meroku 2.0.0 → 2.0.1

data/lib/meroku.rb

@@ -1,30 +1,17 @@
+require "active_support/core_ext/object/try"
+require "net/ssh"
+require 'net/http'
+require "escape"
+require "aws-sdk-ec2"
+require "dotenv"
+require "byebug"
+require 'rest-client'
 require "meroku/version"
+require "meroku/tunnel"
+require "meroku/cli"
+require "meroku/aws"
 require "meroku/infrastructure"
-require 'aws-sdk-ec2'
-require 'dotenv/load'
 
 module Meroku
 
-  def self.cli_start(*args)
-    case args.join(" ")
-      when "infrastructure spawn"
-        Meroku::Infrastructure.spawn
-      when "infrastructure despawn"
-        Meroku::Infrastructure.despawn
-      else
-        print_help
-    end
-  end
-
-  def self.print_help
-    puts <<~HEREDOC
-      Usage: meroku command subcommand
-  
-      Examples
-  
-      meroku infrastrucuture spawn    # Spawns server      
-  
-    HEREDOC
-  end
-  
 end

data/lib/meroku/aws.rb

@@ -0,0 +1,32 @@
+module Meroku
+  module Aws
+
+    EC2_PARAMS = {
+      image_id: 'ami-841f46ff',  #was xenial 'ami-cd0f5cb6',
+      min_count: 1,
+      max_count: 1,
+      key_name: 'meroku.id_rsa',
+      instance_type: 't2.micro',
+      tag_specifications: [
+        {
+          resource_type: "instance",
+          tags: [
+            {
+              key: "Name",
+              value: "node",
+            },
+          ],
+        },
+      ]
+    }
+
+    def credentials
+      ::Aws::Credentials.new(ENV['AWS_ACCESS_KEY'], ENV['AWS_SECRET'])
+    end
+
+    def ec2_client
+      ::Aws::EC2::Client.new(region: 'us-east-1', credentials: credentials)
+    end
+
+  end
+end

