mana 0.0.1

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+.idea

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in mana.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Ilia Ablamonov
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# Mana
+
+Configuration management with Chef & Capistrano
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'mana'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install mana
+
+## Usage
+
+    rake mana:install
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"

data/cookbooks/monit/attributes/default.rb

@@ -0,0 +1,13 @@
+default[:monit][:notify_email]          = "notify@example.com"
+
+default[:monit][:poll_period]           = 60
+default[:monit][:poll_start_delay]      = nil
+
+default[:monit][:mail_format][:subject] = "$SERVICE $EVENT"
+default[:monit][:mail_format][:from]    = "monit@example.com"
+default[:monit][:mail_format][:message]    = <<-EOS
+Monit $ACTION $SERVICE at $DATE on $HOST: $DESCRIPTION.
+Yours sincerely,
+monit
+EOS
+

data/cookbooks/monit/files/ubuntu/monit.default

@@ -0,0 +1,11 @@
+# Defaults for monit initscript
+# sourced by /etc/init.d/monit
+# installed at /etc/default/monit by chef
+
+# You must set this variable to for monit to start
+startup=1
+
+# To change the intervals which monit should run,
+# edit the configuration file /etc/monit/monitrc
+# It can no longer be configured here.
+

data/cookbooks/monit/libraries/monitrc.rb

@@ -0,0 +1,21 @@
+class Chef
+  class Recipe
+    # name        The name of the service.  Looks for a template named NAME.conf
+    # variables   Hash of variables to pass to the template
+    # reload      Reload monit so it notices the new service.  :delayed (default) or :immediately.
+    def monitrc(name, variables={}, reload = :delayed, &block)
+      log "Making monitrc for: #{name}"
+      template "/etc/monit/conf.d/#{name}.conf" do
+        owner "root"
+        group "root"
+        mode 0644
+        source "#{name}.monit.conf.erb"
+        variables variables
+        notifies :restart, resources(:service => "monit"), reload
+        action :create
+        
+        instance_exec &block if block
+      end
+    end
+  end
+end  

data/cookbooks/monit/recipes/default.rb

@@ -0,0 +1,34 @@
+package "monit" do
+  action :install
+end
+
+if platform?("ubuntu")
+  cookbook_file "/etc/default/monit" do
+    source "monit.default"
+    owner "root"
+    group "root"
+    mode 0644
+  end
+end
+
+service "monit" do
+  action :start
+  enabled true
+  supports [:start, :restart, :stop]
+end
+
+template "/etc/monit/monitrc" do
+  owner "root"
+  group "root"
+  mode 0700
+  source 'monitrc.erb'
+  notifies :restart, resources(:service => "monit"), :immediate
+end
+
+directory "/etc/monit/conf.d/" do
+  owner  'root'
+  group 'root'
+  mode 0755
+  action :create
+  recursive true
+end

data/cookbooks/monit/recipes/ssh.rb

@@ -0,0 +1,3 @@
+include_recipe "monit"
+
+monitrc "ssh"

data/cookbooks/monit/templates/default/monitrc.erb

@@ -0,0 +1,31 @@
+set daemon <%= @node[:monit][:poll_period] %>
+<% if @node[:monit][:poll_start_delay] %>
+  with start delay <%= @node[:monit][:poll_start_delay] %>
+<% end %>
+
+set logfile /var/log/monit.log
+
+set mailserver localhost
+
+#set mailserver smtp.gmail.com port 587
+#    username "someuser@gmail.com" password "password"
+#    using tlsv1
+#    with timeout 30 seconds
+
+set eventqueue
+    basedir /var/monit  # set the base directory where events will be stored
+#    slots 1000          # optionaly limit the queue size
+
+set mail-format { 
+  from: <%= @node[:monit][:mail_format][:from] %>
+  subject: <%= @node[:monit][:mail_format][:subject] %>
+  message: <%= @node[:monit][:mail_format][:message] %>
+}
+
+set alert <%= @node[:monit][:notify_email] %> NOT ON { action, instance, pid, ppid }
+
+set httpd port 3737
+  allow 0.0.0.0/0
+
+include /etc/monit/conf.d/*.conf
+

