dreamcat4-moonshadow 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +165 -0
- data/app_generators/moonshine/moonshine_generator.rb +154 -0
- data/app_generators/moonshine/templates/Capfile +3 -0
- data/app_generators/moonshine/templates/rails/deploy.rb +3 -0
- data/app_generators/moonshine/templates/rails/gems.yml +1 -0
- data/app_generators/moonshine/templates/rails/manifest.rb +55 -0
- data/app_generators/moonshine/templates/rails/moonshine.rake +83 -0
- data/app_generators/moonshine/templates/rails/moonshine.yml +43 -0
- data/app_generators/moonshine/templates/readme.templates +5 -0
- data/app_generators/moonshine_plugin/USAGE +8 -0
- data/app_generators/moonshine_plugin/moonshine_plugin_generator.rb +39 -0
- data/app_generators/moonshine_plugin/templates/README.rdoc +14 -0
- data/app_generators/moonshine_plugin/templates/init.rb +3 -0
- data/app_generators/moonshine_plugin/templates/plugin.rb +19 -0
- data/app_generators/moonshine_plugin/templates/spec.rb +24 -0
- data/app_generators/moonshine_plugin/templates/spec_helper.rb +8 -0
- data/bin/moonshine +17 -0
- data/bin/moonshine_plugin +17 -0
- data/lib/moonshine.rb +7 -0
- data/lib/moonshine/bootstrap/bootstrap.mri.sh +21 -0
- data/lib/moonshine/bootstrap/bootstrap.ree.sh +34 -0
- data/lib/moonshine/capistrano.rb +242 -0
- data/lib/moonshine/manifest.rb +151 -0
- data/lib/moonshine/manifest/rails.rb +54 -0
- data/lib/moonshine/manifest/rails/apache.rb +99 -0
- data/lib/moonshine/manifest/rails/apt_gems.yml +32 -0
- data/lib/moonshine/manifest/rails/mysql.rb +79 -0
- data/lib/moonshine/manifest/rails/os.rb +115 -0
- data/lib/moonshine/manifest/rails/passenger.rb +93 -0
- data/lib/moonshine/manifest/rails/postgresql.rb +83 -0
- data/lib/moonshine/manifest/rails/rails.rb +237 -0
- data/lib/moonshine/manifest/rails/sqlite3.rb +8 -0
- data/lib/moonshine/manifest/rails/templates/innodb.cnf.erb +6 -0
- data/lib/moonshine/manifest/rails/templates/logrotate.conf.erb +15 -0
- data/lib/moonshine/manifest/rails/templates/moonshine.cnf.erb +63 -0
- data/lib/moonshine/manifest/rails/templates/passenger.conf.erb +106 -0
- data/lib/moonshine/manifest/rails/templates/passenger.vhost.erb +273 -0
- data/lib/moonshine/manifest/rails/templates/pg_hba.conf.erb +83 -0
- data/lib/moonshine/manifest/rails/templates/postgresql.conf.erb +493 -0
- data/lib/moonshine/manifest/rails/templates/unattended_upgrades.erb +18 -0
- data/lib/moonshine_setup_manifest.rb +39 -0
- metadata +135 -0
@@ -0,0 +1,63 @@
|
|
1
|
+
<% log_prefix = configuration[:mysql][:log_prefix] || Facter.to_hash["hostname"] %>
|
2
|
+
|
3
|
+
[client]
|
4
|
+
default-character-set = <%= configuration[:mysql][:default_character_set] || 'utf8' %>
|
5
|
+
|
6
|
+
[mysqld]
|
7
|
+
######### storage engine
|
8
|
+
default-storage-engine = <%= configuration[:mysql][:default_storage_engine] || 'innodb' %>
|
9
|
+
|
10
|
+
######### character sets
|
11
|
+
character_set_server = <%= configuration[:mysql][:character_set_server] || 'utf8' %>
|
12
|
+
collation_server = <%= configuration[:mysql][:collation_server] || 'utf8_general_ci' %>
|
13
|
+
|
14
|
+
######### replication
|
15
|
+
server-id = <%= configuration[:mysql][:server_id] || '1' %>
|
16
|
+
auto-increment-increment = <%= configuration[:mysql][:auto_increment_increment] || '10' %>
|
17
|
+
auto-increment-offset = <%= configuration[:mysql][:auto_increment_offset] || configuration[:mysql][:server_id] || '1' %>
|
18
|
+
log-bin = <%= configuration[:mysql][:log_bin] || "#{log_prefix}-bin" %>
|
19
|
+
