dust-deploy 0.1.0

data/lib/dust/recipes/locale.rb

@@ -0,0 +1,17 @@
+class Locale < Thor
+  desc 'locale:deploy', 'configures system locale'
+  def deploy node, locale, options
+    if node.uses_apt? true
+      ::Dust.print_msg "setting locale to '#{locale}'"
+      node.write '/etc/default/locale', "LANGUAGE=#{locale}\nLANG=#{locale}\nLC_ALL=#{locale}\nLC_CTYPE=#{locale}\n", true
+      ::Dust.print_ok
+    elsif node.uses_rpm? true
+      ::Dust.print_msg "setting locale to '#{locale}'"
+      node.write '/etc/sysconfig/i18n', "LANG=\"#{locale}\"\nLC_ALL=\"#{locale}\"\nSYSFONT=\"latarcyrheb-sun16\"\n", true
+      ::Dust.print_ok
+    else
+      ::Dust.print_failed 'os not supported'
+    end
+  end
+end
+

data/lib/dust/recipes/memory_limit.rb

@@ -0,0 +1,23 @@
+class MemoryLimit < Thor
+  desc 'memory_limit:deploy', 'sets up system wide memory limit per process'
+  def deploy node, ingredients, options
+    template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
+
+    node.collect_facts
+
+    # get system memory (in kb)
+    system_mem = ::Dust.convert_size node['memorysize']
+
+    # don't allow a process to use more than 90% of the system memory
+    max_mem = (system_mem * 0.9).to_i
+
+    # if the remaining 10% are more than 512mb, use system_mem - 512mb as max instead
+    threshold = ::Dust.convert_size '512 MB'
+    max_mem = system_mem - threshold if max_mem > threshold
+
+    ::Dust.print_msg "setting max memory for a process to #{max_mem} kb"
+    node.write '/etc/security/limits.d/00-memory-limit', "*          hard    as        #{max_mem}", true
+    ::Dust.print_ok
+
+  end
+end

data/lib/dust/recipes/motd.rb

@@ -0,0 +1,12 @@
+require 'erb'
+
+class Motd < Thor
+  desc 'motd:deploy', 'creates message of the day'
+  def deploy node, ingredients, options
+    template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
+
+    # configure node using erb template
+    template = ERB.new File.read("#{template_path}/motd.erb"), nil, '%<>'
+    node.write '/etc/motd', template.result(binding)
+  end
+end

data/lib/dust/recipes/mysql.rb

@@ -0,0 +1,49 @@
+require 'erb'
+
+class Mysql < Thor
+  desc 'mysql:deploy', 'installs and configures mysql database'
+  def deploy node, config, options
+    template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
+
+    return unless node.uses_apt?
+    node.install_package 'mysql-server'
+
+    ::Dust.print_msg "configuring mysql\n"
+
+    # defaults
+    config['bind_address'] ||= '127.0.0.1'
+    config['port'] ||= 3306
+
+    ::Dust.print_ok "listen on #{config['bind_address']}:#{config['port']}", 2
+
+    config['innodb_file_per_table'] ||= 1
+    config['innodb_thread_concurrency'] ||= 0
+    config['innodb_flush_log_at_trx_commit'] ||= 1
+
+    # allocate 70% of the available ram to mysql
+    # but leave max 1gb to system
+    unless config['innodb_buffer_pool_size']
+      ::Dust.print_msg 'autoconfiguring innodb buffer size', 2
+      node.collect_facts true
+
+      # get system memory (in kb)
+      system_mem = ::Dust.convert_size node['memorysize']
+
+      # allocate 70% of the available ram to mysql
+      buffer_pool = (system_mem * 0.70).to_i / 1024
+
+      config['innodb_buffer_pool_size'] = "#{buffer_pool}M"
+      ::Dust.print_ok
+    end
+
+    ::Dust.print_ok "setting innodb buffer pool to '#{config['innodb_buffer_pool_size']}'", 2
+
+    template = ERB.new( File.read("#{template_path}/my.cnf.erb"), nil, '%<>')
+    node.write '/etc/mysql/my.cnf', template.result(binding)
+    node.chmod '644', '/etc/mysql/my.cnf'
+
+    node.service_restart 'mysql-server' if options.restart?
+    node.service_reload 'mysql-server' if options.reload?
+  end
+end
+

