pvcglue 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/.gitignore +17 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +91 -0
- data/Rakefile +1 -0
- data/bin/pvc +13 -0
- data/lib/pvcglue.rb +43 -0
- data/lib/pvcglue/all_the_things.rb +7 -0
- data/lib/pvcglue/bootstrap.rb +8 -0
- data/lib/pvcglue/capistrano.rb +35 -0
- data/lib/pvcglue/cli.rb +150 -0
- data/lib/pvcglue/cloud.rb +278 -0
- data/lib/pvcglue/configuration.rb +157 -0
- data/lib/pvcglue/db.rb +145 -0
- data/lib/pvcglue/deploy.rb +4 -0
- data/lib/pvcglue/env.rb +141 -0
- data/lib/pvcglue/manager.rb +137 -0
- data/lib/pvcglue/nodes.rb +29 -0
- data/lib/pvcglue/packages.rb +47 -0
- data/lib/pvcglue/packages/bootstrap.rb +92 -0
- data/lib/pvcglue/packages/env.rb +80 -0
- data/lib/pvcglue/packages/firewall.rb +48 -0
- data/lib/pvcglue/packages/manager.rb +102 -0
- data/lib/pvcglue/packages/nginx.rb +10 -0
- data/lib/pvcglue/packages/nodejs.rb +17 -0
- data/lib/pvcglue/packages/passenger.rb +28 -0
- data/lib/pvcglue/packages/postgresql.rb +10 -0
- data/lib/pvcglue/packages/role_db.rb +47 -0
- data/lib/pvcglue/packages/role_lb.rb +64 -0
- data/lib/pvcglue/packages/role_memcached.rb +14 -0
- data/lib/pvcglue/packages/role_web.rb +60 -0
- data/lib/pvcglue/packages/rvm.rb +75 -0
- data/lib/pvcglue/packages/timezone.rb +17 -0
- data/lib/pvcglue/packages/ubuntu.rb +100 -0
- data/lib/pvcglue/railtie.rb +11 -0
- data/lib/pvcglue/ssl.rb +37 -0
- data/lib/pvcglue/templates/20auto-upgrades.erb +2 -0
- data/lib/pvcglue/templates/authorized_keys.erb +3 -0
- data/lib/pvcglue/templates/capfile.erb +20 -0
- data/lib/pvcglue/templates/database.yml.erb +57 -0
- data/lib/pvcglue/templates/denial_of_service.erb +3 -0
- data/lib/pvcglue/templates/deploy.rb.erb +81 -0
- data/lib/pvcglue/templates/gemrc.erb +1 -0
- data/lib/pvcglue/templates/hosts.erb +9 -0
- data/lib/pvcglue/templates/lb.nginx.conf.erb +88 -0
- data/lib/pvcglue/templates/lb.sites-enabled.erb +74 -0
- data/lib/pvcglue/templates/maintenance_mode.erb +46 -0
- data/lib/pvcglue/templates/memcached.conf.erb +55 -0
- data/lib/pvcglue/templates/passenger.list.erb +2 -0
- data/lib/pvcglue/templates/pg_hba.conf.erb +101 -0
- data/lib/pvcglue/templates/postgresql.conf.erb +557 -0
- data/lib/pvcglue/templates/sshd_config.erb +91 -0
- data/lib/pvcglue/templates/stage-deploy.rb.erb +33 -0
- data/lib/pvcglue/templates/timezone.erb +1 -0
- data/lib/pvcglue/templates/ufw.rules.erb +42 -0
- data/lib/pvcglue/templates/ufw.rules6.erb +25 -0
- data/lib/pvcglue/templates/web.bashrc.erb +120 -0
- data/lib/pvcglue/templates/web.env.erb +3 -0
- data/lib/pvcglue/templates/web.nginx.conf.erb +82 -0
- data/lib/pvcglue/templates/web.sites-enabled.erb +8 -0
- data/lib/pvcglue/toml_pvc_dumper.rb +53 -0
- data/lib/pvcglue/version.rb +3 -0
- data/pvcglue.gemspec +33 -0
- metadata +296 -0
@@ -0,0 +1,91 @@
|
|
1
|
+
# Package generated configuration file
|
2
|
+
# See the sshd_config(5) manpage for details
|
3
|
+
|
4
|
+
# What ports, IPs and protocols we listen for
|
5
|
+
Port 22
|
6
|
+
<% Pvcglue.cloud.ssh_ports.each do |port| %>
|
7
|
+
<%= "Port #{port}\n" %>
|
8
|
+
<% end %>
|
9
|
+
|
10
|
+
# Use these options to restrict which interfaces/protocols sshd will bind to
|
11
|
+
#ListenAddress ::
