orats 0.3.2 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/lib/orats/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Orats
2
- VERSION = '0.3.2'
2
+ VERSION = '0.4.0'
3
3
  end
data/orats.gemspec CHANGED
@@ -22,5 +22,5 @@ Gem::Specification.new do |spec|
22
22
 
23
23
  spec.add_development_dependency 'bundler', '~> 1.5'
24
24
  spec.add_development_dependency 'rake', '~> 0'
25
- spec.add_development_dependency 'minitest', '~> 4.7'
25
+ spec.add_development_dependency 'minitest', '~> 5.3'
26
26
  end
@@ -1,6 +1,6 @@
1
1
  require_relative '../test_helper'
2
2
 
3
- class TestCLI < Minitest::Unit::TestCase
3
+ class TestCLI < Minitest::Test
4
4
  include Orats::Test
5
5
 
6
6
  def test_new_app
@@ -10,10 +10,10 @@ class TestCLI < Minitest::Unit::TestCase
10
10
  orats "new #{app_name}", flags: ORATS_FLAGS
11
11
  end
12
12
 
13
- assert_match /success/, out
13
+ assert_match /Start your server/, out
14
14
 
15
- assert_path_exists "#{TEST_PATH}/#{app_name}/cookbooks/#{app_name}"
16
- assert_path_exists "#{TEST_PATH}/#{app_name}/services/#{app_name}"
15
+ assert_path_exists "#{TEST_PATH}/#{app_name}/inventory"
16
+ assert_path_exists "#{TEST_PATH}/#{app_name}/secrets"
17
17
 
18
18
  assert_nuked app_name
19
19
  end
@@ -26,9 +26,10 @@ class TestCLI < Minitest::Unit::TestCase
26
26
  orats "new #{app_name}", flags: "--auth #{ORATS_FLAGS}"
27
27
  end
28
28
 
29
- assert_match /success/, out
29
+ assert_match /Start your server/, out
30
30
 
31
- assert_path_exists "#{TEST_PATH}/#{app_name}/cookbooks/#{app_name}"
31
+ assert_path_exists "#{TEST_PATH}/#{app_name}/inventory"
32
+ assert_path_exists "#{TEST_PATH}/#{app_name}/secrets"
32
33
  assert_path_exists "#{TEST_PATH}/#{app_name}/services/#{app_name}"
33
34
 
34
35
  assert_in_file gemfile_path, /devise/
@@ -38,19 +39,6 @@ class TestCLI < Minitest::Unit::TestCase
38
39
  assert_nuked app_name
39
40
  end
40
41
 
41
- def test_new_app_without_cookbook
42
- app_name = generate_app_name
43
-
44
- out, err = capture_subprocess_io do
45
- orats "new #{app_name}", flags: "--skip-cook #{ORATS_FLAGS}"
46
- end
47
-
48
- refute_path_exists "#{TEST_PATH}/#{app_name}/cookbooks/#{app_name}"
49
- assert_path_exists "#{TEST_PATH}/#{app_name}/services/#{app_name}"
50
-
51
- assert_nuked app_name
52
- end
53
-
54
42
  def test_new_app_without_extras
55
43
  app_name = generate_app_name
56
44
 
@@ -58,22 +46,23 @@ class TestCLI < Minitest::Unit::TestCase
58
46
  orats "new #{app_name}", flags: "--skip-extras #{ORATS_FLAGS}"
59
47
  end
60
48
 
61
- refute_path_exists "#{TEST_PATH}/#{app_name}/cookbooks/#{app_name}"
49
+ refute_path_exists "#{TEST_PATH}/#{app_name}/inventory"
50
+ refute_path_exists "#{TEST_PATH}/#{app_name}/secrets"
62
51
  refute_path_exists "#{TEST_PATH}/#{app_name}/services/#{app_name}"
63
52
  assert_path_exists "#{TEST_PATH}/#{app_name}"
64
53
 
65
54
  assert_nuked app_name
66
55
  end
67
56
 
68
- def test_cook
57
+ def test_play
69
58
  app_name = generate_app_name
70
59
 
71
60
  out, err = capture_subprocess_io do
72
- orats "cook #{app_name}"
61
+ orats "play #{app_name}"
73
62
  end
74
63
 
