freighthop 0.0.1

data/lib/freighthop.rb

@@ -0,0 +1,50 @@
+require 'pathname'
+require_relative 'freighthop/version'
+
+unless defined? Vagrant
+  raise "i expect to be required from a Vagrantfile"
+end
+
+module Freighthop
+  class << self
+    def vmware?
+      !!(defined? HashiCorp)
+    end
+
+    def host_rails_root
+      @rails_root ||= begin
+        Pathname.pwd.tap do |pwd|
+          unless pwd.join('config', 'boot.rb').file?
+            raise 'run me with a rails app as PWD, using VAGRANT_CWD to refer to my directory'
+          end
+        end
+      end
+    end
+
+    def guest_rails_root
+      "/srv/#{app_name}"
+    end
+
+    def app_name
+      @app_name ||= host_rails_root.basename.to_s
+    end
+
+    def hostname
+      "#{app_name}.vagrant.dev"
+    end
+
+    def ip_address
+      "10.20.1.#{app_name.getbyte(0)}"
+    end
+
+    def box_url
+      if vmware?
+        'http://files.vagrantup.com/precise64_vmware.box'
+      else
+        'http://files.vagrantup.com/precise64.box'
+      end
+    end
+  end
+end
+
+

data/lib/freighthop/version.rb

@@ -0,0 +1,3 @@
+module Freighthop
+  VERSION = "0.0.1"
+end

data/local_modules/freighthop/files/bundler/freighthop.gemfile

@@ -0,0 +1,3 @@
+eval(File.read('Gemfile'))
+
+gem 'puma'

data/local_modules/freighthop/files/puma/upstart/puma-manager.conf

@@ -0,0 +1,31 @@
+# /etc/init/puma-manager.conf - manage a set of Pumas
+
+# This example config should work with Ubuntu 12.04+.  It
+# allows you to manage multiple Puma instances with
+# Upstart, Ubuntu's native service management tool.
+#
+# See puma.conf for how to manage a single Puma instance.
+#
+# Use "stop puma-manager" to stop all Puma instances.
+# Use "start puma-manager" to start all instances.
+# Use "restart puma-manager" to restart all instances.
+# Crazy, right?
+#
+
+description "Manages the set of puma processes"
+
+# This starts upon bootup and stops on shutdown
+start on runlevel [2345]
+stop on runlevel [06]
+
+# Set this to the number of Puma processes you want
+# to run on this machine
+env PUMA_CONF="/etc/puma.conf"
+
+pre-start script
+  for i in `cat $PUMA_CONF`; do
+    app=`echo $i | cut -d , -f 1`
+    logger -t "puma-manager" "Starting $app"
+    start puma app=$app
+  done
+end script

data/local_modules/freighthop/manifests/bundler.pp

@@ -0,0 +1,34 @@
+class freighthop::bundler(
+  $ruby_version,
+  $app_root,
+){
+  file { "${app_root}/.freighthop.gemfile":
+    ensure => 'file',
+    mode   => '0644',
+    source => 'puppet:///modules/freighthop/bundler/freighthop.gemfile',
+  }
+
+  file { '/etc/profile.d/custom_bundler_gemfile.sh':
+    ensure  => present,
+    mode    => '0755',
+    content => template('freighthop/profile/custom_bundler_gemfile.sh.erb'),
+  }
+
+  exec { 'bundle install':
+    environment => [
+      'BUNDLE_GEMFILE=.freighthop.gemfile',
+      'RBENV_ROOT=/usr/lib/rbenv',
+      "RBENV_VERSION=${ruby_version}",
+    ],
+    cwd         => $app_root,
+    path        => [
+      '/usr/lib/rbenv/shims',
+      '/usr/bin',
+      '/bin',
+    ],
+    logoutput   => true,
+    timeout     => 0,
+    unless      => 'bundle check',
+    require     => File["${app_root}/.freighthop.gemfile"],
+  }
+}

