dust-deploy 0.12.0 → 0.12.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +8 -1
- data/changelog.md +17 -0
- data/lib/dust/helper.rb +1 -1
- data/lib/dust/recipes/cjdroute.rb +5 -59
- data/lib/dust/recipes/limits.rb +55 -0
- data/lib/dust/recipes/nginx.rb +1 -1
- data/lib/dust/version.rb +1 -1
- metadata +3 -3
- data/lib/dust/recipes/memory_limit.rb +0 -21
data/README.md
CHANGED
@@ -59,7 +59,14 @@ you can then save the file, and tell dust to get to work:
|
|
59
59
|
- checking if rsync is installed [ ok ]
|
60
60
|
|
61
61
|
you should see dust connecting to the node, checking if the requested packages are installed, and if not, install them.
|
62
|
-
|
62
|
+
|
63
|
+
## supported distributions
|
64
|
+
|
65
|
+
dust works with **aptitude**, **yum**, **emerge**, **pacman** (since 0.10.3) and **opkg** (since 0.12.0) systems at the moment (testet with recent versions of **ubuntu**, **debian**, **gentoo**, **fedora**, **scientificlinux**, **centos** and **archlinux** as well as **openwrt**). should work on rhel without any problem, too.
|
66
|
+
|
67
|
+
|
68
|
+
## contribute
|
69
|
+
|
63
70
|
feel free to contribute to dust, so that your system is also supported. contribution is easy! just send me a github pull request. You can find the repository here: https://github.com/kechagia/dust-deploy
|
64
71
|
|
65
72
|
|
data/changelog.md
CHANGED
@@ -1,6 +1,23 @@
|
|
1
1
|
Changelog
|
2
2
|
=============
|
3
3
|
|
4
|
+
0.12.1
|
5
|
+
------------
|
6
|
+
|
7
|
+
- introduces limits recipe, to maintain /etc/security/limits.d/*
|
8
|
+
|
9
|
+
recipes:
|
10
|
+
limits:
|
11
|
+
nginx:
|
12
|
+
- { domain: www-data, type: soft, item: nofile, value: 200000 }
|
13
|
+
- { domain: www-data, type: hard, item: nofile, value: 700000 }
|
14
|
+
|
15
|
+
- nginx recipe now supports erb templates for nginx.conf as well
|
16
|
+
- removes cjdroute public peers, since they are not supported anymore.
|
17
|
+
you should find some friends on irc (efnet #cjdns)
|
18
|
+
- modifies cjdroute recipe, to work with new ./do building setup
|
19
|
+
|
20
|
+
|
4
21
|
0.12.0
|
5
22
|
------------
|
6
23
|
|
data/lib/dust/helper.rb
CHANGED
@@ -15,7 +15,6 @@ class Cjdroute< Recipe
|
|
15
15
|
return unless @node.mkdir "#{@config['build_dir']}/build"
|
16
16
|
|
17
17
|
# compiling action
|
18
|
-
return unless run_cmake
|
19
18
|
return unless run_make
|
20
19
|
|
21
20
|
stop_cjdroute
|
@@ -44,50 +43,6 @@ class Cjdroute< Recipe
|
|
44
43
|
}
|
45
44
|
end
|
46
45
|
|
47
|
-
def public_peers
|
48
|
-
# list of public peers, taken from https://wiki.projectmeshnet.org/Public_peers
|
49
|
-
{
|
50
|
-
# derps nodes
|
51
|
-
'173.255.219.67:10000' => {
|
52
|
-
'password' => 'null',
|
53
|
-
'publicKey' => 'lj52930v1vmg3jqyb399us501svntt499bvgk0c1fud4pmy42gj0.k',
|
54
|
-
'trust' => 5000,
|
55
|
-
'authType' => 1
|
56
|
-
},
|
57
|
-
|
58
|
-
'96.126.112.124:10000' => {
|
59
|
-
'password' => 'null',
|
60
|
-
'publicKey' => '7zy1gb9bw4xp82kjvh66w01jdgh6y3lk7cfnl0pgb0xnn26b2jn0.k',
|
61
|
-
'trust' => 5000,
|
62
|
-
'authType' => 1
|
63
|
-
},
|
64
|
-
|
65
|
-
# rainfly x
|
66
|
-
'76.105.229.241:13982' => {
|
67
|
-
'password' => 'general_public_1985',
|
68
|
-
'publicKey' => '7pu8nlqphgd1bux9sdpjg0c104217r3b3m1bvmdtbn7uwcj5cky0.k',
|
69
|
-
'trust' => 5000,
|
70
|
-
'authType' => 1
|
71
|
-
},
|
72
|
-
|
73
|
-
# grey
|
74
|
-
'199.180.252.227:19081' => {