75
64
  assert_match /success/, out
76
- assert_nuked app_name, flags: '-D'
65
+ assert_nuked app_name
77
66
  end
78
67
 
79
68
  def test_version
@@ -125,9 +114,6 @@ class TestCLI < Minitest::Unit::TestCase
125
114
  puma = pid_lines[0].split(' ').last
126
115
  sidekiq = pid_lines[1].split(' ').last
127
116
 
128
- puts "puma pid #{puma}"
129
- puts "sidekiq pid #{sidekiq}"
130
-
131
117
  system "kill -9 #{puma} && kill -9 #{sidekiq}"
132
118
  end
133
119
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: orats
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.2
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nick Janetakis
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-02-20 00:00:00.000000000 Z
11
+ date: 2014-05-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thor
@@ -58,14 +58,14 @@ dependencies:
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: '4.7'
61
+ version: '5.3'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: '4.7'
68
+ version: '5.3'
69
69
  description: A collection of rails application templates using modern versions of
70
70
  Ruby on Rails. Launch new applications and the infrastructure to run them in seconds.
71
71
  email:
@@ -89,8 +89,12 @@ files:
89
89
  - lib/orats/shell.rb
90
90
  - lib/orats/templates/auth.rb
91
91
  - lib/orats/templates/base.rb
92
- - lib/orats/templates/cook.rb
93
92
  - lib/orats/templates/includes/Gemfile
93
+ - lib/orats/templates/includes/inventory/group_vars/all.yml
94
+ - lib/orats/templates/includes/inventory/hosts
95
+ - lib/orats/templates/includes/secrets/sslcert.crt
96
+ - lib/orats/templates/includes/secrets/sslkey.key
97
+ - lib/orats/templates/play.rb
94
98
  - lib/orats/version.rb
95
99
  - orats.gemspec
96
100
  - test/integration/cli_test.rb
@@ -115,7 +119,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
115
119
  version: '0'
116
120
  requirements: []
117
121
  rubyforge_project:
118
- rubygems_version: 2.2.0
122
+ rubygems_version: 2.2.2
119
123
  signing_key:
120
124
  specification_version: 4
121
125
  summary: Opinionated rails application templates.
@@ -1,632 +0,0 @@
1
- # =====================================================================================================
2
- # Template for generating a chef cookbook
3
- # =====================================================================================================
4
-
5
- # ----- Helper functions and variables ----------------------------------------------------------------
6
-
7
- require 'securerandom'
8
-
9
- def generate_token
10
- SecureRandom.hex(64)
11
- end
12
-
13
- def git_config(field)
14
- command = "git config --global user.#{field}"
15
- git_field_value = run(command, capture: true).gsub("\n", '')
16
- default_value = "YOUR_#{field.upcase}"
17
-
18
- git_field_value.to_s.empty? ? default_value : git_field_value
19
- end
20
-
21
- app_name_upper = app_name.upcase
22
- app_name_class = app_name.humanize
23
-
24
- author_name = git_config 'name'
25
- author_email = git_config 'email'
26
-
27
- # ----- Nuke all of the rails code --------------------------------------------------------------------
28
-
29
- puts
30
- say_status 'shell', 'Removing all of the generated rails code...', :yellow
31
- puts '-'*80, ''; sleep 0.25
32
-
33
- run 'rm -rf * .git .gitignore'
34
-
35
- # ----- Install berkshelf -----------------------------------------------------------------------------
36
-
37
- puts
38
- say_status 'tool', 'Gem installing berkshelf, this may take a while...', :yellow
39
- puts '-'*80, ''; sleep 0.25
40
-
41