log-bin-index = <%= configuration[:mysql][:log_bin_index] || "#{log_prefix}-bin" %>
|
20
|
+
relay-log = <%= configuration[:mysql][:relay_log] || "#{log_prefix}-relay" %>
|
21
|
+
relay-log-index = <%= configuration[:mysql][:relay_log_index] || "#{log_prefix}-relay" %>
|
22
|
+
replicate-same-server-id = <%= configuration[:mysql][:replicate_same_server_id] || '0' %>
|
23
|
+
|
24
|
+
######### innodb options
|
25
|
+
innodb_buffer_pool_size = <%= configuration[:mysql][:innodb_buffer_pool_size] || '128M' %>
|
26
|
+
innodb_additional_mem_pool_size = <%= configuration[:mysql][:innodb_additional_mem_pool_size] || '16M' %>
|
27
|
+
innodb_data_file_path = <%= configuration[:mysql][:innodb_data_file_path] || 'ibdata1:10M:autoextend' %>
|
28
|
+
innodb_file_io_threads = <%= configuration[:mysql][:innodb_file_io_threads] || '4' %>
|
29
|
+
innodb_thread_concurrency = <%= configuration[:mysql][:innodb_thread_concurrency] || '4' %>
|
30
|
+
innodb_flush_log_at_trx_commit = <%= configuration[:mysql][:innodb_flush_log_at_trx_commit] || '2' %>
|
31
|
+
innodb_log_buffer_size = <%= configuration[:mysql][:innodb_log_buffer_size] || '64M' %>
|
32
|
+
innodb_log_file_size = <%= configuration[:mysql][:innodb_log_file_size] || '80M' %>
|
33
|
+
innodb_log_files_in_group = <%= configuration[:mysql][:innodb_log_files_in_group] || '3' %>
|
34
|
+
innodb_file_per_table = <%= configuration[:mysql][:innodb_file_per_table] || '1' %>
|
35
|
+
innodb_max_dirty_pages_pct = <%= configuration[:mysql][:innodb_max_dirty_pages_pct] || '90' %>
|
36
|
+
innodb_lock_wait_timeout = <%= configuration[:mysql][:innodb_lock_wait_timeout] || '120' %>
|
37
|
+
|
38
|
+
######### general
|
39
|
+
default-time-zone = <%= configuration[:mysql][:default_time_zone] || 'SYSTEM' %>
|
40
|
+
connect_timeout = <%= configuration[:mysql][:connect_timeout] || '10' %>
|
41
|
+
back_log = <%= configuration[:mysql][:back_log] || '50' %>
|
42
|
+
max_connections = <%= configuration[:mysql][:max_connections] || '25' %>
|
43
|
+
max_connect_errors = <%= configuration[:mysql][:max_connect_errors] || '10' %>
|
44
|
+
table_cache = <%= configuration[:mysql][:table_cache] || '2048' %>
|
45
|
+
max_allowed_packet = <%= configuration[:mysql][:max_allowed_packet] || '32M' %>
|
46
|
+
open_files_limit = <%= configuration[:mysql][:open_files_limit] || '1024' %>
|
47
|
+
max_heap_table_size = <%= configuration[:mysql][:max_heap_table_size] || '64M' %>
|
48
|
+
join_buffer_size = <%= configuration[:mysql][:join_buffer_size] || '4M' %>
|
49
|
+
read_buffer_size = <%= configuration[:mysql][:read_buffer_size] || '4M' %>
|
50
|
+
sort_buffer_size = <%= configuration[:mysql][:sort_buffer_size] || '8M' %>
|
51
|
+
read_rnd_buffer_size = <%= configuration[:mysql][:read_rnd_buffer_size] || '8M' %>
|
52
|
+
thread_cache_size = <%= configuration[:mysql][:thread_cache_size] || '8' %>
|
53
|
+
thread_concurrency = <%= configuration[:mysql][:thread_concurrency] || '8' %>
|
54
|
+
query_cache_size = <%= configuration[:mysql][:query_cache_size] || '128M' %>
|
55
|
+
query_cache_limit = <%= configuration[:mysql][:query_cache_limit] || '2M' %>
|
56
|
+
thread_stack = <%= configuration[:mysql][:thread_stack] || '192K' %>
|
57
|
+
transaction_isolation = <%= configuration[:mysql][:transaction_isolation] || 'READ-COMMITTED' %>
|
58
|
+
tmp_table_size = <%= configuration[:mysql][:tmp_table_size] || '128M' %>
|
59
|
+
tmpdir = <%= configuration[:mysql][:tmpdir] || '/tmp' %>
|
60
|
+
log_slow_queries = <%= configuration[:mysql][:log_slow_queries] || '/var/log/mysql/slow_queries.log' %>