data/lib/meroku/cli.rb

@@ -0,0 +1,131 @@
+module Meroku
+  module CLI
+
+    HELP = <<~HEREDOC
+      Usage: meroku command subcommand
+  
+      Examples
+
+      meroku signup    # if you havent done already
+
+      meroku create
+
+      meroku keys:add
+
+      meroku infrastrucuture spawn    # Spawns server      
+  
+    HEREDOC
+    
+    def self.start(*args)
+      case args.join(" ")
+        when "infrastructure spawn"
+          load_secrets || exit
+          node = Meroku::Infrastructure::Node.new.associate_address.install_packages.install_frontend_app
+          puts "spawned #{node.instance.try(:instance_id)}"
+        when "infrastructure despawn"
+          load_secrets || exit
+          Meroku::Infrastructure.despawn
+        when "signup"
+          signup
+        when "keys:add"
+          token_check || exit
+          keys_add
+        when "create"
+          token_check || exit
+          create
+        else
+          puts HELP
+      end      
+    end
+
+    def self.signup
+      print "Email: "
+      email = STDIN.gets
+      print "Password: "
+      password = STDIN.noecho(&:gets).chomp
+      print "\n"
+      url = "https://www.meroku.com/users.json"
+      #url = "http://localhost:3000/users.json"
+      response_json = RestClient.post url, {:user=>{:email => email, :password => password, :password_confirmation => password}}.to_json, timeout: 1, :content_type => :json, :accept => :json
+      if JSON.parse(response_json)["errors"] && JSON.parse(response_json)["errors"].size > 0
+        puts JSON.parse(response_json)["errors"].map{|x| x["detail"]}.join(".")
+      else
+        email = JSON.parse(response_json)["data"]["attributes"]["email"]
+        token = JSON.parse(response_json)["data"]["attributes"]["token"]
+        puts "Signed up #{email}"
+        save_token(token)
+      end
+    end
+
+    def self.create
+      url = "https://www.meroku.com/apps.json"
+      token = `cat ~/.meroku/.token`.chomp
+      response_json = RestClient.post url, {:app=>{:name => "unnamed"}, :token=>token}.to_json, timeout: 1, :content_type => :json, :accept => :json
+
+      if JSON.parse(response_json)["errors"] && JSON.parse(response_json)["errors"].size > 0
+        puts JSON.parse(response_json)["errors"].map{|x| x["detail"]}.join(".")
+      else
+        name = JSON.parse(response_json)["data"]["attributes"]["name"]
+        puts "Created #{name}, adding git remote"
+        puts "git remote remove meroku"
+        `git remote remove meroku`
+        puts "git remote add meroku git@www.meroku.com:#{name}.git"
+        `git remote add meroku git@www.meroku.com:#{name}.git`
+      end
+    end
+
+    def self.token_check
+      if !File.exist? "#{Dir.home}/.meroku/.token"
+        puts "error: Have you logged in yet?"
+        return nil
+      end
+      true
+    end
+
+    def self.load_secrets
+      if !File.exist? "#{Dir.home}/.meroku/.secret"
+        puts "error: File #{Dir.home}/.meroku/.secret not found"
+        return nil
+      end
+      env_file = Dir.home+'/.meroku/meroku.env'
+      if !File.exist? env_file
+        secret=`cat ~/.meroku/.secret`.chomp
+        remote_env_file = "http://www.sam-we.com/dropbox/meroku-#{secret}/meroku.env"
+        File.write(env_file, Net::HTTP.get(URI.parse(remote_env_file)))
+      end
+      Dotenv.load(env_file)
+    end
+
+    def self.save_token(token)
+      dirname = File.dirname("#{Dir.home}/.meroku")
+      unless File.directory?(dirname)
+        FileUtils.mkdir(dirname)
+      end
+      File.open("#{Dir.home}/.meroku/.token", 'w') { |file| file.write(token) }
+    end
+
+    def self.keys_add
+      if !File.exist? "#{Dir.home}/.ssh/id_rsa.pub"
+        puts "error: File #{Dir.home}/.ssh/id_rsa.pub not found"
+        puts "You can use this command to generate a key:"
+        puts "    ssh-keygen -t rsa"
+        return nil
+      end
+      name = "id_rsa.pub"
+      data = `cat ~/.ssh/id_rsa.pub`.chomp
+      url = "https://www.meroku.com/publickeys.json"
+      token = `cat ~/.meroku/.token`.chomp
+      response_json = RestClient.post url, {:publickey=>{:name => nam, :data=>data}, :token=>token}.to_json, timeout: 1, :content_type => :json, :accept => :json
+
+      if JSON.parse(response_json)["errors"] && JSON.parse(response_json)["errors"].size > 0
+        puts JSON.parse(response_json)["errors"].map{|x| x["detail"]}.join(".")
+      else
+        name = JSON.parse(response_json)["data"]["attributes"]["name"]
+        puts "Added #{name}"
+      end
+    end
+
+  end
+
+
+end

data/lib/meroku/infrastructure.rb

@@ -1,24 +1,17 @@
+require "meroku/infrastructure/node"
+
 module Meroku
   module Infrastructure
-    def self.spawn
-      credentials = Aws::Credentials.new(ENV['AWS_ACCESS_KEY'], ENV['AWS_SECRET'])
-      ec2_client = Aws::EC2::Client.new(region: 'us-east-1', credentials: credentials)
-      ec2_client.run_instances(
-        image_id: 'ami-cd0f5cb6',
-        min_count: 1,
-        max_count: 1,
-        key_name: 'meroku.id_rsa',
-        instance_type: 't2.micro',
-      ).instances.first
-    end
+
+    extend Meroku::Aws
 