|
75
|
-
'password' => 'public_7h4yTNEnRSEUvfFLtsM3',
|
76
|
-
'publicKey' => 'z5htnv9jsj85b64cf61lbnl3dmqk5lpv3vxtz9g1jqlvb3b30b90.k',
|
77
|
-
'trust' => 5000,
|
78
|
-
'authType' => 1
|
79
|
-
},
|
80
|
-
|
81
|
-
# ds500ss
|
82
|
-
'87.208.234.24:28078' => {
|
83
|
-
'password' => 'freedomnetsrai9yah4Kic5Kojah5que4xoCh',
|
84
|
-
'publicKey' => 'qb426vh42usw995jy60ll6rtslguv1ylpvwp44ymzky6f0u5qvq0.k',
|
85
|
-
'trust' => 5000,
|
86
|
-
'authType' => 1
|
87
|
-
}
|
88
|
-
}
|
89
|
-
end
|
90
|
-
|
91
46
|
# installs cmake, git and other building tools needed
|
92
47
|
def install_dependencies
|
93
48
|
::Dust.print_msg "installing build dependencies\n"
|
@@ -125,6 +80,10 @@ class Cjdroute< Recipe
|
|
125
80
|
end
|
126
81
|
|
127
82
|
# git pull latest changes
|
83
|
+
::Dust.print_msg "checking out branch '#{@config['git_branch']}'"
|
84
|
+
ret = @node.exec("cd #{@config['build_dir']}; git checkout #{@config['git_branch']}")[:exit_code]
|
85
|
+
return unless Dust.print_result(ret)
|
86
|
+
|
128
87
|
::Dust.print_msg "pulling latest changes from repository\n"
|
129
88
|
ret = @node.exec "cd #{@config['build_dir']}; git pull", :live => true
|
130
89
|
return ::Dust.print_failed 'error pulling from git repository' unless ret[:exit_code] == 0
|
@@ -158,17 +117,9 @@ class Cjdroute< Recipe
|
|
158
117
|
true
|
159
118
|
end
|
160
119
|
|
161
|
-
|
162
|
-
def run_cmake
|
163
|
-
::Dust.print_msg "running cmake\n"
|
164
|
-
ret = @node.exec "export Log_LEVEL=#{@config['loglevel']}; cd #{@config['build_dir']}/build; cmake ..", :live => true
|
165
|
-
return ::Dust.print_failed 'error running cmake' unless ret[:exit_code] == 0
|
166
|
-
true
|
167
|
-
end
|
168
|
-
|
169
120
|
def run_make
|
170
121
|
::Dust.print_msg "compiling cjdns\n"
|
171
|
-
ret = @node.exec "export Log_LEVEL=#{@config['loglevel']}; cd #{@config['build_dir']}
|
122
|
+
ret = @node.exec "export Log_LEVEL=#{@config['loglevel']}; cd #{@config['build_dir']}; ./do", :live => true
|
172
123
|
return ::Dust.print_failed 'error compiling cjdroute' unless ret[:exit_code] == 0
|
173
124
|
true
|
174
125
|
end
|
@@ -187,11 +138,6 @@ class Cjdroute< Recipe
|
|
187
138
|
# parse generated json
|
188
139
|
cjdroute_conf = JSON.parse ret[:stdout]
|
189
140
|
|
190
|
-
# add some public peers, so we can get started directly
|
191
|
-
::Dust.print_msg 'adding public peers', :indent => 2
|
192
|
-
cjdroute_conf['interfaces']['UDPInterface']['connectTo'] = public_peers
|
193
|
-
::Dust.print_ok
|
194
|
-
|
195
141
|
# exchange tun0 with configured tun device
|
196
142
|
cjdroute_conf['router']['interface']['tunDevice'] = @config['tun']
|
197
143
|
|
@@ -0,0 +1,55 @@
|
|
1
|
+
class Limits < Recipe
|
2
|
+
|
3
|
+
desc 'limit:deploy', 'maintains /etc/security/limits.d'
|
4
|
+
def deploy
|
5
|
+
# valid values
|
6
|
+
types = [ 'hard', 'soft' ]
|
7
|
+
items = [ 'core', 'data', 'fsize', 'memlock', 'nofile', 'rss', 'stack', 'cpu',
|
8
|
+
'nproc', 'as', 'maxlogins', 'maxsyslogins', 'priority', 'locks',
|
9
|
+
'sigpending', 'msgqueue', 'nice', 'rtprio', 'chroot' ]
|
10
|
+
|
11
|
+
unless @node.dir_exists? '/etc/security/limits.d'
|
12
|
+
return ::Dust.print_failed 'your system does not support /etc/security/limits.d'
|
13
|
+
end
|
14
|
+
puts
|
15
|
+
|
16
|
+
@config.each do |name, rules|
|
17
|
+
limits_conf = ''
|
18
|
+