- run 'gem install berkshelf'
42
-
43
- # ----- Create cookbook -------------------------------------------------------------------------------
44
-
45
- puts
46
- say_status 'init', 'Creating skeleton cookbook...', :yellow
47
- puts '-'*80, ''; sleep 0.25
48
-
49
- run "berks cookbook #{app_name}"
50
-
51
- # ----- Move cookbook back one directory --------------------------------------------------------------
52
-
53
- puts
54
- say_status 'shell', 'Moving cookbook back one directory...', :yellow
55
- puts '-'*80, ''; sleep 0.25
56
-
57
- run "mv #{app_name}/* ."
58
- run "rm -rf #{app_name}"
59
-
60
- # ----- Create the git repo ---------------------------------------------------------------------------
61
-
62
- puts
63
- say_status 'git', 'Creating initial commit...', :yellow
64
- puts '-'*80, ''; sleep 0.25
65
-
66
- git :init
67
- git add: '.'
68
- git commit: "-m 'Initial commit'"
69
-
70
- # ----- Create the license ----------------------------------------------------------------------------
71
-
72
- puts
73
- say_status 'root', 'Creating the license', :yellow
74
- puts '-'*80, ''; sleep 0.25
75
-
76
- run 'rm -rf LICENSE'
77
-
78
- file 'LICENSE' do <<-TEXT
79
- The MIT License (MIT)
80
-
81
- Copyright (c) #{Time.now.year} #{author_name} <#{author_email}>
82
-
83
- Permission is hereby granted, free of charge, to any person obtaining
84
- a copy of this software and associated documentation files (the
85
- 'Software'), to deal in the Software without restriction, including
86
- without limitation the rights to use, copy, modify, merge, publish,
87
- distribute, sublicense, and/or sell copies of the Software, and to
88
- permit persons to whom the Software is furnished to do so, subject to
89
- the following conditions:
90
-
91
- The above copyright notice and this permission notice shall be
92
- included in all copies or substantial portions of the Software.
93
-
94
- THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
95
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
96
- MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
97
- IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
98
- CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
99
- TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
100
- SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
101
- TEXT
102
- end
103
-
104
- git add: '.'
105
- git commit: "-m 'Add MIT license'"
106
-
107
- # ----- Customize meta data ---------------------------------------------------------------------------
108
-
109
- puts
110
- say_status 'root', 'Changing metadata file', :yellow
111
- puts '-'*80, ''; sleep 0.25
112
-
113
- puts author_name
114
- puts author_email
115
-
116
- gsub_file 'metadata.rb', 'YOUR_NAME', author_name
117
- gsub_file 'metadata.rb', 'YOUR_EMAIL', author_email
118
- gsub_file 'metadata.rb', 'All rights reserved', 'MIT LICENSE'
119
-
120
- git add: '.'
121
- git commit: "-m 'Change meta data in the metadata.rb file'"
122
-
123
- # ----- Add application dependencies ------------------------------------------------------------------
124
-
125
- puts
126
- say_status 'root', 'Adding application dependencies...', :yellow
127
- puts '-'*80, ''; sleep 0.25
128
-
129
- append_file 'Berksfile' do <<-CODE
130
- cookbook 'postgresql', git: 'git://github.com/phlipper/chef-postgresql.git'
131
- cookbook 'rvm', git: 'git://github.com/fnichol/chef-rvm'
132
- CODE
133
- end
134
-
135
- git add: '.'
136
- git commit: "-m 'Add dependencies to the Berksfile'"
137
-
138
- append_file 'metadata.rb' do <<-CODE
139
