incline 0.2.3 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 300e4465ce0f50f40f653c0745360883e4dbac04
-  data.tar.gz: 7687e46f578f349f292dbf2509822ae8a6657d88
+  metadata.gz: 9fafa45ca265ae7c13ca542ea9d4dd01ab5a052c
+  data.tar.gz: be6b2e8f999070090c9c8367981897e8bd11a069
 SHA512:
-  metadata.gz: 12756d6bbb6f3031afbf5d192319577ef1ef1162327b10f3e4f239377d2090ff0d8bb2471be5577fb92d9a3e624241fb358656db3f0f8cffd8aadaa6a780e704
-  data.tar.gz: 1df7d314dd004917c93a2bf9de2c0016cd2bf187043fef9e2228708abc3fe67cec164a4208104031e08b1c586e96ad654e728653a3936780376a2df653928e19
+  metadata.gz: '03698557ded76bf19a3afdc29e262ffffabbd232fcb4da4d382a854c297893c573ef88c7b1f91cd099e53b50862fbb2a22c2b801362725a9f93a257e0631e494'
+  data.tar.gz: dd2902766035cec343433b373e61b5d6f7f4ca4d376945fe67ba870d674c9b615baf21c3517a47dc7238685603dd8e01b389ad3ca4ef06dde7f0c8186c534762

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    incline (0.2.3)
+    incline (0.2.4)
       ansi (~> 1.5.0)
       bcrypt
       bootstrap-sass
@@ -13,52 +13,52 @@ PATH
       rails (~> 4.2.8)
       redcarpet (~> 3.4.0)
       sass-rails (~> 5.0.6)
-      shells (~> 0.1.9)
+      shells (~> 0.1.15)
       spawnling (~> 2.1.6)
       uglifier
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (4.2.8)
-      actionpack (= 4.2.8)
-      actionview (= 4.2.8)
-      activejob (= 4.2.8)
+    actionmailer (4.2.9)
+      actionpack (= 4.2.9)
+      actionview (= 4.2.9)
+      activejob (= 4.2.9)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (4.2.8)
-      actionview (= 4.2.8)
-      activesupport (= 4.2.8)
+    actionpack (4.2.9)
+      actionview (= 4.2.9)
+      activesupport (= 4.2.9)
       rack (~> 1.6)
       rack-test (~> 0.6.2)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.8)
-      activesupport (= 4.2.8)
+    actionview (4.2.9)
+      activesupport (= 4.2.9)
       builder (~> 3.1)
       erubis (~> 2.7.0)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (4.2.8)
-      activesupport (= 4.2.8)
+    activejob (4.2.9)
+      activesupport (= 4.2.9)
       globalid (>= 0.3.0)
-    activemodel (4.2.8)
-      activesupport (= 4.2.8)
+    activemodel (4.2.9)
+      activesupport (= 4.2.9)
       builder (~> 3.1)
-    activerecord (4.2.8)
-      activemodel (= 4.2.8)
-      activesupport (= 4.2.8)
+    activerecord (4.2.9)
+      activemodel (= 4.2.9)
+      activesupport (= 4.2.9)
       arel (~> 6.0)
     activerecord-sqlserver-adapter (4.2.18)
       activerecord (~> 4.2.1)
-    activesupport (4.2.8)
+    activesupport (4.2.9)
       i18n (~> 0.7)
       minitest (~> 5.1)
       thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
     ansi (1.5.0)
     arel (6.0.4)
-    autoprefixer-rails (7.1.2.3)
+    autoprefixer-rails (7.1.2.4)
       execjs
     bcrypt (3.1.11)
     bootstrap-sass (3.3.7)
@@ -85,7 +85,7 @@ GEM
     ffi (1.9.18)
     globalid (0.4.0)
       activesupport (>= 4.2.0)
-    i18n (0.8.1)
+    i18n (0.8.6)
     jbuilder (2.7.0)
       activesupport (>= 4.2.0)
       multi_json (>= 1.2)
@@ -100,25 +100,25 @@ GEM
     mime-types (3.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
-    mini_portile2 (2.1.0)
-    minitest (5.10.2)
+    mini_portile2 (2.2.0)
+    minitest (5.10.3)
     multi_json (1.12.1)
-    net-ssh (3.0.2)
-    nokogiri (1.7.2)
-      mini_portile2 (~> 2.1.0)
+    net-ssh (4.1.0)
+    nokogiri (1.8.0)
+      mini_portile2 (~> 2.2.0)
     rack (1.6.8)
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails (4.2.8)
-      actionmailer (= 4.2.8)
-      actionpack (= 4.2.8)
-      actionview (= 4.2.8)
-      activejob (= 4.2.8)
-      activemodel (= 4.2.8)
-      activerecord (= 4.2.8)
-      activesupport (= 4.2.8)
+    rails (4.2.9)
+      actionmailer (= 4.2.9)
+      actionpack (= 4.2.9)
+      actionview (= 4.2.9)
+      activejob (= 4.2.9)
+      activemodel (= 4.2.9)
+      activerecord (= 4.2.9)
+      activesupport (= 4.2.9)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 4.2.8)
+      railties (= 4.2.9)
       sprockets-rails
     rails-deprecated_sanitizer (1.0.3)
       activesupport (>= 4.2.0.alpha)
@@ -128,9 +128,9 @@ GEM
       rails-deprecated_sanitizer (>= 1.0.1)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
-    railties (4.2.8)
-      actionpack (= 4.2.8)
-      activesupport (= 4.2.8)
+    railties (4.2.9)
+      actionpack (= 4.2.9)
+      activesupport (= 4.2.9)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rake (12.0.0)
@@ -151,8 +151,8 @@ GEM
       sprockets (>= 2.8, < 4.0)
       sprockets-rails (>= 2.0, < 4.0)
       tilt (>= 1.1, < 3)
-    shells (0.1.10)
-      net-ssh (~> 3.0.2)
+    shells (0.1.15)
+      net-ssh (~> 4.1.0)
       rubyserial (~> 0.4.0)
     spawnling (2.1.6)
     sprockets (3.7.1)

