orats 0.3.2 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -1
- data/README.md +55 -80
- data/lib/orats/cli.rb +11 -11
- data/lib/orats/command.rb +20 -10
- data/lib/orats/shell.rb +91 -22
- data/lib/orats/templates/auth.rb +2 -2
- data/lib/orats/templates/base.rb +31 -12
- data/lib/orats/templates/includes/Gemfile +21 -20
- data/lib/orats/templates/includes/inventory/group_vars/all.yml +95 -0
- data/lib/orats/templates/includes/inventory/hosts +8 -0
- data/lib/orats/templates/includes/secrets/sslcert.crt +21 -0
- data/lib/orats/templates/includes/secrets/sslkey.key +28 -0
- data/lib/orats/templates/play.rb +172 -0
- data/lib/orats/version.rb +1 -1
- data/orats.gemspec +1 -1
- data/test/integration/cli_test.rb +12 -26
- metadata +10 -6
- data/lib/orats/templates/cook.rb +0 -632
data/lib/orats/version.rb
CHANGED
data/orats.gemspec
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
require_relative '../test_helper'
|
2
2
|
|
3
|
-
class TestCLI < Minitest::
|
3
|
+
class TestCLI < Minitest::Test
|
4
4
|
include Orats::Test
|
5
5
|
|
6
6
|
def test_new_app
|
@@ -10,10 +10,10 @@ class TestCLI < Minitest::Unit::TestCase
|
|
10
10
|
orats "new #{app_name}", flags: ORATS_FLAGS
|
11
11
|
end
|
12
12
|
|
13
|
-
assert_match /
|
13
|
+
assert_match /Start your server/, out
|
14
14
|
|
15
|
-
assert_path_exists "#{TEST_PATH}/#{app_name}/
|
16
|
-
assert_path_exists "#{TEST_PATH}/#{app_name}/
|
15
|
+
assert_path_exists "#{TEST_PATH}/#{app_name}/inventory"
|
16
|
+
assert_path_exists "#{TEST_PATH}/#{app_name}/secrets"
|
17
17
|
|
18
18
|
assert_nuked app_name
|
19
19
|
end
|
@@ -26,9 +26,10 @@ class TestCLI < Minitest::Unit::TestCase
|
|
26
26
|
orats "new #{app_name}", flags: "--auth #{ORATS_FLAGS}"
|
27
27
|
end
|
28
28
|
|
29
|
-
assert_match /
|
29
|
+
assert_match /Start your server/, out
|
30
30
|
|
31
|
-
assert_path_exists "#{TEST_PATH}/#{app_name}/
|
31
|
+
assert_path_exists "#{TEST_PATH}/#{app_name}/inventory"
|
32
|
+
assert_path_exists "#{TEST_PATH}/#{app_name}/secrets"
|
32
33
|
assert_path_exists "#{TEST_PATH}/#{app_name}/services/#{app_name}"
|
33
34
|
|
34
35
|
assert_in_file gemfile_path, /devise/
|
@@ -38,19 +39,6 @@ class TestCLI < Minitest::Unit::TestCase
|
|
38
39
|
assert_nuked app_name
|
39
40
|
end
|
40
41
|
|
41
|
-
def test_new_app_without_cookbook
|
42
|
-
app_name = generate_app_name
|
43
|
-
|
44
|
-
out, err = capture_subprocess_io do
|
45
|
-
orats "new #{app_name}", flags: "--skip-cook #{ORATS_FLAGS}"
|
46
|
-
end
|
47
|
-
|
48
|
-
refute_path_exists "#{TEST_PATH}/#{app_name}/cookbooks/#{app_name}"
|
49
|
-
assert_path_exists "#{TEST_PATH}/#{app_name}/services/#{app_name}"
|
50
|
-
|
51
|
-
assert_nuked app_name
|
52
|
-
end
|
53
|
-
|
54
42
|
def test_new_app_without_extras
|
55
43
|
app_name = generate_app_name
|
56
44
|
|
@@ -58,22 +46,23 @@ class TestCLI < Minitest::Unit::TestCase
|
|
58
46
|
orats "new #{app_name}", flags: "--skip-extras #{ORATS_FLAGS}"
|
59
47
|
end
|
60
48
|
|
61
|
-
refute_path_exists "#{TEST_PATH}/#{app_name}/
|
49
|
+
refute_path_exists "#{TEST_PATH}/#{app_name}/inventory"
|
50
|
+
refute_path_exists "#{TEST_PATH}/#{app_name}/secrets"
|
62
51
|
refute_path_exists "#{TEST_PATH}/#{app_name}/services/#{app_name}"
|
63
52
|
assert_path_exists "#{TEST_PATH}/#{app_name}"
|
64
53
|
|
65
54
|
assert_nuked app_name
|
66
55
|
end
|
67
56
|
|
68
|
-
def
|
57
|
+
def test_play
|
69
58
|
app_name = generate_app_name
|
70
59
|
|
71
60
|
out, err = capture_subprocess_io do
|
72
|
-
orats "
|
61
|
+
orats "play #{app_name}"
|
73
62
|
end
|
74
63
|
|
75
64
|
assert_match /success/, out
|
76
|
-
assert_nuked app_name
|
65
|
+
assert_nuked app_name
|
77
66
|
end
|
78
67
|
|
79
68
|
def test_version
|
@@ -125,9 +114,6 @@ class TestCLI < Minitest::Unit::TestCase
|
|
125
114
|
puma = pid_lines[0].split(' ').last
|
126
115
|
sidekiq = pid_lines[1].split(' ').last
|
127
116
|
|
128
|
-
puts "puma pid #{puma}"
|
129
|
-
puts "sidekiq pid #{sidekiq}"
|
130
|
-
|
131
117
|
system "kill -9 #{puma} && kill -9 #{sidekiq}"
|
132
118
|
end
|
133
119
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: orats
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nick Janetakis
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-05-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -58,14 +58,14 @@ dependencies:
|
|
58
58
|
requirements:
|
59
59
|
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: '
|
61
|
+
version: '5.3'
|
62
62
|
type: :development
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: '
|
68
|
+
version: '5.3'
|
69
69
|
description: A collection of rails application templates using modern versions of
|
70
70
|
Ruby on Rails. Launch new applications and the infrastructure to run them in seconds.
