projektbauer 0.0.2

data/.gitignore

@@ -0,0 +1,20 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+spec/reference/**/svn
+spec/reference/domain_01/project_01/svn
+spec/tmp_output

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in projektbauer.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Bernhard Weichel
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,118 @@
+# Projektbauer
+
+Projektbauer (a german play on words which could be translated to
+"project builder" or to "poject farmer") is a ruby gem which supports
+the setup of an SVN/Trac environment in an apache enviroment.
+
+To use it one creates a configuration file which is actually a ruby
+script and executes the same. The following approach applies
+
+-   **top level project folder** all projects are kept under one
+    particular folder for a **project collection** Usually on one host,
+    there is exactly one project collection.
+
+-   **virtual host** acting as project set: Within the project
+    collection, multiple project sets can be installed. One project set
+    corelates to an apache virtual host (e.g `myprojects.mydomin.xx`).
+    **Projektbauer** creates an apache configuration file for this
+    virtual domain.
+
+    **Projektbauer** supports virtual host by
+    -   creating a folder for the virtual host
+    -   creating an apache configuration for that virtual host
+        (`virtual_host.httpd.conf`)
+    -   maintains a configuration file (`include_locations.httpd.conf`)
+        which is be included in the aforehead mentioned file. This file
+        includes the project configurations.
+
+    **Note** that some providers (e.g. <http://www.webhostone.de>) do
+    not support creation of virtual hosts this way. In this case, you
+    can simply ignore the generated virtual host. But you need to
+    include the project list in the existing virtual host.
+
+-   **project** a project is associated with a **virtual host** such
+    that it can be accessed by
+    -   `https://myprojects.mydomin.xx/myproject/svn`
+    -   `https://myprojects.mydomin.xx/myproject/trac`
+
+    **Projektbauer** generates the configuration of the the project,
+    namely:
+    -   svn repository
+    -   htdigest user file
+    -   svn_authz file
+
+## Installation
+
+As of now **Projektbauer** is not released at <http://rubygems.org>. Therefore you need 
+to install it on your server by
+
+	$ git clone https://github.com/bwl21/projektbauer.git
+
+Add this line to your application's Gemfile:
+
+    gem 'projektbauer'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install projektbauer
+
+## Usage
+
+In order to use **Projektbauer** you need to create a configuration file 
+which is in fact a ruby program.
+
+	require './lib/projektbauer.rb'
+
+	p=Project.new
+	p.project_name = "{name of the project}"
+    p.project_users = {
+      admin: ["admin.first", "admin.second"],
+      observer: ["observer.first", "observer.second"],
+      contributor: ["contributor.first", "contributor.second"]
+    }
+	p.virtual_host  = "{server internal folder name of the virtual host,}"
+	p.project_realm   = "{realm for authorization, no spaces, no colons!}"
+	p.server_root = "{path to top level project folder on the server}"
+	p.virtual_host_ip = "{url of virtual host without port}"
+	p.server_name = "{domain of the virtual host}"
+	p.server_admin = "{email adress}"
+	p.server_port_nossl = 8080
+	p.server_port_ssl = 443
+
+    # this is required for the trac configuration
+
+    p.smtp_default_domain = "foo.bar.de"              # Default dopmain for smtp
+    p.smtp_enabled = true                             # allow trac to send smtp
+    p.smtp_from = "projektbauer@foo.bar.de"           # sender adress
+    p.smtp_from_author = false                        # not supported defaults to false
+    p.smtp_from_name = "Projekt bauer at foo bar de"  # name of sender adress
+    p.smtp_user = "sample.user.smtp"                  # username for smtp
+    p.smtp_password = "sample.password.smtp"          # password for smtp
+    p.smtp_port = 25                                  # port for smtp 
+    p.smtp_replyto = "projetkbauer.trac.replyto@#{@p.server_name}" # reply-to adress
+    p.smtp_server = @p.server_name                    # smtp-server
+    p.smtp_subject_prefix = "__default__"             # prefix for subject = __default__
+
+
+	p.create_all
+
+For more details refer to the yard documentation included.
