matthewgarysmith-ubuntu-machine 0.3.1.2 → 0.3.1.3

data/lib/capistrano/ext/ubuntu-machine/curl.rb

@@ -0,0 +1,6 @@
+namespace :curl do
+  desc "Install curl"
+  task :install, :roles => :web do
+    sudo "aptitude install curl -y"
+  end
+end

data/lib/capistrano/ext/ubuntu-machine/machine.rb

@@ -3,41 +3,56 @@ namespace :machine do
   desc "Change the root password, create a new user and allow him to sudo and to SSH"
   task :initial_setup do
     set :user_to_create , user
-    set :user, 'root'
-    
-    
-    run "passwd", :pty => true do |ch, stream, data|
-      if data =~ /Enter new UNIX password/ || data=~ /Retype new UNIX password:/
-        # prompt, and then send the response to the remote process
-        ch.send_data(Capistrano::CLI.password_prompt(data) + "\n")
-      else
-        # use the default handler for all other text
-        Capistrano::Configuration.default_io_proc.call(ch, stream, data)
+    set :user, username = Capistrano::CLI.ui.ask("Login as? (#{root_user}) : ")
+    sure = Capistrano::CLI.ui.ask("Change the password for #{user}? (y/N) : ")
+    if sure.to_s.strip.downcase == 'y'
+      run "passwd", :pty => true do |ch, stream, data|
+        if data =~ /UNIX password/
+          # prompt, and then send the response to the remote process
+          ch.send_data(Capistrano::CLI.password_prompt(data) + "\n")
+        else
+          # use the default handler for all other text
+          Capistrano::Configuration.default_io_proc.call(ch, stream, data)
+        end
       end
     end
-    
-    run "adduser #{user_to_create}", :pty => true do |ch, stream, data|
-      if data =~ /Enter new UNIX password/ || data=~ /Retype new UNIX password:/ || data=~/\[\]\:/ || data=~/\[y\/N\]/i
-        # prompt, and then send the response to the remote process
-        ch.send_data(Capistrano::CLI.password_prompt(data) + "\n")
-      else
-        # use the default handler for all other text
-        Capistrano::Configuration.default_io_proc.call(ch, stream, data)
+
+    users = capture('cat /etc/passwd | cut -d":" -f1').split(/\s+/)
+    if users.include?(user_to_create)
+      puts "-- user: #{user_to_create.inspect} already exists."
+    else
+      sudo "adduser #{user_to_create}", :pty => true do |ch, stream, data|
+        if data =~ /UNIX password/ || data=~/\[\]\:/ || data=~/\[y\/N\]/i
+          # prompt, and then send the response to the remote process
+          ch.send_data(Capistrano::CLI.password_prompt(data) + "\n")
+        else
+          # use the default handler for all other text
+          Capistrano::Configuration.default_io_proc.call(ch, stream, data)
+        end
+      end
+    end
+
+    sudoers_file = capture("cat /etc/sudoers", :via => :sudo)
+    if sudoers_file.include? "#{user_to_create} ALL=(ALL)ALL"
+      puts "-- #{user_to_create} is already a sudoer"
+    else
+      sudo" bash -c \"echo '#{user_to_create} ALL=(ALL)ALL' >> /etc/sudoers\""
+      if setup_ssh
+        #this next line effectively prevents the root user from ssh access by only allowing the new user
+        sudo" bash -c \"echo 'AllowUsers #{user_to_create}' >> /etc/ssh/sshd_config\""
+        sudo "/etc/init.d/ssh reload"
       end
     end
-    
-    run "echo '#{user_to_create} ALL=(ALL)ALL' >> /etc/sudoers"
-    run "echo 'AllowUsers #{user_to_create}' >> /etc/ssh/sshd_config"
-    run "/etc/init.d/ssh reload"
   end
-  
+
   task :configure do
     ssh.setup
     iptables.configure
     aptitude.setup
   end
-  
+
   task :install_dev_tools do
+    curl.install
     mysql.install
     apache.install
     ruby.install
@@ -47,11 +62,11 @@ namespace :machine do
     git.install
     php.install
   end
-  
+
   desc = "Ask for a user and change his password"
   task :change_password do
     user_to_update = Capistrano::CLI.ui.ask("Name of the user whose you want to update the password : ")
-    
+
     sudo "passwd #{user_to_update}", :pty => true do |ch, stream, data|
       if data =~ /Enter new UNIX password/ || data=~ /Retype new UNIX password:/
         # prompt, and then send the response to the remote process

