dust-deploy 0.12.0 → 0.12.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +8 -1
- data/changelog.md +17 -0
- data/lib/dust/helper.rb +1 -1
- data/lib/dust/recipes/cjdroute.rb +5 -59
- data/lib/dust/recipes/limits.rb +55 -0
- data/lib/dust/recipes/nginx.rb +1 -1
- data/lib/dust/version.rb +1 -1
- metadata +3 -3
- data/lib/dust/recipes/memory_limit.rb +0 -21
data/README.md
CHANGED
@@ -59,7 +59,14 @@ you can then save the file, and tell dust to get to work:
|
|
59
59
|
- checking if rsync is installed [ ok ]
|
60
60
|
|
61
61
|
you should see dust connecting to the node, checking if the requested packages are installed, and if not, install them.
|
62
|
-
|
62
|
+
|
63
|
+
## supported distributions
|
64
|
+
|
65
|
+
dust works with **aptitude**, **yum**, **emerge**, **pacman** (since 0.10.3) and **opkg** (since 0.12.0) systems at the moment (testet with recent versions of **ubuntu**, **debian**, **gentoo**, **fedora**, **scientificlinux**, **centos** and **archlinux** as well as **openwrt**). should work on rhel without any problem, too.
|
66
|
+
|
67
|
+
|
68
|
+
## contribute
|
69
|
+
|
63
70
|
feel free to contribute to dust, so that your system is also supported. contribution is easy! just send me a github pull request. You can find the repository here: https://github.com/kechagia/dust-deploy
|
64
71
|
|
65
72
|
|
data/changelog.md
CHANGED
@@ -1,6 +1,23 @@
|
|
1
1
|
Changelog
|
2
2
|
=============
|
3
3
|
|
4
|
+
0.12.1
|
5
|
+
------------
|
6
|
+
|
7
|
+
- introduces limits recipe, to maintain /etc/security/limits.d/*
|
8
|
+
|
9
|
+
recipes:
|
10
|
+
limits:
|
11
|
+
nginx:
|
12
|
+
- { domain: www-data, type: soft, item: nofile, value: 200000 }
|
13
|
+
- { domain: www-data, type: hard, item: nofile, value: 700000 }
|
14
|
+
|
15
|
+
- nginx recipe now supports erb templates for nginx.conf as well
|
16
|
+
- removes cjdroute public peers, since they are not supported anymore.
|
17
|
+
you should find some friends on irc (efnet #cjdns)
|
18
|
+
- modifies cjdroute recipe, to work with new ./do building setup
|
19
|
+
|
20
|
+
|
4
21
|
0.12.0
|
5
22
|
------------
|
6
23
|
|
data/lib/dust/helper.rb
CHANGED
@@ -15,7 +15,6 @@ class Cjdroute< Recipe
|
|
15
15
|
return unless @node.mkdir "#{@config['build_dir']}/build"
|
16
16
|
|
17
17
|
# compiling action
|
18
|
-
return unless run_cmake
|
19
18
|
return unless run_make
|
20
19
|
|
21
20
|
stop_cjdroute
|
@@ -44,50 +43,6 @@ class Cjdroute< Recipe
|
|
44
43
|
}
|
45
44
|
end
|
46
45
|
|
47
|
-
def public_peers
|
48
|
-
# list of public peers, taken from https://wiki.projectmeshnet.org/Public_peers
|
49
|
-
{
|
50
|
-
# derps nodes
|
51
|
-
'173.255.219.67:10000' => {
|
52
|
-
'password' => 'null',
|
53
|
-
'publicKey' => 'lj52930v1vmg3jqyb399us501svntt499bvgk0c1fud4pmy42gj0.k',
|
54
|
-
'trust' => 5000,
|
55
|
-
'authType' => 1
|
56
|
-
},
|
57
|
-
|
58
|
-
'96.126.112.124:10000' => {
|
59
|
-
'password' => 'null',
|
60
|
-
'publicKey' => '7zy1gb9bw4xp82kjvh66w01jdgh6y3lk7cfnl0pgb0xnn26b2jn0.k',
|
61
|
-
'trust' => 5000,
|
62
|
-
'authType' => 1
|
63
|
-
},
|
64
|
-
|
65
|
-
# rainfly x
|
66
|
-
'76.105.229.241:13982' => {
|
67
|
-
'password' => 'general_public_1985',
|
68
|
-
'publicKey' => '7pu8nlqphgd1bux9sdpjg0c104217r3b3m1bvmdtbn7uwcj5cky0.k',
|
69
|
-
'trust' => 5000,
|
70
|
-
'authType' => 1
|
71
|
-
},
|
72
|
-
|
73
|
-
# grey
|
74
|
-
'199.180.252.227:19081' => {