|
12
|
+
#ListenAddress 0.0.0.0
|
13
|
+
Protocol 2
|
14
|
+
# HostKeys for protocol version 2
|
15
|
+
HostKey /etc/ssh/ssh_host_rsa_key
|
16
|
+
HostKey /etc/ssh/ssh_host_dsa_key
|
17
|
+
HostKey /etc/ssh/ssh_host_ecdsa_key
|
18
|
+
#Privilege Separation is turned on for security
|
19
|
+
UsePrivilegeSeparation yes
|
20
|
+
|
21
|
+
# Lifetime and size of ephemeral version 1 server key
|
22
|
+
KeyRegenerationInterval 3600
|
23
|
+
ServerKeyBits 768
|
24
|
+
|
25
|
+
# Logging
|
26
|
+
SyslogFacility AUTH
|
27
|
+
LogLevel INFO
|
28
|
+
|
29
|
+
# Authentication:
|
30
|
+
LoginGraceTime 120
|
31
|
+
PermitRootLogin yes
|
32
|
+
StrictModes yes
|
33
|
+
|
34
|
+
RSAAuthentication yes
|
35
|
+
PubkeyAuthentication yes
|
36
|
+
#AuthorizedKeysFile %h/.ssh/authorized_keys
|
37
|
+
|
38
|
+
# Don't read the user's ~/.rhosts and ~/.shosts files
|
39
|
+
IgnoreRhosts yes
|
40
|
+
# For this to work you will also need host keys in /etc/ssh_known_hosts
|
41
|
+
RhostsRSAAuthentication no
|
42
|
+
# similar for protocol version 2
|
43
|
+
HostbasedAuthentication no
|
44
|
+
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
|
45
|
+
#IgnoreUserKnownHosts yes
|
46
|
+
|
47
|
+
# To enable empty passwords, change to yes (NOT RECOMMENDED)
|
48
|
+
PermitEmptyPasswords no
|
49
|
+
|
50
|
+
# Change to yes to enable challenge-response passwords (beware issues with
|
51
|
+
# some PAM modules and threads)
|
52
|
+
ChallengeResponseAuthentication no
|
53
|
+
|
54
|
+
# Change to no to disable tunnelled clear text passwords
|
55
|
+
#PasswordAuthentication yes
|
56
|
+
|
57
|
+
# Kerberos options
|
58
|
+
#KerberosAuthentication no
|
59
|
+
#KerberosGetAFSToken no
|
60
|
+
#KerberosOrLocalPasswd yes
|
61
|
+
#KerberosTicketCleanup yes
|
62
|
+
|
63
|
+
# GSSAPI options
|
64
|
+
#GSSAPIAuthentication no
|
65
|
+
#GSSAPICleanupCredentials yes
|
66
|
+
|
67
|
+
X11Forwarding yes
|
68
|
+
X11DisplayOffset 10
|
69
|
+
PrintMotd no
|
70
|
+
PrintLastLog yes
|
71
|
+
TCPKeepAlive yes
|
72
|
+
#UseLogin no
|
73
|
+
|
74
|
+
#MaxStartups 10:30:60
|
75
|
+
#Banner /etc/issue.net
|
76
|
+
|
77
|
+
# Allow client to pass locale environment variables
|
78
|
+
AcceptEnv LANG LC_*
|
79
|
+
|
80
|
+
Subsystem sftp /usr/lib/openssh/sftp-server
|
81
|
+
|
82
|
+
# Set this to 'yes' to enable PAM authentication, account processing,
|
83
|
+
# and session processing. If this is enabled, PAM authentication will
|
84
|
+
# be allowed through the ChallengeResponseAuthentication and
|
85
|
+
# PasswordAuthentication. Depending on your PAM configuration,
|
86
|
+
# PAM authentication via ChallengeResponseAuthentication may bypass
|
87
|
+
# the setting of "PermitRootLogin without-password".
|
88
|
+
# If you just want the PAM account and session checks to run without
|
89
|
+
# PAM authentication, then enable this but set PasswordAuthentication
|
90
|
+
# and ChallengeResponseAuthentication to 'no'.
|
91
|