data/local_modules/freighthop/manifests/init.pp

@@ -0,0 +1,55 @@
+class freighthop(
+  $databases,
+  $database_users,
+  $packages        = ['git-core'],
+  $ruby_version    = $freighthop::params::ruby_version,
+  $app_name        = $freighthop::params::app_name,
+  $app_root        = $freighthop::params::app_root,
+  $web_root        = $freighthop::params::web_root,
+  $socket_dir      = $freighthop::params::socket_dir,
+  $socket_path     = $freighthop::params::socket_path,
+  $server_name     = $freighthop::params::server_name,
+  $ssl_cert_path   = $freighthop::params::ssl_cert_path,
+  $ssl_key_path    = $freighthop::params::ssl_key_path,
+) inherits freighthop::params {
+  file { $socket_dir:
+    ensure => directory,
+    owner  => 'vagrant',
+    group  => 'vagrant',
+    mode   => '0755'
+  }
+  class { 'freighthop::pkgs':
+    packages => $packages,
+  }
+  class { 'freighthop::rbenv':
+    ruby_version => $ruby_version
+  }
+  class { 'freighthop::nginx':
+    upstream_socket_path => $socket_path,
+    server_name          => $server_name,
+    web_root             => $web_root,
+    ssl_cert_path        => $ssl_cert_path,
+    ssl_key_path         => $ssl_key_path,
+  }
+  class { 'freighthop::postgres':
+    databases      => $databases,
+    database_users => $database_users,
+  }
+  class { 'freighthop::bundler':
+    ruby_version => $ruby_version,
+    app_root     => $app_root,
+  }
+  class { 'freighthop::puma':
+    app_root    => $app_root,
+    socket_path => $socket_path,
+  }
+
+  File[$socket_dir] ->
+    Class['freighthop::pkgs'] ->
+    Class['freighthop::rbenv'] ->
+    Class['freighthop::nginx'] ->
+    Class['freighthop::postgres'] ->
+    Class['freighthop::bundler'] ->
+    Class['freighthop::puma']
+
+}

data/local_modules/freighthop/manifests/nginx.pp

@@ -0,0 +1,28 @@
+class freighthop::nginx(
+  $upstream_socket_path,
+  $server_name,
+  $web_root,
+  $ssl_cert_path,
+  $ssl_key_path,
+) {
+  $cert_subject = "/C=US/ST=IL/L=Chicago/O=Instructure/CN=${server_name}"
+
+  class {'::nginx':
+    confd_purge => true
+  }
+
+  exec { 'generate-self-signed-ssl-cert':
+    command => "openssl req -x509 -nodes -days 3650 -subj '${cert_subject}' -newkey rsa:1024 -keyout ${ssl_key_path} -out ${ssl_cert_path}",
+    path    => ['/usr/bin'],
+    creates => $ssl_cert_path,
+  }
+
+  file { '/etc/nginx/conf.d/vagrant-rails.conf':
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0644',
+    content => template('freighthop/nginx/vagrant-rails.conf.erb'),
+    notify  => Service['nginx'],
+    require => Exec['generate-self-signed-ssl-cert'],
+  }
+}

data/local_modules/freighthop/manifests/params.pp

@@ -0,0 +1,11 @@
+class freighthop::params {
+  $ruby_version    = '1.9.3-p392'
+  $app_name        = $::hostname
+  $app_root        = "/srv/${app_name}"
+  $web_root        = "${app_root}/public"
+  $socket_dir      = "/var/run/${app_name}"
+  $socket_path     = "${socket_dir}/puma.sock"
+  $server_name     = $::fqdn
+  $ssl_cert_path   = "/etc/ssl/certs/${app_name}.pem"
+  $ssl_key_path    = "/etc/ssl/private/${app_name}.key"
+}

data/local_modules/freighthop/manifests/pkgs.pp

@@ -0,0 +1,7 @@
+class freighthop::pkgs(
+  $packages
+) {
+  package { $packages:
+    ensure => installed
+  }
+}

