dust-deploy 0.3.3 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- data/bin/dust +7 -7
- data/changelog.md +9 -0
- data/lib/dust.rb +1 -0
- data/lib/dust/examples/nodes/db-staging.yaml +9 -10
- data/lib/dust/examples/nodes/mail.yaml +2 -1
- data/lib/dust/examples/nodes/mysql-production.yaml +4 -1
- data/lib/dust/examples/nodes/proxy-staging.yaml +4 -12
- data/lib/dust/examples/templates/motd/motd.erb +2 -2
- data/lib/dust/examples/templates/postgres/pacemaker.sh.erb +6 -6
- data/lib/dust/examples/templates/postgres/postgresql.conf.erb +8 -8
- data/lib/dust/examples/templates/postgres/recovery.conf.erb +4 -4
- data/lib/dust/examples/templates/zabbix_agent/zabbix_agentd.conf.erb +13 -13
- data/lib/dust/recipe.rb +15 -0
- data/lib/dust/recipes/aliases.rb +5 -7
- data/lib/dust/recipes/basic_setup.rb +13 -15
- data/lib/dust/recipes/debsecan.rb +7 -7
- data/lib/dust/recipes/duplicity.rb +22 -27
- data/lib/dust/recipes/etc_hosts.rb +6 -8
- data/lib/dust/recipes/iptables.rb +6 -11
- data/lib/dust/recipes/locale.rb +8 -8
- data/lib/dust/recipes/memory_limit.rb +6 -8
- data/lib/dust/recipes/motd.rb +4 -6
- data/lib/dust/recipes/mysql.rb +20 -22
- data/lib/dust/recipes/newrelic.rb +8 -8
- data/lib/dust/recipes/nginx.rb +12 -14
- data/lib/dust/recipes/packages.rb +4 -4
- data/lib/dust/recipes/postgres.rb +53 -61
- data/lib/dust/recipes/rc_local.rb +7 -7
- data/lib/dust/recipes/remove_packages.rb +4 -4
- data/lib/dust/recipes/repositories.rb +18 -18
- data/lib/dust/recipes/resolv_conf.rb +15 -15
- data/lib/dust/recipes/ssh_authorized_keys.rb +12 -14
- data/lib/dust/recipes/unattended_upgrades.rb +16 -18
- data/lib/dust/recipes/zabbix_agent.rb +29 -31
- data/lib/dust/version.rb +1 -1
- metadata +4 -3
@@ -1,23 +1,20 @@
|
|
1
1
|
require 'erb'
|
2
2
|
|
3
|
-
class Duplicity <
|
3
|
+
class Duplicity < Recipe
|
4
4
|
desc 'duplicity:deploy', 'installs and configures duplicity backups'
|
5
|
-
def deploy
|
6
|
-
|
7
|
-
|
8
|
-
return unless node.install_package 'duplicity'
|
5
|
+
def deploy
|
6
|
+
return unless @node.install_package 'duplicity'
|
9
7
|
|
10
8
|
# clear all other duplicity cronjobs that might have been deployed earlier
|
11
|
-
remove_duplicity_cronjobs
|
9
|
+
remove_duplicity_cronjobs
|
12
10
|
|
13
11
|
# return if config simply says 'remove'
|
14
|
-
return if
|
12
|
+
return if @config == 'remove'
|
15
13
|
|
16
|
-
|
17
|
-
config = conf.clone
|
14
|
+
@config.each do |scenario, config|
|
18
15
|
|
19
16
|
# if directory config options is not given, use hostname-scenario
|
20
|
-
config['directory'] ||= "#{node['hostname']}-#{scenario}"
|
17
|
+
config['directory'] ||= "#{@node['hostname']}-#{scenario}"
|
21
18
|
|
22
19
|
# check whether backend is specified, skip to next scenario if not
|
23
20
|
unless config['backend'] and config['passphrase']
|
@@ -31,17 +28,17 @@ class Duplicity < Thor
|
|
31
28
|
end
|
32
29
|
|
33
30
|
# check whether we need ncftp
|
34
|
-
node.install_package 'ncftp' if config['backend'].include? 'ftp://'
|
31
|
+
@node.install_package 'ncftp' if config['backend'].include? 'ftp://'