|
71
71
|
email:
|
@@ -89,8 +89,12 @@ files:
|
|
89
89
|
- lib/orats/shell.rb
|
90
90
|
- lib/orats/templates/auth.rb
|
91
91
|
- lib/orats/templates/base.rb
|
92
|
-
- lib/orats/templates/cook.rb
|
93
92
|
- lib/orats/templates/includes/Gemfile
|
93
|
+
- lib/orats/templates/includes/inventory/group_vars/all.yml
|
94
|
+
- lib/orats/templates/includes/inventory/hosts
|
95
|
+
- lib/orats/templates/includes/secrets/sslcert.crt
|
96
|
+
- lib/orats/templates/includes/secrets/sslkey.key
|
97
|
+
- lib/orats/templates/play.rb
|
94
98
|
- lib/orats/version.rb
|
95
99
|
- orats.gemspec
|
96
100
|
- test/integration/cli_test.rb
|
@@ -115,7 +119,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
115
119
|
version: '0'
|
116
120
|
requirements: []
|
117
121
|
rubyforge_project:
|
118
|
-
rubygems_version: 2.2.
|
122
|
+
rubygems_version: 2.2.2
|
119
123
|
signing_key:
|
120
124
|
specification_version: 4
|
121
125
|
summary: Opinionated rails application templates.
|
data/lib/orats/templates/cook.rb
DELETED
@@ -1,632 +0,0 @@
|
|
1
|
-
# =====================================================================================================
|
2
|
-
# Template for generating a chef cookbook
|
3
|
-
# =====================================================================================================
|
4
|
-
|
5
|
-
# ----- Helper functions and variables ----------------------------------------------------------------
|
6
|
-
|
7
|
-
require 'securerandom'
|
8
|
-
|
9
|
-
def generate_token
|
10
|
-
SecureRandom.hex(64)
|
11
|
-
end
|
12
|
-
|
13
|
-
def git_config(field)
|
14
|
-
command = "git config --global user.#{field}"
|
15
|
-
git_field_value = run(command, capture: true).gsub("\n", '')
|
16
|
-
default_value = "YOUR_#{field.upcase}"
|
17
|
-
|
18
|
-
git_field_value.to_s.empty? ? default_value : git_field_value
|
19
|
-
end
|
20
|
-
|
21
|
-
app_name_upper = app_name.upcase
|
22
|
-
app_name_class = app_name.humanize
|
23
|
-
|
24
|
-
author_name = git_config 'name'
|
25
|
-
author_email = git_config 'email'
|
26
|
-
|
27
|
-
# ----- Nuke all of the rails code --------------------------------------------------------------------
|
28
|
-
|
29
|
-
puts
|
30
|
-
say_status 'shell', 'Removing all of the generated rails code...', :yellow
|
31
|
-
puts '-'*80, ''; sleep 0.25
|
32
|
-
|
33
|
-
run 'rm -rf * .git .gitignore'
|
34
|
-
|
35
|
-
# ----- Install berkshelf -----------------------------------------------------------------------------
|
36
|
-
|
37
|
-
puts
|
38
|
-
say_status 'tool', 'Gem installing berkshelf, this may take a while...', :yellow
|
39
|
-
puts '-'*80, ''; sleep 0.25
|
40
|
-
|
41
|
-
run 'gem install berkshelf'
|
42
|
-
|
43
|
-
# ----- Create cookbook -------------------------------------------------------------------------------
|
44
|
-
|
45
|
-
puts
|
46
|
-
say_status 'init', 'Creating skeleton cookbook...', :yellow
|
47
|
-
puts '-'*80, ''; sleep 0.25
|
48
|
-
|
49
|
-
run "berks cookbook #{app_name}"
|
50
|
-
|
51
|
-
# ----- Move cookbook back one directory --------------------------------------------------------------
|
52
|
-
|
53
|
-
puts
|
54
|
-
say_status 'shell', 'Moving cookbook back one directory...', :yellow
|
55
|
-
puts '-'*80, ''; sleep 0.25
|
56
|
-
|
57
|
-
run "mv #{app_name}/* ."