data/local_modules/freighthop/manifests/postgres.pp

@@ -0,0 +1,28 @@
+class freighthop::postgres(
+  $databases,
+  $database_users
+) {
+  include postgresql::server
+
+  postgresql::pg_hba_rule { 'local-users-get-everything':
+    type        => 'local',
+    database    => 'all',
+    user        => 'all',
+    auth_method => 'trust',
+    order       => '0001',
+  }
+  postgresql::pg_hba_rule { 'local-host-connections-get-everything':
+    type        => 'host',
+    database    => 'all',
+    user        => 'all',
+    address     => '127.0.0.1/32',
+    auth_method => 'trust',
+    order       => '0001',
+  }
+  postgresql::database { $databases: }
+  postgresql::database_user { $database_users:
+    superuser     => true,
+    createdb      => true,
+    createrole    => true,
+  }
+}

data/local_modules/freighthop/manifests/puma.pp

@@ -0,0 +1,36 @@
+class freighthop::puma(
+  $app_root,
+  $socket_path,
+) {
+  package { 'puma':
+    ensure   => 'installed',
+    provider => 'gem'
+  }
+  file { '/etc/init/puma.conf':
+    owner  => 'root',
+    group  => 'root',
+    mode   => '0644',
+    content => template('freighthop/puma/upstart/puma.conf.erb')
+  }
+  file { '/etc/puma.conf':
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0644',
+    content => "${app_root}\n"
+  }
+  file { '/etc/init/puma-manager.conf':
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0644',
+    source  => 'puppet:///modules/freighthop/puma/upstart/puma-manager.conf',
+    require => [
+      File['/etc/init/puma.conf'],
+      File['/etc/puma.conf'],
+    ],
+    notify  => Service['puma-manager']
+  }
+  service { 'puma-manager':
+    ensure   => 'running',
+    provider => 'upstart'
+  }
+}

data/local_modules/freighthop/manifests/rbenv.pp

@@ -0,0 +1,34 @@
+class freighthop::rbenv(
+  $ruby_version
+) {
+  include apt
+  apt::ppa { 'ppa:gds/govuk': }
+  apt::ppa { 'ppa:phinze/rbenv': }
+
+  class { '::rbenv':
+    global_version => $ruby_version,
+    require        => Apt::Ppa['ppa:gds/govuk'],
+  }
+
+  rbenv::version { $ruby_version: }
+
+  # The rbenv puppet module drops $RBENV_ROOT/version but the package from
+  # ppa:gds/govuk is an older version of rbenv that expects $RBENV_ROOT/global;
+  # this is a workaround that uses the installed CLI to fix it.
+  exec { 'fix-rbenv-global-version':
+    command     => "rbenv global ${ruby_version}",
+    unless      => "rbenv global | grep '${ruby_version}'",
+    environment => 'RBENV_ROOT=/usr/lib/rbenv',
+    require     => Rbenv::Version[$ruby_version]
+  }
+
+  Exec {
+    path => [
+      '/usr/local/bin',
+      '/usr/bin',
+      '/usr/sbin',
+      '/bin',
+      '/sbin',
+    ]
+  }
+}

data/local_modules/freighthop/manifests/redis.pp

@@ -0,0 +1,9 @@
+class freighthop::redis {
+  package { 'redis-server':
+    ensure => installed
+  }
+  service { 'redis-server':
+    ensure  => running,
+    require => Package['redis-server']
+  }
+}