|
75
|
-
'password' => 'public_7h4yTNEnRSEUvfFLtsM3',
|
76
|
-
'publicKey' => 'z5htnv9jsj85b64cf61lbnl3dmqk5lpv3vxtz9g1jqlvb3b30b90.k',
|
77
|
-
'trust' => 5000,
|
78
|
-
'authType' => 1
|
79
|
-
},
|
80
|
-
|
81
|
-
# ds500ss
|
82
|
-
'87.208.234.24:28078' => {
|
83
|
-
'password' => 'freedomnetsrai9yah4Kic5Kojah5que4xoCh',
|
84
|
-
'publicKey' => 'qb426vh42usw995jy60ll6rtslguv1ylpvwp44ymzky6f0u5qvq0.k',
|
85
|
-
'trust' => 5000,
|
86
|
-
'authType' => 1
|
87
|
-
}
|
88
|
-
}
|
89
|
-
end
|
90
|
-
|
91
46
|
# installs cmake, git and other building tools needed
|
92
47
|
def install_dependencies
|
93
48
|
::Dust.print_msg "installing build dependencies\n"
|
@@ -125,6 +80,10 @@ class Cjdroute< Recipe
|
|
125
80
|
end
|
126
81
|
|
127
82
|
# git pull latest changes
|
83
|
+
::Dust.print_msg "checking out branch '#{@config['git_branch']}'"
|
84
|
+
ret = @node.exec("cd #{@config['build_dir']}; git checkout #{@config['git_branch']}")[:exit_code]
|
85
|
+
return unless Dust.print_result(ret)
|
86
|
+
|
128
87
|
::Dust.print_msg "pulling latest changes from repository\n"
|
129
88
|
ret = @node.exec "cd #{@config['build_dir']}; git pull", :live => true
|
130
89
|
return ::Dust.print_failed 'error pulling from git repository' unless ret[:exit_code] == 0
|
@@ -158,17 +117,9 @@ class Cjdroute< Recipe
|
|
158
117
|
true
|
159
118
|
end
|
160
119
|
|
161
|
-
|
162
|
-
def run_cmake
|
163
|
-
::Dust.print_msg "running cmake\n"
|
164
|
-
ret = @node.exec "export Log_LEVEL=#{@config['loglevel']}; cd #{@config['build_dir']}/build; cmake ..", :live => true
|
165
|
-
return ::Dust.print_failed 'error running cmake' unless ret[:exit_code] == 0
|
166
|
-
true
|
167
|
-
end
|
168
|
-
|
169
120
|
def run_make
|
170
121
|
::Dust.print_msg "compiling cjdns\n"
|
171
|
-
ret = @node.exec "export Log_LEVEL=#{@config['loglevel']}; cd #{@config['build_dir']}
|
122
|
+
ret = @node.exec "export Log_LEVEL=#{@config['loglevel']}; cd #{@config['build_dir']}; ./do", :live => true
|
172
123
|
return ::Dust.print_failed 'error compiling cjdroute' unless ret[:exit_code] == 0
|
173
124
|
true
|
174
125
|
end
|
@@ -187,11 +138,6 @@ class Cjdroute< Recipe
|
|
187
138
|
# parse generated json
|
188
139
|
cjdroute_conf = JSON.parse ret[:stdout]
|
189
140
|
|
190
|
-
# add some public peers, so we can get started directly
|
191
|
-
::Dust.print_msg 'adding public peers', :indent => 2
|
192
|
-
cjdroute_conf['interfaces']['UDPInterface']['connectTo'] = public_peers
|
193
|
-
::Dust.print_ok
|
194
|
-
|
195
141
|
# exchange tun0 with configured tun device
|
196
142
|
cjdroute_conf['router']['interface']['tunDevice'] = @config['tun']
|
197
143
|
|
@@ -0,0 +1,55 @@
|
|
1
|
+
class Limits < Recipe
|
2
|
+
|
3
|
+
desc 'limit:deploy', 'maintains /etc/security/limits.d'
|
4
|
+
def deploy
|
5
|
+
# valid values
|
6
|
+
types = [ 'hard', 'soft' ]
|
7
|
+
items = [ 'core', 'data', 'fsize', 'memlock', 'nofile', 'rss', 'stack', 'cpu',
|
8
|
+
'nproc', 'as', 'maxlogins', 'maxsyslogins', 'priority', 'locks',
|
9
|
+
'sigpending', 'msgqueue', 'nice', 'rtprio', 'chroot' ]
|
10
|
+
|
11
|
+
unless @node.dir_exists? '/etc/security/limits.d'
|
12
|
+
return ::Dust.print_failed 'your system does not support /etc/security/limits.d'
|
13
|
+
end
|
14
|
+
puts
|
15
|
+
|
16
|
+
@config.each do |name, rules|
|
17
|
+
limits_conf = ''
|
18
|
+