|
58
|
-
run "rm -rf #{app_name}"
|
59
|
-
|
60
|
-
# ----- Create the git repo ---------------------------------------------------------------------------
|
61
|
-
|
62
|
-
puts
|
63
|
-
say_status 'git', 'Creating initial commit...', :yellow
|
64
|
-
puts '-'*80, ''; sleep 0.25
|
65
|
-
|
66
|
-
git :init
|
67
|
-
git add: '.'
|
68
|
-
git commit: "-m 'Initial commit'"
|
69
|
-
|
70
|
-
# ----- Create the license ----------------------------------------------------------------------------
|
71
|
-
|
72
|
-
puts
|
73
|
-
say_status 'root', 'Creating the license', :yellow
|
74
|
-
puts '-'*80, ''; sleep 0.25
|
75
|
-
|
76
|
-
run 'rm -rf LICENSE'
|
77
|
-
|
78
|
-
file 'LICENSE' do <<-TEXT
|
79
|
-
The MIT License (MIT)
|
80
|
-
|
81
|
-
Copyright (c) #{Time.now.year} #{author_name} <#{author_email}>
|
82
|
-
|
83
|
-
Permission is hereby granted, free of charge, to any person obtaining
|
84
|
-
a copy of this software and associated documentation files (the
|
85
|
-
'Software'), to deal in the Software without restriction, including
|
86
|
-
without limitation the rights to use, copy, modify, merge, publish,
|
87
|
-
distribute, sublicense, and/or sell copies of the Software, and to
|
88
|
-
permit persons to whom the Software is furnished to do so, subject to
|
89
|
-
the following conditions:
|
90
|
-
|
91
|
-
The above copyright notice and this permission notice shall be
|
92
|
-
included in all copies or substantial portions of the Software.
|
93
|
-
|
94
|
-
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
|
95
|
-
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
96
|
-
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
97
|
-
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
98
|
-
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
99
|
-
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
100
|
-
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
101
|
-
TEXT
|
102
|
-
end
|
103
|
-
|
104
|
-
git add: '.'
|
105
|
-
git commit: "-m 'Add MIT license'"
|
106
|
-
|
107
|
-
# ----- Customize meta data ---------------------------------------------------------------------------
|
108
|
-
|
109
|
-
puts
|
110
|
-
say_status 'root', 'Changing metadata file', :yellow
|
111
|
-
puts '-'*80, ''; sleep 0.25
|
112
|
-
|
113
|
-
puts author_name
|
114
|
-
puts author_email
|
115
|
-
|
116
|
-
gsub_file 'metadata.rb', 'YOUR_NAME', author_name
|
117
|
-
gsub_file 'metadata.rb', 'YOUR_EMAIL', author_email
|
118
|
-
gsub_file 'metadata.rb', 'All rights reserved', 'MIT LICENSE'
|
119
|
-
|
120
|
-
git add: '.'
|
121
|
-
git commit: "-m 'Change meta data in the metadata.rb file'"
|
122
|
-
|
123
|
-
# ----- Add application dependencies ------------------------------------------------------------------
|
124
|
-
|
125
|
-
puts
|
126
|
-
say_status 'root', 'Adding application dependencies...', :yellow
|
127
|
-
puts '-'*80, ''; sleep 0.25
|
128
|
-
|
129
|
-
append_file 'Berksfile' do <<-CODE
|
130
|
-
cookbook 'postgresql', git: 'git://github.com/phlipper/chef-postgresql.git'
|
131
|
-
cookbook 'rvm', git: 'git://github.com/fnichol/chef-rvm'
|
132
|
-
CODE
|
133
|
-
end
|
134
|
-
|
135
|
-
git add: '.'
|
136
|
-
git commit: "-m 'Add dependencies to the Berksfile'"
|
137
|
-
|
138
|
-
append_file 'metadata.rb' do <<-CODE
|
139
|
-
# base
|
140
|
-
depends 'openssh', '~> 1.3.2'
|
141
|
-
depends 'user', '~> 0.3.0'
|
142
|
-
depends 'sudo', '~> 2.3.0'
|
143
|
-
depends 'fail2ban', '~> 2.1.2'
|
144
|
-
depends 'ufw', '~> 0.7.4'
|
145
|
-
depends 'swap', '~> 0.3.6'
|
146
|
-
|
147
|
-
# database
|
148
|
-
depends 'postgresql', '~> 0.13.0'
|
149
|
-
|
150
|
-
# cache
|
151
|
-
depends 'redisio', '~> 1.7.0'
|
152
|
-
|
153
|
-
# web
|
154
|
-
depends 'git', '~> 2.9.0'
|
155
|
-
depends 'rvm', '~> 0.9.1'
|
156
|
-
depends 'nodejs', '~> 1.3.0'
|
157
|
-
depends 'nginx', '~> 2.2.0'
|
158
|
-
depends 'logrotate', '~> 1.4.0'
|
159
|
-
CODE
|
160
|
-
end
|
161
|
-
|
162
|
-
git add: '.'
|
163
|
-
git commit: "-m 'Add dependencies to the metadata file'"
|
164
|
-
|
165
|
-
# ----- Install cookbooks locally ---------------------------------------------------------------------
|
166
|
-
|
167
|
-
puts
|
168
|
-
say_status 'tool', 'Berks installing the cookbooks, this may take a while...', :yellow
|
169
|
-
puts '-'*80, ''; sleep 0.25
|
170
|
-
|
171
|
-
run 'berks install'
|
172
|
-
|
173
|
-
git add: '.'