     def self.despawn
-      resp = nil
-      credentials = Aws::Credentials.new(ENV['AWS_ACCESS_KEY'], ENV['AWS_SECRET'])
-      ec2 = Aws::EC2::Resource.new(region: 'us-east-1', credentials: credentials)
-      running_instance = ec2.instances.detect { |i| i.exists? && i.state.code!=48 }
-      resp = running_instance.terminate if running_instance
-      resp
+      instances = ec2_client.describe_instances(filters:[{ name: "tag:Name", values: ['node'] }, { name: 'instance-state-name', values: ['running','pending'] }]).reservations.map { |xx| xx.instances.first.instance_id }
+      puts "will despawn #{instances.inspect}"
+      ec2_client.terminate_instances({
+                                       instance_ids: instances
+                                     }) if instances.size > 0
     end
   end
+
 end

data/lib/meroku/infrastructure/node.rb

@@ -0,0 +1,68 @@
+
+module Meroku
+  module Infrastructure
+    class Node
+      include Meroku::Aws
+      attr_accessor :instance, :tunnel
+
+      def initialize
+        result = ec2_client.try(:run_instances,Meroku::Aws::EC2_PARAMS)
+        @instance = result.instances.first if result
+        @tunnel = Meroku::Tunnel.new(
+          ip: "34.239.241.218",
+          username: "ubuntu",
+          keys: "~/crypto/meroku/meroku.id_rsa",
+          verify_host_key: false,
+          verbose: false
+        )
+        self
+      end
+
+      def associate_address
+        retries ||= 0
+        return self if !ec2_client
+        ec2_client.associate_address(
+          allocation_id: "eipalloc-139f7823",
+          instance_id: @instance.try(:instance_id)
+        )
+        self
+      rescue ::Aws::EC2::Errors::InvalidInstanceID => e
+        print STDERR.print "."
+        sleep 2
+        retry if (retries += 1) < 15
+      end
+      
+      def install_packages
+        @tunnel.run "sudo apt-add-repository ppa:brightbox/ruby-ng\;"
+        @tunnel.run "curl -s -o /tmp/modified-cedar-14.sh https://raw.githubusercontent.com/oystersauce8/meroku/master/modified-cedar-14.sh"
+        @tunnel.run "sudo chmod 755 /tmp/modified-cedar-14.sh"
+        @tunnel.run "/bin/bash -lc 'sudo /tmp/modified-cedar-14.sh'"
+        #@tunnel.run "sudo apt-get update\;"
+        @tunnel.run "sudo apt-get install -y ruby2.4 ruby2.4-dev"
+        @tunnel.run "sudo apt-get install -y nginx libsqlite3-dev nodejs"
+        self
+      end
+
+      def install_frontend_app
+        @tunnel.run 'mkdir /home/ubuntu/.meroku'
+        @tunnel.run "cd ~\; git clone https://github.com/oystersauce8/meroku\;"
+        @tunnel.run "sudo cp ~/meroku/frontend/etc_nginx_sites-available_default /etc/nginx/sites-available/default"
+
+        @tunnel.run "curl -o /home/ubuntu/.meroku/letsencrypt_fullchain.pem http://www.sam-we.com/dropbox/meroku-#{ENV['SECRET']}/letsencrypt_fullchain.pem"
+        @tunnel.run "curl -o /home/ubuntu/.meroku/letsencrypt_privkey.pem http://www.sam-we.com/dropbox/meroku-#{ENV['SECRET']}/letsencrypt_privkey.pem"
+
+        @tunnel.run "cd ~/.meroku/\; curl -O http://www.sam-we.com/dropbox/meroku-#{ENV['SECRET']}/ssh_host_keys.tgz"
+        #@tunnel.run "cd ~/.meroku/\; sudo tar xf ssh_host_keys.tgz -C /etc/ssh/ --overwrite"
+        @tunnel.run "cd ~/meroku/frontend/\; sudo gem install bundler\; bundle\;"
+        @tunnel.run "(cd ~/meroku/frontend && RAILS_ENV=production bundle exec rails assets:precompile)"
+
+        @tunnel.run "(cd ~/meroku/frontend && RAILS_ENV=production bundle exec rake db:migrate)"
+        @tunnel.run "cd ~/meroku/frontend/\; bundle exec puma -d"
+        @tunnel.run "sudo service nginx restart"
+        @tunnel.run "sudo service ssh restart"
+        self
+      end
+
+    end
+  end
+end

