RubyGems - meroku - Versions diffs - 2.0.7 → 2.0.8 - Mend

meroku 2.0.7 → 2.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/README.md +15 -0
data/frontend/app/models/app.rb +21 -5
data/frontend/app/models/publickey.rb +1 -1
data/frontend/app/models/user.rb +9 -0
data/frontend/{etc_nginx_sites-available_default → etc_nginx_sites-enabled_default} +2 -2
data/frontend/etc_nginx_sites-enabled_template +30 -0
data/lib/meroku/cli.rb +5 -50
data/lib/meroku/infrastructure/node.rb +18 -9
data/lib/meroku/tunnel.rb +7 -1
data/lib/meroku/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f67ea494901ff03ff51bede417f1269e2215c0e8
-  data.tar.gz: d6eaaf98f0f314deab15cc140c805f58cf6ffe93
+  metadata.gz: fe2ff13db62d348c38f0c5e092867906f34b4ea2
+  data.tar.gz: 86bdb03ea56d8c3f2e870dd26606eb7477829535
 SHA512:
-  metadata.gz: 93e3d0825153b345d1ec5e75396ae7fc9f27d892fcb72ab850feedfd939876c2c955411dcce2a72f0a161e9f53044344921671f57b9410aa5f55765268226fa2
-  data.tar.gz: e2a9019885ab475d82f05398ffad6919abb433429f98c12cfec95bb79943d4a66bc8be6cbaea6f88356c3d36a67631348475591f3c1edeea40d13e4568f84d76
+  metadata.gz: 73baef2c048146816a658c9a6dbac5bf9e28f3827a685ac246f41bef2f4ac7e75f902cad6e08a0be96b977d436d8bc4acec403f989ee8715712cc1a719016243
+  data.tar.gz: 01156426d89e2cff0ef734707b17bf92982dc98644f88cb0990061394390c7b0a1c591b78f7177e672aa67ebf342c49dd02ca82920a1d5b317615b261fd9d2a8

data/README.md CHANGED

@@ -81,6 +81,21 @@ You will need a copy of the file `.secret`. Place it at `~/.meroku/.secret`
     $ meroku infrastructure spawn
+### TODO
+    - Only latest stable ruby is supported at the moment
+    - Only latest stable rails is supported at the moment
+    - Only RAILS_ENV=procution is supported at the moment
+    - Only puma is supported at the moment
+    - Database
+    - User security / Lxc
+    - Nightly spawn
+    - respons time sanity check
+    - piper visual check
+    - some commodity apps
 ### To Run tests
     rake

data/frontend/app/models/app.rb CHANGED

@@ -4,11 +4,27 @@ class App < ApplicationRecord
   after_commit :make_folder, on: [:create]
   def make_folder
+    username = self.user.token
     Rails.logger.debug "DB8 app.rb:def self.make_folder called"
-    system(%Q[sudo -u git mkdir /home/git/#{self.name}.git])
-    system(%Q[sudo -u git sh -c "cd /home/git/#{self.name}.git; git --bare init"])
-    system(%Q[sudo -u git sh -c "echo '#!/bin/bash' >> /home/git/#{self.name}.git/hooks/post-receive"])
-    system(%Q[sudo -u git sh -c 'echo "echo abc123499999999999999999999999999999" >> /home/git/#{self.name}.git/hooks/post-receive'])
-    system(%Q[sudo -u git sh -c 'sudo chmod +x /home/git/#{self.name}.git/hooks/post-receive'])
+    system(%Q[sudo -u #{username} mkdir /home/#{username}/#{self.name}.git])
+    system(%Q[sudo -u #{username} mkdir /home/#{username}/#{self.name}])
+    system(%Q[sudo -u #{username} sh -c "cd /home/#{username}/#{self.name}.git; git --bare init"])
+    system(%Q[sudo -u #{username} sh -c "echo '#!/bin/bash
+set -x
+: Git hook is executing
+mkdir /home/#{username}/#{self.name}
+cd /home/#{username}/#{self.name}
+cp /sharedro/etc_nginx_sites-enabled_template /home/#{username}/#{self.name}.conf
+sed -i -e 's/REPLACEMEAPPNAME/#{self.name}/g' /home/#{username}/#{self.name}.conf
+sed -i -e 's/REPLACEMEUSERNAME/#{username}/g' /home/#{username}/#{self.name}.conf
+git --work-tree=/home/#{username}/#{self.name} --git-dir=/home/#{username}/#{self.name}.git checkout -f
+bundle install --path vendor/bundle
+RAILS_ENV=production bundle exec rake db:migrate
+RAILS_ENV=production bundle exec rake assets:precompile
+RAILS_ENV=production bundle exec puma -d -b unix:///home/#{username}/#{self.name}.sock
+' > /home/#{username}/#{self.name}.git/hooks/post-receive"])
+    system(%Q[sudo -u #{username} sh -c 'chmod u+x /home/#{username}/#{self.name}.git/hooks/post-receive'])
   end
 end