|
174
|
-
git commit: "-m 'Change meta data in the metadata.rb file'"
|
175
|
-
|
176
|
-
# ----- Configure attributes file ---------------------------------------------------------------------
|
177
|
-
|
178
|
-
puts
|
179
|
-
say_status 'attr', 'Modifying the attributes file...', :yellow
|
180
|
-
puts '-'*80, ''; sleep 0.25
|
181
|
-
|
182
|
-
random_ssh_port = rand(11000..55000)
|
183
|
-
random_username = SecureRandom.hex[0...8]
|
184
|
-
|
185
|
-
file 'attributes/default.rb' do <<-CODE
|
186
|
-
default[:#{app_name}][:base][:ssh_port] = '#{random_ssh_port}'
|
187
|
-
default[:#{app_name}][:base][:username] = '#{random_username}'
|
188
|
-
default[:#{app_name}][:base][:swap_size] = 1024 # MBs
|
189
|
-
default[:#{app_name}][:base][:ssh_key] = 'INSERT_YOUR_PUBLIC_SSH_KEY_HERE'
|
190
|
-
|
191
|
-
default[:#{app_name}][:database][:host] = 'localhost'
|
192
|
-
default[:#{app_name}][:database][:pool] = '25'
|
193
|
-
default[:#{app_name}][:database][:timeout] = '5000'
|
194
|
-
|
195
|
-
default[:#{app_name}][:cache][:host] = 'localhost'
|
196
|
-
default[:#{app_name}][:cache][:port] = '6379'
|
197
|
-
default[:#{app_name}][:cache][:database] = '0'
|
198
|
-
default[:#{app_name}][:cache][:sidekiq_concurrency] = '25'
|
199
|
-
|
200
|
-
default[:#{app_name}][:web][:ruby_version] = '2.1.0'
|
201
|
-
default[:#{app_name}][:web][:puma_threads_min] = '0'
|
202
|
-
default[:#{app_name}][:web][:puma_threads_max] = '16'
|
203
|
-
default[:#{app_name}][:web][:puma_workers] = '2'
|
204
|
-
default[:#{app_name}][:web][:mail_address] = 'smtp.#{app_name}.com'
|
205
|
-
default[:#{app_name}][:web][:mail_port] = '25'
|
206
|
-
default[:#{app_name}][:web][:mail_domain] = '#{app_name}.com'
|
207
|
-
default[:#{app_name}][:web][:mail_username] = 'info@#{app_name}.com'
|
208
|
-
default[:#{app_name}][:web][:mail_auth] = 'plain'
|
209
|
-
default[:#{app_name}][:web][:mail_startttls_auto] = 'true'
|
210
|
-
default[:#{app_name}][:web][:action_mailer_host] = 'www.#{app_name}.com'
|
211
|
-
default[:#{app_name}][:web][:action_mailer_default_email] = 'info@#{app_name}.com'
|
212
|
-
default[:#{app_name}][:web][:action_mailer_devise_default_email] = 'info@#{app_name}.com'
|
213
|
-
CODE
|
214
|
-
end
|
215
|
-
|
216
|
-
git add: '.'
|
217
|
-
git commit: "-m 'Add tweakable settings to the attributes file'"
|
218
|
-
|
219
|
-
# ----- Create dummy data for the encrypted data bag --------------------------------------------------
|
220
|
-
|
221
|
-
puts
|
222
|
-
say_status 'data_bags', 'Creating dummy encrypted data bag...', :yellow
|
223
|
-
puts '-'*80, ''; sleep 0.25
|
224
|
-
|
225
|
-
data_bag_path = "data_bags/#{app_name}_secrets"
|
226
|
-
|
227
|
-
run "mkdir -p #{data_bag_path}"
|
228
|
-
|
229
|
-
file "#{data_bag_path}/production.json" do <<-JSON
|
230
|
-
{
|
231
|
-
"id": "production",
|
232
|
-
"database_password": "<real password is protected>",
|
233
|
-
"cache_password": "<real password is protected>",
|
234
|
-
"mail_password": "<real password is protected>",
|
235
|
-
"token_rails_secret": "<real token is protected>",
|
236
|
-
"token_devise_secret": "<real token is protected>",
|
237
|
-
"token_devise_pepper": "<real token is protected>"
|
238
|
-
}
|
239
|
-
JSON
|
240
|
-
end
|
241
|
-
|
242
|
-
git add: '.'