|
35
32
|
|
36
33
|
# scp backend on centos needs python-pexpect (not needed anymore for newer systems)
|
37
|
-
# node.install_package 'python-pexpect' if config['backend'].include? 'scp://' and node.uses_rpm?
|
34
|
+
# @node.install_package 'python-pexpect' if config['backend'].include? 'scp://' and @node.uses_rpm?
|
38
35
|
|
39
36
|
# add hostkey to known_hosts
|
40
37
|
if config['hostkey']
|
41
38
|
::Dust.print_msg 'checking if ssh key is in known_hosts'
|
42
|
-
unless ::Dust.print_result node.exec("grep -q '#{config['hostkey']}' ~/.ssh/known_hosts")[:exit_code] == 0
|
43
|
-
node.mkdir '~/.ssh', :indent => 2
|
44
|
-
node.append '~/.ssh/known_hosts', config['hostkey'], :indent => 2
|
39
|
+
unless ::Dust.print_result @node.exec("grep -q '#{config['hostkey']}' ~/.ssh/known_hosts")[:exit_code] == 0
|
40
|
+
@node.mkdir '~/.ssh', :indent => 2
|
41
|
+
@node.append '~/.ssh/known_hosts', config['hostkey'], :indent => 2
|
45
42
|
end
|
46
43
|
end
|
47
44
|
|
@@ -49,13 +46,13 @@ class Duplicity < Thor
|
|
49
46
|
cronjob_path = "/etc/cron.#{config['interval']}/duplicity-#{scenario}"
|
50
47
|
|
51
48
|
# adjust and upload cronjob
|
52
|
-
template = ERB.new File.read("#{template_path}/cronjob.erb"), nil, '%<>'
|
49
|
+
template = ERB.new File.read("#{@template_path}/cronjob.erb"), nil, '%<>'
|
53
50
|
::Dust.print_msg "adjusting and deploying cronjob (scenario: #{scenario}, interval: #{config['interval']})\n"
|
54
51
|
config['options'].each { |option| ::Dust.print_ok "adding option: #{option}", :indent => 2 }
|
55
|
-
node.write cronjob_path, template.result(binding)
|
52
|
+
@node.write cronjob_path, template.result(binding)
|
56
53
|
|
57
54
|
# making cronjob executeable
|
58
|
-
node.chmod '0700', cronjob_path
|
55
|
+
@node.chmod '0700', cronjob_path
|
59
56
|
puts
|
60
57
|
end
|
61
58
|
end
|
@@ -63,16 +60,14 @@ class Duplicity < Thor
|
|
63
60
|
|
64
61
|
# print duplicity-status
|
65
62
|
desc 'duplicity:status', 'displays current status of all duplicity backups'
|
66
|
-
def status
|
67
|
-
|
68
|
-
|
69
|
-
return unless node.package_installed? 'duplicity'
|
63
|
+
def status
|
64
|
+
return unless @node.package_installed? 'duplicity'
|
70
65
|
|
71
|
-
|
66
|
+
@config.each do |scenario, conf|
|
72
67
|
config = conf.clone
|
73
68
|
|
74
69
|
# if directory config option is not given, use hostname-scenario
|
75
|
-
config['directory'] ||= "#{node['hostname']}-#{scenario}"
|
70
|
+
config['directory'] ||= "#{@node['hostname']}-#{scenario}"
|
76
71
|
|
77
72
|
# check whether backend is specified, skip to next scenario if not
|
78
73
|
return ::Dust.print_failed 'no backend specified.' unless config['backend']
|
@@ -84,7 +79,7 @@ class Duplicity < Thor
|
|
84
79
|
|
85
80
|
cmd += " |tail -n3 |head -n1" unless options.long?
|
86
81
|
|
87
|
-
ret = node.exec cmd
|
82
|
+
ret = @node.exec cmd
|
88
83
|
|
89
84
|
# check exit code and stdout shouldn't be empty
|
90
85
|
::Dust.print_result( (ret[:exit_code] == 0 and ret[:stdout].length > 0) )
|
@@ -101,9 +96,9 @@ class Duplicity < Thor
|
|
101
96
|
|
102
97
|
private
|
103
98
|
# removes all duplicity cronjobs
|
104
|
-
def remove_duplicity_cronjobs
|
99
|
+
def remove_duplicity_cronjobs
|
105
100
|
::Dust.print_msg 'deleting old duplicity cronjobs'
|
106
|
-
node.rm '/etc/cron.*/duplicity*', :quiet => true
|
101
|
+
@node.rm '/etc/cron.*/duplicity*', :quiet => true
|
107
102
|
::Dust.print_ok
|
108
103
|
end
|
109
104
|
|
@@ -1,14 +1,12 @@
|
|
1
|
-
class EtcHosts <
|
1
|
+
class EtcHosts < Recipe
|
2
2
|
desc 'etc_hosts:deploy', 'deploys /etc/hosts'
|
3
|
-
def deploy
|
4
|
-
|
5
|
-
|
6
|
-
node.scp "#{template_path}/hosts", '/etc/hosts'
|
3
|
+
def deploy
|
4
|
+
@node.scp "#{@template_path}/hosts", '/etc/hosts'
|
7
5
|
|
8
6
|
# restart dns service
|
9
|
-
if options.restart? and
|
10
|
-
node.package_installed?