data/frontend/app/models/publickey.rb CHANGED

@@ -8,7 +8,7 @@ class Publickey < ApplicationRecord
     Rails.logger.debug "DB8 publickey.rb:def self.refresh called"
     if Publickey.all.size > 0
       File.write('/tmp/authorized_keys', Publickey.pluck(:data).join("\n") )
-      system("sudo -u git cp /tmp/authorized_keys /home/git/.ssh/authorized_keys")
+      system("sudo -u #{self.user.token} cp /tmp/authorized_keys /home/#{self.user.token}/.ssh/authorized_keys")
       File.delete('/tmp/authorized_keys')
     end
   end

data/frontend/app/models/user.rb CHANGED

@@ -5,8 +5,17 @@ class User < ApplicationRecord
          :recoverable, :rememberable, :trackable, :validatable
   has_many :publickeys
+  after_commit :make_user, on: [:create]
   before_save do
     self.token = SecureRandom.hex if !self.token
   end
+  def make_user
+    Rails.logger.debug "DB8 user.rb:.make_user() called"
+    system(%Q[sudo adduser --disabled-password  --gecos "" #{token}])
+    system(%Q[sudo -u #{token} mkdir /home/#{token}/.ssh/])
+    system(%Q[sudo -u #{token} touch /home/#{token}/.ssh/authorized_keys])
+  end
 end

data/frontend/{etc_nginx_sites-available_default → etc_nginx_sites-enabled_default} RENAMED

@@ -1,7 +1,7 @@
 upstream app {
     # Path to Puma SOCK file, as defined previously
-    #server unix:/tmp/sockets/puma.sock fail_timeout=0;
-    server 127.0.0.1:3000;
+    server unix:/tmp/meroku.sock fail_timeout=0;
+    #server 127.0.0.1:3000;
 }
 server {

data/frontend/etc_nginx_sites-enabled_template ADDED

@@ -0,0 +1,30 @@
+upstream REPLACEMEAPPNAME {
+    # Path to Puma SOCK file, as defined previously
+    server unix:/home/REPLACEMEUSERNAME/REPLACEMEAPPNAME.sock fail_timeout=0;
+}
+server {
+    listen 80;
+    listen 443 ssl;
+    server_name REPLACEMEAPPNAME.meroku.com;
+    #ssl on;
+    # ssl on; tells NGINX to server ANY content through SSL.
+    ssl_certificate /home/ubuntu/.meroku/letsencrypt_fullchain.pem;
+    ssl_certificate_key /home/ubuntu/.meroku/letsencrypt_privkey.pem;
+    root /home/REPLACEMEUSERNAME/REPLACEMEAPPNAME/public;
+    try_files $uri/index.html $uri @REPLACEMEAPPNAME;
+    location @REPLACEMEAPPNAME {
+        proxy_pass http://REPLACEMEAPPNAME;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_redirect off;
+    }
+    error_page 500 502 503 504 /500.html;
+    client_max_body_size 4G;
+    keepalive_timeout 10;
+}