|
243
|
-
git commit: "-m 'Add the dummy data bag as a point of reference'"
|
244
|
-
|
245
|
-
# ----- Create nginx config ---------------------------------------------------------------------------
|
246
|
-
|
247
|
-
puts
|
248
|
-
say_status 'files', 'Creating nginx config...', :yellow
|
249
|
-
puts '-'*80, ''; sleep 0.25
|
250
|
-
|
251
|
-
file "files/default/nginx_virtualhost.conf" do <<-CONF
|
252
|
-
upstream #{app_name} {
|
253
|
-
server unix:///tmp/#{app_name}.sock;
|
254
|
-
}
|
255
|
-
|
256
|
-
# redirect non-www to www (remove this block if you do not want to do this)
|
257
|
-
server {
|
258
|
-
listen 80;
|
259
|
-
server_name #{app_name}.com;
|
260
|
-
return 301 $scheme://www.#{app_name}.com$request_uri;
|
261
|
-
}
|
262
|
-
|
263
|
-
server {
|
264
|
-
listen 80;
|
265
|
-
server_name www.#{app_name}.com;
|
266
|
-
root /home/#{random_username}/www/#{app_name}/current/public;
|
267
|
-
|
268
|
-
error_page 404 /404.html;
|
269
|
-
error_page 500 /500.html;
|
270
|
-
error_page 502 503 504 /502.html;
|
271
|
-
|
272
|
-
location ~ ^/(system|assets)/ {
|
273
|
-
root /home/#{random_username}/www/#{app_name}/current/public;
|
274
|
-
gzip_static on;
|
275
|
-
expires 1y;
|
276
|
-
add_header Cache-Control public;
|
277
|
-
add_header ETag "";
|
278
|
-
break;
|
279
|
-
}
|
280
|
-
|
281
|
-
try_files $uri @puma;
|
282
|
-
|
283
|
-
location @puma {
|
284
|
-
proxy_set_header X-Real-IP $remote_addr;
|
285
|
-
proxy_set_header X-Forwarded-Proto http;
|
286
|
-
proxy_set_header Host $http_host;
|
287
|
-
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
288
|
-
proxy_redirect off;
|
289
|
-
|
290
|
-
proxy_pass http://#{app_name};
|
291
|
-
break;
|
292
|
-
}
|
293
|
-
}
|
294
|
-
CONF
|
295
|
-
end
|
296
|
-
|
297
|
-
git add: '.'
|
298
|
-
git commit: "-m 'Add the nginx virtualhost config'"
|
299
|
-
|
300
|
-
# ----- Create system wide profile -------------------------------------------------------------------------
|
301
|
-
|
302
|
-
puts
|
303
|
-
say_status 'templates', 'Creating system wide profile config', :yellow
|
304
|
-
puts '-'*80, ''; sleep 0.25
|
305
|
-
|
306
|
-
file 'templates/default/profile.erb' do <<-CONF
|
307
|
-
# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
|
308
|
-
# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
|
309
|
-
|
310
|
-
if [ "$PS1" ]; then
|
311
|
-
if [ "$BASH" ] && [ "$BASH" != "/bin/sh" ]; then
|
312
|
-
# The file bash.bashrc already sets the default PS1.
|
313
|
-
# PS1='\h:\w\$ '
|
314
|
-
if [ -f /etc/bash.bashrc ]; then
|
315
|
-
. /etc/bash.bashrc
|
316
|
-
fi
|
317
|
-
else
|
318
|
-
if [ "`id -u`" -eq 0 ]; then
|
319
|
-
PS1='# '
|
320
|
-
else
|
321
|
-
PS1='$ '
|
322
|
-
fi
|
323
|
-
fi
|
324
|
-
fi
|
325
|
-
|
326
|
-
# The default umask is now handled by pam_umask.
|
327
|
-
# See pam_umask(8) and /etc/login.defs.
|
328
|
-
|
329
|
-
if [ -d /etc/profile.d ]; then
|
330
|
-
for i in /etc/profile.d/*.sh; do
|
331
|
-
if [ -r $i ]; then
|
332
|
-
. $i
|
333
|
-
fi
|
334
|
-
done
|
335
|
-
unset i
|
336
|
-
fi
|
337
|
-
|
338
|
-
export <%= @cookbook_name.upcase %>_TOKEN_RAILS_SECRET='<%= @token_rails_secret %>'
|
339
|
-
export <%= @cookbook_name.upcase %>_TOKEN_DEVISE_SECRET='<%= @token_devise_secret %>'
|
340
|
-
export <%= @cookbook_name.upcase %>_TOKEN_DEVISE_PEPPER='<%= @token_devise_pepper %>'
|
341
|
-
|
342
|
-
export <%= @cookbook_name.upcase %>_SMTP_ADDRESS='<%= node[:#{app_name}][:web][:mail_address] %>'
|
343
|
-
export <%= @cookbook_name.upcase %>_SMTP_PORT='<%= node[:#{app_name}][:web][:mail_port] %>'
|
344
|
-
export <%= @cookbook_name.upcase %>_SMTP_DOMAIN='<%= node[:#{app_name}][:web][:mail_domain] %>'
|
345
|
-
export <%= @cookbook_name.upcase %>_SMTP_USERNAME='<%= node[:#{app_name}][:web][:mail_username] %>'
|
346
|
-
export <%= @cookbook_name.upcase %>_SMTP_PASSWORD='<%= @mail_password %>'
|
347
|
-
export <%= @cookbook_name.upcase %>_SMTP_AUTH='<%= node[:#{app_name}][:web][:mail_auth] %>'