- # base
140
- depends 'openssh', '~> 1.3.2'
141
- depends 'user', '~> 0.3.0'
142
- depends 'sudo', '~> 2.3.0'
143
- depends 'fail2ban', '~> 2.1.2'
144
- depends 'ufw', '~> 0.7.4'
145
- depends 'swap', '~> 0.3.6'
146
-
147
- # database
148
- depends 'postgresql', '~> 0.13.0'
149
-
150
- # cache
151
- depends 'redisio', '~> 1.7.0'
152
-
153
- # web
154
- depends 'git', '~> 2.9.0'
155
- depends 'rvm', '~> 0.9.1'
156
- depends 'nodejs', '~> 1.3.0'
157
- depends 'nginx', '~> 2.2.0'
158
- depends 'logrotate', '~> 1.4.0'
159
- CODE
160
- end
161
-
162
- git add: '.'
163
- git commit: "-m 'Add dependencies to the metadata file'"
164
-
165
- # ----- Install cookbooks locally ---------------------------------------------------------------------
166
-
167
- puts
168
- say_status 'tool', 'Berks installing the cookbooks, this may take a while...', :yellow
169
- puts '-'*80, ''; sleep 0.25
170
-
171
- run 'berks install'
172
-
173
- git add: '.'
174
- git commit: "-m 'Change meta data in the metadata.rb file'"
175
-
176
- # ----- Configure attributes file ---------------------------------------------------------------------
177
-
178
- puts
179
- say_status 'attr', 'Modifying the attributes file...', :yellow
180
- puts '-'*80, ''; sleep 0.25
181
-
182
- random_ssh_port = rand(11000..55000)
183
- random_username = SecureRandom.hex[0...8]
184
-
185
- file 'attributes/default.rb' do <<-CODE
186
- default[:#{app_name}][:base][:ssh_port] = '#{random_ssh_port}'
187
- default[:#{app_name}][:base][:username] = '#{random_username}'
188
- default[:#{app_name}][:base][:swap_size] = 1024 # MBs
189
- default[:#{app_name}][:base][:ssh_key] = 'INSERT_YOUR_PUBLIC_SSH_KEY_HERE'
190
-
191
- default[:#{app_name}][:database][:host] = 'localhost'
192
- default[:#{app_name}][:database][:pool] = '25'
193
- default[:#{app_name}][:database][:timeout] = '5000'
194
-
195
- default[:#{app_name}][:cache][:host] = 'localhost'
196
- default[:#{app_name}][:cache][:port] = '6379'
197
- default[:#{app_name}][:cache][:database] = '0'
198
- default[:#{app_name}][:cache][:sidekiq_concurrency] = '25'
199
-
200
- default[:#{app_name}][:web][:ruby_version] = '2.1.0'
201
- default[:#{app_name}][:web][:puma_threads_min] = '0'
202
- default[:#{app_name}][:web][:puma_threads_max] = '16'
203
- default[:#{app_name}][:web][:puma_workers] = '2'
204
- default[:#{app_name}][:web][:mail_address] = 'smtp.#{app_name}.com'
205
- default[:#{app_name}][:web][:mail_port] = '25'
206
- default[:#{app_name}][:web][:mail_domain] = '#{app_name}.com'
207
- default[:#{app_name}][:web][:mail_username] = 'info@#{app_name}.com'
208
- default[:#{app_name}][:web][:mail_auth] = 'plain'
209
- default[:#{app_name}][:web][:mail_startttls_auto] = 'true'
210
- default[:#{app_name}][:web][:action_mailer_host] = 'www.#{app_name}.com'
211
- default[:#{app_name}][:web][:action_mailer_default_email] = 'info@#{app_name}.com'
212
- default[:#{app_name}][:web][:action_mailer_devise_default_email] = 'info@#{app_name}.com'
213
- CODE
214
- end
215
-
216
- git add: '.'
217
- git commit: "-m 'Add tweakable settings to the attributes file'"
218
-
219
- # ----- Create dummy data for the encrypted data bag --------------------------------------------------
220
-
221
- puts
222
- say_status 'data_bags', 'Creating dummy encrypted data bag...', :yellow
223
- puts '-'*80, ''; sleep 0.25
224
-
225
- data_bag_path = "data_bags/#{app_name}_secrets"
226
-
227
- run "mkdir -p #{data_bag_path}"
228
-
229
- file "#{data_bag_path}/production.json" do <<-JSON
230
- {
231
- "id": "production",
232