data/lib/incline/auth_engine_base.rb

@@ -45,7 +45,7 @@ module Incline
     private
 
     def purge_old_history_for(user, max_months = 2)
-      user.login_histories.where('"incline_user_login_histories"."created_at" <= ?', Time.now - max_months.months).delete_all
+      user.login_histories.where('incline_user_login_histories.created_at <= ?', Time.now - max_months.months).delete_all
     end
 
   end

data/lib/incline/cli/errors.rb

@@ -2,7 +2,14 @@ module Incline
   class CLI
 
     class CliError < ::RuntimeError; end
-    class UsageError < CliError; end
+    class UsageError < CliError
+      attr_accessor :command
+      def initialize(msg, command = nil)
+        super msg
+        self.command = command
+      end
+      
+    end
 
   end
 end

data/lib/incline/cli/helpers/yaml.rb

@@ -362,7 +362,7 @@ module Incline
                 base_key << line[:key]
 
                 last_line = {
-                    key: base_key,
+                    key: base_key.dup,
                     value: line[:value].to_s,
                     comment: line[:comment],
                     safe: true
@@ -518,6 +518,23 @@ module Incline
         def =~(regexp)
           @content =~ regexp
         end
+        
+        ##
+        # Inserts a comment to the beginning of the contents.
+        def insert_comment(text)
+          text = '# ' + text.gsub("\r\n", "\n").gsub("\n", "\n# ") + "\n"
+          @content = @content.insert(0, text)
+        end
+        
+        ##
+        # Appends a comment to the end of the contents.
+        def append_comment(text)
+          text = '# ' + text.gsub("\r\n", "\n").gsub("\n", "\n# ") + "\n"
+          unless @content[-1] == "\n"
+            @content += "\n"
+          end
+          @content += text
+        end
 
