josh-slicehost 0.0.2.2 → 0.0.2.5

Sign up to get free protection for your applications and to get access to all the features.
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: josh-slicehost
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2.2
4
+ version: 0.0.2.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Joshua Peek
@@ -9,11 +9,12 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-01-25 00:00:00 -08:00
12
+ date: 2009-03-17 00:00:00 -07:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: capistrano
17
+ type: :runtime
17
18
  version_requirement:
18
19
  version_requirements: !ruby/object:Gem::Requirement
19
20
  requirements:
@@ -29,28 +30,8 @@ extensions: []
29
30
 
30
31
  extra_rdoc_files: []
31
32
 
32
- files:
33
- - README
34
- - MIT-LICENSE
35
- - lib/capistrano/ext/slicehost.rb
36
- - lib/capistrano/ext/slicehost
37
- - lib/capistrano/ext/slicehost/disk.rb
38
- - lib/capistrano/ext/slicehost/ruby.rb
39
- - lib/capistrano/ext/slicehost/gems.rb
40
- - lib/capistrano/ext/slicehost/git.rb
41
- - lib/capistrano/ext/slicehost/aptitude.rb
42
- - lib/capistrano/ext/slicehost/slice.rb
43
- - lib/capistrano/ext/slicehost/ssh.rb
44
- - lib/capistrano/ext/slicehost/render.rb
45
- - lib/capistrano/ext/slicehost/apache.rb
46
- - lib/capistrano/ext/slicehost/iptables.rb
47
- - lib/capistrano/ext/slicehost/mysql.rb
48
- - lib/capistrano/ext/slicehost/templates
49
- - lib/capistrano/ext/slicehost/templates/passenger.conf.erb
50
- - lib/capistrano/ext/slicehost/templates/vhost.erb
51
- - lib/capistrano/ext/slicehost/templates/passenger.load.erb
52
- - lib/capistrano/ext/slicehost/templates/sshd_config.erb
53
- - lib/capistrano/ext/slicehost/templates/iptables.erb
33
+ files: []
34
+
54
35
  has_rdoc: false
55
36
  homepage: http://github.com/josh/slicehost
56
37
  post_install_message:
data/MIT-LICENSE DELETED
@@ -1,20 +0,0 @@
1
- Copyright (c) 2009 Joshua Peek
2
-
3
- Permission is hereby granted, free of charge, to any person obtaining
4
- a copy of this software and associated documentation files (the
5
- "Software"), to deal in the Software without restriction, including
6
- without limitation the rights to use, copy, modify, merge, publish,
7
- distribute, sublicense, and/or sell copies of the Software, and to
8
- permit persons to whom the Software is furnished to do so, subject to
9
- the following conditions:
10
-
11
- The above copyright notice and this permission notice shall be
12
- included in all copies or substantial portions of the Software.
13
-
14
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
- MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
- LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
- OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
- WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README DELETED
@@ -1,22 +0,0 @@
1
- Slicehost Recipes
2
- =================
3
-
4
- Slicehost Capistrano recipes for configuring and managing your slice. Require Capistrano >2.5.0
5
-
6
- Example
7
- =======
8
-
9
- The recipes are designed to work stand alone apart from the standard set of Capistrano deploy recipes.