|
61
|
+
long_query_time = <%= configuration[:mysql][:long_query_time] || '5' %>
|
62
|
+
|
63
|
+
<%= configuration[:mysql][:extra] %>
|
@@ -0,0 +1,106 @@
|
|
1
|
+
PassengerRoot <%= configuration[:passenger][:path] %>
|
2
|
+
PassengerRuby /usr/bin/ruby
|
3
|
+
|
4
|
+
## PassengerLogLevel
|
5
|
+
#
|
6
|
+
# Specify how much information Phusion Passenger should write to the
|
7
|
+
# Apache error log file. A higher log level value means that more
|
8
|
+
# information will be logged.
|
9
|
+
#
|
10
|
+
# 0: Show only errors and warnings. This is the default setting.
|
11
|
+
# 1: Show the most important debugging information. This might be useful
|
12
|
+
# for system administrators who are trying to figure out the cause
|
13
|
+
# of a problem.
|
14
|
+
# 2: Show more debugging information. This is typically
|
15
|
+
# only useful for developers.
|
16
|
+
# 3: Show even more debugging information.
|
17
|
+
|
18
|
+
PassengerLogLevel <%= configuration[:passenger][:log_level] || 0 %>
|
19
|
+
|
20
|
+
## PassengerUseGlobalQueue
|
21
|
+
#
|
22
|
+
# Recall that Phusion Passenger spawns multiple backend processes (e.g. multiple
|
23
|
+
# Ruby on Rails processes), each which processes HTTP requests serially. One of
|
24
|
+
# Phusion Passenger's jobs is to forward HTTP requests to a suitable backend
|
25
|
+
# process. A backend process may take an arbitrary amount of time to process a
|
26
|
+
# specific HTTP request. If the websites are (temporarily) under high load, and
|
27
|
+
# the backend processes cannot process the requests fast enough, then some
|
28
|
+
# requests may have to be queued.
|
29
|
+
#
|
30
|
+
# If global queuing is turned off, then Phusion Passenger will use fair load
|
31
|
+
# balancing. This means that each backend process will have its own private
|
32
|
+
# queue. Phusion Passenger will forward an HTTP request to the backend process
|
33
|
+
# that has the least amount of requests in its queue.
|
34
|
+
#
|
35
|
+
# If global queuing is turned on, then Phusion Passenger will use a global queue
|
36
|
+
# that's shared between all backend processes. If an HTTP request comes in, and
|
37
|
+
# all the backend processes are still busy, then Phusion Passenger will wait
|
38
|
+
# until at least one backend process is done, and will then forward the request
|
39
|
+
# to that process.
|
40
|
+
#
|
41
|
+
# Options: <on|off>
|
42
|
+
|
43
|
+
PassengerUseGlobalQueue <%= passenger_config_boolean(configuration[:passenger][:use_global_queue] || true) %>
|
44
|
+
|
45
|
+
## PassengerUserSwitching
|
46
|
+
#
|
47
|
+
# Enable User Switching Support. This option starts your application
|
48
|
+
# as the owner of the file config/environment.rb. The owner of
|
49
|
+
# environment.rb must have read access to the Rails application's
|
50
|
+
# folder, and read/write access to the Rails application's logs folder.
|
51
|
+
# This feature is only available if Apache is started by root.
|
52
|
+
#
|
53
|
+
# Options: <on|off>
|
54
|
+
|
55
|
+
PassengerUserSwitching <%= passenger_config_boolean(configuration[:passenger][:user_switching] || true) %>
|
56
|
+
|
57
|
+
## PassengerDefaultUser
|
58
|
+
#
|
59
|
+
# Specify the user Passenger must run as. This option allows you
|
60
|
+
# to specify which user your application will run as if user
|
61
|
+
# switching fails or is disabled.
|
62
|
+
|
63
|
+
PassengerDefaultUser <%= configuration[:passenger][:default_user] || configuration[:user] %>