         private
 

data/lib/incline/cli/prepare/add_deploy_user.rb

@@ -0,0 +1,63 @@
+
+module Incline
+  class CLI
+    class Prepare
+      
+      private
+      
+      def user_process_list(shell, user)
+        shell.sudo_exec_ignore_code("pgrep -u #{@options[:deploy_user]}").to_s.split("\n").map(&:strip).reject{|s| s == ''}
+      end
+      
+      def kill_processes(shell, user, signal)
+        if user_process_list(shell, user).any?
+          shell.sudo_exec_ignore_code "pkill -#{signal} -u #{user}"
+          et = Time.now + 5
+          while Time.now < et
+            return true if user_process_list(shell, user).empty?
+            sleep 1
+          end
+          user_process_list(shell,user).any?
+        else
+          true
+        end
+      end
+      
+      def add_deploy_user(shell)
+        # clean up first
+        unless shell.get_user_id(@options[:deploy_user]) == 0
+          shell.with_stat('Removing previous deploy user') do
+            unless kill_processes(shell, @options[:deploy_user], 'TERM')
+              unless kill_processes(shell, @options[:deploy_user], 'KILL')
+                raise CliError, "Failed to kill all processes owned by #{@options[:deploy_user]}."
+              end
+            end
+            # remove crontab for user.
+            shell.sudo_exec_ignore_code "crontab -u #{@options[:deploy_user]} -r"
+            # remove at jobs for user.
+            shell.sudo_exec_ignore_code "find /var/spool/cron/atjobs -name \"[^.]*\" -type f -user #{@options[:deploy_user]} -delete"
+            # remove the user.
+            shell.sudo_exec "userdel -r #{@options[:deploy_user]}"
+            # remove the main user group.
+            shell.sudo_exec_ignore_code "groupdel #{@options[:deploy_user]}"
+          end
+        end
+
+        shell.with_stat('Adding deploy user') do
+          # create the user.
+          shell.sudo_exec "useradd -mU -s /bin/bash #{@options[:deploy_user]}"
+          shell.sudo_exec "printf \"#{@options[:deploy_password]}\\n#{@options[:deploy_password]}\\n\" | passwd #{@options[:deploy_user]}"
+
+          # add the user's group to the admin user.
+          shell.sudo_exec "usermod -G #{@options[:deploy_user]} -a #{@options[:admin_user]}"
+
+          # set the permissions on the user's home directory.
+          # it should be /home/deploy or some such, but let's not assume so.
+          @options[:deploy_home] = shell.exec("eval echo \"~#{@options[:deploy_user]}\"").split("\n").first.strip
+          shell.sudo_exec "chown #{@options[:deploy_user]}:#{@options[:deploy_user]} #{@options[:deploy_home]} && chmod 755 #{@options[:deploy_home]}"
+        end
+      end
+      
+    end
+  end
+end