+
+Note that you can run it repeatedly. Thereby
+
+-   new users are created
+-   old users are removed
+
+you can see this in the project folder, in file `{project_realm}.htdigest.txt`
+
+## Contributing
+
+1.  Fork it
+2.  Create your feature branch (`git checkout -b my-new-feature`)
+3.  Commit your changes (`git commit -am 'Add some feature'`)
+4.  Push to the branch (`git push origin my-new-feature`)
+5.  Create new Pull Request

data/lib/projektbauer.rb

@@ -0,0 +1,466 @@
+#
+# todo:
+#
+# add comments
+# optimize file layout
+# improve auth handling
+#   store auth-files in folder of virtual server
+#   cross use auth-files
+#   update htdigest files
+#   add rake tasks
+#     * add user
+#     * specifiy observer, contributors on config file
+#     * update trac permissions accordingly
+#
+# projektbauer init
+# projektbuaer updateuser
+# projektbauer add user
+# ...
+#
+#
+require 'fileutils'
+require 'digest/md5'
+require 'erb'
+
+class Project
+  attr_accessor  :output_folder,    # output folder - currently not in use
+    :server_name,                   # server name of the virtual host <apache>
+    :server_root,                   # root folder on the server <apache>
+    :server_admin,                  # name of the server administrator <apache>
+    :document_root,                 # document root within the location <apache>
+    :project_name,                  # name of the project (please no spaces) \
+    # used for filename
+    :project_users,                 # hash of project users. Key is :admin, :observer, :contributor
+    :virtual_host,                  # domain of virtual host
+    :project_realm,                 # realm for the project authentification
+    :virtual_host_ip,               # ip of the virtual host without port
+    :server_port_nossl,             # port for the no ssl access of the virtual host (e.g. 8080)
+    :server_port_ssl,               # port of ssel access to the virtual host (e.g. 443)
+    # used to find the right trac tools
+    :trac_admin,                    # allows the name of trac-admin (used for virtualenv) 
+
+    ### smtp configuration for trac
+    :smtp_default_domain,           # Default dopmain for smtp
+    :smtp_enabled,                  # allow trac to send smtp
+    :smtp_from,                     # sender adress
+    :smtp_from_author,              # not supported defaults to false
+    :smtp_from_name,                # name of sender adress
+    :smtp_user,                     # username for smtp
+    :smtp_password,                 # password for smtp
+    :smtp_port,                     # port for smtp 
+    :smtp_replyto,                  # reply-to adress
+    :smtp_server,                   # smtp-server
+    :smtp_subject_prefix            # prefix for subject = __default__
+
+
+
+  #
+  # The class constructor
+  #
+  # @return [Project] returns the created class
+  def initialize
+
+    @server_port_nossl = nil
+    @server_port_ssl = nil
+    @server_root = "xxx"
+
+
+    @project_name        = nil  # name of project
+    @virtual_host        = nil  # set of the project
+    @project_realm       = nil  # realm for authorization
+    @project_admin_user  = nil  # admin - user
+    @server_admin        = nil  # email of server admin
+    @smtp_enabled        = false # email is not supported by default
+
+    @trac_admin          = "trac-admin"  # the command to trac-admin
+
+  end
+
+
+  #
+  # Inititalizes filenames etc. Needs to be called
+  # whenever one or more of the attributes are changed.
