rubber 2.0.8 → 2.1.0

data/.travis.yml

@@ -3,9 +3,13 @@ rvm:
   - 1.8.7
   - 1.9.2
   - 1.9.3
-#  - jruby-18mode
-#  - jruby-19mode
-#  - jruby-head
+  - jruby-18mode
+  - jruby-19mode
+  - jruby-head
 #  - rbx-18mode
 #  - rbx-19mode
 # script: bundle exec rspec spec
+env:
+  - JAVA_OPTS="-server -Djruby.cext.enabled=false -Djruby.compile.invokedynamic=false"
+jdk:
+  - oraclejdk7

data/CHANGELOG

@@ -1,3 +1,31 @@
+2.1.0 (08/20/2012)
+------------------
+
+New Features:
+============
+
+[unicorn] Added unicorn, complete_unicorn template, thanks messick!
+
+Improvements:
+============
+
+[redis] Bumped the redis version from 2.4.12 to 2.4.16. <ab6923e>
+[zookeeper] bumped up zookeeper to 3.3.6 <409dbac>
+[nginx, passenger_nginx, resque] Add nginx web_tools proxies with same strategy as apache, thanks messick!
+[core] updated fog ~> 1.5
+
+Bug Fixes:
+=========
+
+[base] allow port specific source_group rules in security_groups, allow source_groups to refer to groups in other projects <b6dba33>
+[postgresql] Added sudo flag to change $HOME when running Postgresql commands, thanks infamouse <b3ff1ff>
+[core] Handle finding a host for an empty domain, fixes #199 <6ba2181>
+[core] with stopping exec queue, mdadm will not be able to create RAID array, thanks messick! <5662653>
+[core] more friendly split for arguments, fixes #196 <5af6777>
+[core] We need to close a file before we can unlink it in JRuby >= 1.7. <beb7bf0>
+[core] call fatal, not fail method - fixes #204 <56fb7dd>
+
+
 2.0.8 (08/01/2012)
 ------------------
 

data/README.md

@@ -2,6 +2,6 @@ The rubber plugin enables relatively complex multi-instance deployments of
 RubyOnRails applications to Amazon's Elastic Compute Cloud (EC2).
 
 See the documentation in the github wiki for more details:
-http://github.com/wr0ngway/rubber/wikis
+http://github.com/wr0ngway/rubber/wiki
 
 [![Build Status](https://secure.travis-ci.org/wr0ngway/rubber.png)](http://travis-ci.org/wr0ngway/rubber)

data/lib/rubber/cloud/fog.rb

@@ -172,7 +172,12 @@ module Rubber
       def add_security_group_rule(group_name, protocol, from_port, to_port, source)
         group = @compute_provider.security_groups.get(group_name)
         if source.instance_of? Hash
-          group.authorize_group_and_owner(source[:name], source[:account])
+          if protocol
+            groupstr = "#{source[:account]}:#{source[:name]}"
+            group.authorize_port_range(from_port.to_i..to_port.to_i, :ip_protocol => protocol, :group => groupstr)
+          else
+            group.authorize_group_and_owner(source[:name], source[:account])
+          end
         else
           group.authorize_port_range(from_port.to_i..to_port.to_i, :ip_protocol => protocol, :cidr_ip => source)
         end
@@ -181,7 +186,12 @@ module Rubber
       def remove_security_group_rule(group_name, protocol, from_port, to_port, source)
         group = @compute_provider.security_groups.get(group_name)
         if source.instance_of? Hash
-          group.revoke_group_and_owner(source[:name], source[:account])
+          if protocol
+            groupstr = "#{source[:account]}:#{source[:name]}"
+            group.revoke_port_range(from_port.to_i..to_port.to_i, :ip_protocol => protocol, :group => groupstr)
+          else
+            group.revoke_group_and_owner(source[:name], source[:account])
+          end
         else
           group.revoke_port_range(from_port.to_i..to_port.to_i, :ip_protocol => protocol, :cidr_ip => source)
         end

data/lib/rubber/commands/config.rb

@@ -18,7 +18,7 @@ module Rubber
       
       option ["--host", "-h"], "HOST", "Override the instance's host for generation"
       option ["--roles", "-r"], "ROLES", "Override the instance's roles for generation" do |str|
-        str.split(",")
+        str.split(/\s*,\s*/)
       end
       option ["--file", "-p"], "FILE", "Only generate files matching the given pattern"
       option ["--no_post", "-n"], :flag, "Skip running post commands"

data/lib/rubber/dns/aws.rb

@@ -133,7 +133,7 @@ module Rubber
         
         if opts[:host] && opts[:host] != '*'
           found_host = zone.records.all(:name => host[:name], :type => host[:type], :max_items => 1).first
-          found_host = nil if found_host.name != "#{host[:name]}." && found_host.type != host[:type]
+          found_host = nil if found_host && found_host.name != "#{host[:name]}." && found_host.type != host[:type]
           hosts = Array(found_host)
         else
           hosts = all_hosts(zone)

data/lib/rubber/dns/nettica.rb

@@ -1,7 +1,7 @@
 begin
   require 'nettica/client'
 rescue LoadError
-  Rubber::Util.fail "Missing the nettica gem.  Install or add it to your Gemfile."
+  Rubber::Util.fatal "Missing the nettica gem.  Install or add it to your Gemfile."
 end
 
 module Rubber

data/lib/rubber/recipes/rubber/instances.rb

@@ -23,7 +23,7 @@ namespace :rubber do
     if r == '*'
       instance_roles = rubber_cfg.environment.known_roles.reject {|r| r =~ /slave/ || r =~ /^db$/ }
     else
-      instance_roles = r.split(",")
+      instance_roles = r.split(/\s*,\s*/)
     end
     
     create_instances(aliases, instance_roles, create_spot_instance)
@@ -100,7 +100,7 @@ namespace :rubber do
     instance_alias = get_env('ALIAS', "Instance alias (e.g. web01)", true)
     r = get_env('ROLES', "Instance roles (e.g. web,app,db:primary=true)", true)
 