data/lib/incline/cli/prepare/config_passenger.rb

@@ -0,0 +1,178 @@
+
+module Incline
+  class CLI
+    class Prepare
+
+      PASSENGER_ROOT_PLACEHOLDER = /\?\?PR/
+      DEPLOY_HOME_PLACEHOLDER = /\?\?DH/
+      INST_REG_COMMENT_PLACEHOLDER = /\?\?IR/
+
+      PASSENGER_ROOT_PATH = 'ruby/vendor_ruby/phusion_passenger/locations.ini'
+      PASSENGER_ROOT_SEARCH = %w(/usr/share /usr/lib)
+
+      NGINX_CONFIG = <<-EOCFG
+# General nginx configuration from Incline prepare script.
+# Configuration file generated #{Time.now}.
+
+user              ruby-apps;
+worker_processes  1;
+error_log         /var/log/nginx/error.log;
+pid               /run/nginx.pid;
+
+events {
+  worker_connections 1024;
+}
+
+http {
+  ##
+  # Basic Settings
+  ##
+
+  include /etc/nginx/mime.types;
+  default_type application/octet-stream;
+
+  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                    '$status $body_bytes_sent "$http_referer" '
+                    '"$http_user_agent" "$http_x_forwarded_for"';
+  access_log        /var/log/nginx/access.log  main;
+
+  sendfile on;
+  index             index.html index.htm;
+
+  tcp_nopush on;
+  tcp_nodelay on;
+  keepalive_timeout 65;
+  types_hash_max_size 2048;
+
+  ##
+  # SSL Settings
+  ##
+
+  ssl_protocols           TLSv1 TLSv1.1 TLSv1.2;
+  ssl_ciphers             DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
+  ssl_prefer_server_ciphers on;
+  ssl_session_cache       shared:SSL:10m;
+  ssl_session_timeout     5m;
+  ssl_dhparam             /var/ssl/dhparams.pem;
+
+  ##
+  # Phusion Passenger settings
+  ##
+
+  passenger_root                  ??PR;
+  passenger_ruby                  ??DH/.rbenv/shims/ruby;
+  passenger_log_level             1;
+  ??IRpassenger_instance_registry_dir /var/run/passenger-instreg;
+
+  ##
+  # Default server settings
+  ##
+
+  server {
+    listen 80 default_server;
+    listen [::]:80 default_server ipv6only=on;
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    ssl_certificate       /var/ssl/ssl.crt;
+    ssl_certificate_key   /var/ssl/ssl.key;
+
+    # Set this as appropriate.
+    server_name localhost;
+
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    keepalive_timeout 70;
+
+    include /etc/nginx/locations-enabled/*;
+  }
+}
+      EOCFG
+
+      DEFAULT_LOC = <<-EOCFG
+# This is a sample rails app configuration that also happens to take care of ignoring zombie requests.
+# See the fly_trap app's README for more information about it.
+location / {
+  # path to the public folder in your app.
+  root                ??DH/apps/fly_trap/public;
+
+  # path rails will use as the root path, should match the path provided to location above.
+  passenger_base_uri  /;
+
+  rails_env           production;
+  passenger_enabled   on;
+}
+      EOCFG
+
+
+
+      private_constant :NGINX_CONFIG, :DEFAULT_LOC, :PASSENGER_ROOT_PLACEHOLDER, :DEPLOY_HOME_PLACEHOLDER, :PASSENGER_ROOT_PATH, :PASSENGER_ROOT_SEARCH, :INST_REG_COMMENT_PLACEHOLDER
+
+
+      private
+      
+      def config_passenger(shell)
+        shell.with_stat('Configuring Passenger') do
+          
+          # add the ruby-apps user.
+          if shell.get_user_id('ruby-apps') == 0
+            shell.sudo_exec "useradd -mU ruby-apps"
+          end
+          
+          # add ruby-apps and deploy groups to each other.
+          shell.sudo_exec_ignore_code "usermod -G ruby-apps -a #{@options[:deploy_user]}"
+          shell.sudo_exec_ignore_code "usermod -G #{@options[:deploy_user]} -a ruby-apps"
+
+          # backup and remove the original configuration.
+          shell.sudo_exec 'if [ ! -f /etc/nginx/nginx.conf.original ]; then mv -f /etc/nginx/nginx.conf /etc/nginx/nginx.conf.original; fi'
+
+          # get the passenger_root path.
+          pr_path = shell.sudo_exec_ignore_code "ls {#{PASSENGER_ROOT_SEARCH.join(',')}}/#{PASSENGER_ROOT_PATH} 2>/dev/null"
+          pr_path = pr_path.to_s.split("\n").first.to_s.strip
+          raise CliError, 'Failed to locate passenger_root path' if pr_path == ''
+          
+          # write the new configuration to a temporary file.
+          shell.write_file(
+              "#{shell.home_path}/nginx.conf",
+              NGINX_CONFIG
+                  .gsub(PASSENGER_ROOT_PLACEHOLDER, pr_path)
+                  .gsub(DEPLOY_HOME_PLACEHOLDER, @options[:deploy_home])
+                  .gsub(INST_REG_COMMENT_PLACEHOLDER, host_id == :centos ? '' : '# ')
+          )
+
+          # move it where it belongs.
+          shell.sudo_exec "mv -f #{shell.home_path}/nginx.conf /etc/nginx/nginx.conf"
+          shell.sudo_exec 'chown root:root /etc/nginx/nginx.conf && chmod 644 /etc/nginx/nginx.conf'
+
+          # create the location folders.
+          %w(locations-available locations-enabled).each do |loc|
+            loc = "/etc/nginx/#{loc}"
+            shell.sudo_exec "if [ ! -d #{loc} ]; then mkdir #{loc}; fi"
+            shell.sudo_exec "chown #{@options[:deploy_user]}:root #{loc} && chmod 6755 #{loc}"
+          end
+
+          # create the default location.
+          shell.write_file(
+              "#{shell.home_path}/default.loc",
+              DEFAULT_LOC
+                  .gsub(PASSENGER_ROOT_PLACEHOLDER, pr_path)
+                  .gsub(DEPLOY_HOME_PLACEHOLDER, @options[:deploy_home])
+          )
+          shell.sudo_exec "mv -f #{shell.home_path}/default.loc /etc/nginx/locations-available/default"
+          shell.sudo_exec "chown #{@options[:deploy_user]}:root /etc/nginx/locations-available/default && chmod 644 /etc/nginx/locations-available/default"
+          shell.sudo_exec "ln -s /etc/nginx/locations-available/default /etc/nginx/locations-enabled/default"
+
+          # create the SSL files.
+          shell.sudo_exec 'if [ ! -d /var/ssl ]; then mkdir /var/ssl; fi'
+          shell.sudo_exec 'chown ruby-apps:root /var/ssl && chmod 700 /var/ssl'
+          # strengthen SSL by using unique dhparams
+          shell.sudo_exec 'openssl dhparam -out /var/ssl/dhparams.pem 2048'
+          # generate a generic self-signed certificate to get started with.
+          shell.sudo_exec "openssl req -x509 -nodes -days 365 -newkey rsa:4096 -subj \"/C=#{@options[:ssl_country]}/ST=#{@options[:ssl_state]}/L=#{@options[:ssl_location]}/O=#{@options[:ssl_org]}/CN=$(hostname -f)\" -keyout /var/ssl/ssl.key -out /var/ssl/ssl.crt"
+          shell.sudo_exec 'chown ruby-apps:root /var/ssl/* -R && chmod 600 /var/ssl/*'
+        end
+      end
+      
+    end
+  end
+end