+  #
+  # @return [nil] no return
+  def init_filenames
+
+    #todo add checks for the attributes
+    # no spaces in project_name
+    #
+
+    @_virtual_host_home_dir               = "#{@server_root}/#{@virtual_host}"
+    @_include_virtual_hosts_httpd_conf    = "#{@server_root}/include_virtual_hosts.httpd.conf"
+    @_project_home                        = "#{@_virtual_host_home_dir}/#{@project_name}"
+    @_virtual_host_httpd_conf             = "#{@_virtual_host_home_dir}/virtual_host.httpd.conf"
+    @_virtual_host_locations_httpd_conf   = "#{@_virtual_host_home_dir}/include_locations.httpd.conf"
+    @_project_location_httpd_conf         = "#{@_project_home}/#{@project_name}.httpd.conf"
+    @_project_svn_dir                     = "#{@_project_home}/svn"
+    @_project_trac_dir                    = "#{@_project_home}/trac"
+    @_project_auth_user_file              = "#{@_project_home}/#{@project_realm}.htdigest"
+    @_project_svn_authz_file              = "#{@_project_home}/#{@project_name}.dav_svn_authz"
+    @_document_root_dir                   = "#{@_virtual_host_home_dir}/www"
+    @_index_html_file                     = "#{@_document_root_dir}/index.html"
+    @_trac_admin                          = "#{@trac_admin}"
+    @_trac_ini_file                       = "#{@_project_trac_dir}/conf/trac.ini"
+    nil
+  end
+
+
+
+  #
+  # Creates the folders in the file system.
+  # If a folder already exists, nothing happens.
+  #
+  # @return [nil] no return
+  #
+  def create_folders
+    #todo: double check if path exists
+    FileUtils.mkdir_p @_project_svn_dir
+    FileUtils.mkdir_p @_project_trac_dir
+    FileUtils.mkdir_p @_document_root_dir
+    #todo: ensure that folders are not listable
+    #todo: htaccess - file
+    nil
+  end
+
+
+
+  #
+  # This basically creates the configuration of the virtual host
+  #
+  # @return [Nil] no return
+  #
+  def save_virtual_host_httpd_conf
+    config = expand_erb("virtual_host_httpd_conf.erb")
+
+    File.open(@_virtual_host_httpd_conf,"w"){|f|
+      f.puts config
+    }
+
+    nil
+  end
+
+
+  #
+  # create the apache configuration for the <location>
+  # It corresponds to a project.
+  #
+  # @return [Nil] no return
+  def save_project_location_httpd_conf
+    config = expand_erb("project_location_httpd_conf.erb")
+
+    File.open(@_project_location_httpd_conf,"w"){|f|
+      f.puts config
+    }
+
+    nil
+  end
+
+
+  #
+  # creates the Authorization file for svn.
+  # Thereby it creates an observer and a contributor group.
+  # the {Project.project_admin_user} is entered as contributor
+  #
+  # @return [Nil] no return
+  def create_svn_authz_file
+    config =expand_erb("svn_authz_file.erb")
+
+    File.open(@_project_svn_authz_file, "w") {|f|
+      f.puts config
+    }
+    nil
+  end
+
+
+  #
+  # Creates a minimalistic index.html in the virtual host.
+  # In particular this avoids that the files can be listed.
+  #
+  # @return [Nil] no return
+  #
+  def create_index_html
+    config = expand_erb("index_html.erb")
+    File.open(@_index_html_file, "w") {|f|
+      f.puts config
+    }
+  end
+
+
+  #
+  # Updates the include file with the locations.
+  # This file is subsequently included in the virtual hosts.
+  #
+  # Duplicate entries are removed.
+  #
+  # @return [Nil] no return
+  def update_virtual_host_locations_httpd_conf
+    _maintain_include_file(@_virtual_host_locations_httpd_conf,
+                           @_project_location_httpd_conf
+                           )
+  end
+
+
+  #
+  # Updates the include file with the virtual hosts.