data/cookbooks/monit/templates/default/ssh.monit.conf.erb

@@ -0,0 +1,7 @@
+# managed by chef, changes will be overwritten
+CHECK PROCESS sshd WITH PIDFILE /var/run/sshd.pid
+  START PROGRAM "/usr/sbin/service ssh start"
+  STOP PROGRAM "/usr/sbin/service ssh stop"
+  # under load a check may fail intermittently, so give it a few tries before restarting
+  IF FAILED PORT 22 PROTOCOL ssh 4 TIMES WITHIN 6 CYCLES THEN RESTART
+

data/cookbooks/nginx/attributes/default.rb

@@ -0,0 +1,3 @@
+default[:nginx][:dir]        = "/etc/nginx"
+default[:nginx][:log_dir]    = "/var/log/nginx"
+default[:nginx][:user]       = "www-data"

data/cookbooks/nginx/definitions/nginx_site.rb

@@ -0,0 +1,15 @@
+define :nginx_site, :enable => true do
+  if params[:enable]
+    execute "nxensite #{params[:name]}" do
+      command "/usr/sbin/nxensite #{params[:name]}"
+      notifies :reload, resources(:service => "nginx")
+      not_if do ::File.symlink?("#{node[:nginx][:dir]}/sites-enabled/#{params[:name]}") end
+    end
+  else
+    execute "nxdissite #{params[:name]}" do
+      command "/usr/sbin/nxdissite #{params[:name]}"
+      notifies :reload, resources(:service => "nginx")
+      only_if do ::File.symlink?("#{node[:nginx][:dir]}/sites-enabled/#{params[:name]}") end
+    end
+  end
+end

data/cookbooks/nginx/recipes/default.rb

@@ -0,0 +1,44 @@
+package "nginx"
+
+service "nginx" do
+  supports :status => true, :restart => true, :reload => true
+  action :enable
+end
+
+directory node[:nginx][:log_dir] do
+  mode 0755
+  owner node[:nginx][:user]
+  action :create
+end
+
+%w{nxensite nxdissite}.each do |nxscript|
+  template "/usr/sbin/#{nxscript}" do
+    source "#{nxscript}.erb"
+    mode 0755
+    owner "root"
+    group "root"
+  end
+end
+
+template "nginx.conf" do
+  path "#{node[:nginx][:dir]}/nginx.conf"
+  source "nginx.conf.erb"
+  owner "root"
+  group "root"
+  mode 0644
+  notifies :reload, "service[nginx]"
+end
+
+template "#{node[:nginx][:dir]}/sites-available/default" do
+  source "default.conf.erb"
+  owner "root"
+  group "root"
+  mode 0644
+  notifies :reload, "service[nginx]"
+end
+
+service "nginx" do
+  action :start
+end
+
+monitrc "nginx"

data/cookbooks/nginx/templates/default/default.conf.erb

@@ -0,0 +1,11 @@
+server {
+  listen   80;
+  server_name  <%= node[:hostname] %>;
+
+  access_log  <%= node[:nginx][:log_dir] %>/localhost.access.log;
+
+  location / {
+    root   /var/www/nginx-default;
+    index  index.html index.htm;
+  }
+}

data/cookbooks/nginx/templates/default/nginx.conf.erb

@@ -0,0 +1,32 @@
+user www-data;
+worker_processes 2;
+
+error_log  <%= node[:nginx][:log_dir] %>/error.log;
+
+events {
+  worker_connections  1024;
+}
+
+http {
+  include       mime.types;
+  default_type  application/octet-stream;
+
+  access_log	<%= node[:nginx][:log_dir] %>/access.log;
+
+  sendfile on;
+  tcp_nopush on;
+  tcp_nodelay on;
+
+  keepalive_timeout  65;
+
+  gzip on;
+  gzip_http_version 1.0;
+  gzip_comp_level 2;
+  gzip_proxied any;
+  gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript application/json;
+
+  server_names_hash_bucket_size 64;
+
+  include /etc/nginx/conf.d/*.conf;
+  include /etc/nginx/sites-enabled/*;
+}

data/cookbooks/nginx/templates/default/nginx.monit.conf.erb

@@ -0,0 +1,8 @@
+# managed by chef, changes will be overwritten
+check process nginx with pidfile /var/run/nginx.pid
+  start program "/etc/init.d/nginx start"
+  stop  program "/etc/init.d/nginx stop"
+  if failed host localhost port 80 then restart
+  if cpu is greater than 40% for 2 cycles then alert
+  if cpu > 60% for 5 cycles then restart
+  if 10 restarts within 10 cycles then timeout