data/lib/capistrano/ext/ubuntu-machine/mysql.rb

@@ -45,7 +45,7 @@ namespace :mysql do
     create_db_tmp_file = "create_#{db_name}.sql"
     put render("new_db", binding), create_db_tmp_file
     run "mysql -u root -p#{db_root_password} < #{create_db_tmp_file}"
-        
+
     run "mysql -u root -p#{db_root_password} #{db_name} < #{file}"
     run "rm #{file} #{create_db_tmp_file}"
   end
@@ -55,15 +55,16 @@ namespace :mysql do
     db_root_password = Capistrano::CLI.ui.ask("Choose a MySQL root password : ")
     sudo "aptitude install -y mysql-server mysql-client libmysqlclient15-dev"
     sudo "aptitude install -y libmysql-ruby1.8"
+    restart
     run "mysqladmin -u root password #{db_root_password}"
   end
-  
+
   desc "Ask for a MySQL user and change his password"
   task :change_password, :roles => :db do
     user_to_update = Capistrano::CLI.ui.ask("Name of the MySQL user whose you want to update the password : ")
     old_password = Capistrano::CLI.ui.ask("Old password for #{user_to_update} : ")
     new_password = Capistrano::CLI.ui.ask("New password for #{user_to_update} : ")
-    
+
     run "mysqladmin -u #{user_to_update} -p#{old_password} password \"#{new_password}\""
   end
 end

data/lib/capistrano/ext/ubuntu-machine/ssh.rb

@@ -1,17 +1,19 @@
 namespace :ssh do
-  
+
   desc <<-DESC
     Setup SSH on the gateway host. Runs `upload_keys`, `install_ovh_ssh_key` AND \
     `configure_sshd` then reloads the SSH service to finalize the changes.
   DESC
   task :setup, :roles => :gateway do
-    upload_keys
-    configure_sshd
-    install_ovh_ssh_key if ["ovh-rps", "ovh-dedie"].include?(hosting_provider)
-    reload
+    if setup_ssh
+      upload_keys
+      configure_sshd
+      install_ovh_ssh_key if ["ovh-rps", "ovh-dedie"].include?(hosting_provider)
+      reload
+    end
   end
-  
-  
+
+
   desc <<-DESC
     Uploads your local public SSH keys to the server. A .ssh folder is created if \
     one does not already exist. The SSH keys default to the ones set in \
@@ -26,10 +28,11 @@ namespace :ssh do
     run "chown -R #{user}:#{user} ~/.ssh"
     run "chmod 700 ~/.ssh"
 
-    authorized_keys = ssh_options[:keys].collect { |key| File.read("#{key}.pub") }.join("\n")
+    key_path = File.expand_path(ssh_options[:keys])
+    authorized_keys = key_path.collect { |key| File.read("#{key}.pub") }.join("\n")
     put authorized_keys, "./.ssh/authorized_keys2", :mode => 0600
   end
-  
+
   desc <<-DESC
     Configure SSH daemon with more secure settings recommended by Slicehost. The \
     will be configured to run on the port configured in Capistrano's "ssh_options". \
@@ -44,7 +47,7 @@ namespace :ssh do
     put render("sshd_config", binding), "sshd_config"
     sudo "mv sshd_config /etc/ssh/sshd_config"
   end
-  
+
   desc <<-DESC
     Install OVH SSH Keys
   DESC
@@ -52,13 +55,13 @@ namespace :ssh do
     sudo "wget ftp://ftp.ovh.net/made-in-ovh/cle-ssh-public/installer_la_cle.sh -O installer_la_cle.sh"
     sudo "sh installer_la_cle.sh"
   end
-  
+
   desc <<-DESC
     Reload SSH service.
   DESC
   task :reload, :roles => :gateway do
     sudo "/etc/init.d/ssh reload"
   end
-  
-  
+
+
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: matthewgarysmith-ubuntu-machine
 version: !ruby/object:Gem::Version 
-  version: 0.3.1.2
+  version: 0.3.1.3
 platform: ruby
 authors: 
 - Thomas Balthazar
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-01-24 00:00:00 -08:00
+date: 2009-02-09 00:00:00 -08:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -34,6 +34,7 @@ files:
 - MIT-LICENSE
 - lib/capistrano/ext/ubuntu-machine.rb
 - lib/capistrano/ext/ubuntu-machine
+- lib/capistrano/ext/ubuntu-machine/curl.rb
 - lib/capistrano/ext/ubuntu-machine/ruby.rb
 - lib/capistrano/ext/ubuntu-machine/gems.rb
 - lib/capistrano/ext/ubuntu-machine/git.rb