|
11
|
-
node.restart_service
|
7
|
+
if @options.restart? and @config.is_a? String
|
8
|
+
@node.package_installed? @config
|
9
|
+
@node.restart_service @config
|
12
10
|
end
|
13
11
|
end
|
14
12
|
end
|
@@ -1,14 +1,9 @@
|
|
1
1
|
require 'ipaddress'
|
2
2
|
|
3
|
-
class Iptables <
|
3
|
+
class Iptables < Recipe
|
4
4
|
|
5
5
|
desc 'iptables:deploy', 'configures iptables firewall'
|
6
|
-
def deploy
|
7
|
-
template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
|
8
|
-
@node = node
|
9
|
-
@rules = rules
|
10
|
-
@options = options
|
11
|
-
|
6
|
+
def deploy
|
12
7
|
# list of all tables and chains
|
13
8
|
@tables = {}
|
14
9
|
@tables['ipv4'] = {}
|
@@ -69,7 +64,7 @@ class Iptables < Thor
|
|
69
64
|
# protocol to tcp (if port is given)
|
70
65
|
# and converts non-arrays to arrays, so .each and .combine won't cause hickups
|
71
66
|
def populate_rule_defaults
|
72
|
-
@
|
67
|
+
@config.values.each do |chain_rules|
|
73
68
|
chain_rules.values.each do |rule|
|
74
69
|
rule['table'] ||= ['filter']
|
75
70
|
rule['jump'] ||= ['ACCEPT']
|
@@ -113,9 +108,9 @@ class Iptables < Thor
|
|
113
108
|
def get_chain_policy table, chain
|
114
109
|
# only filter table supports DENY target
|
115
110
|
return 'ACCEPT' unless table == 'filter'
|
116
|
-
return 'ACCEPT' unless @
|
111
|
+
return 'ACCEPT' unless @config[chain.downcase]
|
117
112
|
|
118
|
-
@
|
113
|
+
@config[chain.downcase].values.each do |rule|
|
119
114
|
return 'DROP' if rule['table'].include? table
|
120
115
|
end
|
121
116
|
|
@@ -124,7 +119,7 @@ class Iptables < Thor
|
|
124
119
|
|
125
120
|
# generate iptables rules for table 'table'
|
126
121
|
def generate_rules_for_table table
|
127
|
-
@
|
122
|
+
@config.each do |chain, chain_rules|
|
128
123
|
rules = get_rules_for_table chain_rules, table
|
129
124
|
next if rules.empty?
|
130
125
|
|
data/lib/dust/recipes/locale.rb
CHANGED
@@ -1,13 +1,13 @@
|
|
1
|
-
class Locale <
|
1
|
+
class Locale < Recipe
|
2
2
|
desc 'locale:deploy', 'configures system locale'
|
3
|
-
def deploy
|
4
|
-
if node.uses_apt?
|
5
|
-
::Dust.print_msg "setting locale to '#{
|
6
|
-
node.write '/etc/default/locale', "LANGUAGE=#{
|
3
|
+
def deploy
|
4
|
+
if @node.uses_apt?
|
5
|
+
::Dust.print_msg "setting locale to '#{@config}'"
|
6
|
+
@node.write '/etc/default/locale', "LANGUAGE=#{@config}\nLANG=#{@config}\nLC_ALL=#{@config}\nLC_CTYPE=#{@config}\n", :quiet => true
|
7
7
|
::Dust.print_ok
|
8
|
-
elsif node.uses_rpm?
|
9
|
-
::Dust.print_msg "setting locale to '#{
|
10
|
-
node.write '/etc/sysconfig/i18n', "LANG=\"#{
|
8
|
+
elsif @node.uses_rpm?