10
-
11
- require 'capistrano/ext/slicehost' in your deploy.rb file
12
-
13
- Contributors
14
- ============
15
-
16
- * Oleg Zhurbiy
17
- * Thomas Balthazar
18
- * Fran Diéguez
19
- * Stephen Lumenta
20
- * Jared Giles
21
-
22
- Copyright (c) 2009 Joshua Peek, released under the MIT license
@@ -1,89 +0,0 @@
1
- set(:domain) do
2
- Capistrano::CLI.ui.ask "Which domain should we use? "
3
- end
4
-
5
- namespace :apache do
6
- desc "Restarts Apache webserver"
7
- task :restart, :roles => :web do
8
- sudo "/etc/init.d/apache2 restart"
9
- end
10
-
11
- desc "Starts Apache webserver"
12
- task :start, :roles => :web do
13
- sudo "/etc/init.d/apache2 start"
14
- end
15
-
16
- desc "Stops Apache webserver"
17
- task :stop, :roles => :web do
18
- sudo "/etc/init.d/apache2 stop"
19
- end
20
-
21
- desc "Reload Apache webserver"
22
- task :reload, :roles => :web do
23
- sudo "/etc/init.d/apache2 reload"
24
- end
25
-
26
- desc "Force reload Apache webserver"
27
- task :force_reload, :roles => :web do
28
- sudo "/etc/init.d/apache2 force-reload"
29
- end
30
-
31
- desc "List enabled Apache sites"
32
- task :enabled_sites, :roles => :web do
33
- run "ls /etc/apache2/sites-enabled"
34
- end
35
-
36
- desc "List available Apache sites"
37
- task :available_sites, :roles => :web do
38
- run "ls /etc/apache2/sites-available"
39
- end
40
-
41
- desc "List enabled Apache modules"
42
- task :enabled_modules, :roles => :web do
43
- run "ls /etc/apache2/mods-enabled"
44
- end
45
-
46
- desc "List available Apache modules"
47
- task :available_modules, :roles => :web do
48
- run "ls /etc/apache2/mods-available"
49
- end
50
-
51
- desc "Disable Apache site"
52
- task :disable_site, :roles => :web do
53
- site = Capistrano::CLI.ui.ask("Which site should we disable: ")
54
- sudo "sudo a2dissite #{site}"
55
- reload
56
- end
57
-
58
- desc "Enable Apache site"
59
- task :enable_site, :roles => :web do
60
- site = Capistrano::CLI.ui.ask("Which site should we enable: ")
61
- sudo "sudo a2ensite #{site}"
62
- reload
63
- end
64
-
65
- desc "Disable Apache module"
66
- task :disable_module, :roles => :web do
67
- mod = Capistrano::CLI.ui.ask("Which module should we disable: ")
68
- sudo "sudo a2dismod #{mod}"
69
- force_reload
70
- end
71
-
72
- desc "Enable Apache module"
73
- task :enable_module, :roles => :web do
74
- mod = Capistrano::CLI.ui.ask("Which module should we enable: ")
75
- sudo "sudo a2enmod #{mod}"
76
- force_reload
77
- end
78
-
79
- desc "Upload Apache virtual host"
80
- task :upload_vhost, :roles => :web do
81
- put render("vhost", binding), application
82
- sudo "mv #{application} /etc/apache2/sites-available/#{application}"
83
- end
84
-
85
- desc "Install Apache"
86
- task :install, :roles => :web do
87
- sudo "aptitude install -y apache2 apache2.2-common apache2-mpm-prefork apache2-utils libexpat1 ssl-cert"
88
- end
89
- end
@@ -1,94 +0,0 @@
1
- namespace :aptitude do
2
- desc <<-DESC
3
- Updates your software package list. This will not "upgrade" any of your \
4
- installed software.
5
-
6
- See "Update" section on \
7
- http://articles.slicehost.com/2007/11/6/ubuntu-gutsy-setup-page-2
8
- DESC
9
- task :update, :roles => :app do
10
- sudo "aptitude update"
11
- end
12
-
13
- desc "Alias for 'aptitude:safe_upgrade'"
14
- task :upgrade, :roles => :app do
15
- safe_upgrade
16
- end
17
-
18
- desc <<-DESC
19
- Upgrades your installed software packages.
20
-
21
- From the aptitude man pages:
22
-
23
- This command will upgrade as many packages as it can upgrade without \
24
- removing existing packages or installing new ones.