|
348
|
-
export <%= @cookbook_name.upcase %>_SMTP_STARTTTLS_AUTO='<%= node[:#{app_name}][:web][:mail_startttls_auto] %>'
|
349
|
-
|
350
|
-
export <%= @cookbook_name.upcase %>_ACTION_MAILER_HOST='<%= node[:#{app_name}][:web][:action_mailer_host] %>'
|
351
|
-
export <%= @cookbook_name.upcase %>_ACTION_MAILER_DEFAULT_EMAIL='<%= node[:#{app_name}][:web][:action_mailer_default_email] %>'
|
352
|
-
export <%= @cookbook_name.upcase %>_ACTION_MAILER_DEVISE_DEFAULT_EMAIL='<%= node[:#{app_name}][:web][:action_mailer_devise_default_email] %>'
|
353
|
-
|
354
|
-
export <%= @cookbook_name.upcase %>_DATABASE_HOST='<%= node[:#{app_name}][:database][:host] %>'
|
355
|
-
export <%= @cookbook_name.upcase %>_DATABASE_NAME='<%= @cookbook_name.downcase %>'
|
356
|
-
export <%= @cookbook_name.upcase %>_DATABASE_USERNAME='postgres'
|
357
|
-
export <%= @cookbook_name.upcase %>_DATABASE_PASSWORD='<%= @database_password %>'
|
358
|
-
export <%= @cookbook_name.upcase %>_DATABASE_POOL='<%= node[:#{app_name}][:database][:pool] %>'
|
359
|
-
export <%= @cookbook_name.upcase %>_DATABASE_TIMEOUT='<%= node[:#{app_name}][:database][:timeout] %>'
|
360
|
-
|
361
|
-
export <%= @cookbook_name.upcase %>_CACHE_HOST='<%= node[:#{app_name}][:cache][:host] %>'
|
362
|
-
export <%= @cookbook_name.upcase %>_CACHE_DATABASE='<%= node[:#{app_name}][:cache][:database] %>'
|
363
|
-
export <%= @cookbook_name.upcase %>_CACHE_USERNAME='redis'
|
364
|
-
export <%= @cookbook_name.upcase %>_CACHE_PASSWORD='<%= @cache_password %>'
|
365
|
-
|
366
|
-
export <%= @cookbook_name.upcase %>_SIDEKIQ_CONCURRENCY='<%= node[:#{app_name}][:cache][:sidekiq_concurrency] %>'
|
367
|
-
|
368
|
-
export <%= @cookbook_name.upcase %>_PUMA_THREADS_MIN='<%= node[:#{app_name}][:web][:puma_threads_min] %>'
|
369
|
-
export <%= @cookbook_name.upcase %>_PUMA_THREADS_MAX='<%= node[:#{app_name}][:web][:puma_threads_max] %>'
|
370
|
-
export <%= @cookbook_name.upcase %>_PUMA_WORKERS='<%= node[:#{app_name}][:web][:puma_workers] %>'
|
371
|
-
CONF
|
372
|
-
end
|
373
|
-
|
374
|
-
git add: '.'
|
375
|
-
git commit: "-m 'Add the system wide profile config'"
|
376
|
-
|
377
|
-
# ----- Create base recipe ----------------------------------------------------------------------------
|
378
|
-
|
379
|
-
puts
|
380
|
-
say_status 'recipes', 'Creating base recipe...', :yellow
|
381
|
-
puts '-'*80, ''; sleep 0.25
|
382
|
-
|
383
|
-
file 'recipes/base.rb' do <<-'CODE'
|
384
|
-
# openssh
|
385
|
-
|
386
|
-
node.override[:openssh][:server][:port] = node[:app_name][:base][:ssh_port]
|
387
|
-
node.override[:openssh][:server][:password_authentication] = 'no'
|
388
|
-
node.override[:openssh][:server][:permit_root_login] = 'no'
|
389
|
-
include_recipe 'openssh'
|
390
|
-
|
391
|
-
# user
|
392
|
-
|
393
|
-
include_recipe 'user'
|
394
|
-
|
395
|
-
user_account node[:app_name][:base][:username] do
|
396
|
-
ssh_keys [ node[:app_name][:base][:ssh_key] ]
|
397
|
-
end
|
398
|
-
|
399
|
-
# sudo
|
400
|
-
|
401
|
-
node.override[:authorization][:sudo][:users] = [ node[:app_name][:base][:username] ]
|
402
|
-
node.override[:authorization][:sudo][:passwordless] = true
|
403
|
-
|
404
|
-
include_recipe 'sudo'
|
405
|
-
|
406
|
-
# fail2ban
|
407
|
-
|
408
|
-
include_recipe 'fail2ban'
|
409
|
-
|
410
|
-
# ufw
|
411
|
-
|
412
|
-
node.override[:firewall][:rules] = [
|
413
|
-
{
|
414
|
-
'ssh' => {
|
415
|
-
'port'=> node[:app_name][:base][:ssh_port]
|
416
|
-
}
|
417
|
-
},
|
418
|
-
{
|
419
|
-
'http' => {
|
420
|
-
'port'=> '80'
|
421
|
-
}
|
422
|
-
}
|
423
|
-
]
|
424
|
-
include_recipe 'ufw'
|
425
|
-
|
426
|
-
# swapfile
|
427
|
-
|
428
|
-
swap_file '/mnt/swap' do
|
429
|
-
size node[:app_name][:base][:swap_size]
|
430
|
-
end
|
431
|
-
|
432
|
-
# htop
|
433
|
-
|
434
|
-
package 'htop'
|
435
|
-
CODE
|
436
|
-
end
|
437
|
-
|
438
|
-
gsub_file 'recipes/base.rb', 'app_name', app_name
|
439
|
-
|
440
|
-
git add: '.'