|
64
|
+
|
65
|
+
## PassengerMaxPoolSize
|
66
|
+
#
|
67
|
+
# Set the maximum number of application instances that can be
|
68
|
+
# simultaneously active. A larger number results in higher
|
69
|
+
# memory usage, but improved ability to handle concurrent HTTP clients.
|
70
|
+
# The optimal value depends on your system's hardware and the server's
|
71
|
+
# average load. You should experiment with different values. Generally
|
72
|
+
# speaking, the value should be at least equal to the number of CPUs
|
73
|
+
# (or CPU cores) that you have. If your system has 2 GB of RAM, then
|
74
|
+
# we recommend a value of 30. If your system is a Virtual Private
|
75
|
+
# Server (VPS) and has about 256 MB RAM, and is also running other
|
76
|
+
# services such as MySQL, then we recommend a value of 2.
|
77
|
+
|
78
|
+
PassengerMaxPoolSize <%= configuration[:passenger][:max_pool_size] || 6 %>
|
79
|
+
|
80
|
+
## PassengerMaxInstancesPerApp
|
81
|
+
#
|
82
|
+
# Set the maximum number of application instances that may
|
83
|
+
# be simultaneously active for a single application. This helps to
|
84
|
+
# make sure that a single application will not occupy all available
|
85
|
+
# slots in the application pool. This value must be less than
|
86
|
+
# PassengerMaxPoolSize. A value of 0 means that there is no limit
|
87
|
+
# placed on the number of instances a single application may use,
|
88
|
+
# i.e. only the global limit of PassengerMaxPoolSize will be enforced.
|
89
|
+
|
90
|
+
PassengerMaxInstancesPerApp <%= configuration[:passenger][:max_instances_per_app] || 0 %>
|
91
|
+
|
92
|
+
## PassengerPoolIdleTime
|
93
|
+
#
|
94
|
+
# Set the maximum number of seconds that your application instance
|
95
|
+
# may be idle. That is, if an application instance hasn't done anything
|
96
|
+
# after the given number of seconds, then it will be shutdown in order
|
97
|
+
# to conserve memory. Decreasing this value means that applications
|
98
|
+
# will have to be spawned more often. Since spawning is a relatively
|
99
|
+
# slow operation, some visitors may notice a small delay when they
|
100
|
+
# visit your website. However, it will also free up resources used by
|
101
|
+
# applications more quickly. The optimal value depends on the average
|
102
|
+
# time that a visitor spends on a single Rails/Rack web page. We
|
103
|
+
# recommend a value of 2 * x, where x is the average number of seconds
|
104
|
+
# that a visitor spends on a single web page. But your mileage may vary.
|
105
|
+
|
106
|
+
PassengerPoolIdleTime <%= configuration[:passenger][:pool_idle_time] || 300 %>
|
@@ -0,0 +1,273 @@
|
|
1
|
+
<VirtualHost *:80>
|
2
|
+
ServerName <%= configuration[:domain] || (Facter.to_hash["hostname"] + '.' + Facter.to_hash["domain"]) %>
|
3
|
+
<% if configuration[:domain_aliases] %>
|
4
|
+
ServerAlias <%= configuration[:domain_aliases].to_a.join(' ') %>
|
5
|
+
<% end %>
|
6
|
+
<% if configuration[:ssl] && configuration[:ssl][:only] %>
|
7
|
+
RewriteEngine On
|
8
|
+
RewriteCond %{HTTPS} !=on
|
9
|
+
RewriteCond %{REQUEST_URI} !^/server-status
|
10
|
+
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
|
11
|
+
<% else %>
|
12
|
+
DocumentRoot <%= configuration[:deploy_to] + "/current/public" %>
|
13
|
+
|
14
|
+
<Directory <%= configuration[:deploy_to] + "/current/public" %>>
|
15
|
+
Options FollowSymLinks
|
16
|
+
AllowOverride None
|
17
|
+
Order allow,deny
|
18
|
+
Allow from all
|
19
|
+
</Directory>
|
20
|
+
|
21
|
+
<% if configuration[:apache ] && (configuration[:apache][:users] || configuration[:apache][:allow] || configuration[:apache][:deny]) %>
|
22
|
+
<Location / >
|
23
|
+
<% if configuration[:apache][:users] %>
|
24
|
+
authtype basic
|
25
|
+
authuserfile <%= configuration[:apache][:htpasswd] || "#{configuration[:deploy_to]}/shared/config/htpasswd" %>
|
26
|
+
authname "<%= configuration[:authname] || configuration[:domain] %>"