25
-
26
- It is sometimes necessary to remove or install one package in order to \
27
- upgrade another; this command is not able to upgrade packages in such \
28
- situations. Use the full-upgrade to upgrade those packages as well.
29
-
30
- See "Upgrade" section on \
31
- http://articles.slicehost.com/2007/11/6/ubuntu-gutsy-setup-page-2
32
- DESC
33
- task :safe_upgrade, :roles => :app do
34
- sudo "aptitude safe-upgrade -y"
35
- end
36
-
37
- desc <<-DESC
38
- Upgrades your installed software packages.
39
-
40
- From the aptitude man pages:
41
-
42
- Like safe-upgrade, this command will attempt to upgrade packages, but it is \
43
- more aggressive about solving dependency problems: it will install and \
44
- remove packages until all dependencies are satisfied. Because of the nature \
45
- of this command, it is possible that it will do undesirable things, and so \
46
- you should be careful when using it.
47
-
48
- See "Upgrade" section on \
49
- http://articles.slicehost.com/2007/11/6/ubuntu-gutsy-setup-page-2
50
- DESC
51
- task :full_upgrade, :roles => :app do
52
- sudo "aptitude full-upgrade -y"
53
- end
54
-
55
- desc <<-DESC
56
- Installs a software package via aptitude. You will be prompted for the \
57
- package name after running this commmand.
58
- DESC
59
- task :install, :roles => :app do
60
- package = Capistrano::CLI.ui.ask("Which package should we install: ")
61
- sudo "aptitude install #{package}"
62
- end
63
-
64
- desc <<-DESC
65
- Uninstalls a software package via aptitude. You will be prompted for the \
66
- package name after running this commmand.
67
- DESC
68
- task :uninstall, :roles => :app do
69
- package = Capistrano::CLI.ui.ask("Which package should we uninstall: ")
70
- sudo "aptitude remove #{package}"
71
- end
72
-
73
- desc <<-DESC
74
- Updates software packages and creates "a solid base for the 'meat' of the \
75
- server". This task should be run only once when you are first setting up your \
76
- new slice.
77
-
78
- For set another language different from en_GB.UTF-8, just set the LANG \
79
- environment variable to your favorite language.
80
- Ex. LANG="gl_ES.UTF-8"; cap aptitude:setup
81
-
82
- See "Update", "locales", "Upgrade" and "build essentials" sections on \
83
- http://articles.slicehost.com/2007/11/6/ubuntu-gutsy-setup-page-2
84
- DESC
85
- task :setup, :roles => :app do
86
- update
87
- language = ENV["LANG"] || "en_GB.UTF-8"
88
- sudo "locale-gen language"
89
- sudo "/usr/sbin/update-locale LANG=#{language}"
90
- safe_upgrade
91
- full_upgrade
92
- sudo "aptitude install -y build-essential"
93
- end
94
- end
@@ -1,12 +0,0 @@
1
- namespace :disk do
2
- desc "Show the amount of free disk space."
