
+EVENT=1
 
+RETVAL=0
 
 # Gracefully exit if the controller is missing.
 which mongrel_cluster_ctl >/dev/null || exit 0
@@ -21,7 +26,11 @@ which mongrel_cluster_ctl >/dev/null || exit 0
 
 case "$1" in
     start)
-      mongrel_cluster_ctl start -c $CONF_DIR
+      # Create pid directory
+      mkdir -p $PID_DIR
+      # chown $USER:$USER $PID_DIR
+
+      mongrel_cluster_ctl start --clean -c $CONF_DIR
       RETVAL=$?
   ;;
     stop)
@@ -29,13 +38,17 @@ case "$1" in
       RETVAL=$?
   ;;
     restart)
-      mongrel_cluster_ctl restart -c $CONF_DIR
+      mongrel_cluster_ctl restart --clean -c $CONF_DIR
+      RETVAL=$?
+  ;;
+    status)
+      mongrel_cluster_ctl status -c $CONF_DIR
       RETVAL=$?
   ;;
     *)
-      echo "Usage: mongrel_cluster {start|stop|restart}"
+      echo "Usage: mongrel_cluster {start|stop|restart|status}"
       exit 1
   ;;
 esac      
 
-exit $RETVAL
+exit $RETVAL

data/lib/deprec/templates/mongrel/mongrel_cluster.yml.erb

@@ -0,0 +1,10 @@
+--- 
+user: <%= app_user %>
+group: <%= app_group %>
+cwd: <%= current_path %>
+log_file: <%= mongrel_log_dir %>/mongrel.log
+port: "<%= mongrel_port.to_s %>"
+environment: <%= mongrel_environment %>
+address: <%= mongrel_address %>
+pid_file: <%= mongrel_pid_dir %>/mongrel.pid
+servers: <%= mongrel_servers.to_s %>

data/lib/deprec/templates/mongrel/monit.conf.erb

@@ -0,0 +1,17 @@
+<% mongrel_servers.times do |counter| -%>
+  check process mongrel-<%=mongrel_port+counter%> with pidfile <%= mongrel_pid_dir %>/mongrel.<%=mongrel_port+counter%>.pid
+	group mongrel_<%= application %>
+	start program = "/usr/local/bin/ruby /usr/local/bin/mongrel_rails cluster::start --clean -C <%= mongrel_conf %> --only <%=mongrel_port+counter%>"
+	stop program = "/usr/local/bin/ruby /usr/local/bin/mongrel_rails cluster::stop -C <%= mongrel_conf %> --only <%=mongrel_port+counter%>"
+		
+	if failed host 127.0.0.1 port <%=mongrel_port+counter%> protocol http
+    	with timeout 10 seconds
+    	then alert
+
+	if totalmem > 100 Mb then restart
+	if cpu > 60% for 2 cycles then alert
+	if cpu > 80% for 5 cycles then restart
+	if loadavg(5min) > 10 for 8 cycles then restart
+	if 3 restarts within 5 cycles then timeout
+
+<% end -%>

data/lib/deprec/templates/mongrel/nginx_vhost.erb

@@ -0,0 +1,41 @@
+upstream <%= application %> {
+<% mongrel_servers.times do |counter| -%>
+  <%= "server 127.0.0.1:#{mongrel_port+counter};"  %>
+<% end -%>
+}
+
+server {
+    listen       80;
+    server_name  <%= domain %> <% 4.times do |counter| %> <%= domain.sub(/.*?\./, "assets#{counter}.") %><% end %>;
+    root <%= deploy_to %>/current/public;
+    access_log <%= deploy_to %>/shared/log/<%= domain %>-access.log;
+    error_log <%= deploy_to %>/shared/log/<%= domain %>-error.log;
+    client_max_body_size  <%= nginx_client_max_body_size %>;
+
+        if (-f $document_root/system/maintenance.html){
+                rewrite  ^(.*)$  /system/maintenance.html last;
+                break;
+        }
+        location / {
+                proxy_set_header  X-Real-IP  $remote_addr;
+                proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header Host $http_host;
+                proxy_redirect false;
+
+                if (-f $request_filename/index.html) {
+                        rewrite (.*) $1/index.html break;
+                }
+                if (-f $request_filename.html) {
+                        rewrite (.*) $1.html break;
+                }       
+                if (!-f $request_filename) {
+                        proxy_pass http://<%= application %>;
+                        break;
+                }
+        }
+
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+                root   html;
+        }
+}