+  # This file needs to be added manually to `/etc/apache2/apache2.conf`
+  #
+  # @return [Nil] no return
+  def update_include_virtual_hosts_httpd_conf
+    _maintain_include_file(@_include_virtual_hosts_httpd_conf,
+                           @_project_location_httpd_conf
+                           )
+    nil
+  end
+
+
+
+  #
+  # This creates the trac environment
+  #
+  # @return [type] [description]
+  def create_trac
+    quoted_project_trac_dir = "\"#{@_project_trac_dir}\""
+
+    unless File.exists?("#{@_project_trac_dir}/conf")
+      FileUtils.mkdir_p(@_project_trac_dir)
+      _trac_admin "#{quoted_project_trac_dir} initenv \"#{@project_name}\" sqlite:\"#{@_project_trac_dir}/db/trac.db\""
+      FileUtils.rm(@_trac_ini_file)  # remove this such that it gets regenerated
+    end
+
+    _update_trac_ini
+
+    # create group for project.admins
+    _trac_admin "#{quoted_project_trac_dir} permission add project.admins TRAC_ADMIN TICKET_ADMIN WIKI_ADMIN"
+
+
+    @project_users[:admin].each{|u|
+      _trac_admin "#{quoted_project_trac_dir} permission add #{u} project.admins"
+    }
+    _trac_admin "#{quoted_project_trac_dir} permission add project.contributors TRAC_ADMIN TICKET_ADMIN WIKI_ADMIN"
+    anonymous_revoke="BROWSER_VIEW CHANGESET_VIEW FILE_VIEW LOG_VIEW MILESTONE_VIEW REPORT_SQL_VIEW"
+    anonymous_revoke <<" REPORT_VIEW ROADMAP_VIEW SEARCH_VIEW TICKET_VIEW TIMELINE_VIEW WIKI_VIEW"
+
+    _trac_admin "#{quoted_project_trac_dir} permission remove anonymous #{anonymous_revoke}"
+    _trac_admin "#{quoted_project_trac_dir} permission add authenticated #{anonymous_revoke}"
+
+    # crate include-file for webserver
+    #
+    _trac_admin "#{quoted_project_trac_dir} deploy #{quoted_project_trac_dir}"
+
+    cmd = "chmod +x #{@_project_trac_dir}/cgi-bin/*"
+    `#{cmd}`
+    # link to the svn repository
+    # 
+    _trac_admin "#{quoted_project_trac_dir} repository add \"(default)\" \"#{@_project_svn_dir}\" svn"
+
+    _create_post_commit
+  end
+
+
+  #
+  # This creates the svn repository if it does not yet exist.
+  # Note that this is tested by investigating the format
+  # folder in the svn repository.
+  #
+  # todo: improve the detection
+  #
+  # @return [type] [description]
+  def create_svn
+    unless File.exists?(@_project_svn_dir + "/format")
+      cmd = "svnadmin create \"#{@_project_svn_dir}\""
+      puts cmd
+      `#{cmd}`
+      initialfolders= ["tags", "branches", "trunk"]
+      cmd = ["svn mkdir",
+             initialfolders.map{|d| "file://\"#{@_project_svn_dir}\"/#{d}"},
+             "-m \"Repository created by Projektbauer\""].flatten.join(" ")
+      puts cmd
+      `#{cmd}`
+    end
+  end
+
+  #
+  # This creates the htdigest file
+  #
+  # @return [Nil] no return
+  def create_htpasswd
+
+    allusers = @project_users.map{|k,v| v}.flatten
+    pwdhashes = {}
+    passwords = {}
+    allusers.each{|user|
+      password = (0...10).map{ ('a'..'z').to_a[rand(26)] }.join
+      pwdhashes[user] = _create_passwdentry(@project_realm, user, password)
+      passwords[user] = password
+    }
+
+    if File.exists?(@_project_auth_user_file) then
+      oldcontents = File.open(@_project_auth_user_file).readlines
+      oldcontents = oldcontents.map{|i| i.strip }.sort.uniq
+
+      oldentries={}
+      oldcontents.each{|entry|
+
+        record = entry.split(":")
+        if pwdhashes.has_key?(record.first) then
+          pwdhashes[record.first] = entry
+          passwords[record.first] = "<password unchanged>"
+        else