3
- task :free, :roles => :files do
4
- run "df -h /"
5
- end
6
-
7
- desc "Show free memory"
8
- task :memory, :roles => :files do
9
- run "free -m"
10
- end
11
-
12
- end
@@ -1,41 +0,0 @@
1
- namespace :gems do
2
- desc "Install the gem package system"
3
- task :install_rubygems, :roles => :app do
4
- rubygems_url = "http://rubyforge.org/" + Net::HTTP.get( URI.parse('http://rubyforge.org/frs/?group_id=126') ).scan(/frs\/.*\.tgz/).first.split('"')[0]
5
- rubygems_version = rubygems_url[/(rubygems.*)(.tgz)/, 1]
6
- run "test ! -f /usr/bin/gem"
7
- run "wget -q #{rubygems_url}"
8
- run "tar xzvf #{rubygems_version}.tgz"
9
- run "rm #{rubygems_version}.tgz"
10
- run "cd /home/#{user}/#{rubygems_version} && sudo /usr/bin/ruby ./setup.rb"
11
- sudo "ln -s /usr/bin/gem1.8 /usr/bin/gem"
12
- sudo "rm -rf #{rubygems_version}/"
13
- end
14
-
15
- desc "List gems on remote server"
16
- task :list, :roles => :app do
17
- stream "gem list"
18
- end
19
-
20
- desc "Update gems on remote server"
21
- task :update, :roles => :app do
22
- sudo "gem update"
23
- end
24
-
25
- desc "Update gem system on remote server"
26
- task :update_system, :roles => :app do
27
- sudo "gem update --system"
28
- end
29
-
30
- desc "Install a gem on the remote server"
31
- task :install, :roles => :app do
32
- name = Capistrano::CLI.ui.ask("Which gem should we install: ")
33
- sudo "gem install #{name} --no-rdoc --no-ri"
34
- end
35
-
36
- desc "Uninstall a gem on the remote server"
37
- task :uninstall, :roles => :app do
38
- name = Capistrano::CLI.ui.ask("Which gem should we uninstall: ")
39
- sudo "gem uninstall #{name}"
40
- end
41
- end
@@ -1,6 +0,0 @@
1
- namespace :git do
2
- desc "Install git"
3
- task :install, :roles => :app do
4
- sudo "aptitude install -y git-core"
5
- end
6
- end
@@ -1,21 +0,0 @@
1
- namespace :iptables do
2
- desc <<-DESC
3
- Harden iptables configuration. Only allows ssh, http, and https connections.
4
-
5
- See "iptables" section on \
6
- http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-1
7
- DESC
8
- task :configure, :roles => :gateway do
9
- put render("iptables", binding), "iptables.up.rules"
10
- sudo "mv iptables.up.rules /etc/iptables.up.rules"
11
-
12
- if capture("cat /etc/network/interfaces").grep(/iptables/).empty?
13
- run %(cat /etc/network/interfaces |
14
- sed '/iface lo inet loopback/G' |
15
- sed -e '6s/.*/pre-up iptables-restore < \\/etc\\\/iptables.up.rules/' >
16
- interfaces
17
- )
18
- sudo "mv interfaces /etc/network/interfaces"
19
- end
20
- end
21
- end
@@ -1,36 +0,0 @@
1
- namespace :mysql do
2
- desc "Restarts MySQL database server"
3
- task :restart, :roles => :db do
4
- sudo "/etc/init.d/mysql restart"
5
- end
6
-
7
- desc "Starts MySQL database server"
8
- task :start, :roles => :db do
9
- sudo "/etc/init.d/mysql start"
10
- end
11
-
12
- desc "Stops MySQL database server"
13
- task :stop, :roles => :db do
14
- sudo "/etc/init.d/mysql stop"
15
- end
16
-
17
- desc "Export MySQL database"
18
- task :export, :roles => :db do
19
- database = Capistrano::CLI.ui.ask("Which database should we export: ")
20
- sudo "mysqldump -u root -p #{database} > #{database}.sql"
21
- end
22
-
23
- desc "Import MySQL database"
24
- task :import, :roles => :db do
25
- database = Capistrano::CLI.ui.ask("Which database should we create: ")
26
- file = Capistrano::CLI.ui.ask("Which database file should we import: ")
27
- sudo "mysqladmin -u root -p create #{database}"