::Dust.print_msg "assembling system limits according to rule '#{name}'\n"
|
19
|
+
rules.to_array.each do |rule|
|
20
|
+
|
21
|
+
# check if entry is valid
|
22
|
+
unless rule['domain']
|
23
|
+
::Dust.print_failed "domain cannot be empty, skipping", :indent => 2
|
24
|
+
next
|
25
|
+
end
|
26
|
+
|
27
|
+
unless rule['value']
|
28
|
+
::Dust.print_failed "value cannot be empty, skipping", :indent => 2
|
29
|
+
next
|
30
|
+
end
|
31
|
+
|
32
|
+
unless items.include? rule['item']
|
33
|
+
::Dust.print_failed "'#{rule['item']}' is not a valid item, skipping. valid items: #{items.join(',')}", :indent => 2
|
34
|
+
next
|
35
|
+
end
|
36
|
+
|
37
|
+
unless types.include? rule['type']
|
38
|
+
::Dust.print_failed "'#{rule['type']}' is not a valid type, skipping. valid types: #{types.join(',')}", :indent => 2
|
39
|
+
next
|
40
|
+
end
|
41
|
+
|
42
|
+
# assemble rule
|
43
|
+
line = "#{rule['domain']}\t#{rule['type']}\t#{rule['item']}\t#{rule['value']}\n"
|
44
|
+
::Dust.print_ok "adding '#{line.chomp}'", :indent => 2
|
45
|
+
limits_conf << line
|
46
|
+
end
|
47
|
+
|
48
|
+
# deploy rule file
|
49
|
+
::Dust.print_msg "deploying limits to /etc/security/limits.d/#{name}"
|
50
|
+
::Dust.print_result @node.write("/etc/security/limits.d/#{name}", limits_conf, :quiet => true)
|
51
|
+
puts
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
end
|
data/lib/dust/recipes/nginx.rb
CHANGED
@@ -4,7 +4,7 @@ class Nginx < Recipe
|
|
4
4
|
# abort if nginx cannot be installed
|
5
5
|
return unless @node.install_package 'nginx'
|
6
6
|
|
7
|
-
@node.
|
7
|
+
@node.deploy_file "#{@template_path}/nginx.conf", '/etc/nginx/nginx.conf'
|
8
8
|
|
9
9
|
# remove old sites that may be present
|
10
10
|
::Dust.print_msg 'deleting old sites in /etc/nginx/sites-*'
|
data/lib/dust/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dust-deploy
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.12.
|
4
|
+
version: 0.12.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-05-
|
12
|
+
date: 2012-05-21 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: json
|
@@ -175,9 +175,9 @@ files:
|
|
175
175
|
- lib/dust/recipes/etc_hosts.rb
|
176
176
|
- lib/dust/recipes/hash_check.rb
|
177
177
|
- lib/dust/recipes/iptables.rb
|
178
|
+
- lib/dust/recipes/limits.rb
|
178
179
|
- lib/dust/recipes/locale.rb
|
179
180
|
- lib/dust/recipes/logrotate.rb
|
180
|
-
- lib/dust/recipes/memory_limit.rb
|
181
181
|
- lib/dust/recipes/motd.rb
|
182
182
|
- lib/dust/recipes/mysql.rb
|
183
183
|
- lib/dust/recipes/newrelic.rb
|
@@ -1,21 +0,0 @@
|
|
1
|
-
class MemoryLimit < Recipe
|
2
|
-
|
3
|
-
desc 'memory_limit:deploy', 'sets up system wide memory limit per process'
|
4
|
-
def deploy
|
5
|
-
@node.collect_facts
|
6
|
-
|
7
|
-
# get system memory (in kb)
|
8
|
-
system_mem = ::Dust.convert_size @node['memorysize']
|
9
|
-
|
10
|
-
# don't allow a process to use more than 90% of the system memory
|
11
|
-
max_mem = (system_mem * 0.9).to_i
|
12
|
-
|
13
|
-
# if the remaining 10% are more than 512mb, use system_mem - 512mb as max instead
|
14
|
-
threshold = ::Dust.convert_size '512 MB'
|
15
|
-
max_mem = system_mem - threshold if max_mem > threshold
|
16
|
-
|
17
|
-
::Dust.print_msg "setting max memory for a process to #{max_mem} kb"
|
18
|
-
@node.write '/etc/security/limits.d/00-memory-limit', "* hard as #{max_mem}", :quiet => true
|
19
|
-
::Dust.print_ok
|
20
|
-
end
|
21
|
-
end
|