data/lib/dust/recipes/nginx.rb

@@ -0,0 +1,53 @@
+require 'erb'
+
+class Nginx < Thor
+  desc 'nginx:deploy', 'installs and configures nginx web server'
+  def deploy node, sites, options
+    template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
+
+    # abort if nginx cannot be installed
+    return unless node.install_package('nginx')
+
+    node.scp("#{template_path}/nginx.conf", '/etc/nginx/nginx.conf')
+
+    # remove old sites that may be present
+    ::Dust.print_msg 'deleting old sites in /etc/nginx/sites-*'
+    node.rm '/etc/nginx/sites-*/*', true
+    ::Dust.print_ok
+
+    sites.each do |state, site|
+      file = "#{template_path}/sites/#{site}"
+
+      # if this site is just a regular file, copy it to sites-available
+      if File.exists? file
+        node.scp file, "/etc/nginx/sites-available/#{site}"
+
+       # if this site is an erb template, render it and deploy
+      elsif File.exists? "#{file}.erb"
+        template = ERB.new( File.read("#{file}.erb"), nil, '%<>')
+        node.write "/etc/nginx/sites-available/#{site}", template.result(binding)
+
+      # skip to next site if template wasn't found
+      else
+        ::Dust.print_failed "couldn't find template for #{site}", 2
+        next
+      end
+
+      # symlink to sites-enabled if this is listed as an enabled site
+      if state == 'sites-enabled'
+        ::Dust.print_msg "enabling #{site}", 2
+        ::Dust.print_result( node.exec("cd /etc/nginx/sites-enabled && ln -s ../sites-available/#{site} #{site}")[:exit_code] )
+      end
+    end
+
+    # check configuration and restart nginx
+    ::Dust.print_msg 'checking nginx configuration'
+    if node.exec('/etc/init.d/nginx configtest')[:exit_code] == 0
+      ::Dust.print_ok
+      node.restart_service('nginx') if options.restart?
+    else
+      ::Dust.print_failed
+    end
+  end
+end
+

data/lib/dust/recipes/packages.rb

@@ -0,0 +1,9 @@
+class Packages < Thor
+  desc 'packages:deploy', 'installs packages'
+  def deploy node, packages, options
+    packages.each do |package| 
+      node.install_package package
+    end
+  end
+end
+