- "database_password": "<real password is protected>",
233
- "cache_password": "<real password is protected>",
234
- "mail_password": "<real password is protected>",
235
- "token_rails_secret": "<real token is protected>",
236
- "token_devise_secret": "<real token is protected>",
237
- "token_devise_pepper": "<real token is protected>"
238
- }
239
- JSON
240
- end
241
-
242
- git add: '.'
243
- git commit: "-m 'Add the dummy data bag as a point of reference'"
244
-
245
- # ----- Create nginx config ---------------------------------------------------------------------------
246
-
247
- puts
248
- say_status 'files', 'Creating nginx config...', :yellow
249
- puts '-'*80, ''; sleep 0.25
250
-
251
- file "files/default/nginx_virtualhost.conf" do <<-CONF
252
- upstream #{app_name} {
253
- server unix:///tmp/#{app_name}.sock;
254
- }
255
-
256
- # redirect non-www to www (remove this block if you do not want to do this)
257
- server {
258
- listen 80;
259
- server_name #{app_name}.com;
260
- return 301 $scheme://www.#{app_name}.com$request_uri;
261
- }
262
-
263
- server {
264
- listen 80;
265
- server_name www.#{app_name}.com;
266
- root /home/#{random_username}/www/#{app_name}/current/public;
267
-
268
- error_page 404 /404.html;
269
- error_page 500 /500.html;
270
- error_page 502 503 504 /502.html;
271
-
272
- location ~ ^/(system|assets)/ {
273
- root /home/#{random_username}/www/#{app_name}/current/public;
274
- gzip_static on;
275
- expires 1y;
276
- add_header Cache-Control public;
277
- add_header ETag "";
278
- break;
279
- }
280
-
281
- try_files $uri @puma;
282
-
283
- location @puma {
284
- proxy_set_header X-Real-IP $remote_addr;
285
- proxy_set_header X-Forwarded-Proto http;
286
- proxy_set_header Host $http_host;
287
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
288
- proxy_redirect off;
289
-
290
- proxy_pass http://#{app_name};
291
- break;
292
- }
293
- }
294
- CONF
295
- end
296
-
297
- git add: '.'
298
- git commit: "-m 'Add the nginx virtualhost config'"
299
-
300
- # ----- Create system wide profile -------------------------------------------------------------------------
301
-
302
- puts
303
- say_status 'templates', 'Creating system wide profile config', :yellow
304
- puts '-'*80, ''; sleep 0.25
305
-
306
- file 'templates/default/profile.erb' do <<-CONF
307
- # /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
308
- # and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
309
-
310
- if [ "$PS1" ]; then
311
- if [ "$BASH" ] && [ "$BASH" != "/bin/sh" ]; then
312
- # The file bash.bashrc already sets the default PS1.
313
- # PS1='\h:\w\$ '
314
- if [ -f /etc/bash.bashrc ]; then
315
- . /etc/bash.bashrc
316
- fi
317
- else
318
- if [ "`id -u`" -eq 0 ]; then
319
- PS1='# '
320
- else
321
- PS1='$ '
322
- fi
323
- fi
324
- fi
325
-
326
- # The default umask is now handled by pam_umask.
327
- # See pam_umask(8) and /etc/login.defs.
328
-
329
- if [ -d /etc/profile.d ]; then
330
- for i in /etc/profile.d/*.sh; do
331
- if [ -r $i ]; then
332
- . $i
333
- fi
334
- done
335
- unset i
336
- fi
337
-
338
- export <%= @cookbook_name.upcase %>_TOKEN_RAILS_SECRET='<%= @token_rails_secret %>'
339
- export <%= @cookbook_name.upcase %>_TOKEN_DEVISE_SECRET='<%= @token_devise_secret %>'
340
- export <%= @cookbook_name.upcase %>_TOKEN_DEVISE_PEPPER='<%= @token_devise_pepper %>'
341
-
342
- export <%= @cookbook_name.upcase %>_SMTP_ADDRESS='<%= node[:#{app_name}][:web][:mail_address] %>'
343
- export <%= @cookbook_name.upcase %>_SMTP_PORT='<%= node[:#{app_name}][:web][:mail_port] %>'
344