data/lib/incline/cli/prepare/config_ssh.rb

@@ -0,0 +1,33 @@
+
+module Incline
+  class CLI
+    class Prepare
+      
+      private
+      
+      def config_ssh(shell)
+        pa_rex = /#\s*PubkeyAuthentication\s+[^\n]*\n/
+        rl_rex = /#\s*PermitRootLogin\s+[^\n]*\n/
+
+        shell.with_stat('Configuring SSH') do
+          shell.sudo_exec "cp -f /etc/ssh/sshd_config #{shell.home_path}/tmp_sshd_conf"
+          contents = shell.read_file("#{shell.home_path}/tmp_sshd_conf")
+          new_contents = contents.gsub(pa_rex, "PubkeyAuthentication yes\n").gsub(rl_rex, "PermitRootLogin no\n")
+          if new_contents != contents
+            shell.write_file "#{shell.home_path}/tmp_sshd_conf", new_contents
+            shell.sudo_exec "chown root:root #{shell.home_path}/tmp_sshd_conf"
+            shell.sudo_exec "chmod 600 #{shell.home_path}/tmp_sshd_conf"
+            shell.sudo_exec "mv -f #{shell.home_path}/tmp_sshd_conf /etc/ssh/sshd_config"
+            
+            begin
+              shell.sudo_exec_ignore_code 'systemctl restart sshd.service'
+            rescue
+              # ignore any errors from the SSH restart since we should be exiting the SSH session immediately after this gets executed anyway.
+            end
+          end
+        end
+      end
+      
+    end
+  end
+end

data/lib/incline/cli/prepare/create_nginx_utils.rb

@@ -0,0 +1,52 @@
+
+module Incline
+  class CLI
+    class Prepare
+      
+      # create setuid utilities to test the config and reload the config.
+      
+      UTIL_NGINX_RELOAD = <<-EOU
+#include <unistd.h>
+
+int main(int argc, char **argv)
+{
+  const char *args[] = { "??NG", "-s", "reload", NULL };
+  setuid(0);
+  execv(args[0], (char **)args);
+  return 0;
+}
+      EOU
+
+      UTIL_NGINX_TEST = <<-EOU
+#include <unistd.h>
+
+int main(int argc, char **argv)
+{
+  const char *args[] = { "??NG", "-t", "-q", NULL };
+  setuid(0);
+  execv(args[0], (char **)args);
+  return 0;
+}
+      EOU
+
+
+      private_constant :UTIL_NGINX_RELOAD, :UTIL_NGINX_TEST
+      
+      private
+      
+      def create_nginx_utils(shell)
+        shell.with_status('Creating utilities') do
+          nginx_path = shell.exec("which nginx").split("\n").first.to_s.strip
+  
+          { 'nginx-reload' => UTIL_NGINX_RELOAD, 'nginx-test' => UTIL_NGINX_TEST }.each do |util,src|
+            shell.write_file "#{shell.home_path}/temp-util.c", src.gsub("??NG", nginx_path)
+            shell.exec "gcc -o #{shell.home_path}/#{util} #{shell.home_path}/temp-util.c"
+            shell.sudo_exec "chown root:root #{shell.home_path}/#{util} && chmod 4755 #{shell.home_path}/#{util}"
+            shell.sudo_exec "mv -f #{shell.home_path}/#{util} /usr/local/bin/#{util}"
+            shell.exec "rm #{shell.home_path}/temp-util.c"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/incline/cli/prepare/extend_shell.rb