28
- sudo "mysql -u root -p #{database} < #{file}"
29
- end
30
-
31
- desc "Install MySQL"
32
- task :install, :roles => :db do
33
- sudo "aptitude install -y mysql-server mysql-client libmysqlclient15-dev"
34
- sudo "aptitude install -y libmysql-ruby1.8"
35
- end
36
- end
@@ -1,6 +0,0 @@
1
- require 'erb'
2
-
3
- def render(file, binding)
4
- template = File.read("#{File.dirname(__FILE__)}/templates/#{file}.erb")
5
- result = ERB.new(template).result(binding)
6
- end
@@ -1,56 +0,0 @@
1
- # TODO: Automatically determine this value
2
- set :passenger_version, "2.0.6"
3
-
4
- require 'net/http'
5
- set :ruby_enterprise_url ,Net::HTTP.get( 'www.rubyenterpriseedition.com', '/download.html' ).scan(/http:.*\.tar\.gz/).first
6
- set :ruby_enterprise_version, "#{ruby_enterprise_url[/(ruby-enterprise.*)(.tar.gz)/, 1]}"
7
-
8
- namespace :ruby do
9
-
10
- desc "Install Ruby 1.8"
11
- task :setup_18, :roles => :app do
12
- sudo "aptitude install -y ruby1.8-dev ruby1.8 ri1.8 rdoc1.8 irb1.8 libreadline-ruby1.8 libruby1.8 libopenssl-ruby sqlite3 libsqlite3-ruby1.8"
13
-
14
- sudo "ln -s /usr/bin/ruby1.8 /usr/bin/ruby"
15
- sudo "ln -s /usr/bin/ri1.8 /usr/bin/ri"
16
- sudo "ln -s /usr/bin/rdoc1.8 /usr/bin/rdoc"
17
- sudo "ln -s /usr/bin/irb1.8 /usr/bin/irb"
18
- end
19
-
20
- desc "Install Ruby Enterpise Edition"
21
- task :install_enterprise, :roles => :app do
22
- sudo "aptitude install -y libssl-dev"
23
- run "test ! -d /opt/#{ruby_enterprise_version}"
24
- run "wget -q #{ruby_enterprise_url}"
25
- run "tar xzvf #{ruby_enterprise_version}.tar.gz"
26
- run "rm #{ruby_enterprise_version}.tar.gz"
27
- sudo "./#{ruby_enterprise_version}/installer --auto /opt/#{ruby_enterprise_version}"
28
- sudo "rm -rf #{ruby_enterprise_version}/"
29
- end
30
-
31
- desc "Install Phusion Passenger"
32
- task :install_passenger, :roles => :app do
33
- sudo "apt-get install apache2-mpm-prefork"
34
- sudo "aptitude install -y apache2-prefork-dev"
35
- sudo "/opt/#{ruby_enterprise_version}/bin/ruby /opt/#{ruby_enterprise_version}/bin/gem install passenger rake --no-rdoc --no-ri"
36
- sudo "PATH='/opt/#{ruby_enterprise_version}/bin/':\$PATH /opt/#{ruby_enterprise_version}/bin/ruby /opt/#{ruby_enterprise_version}/bin/passenger-install-apache2-module", :pty => true do |ch, stream, data|
37
-
38
- if data =~ /Press\sEnter\sto\scontinue/ || data =~ /Press\sENTER\sto\scontinue/
39
- # prompt, and then send the response to the remote process
40
- ch.send_data(Capistrano::CLI.password_prompt("Press enter to continue: ") + "\n")
41
- else
42
- # use the default handler for all other text
43
- Capistrano::Configuration.default_io_proc.call(ch, stream, data)
44
- end
45
- end
46
-
47
- put render("passenger.load", binding), "/home/#{user}/passenger.load"
48
- put render("passenger.conf", binding), "/home/#{user}/passenger.conf"
49
-
50
- sudo "mv /home/#{user}/passenger.load /etc/apache2/mods-available/"
51
- sudo "mv /home/#{user}/passenger.config /etc/apache2/mods-available/"
52
-
53
- sudo "a2enmod passenger"
54
- apache.force_reload
55
- end
56
- end
@@ -1,7 +0,0 @@
1
- namespace :slice do
2
- task :configure do
3
- ssh.setup
4
- iptables.configure
5
- aptitude.setup
6
- end
7
- end
@@ -1,59 +0,0 @@
1
- ssh_options = { :keys => [File.expand_path("~/.ssh/id_dsa"),File.expand_path("~/.ssh/id_rsa") ], :port => 22 }
2
-
3
- namespace :ssh do
4
- desc <<-DESC
5
- Reload SSH service.