data/lib/meroku/tunnel.rb

@@ -0,0 +1,50 @@
+module Meroku
+  class Tunnel
+
+    attr_accessor :ip, :username, :keys, :verify_host_key, :verbose
+
+    def initialize(ip:,username:,keys:,verify_host_key:,verbose:)
+      @ip = ip
+      @username = username
+      @keys = keys
+      @verify_host_key = verify_host_key
+      @verbose = verbose
+    end
+
+    def run(cmd)
+      @verbose=true
+      retries ||= 0
+      Net::SSH.start(@ip,
+                     @username,
+                     password: 'password',
+                     keys: @keys,
+                     verify_host_key: @verify_host_key,
+                     timeout: 90) do |ssh|
+        channel = ssh.open_channel do |ch|
+          STDERR.print cmd
+          ch.exec cmd do |ch, success|
+            raise "could not execute command" unless success
+            ch.on_data do |c, data|
+              if @verbose
+                $stdout.print data
+              else
+                $stdout.print "."
+              end
+            end
+            ch.on_extended_data do |c, type, data|
+              if @verbose
+                $stderr.print data
+              else
+                $stderr.print "."
+              end
+            end
+            ch.on_close { print "\n" }
+          end
+        end
+        channel.wait
+      end
+    rescue Errno::ECONNREFUSED => e
+      retry if (retries += 1) < 10
+    end
+  end
+end

data/lib/meroku/version.rb

@@ -1,3 +1,3 @@
 module Meroku
-  VERSION = "2.0.0"
+  VERSION = "2.0.1"
 end

data/meroku.gemspec

@@ -21,16 +21,20 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_runtime_dependency "aws-sdk", "~> 3"
-  spec.add_runtime_dependency "dotenv", "~> 2.2.1"  
+  spec.add_dependency 'escape', '~> 0.0.4'
+  spec.add_dependency 'rest-client'
   
+  spec.add_runtime_dependency     "activesupport", "~> 5.1.4"
+  spec.add_runtime_dependency     "aws-sdk-ec2", "~> 1"
+  spec.add_runtime_dependency     "dotenv", "~> 2.2.1"
+  spec.add_runtime_dependency     "net-ssh", "~> 4.2.0"
+
   spec.add_development_dependency "bundler", "~> 1.15"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "minitest", "~> 5.0"
 
   spec.add_development_dependency "guard", "~>2.14.1"
   spec.add_development_dependency "guard-minitest", "~>2.4.6"
-  spec.add_development_dependency "guard-shell", "~>0.7.1"
   spec.add_development_dependency "byebug", "~> 9.1.0"
   spec.add_development_dependency "simplecov", "~> 0.14.1"
   spec.add_development_dependency "coveralls", "~> 0.8.21"  