+          passwords[record.first] = "<user deleted>"
+        end
+      }
+    else
+      oldcontents=[]
+    end
+
+    newcontents=pwdhashes.map{|k,v| v }.sort.uniq
+    unless oldcontents==newcontents
+      File.open(@_project_auth_user_file, "w"){|f|
+        f.puts(newcontents.join("\n"))
+      }
+    end
+
+    File.open(@_project_auth_user_file+".txt", "a"){|f|
+      f.puts "generated passwords for #{@project_realm}"
+      f.puts ""
+      f.puts(passwords.map{|k,v| "#{k} => #{v}"}.sort.join("\n"))
+    }
+
+  end
+
+
+
+  #
+  # calling this method after setting all attributes
+  # does the entire generation job
+  #
+  # @return [Nil] no return
+  def create_all
+    init_filenames
+    create_folders
+
+    create_index_html
+
+    save_virtual_host_httpd_conf
+    save_project_location_httpd_conf
+    update_virtual_host_locations_httpd_conf
+    update_include_virtual_hosts_httpd_conf
+
+    create_htpasswd
+    create_svn_authz_file
+    create_svn
+
+    create_trac
+  end
+
+
+  private
+
+
+  #
+  # This expands the embedded ruby templated
+  # @param  file [String] Path to the erb template
+  #
+  # @return [String] Expanded Templated
+  def expand_erb(file)
+    template=ERB.new File.new(File.dirname(__FILE__)+ "/projektbauer/erb/" + file).readlines.join
+    template.result(binding)
+  end
+
+
+  #
+  # This maintains an include file as follows:
+  #
+  # - the file is read
+  # - the new entry is appended
+  # - the result is sorted an duplicates are removed
+  # - the file is saved if it is different than before
+  #
+  # @param  include_file [String] Name if the include file to be maintained
+  # @param  entry [String] The new entry which shall be included
+  #
+  # @return [Nil] no return
+  #
+  def _maintain_include_file(include_file, entry)
+    if File.exists?(include_file) then
+      old = File.open(include_file).readlines.map{|i| i.strip}
+      new=old.clone
+    else
+      new=[]
+    end
+
+    new << "Include #{entry}"
+
+    new=new.sort.uniq
+
+    unless old == new then
+      File.open(include_file, "w") {|f|
+        f.puts new.join("\n")
+      }
+    end
+    nil
+  end
+
+
+ 
+  # 
+  # This creates the post commit hook file
+  # 
+  # @param  file [type] [description]
+  # 
+  # @return [type] [description]
+  def _create_post_commit()
+    post_commit_file="#{@_project_svn_dir}/hooks/post-commit"
+    trac_ini = expand_erb("post-commit.erb")
+      File.open(post_commit_file, "w") {|f|
+        f.puts trac_ini
+      }
+    cmd="chmod +x \"#{post_commit_file}\""
+    #{cmd}`
+  end
+
+
+  #
+  # This updates (actually rewrites) trac.ini
+  #
+  # @return [Nil]
+  def _update_trac_ini()
+    trac_ini = expand_erb("trac.ini.erb")
+    unless File.exists?(@_trac_ini_file)
+      File.open(@_trac_ini_file, "w") {|f|
+        f.puts trac_ini
+      }
+    end
+  end
+
+
+
+  #
+  # Creates on e particular password entry
+  #
+  # @param  realm [String] Realm for the password
+  # @param  user [String] username
+  # @param  password [String] password
+  #
+  # @return [type] [description]
+  def _create_passwdentry(realm, user, password)
+    pwdhash=Digest::MD5.hexdigest("#{user}:#{realm}:#{password}")
+    result="#{user}:#{realm}:#{pwdhash}"
+    result
+  end
+
+
+  #
+  # This performs tracadmin commands
+  # @param  cmd [STring] the arguments to trac-admin
+  #
+  # @return [String] [description]
+  def _trac_admin(command)
+
+    cmd= "#{@trac_admin} #{command}"
+    puts cmd
+    `#{cmd}`
+  end
+
+end