data/local_modules/freighthop/templates/nginx/vagrant-rails.conf.erb

@@ -0,0 +1,89 @@
+upstream app_server {
+  # fail_timeout=0 means we always retry an upstream even if it failed
+  # to return a good HTTP response (in case the Unicorn master nukes a
+  # single worker for timing out).
+  server unix:<%= upstream_socket_path %> fail_timeout=0;
+}
+
+server {
+  listen 80 default deferred; # for Linux
+
+  client_max_body_size 4G;
+  server_name <%= server_name %>;
+
+  keepalive_timeout 5;
+
+  # path for static files
+  root <%= web_root %>;
+
+  # Prefer to serve static files directly from nginx to avoid unnecessary
+  # data copies from the application server.
+  try_files $uri/index.html $uri.html $uri @app;
+
+  location @app {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+    # enable this if you forward HTTPS traffic to unicorn,
+    # this helps Rack set the proper URL scheme for doing redirects:
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    # pass the Host: header from the client right along so redirects
+    # can be set properly within the Rack application
+    proxy_set_header Host $http_host;
+
+    # we don't want nginx trying to do something clever with
+    # redirects, we set the Host: header above already.
+    proxy_redirect off;
+
+    proxy_pass http://app_server;
+  }
+
+  # Rails error pages
+  error_page 500 502 503 504 /500.html;
+  location = /500.html {
+    root <%= web_root %>;
+  }
+}
+
+server {
+  listen 443;
+  client_max_body_size 4G;
+  server_name <%= server_name %>;
+
+  keepalive_timeout 5;
+
+  # path for static files
+  root <%= web_root %>;
+
+  ssl on;
+  ssl_certificate <%= ssl_cert_path %>;
+  ssl_certificate_key <%= ssl_key_path %>;
+
+  # Prefer to serve static files directly from nginx to avoid unnecessary
+  # data copies from the application server.
+  try_files $uri/index.html $uri.html $uri @app;
+
+  location @app {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+    # enable this if you forward HTTPS traffic to unicorn,
+    # this helps Rack set the proper URL scheme for doing redirects:
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    # pass the Host: header from the client right along so redirects
+    # can be set properly within the Rack application
+    proxy_set_header Host $http_host;
+
+    # we don't want nginx trying to do something clever with
+    # redirects, we set the Host: header above already.
+    proxy_redirect off;
+
+    proxy_pass http://app_server;
+  }
+
+  # Rails error pages
+  error_page 500 502 503 504 /500.html;
+  location = /500.html {
+    root <%= web_root %>;
+  }
+}

data/local_modules/freighthop/templates/profile/custom_bundler_gemfile.sh.erb

@@ -0,0 +1 @@
+export BUNDLE_GEMFILE=.freighthop.gemfile

data/local_modules/freighthop/templates/puma/upstart/puma.conf.erb

@@ -0,0 +1,51 @@
+# /etc/init/puma.conf - Puma config
+
+# This example config should work with Ubuntu 12.04+.  It
+# allows you to manage multiple Puma instances with
+# Upstart, Ubuntu's native service management tool.
+#
+# See workers.conf for how to manage all Puma instances at once.
+#
+# Save this config as /etc/init/puma.conf then manage puma with:
+#   sudo start puma app=PATH_TO_APP
+#   sudo stop puma app=PATH_TO_APP
+#   sudo status puma app=PATH_TO_APP
+#
+# or use the service command:
+#   sudo service puma {start,stop,restart,status}
+#
+
+description "Puma Background Worker"
+
+# no "start on", we don't want to automatically start
+stop on (stopping puma-manager or runlevel [06])
+
+# change apps to match your deployment user if you want to use this as a less privileged user (recommended!)
+# setuid vagrant
+# setgid vagrant
+
+respawn
+respawn limit 3 30
+
+instance ${app}
+
+script
+# this script runs in /bin/sh by default
+# respawn as bash so we can source in rbenv/rvm
+# quoted heredoc to tell /bin/sh not to interpret
+# variables
+exec /bin/bash <<'EOT'
+  # set HOME to the setuid user's home, there doesn't seem to be a better, portable way
+  export HOME="$(eval echo ~$(id -un))"
+
+  cd $app
+
+  source /etc/profile.d/rbenv.sh
+
+  source /etc/profile.d/custom_bundler_gemfile.sh
+
+  logger -t puma "Starting server: $app"
+
+  exec bundle exec puma -b unix://<%= socket_path %>
+EOT
+end script