- export <%= @cookbook_name.upcase %>_SMTP_DOMAIN='<%= node[:#{app_name}][:web][:mail_domain] %>'
345
- export <%= @cookbook_name.upcase %>_SMTP_USERNAME='<%= node[:#{app_name}][:web][:mail_username] %>'
346
- export <%= @cookbook_name.upcase %>_SMTP_PASSWORD='<%= @mail_password %>'
347
- export <%= @cookbook_name.upcase %>_SMTP_AUTH='<%= node[:#{app_name}][:web][:mail_auth] %>'
348
- export <%= @cookbook_name.upcase %>_SMTP_STARTTTLS_AUTO='<%= node[:#{app_name}][:web][:mail_startttls_auto] %>'
349
-
350
- export <%= @cookbook_name.upcase %>_ACTION_MAILER_HOST='<%= node[:#{app_name}][:web][:action_mailer_host] %>'
351
- export <%= @cookbook_name.upcase %>_ACTION_MAILER_DEFAULT_EMAIL='<%= node[:#{app_name}][:web][:action_mailer_default_email] %>'
352
- export <%= @cookbook_name.upcase %>_ACTION_MAILER_DEVISE_DEFAULT_EMAIL='<%= node[:#{app_name}][:web][:action_mailer_devise_default_email] %>'
353
-
354
- export <%= @cookbook_name.upcase %>_DATABASE_HOST='<%= node[:#{app_name}][:database][:host] %>'
355
- export <%= @cookbook_name.upcase %>_DATABASE_NAME='<%= @cookbook_name.downcase %>'
356
- export <%= @cookbook_name.upcase %>_DATABASE_USERNAME='postgres'
357
- export <%= @cookbook_name.upcase %>_DATABASE_PASSWORD='<%= @database_password %>'
358
- export <%= @cookbook_name.upcase %>_DATABASE_POOL='<%= node[:#{app_name}][:database][:pool] %>'
359
- export <%= @cookbook_name.upcase %>_DATABASE_TIMEOUT='<%= node[:#{app_name}][:database][:timeout] %>'
360
-
361
- export <%= @cookbook_name.upcase %>_CACHE_HOST='<%= node[:#{app_name}][:cache][:host] %>'
362
- export <%= @cookbook_name.upcase %>_CACHE_DATABASE='<%= node[:#{app_name}][:cache][:database] %>'
363
- export <%= @cookbook_name.upcase %>_CACHE_USERNAME='redis'
364
- export <%= @cookbook_name.upcase %>_CACHE_PASSWORD='<%= @cache_password %>'
365
-
366
- export <%= @cookbook_name.upcase %>_SIDEKIQ_CONCURRENCY='<%= node[:#{app_name}][:cache][:sidekiq_concurrency] %>'
367
-
368
- export <%= @cookbook_name.upcase %>_PUMA_THREADS_MIN='<%= node[:#{app_name}][:web][:puma_threads_min] %>'
369
- export <%= @cookbook_name.upcase %>_PUMA_THREADS_MAX='<%= node[:#{app_name}][:web][:puma_threads_max] %>'
370
- export <%= @cookbook_name.upcase %>_PUMA_WORKERS='<%= node[:#{app_name}][:web][:puma_workers] %>'
371
- CONF
372
- end
373
-
374
- git add: '.'
375
- git commit: "-m 'Add the system wide profile config'"
376
-
377
- # ----- Create base recipe ----------------------------------------------------------------------------
378
-
379
- puts
380
- say_status 'recipes', 'Creating base recipe...', :yellow
381
- puts '-'*80, ''; sleep 0.25
382
-
383
- file 'recipes/base.rb' do <<-'CODE'
384
- # openssh
385
-
386
- node.override[:openssh][:server][:port] = node[:app_name][:base][:ssh_port]
387
- node.override[:openssh][:server][:password_authentication] = 'no'
388
- node.override[:openssh][:server][:permit_root_login] = 'no'
389
- include_recipe 'openssh'
390
-
391
- # user
392
-
393
- include_recipe 'user'
394
-
395
- user_account node[:app_name][:base][:username] do
396
- ssh_keys [ node[:app_name][:base][:ssh_key] ]
397
- end
398
-
399
- # sudo
400
-
401
- node.override[:authorization][:sudo][:users] = [ node[:app_name][:base][:username] ]
402
- node.override[:authorization][:sudo][:passwordless] = true
403
-
404
- include_recipe 'sudo'
405
-
406
- # fail2ban
407
-
408
- include_recipe 'fail2ban'
409
-
410
- # ufw
411
-
412
- node.override[:firewall][:rules] = [
413
- {
414
- 'ssh' => {
415
- 'port'=> node[:app_name][:base][:ssh_port]
416
- }
417
- },
418
- {
419