+
UsePAM yes
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# This is a generated file. Do not modify...or else! :)
|
2
|
+
|
3
|
+
set :stage, :<%= Pvcglue.cloud.stage_name %>
|
4
|
+
set :rails_env, :<%= Pvcglue.cloud.stage_name %> # workaround for RAILS_ENV= being blank in delayed job tasks
|
5
|
+
set :deploy_to, '<%= Pvcglue.cloud.deploy_to_app_dir %>'
|
6
|
+
set :linked_files, ['.env.<%= Pvcglue.cloud.stage_name %>']
|
7
|
+
set :rvm_ruby_version, '<%= Pvcglue.configuration.ruby_version %>'
|
8
|
+
<% if Pvcglue.cloud.delayed_job_args %>
|
9
|
+
set :delayed_job_args, "<%= Pvcglue.cloud.delayed_job_args %>"
|
10
|
+
<% end %>
|
11
|
+
set :ssh_options, {port: <%= Pvcglue.cloud.port_in_context(:deploy) %>}
|
12
|
+
|
13
|
+
<% Pvcglue.cloud.nodes_in_stage('web').each do |node, node_config| %>
|
14
|
+
server '<%= node_config[:public_ip] %>', roles: %w{web app db}, user: 'deploy' # server: <%= node.to_s %>
|
15
|
+
<% end %>
|
16
|
+
|
17
|
+
<% if Pvcglue.cloud.db_rebuild %>
|
18
|
+
namespace :deploy do
|
19
|
+
|
20
|
+
desc 'Runs rake db:migrate if migrations are set'
|
21
|
+
task :migrate => [:set_rails_env] do
|
22
|
+
on primary fetch(:migration_role) do
|
23
|
+
within release_path do
|
24
|
+
with rails_env: fetch(:rails_env) do
|
25
|
+
execute :rake, "db:reload"
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
after 'deploy:updated', 'deploy:migrate'
|
32
|
+
end
|
33
|
+
<% end %>
|
@@ -0,0 +1 @@
|
|
1
|
+
<%= "#{Pvcglue.cloud.timezone}\n" %>
|
@@ -0,0 +1,42 @@
|
|
1
|
+
*filter
|
2
|
+
:ufw-user-input - [0:0]
|
3
|
+
:ufw-user-output - [0:0]
|
4
|
+
:ufw-user-forward - [0:0]
|
5
|
+
:ufw-before-logging-input - [0:0]
|
6
|
+
:ufw-before-logging-output - [0:0]
|
7
|
+
:ufw-before-logging-forward - [0:0]
|
8
|
+
:ufw-user-logging-input - [0:0]
|
9
|
+
:ufw-user-logging-output - [0:0]
|
10
|
+
:ufw-user-logging-forward - [0:0]
|
11
|
+
:ufw-after-logging-input - [0:0]
|
12
|
+
:ufw-after-logging-output - [0:0]
|
13
|
+
:ufw-after-logging-forward - [0:0]
|
14
|
+
:ufw-logging-deny - [0:0]
|
15
|
+
:ufw-logging-allow - [0:0]
|
16
|
+
:ufw-user-limit - [0:0]
|
17
|
+
:ufw-user-limit-accept - [0:0]
|
18
|
+
### RULES ###
|
19
|
+
|
20
|
+
<% Pvcglue.cloud.firewall_allow_incoming_on_port.each do |port| %>
|
21
|
+
<%= "### tuple ### allow tcp #{port} 0.0.0.0/0 any 0.0.0.0/0 in\n" %>
|
22
|
+
<%= "-A ufw-user-input -p tcp --dport #{port} -j ACCEPT\n" %>
|
23
|
+
|
24
|
+
<% end %>
|
25
|
+
<% Pvcglue.cloud.firewall_allow_incoming_from_ip.each do |ip| %>
|
26
|
+
<%= "### tuple ### allow any any 0.0.0.0/0 any #{ip} in\n" %>
|
27
|
+
<%= "-A ufw-user-input -s #{ip} -j ACCEPT\n" %>
|
28
|
+
|
29
|
+
<% end %>
|
30
|
+
### END RULES ###
|
31
|
+
|
32
|
+
### LOGGING ###
|
33
|
+
-I ufw-user-logging-input -j RETURN
|
34
|
+
-I ufw-user-logging-output -j RETURN
|
35
|
+
-I ufw-user-logging-forward -j RETURN
|
36
|
+
### END LOGGING ###
|
37
|
+
|
38
|
+