data/modified-cedar-14.sh

@@ -0,0 +1,175 @@
+#!/bin/bash
+
+exec 2>&1
+set -e
+set -x
+
+cat > /etc/apt/sources.list <<EOF
+deb http://archive.ubuntu.com/ubuntu/ trusty main universe
+deb http://archive.ubuntu.com/ubuntu/ trusty-security main universe
+deb http://archive.ubuntu.com/ubuntu/ trusty-updates main universe
+
+deb http://apt.postgresql.org/pub/repos/apt/ trusty-pgdg main
+EOF
+
+apt-key add - <<'PGDG_ACCC4CF8'
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
+
+mQINBE6XR8IBEACVdDKT2HEH1IyHzXkb4nIWAY7echjRxo7MTcj4vbXAyBKOfjja
+UrBEJWHN6fjKJXOYWXHLIYg0hOGeW9qcSiaa1/rYIbOzjfGfhE4x0Y+NJHS1db0V
+G6GUj3qXaeyqIJGS2z7m0Thy4Lgr/LpZlZ78Nf1fliSzBlMo1sV7PpP/7zUO+aA4
+bKa8Rio3weMXQOZgclzgeSdqtwKnyKTQdXY5MkH1QXyFIk1nTfWwyqpJjHlgtwMi
+c2cxjqG5nnV9rIYlTTjYG6RBglq0SmzF/raBnF4Lwjxq4qRqvRllBXdFu5+2pMfC
+IZ10HPRdqDCTN60DUix+BTzBUT30NzaLhZbOMT5RvQtvTVgWpeIn20i2NrPWNCUh
+hj490dKDLpK/v+A5/i8zPvN4c6MkDHi1FZfaoz3863dylUBR3Ip26oM0hHXf4/2U
+A/oA4pCl2W0hc4aNtozjKHkVjRx5Q8/hVYu+39csFWxo6YSB/KgIEw+0W8DiTII3
+RQj/OlD68ZDmGLyQPiJvaEtY9fDrcSpI0Esm0i4sjkNbuuh0Cvwwwqo5EF1zfkVj
+Tqz2REYQGMJGc5LUbIpk5sMHo1HWV038TWxlDRwtOdzw08zQA6BeWe9FOokRPeR2
+AqhyaJJwOZJodKZ76S+LDwFkTLzEKnYPCzkoRwLrEdNt1M7wQBThnC5z6wARAQAB
+tBxQb3N0Z3JlU1FMIERlYmlhbiBSZXBvc2l0b3J5iQI9BBMBCAAnAhsDBQsJCAcD
+BRUKCQgLBRYCAwEAAh4BAheABQJS6RUZBQkOhCctAAoJEH/MfUaszEz4zmQP/2ad
+HtuaXL5Xu3C3NGLha/aQb9iSJC8z5vN55HMCpsWlmslCBuEr+qR+oZvPkvwh0Io/
+8hQl/qN54DMNifRwVL2n2eG52yNERie9BrAMK2kNFZZCH4OxlMN0876BmDuNq2U6
+7vUtCv+pxT+g9R1LvlPgLCTjS3m+qMqUICJ310BMT2cpYlJx3YqXouFkdWBVurI0
+pGU/+QtydcJALz5eZbzlbYSPWbOm2ZSS2cLrCsVNFDOAbYLtUn955yXB5s4rIscE
+vTzBxPgID1iBknnPzdu2tCpk07yJleiupxI1yXstCtvhGCbiAbGFDaKzhgcAxSIX
+0ZPahpaYLdCkcoLlfgD+ar4K8veSK2LazrhO99O0onRG0p7zuXszXphO4E/WdbTO
+yDD35qCqYeAX6TaB+2l4kIdVqPgoXT/doWVLUK2NjZtd3JpMWI0OGYDFn2DAvgwP
+xqKEoGTOYuoWKssnwLlA/ZMETegak27gFAKfoQlmHjeA/PLC2KRYd6Wg2DSifhn+
+2MouoE4XFfeekVBQx98rOQ5NLwy/TYlsHXm1n0RW86ETN3chj/PPWjsi80t5oepx
+82azRoVu95LJUkHpPLYyqwfueoVzp2+B2hJU2Rg7w+cJq64TfeJG8hrc93MnSKIb
+zTvXfdPtvYdHhhA2LYu4+5mh5ASlAMJXD7zIOZt2iEYEEBEIAAYFAk6XSO4ACgkQ
+xa93SlhRC1qmjwCg9U7U+XN7Gc/dhY/eymJqmzUGT/gAn0guvoX75Y+BsZlI6dWn