data/lib/dust/recipes/postgres.rb

@@ -0,0 +1,119 @@
+require 'erb'
+
+class Postgres < Thor
+  desc 'postgres:deploy', 'installs and configures postgresql database'
+  def deploy node, config, options
+    template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
+
+    return ::Dust.print_failed 'no version specified' unless config['version']
+
+    if node.uses_emerge? true
+      return unless node.package_installed? 'postgresql-server'
+      config['data-dir'] ||= "/var/lib/postgresql/#{config['version']}/data"
+      config['conf-dir'] ||= "/etc/postgresql-#{config['version']}"
+      config['archive-dir'] ||= "/var/lib/postgresql/#{config['version']}/archive"
+      config['service-name'] ||= "postgresql-#{config['version']}"
+    elsif node.uses_apt? true
+      return unless node.package_installed? "postgresql-#{config['version']}"
+      config['data-dir'] ||= "/var/lib/postgresql/#{config['version']}/#{config['cluster']}"
+      config['conf-dir'] ||= "/etc/postgresql/#{config['version']}/#{config['cluster']}"
+      config['archive-dir'] ||= "/var/lib/postgresql/#{config['version']}/#{config['cluster']}-archive"
+      config['service-name'] ||= 'postgresql'
+    else
+      return 'os not supported'
+    end
+
+
+    deploy_file 'postgresql.conf', "#{config['conf-dir']}/postgresql.conf", binding
+    deploy_file 'pg_hba.conf', "#{config['conf-dir']}/pg_hba.conf", binding
+    deploy_file 'pg_ident.conf', "#{config['conf-dir']}/pg_ident.conf", binding
+
+    node.chmod '644', "#{config['conf-dir']}/postgresql.conf"
+    node.chmod '644', "#{config['conf-dir']}/pg_hba.conf"
+    node.chmod '644', "#{config['conf-dir']}/pg_ident.conf"
+
+    # deploy pacemaker script
+    if node.package_installed? 'pacemaker'
+      deploy_file 'pacemaker.sh', "#{config['conf-dir']}/pacemaker.sh", binding
+      node.chmod '755', "#{config['conf-dir']}/pacemaker.sh"
+    end
+
+    # copy recovery.conf to either recovery.conf or recovery.done
+    # depending on which file already exists.
+    if node.file_exists? "#{config['data-dir']}/recovery.conf", true
+      deploy_file 'recovery.conf', "#{config['data-dir']}/recovery.conf", binding
+    else
+      deploy_file 'recovery.conf', "#{config['data-dir']}/recovery.done", binding
+    end
+
+    # deploy certificates to data-dir
+    deploy_file 'server.crt', "#{config['data-dir']}/server.crt", binding
+    deploy_file 'server.key', "#{config['data-dir']}/server.key", binding
+
+    node.chown config['dbuser'], config['data-dir'] if config['dbuser']
+    node.chmod 'u+Xrw,g-rwx,o-rwx', config['data-dir']
+
+    # create archive dir
+    node.mkdir config['archive-dir']
+    node.chown config['dbuser'], config['archive-dir'] if config['dbuser']
+    node.chmod 'u+Xrw,g-rwx,o-rwx', config['archive-dir']
+
+
+    # increase shm memory
+    if node.uses_apt? true
+      ::Dust.print_msg "setting postgres sysctl keys\n"
+      node.collect_facts true
+
+      # use half of system memory for shmmax
+      shmmax = ::Dust.convert_size(node['memorysize']) * 1024 / 2
+      shmall = shmmax / 4096 # shmmax/pagesize (pagesize = 4096)
+
+      ::Dust.print_msg "setting shmmax to: #{shmmax}", 2
+      ::Dust.print_result node.exec("sysctl -w kernel.shmmax=#{shmmax}")[:exit_code]
+      ::Dust.print_msg "setting shmall to: #{shmall}", 2
+      ::Dust.print_result node.exec("sysctl -w kernel.shmall=#{shmall}")[:exit_code]
+      ::Dust.print_msg 'setting overcommit memory to 2', 2
+      ::Dust.print_result node.exec('sysctl -w vm.overcommit_memory=2')[:exit_code]
+      ::Dust.print_msg 'setting swappiness to 0', 2
+      ::Dust.print_result node.exec('sysctl -w vm.swappiness=0')[:exit_code]
+
+      file = ''
+      file += "kernel.shmmax=#{shmmax}\n"
+      file += "kernel.shmall=#{shmall}\n"
+      file += "vm.overcommit_memory=2\n" # don't allocate memory that's not there
+      file += "vm.swappiness=0\n" # rather shrink cache then use swap as filesystem cache
+
+      node.write "/etc/sysctl.d/30-postgresql-shm.conf", file
+    end
+
+    # reload/restart postgres if command line option is given
+    node.restart_service config['service-name'] if options.restart?
+    node.reload_service config['service-name'] if options.reload?
+  end
+
+  private
+  def deploy_file file, target, recipe_binding
+    template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
+
+    # get node and config from binding
+    node = eval 'node', recipe_binding
+    config = eval 'config', recipe_binding
+
+    # if file is just a regular file, copy it to sites-available
+    if File.exists? "#{template_path}/#{file}"
+      node.scp "#{template_path}/#{file}", target
+
+    # if file is an erb template, render it and deploy
+    elsif File.exists? "#{template_path}/#{file}.erb"
+      ::Dust.print_msg "adjusting and deploying #{file}"
+      template = ERB.new( File.read("#{template_path}/#{file}.erb"), nil, '%<>')
+      ::Dust.print_result node.write(target, template.result(binding), true)
+
+    # file was not found, return
+    else
+      return ::Dust.print_failed "file '#{template_path}/#{file}' not found."
+    end
+  end
+
+end
+

data/lib/dust/recipes/rc_local.rb

@@ -0,0 +1,24 @@
+class RcLocal < Thor
+  desc 'rc_local:deploy', 'configures custom startup script'
+  def deploy node, config, options
+
+    if node.uses_apt? true
+      ::Dust.print_msg "configuring custom startup script\n"
+
+      rc = ''
+      config.each do |cmd|
+        ::Dust.print_msg "adding command: #{cmd}", 2
+        rc += "#{cmd}\n"
+        ::Dust.print_ok
+      end
+      rc += "\nexit 0\n"
+
+      node.write '/etc/rc.local', rc
+      node.chown 'root:root', '/etc/rc.local'
+      node.chmod '755', '/etc/rc.local'
+    else
+      ::Dust.print_failed 'os not supported'
+    end
+  end
+end
+