|
27
|
+
<% end %>
|
28
|
+
<Limit GET POST DELETE PUT>
|
29
|
+
order deny,allow
|
30
|
+
<% if configuration[:apache][:users] || configuration[:apache][:allow] %>
|
31
|
+
deny from all
|
32
|
+
<% end %>
|
33
|
+
<% configuration[:apache][:deny].to_a.each do |deny| %>
|
34
|
+
deny from <%= deny %>
|
35
|
+
<% end %>
|
36
|
+
<% configuration[:apache][:allow].to_a.each do |allow| %>
|
37
|
+
allow from <%= allow %>
|
38
|
+
<% end %>
|
39
|
+
<% if configuration[:apache][:users] %>
|
40
|
+
require valid-user
|
41
|
+
<% end %>
|
42
|
+
Satisfy <%= configuration[:apache][:satisfy] || 'Any' %>
|
43
|
+
</Limit>
|
44
|
+
</Location>
|
45
|
+
<% end %>
|
46
|
+
|
47
|
+
##
|
48
|
+
## The following options are Rails specific options. They may occur
|
49
|
+
## here in your VirtualHost entry or in the global configuration.
|
50
|
+
##
|
51
|
+
|
52
|
+
## RailsAutoDetect
|
53
|
+
#
|
54
|
+
# Set whether Phusion Passenger should automatically detect whether
|
55
|
+
# a virtual host's document root is a Ruby on Rails application.
|
56
|
+
# The default is on.
|
57
|
+
# Options: <on|off>
|
58
|
+
|
59
|
+
RailsAutoDetect <%= passenger_config_boolean(configuration[:passenger][:rails_auto_detect] || true) %>
|
60
|
+
|
61
|
+
## RailsBaseURI
|
62
|
+
#
|
63
|
+
# Specify that the given URI is a Rails application. It is allowed to
|
64
|
+
# specify this option multiple times. Do this to deploy multiple
|
65
|
+
# Rails applications in different sub-URIs under the same virtual host.
|
66
|
+
<% if configuration[:passenger][:rails_base_uri] %>
|
67
|
+
RailsBaseURI <%= configuration[:passenger][:rails_base_uri] %>
|
68
|
+
<% else %>
|
69
|
+
# RailsBaseURI <uri>
|
70
|
+
<% end %>
|
71
|
+
|
72
|
+
## RailsAllowModRewrite
|
73
|
+
#
|
74
|
+
# Passenger will not override mod_rewrite rules if this option
|
75
|
+
# is enabled.
|
76
|
+
# Options: <on|off>
|
77
|
+
|
78
|
+
RailsAllowModRewrite <%= passenger_config_boolean(configuration[:passenger][:allow_mod_rewrite] || true) %>
|
79
|
+
|
80
|
+
## RailsEnv
|
81
|
+
#
|
82
|
+
# Use this option to specify the default RAILS_ENV value. The default
|
83
|
+
# setting is production.
|
84
|
+
|
85
|
+
RailsEnv <%= configuration[:passenger][:rails_env] || ENV['RAILS_ENV'] || 'production' %>