+qaFU6N8HiQIcBBABCAAGBQJOl0kLAAoJEExaa6sS0qeuBfEP/3AnLrcKx+dFKERX
+o4NBCGWr+i1CnowupKS3rm2xLbmiB969szG5TxnOIvnjECqPz6skK3HkV3jTZaju
+v3sR6M2ItpnrncWuiLnYcCSDp9TEMpCWzTEgtrBlKdVuTNTeRGILeIcvqoZX5w+u
+i0eBvvbeRbHEyUsvOEnYjrqoAjqUJj5FUZtR1+V9fnZp8zDgpOSxx0LomnFdKnhj
+uyXAQlRCA6/roVNR9ruRjxTR5ubteZ9ubTsVYr2/eMYOjQ46LhAgR+3Alblu/WHB
+MR/9F9//RuOa43R5Sjx9TiFCYol+Ozk8XRt3QGweEH51YkSYY3oRbHBb2Fkql6N6
+YFqlLBL7/aiWnNmRDEs/cdpo9HpFsbjOv4RlsSXQfvvfOayHpT5nO1UQFzoyMVpJ
+615zwmQDJT5Qy7uvr2eQYRV9AXt8t/H+xjQsRZCc5YVmeAo91qIzI/tA2gtXik49
+6yeziZbfUvcZzuzjjxFExss4DSAwMgorvBeIbiz2k2qXukbqcTjB2XqAlZasd6Ll
+nLXpQdqDV3McYkP/MvttWh3w+J/woiBcA7yEI5e3YJk97uS6+ssbqLEd0CcdT+qz
++Waw0z/ZIU99Lfh2Qm77OT6vr//Zulw5ovjZVO2boRIcve7S97gQ4KC+G/+QaRS+
+VPZ67j5UMxqtT/Y4+NHcQGgwF/1iiQI9BBMBCAAnAhsDBQsJCAcDBRUKCQgLBRYC
+AwEAAh4BAheABQJQeSssBQkDwxbfAAoJEH/MfUaszEz4bgkP/0AI0UgDgkNNqplA
+IpE/pkwem2jgGpJGKurh2xDu6j2ZL+BPzPhzyCeMHZwTXkkI373TXGQQP8dIa+RD
+HAZ3iijw4+ISdKWpziEUJjUk04UMPTlN+dYJt2EHLQDD0VLtX0yQC/wLmVEH/REp
+oclbVjZR/+ehwX2IxOIlXmkZJDSycl975FnSUjMAvyzty8P9DN0fIrQ7Ju+BfMOM
+TnUkOdp0kRUYez7pxbURJfkM0NxAP1geACI91aISBpFg3zxQs1d3MmUIhJ4wHvYB
+uaR7Fx1FkLAxWddre/OCYJBsjucE9uqc04rgKVjN5P/VfqNxyUoB+YZ+8Lk4t03p
+RBcD9XzcyOYlFLWXbcWxTn1jJ2QMqRIWi5lzZIOMw5B+OK9LLPX0dAwIFGr9WtuV
+J2zp+D4CBEMtn4Byh8EaQsttHeqAkpZoMlrEeNBDz2L7RquPQNmiuom15nb7xU/k
+7PGfqtkpBaaGBV9tJkdp7BdH27dZXx+uT+uHbpMXkRrXliHjWpAw+NGwADh/Pjmq
+ExlQSdgAiXy1TTOdzxKH7WrwMFGDK0fddKr8GH3f+Oq4eOoNRa6/UhTCmBPbryCS
+IA7EAd0Aae9YaLlOB+eTORg/F1EWLPm34kKSRtae3gfHuY2cdUmoDVnOF8C9hc0P
+bL65G4NWPt+fW7lIj+0+kF19s2PviQI9BBMBCAAnAhsDBQsJCAcDBRUKCQgLBRYC
+AwEAAh4BAheABQJRKm2VBQkINsBBAAoJEH/MfUaszEz4RTEP/1sQHyjHaUiAPaCA
+v8jw/3SaWP/g8qLjpY6ROjLnDMvwKwRAoxUwcIv4/TWDOMpwJN+CJIbjXsXNYvf9
+OX+UTOvq4iwi4ADrAAw2xw+Jomc6EsYla+hkN2FzGzhpXfZFfUsuphjY3FKL+4hX
+H+R8ucNwIz3yrkfc17MMn8yFNWFzm4omU9/JeeaafwUoLxlULL2zY7H3+QmxCl0u
+6t8VvlszdEFhemLHzVYRY0Ro/ISrR78CnANNsMIy3i11U5uvdeWVCoWV1BXNLzOD
+4+BIDbMB/Do8PQCWiliSGZi8lvmj/sKbumMFQonMQWOfQswTtqTyQ3yhUM1LaxK5
+PYq13rggi3rA8oq8SYb/KNCQL5pzACji4TRVK0kNpvtxJxe84X8+9IB1vhBvF/Ji
+/xDd/3VDNPY+k1a47cON0S8Qc8DA3mq4hRfcgvuWy7ZxoMY7AfSJOhleb9+PzRBB
+n9agYgMxZg1RUWZazQ5KuoJqbxpwOYVFja/stItNS4xsmi0lh2I4MNlBEDqnFLUx