|
9
|
+
::Dust.print_msg "setting locale to '#{@config}'"
|
10
|
+
@node.write '/etc/sysconfig/i18n', "LANG=\"#{@config}\"\nLC_ALL=\"#{@config}\"\nSYSFONT=\"latarcyrheb-sun16\"\n", :quiet => true
|
11
11
|
::Dust.print_ok
|
12
12
|
else
|
13
13
|
::Dust.print_failed 'os not supported'
|
@@ -1,12 +1,11 @@
|
|
1
|
-
class MemoryLimit <
|
2
|
-
desc 'memory_limit:deploy', 'sets up system wide memory limit per process'
|
3
|
-
def deploy node, ingredients, options
|
4
|
-
template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
|
1
|
+
class MemoryLimit < Recipe
|
5
2
|
|
6
|
-
|
3
|
+
desc 'memory_limit:deploy', 'sets up system wide memory limit per process'
|
4
|
+
def deploy
|
5
|
+
@node.collect_facts
|
7
6
|
|
8
7
|
# get system memory (in kb)
|
9
|
-
system_mem = ::Dust.convert_size node['memorysize']
|
8
|
+
system_mem = ::Dust.convert_size @node['memorysize']
|
10
9
|
|
11
10
|
# don't allow a process to use more than 90% of the system memory
|
12
11
|
max_mem = (system_mem * 0.9).to_i
|
@@ -16,8 +15,7 @@ class MemoryLimit < Thor
|
|
16
15
|
max_mem = system_mem - threshold if max_mem > threshold
|
17
16
|
|
18
17
|
::Dust.print_msg "setting max memory for a process to #{max_mem} kb"
|
19
|
-
node.write '/etc/security/limits.d/00-memory-limit', "* hard as #{max_mem}", :quiet => true
|
18
|
+
@node.write '/etc/security/limits.d/00-memory-limit', "* hard as #{max_mem}", :quiet => true
|
20
19
|
::Dust.print_ok
|
21
|
-
|
22
20
|
end
|
23
21
|
end
|
data/lib/dust/recipes/motd.rb
CHANGED
@@ -1,12 +1,10 @@
|
|
1
1
|
require 'erb'
|
2
2
|
|
3
|
-
class Motd <
|
3
|
+
class Motd < Recipe
|
4
4
|
desc 'motd:deploy', 'creates message of the day'
|
5
|
-
def deploy
|
6
|
-
template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
|
7
|
-
|
5
|
+
def deploy
|
8
6
|
# configure node using erb template
|
9
|
-
template = ERB.new File.read("#{template_path}/motd.erb"), nil, '%<>'
|
10
|
-
node.write '/etc/motd', template.result(binding)
|
7
|
+
template = ERB.new File.read("#{@template_path}/motd.erb"), nil, '%<>'
|
8
|
+
@node.write '/etc/motd', template.result(binding)
|
11
9
|
end
|
12
10
|
end
|
data/lib/dust/recipes/mysql.rb
CHANGED
@@ -1,49 +1,47 @@
|
|
1
1
|
require 'erb'
|
2
2
|
|
3
|
-
class Mysql <
|
3
|
+
class Mysql < Recipe
|
4
4
|
desc 'mysql:deploy', 'installs and configures mysql database'
|
5
|
-
def deploy
|
6
|
-
|
7
|
-
|
8
|
-
return unless node.uses_apt? :quiet=>false
|
9
|
-
node.install_package 'mysql-server'
|
5
|
+
def deploy
|
6
|
+
return unless @node.uses_apt? :quiet=>false
|
7
|
+
@node.install_package 'mysql-server'
|
10
8
|
|
11
9
|
::Dust.print_msg "configuring mysql\n"
|
12
10
|
|
13
11
|
# defaults
|
14
|
-
config['bind_address'] ||= '127.0.0.1'
|
15
|
-
config['port'] ||= 3306
|
12
|
+
@config['bind_address'] ||= '127.0.0.1'
|
13
|
+
@config['port'] ||= 3306
|
16
14
|
|
17
|
-
::Dust.print_ok "listen on #{config['bind_address']}:#{config['port']}", :indent => 2
|
15
|
+
::Dust.print_ok "listen on #{@config['bind_address']}:#{@config['port']}", :indent => 2
|
18
16
|
|
19
|
-
config['innodb_file_per_table'] ||= 1
|
20
|
-
config['innodb_thread_concurrency'] ||= 0
|
21
|
-
config['innodb_flush_log_at_trx_commit'] ||= 1
|
17
|
+
@config['innodb_file_per_table'] ||= 1
|
18
|
+
@config['innodb_thread_concurrency'] ||= 0
|
19
|
+
@config['innodb_flush_log_at_trx_commit'] ||= 1
|
22
20
|
|
23
21
|
# allocate 70% of the available ram to mysql
|
24
22
|
# but leave max 1gb to system
|
25
|
-
unless config['innodb_buffer_pool_size']
|
23
|
+
unless @config['innodb_buffer_pool_size']
|
26
24
|
::Dust.print_msg 'autoconfiguring innodb buffer size', :indent => 2
|
27
|
-
node.collect_facts :quiet => true
|
25
|
+
@node.collect_facts :quiet => true
|
28
26
|
|
29
27
|
# get system memory (in kb)
|
30
|
-
system_mem = ::Dust.convert_size node['memorysize']
|
28
|
+
system_mem = ::Dust.convert_size @node['memorysize']
|
31
29
|
|
32
30
|
# allocate 70% of the available ram to mysql
|
33
31
|
buffer_pool = (system_mem * 0.70).to_i / 1024
|
34
32
|
|
35
|
-
config['innodb_buffer_pool_size'] = "#{buffer_pool}M"
|
33
|
+
@config['innodb_buffer_pool_size'] = "#{buffer_pool}M"
|
36
34
|
::Dust.print_ok
|
37
35
|
end
|
38
36
|
|
39
|
-
::Dust.print_ok "setting innodb buffer pool to '#{config['innodb_buffer_pool_size']}'", :indent => 2
|
37
|
+
::Dust.print_ok "setting innodb buffer pool to '#{@config['innodb_buffer_pool_size']}'", :indent => 2
|
40
38
|
|
41
|
-
template = ERB.new( File.read("#{template_path}/my.cnf.erb"), nil, '%<>')
|
42
|
-
node.write '/etc/mysql/my.cnf', template.result(binding)
|
43
|
-
node.chmod '644', '/etc/mysql/my.cnf'
|
39
|
+
template = ERB.new( File.read("#{@template_path}/my.cnf.erb"), nil, '%<>')
|
40
|
+
@node.write '/etc/mysql/my.cnf', template.result(binding)
|
41
|
+
@node.chmod '644', '/etc/mysql/my.cnf'
|
44
42
|
|
45
|
-
node.