6
- DESC
7
- task :reload, :roles => :gateway do
8
- sudo "/etc/init.d/ssh reload"
9
- end
10
-
11
- desc <<-DESC
12
- Setup SSH on the gateway host. Runs `upload_keys` and `configure_sshd` \
13
- then reloads the SSH service to finalize the changes.
14
- DESC
15
- task :setup, :roles => :gateway do
16
- upload_keys
17
- configure_sshd
18
- reload
19
- end
20
-
21
- desc <<-DESC
22
- Uploads your local public SSH keys to the server. A .ssh folder is created if \
23
- one does not already exist. The SSH keys default to the ones set in \
24
- Capistrano's ssh_options. You can change this by setting ssh_options[:keys] = \
25
- ["/home/user/.ssh/id_dsa"].
26
-
27
- See "SSH copy" and "SSH Permissions" sections on \
28
- http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-1
29
- DESC
30
- task :upload_keys, :roles => :gateway do
31
- run "mkdir -p ~/.ssh"
32
- run "chown -R #{user}:#{user} ~/.ssh"
33
- run "chmod 700 ~/.ssh"
34
-
35
- authorized_keys = ssh_options[:keys].collect { |key|
36
- begin
37
- File.read("#{key}.pub")
38
- rescue Errno::ENOENT => e
39
- end
40
-
41
- }.join("\n")
42
- put authorized_keys, "./.ssh/authorized_keys", :mode => 0600
43
- end
44
-
45
- desc <<-DESC
46
- Configure SSH daemon with more secure settings recommended by Slicehost. The \
47
- will be configured to run on the port configured in Capistrano's "ssh_options". \
48
- This defaults to the standard SSH port 22. You can change this by setting \
49
- ssh_options[:port] = 3000. Note that this change will not take affect until \
50
- reload the SSH service with `cap ssh:reload`.
51
-
52
- See "SSH config" section on \
53
- http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-1
54
- DESC
55
- task :configure_sshd, :roles => :gateway do
56
- put render("sshd_config", binding), "sshd_config"
57
- sudo "mv sshd_config /etc/ssh/sshd_config"
58
- end
59
- end
@@ -1,42 +0,0 @@
1
- *filter
2
-
3
-
4
- # Allows all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0
5
- -A INPUT -i lo -j ACCEPT
6
- -A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT
7
-
8
-
9
- # Accepts all established inbound connections
10
- -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
11
-
12
-
13
- # Allows all outbound traffic
14
- # You can modify this to only allow certain traffic
15
- -A OUTPUT -j ACCEPT
16
-
17
-
18
- # Allows HTTP and HTTPS connections from anywhere (the normal ports for websites)
19
- -A INPUT -p tcp --dport 80 -j ACCEPT
20
- -A INPUT -p tcp --dport 443 -j ACCEPT
21
-
22
-
23
- # Allows SSH connections
24
- #
25
- # THE -dport NUMBER IS THE SAME ONE YOU SET UP IN THE SSHD_CONFIG FILE
26
- #
27
- -A INPUT -p tcp -m state --state NEW --dport <%= ssh_options[:port] %> -j ACCEPT
28
-
29
-
30
- # Allow ping
31
- -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
32
-
33
-
34
- # log iptables denied calls
35
- -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
36
-
37
-
38
- # Reject all other inbound - default deny unless explicitly allowed policy
39
- -A INPUT -j REJECT
40
- -A FORWARD -j REJECT
41
-
42
- COMMIT