### RATE LIMITING ###
|
39
|
+
-A ufw-user-limit -j REJECT
|
40
|
+
-A ufw-user-limit-accept -j ACCEPT
|
41
|
+
### END RATE LIMITING ###
|
42
|
+
COMMIT
|
@@ -0,0 +1,25 @@
|
|
1
|
+
*filter
|
2
|
+
:ufw6-user-input - [0:0]
|
3
|
+
:ufw6-user-output - [0:0]
|
4
|
+
:ufw6-user-forward - [0:0]
|
5
|
+
:ufw6-before-logging-input - [0:0]
|
6
|
+
:ufw6-before-logging-output - [0:0]
|
7
|
+
:ufw6-before-logging-forward - [0:0]
|
8
|
+
:ufw6-user-logging-input - [0:0]
|
9
|
+
:ufw6-user-logging-output - [0:0]
|
10
|
+
:ufw6-user-logging-forward - [0:0]
|
11
|
+
:ufw6-after-logging-input - [0:0]
|
12
|
+
:ufw6-after-logging-output - [0:0]
|
13
|
+
:ufw6-after-logging-forward - [0:0]
|
14
|
+
:ufw6-logging-deny - [0:0]
|
15
|
+
:ufw6-logging-allow - [0:0]
|
16
|
+
### RULES ###
|
17
|
+
|
18
|
+
### END RULES ###
|
19
|
+
|
20
|
+
### LOGGING ###
|
21
|
+
-I ufw6-user-logging-input -j RETURN
|
22
|
+
-I ufw6-user-logging-output -j RETURN
|
23
|
+
-I ufw6-user-logging-forward -j RETURN
|
24
|
+
### END LOGGING ###
|
25
|
+
COMMIT
|
@@ -0,0 +1,120 @@
|
|
1
|
+
# We need this for our non-interactive shells, too.
|
2
|
+
if [ -z "$PS1" ]; then
|
3
|
+
# Yes, this needs to be here, and below, too. :)
|
4
|
+
PATH=$PATH:$HOME/.rvm/bin # Add RVM to PATH for scripting
|
5
|
+
[[ -s "$HOME/.rvm/scripts/rvm" ]] && source "$HOME/.rvm/scripts/rvm" # Load RVM into a shell session *as a function*
|
6
|
+
fi
|
7
|
+
|
8
|
+
# ~/.bashrc: executed by bash(1) for non-login shells.
|
9
|
+
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
|
10
|
+
# for examples
|
11
|
+
|
12
|
+
# If not running interactively, don't do anything
|
13
|
+
[ -z "$PS1" ] && return
|
14
|
+
|
15
|
+
# don't put duplicate lines or lines starting with space in the history.
|
16
|
+
# See bash(1) for more options
|
17
|
+
HISTCONTROL=ignoreboth
|
18
|
+
|
19
|
+
# append to the history file, don't overwrite it
|
20
|
+
shopt -s histappend
|
21
|
+
|
22
|
+
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
|
23
|
+
HISTSIZE=1000
|
24
|
+
HISTFILESIZE=2000
|
25
|
+
|
26
|
+
# check the window size after each command and, if necessary,
|
27
|
+
# update the values of LINES and COLUMNS.
|
28
|
+
shopt -s checkwinsize
|
29
|
+
|
30
|
+
# If set, the pattern "**" used in a pathname expansion context will
|
31
|
+
# match all files and zero or more directories and subdirectories.
|
32
|
+
#shopt -s globstar
|
33
|
+
|
34
|
+
# make less more friendly for non-text input files, see lesspipe(1)
|
35
|
+
[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
|
36
|
+
|
37
|
+
# set variable identifying the chroot you work in (used in the prompt below)
|
38
|
+
if [ -z "$debian_chroot" ] && [ -r /etc/debian_chroot ]; then
|
39
|
+
debian_chroot=$(cat /etc/debian_chroot)
|
40
|
+
fi
|
41
|
+
|
42
|
+
# set a fancy prompt (non-color, unless we know we "want" color)
|
43
|
+
case "$TERM" in
|
44
|
+
xterm-color) color_prompt=yes;;