|
46
|
-
node.
|
43
|
+
@node.restart_service 'mysql-server' if options.restart?
|
44
|
+
@node.reload_service 'mysql-server' if options.reload?
|
47
45
|
end
|
48
46
|
end
|
49
47
|
|
@@ -1,20 +1,20 @@
|
|
1
|
-
class Newrelic <
|
1
|
+
class Newrelic < Recipe
|
2
2
|
desc 'newrelic:deploy', 'installs and configures newrelic system monitoring'
|
3
|
-
def deploy
|
4
|
-
return Dust.print_failed 'no key specified' unless
|
5
|
-
return unless node.uses_apt? :quiet=>false
|
3
|
+
def deploy
|
4
|
+
return Dust.print_failed 'no key specified' unless @config
|
5
|
+
return unless @node.uses_apt? :quiet=>false
|
6
6
|
|
7
7
|
::Dust.print_msg 'updating repositories'
|
8
|
-
::Dust.print_result node.exec('aptitude update')[:exit_code]
|
8
|
+
::Dust.print_result @node.exec('aptitude update')[:exit_code]
|
9
9
|
|
10
|
-
unless node.install_package 'newrelic-sysmond'
|
10
|
+
unless @node.install_package 'newrelic-sysmond'
|
11
11
|
::Dust.print_failed 'installing newrelic monitoring daemon failed, did you setup the newrelic repositories?'
|
12
12
|
return
|
13
13
|
end
|
14
14
|
|
15
15
|
::Dust.print_msg 'configuring new relic server monitoring tool'
|
16
|
-
return unless ::Dust.print_result node.exec("nrsysmond-config --set ssl=true license_key=#{
|
16
|
+
return unless ::Dust.print_result @node.exec("nrsysmond-config --set ssl=true license_key=#{@config}")[:exit_code]
|
17
17
|
|
18
|
-
node.restart_service 'newrelic-sysmond' if options.restart?
|
18
|
+
@node.restart_service 'newrelic-sysmond' if options.restart?
|
19
19
|
end
|
20
20
|
end
|
data/lib/dust/recipes/nginx.rb
CHANGED
@@ -1,31 +1,29 @@
|
|
1
1
|
require 'erb'
|
2
2
|
|
3
|
-
class Nginx <
|
3
|
+
class Nginx < Recipe
|
4
4
|
desc 'nginx:deploy', 'installs and configures nginx web server'
|
5
|
-
def deploy
|
6
|
-
template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
|
7
|
-
|
5
|
+
def deploy
|
8
6
|
# abort if nginx cannot be installed
|
9
|
-
return unless node.install_package('nginx')
|
7
|
+
return unless @node.install_package('nginx')
|
10
8
|
|
11
|
-
node.scp("#{template_path}/nginx.conf", '/etc/nginx/nginx.conf')
|
9
|
+
@node.scp("#{@template_path}/nginx.conf", '/etc/nginx/nginx.conf')
|
12
10
|
|
13
11
|
# remove old sites that may be present
|
14
12
|
::Dust.print_msg 'deleting old sites in /etc/nginx/sites-*'
|
15
|
-
node.rm '/etc/nginx/sites-*/*', :quiet => true
|
13
|
+
@node.rm '/etc/nginx/sites-*/*', :quiet => true
|
16
14
|
::Dust.print_ok
|
17
15
|
|
18
|
-
|
19
|
-
file = "#{template_path}/sites/#{site}"
|
16
|
+
@config.each do |state, site|
|
17
|
+
file = "#{@template_path}/sites/#{site}"
|
20
18
|
|
21
19
|
# if this site is just a regular file, copy it to sites-available
|
22
20
|
if File.exists? file
|
23
|
-
node.scp file, "/etc/nginx/sites-available/#{site}"
|
21
|
+