::Dust.print_msg "assembling system limits according to rule '#{name}'\n"
|
19
|
+
rules.to_array.each do |rule|
|
20
|
+
|
21
|
+
# check if entry is valid
|
22
|
+
unless rule['domain']
|
23
|
+
::Dust.print_failed "domain cannot be empty, skipping", :indent => 2
|
24
|
+
next
|
25
|
+
end
|
26
|
+
|
27
|
+
unless rule['value']
|
28
|
+
::Dust.print_failed "value cannot be empty, skipping", :indent => 2
|
29
|
+
next
|
30
|
+
end
|
31
|
+
|
32
|
+
unless items.include? rule['item']
|
33
|
+
::Dust.print_failed "'#{rule['item']}' is not a valid item, skipping. valid items: #{items.join(',')}", :indent => 2
|
34
|
+
next
|
35
|
+
end
|
36
|
+
|
37
|
+
unless types.include? rule['type']
|
38
|
+
::Dust.print_failed "'#{rule['type']}' is not a valid type, skipping. valid types: #{types.join(',')}", :indent => 2
|
39
|
+
next
|
40
|
+
end
|
41
|
+
|
42
|
+
# assemble rule
|
43
|
+
line = "#{rule['domain']}\t#{rule['type']}\t#{rule['item']}\t#{rule['value']}\n"
|
44
|
+
::Dust.print_ok "adding '#{line.chomp}'", :indent => 2
|
45
|
+
limits_conf << line
|
46
|
+
end
|
47
|
+
|
48
|
+
# deploy rule file
|
49
|
+
::Dust.print_msg "deploying limits to /etc/security/limits.d/#{name}"
|
50
|
+
::Dust.print_result @node.write("/etc/security/limits.d/#{name}", limits_conf, :quiet => true)
|
51
|
+
puts
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
end
|
data/lib/dust/recipes/nginx.rb
CHANGED
@@ -4,7 +4,7 @@ class Nginx < Recipe
|
|
4
4
|
# abort if nginx cannot be installed
|
5
5
|
return unless @node.install_package 'nginx'
|
6
6
|
|
7
|
-
@node.
|
7
|
+
@node.deploy_file "#{@template_path}/nginx.conf", '/etc/nginx/nginx.conf'
|
8
8
|
|
9
9
|
# remove old sites that may be present
|
10
10
|
::Dust.print_msg 'deleting old sites in /etc/nginx/sites-*'
|
data/lib/dust/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dust-deploy
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.12.
|
4
|
+
version: 0.12.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-05-
|
12
|
+
date: 2012-05-21 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: json
|
@@ -175,9 +175,9 @@ files:
|
|
175
175
|
- lib/dust/recipes/etc_hosts.rb
|
176
176
|
- lib/dust/recipes/hash_check.rb
|
177
177
|
- lib/dust/recipes/iptables.rb
|
178
|
+
- lib/dust/recipes/limits.rb
|
178
179
|
- lib/dust/recipes/locale.rb
|
179
180
|
- lib/dust/recipes/logrotate.rb
|
180
|
-
- lib/dust/recipes/memory_limit.rb
|
181
181
|
- lib/dust/recipes/motd.rb
|
182
182
|
- lib/dust/recipes/mysql.rb
|
183
183
|
- lib/dust/recipes/newrelic.rb
|
@@ -1,21 +0,0 @@
|
|
1
|
-
class MemoryLimit < Recipe
|
2
|
-
|
3
|
-
desc 'memory_limit:deploy', 'sets up system wide memory limit per process'
|
4
|
-
def deploy
|
5
|
-
@node.collect_facts
|
6
|
-
|
7
|
-
# get system memory (in kb)
|
8
|
-
system_mem = ::Dust.convert_size @node['memorysize']
|
9
|
-
|
10
|
-
# don't allow a process to use more than 90% of the system memory
|
11
|
-
max_mem = (system_mem * 0.9).to_i
|
12
|
-
|
13
|
-
# if the remaining 10% are more than 512mb, use system_mem - 512mb as max instead
|
14
|
-
threshold = ::Dust.convert_size '512 MB'
|
15
|
-
max_mem = system_mem - threshold if max_mem > threshold
|
16
|
-
|
17
|
-
::Dust.print_msg "setting max memory for a process to #{max_mem} kb"
|
18
|
-
@node.write '/etc/security/limits.d/00-memory-limit', "* hard as #{max_mem}", :quiet => true
|
19
|
-
::Dust.print_ok
|
20
|
-
end
|
21
|
-
end
|