- 'http' => {
420
- 'port'=> '80'
421
- }
422
- }
423
- ]
424
- include_recipe 'ufw'
425
-
426
- # swapfile
427
-
428
- swap_file '/mnt/swap' do
429
- size node[:app_name][:base][:swap_size]
430
- end
431
-
432
- # htop
433
-
434
- package 'htop'
435
- CODE
436
- end
437
-
438
- gsub_file 'recipes/base.rb', 'app_name', app_name
439
-
440
- git add: '.'
441
- git commit: "-m 'Add the base recipe'"
442
-
443
- # ----- Create database recipe ------------------------------------------------------------------------
444
-
445
- puts
446
- say_status 'recipes', 'Creating database recipe...', :yellow
447
- puts '-'*80, ''; sleep 0.25
448
-
449
- file 'recipes/database.rb' do <<-CODE
450
- # This is where you will store a copy of your key on the chef-client
451
- secret = Chef::EncryptedDataBagItem.load_secret('/etc/chef/encrypted_data_bag_secret')
452
-
453
- # This decrypts the data bag contents of "#{app_name}_secrets/production.json" and uses the key defined at variable "secret"
454
- encrypted_data_bag = Chef::EncryptedDataBagItem.load('#{app_name}_secrets', 'production', secret)
455
-
456
- include_recipe '#{app_name}::base'
457
- include_recipe 'postgresql'
458
- include_recipe 'postgresql::client'
459
- include_recipe 'postgresql::server'
460
- include_recipe 'postgresql::libpq'
461
-
462
- pg_user 'postgres' do
463
- privileges superuser: true, createdb: true, login: true
464
- password encrypted_data_bag['database_password']
465
- end
466
- CODE
467
- end
468
-
469
- git add: '.'
470
- git commit: "-m 'Add the database recipe'"
471
-
472
- # ----- Create cache recipe ---------------------------------------------------------------------------
473
-
474
- puts
475
- say_status 'recipes', 'Creating cache recipe...', :yellow
476
- puts '-'*80, ''; sleep 0.25
477
-
478
- file 'recipes/cache.rb' do <<-CODE
479
- include_recipe '#{app_name}::base'
480
-
481
- node.override[:redisio][:mirror] = 'http://download.redis.io/releases'
482
- node.override[:redisio][:version] = '2.8.3'
483
- include_recipe 'redisio::install'
484
- include_recipe 'redisio::enable'
485
- CODE
486
- end
487
-
488
- git add: '.'
489
- git commit: "-m 'Add the cache recipe'"
490
-
491
- # ----- Create web recipe -----------------------------------------------------------------------------
492
-
493
- puts
494
- say_status 'recipes', 'Creating web recipe...', :yellow
495
- puts '-'*80, ''; sleep 0.25
496
-
497
- file 'recipes/web.rb' do <<-'CODE'
498
- secret = Chef::EncryptedDataBagItem.load_secret('/etc/chef/encrypted_data_bag_secret')
499
- encrypted_data_bag = Chef::EncryptedDataBagItem.load('app_name_secrets', 'production', secret)
500
-
501
- include_recipe 'app_name::base'
502
-
503
- # environment variables
504
-
505
- template '/etc/profile' do
506
- source 'profile.erb'
507
- variables({
508
- :cookbook_name => cookbook_name,
509
- :database_password => encrypted_data_bag['database_password'],
510
- :cache_password => encrypted_data_bag['cache_password'],
511
- :mail_password => encrypted_data_bag['mail_password'],
512
- :token_rails_secret => encrypted_data_bag['token_rails_secret'],
513
- :token_devise_secret => encrypted_data_bag['token_devise_secret'],
514
- :token_devise_pepper => encrypted_data_bag['token_devise_pepper']
515
- })
516
- end
517
-
518
- # git
519
-
520
- apt_repository 'git' do
521
- uri 'http://ppa.launchpad.net/git-core/ppa/ubuntu'
522
- distribution node[:lsb][:codename]
523
- components %w[main]
524
- keyserver 'keyserver.ubuntu.com'
525
- key 'E1DF1F24'
526
- action :add
527
- end
528
-
529