@node.scp file, "/etc/nginx/sites-available/#{site}"
|
24
22
|
|
25
23
|
# if this site is an erb template, render it and deploy
|
26
24
|
elsif File.exists? "#{file}.erb"
|
27
25
|
template = ERB.new( File.read("#{file}.erb"), nil, '%<>')
|
28
|
-
node.write "/etc/nginx/sites-available/#{site}", template.result(binding)
|
26
|
+
@node.write "/etc/nginx/sites-available/#{site}", template.result(binding)
|
29
27
|
|
30
28
|
# skip to next site if template wasn't found
|
31
29
|
else
|
@@ -36,15 +34,15 @@ class Nginx < Thor
|
|
36
34
|
# symlink to sites-enabled if this is listed as an enabled site
|
37
35
|
if state == 'sites-enabled'
|
38
36
|
::Dust.print_msg "enabling #{site}", :indent => 2
|
39
|
-
::Dust.print_result( node.exec("cd /etc/nginx/sites-enabled && ln -s ../sites-available/#{site} #{site}")[:exit_code] )
|
37
|
+
::Dust.print_result( @node.exec("cd /etc/nginx/sites-enabled && ln -s ../sites-available/#{site} #{site}")[:exit_code] )
|
40
38
|
end
|
41
39
|
end
|
42
40
|
|
43
41
|
# check configuration and restart nginx
|
44
42
|
::Dust.print_msg 'checking nginx configuration'
|
45
|
-
if node.exec('/etc/init.d/nginx configtest')[:exit_code] == 0
|
43
|
+
if @node.exec('/etc/init.d/nginx configtest')[:exit_code] == 0
|
46
44
|
::Dust.print_ok
|
47
|
-
node.restart_service('nginx') if options.restart?
|
45
|
+
@node.restart_service('nginx') if options.restart?
|
48
46
|
else
|
49
47
|
::Dust.print_failed
|
50
48
|
end
|
@@ -1,8 +1,8 @@
|
|
1
|
-
class Packages <
|
1
|
+
class Packages < Recipe
|
2
2
|
desc 'packages:deploy', 'installs packages'
|
3
|
-
def deploy
|
4
|
-
|
5
|
-
node.install_package package
|
3
|
+
def deploy
|
4
|
+
@config.each do |package|
|
5
|
+
@node.install_package package
|
6
6
|
end
|
7
7
|
end
|
8
8
|
end
|
@@ -1,83 +1,81 @@
|
|
1
1
|
require 'erb'
|
2
2
|
|
3
|
-
class Postgres <
|
3
|
+
class Postgres < Recipe
|
4
4
|
desc 'postgres:deploy', 'installs and configures postgresql database'
|
5
|
-
def deploy
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
config['
|
13
|
-
config['
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
config['
|
20
|
-
config['
|
21
|
-
config['archive-dir'] ||= "/var/lib/postgresql/#{config['version']}/#{config['cluster']}-archive"
|
22
|
-
config['service-name'] ||= 'postgresql'
|
5
|
+
def deploy
|
6
|
+
return ::Dust.print_failed 'no version specified' unless @config['version']
|
7
|
+
|
8
|
+
if @node.uses_emerge?
|
9
|
+
return unless @node.package_installed? 'postgresql-server'
|
10
|
+
@config['data-dir'] ||= "/var/lib/postgresql/#{@config['version']}/data"
|
11
|
+
@config['conf-dir'] ||= "/etc/postgresql-#{@config['version']}"
|
12
|
+
@config['archive-dir'] ||= "/var/lib/postgresql/#{@config['version']}/archive"
|
13
|
+
@config['service-name'] ||= "postgresql-#{@config['version']}"
|
14
|
+
|
15
|
+
elsif @node.uses_apt?