data/lib/dust/recipes/repositories.rb

@@ -0,0 +1,88 @@
+class Repositories < Thor
+  desc 'repositories:deploy', 'configures package management repositories (aptitude, yum)'
+  def deploy node, repos, options
+
+    if node.uses_apt?
+      :: Dust.print_msg 'deleting old repositories'
+      node.rm '/etc/apt/sources.list.d/*.list', true
+      ::Dust.print_ok 
+
+      repos.each do |name, repo|
+        puts
+
+        # if repo is present but not a hash use defaults
+        repo = {} unless repo.class == Hash
+
+        # setting defaults
+        repo['url'] ||= 'http://ftp.debian.org/debian/' if node.is_debian? true
+        repo['url'] ||= 'http://archive.ubuntu.com/ubuntu/' if node.is_ubuntu? true
+   
+        repo['release'] ||= node['lsbdistcodename']
+        repo['components'] ||= 'main'
+
+        # ||= doesn't work for booleans
+        repo['source'] = repo['source'].nil? ? true : repo['source']
+        repo['binary'] = repo['binary'].nil? ? true : repo['binary']
+
+        # the default repository in /etc/apt/sources.list (debian)
+        if name == 'default'
+          ::Dust.print_msg 'deploying default repository'
+
+          sources = ''
+          sources += "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" +
+                     "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n\n"
+
+          # security
+          if node.is_debian? true
+            sources += "deb http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n" +
+                       "deb-src http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n\n"
+          elsif node.is_ubuntu? true
+            sources += "deb http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n" +
+                       "deb-src http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n\n"
+          end
+
+          # updates
+          sources += "deb #{repo['url']} #{repo['release']}-updates #{repo['components']}\n" +
+                     "deb-src #{repo['url']} #{repo['release']}-updates #{repo['components']}\n\n"
+
+          # proposed
+          if node.is_ubuntu? true
+            sources += "deb #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n" +
+                       "deb-src #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n\n"
+          end
+
+          # backports is enabled per default in ubuntu oneiric
+          if node.is_ubuntu? true
+            sources += "deb #{repo['url']} #{repo['release']}-backports #{repo['components']}\n" +
+                       "deb-src #{repo['url']} #{repo['release']}-backports #{repo['components']}\n\n"
+          end
+
+          ::Dust.print_result node.write('/etc/apt/sources.list', sources, true)
+          next
+
+        else
+          # add url to sources.list
+          sources = ''
+          sources += "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['binary']
+          sources += "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['source']
+
+          ::Dust.print_msg "adding repository '#{name}' to sources"
+          ::Dust.print_result node.write("/etc/apt/sources.list.d/#{name}.list", sources, true)
+
+          # add the repository key
+          if repo['key']
+            ::Dust.print_msg "adding #{name} repository key"
+            ::Dust.print_result node.exec("wget -O- '#{repo['key']}' | apt-key add -")[:exit_code]
+          end
+        end
+      end
+
+    elsif node.uses_rpm?
+      ::Dust.print_failed 'rpm not yet supported'
+
+    else
+      ::Dust.print_failed 'os not supported'
+    end
+  end
+end
+

data/lib/dust/recipes/resolv_conf.rb

@@ -0,0 +1,42 @@
+class ResolvConf < Thor
+  desc 'resolv_conf:deploy', 'configures /etc/resolv.conf'
+  def deploy node, config, options
+    ::Dust.print_msg "configuring resolv.conf\n"
+
+    # if config is just true, create empty hash and use defaults
+    config = {} unless config.class == Hash
+
+    # setting default config variables (unless already set)
+    config['nameservers'] ||= [ '208.67.222.222', '208.67.220.220' ] # opendns
+
+    config_file = ''
+
+    # configures whether daily reports are sent
+    if config['search']
+      ::Dust.print_msg "adding search #{config['search']}", 2
+      config_file += "search #{config['search']}\n"
+      ::Dust.print_ok
+    end
+
+    if config['domain']
+      ::Dust.print_msg "adding domain #{config['domain']}", 2
+      config_file += "domain #{config['domain']}\n"
+      ::Dust.print_ok
+    end
+
+    if config['options']
+      ::Dust.print_msg "adding options #{config['options']}", 2
+      config_file += "options #{config['options']}\n"
+      ::Dust.print_ok
+    end
+
+    config['nameservers'].each do |nameserver|
+      ::Dust.print_msg "adding nameserver #{nameserver}", 2
+      config_file += "nameserver #{nameserver}\n"
+      ::Dust.print_ok
+    end
+ 
+    node.write '/etc/resolv.conf', config_file
+  end
+end
+