|
45
|
+
esac
|
46
|
+
|
47
|
+
# uncomment for a colored prompt, if the terminal has the capability; turned
|
48
|
+
# off by default to not distract the user: the focus in a terminal window
|
49
|
+
# should be on the output of commands, not on the prompt
|
50
|
+
#force_color_prompt=yes
|
51
|
+
|
52
|
+
if [ -n "$force_color_prompt" ]; then
|
53
|
+
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
|
54
|
+
# We have color support; assume it's compliant with Ecma-48
|
55
|
+
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
|
56
|
+
# a case would tend to support setf rather than setaf.)
|
57
|
+
color_prompt=yes
|
58
|
+
else
|
59
|
+
color_prompt=
|
60
|
+
fi
|
61
|
+
fi
|
62
|
+
|
63
|
+
if [ "$color_prompt" = yes ]; then
|
64
|
+
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
|
65
|
+
else
|
66
|
+
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
|
67
|
+
fi
|
68
|
+
unset color_prompt force_color_prompt
|
69
|
+
|
70
|
+
# If this is an xterm set the title to user@host:dir
|
71
|
+
case "$TERM" in
|
72
|
+
xterm*|rxvt*)
|
73
|
+
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
|
74
|
+
;;
|
75
|
+
*)
|
76
|
+
;;
|
77
|
+
esac
|
78
|
+
|
79
|
+
# enable color support of ls and also add handy aliases
|
80
|
+
if [ -x /usr/bin/dircolors ]; then
|
81
|
+
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
|
82
|
+
alias ls='ls --color=auto'
|
83
|
+
#alias dir='dir --color=auto'
|
84
|
+
#alias vdir='vdir --color=auto'
|
85
|
+
|
86
|
+
alias grep='grep --color=auto'
|
87
|
+
alias fgrep='fgrep --color=auto'
|
88
|
+
alias egrep='egrep --color=auto'
|
89
|
+
fi
|
90
|
+
|
91
|
+
# some more ls aliases
|
92
|
+
alias ll='ls -alF'
|
93
|
+
alias la='ls -A'
|
94
|
+
alias l='ls -CF'
|
95
|
+
|
96
|
+
# Add an "alert" alias for long running commands. Use like so:
|
97
|
+
# sleep 10; alert
|
98
|
+
alias alert='notify-send --urgency=low -i "$([ $? = 0 ] && echo terminal || echo error)" "$(history|tail -n1|sed -e '\''s/^\s*[0-9]\+\s*//;s/[;&|]\s*alert$//'\'')"'