|
16
|
+
return unless @node.package_installed? "postgresql-#{@config['version']}"
|
17
|
+
@config['data-dir'] ||= "/var/lib/postgresql/#{@config['version']}/#{@config['cluster']}"
|
18
|
+
@config['conf-dir'] ||= "/etc/postgresql/#{@config['version']}/#{@config['cluster']}"
|
19
|
+
@config['archive-dir'] ||= "/var/lib/postgresql/#{@config['version']}/#{@config['cluster']}-archive"
|
20
|
+
@config['service-name'] ||= 'postgresql'
|
23
21
|
|
24
22
|
else
|
25
23
|
return 'os not supported'
|
26
24
|
end
|
27
25
|
|
28
26
|
|
29
|
-
deploy_file 'postgresql.conf', "#{config['conf-dir']}/postgresql.conf"
|
30
|
-
deploy_file 'pg_hba.conf', "#{config['conf-dir']}/pg_hba.conf"
|
31
|
-
deploy_file 'pg_ident.conf', "#{config['conf-dir']}/pg_ident.conf"
|
27
|
+
deploy_file 'postgresql.conf', "#{@config['conf-dir']}/postgresql.conf"
|
28
|
+
deploy_file 'pg_hba.conf', "#{@config['conf-dir']}/pg_hba.conf"
|
29
|
+
deploy_file 'pg_ident.conf', "#{@config['conf-dir']}/pg_ident.conf"
|
32
30
|
|
33
|
-
node.chmod '644', "#{config['conf-dir']}/postgresql.conf"
|
34
|
-
node.chmod '644', "#{config['conf-dir']}/pg_hba.conf"
|
35
|
-
node.chmod '644', "#{config['conf-dir']}/pg_ident.conf"
|
31
|
+
@node.chmod '644', "#{@config['conf-dir']}/postgresql.conf"
|
32
|
+
@node.chmod '644', "#{@config['conf-dir']}/pg_hba.conf"
|
33
|
+
@node.chmod '644', "#{@config['conf-dir']}/pg_ident.conf"
|
36
34
|
|
37
35
|
# deploy pacemaker script
|
38
|
-
if node.package_installed? 'pacemaker'
|
39
|
-
deploy_file 'pacemaker.sh', "#{config['conf-dir']}/pacemaker.sh"
|
40
|
-
node.chmod '755', "#{config['conf-dir']}/pacemaker.sh"
|
36
|
+
if @node.package_installed? 'pacemaker'
|
37
|
+
deploy_file 'pacemaker.sh', "#{@config['conf-dir']}/pacemaker.sh"
|
38
|
+
@node.chmod '755', "#{@config['conf-dir']}/pacemaker.sh"
|
41
39
|
end
|
42
40
|
|
43
41
|
# copy recovery.conf to either recovery.conf or recovery.done
|
44
42
|
# depending on which file already exists.
|
45
|
-
if node.file_exists? "#{config['data-dir']}/recovery.conf", :quiet => true
|
46
|
-
deploy_file 'recovery.conf', "#{config['data-dir']}/recovery.conf"
|
43
|
+
if @node.file_exists? "#{@config['data-dir']}/recovery.conf", :quiet => true
|
44
|
+
deploy_file 'recovery.conf', "#{@config['data-dir']}/recovery.conf"
|
47
45
|
else
|
48
|
-
deploy_file 'recovery.conf', "#{config['data-dir']}/recovery.done"
|
46
|
+
deploy_file 'recovery.conf', "#{@config['data-dir']}/recovery.done"
|
49
47
|
end
|
50
48
|
|
51
49
|
# deploy certificates to data-dir
|
52
|
-
deploy_file 'server.crt', "#{config['data-dir']}/server.crt"
|
53
|
-
deploy_file 'server.key', "#{config['data-dir']}/server.key"
|
50
|
+
deploy_file 'server.crt', "#{@config['data-dir']}/server.crt"
|
51
|
+
deploy_file 'server.key', "#{@config['data-dir']}/server.key"
|
54
52
|
|
55
|
-
node.chown config['dbuser'], config['data-dir'] if config['dbuser']
|
56
|
-
node.chmod 'u+Xrw,g-rwx,o-rwx', config['data-dir']
|
53
|
+
@node.chown @config['dbuser'], @config['data-dir'] if @config['dbuser']
|
54
|
+
@node.chmod 'u+Xrw,g-rwx,o-rwx', @config['data-dir']
|
57
55
|
|
58
56
|
# create archive dir
|
59
|
-
node.mkdir config['archive-dir']
|
60
|
-
node.chown config['dbuser'], config['archive-dir'] if config['dbuser']
|
61
|
-
node.chmod 'u+Xrw,g-rwx,o-rwx', config['archive-dir']
|
57
|
+
@node.mkdir @config['archive-dir']
|
58
|
+
@node.chown @config['dbuser'], @config['archive-dir'] if @config['dbuser']
|
59
|
+
@node.chmod 'u+Xrw,g-rwx,o-rwx', @config['archive-dir']
|
62
60
|
|
63
61
|
|
64
62
|
# increase shm memory
|
65
|
-
if node.uses_apt?
|
63
|
+
if @node.uses_apt?