|
86
|
+
|
87
|
+
## RailsSpawnMethod
|
88
|
+
#
|
89
|
+
# Internally, Phusion Passenger spawns multiple Ruby on Rails processes
|
90
|
+
# in order to handle requests. But there are multiple ways with which
|
91
|
+
# processes can be spawned, each having its own set of pros and cons.
|
92
|
+
# Supported spawn methods are:
|
93
|
+
# smart
|
94
|
+
# When this spawn method is used, Phusion Passenger will attempt
|
95
|
+
# to cache Ruby on Rails framework code and application code for
|
96
|
+
# a limited period of time.
|
97
|
+
#
|
98
|
+
# conservative
|
99
|
+
# This spawning method is similar to the one used in Mongrel Cluster.
|
100
|
+
# It does not perform any code caching at all.
|
101
|
+
|
102
|
+
RailsSpawnMethod <%= configuration[:passenger][:rails_spawn_method] || 'smart' %>
|
103
|
+
|
104
|
+
# Deflate
|
105
|
+
AddOutputFilterByType DEFLATE text/html text/plain text/xml
|
106
|
+
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
107
|
+
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
108
|
+
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
109
|
+
|
110
|
+
RewriteEngine On
|
111
|
+
|
112
|
+
<%= configuration[:passenger][:vhost_extra] %>
|
113
|
+
|
114
|
+
# Prevent access to .git directories
|
115
|
+
RewriteRule ^(.*/)?\.git/ - [F,L]
|
116
|
+
ErrorDocument 403 "Access Forbidden"
|
117
|
+
|
118
|
+
# Check for maintenance file and redirect all requests
|
119
|
+
RewriteCond %{REQUEST_URI} !\.(css|jpg|png|gif)$
|
120
|
+
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
|
121
|
+
RewriteRule ^.*$ /system/maintenance.html [L]
|
122
|
+
|
123
|
+
# Rewrite index to check for static
|
124
|
+
RewriteRule ^([^.]+)$ $1/index.html [QSA]
|
125
|
+
|
126
|
+
# Rewrite to check for Rails cached page
|
127
|
+
RewriteRule ^([^.]+)$ $1.html [QSA]
|
128
|
+
<% end %>
|
129
|
+
</VirtualHost>
|
130
|
+
|
131
|
+
<% if configuration[:ssl] %>
|
132
|
+
<VirtualHost <%= configuration[:ssl][:ip] || '_default_' %>:443>
|
133
|
+
RequestHeader set X_FORWARDED_PROTO "https"
|
134
|
+
|
135
|
+
SSLEngine on
|
136
|
+
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
|
137
|
+
SSLCertificateFile <%= configuration[:ssl][:certificate_file] || '/etc/ssl/certs/ssl-cert-snakeoil.pem' %>
|
138
|
+
SSLCertificateKeyFile <%= configuration[:ssl][:certificate_key_file] || '/etc/ssl/private/ssl-cert-snakeoil.key' %>
|
139
|
+
<% if configuration[:ssl][:certificate_chain_file] %>
|
140
|
+
SSLCertificateChainFile <%= configuration[:ssl][:certificate_chain_file] %>
|
141
|
+
<% else %>
|
142
|
+
# SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
|
143
|
+
<% end %>
|
144
|
+
|
145
|
+
BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
|
146
|
+
|
147
|
+
ServerName <%= configuration[:domain] || (Facter.to_hash["hostname"] + '.' + Facter.to_hash["domain"]) %>
|
148
|
+
<% if configuration[:domain_aliases] %>
|
149
|
+
ServerAlias <%= configuration[:domain_aliases].to_a.join(' ') %>
|
150
|
+
<% end %>
|
151
|
+
DocumentRoot <%= configuration[:deploy_to] + "/current/public" %>
|
152
|
+
|
153
|
+
<Directory <%= configuration[:deploy_to] + "/current/public" %>>
|
154
|
+
Options FollowSymLinks
|
155
|
+
AllowOverride None
|
156
|
+
Order allow,deny
|
157
|
+
Allow from all
|
158
|
+
</Directory>
|
159
|
+
|
160
|
+
<% if configuration[:apache ] and (configuration[:apache][:users] || configuration[:apache][:allow] || configuration[:apache][:deny]) %>
|
161
|
+
<Location / >
|
162
|
+
<% if configuration[:apache][:users] %>
|
163
|
+
authtype basic
|
164
|
+
authuserfile <%= configuration[:apache][:htpasswd] || "#{configuration[:deploy_to]}/shared/config/htpasswd" %>
|
165
|
+
authname "<%= configuration[:authname] || configuration[:domain] %>"