data/lib/meroku/cli.rb CHANGED

@@ -19,28 +19,6 @@ module Meroku
       HEREDOC
     end
-    #def self.start(*args)
-    #  case args.join(" ")
-    #    when "infrastructure spawn"
-    #      load_secrets || exit
-    #      node = Meroku::Infrastructure::Node.new.associate_address.install_packages.install_frontend_app
-    #      puts "spawned #{node.instance.try(:instance_id)}"
-    #    when "infrastructure despawn"
-    #      load_secrets || exit
-    #      Meroku::Infrastructure.despawn
-    #    when "signup"
-    #      signup
-    #    when "keys:add"
-    #      token_check || exit
-    #      keys_add
-    #    when "create"
-    #      token_check || exit
-    #      create
-    #    else
-    #      puts HELP
-    #  end
-    #end
     def signup
       print "Email: "
@@ -51,7 +29,7 @@ module Meroku
       url = "https://www.meroku.com/users.json"
       response_json = RestClient.post url, {:user=>{:email => email, :password => password, :password_confirmation => password}}.to_json, timeout: 1, :content_type => :json, :accept => :json
       if JSON.parse(response_json)["errors"] && JSON.parse(response_json)["errors"].size > 0
-        puts JSON.parse(response_json)["errors"].map{|x| x["detail"]}.join(".")
+        puts "error: #{JSON.parse(response_json)["errors"].map{|x| x["detail"]}.join(".")}"
       else
         email = JSON.parse(response_json)["data"]["attributes"]["email"]
         token = JSON.parse(response_json)["data"]["attributes"]["token"]
@@ -75,7 +53,7 @@ module Meroku
       response_json = RestClient.post url, {:publickey=>{:name => name, :data=>data}, :token=>session.token}.to_json, timeout: 1, :content_type => :json, :accept => :json
       if JSON.parse(response_json)["errors"] && JSON.parse(response_json)["errors"].size > 0
-        puts JSON.parse(response_json)["errors"].map{|x| x["detail"]}.join(".")
+        puts "error: #{JSON.parse(response_json)["errors"].map{|x| x["detail"]}.join(".")}"
       else
         name = JSON.parse(response_json)["data"]["attributes"]["name"]
         puts "Added #{name}"
@@ -93,9 +71,9 @@ module Meroku
         name = JSON.parse(response_json)["data"]["attributes"]["name"]
         puts "Created #{name}, adding git remote"
         puts "git remote remove meroku"
-        `git remote remove meroku`
-        puts "git remote add meroku git@www.meroku.com:#{name}.git"
-        `git remote add meroku git@www.meroku.com:#{name}.git`
+        `git remote remove meroku 2>/dev/null`
+        puts "git remote add meroku #{token}@www.meroku.com:#{name}.git"
+        `git remote add meroku #{token}@www.meroku.com:#{name}.git`
       end
     end
@@ -121,29 +99,6 @@ module Meroku
       Dotenv.load(env_file)
     end
-    #def self.keys_add
-    #  if !File.exist? "#{Dir.home}/.ssh/id_rsa.pub"
-    #    puts "error: File #{Dir.home}/.ssh/id_rsa.pub not found"
-    #    puts "You can use this command to generate a key:"
-    #    puts "    ssh-keygen -t rsa"
-    #    return nil
-    #  end
-    #  name = "id_rsa.pub"
-    #  data = `cat ~/.ssh/id_rsa.pub`.chomp
-    #  url = "https://www.meroku.com/publickeys.json"
-    #  token = `cat ~/.meroku/.token`.chomp
-    #  response_json = RestClient.post url, {:publickey=>{:name => name, :data=>data}, :token=>token}.to_json, timeout: 1, :content_type => :json, :accept => :json
-    #
-    #  if JSON.parse(response_json)["errors"] && JSON.parse(response_json)["errors"].size > 0
-    #    puts JSON.parse(response_json)["errors"].map{|x| x["detail"]}.join(".")
-    #  else
-    #    name = JSON.parse(response_json)["data"]["attributes"]["name"]
-    #    puts "Added #{name}"
-    #  end
-    #end
   end