+SvTDc22c3uJlWhzBM/f2jH19uUeqm4jaggob3iJvJmK+Q7Ns3WcfhuWwCnc1+58d
+iFAMRUCRBPeFS0qd56QGk1r97B6+3UfLUslCfaaA8IMOFvQSHJwDO87xWGyxeRTY
+IIP9up4xwgje9LB7fMxsSkCDTHOk
+=s3DI
+-----END PGP PUBLIC KEY BLOCK-----
+PGDG_ACCC4CF8
+
+apt-get update
+apt-get upgrade -y --force-yes
+apt-get install -y --force-yes \
+    autoconf \
+    bind9-host \
+    bison \
+    build-essential \
+    coreutils \
+    curl \
+    daemontools \
+    dnsutils \
+    ed \
+    git \
+    imagemagick \
+    iputils-tracepath \
+    language-pack-en \
+    libbz2-dev \
+    libcurl4-openssl-dev \
+    libev-dev \
+    libevent-dev \
+    libglib2.0-dev \
+    libjpeg-dev \
+    libmagickwand-dev \
+    libmysqlclient-dev \
+    libncurses5-dev \
+    libpq-dev \
+    libpq5 \
+    librdkafka-dev \
+    libreadline6-dev \
+    libssl-dev \
+    libuv-dev \
+    libxml2-dev \
+    libxslt-dev \
+    netcat-openbsd \
+    openjdk-7-jdk \
+    openjdk-7-jre-headless \
+    openssh-client \
+    openssh-server \
+    postgresql-client-9.6 \
+    postgresql-server-dev-9.6 \
+    python \
+    python-dev \
+    socat \
+    stunnel \
+    syslinux \
+    tar \
+    telnet \
+    zip \
+    zlib1g-dev \
+    #
+
+## locales
+#apt-cache search language-pack \
+#    | cut -d ' ' -f 1 \
+#    | grep -v '^language\-pack\-\(gnome\|kde\)\-' \
+#    | grep -v '\-base$' \
+#    | xargs apt-get install -y --force-yes --no-install-recommends
+
+cd /
+rm -rf /var/cache/apt/archives/*.deb
+rm -rf /root/*
+rm -rf /tmp/*
+
+## remove SUID and SGID flags from all binaries
+#function pruned_find() {
+#  find / -type d \( -name dev -o -name proc \) -prune -o $@ -print
+#}
+#
+#pruned_find -perm /u+s | xargs -r chmod u-s
+#pruned_find -perm /g+s | xargs -r chmod g-s
+#
+## remove non-root ownership of files
+#chown root:root /var/lib/libuuid
+#
+## display build summary
+#set +x
+#echo -e "\nRemaining suspicious security bits:"
+#(
+#  pruned_find ! -user root
+#  pruned_find -perm /u+s
+#  pruned_find -perm /g+s
+#  pruned_find -perm /+t
+#) | sed -u "s/^/  /"
+
+echo -e "\nInstalled versions:"
+(
+  git --version
+  python -V
+) 2>&1 | sed -u "s/^/  /"
+
+echo -e "\nSuccess!"
+exit 0