|
441
|
-
git commit: "-m 'Add the base recipe'"
|
442
|
-
|
443
|
-
# ----- Create database recipe ------------------------------------------------------------------------
|
444
|
-
|
445
|
-
puts
|
446
|
-
say_status 'recipes', 'Creating database recipe...', :yellow
|
447
|
-
puts '-'*80, ''; sleep 0.25
|
448
|
-
|
449
|
-
file 'recipes/database.rb' do <<-CODE
|
450
|
-
# This is where you will store a copy of your key on the chef-client
|
451
|
-
secret = Chef::EncryptedDataBagItem.load_secret('/etc/chef/encrypted_data_bag_secret')
|
452
|
-
|
453
|
-
# This decrypts the data bag contents of "#{app_name}_secrets/production.json" and uses the key defined at variable "secret"
|
454
|
-
encrypted_data_bag = Chef::EncryptedDataBagItem.load('#{app_name}_secrets', 'production', secret)
|
455
|
-
|
456
|
-
include_recipe '#{app_name}::base'
|
457
|
-
include_recipe 'postgresql'
|
458
|
-
include_recipe 'postgresql::client'
|
459
|
-
include_recipe 'postgresql::server'
|
460
|
-
include_recipe 'postgresql::libpq'
|
461
|
-
|
462
|
-
pg_user 'postgres' do
|
463
|
-
privileges superuser: true, createdb: true, login: true
|
464
|
-
password encrypted_data_bag['database_password']
|
465
|
-
end
|
466
|
-
CODE
|
467
|
-
end
|
468
|
-
|
469
|
-
git add: '.'
|
470
|
-
git commit: "-m 'Add the database recipe'"
|
471
|
-
|
472
|
-
# ----- Create cache recipe ---------------------------------------------------------------------------
|
473
|
-
|
474
|
-
puts
|
475
|
-
say_status 'recipes', 'Creating cache recipe...', :yellow
|
476
|
-
puts '-'*80, ''; sleep 0.25
|
477
|
-
|
478
|
-
file 'recipes/cache.rb' do <<-CODE
|
479
|
-
include_recipe '#{app_name}::base'
|
480
|
-
|
481
|
-
node.override[:redisio][:mirror] = 'http://download.redis.io/releases'
|
482
|
-
node.override[:redisio][:version] = '2.8.3'
|
483
|
-
include_recipe 'redisio::install'
|
484
|
-
include_recipe 'redisio::enable'
|
485
|
-
CODE
|
486
|
-
end
|
487
|
-
|
488
|
-
git add: '.'
|
489
|
-
git commit: "-m 'Add the cache recipe'"
|
490
|
-
|
491
|
-
# ----- Create web recipe -----------------------------------------------------------------------------
|
492
|
-
|
493
|
-
puts
|
494
|
-
say_status 'recipes', 'Creating web recipe...', :yellow
|
495
|
-
puts '-'*80, ''; sleep 0.25
|
496
|
-
|
497
|
-
file 'recipes/web.rb' do <<-'CODE'
|
498
|
-
secret = Chef::EncryptedDataBagItem.load_secret('/etc/chef/encrypted_data_bag_secret')
|
499
|
-
encrypted_data_bag = Chef::EncryptedDataBagItem.load('app_name_secrets', 'production', secret)
|
500
|
-
|
501
|
-
include_recipe 'app_name::base'
|
502
|
-
|
503
|
-
# environment variables
|
504
|
-
|
505
|
-
template '/etc/profile' do
|
506
|
-
source 'profile.erb'
|
507
|
-
variables({
|
508
|
-
:cookbook_name => cookbook_name,
|
509
|
-
:database_password => encrypted_data_bag['database_password'],
|
510
|
-
:cache_password => encrypted_data_bag['cache_password'],
|
511
|
-
:mail_password => encrypted_data_bag['mail_password'],
|
512
|
-
:token_rails_secret => encrypted_data_bag['token_rails_secret'],
|
513
|
-
:token_devise_secret => encrypted_data_bag['token_devise_secret'],
|
514
|
-
:token_devise_pepper => encrypted_data_bag['token_devise_pepper']
|
515
|
-
})
|
516
|
-
end
|
517
|
-
|
518
|
-
# git
|
519
|
-
|
520
|
-
apt_repository 'git' do
|
521
|
-
uri 'http://ppa.launchpad.net/git-core/ppa/ubuntu'
|
522
|
-
distribution node[:lsb][:codename]
|
523
|
-
components %w[main]
|
524
|
-
keyserver 'keyserver.ubuntu.com'
|
525
|
-
key 'E1DF1F24'
|
526
|
-
action :add
|
527
|
-
end
|
528
|
-
|
529
|
-
include_recipe 'git'
|
530
|
-
|
531
|
-
repo_path = "/home/#{node[:app_name][:base][:username]}/#{cookbook_name}.git"
|
532
|
-
|
533
|
-
directory repo_path do
|
534
|
-
owner node[:app_name][:base][:username]