data/cookbooks/nginx/templates/default/nxdissite.erb

@@ -0,0 +1,29 @@
+#!/bin/sh -e
+
+SYSCONFDIR='<%= node[:nginx][:dir] %>'
+
+if [ -z $1 ]; then
+        echo "Which site would you like to disable?"
+        echo -n "Your choices are: "
+        ls $SYSCONFDIR/sites-enabled/* | \
+        sed -e "s,$SYSCONFDIR/sites-enabled/,,g" | xargs echo
+        echo -n "Site name? "
+        read SITENAME
+else
+        SITENAME=$1
+fi
+
+if [ $SITENAME = "default" ]; then
+        PRIORITY="000"
+fi
+
+if ! [ -e $SYSCONFDIR/sites-enabled/$SITENAME -o \
+       -e $SYSCONFDIR/sites-enabled/"$PRIORITY"-"$SITENAME" ]; then
+        echo "This site is already disabled, or does not exist!"
+        exit 1
+fi
+
+if ! rm $SYSCONFDIR/sites-enabled/$SITENAME 2>/dev/null; then
+        rm -f $SYSCONFDIR/sites-enabled/"$PRIORITY"-"$SITENAME"
+fi
+echo "Site $SITENAME disabled; reload nginx to disable."

data/cookbooks/nginx/templates/default/nxensite.erb

@@ -0,0 +1,38 @@
+#!/bin/sh -e
+
+SYSCONFDIR='<%= node[:nginx][:dir] %>'
+
+if [ -z $1 ]; then
+        echo "Which site would you like to enable?"
+        echo -n "Your choices are: "
+        ls $SYSCONFDIR/sites-available/* | \
+        sed -e "s,$SYSCONFDIR/sites-available/,,g" | xargs echo
+        echo -n "Site name? "
+        read SITENAME
+else
+        SITENAME=$1
+fi
+
+if [ $SITENAME = "default" ]; then
+        PRIORITY="000"
+fi
+
+if [ -e $SYSCONFDIR/sites-enabled/$SITENAME -o \
+     -e $SYSCONFDIR/sites-enabled/"$PRIORITY"-"$SITENAME" ]; then
+        echo "This site is already enabled!"
+        exit 0
+fi
+
+if ! [ -e $SYSCONFDIR/sites-available/$SITENAME ]; then
+        echo "This site does not exist!"
+        exit 1
+fi
+
+if [ $SITENAME = "default" ]; then
+        ln -sf $SYSCONFDIR/sites-available/$SITENAME \
+               $SYSCONFDIR/sites-enabled/"$PRIORITY"-"$SITENAME"
+else
+        ln -sf $SYSCONFDIR/sites-available/$SITENAME $SYSCONFDIR/sites-enabled/$SITENAME
+fi
+
+echo "Site $SITENAME installed; reload nginx to enable."

data/cookbooks/postgresql/attributes/default.rb

@@ -0,0 +1,5 @@
+default[:postgresql][:version] = "9.1"
+default[:postgresql][:ssl] = true
+default[:postgresql][:listen_all] = false
+
+set[:postgresql][:dir] = "/etc/postgresql/#{node[:postgresql][:version]}/main"

data/cookbooks/postgresql/recipes/client.rb

@@ -0,0 +1,5 @@
+%w{postgresql-client libpq-dev make}.each do |pg_pack|
+  package pg_pack do
+    action :install
+  end
+end

data/cookbooks/postgresql/recipes/default.rb

@@ -0,0 +1,2 @@
+include_recipe "postgresql::client"
+include_recipe "postgresql::server"

data/cookbooks/postgresql/recipes/server.rb

@@ -0,0 +1,25 @@
+package "postgresql"
+
+service "postgresql" do
+  service_name "postgresql"
+  supports :restart => true, :status => true, :reload => true
+  action :nothing
+end
+
+template "#{node[:postgresql][:dir]}/postgresql.conf" do
+  source "postgresql.conf.erb"
+  owner "postgres"
+  group "postgres"
+  mode 0600
+  notifies :restart, resources(:service => "postgresql")
+end
+
+template "#{node[:postgresql][:dir]}/pg_hba.conf" do
+  source "pg_hba.conf.erb"
+  owner "postgres"
+  group "postgres"
+  mode 0600
+  notifies :reload, resources(:service => "postgresql"), :immediately
+end
+
+monitrc "postgresql"