|
166
|
+
<% end %>
|
167
|
+
<Limit GET POST DELETE PUT>
|
168
|
+
order deny,allow
|
169
|
+
<% if configuration[:apache][:users] || configuration[:apache][:allow] %>
|
170
|
+
deny from all
|
171
|
+
<% end %>
|
172
|
+
<% configuration[:apache][:deny].to_a.each do |deny| %>
|
173
|
+
deny from <%= deny %>
|
174
|
+
<% end %>
|
175
|
+
<% configuration[:apache][:allow].to_a.each do |allow| %>
|
176
|
+
allow from <%= allow %>
|
177
|
+
<% end %>
|
178
|
+
<% if configuration[:apache][:users] %>
|
179
|
+
require valid-user
|
180
|
+
<% end %>
|
181
|
+
Satisfy <%= configuration[:apache][:satisfy] || 'Any' %>
|
182
|
+
</Limit>
|
183
|
+
</Location>
|
184
|
+
<% end %>
|
185
|
+
|
186
|
+
##
|
187
|
+
## The following options are Rails specific options. They may occur
|
188
|
+
## here in your VirtualHost entry or in the global configuration.
|
189
|
+
##
|
190
|
+
|
191
|
+
## RailsAutoDetect
|
192
|
+
#
|
193
|
+
# Set whether Phusion Passenger should automatically detect whether
|
194
|
+
# a virtual host's document root is a Ruby on Rails application.
|
195
|
+
# The default is on.
|
196
|
+
# Options: <on|off>
|
197
|
+
|
198
|
+
RailsAutoDetect <%= passenger_config_boolean(configuration[:passenger][:rails_auto_detect] || true) %>
|
199
|
+
|
200
|
+
## RailsBaseURI
|
201
|
+
#
|
202
|
+
# Specify that the given URI is a Rails application. It is allowed to
|
203
|
+
# specify this option multiple times. Do this to deploy multiple
|
204
|
+
# Rails applications in different sub-URIs under the same virtual host.
|
205
|
+
<% if configuration[:passenger][:rails_base_uri] %>
|
206
|
+
RailsBaseURI <%= configuration[:passenger][:rails_base_uri] %>
|
207
|
+
<% else %>
|
208
|
+
# RailsBaseURI <uri>
|
209
|
+
<% end %>
|
210
|
+
|
211
|
+
## RailsAllowModRewrite
|
212
|
+
#
|
213
|
+
# Passenger will not override mod_rewrite rules if this option
|
214
|
+
# is enabled.
|
215
|
+
# Options: <on|off>
|
216
|
+
|
217
|
+
RailsAllowModRewrite <%= passenger_config_boolean(configuration[:passenger][:allow_mod_rewrite] || true) %>
|
218
|
+
|
219
|
+
## RailsEnv
|
220
|
+
#
|
221
|
+
# Use this option to specify the default RAILS_ENV value. The default
|
222
|
+
# setting is production.
|
223
|
+
|
224
|
+
RailsEnv <%= configuration[:passenger][:rails_env] || ENV['RAILS_ENV'] || 'production' %>
|
225
|
+
|
226
|
+
## RailsSpawnMethod
|
227
|
+
#
|
228
|
+
# Internally, Phusion Passenger spawns multiple Ruby on Rails processes
|
229
|
+
# in order to handle requests. But there are multiple ways with which
|
230
|
+
# processes can be spawned, each having its own set of pros and cons.
|
231
|
+
# Supported spawn methods are:
|
232
|
+
# smart
|
233
|
+
# When this spawn method is used, Phusion Passenger will attempt
|
234
|
+
# to cache Ruby on Rails framework code and application code for
|
235
|
+
# a limited period of time.
|
236
|
+
#
|
237
|
+
# conservative
|
238
|
+
# This spawning method is similar to the one used in Mongrel Cluster.
|
239
|
+
# It does not perform any code caching at all.
|
240
|
+
|
241
|
+
RailsSpawnMethod <%= configuration[:passenger][:rails_spawn_method] || 'smart' %>
|
242
|
+
|
243
|
+
# Deflate
|
244
|
+
AddOutputFilterByType DEFLATE text/html text/plain text/xml
|
245
|
+
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
246
|
+
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
247
|
+
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
248
|
+
|
249
|
+
RewriteEngine On
|
250
|
+
|
251
|
+
<% if configuration[:ssl] %>
|
252
|
+
<%= configuration[:ssl][:vhost_extra] %>
|
253
|
+
<% else %>
|
254
|
+
<%= configuration[:passenger][:vhost_extra] %>
|
255
|
+
<% end %>
|
256
|
+
|
257
|
+
# Prevent access to .git directories
|
258
|
+
RewriteRule ^(.*/)?\.git/ - [F,L]
|
259
|
+
ErrorDocument 403 "Access Forbidden"
|
260
|
+
|
261
|
+
# Check for maintenance file and redirect all requests
|
262
|
+
RewriteCond %{REQUEST_URI} !\.(css|jpg|png|gif)$
|
263
|
+
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
|
264
|
+
RewriteRule ^.*$ /system/maintenance.html [L]
|
265
|
+
|
266
|
+
# Rewrite index to check for static
|
267
|
+
RewriteRule ^([^.]+)$ $1/index.html [QSA]
|
268
|
+
|
269
|
+
# Rewrite to check for Rails cached page
|
270
|
+
RewriteRule ^([^.]+)$ $1.html [QSA]