|
66
64
|
::Dust.print_msg "setting postgres sysctl keys\n"
|
67
|
-
node.collect_facts :quiet => true
|
65
|
+
@node.collect_facts :quiet => true
|
68
66
|
|
69
67
|
# use half of system memory for shmmax
|
70
|
-
shmmax = ::Dust.convert_size(node['memorysize']) * 1024 / 2
|
68
|
+
shmmax = ::Dust.convert_size(@node['memorysize']) * 1024 / 2
|
71
69
|
shmall = shmmax / 4096 # shmmax/pagesize (pagesize = 4096)
|
72
70
|
|
73
71
|
::Dust.print_msg "setting shmmax to: #{shmmax}", :indent => 2
|
74
|
-
::Dust.print_result node.exec("sysctl -w kernel.shmmax=#{shmmax}")[:exit_code]
|
72
|
+
::Dust.print_result @node.exec("sysctl -w kernel.shmmax=#{shmmax}")[:exit_code]
|
75
73
|
::Dust.print_msg "setting shmall to: #{shmall}", :indent => 2
|
76
|
-
::Dust.print_result node.exec("sysctl -w kernel.shmall=#{shmall}")[:exit_code]
|
74
|
+
::Dust.print_result @node.exec("sysctl -w kernel.shmall=#{shmall}")[:exit_code]
|
77
75
|
::Dust.print_msg 'setting overcommit memory to 2', :indent => 2
|
78
|
-
::Dust.print_result node.exec('sysctl -w vm.overcommit_memory=2')[:exit_code]
|
76
|
+
::Dust.print_result @node.exec('sysctl -w vm.overcommit_memory=2')[:exit_code]
|
79
77
|
::Dust.print_msg 'setting swappiness to 0', :indent => 2
|
80
|
-
::Dust.print_result node.exec('sysctl -w vm.swappiness=0')[:exit_code]
|
78
|
+
::Dust.print_result @node.exec('sysctl -w vm.swappiness=0')[:exit_code]
|
81
79
|
|
82
80
|
file = ''
|
83
81
|
file += "kernel.shmmax=#{shmmax}\n"
|
@@ -85,35 +83,29 @@ class Postgres < Thor
|
|
85
83
|
file += "vm.overcommit_memory=2\n" # don't allocate memory that's not there
|
86
84
|
file += "vm.swappiness=0\n" # rather shrink cache then use swap as filesystem cache
|
87
85
|
|
88
|
-
node.write "/etc/sysctl.d/30-postgresql-shm.conf", file
|
86
|
+
@node.write "/etc/sysctl.d/30-postgresql-shm.conf", file
|
89
87
|
end
|
90
88
|
|
91
89
|
# reload/restart postgres if command line option is given
|
92
|
-
node.restart_service config['service-name'] if options.restart?
|
93
|
-
node.reload_service config['service-name'] if options.reload?
|
90
|
+
@node.restart_service @config['service-name'] if options.restart?
|
91
|
+
@node.reload_service @config['service-name'] if options.reload?
|
94
92
|
end
|
95
93
|
|
96
94
|
private
|
97
|
-
def deploy_file file, target
|
98
|
-
template_path = "./templates/#{ File.basename(__FILE__).chomp( File.extname(__FILE__) ) }"
|
99
|
-
|
100
|
-
# get node and config from binding
|
101
|
-
node = eval 'node', recipe_binding
|
102
|
-
config = eval 'config', recipe_binding
|
103
|
-
|
95
|
+
def deploy_file file, target
|
104
96
|
# if file is just a regular file, copy it to sites-available
|
105
|
-
if File.exists? "#{template_path}/#{file}"
|
106
|
-
node.scp "#{template_path}/#{file}", target
|
97
|
+
if File.exists? "#{@template_path}/#{file}"
|
98
|
+
@node.scp "#{@template_path}/#{file}", target
|
107
99
|
|
108
100
|
# if file is an erb template, render it and deploy
|
109
|
-
elsif File.exists? "#{template_path}/#{file}.erb"
|
101
|
+
elsif File.exists? "#{@template_path}/#{file}.erb"
|
110
102
|
::Dust.print_msg "adjusting and deploying #{file}"
|
111
|
-
template = ERB.new( File.read("#{template_path}/#{file}.erb"), nil, '%<>')
|
112
|
-
::Dust.print_result node.write(target, template.result(binding), :quiet => true)
|
103
|
+
template = ERB.new( File.read("#{@template_path}/#{file}.erb"), nil, '%<>')
|
104
|
+
::Dust.print_result @node.write(target, template.result(binding), :quiet => true)
|
113
105
|
|
114
106
|
# file was not found, return
|
115
107
|
else
|
116
|
-
return ::Dust.print_failed "file '#{template_path}/#{file}' not found."
|
108
|
+
return ::Dust.print_failed "file '#{@template_path}/#{file}' not found."
|
117
109
|
end
|
118
110
|
end
|
119
111
|
|