- include_recipe 'git'
530
-
531
- repo_path = "/home/#{node[:app_name][:base][:username]}/#{cookbook_name}.git"
532
-
533
- directory repo_path do
534
- owner node[:app_name][:base][:username]
535
- group node[:app_name][:base][:username]
536
- mode 0755
537
- end
538
-
539
- execute 'initialize new bare git repo' do
540
- user node[:app_name][:base][:username]
541
- group node[:app_name][:base][:username]
542
- command "cd #{repo_path} && git init --bare"
543
- only_if { !File.exists? "#{repo_path}/HEAD" }
544
- end
545
-
546
- # node
547
-
548
- node.override[:nodejs][:install_method] = 'binary'
549
- node.override[:nodejs][:version] = '0.10.24'
550
- node.override[:nodejs][:checksum] = 'fb6487e72d953451d55e28319c446151c1812ed21919168b82ab1664088ecf46'
551
- node.override[:nodejs][:checksum_linux_x64] = '423018f6a60b18d0dddf3007c325e0cc8cf55099'
552
- node.override[:nodejs][:checksum_linux_x86] = 'fb6487e72d953451d55e28319c446151c1812ed21919168b82ab1664088ecf46'
553
- include_recipe 'nodejs::install_from_binary'
554
-
555
- # ruby
556
-
557
- node.override[:rvm][:default_ruby] = node[:app_name][:web][:ruby_version]
558
- node.override[:rvm][:global_gems] = [ { 'name' => 'bundler', 'version' => '1.5.1' } ]
559
- node.override[:rvm][:group_users] = [ node[:app_name][:base][:username] ]
560
-
561
- include_recipe 'rvm::system'
562
-
563
- # nginx
564
-
565
- apt_repository 'nginx' do
566
- uri 'http://ppa.launchpad.net/nginx/stable/ubuntu'
567
- distribution node[:lsb][:codename]
568
- components %w[main]
569
- keyserver 'keyserver.ubuntu.com'
570
- key 'C300EE8C'
571
- action :add
572
- end
573
-
574
- node.override[:nginx][:gzip_comp_level] = '4'
575
-
576
- include_recipe 'nginx'
577
-
578
- cookbook_file 'nginx_virtualhost.conf' do
579
- path "#{node[:nginx][:dir]}/sites-available/#{cookbook_name}.conf"
580
- group node[:nginx][:user]
581
- owner node[:nginx][:user]
582
- mode '0644'
583
- end
584
-
585
- nginx_site "#{cookbook_name}.conf"
586
-
587
- include_recipe 'logrotate'
588
-
589
- logrotate_app 'nginx' do
590
- cookbook 'logrotate'
591
- path ["#{node[:nginx][:log_dir]}/access.log", "#{node[:nginx][:log_dir]}/error.log"]
592
- options ['missingok', 'notifempty']
593
- frequency 'daily'
594
- create '0644 root adm'
595
- rotate 365
596
- end
597
- CODE
598
- end
599
-
600
- gsub_file 'recipes/web.rb', 'app_name', app_name
601
-
602
- git add: '.'
603
- git commit: "-m 'Add the web recipe'"
604
-
605
- # ----- Create default recipe -------------------------------------------------------------------------
606
-
607
- puts
608
- say_status 'recipes', 'Creating default recipe...', :yellow
609
- puts '-'*80, ''; sleep 0.25
610
-
611
- run 'rm -f recipes/default.rb'
612
- file 'recipes/default.rb' do <<-CODE
613
- include_recipe '#{app_name}::database'
614
- include_recipe '#{app_name}::cache'
615
- include_recipe '#{app_name}::web'
616
- CODE
617
- end
618
-
619
- git add: '.'
620
- git commit: "-m 'Add the default recipe'"
621
-
622
- # ----- Installation complete message -----------------------------------------------------------------
623
-
624
- puts
625
- say_status 'success', "\e[1m\Everything has been setup successfully\e[0m", :cyan
626
- puts
627
- say_status 'question', 'Are you new to chef and berkshelf?', :yellow
628
- say_status 'answer', 'Check the orats wiki for the walk through', :white
629
- puts
630
- say_status 'question', 'Are you somewhat experienced with chef?', :yellow
631
- say_status 'answer', 'Setup your encrypted data bag and bootstrap the node', :white
632
- puts '-'*80