|
271
|
+
|
272
|
+
</VirtualHost>
|
273
|
+
<% end %>
|
@@ -0,0 +1,83 @@
|
|
1
|
+
# PostgreSQL Client Authentication Configuration File
|
2
|
+
# ===================================================
|
3
|
+
#
|
4
|
+
# Refer to the "Client Authentication" section in the
|
5
|
+
# PostgreSQL documentation for a complete description
|
6
|
+
# of this file. A short synopsis follows.
|
7
|
+
#
|
8
|
+
# This file controls: which hosts are allowed to connect, how clients
|
9
|
+
# are authenticated, which PostgreSQL user names they can use, which
|
10
|
+
# databases they can access. Records take one of these forms:
|
11
|
+
#
|
12
|
+
# local DATABASE USER METHOD [OPTION]
|
13
|
+
# host DATABASE USER CIDR-ADDRESS METHOD [OPTION]
|
14
|
+
# hostssl DATABASE USER CIDR-ADDRESS METHOD [OPTION]
|
15
|
+
# hostnossl DATABASE USER CIDR-ADDRESS METHOD [OPTION]
|
16
|
+
#
|
17
|
+
# (The uppercase items must be replaced by actual values.)
|
18
|
+
#
|
19
|
+
# The first field is the connection type: "local" is a Unix-domain socket,
|
20
|
+
# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
|
21
|
+
# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
|
22
|
+
#
|
23
|
+
# DATABASE can be "all", "sameuser", "samerole", a database name, or
|
24
|
+
# a comma-separated list thereof.
|
25
|
+
#
|
26
|
+
# USER can be "all", a user name, a group name prefixed with "+", or
|
27
|
+
# a comma-separated list thereof. In both the DATABASE and USER fields
|
28
|
+
# you can also write a file name prefixed with "@" to include names from
|
29
|
+
# a separate file.
|
30
|
+
#
|
31
|
+
# CIDR-ADDRESS specifies the set of hosts the record matches.
|
32
|
+
# It is made up of an IP address and a CIDR mask that is an integer
|
33
|
+
# (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies
|
34
|
+
# the number of significant bits in the mask. Alternatively, you can write
|
35
|
+
# an IP address and netmask in separate columns to specify the set of hosts.
|
36
|
+
#
|
37
|
+
# METHOD can be "trust", "reject", "md5", "crypt", "password", "gss", "sspi",
|
38
|
+
# "krb5", "ident", "pam" or "ldap". Note that "password" sends passwords
|
39
|
+
# in clear text; "md5" is preferred since it sends encrypted passwords.
|
40
|
+
#
|
41
|
+
# OPTION is the ident map or the name of the PAM service, depending on METHOD.
|
42
|
+
#
|
43
|
+
# Database and user names containing spaces, commas, quotes and other special
|
44
|
+
# characters must be quoted. Quoting one of the keywords "all", "sameuser" or
|
45
|
+
# "samerole" makes the name lose its special character, and just match a
|
46
|
+
# database or username with that name.
|
47
|
+
#
|
48
|
+
# This file is read on server startup and when the postmaster receives
|
49
|
+
# a SIGHUP signal. If you edit the file on a running system, you have
|
50
|
+
# to SIGHUP the postmaster for the changes to take effect. You can use
|
51
|
+
# "pg_ctl reload" to do that.
|
52
|
+
|
53
|
+
# Put your actual configuration here
|
54
|
+
# ----------------------------------
|
55
|
+
#
|
56
|
+
# If you want to allow non-local connections, you need to add more
|
57
|
+
# "host" records. In that case you will also need to make PostgreSQL listen
|
58
|
+
# on a non-local interface via the listen_addresses configuration parameter,
|
59
|
+
# or via the -i or -h command line switches.
|
60
|
+
#
|
61
|
+
|
62
|
+
|
63
|
+
|
64
|
+
|
65
|
+
# DO NOT DISABLE!
|
66
|
+
# If you change this first entry you will need to make sure that the
|
67
|
+
# database
|
68
|
+
# super user can access the database using some other method.
|
69
|
+
# Noninteractive
|
70
|
+
# access to all databases is required during automatic maintenance
|
71
|
+
# (autovacuum, daily cronjob, replication, and similar tasks).
|
72
|
+
#
|
73
|
+
# Database administrative login by UNIX sockets
|
74
|
+
local all postgres ident sameuser
|
75
|
+
|
76
|
+
# TYPE DATABASE USER CIDR-ADDRESS METHOD
|
77
|
+
|
78
|
+
# "local" is for Unix domain socket connections only
|
79
|
+
local all all md5 sameuser
|
80
|
+
# IPv4 local connections:
|
81
|
+
host all all 127.0.0.1/32 md5
|
82
|
+
# IPv6 local connections:
|
83
|
+
host all all ::1/128 md5
|