data/lib/meroku/infrastructure/node.rb CHANGED

@@ -56,36 +56,45 @@ module Meroku
         @tunnel.run "curl -s -o /tmp/modified-cedar-14.sh https://raw.githubusercontent.com/oystersauce8/meroku/master/modified-cedar-14.sh"
         @tunnel.run "sudo chmod 755 /tmp/modified-cedar-14.sh"
         @tunnel.run "/bin/bash -lc 'sudo /tmp/modified-cedar-14.sh'"
-        #@tunnel.run "sudo apt-get update\;"
         @tunnel.run "sudo apt-get install -y ruby2.4 ruby2.4-dev"
         @tunnel.run "sudo apt-get install -y nginx libsqlite3-dev nodejs"
         self
       end
       def tweak_configuration
-        @tunnel.run 'sudo adduser --disabled-password --gecos "" git'
-        @tunnel.run 'sudo -u git mkdir /home/git/.ssh/'
-        @tunnel.run 'sudo -u git touch /home/git/.ssh/authorized_keys'
+        #@tunnel.run 'sudo adduser --disabled-password --shell /usr/bin/git-shell --gecos "" git'
+        #@tunnel.run 'sudo -u git mkdir /home/git/.ssh/'
+        #@tunnel.run 'sudo -u git touch /home/git/.ssh/authorized_keys'
+        @tunnel.run 'sudo mkdir /sharedro && sudo chmod 777 /sharedro'
       end
       def install_frontend_app
         @tunnel.run 'mkdir /home/ubuntu/.meroku'
         @tunnel.run "cd ~\; git clone https://github.com/oystersauce8/meroku\;"
-        @tunnel.run "sudo cp ~/meroku/frontend/etc_nginx_sites-available_default /etc/nginx/sites-available/default"
+        @tunnel.run "sudo rm -f /etc/nginx/sites-enabled/*"
+        @tunnel.run "sudo cp ~/meroku/frontend/etc_nginx_sites-enabled_default /etc/nginx/sites-enabled/default"
+        @tunnel.run 'sudo cp /home/ubuntu/meroku/frontend/etc_nginx_sites-enabled_template /sharedro'
+        @tunnel.run 'sudo chmod a+r /sharedro/etc_nginx_sites-enabled_template'
         @tunnel.run "curl -o /home/ubuntu/.meroku/letsencrypt_fullchain.pem http://www.sam-we.com/dropbox/meroku-#{ENV['SECRET']}/letsencrypt_fullchain.pem"
         @tunnel.run "curl -o /home/ubuntu/.meroku/letsencrypt_privkey.pem http://www.sam-we.com/dropbox/meroku-#{ENV['SECRET']}/letsencrypt_privkey.pem"
-        @tunnel.run "cd ~/.meroku/\; curl -O http://www.sam-we.com/dropbox/meroku-#{ENV['SECRET']}/ssh_host_keys.tgz"
-        #@tunnel.run "cd ~/.meroku/\; sudo tar xf ssh_host_keys.tgz -C /etc/ssh/ --overwrite"
         @tunnel.run "cd ~/meroku/frontend/\; sudo gem install bundler\; bundle\;"
         @tunnel.run "(cd ~/meroku/frontend && RAILS_ENV=production bundle exec rails assets:precompile)"
         @tunnel.run "(cd ~/meroku/frontend && RAILS_ENV=production bundle exec rake db:migrate)"
-        @tunnel.run "cd ~/meroku/frontend/\; bundle exec puma -d"
+        @tunnel.run "cd ~/meroku/frontend/\; bundle exec puma -d -b unix:///tmp/meroku.sock"
         @tunnel.run "sudo service nginx restart"
-        @tunnel.run "sudo service ssh restart"
+        @tunnel.run %Q[sudo sh -c 'echo "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIPWJQU+TkDu9uyVzHQcVnKklRhQvIBdXHkA/7zAQG8XuoAoGCCqGSM49\nAwEHoUQDQgAEI1lm18nECH4jH+6p80jhn8WgZRDOC1ufVVtoPUnUgEvslfV3xzWl\nDXZKof765EiCOYyt2TZ7pKClMexhHWhMtA==\n-----END EC PRIVATE KEY-----" > /etc/ssh/ssh_host_ecdsa_key']
+        @tunnel.run %Q[sudo sh -c 'echo "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCNZZtfJxAh+Ix/uqfNI4Z/FoGUQzgtbn1VbaD1J1IBL7JX1d8c1pQ12SqH++uRIgjmMrdk2e6SgpTHsYR1oTLQ= root@ip-172-31-64-77" > /etc/ssh/ssh_host_ecdsa_key.pub']
+        #@tunnel.run "cd ~/.meroku/\; curl -O http://www.sam-we.com/dropbox/meroku-#{ENV['SECRET']}/ssh_host_keys.tgz"
+        #@tunnel.run "cd ~/.meroku/\; sudo tar xf ssh_host_keys.tgz -C /etc/ssh/ --overwrite && sudo service ssh restart"
         self
+      rescue
+        byebug
       end
     end

data/lib/meroku/tunnel.rb CHANGED

@@ -14,6 +14,7 @@ module Meroku
     def run(cmd)
       @verbose=true
       retries ||= 0
+      exit_code=nil
       Net::SSH.start(@ip,
                      @username,
                      password: 'password',
@@ -21,7 +22,7 @@ module Meroku
                      verify_host_key: @verify_host_key,
                      timeout: 90) do |ssh|
         channel = ssh.open_channel do |ch|
-          STDERR.print cmd
+          STDERR.print "#{cmd}\n"
           ch.exec cmd do |ch, success|
             raise "could not execute command" unless success
             ch.on_data do |c, data|
@@ -38,11 +39,16 @@ module Meroku
                 $stderr.print "."
               end
             end
+            ch.on_request("exit-status") do |ch, data|
+              exit_code = data.read_long
+            end
             ch.on_close { print "\n" }
           end
         end
         channel.wait
       end
+      fail "Ssh command returned non-zero" if status != 0
     rescue Errno::ECONNREFUSED => e
       retry if (retries += 1) < 10
     end

data/lib/meroku/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Meroku
-  VERSION = "2.0.7"
+  VERSION = "2.0.8"
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: meroku
 version: !ruby/object:Gem::Version
-  version: 2.0.7
+  version: 2.0.8
 platform: ruby
 authors:
 - Sam Weerasinghe
@@ -363,7 +363,8 @@ files:
 - frontend/db/migrate/20171026071440_create_publickeys.rb
 - frontend/db/schema.rb
 - frontend/db/seeds.rb
-- frontend/etc_nginx_sites-available_default
+- frontend/etc_nginx_sites-enabled_default
+- frontend/etc_nginx_sites-enabled_template
 - frontend/lib/assets/.keep
 - frontend/lib/tasks/.keep
 - frontend/log/.keep