@@ -0,0 +1,102 @@
+module Incline
+  class CLI
+    class Prepare
+      
+      private
+
+      # Add full logging to the shell along with a few helper methods.
+      # The prefix is used to identify the shell creating the messages and will be prefixed to each line in the log.
+      def extend_shell(sh, prefix)
+        logfile.write "\n" + prefix
+        sh.instance_variable_set :@prep_log, logfile
+        sh.instance_variable_set :@prep_prefix, "\n#{prefix}"
+        sh.instance_variable_set :@stat_count, -1
+        sh.instance_variable_set :@stat_every, 128
+        sh.instance_variable_set :@home_path, nil
+
+        def sh.home_path
+          @home_path ||= exec_ignore_code("eval echo \"~#{@options[:user]}\"").to_s.split("\n").first.to_s.strip
+        end
+
+        def sh.with_stat(status, stat_every = 128)
+          if @stat_count > -1
+            yield
+          else
+            @stat_count = 0
+            @stat_every = stat_every < 1 ? 128 : stat_every
+            print status
+            yield
+            print "\n"
+            @stat_count = -1
+            @stat_every = 128
+          end
+        end
+
+        def sh.exec(cmd, options = {}, &block)
+          super(cmd, options) do |data, type|
+            @prep_log.write data.gsub("\n", @prep_prefix)
+            @prep_log.flush
+            if @stat_count > -1
+              @stat_count += data.length
+              while @stat_count >= @stat_every
+                @stat_count -= @stat_every
+                print '.'
+              end
+            end
+            if block
+              block.call data, type
+            else
+              nil
+            end
+          end
+        end
+
+        def sh.stat_exec(status, cmd, options = {}, &block)
+          with_stat(status) { exec(cmd, options, &block) }
+        end
+
+        def sh.sudo_stat_exec(status, cmd, options = {}, &block)
+          with_stat(status) { sudo_exec(cmd, options, &block) }
+        end
+
+        def sh.apt_get(command)
+          sudo_exec "DEBIAN_FRONTEND=noninteractive apt-get -y -q #{command}"
+        end
+
+        def sh.get_user_id(user)
+          result = exec_ignore_code("id -u #{user} 2>/dev/null").to_s.split("\n")
+          result.any? ? result.first.strip.to_i : 0
+        end
+
+        def sh.host_info
+          @host_info ||=
+              begin
+                results = exec('cat /etc/*-release').split("\n").map{|s| s.strip}.reject{|s| s == ''}
+                info = {}
+
+                results.each do |line|
+                  if line.include?('=')
+                    var,_,val = line.partition('=').map{|s| s.strip}
+                    val = val[1...-1] if val[0] == '"' && val[-1] == '"'
+                    var.upcase!
+                    info[var] = val
+                  end
+                end
+
+                info['ID'] = (info['ID'] || 'unknown').downcase.to_sym
+                info['NAME'] ||= info['ID'].to_s
+                info['VERSION'] ||= '??'
+                info['PRETTY_NAME'] ||= "#{info['NAME']} #{info['VERSION']}"
+
+                puts info['PRETTY_NAME']
+
+                info
+              end
+        end
+
+        sh
+      end
+      
+    end
+  end
+end

data/lib/incline/cli/prepare/install_db.rb

@@ -0,0 +1,21 @@
+
+module Incline
+  class CLI
+    class Prepare
+      
+      private
+      
+      def install_db(shell)
+        shell.with_stat('Installing MariaDB') do
+          shell.sudo_exec 'debconf-set-selections <<< \'mariadb-server mysql-server/root_password password \''
+          shell.sudo_exec 'debconf-set-selections <<< \'mariadb-server mysql-server/root_password_again password \''
+          shell.apt_get 'install mariadb-server mariadb-client libmysqlclient-dev'
+          shell.sudo_exec_ignore_code 'systemctl stop mysql.service'
+          shell.sudo_exec 'systemctl start mysql.service'
+          shell.sudo_exec 'systemctl enable mysql.service'
+        end
+      end
+      
+    end
+  end
+end