@@ -1,2 +0,0 @@
1
- PassengerRoot /opt/<%= ruby_enterprise_version %>/lib/ruby/gems/1.8/gems/passenger-<%= passenger_version %>
2
- PassengerRuby /opt/<%= ruby_enterprise_version %>/bin/ruby
@@ -1 +0,0 @@
1
- LoadModule passenger_module /opt/<%= ruby_enterprise_version %>/lib/ruby/gems/1.8/gems/passenger-<%= passenger_version %>/ext/apache2/mod_passenger.so
@@ -1,81 +0,0 @@
1
- # Package generated configuration file
2
- # See the sshd(8) manpage for details
3
-
4
- # What ports, IPs and protocols we listen for
5
- Port <%= ssh_options[:port] %>
6
- # Use these options to restrict which interfaces/protocols sshd will bind to
7
- #ListenAddress ::
8
- #ListenAddress 0.0.0.0
9
- Protocol 2
10
- # HostKeys for protocol version 2
11
- HostKey /etc/ssh/ssh_host_rsa_key
12
- HostKey /etc/ssh/ssh_host_dsa_key
13
- #Privilege Separation is turned on for security
14
- UsePrivilegeSeparation yes
15
-
16
- # Lifetime and size of ephemeral version 1 server key
17
- KeyRegenerationInterval 3600
18
- ServerKeyBits 768
19
-
20
- # Logging
21
- SyslogFacility AUTH
22
- LogLevel INFO
23
-
24
- # Authentication:
25
- LoginGraceTime 120
26
- PermitRootLogin no
27
- StrictModes yes
28
-
29
- RSAAuthentication yes
30
- PubkeyAuthentication yes
31
- #AuthorizedKeysFile %h/.ssh/authorized_keys
32
-
33
- # Don't read the user's ~/.rhosts and ~/.shosts files
34
- IgnoreRhosts yes
35
- # For this to work you will also need host keys in /etc/ssh_known_hosts
36
- RhostsRSAAuthentication no
37
- # similar for protocol version 2
38
- HostbasedAuthentication no
39
- # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
40
- #IgnoreUserKnownHosts yes
41
-
42
- # To enable empty passwords, change to yes (NOT RECOMMENDED)
43
- PermitEmptyPasswords no
44
-
45
- # Change to yes to enable challenge-response passwords (beware issues with
46
- # some PAM modules and threads)
47
- ChallengeResponseAuthentication no
48
-
49
- # Change to no to disable tunnelled clear text passwords
50
- PasswordAuthentication no
51
-
52
- # Kerberos options
53
- #KerberosAuthentication no
54
- #KerberosGetAFSToken no
55
- #KerberosOrLocalPasswd yes
56
- #KerberosTicketCleanup yes
57
-
58
- # GSSAPI options
59
- GSSAPIAuthentication no
60
- #GSSAPICleanupCredentials yes
61
-
62
- X11Forwarding no
63
- X11DisplayOffset 10
64
- PrintMotd no
65
- PrintLastLog yes
66
- KeepAlive yes
67
- #UseLogin no
68
-
69
- #MaxStartups 10:30:60
70
- #Banner /etc/issue.net
71
-
72
- # Allow client to pass locale environment variables
73
- AcceptEnv LANG LC_*
74
-
75
- Subsystem sftp /usr/lib/openssh/sftp-server
76
-
77
- UsePAM no
78
-
79
- UseDNS no
80
-
81
- AllowUsers <%= user %>
@@ -1,8 +0,0 @@
1
- <VirtualHost *:80>
2
-
3
- ServerName <%= domain %>
4
- ServerAlias www.<%= domain %>
5
-
6
- DocumentRoot <%= current_path %>/public
7
-
8
- </VirtualHost>
@@ -1,7 +0,0 @@
1
- unless Capistrano::Configuration.respond_to?(:instance)
2
- abort "Requires Capistrano 2"
3
- end
4
-
5
- Dir["#{File.dirname(__FILE__)}/slicehost/*.rb"].each { |lib|
6
- Capistrano::Configuration.instance.load {load(lib)}
7
- }