|
535
|
-
group node[:app_name][:base][:username]
|
536
|
-
mode 0755
|
537
|
-
end
|
538
|
-
|
539
|
-
execute 'initialize new bare git repo' do
|
540
|
-
user node[:app_name][:base][:username]
|
541
|
-
group node[:app_name][:base][:username]
|
542
|
-
command "cd #{repo_path} && git init --bare"
|
543
|
-
only_if { !File.exists? "#{repo_path}/HEAD" }
|
544
|
-
end
|
545
|
-
|
546
|
-
# node
|
547
|
-
|
548
|
-
node.override[:nodejs][:install_method] = 'binary'
|
549
|
-
node.override[:nodejs][:version] = '0.10.24'
|
550
|
-
node.override[:nodejs][:checksum] = 'fb6487e72d953451d55e28319c446151c1812ed21919168b82ab1664088ecf46'
|
551
|
-
node.override[:nodejs][:checksum_linux_x64] = '423018f6a60b18d0dddf3007c325e0cc8cf55099'
|
552
|
-
node.override[:nodejs][:checksum_linux_x86] = 'fb6487e72d953451d55e28319c446151c1812ed21919168b82ab1664088ecf46'
|
553
|
-
include_recipe 'nodejs::install_from_binary'
|
554
|
-
|
555
|
-
# ruby
|
556
|
-
|
557
|
-
node.override[:rvm][:default_ruby] = node[:app_name][:web][:ruby_version]
|
558
|
-
node.override[:rvm][:global_gems] = [ { 'name' => 'bundler', 'version' => '1.5.1' } ]
|
559
|
-
node.override[:rvm][:group_users] = [ node[:app_name][:base][:username] ]
|
560
|
-
|
561
|
-
include_recipe 'rvm::system'
|
562
|
-
|
563
|
-
# nginx
|
564
|
-
|
565
|
-
apt_repository 'nginx' do
|
566
|
-
uri 'http://ppa.launchpad.net/nginx/stable/ubuntu'
|
567
|
-
distribution node[:lsb][:codename]
|
568
|
-
components %w[main]
|
569
|
-
keyserver 'keyserver.ubuntu.com'
|
570
|
-
key 'C300EE8C'
|
571
|
-
action :add
|
572
|
-
end
|
573
|
-
|
574
|
-
node.override[:nginx][:gzip_comp_level] = '4'
|
575
|
-
|
576
|
-
include_recipe 'nginx'
|
577
|
-
|
578
|
-
cookbook_file 'nginx_virtualhost.conf' do
|
579
|
-
path "#{node[:nginx][:dir]}/sites-available/#{cookbook_name}.conf"
|
580
|
-
group node[:nginx][:user]
|
581
|
-
owner node[:nginx][:user]
|
582
|
-
mode '0644'
|
583
|
-
end
|
584
|
-
|
585
|
-
nginx_site "#{cookbook_name}.conf"
|
586
|
-
|
587
|
-
include_recipe 'logrotate'
|
588
|
-
|
589
|
-
logrotate_app 'nginx' do
|
590
|
-
cookbook 'logrotate'
|
591
|
-
path ["#{node[:nginx][:log_dir]}/access.log", "#{node[:nginx][:log_dir]}/error.log"]
|
592
|
-
options ['missingok', 'notifempty']
|
593
|
-
frequency 'daily'
|
594
|
-
create '0644 root adm'
|
595
|
-
rotate 365
|
596
|
-
end
|
597
|
-
CODE
|
598
|
-
end
|
599
|
-
|
600
|
-
gsub_file 'recipes/web.rb', 'app_name', app_name
|
601
|
-
|
602
|
-
git add: '.'
|
603
|
-
git commit: "-m 'Add the web recipe'"
|
604
|
-
|
605
|
-
# ----- Create default recipe -------------------------------------------------------------------------
|
606
|
-
|
607
|
-
puts
|
608
|
-
say_status 'recipes', 'Creating default recipe...', :yellow
|
609
|
-
puts '-'*80, ''; sleep 0.25
|
610
|
-
|
611
|
-
run 'rm -f recipes/default.rb'
|
612
|
-
file 'recipes/default.rb' do <<-CODE
|
613
|
-
include_recipe '#{app_name}::database'
|
614
|
-
include_recipe '#{app_name}::cache'
|
615
|
-
include_recipe '#{app_name}::web'
|
616
|
-
CODE
|
617
|
-
end
|
618
|
-
|
619
|
-
git add: '.'
|
620
|
-
git commit: "-m 'Add the default recipe'"
|
621
|
-
|
622
|
-
# ----- Installation complete message -----------------------------------------------------------------
|
623
|
-
|
624
|
-
puts
|
625
|
-
say_status 'success', "\e[1m\Everything has been setup successfully\e[0m", :cyan
|
626
|
-
puts
|
627
|
-
say_status 'question', 'Are you new to chef and berkshelf?', :yellow
|
628
|
-
say_status 'answer', 'Check the orats wiki for the walk through', :white
|
629
|
-
puts
|
630
|
-
say_status 'question', 'Are you somewhat experienced with chef?', :yellow
|
631
|
-
say_status 'answer', 'Setup your encrypted data bag and bootstrap the node', :white
|
632
|
-
puts '-'*80
|