|
99
|
+
|
100
|
+
# Alias definitions.
|
101
|
+
# You may want to put all your additions into a separate file like
|
102
|
+
# ~/.bash_aliases, instead of adding them here directly.
|
103
|
+
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
|
104
|
+
|
105
|
+
if [ -f ~/.bash_aliases ]; then
|
106
|
+
. ~/.bash_aliases
|
107
|
+
fi
|
108
|
+
|
109
|
+
# enable programmable completion features (you don't need to enable
|
110
|
+
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
|
111
|
+
# sources /etc/bash.bashrc).
|
112
|
+
if [ -f /etc/bash_completion ] && ! shopt -oq posix; then
|
113
|
+
. /etc/bash_completion
|
114
|
+
fi
|
115
|
+
|
116
|
+
# Best practice dictates that this should be moved to .bash_profile
|
117
|
+
# http://askubuntu.com/questions/121073/why-bash-profile-is-not-getting-sourced-when-opening-a-terminal
|
118
|
+
# but this works ok for now, it just has to be in two places. It should be done at the end of this file.
|
119
|
+
PATH=$PATH:$HOME/.rvm/bin # Add RVM to PATH for scripting
|
120
|
+
[[ -s "$HOME/.rvm/scripts/rvm" ]] && source "$HOME/.rvm/scripts/rvm" # Load RVM into a shell session *as a function*
|
@@ -0,0 +1,82 @@
|
|
1
|
+
user www-data;
|
2
|
+
|
3
|
+
# TODO: Should be set to the same as `grep processor /proc/cpuinfo | wc -l`
|
4
|
+
worker_processes 2;
|
5
|
+
|
6
|
+
pid /var/run/nginx.pid;
|
7
|
+
|
8
|
+
events {
|
9
|
+
worker_connections 768;
|
10
|
+
# multi_accept on;
|
11
|
+
}
|
12
|
+
|
13
|
+
http {
|
14
|
+
|
15
|
+
##
|
16
|
+
# Basic Settings
|
17
|
+
##
|
18
|
+
|
19
|
+
sendfile on;
|
20
|
+
tcp_nopush on;
|
21
|
+
tcp_nodelay on;
|
22
|
+
keepalive_timeout 65;
|
23
|
+
types_hash_max_size 2048;
|
24
|
+
# server_tokens off;
|
25
|
+
|
26
|
+
server_names_hash_bucket_size 64;
|
27
|
+
# server_name_in_redirect off;
|
28
|
+
|
29
|
+
include /etc/nginx/mime.types;
|
30
|
+
default_type application/octet-stream;
|
31
|
+
|
32
|
+
##
|
33
|
+
# Logging Settings
|
34
|
+
##
|
35
|
+
|
36
|
+
access_log /var/log/nginx/access.log;
|
37
|
+
error_log /var/log/nginx/error.log;
|
38
|
+
|
39
|
+
##
|
40
|
+
# Gzip Settings
|
41
|
+
##
|
42
|
+
|
43
|
+
gzip on;
|
44
|
+
gzip_disable "msie6";
|
45
|
+
|
46
|
+
# gzip_vary on;
|
47
|
+
# gzip_proxied any;
|
48
|
+
# gzip_comp_level 6;
|
49
|
+
# gzip_buffers 16 8k;
|
50
|
+
# gzip_http_version 1.1;
|
51
|
+
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
|
52
|
+
|
53
|
+
##
|
54
|
+
# nginx-naxsi config
|
55
|
+
##
|
56
|
+
# Uncomment it if you installed nginx-naxsi
|
57
|
+
##
|
58
|
+
|
59
|
+
# include /etc/nginx/naxsi_core.rules;
|
60
|
+
|
61
|
+
##
|
62
|
+
# Phusion Passenger config
|
63
|
+
##
|
64
|
+
# Uncomment it if you installed passenger or passenger-enterprise
|
65
|
+
##
|
66
|
+
|
67
|
+
passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
|
68
|
+
|
69
|
+
##
|
70
|
+
# Virtual Host Configs
|
71
|
+
##
|
72
|
+
|
73
|
+
# disable the default server
|
74
|
+
server {
|
75
|
+
listen 80;
|
76
|
+
server_name _;
|
77
|
+
return 444;
|
78
|
+
}
|
79
|
+
|
80
|
+
include /etc/nginx/conf.d/*.conf;
|
81
|
+
include /etc/nginx/sites-enabled/*;
|
82
|
+
}
|
@@ -0,0 +1,53 @@
|
|
1
|
+
# Based on https://github.com/emancu/toml-rb/blob/master/lib/toml/dumper.rb
|
2
|
+
module TOML
|
3
|
+
class PvcDumper
|
4
|
+
attr_reader :toml_str
|
5
|
+
|
6
|
+
def initialize(hash)
|
7
|
+
@toml_str = ''
|
8
|
+
|
9
|
+
visit(hash, '')
|
10
|
+
end
|
11
|
+
|
12
|
+
private
|
13
|
+
|
14
|
+
def visit(hash, prefix, level = 0)
|
15
|
+
nested_pairs = []
|
16
|
+
simple_pairs = []
|
17
|
+
indent_prefix = ' '*[level-1,0].max*2
|
18
|
+
indent_values = ' '*([level-1, 0].max*2+2)
|
19
|
+
|
20
|
+
if level == 1
|
21
|
+
@toml_str += "\n" unless @toml_str.empty?
|
22
|
+
@toml_str += "################################################################################\n"
|
23
|
+
@toml_str += "# === #{prefix} ===\n"
|
24
|
+
@toml_str += "################################################################################\n"
|
25
|
+
end
|
26
|
+
|
27
|
+
hash.keys.sort.each do |key|
|
28
|
+
val = hash[key]
|
29
|
+
(val.is_a?(Hash) ? nested_pairs : simple_pairs) << [key, val]
|
30
|
+
end
|
31
|
+
|
32
|
+
@toml_str += "\n#{indent_prefix}[#{prefix}]\n" unless prefix.empty? || simple_pairs.empty?
|
33
|
+
|
34
|
+
# First add simple pairs, under the prefix
|
35
|
+
simple_pairs.each do |key, val|
|
36
|
+
@toml_str << "#{indent_values}#{key.to_s} = #{to_toml(val)}\n"
|
37
|
+
end
|
38
|
+
|
39
|
+
nested_pairs.each do |key, val|
|
40
|
+
visit(val, prefix.empty? ? key.to_s : [prefix, key].join('.'), level+1)
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
def to_toml(obj)
|
45
|
+
case
|
46
|
+
when obj.is_a?(Time)
|
47
|
+
obj.strftime('%Y-%m-%dT%H:%M:%SZ')
|
48
|
+
else
|
49
|
+
obj.inspect
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|