-    instance_roles = r.split(",")
+    instance_roles = r.split(/\s*,\s*/)
 
     ir = []
     instance_roles.each do |r|
@@ -129,7 +129,7 @@ namespace :rubber do
     instance_alias = get_env('ALIAS', "Instance alias (e.g. web01)", true)
     r = get_env('ROLES', "Instance roles (e.g. web,app,db:primary=true)", true)
 
-    instance_roles = r.split(",")
+    instance_roles = r.split(/\s*,\s*/)
 
     ir = []
     instance_roles.each do |r|
@@ -199,7 +199,7 @@ namespace :rubber do
       roles = instance_roles
       if roles.size == 0
         env = rubber_cfg.environment.bind(nil, instance_alias)
-        roles = env.instance_roles.split(",") rescue []
+        roles = env.instance_roles.split(/\s*,\s*/) rescue []
       end
 
       # If user doesn't setup a primary db, then be nice and do it

data/lib/rubber/recipes/rubber/security_groups.rb

@@ -37,7 +37,7 @@ namespace :rubber do
       security_groups += roles
     end
     security_groups = security_groups.uniq.compact.reject {|x| x.empty? }
-    security_groups = security_groups.collect {|x| isolate_group_name(x) } if env.isolate_security_groups
+    security_groups = security_groups.collect {|x| isolate_group_name(x) }
     return security_groups
   end
 
@@ -71,19 +71,27 @@ namespace :rubber do
   end
 
   def isolate_group_name(group_name)
-    new_name = "#{isolate_prefix}#{group_name}"
-    return new_name
+    if rubber_env.isolate_security_groups
+      group_name =~ /^#{isolate_prefix}/ ? group_name : "#{isolate_prefix}#{group_name}"
+    else
+      group_name
+    end
   end
 
   def isolate_groups(groups)
     renamed = {}
     groups.each do |name, group|
-      new_name = name =~ /^#{isolate_prefix}/ ? name : isolate_group_name(name)
+      new_name = isolate_group_name(name)
       new_group =  Marshal.load(Marshal.dump(group))
       new_group['rules'].each do |rule|
         old_ref_name = rule['source_group_name']
-        if old_ref_name && old_ref_name !~ /^#{isolate_prefix}/
-          rule['source_group_name'] = isolate_group_name(old_ref_name)
+        if old_ref_name
+          # don't mangle names if the user specifies this is an external group they are giving access to.
+          # remove the external_group key to allow this to match with groups retrieved from cloud 
+          is_external = rule.delete('external_group')
+          if ! is_external && old_ref_name !~ /^#{isolate_prefix}/
+            rule['source_group_name'] = isolate_group_name(old_ref_name)
+          end
         end
       end
       renamed[new_name] = new_group
@@ -95,7 +103,7 @@ namespace :rubber do
     return unless groups
 
     groups = Rubber::Util::stringify(groups)
-    groups = isolate_groups(groups) if rubber_env.isolate_security_groups
+    groups = isolate_groups(groups)
     group_keys = groups.keys.clone()
     
     # For each group that does already exist in cloud
@@ -110,15 +118,31 @@ namespace :rubber do
         # sync rules
         logger.debug "Security Group already in cloud, syncing rules: #{group_name}"
         group = groups[group_name]
+        
+        # convert the special case default rule into what it actually looks like when
+        # we query ec2 so that we can match things up when syncing
         rules = group['rules'].clone
+        group['rules'].each do |rule|
+          if [2, 3].include?(rule.size) && rule['source_group_name'] && rule['source_group_account']
+            rules << rule.merge({'protocol' => 'tcp', 'from_port' => '1', 'to_port' => '65535' })
+            rules << rule.merge({'protocol' => 'udp', 'from_port' => '1', 'to_port' => '65535' })
+            rules << rule.merge({'protocol' => 'icmp', 'from_port' => '-1', 'to_port' => '-1' })
+            rules.delete(rule)
+          end
+        end
+        
         rule_maps = []
 
         # first collect the rule maps from the request (group/user pairs are duplicated for tcp/udp/icmp,
         # so we need to do this up frnot and remove duplicates before checking against the local rubber rules)
         cloud_group[:permissions].each do |rule|
-          if rule[:source_groups]
-            rule[:source_groups].each do |source_group|
-              rule_map = {:source_group_name => source_group[:name], :source_group_account => source_group[:account]}
+          source_groups = rule.delete(:source_groups)
+          if source_groups
+            source_groups.each do |source_group|
+              rule_map = rule.clone
+              rule_map.delete(:source_ips)
+              rule_map[:source_group_name] = source_group[:name]
+              rule_map[:source_group_account] = source_group[:account]
               rule_map = Rubber::Util::stringify(rule_map)
               rule_maps << rule_map unless rule_maps.include?(rule_map)
             end
@@ -145,7 +169,7 @@ namespace :rubber do
             if answer =~ /^y/
               rule_map = Rubber::Util::symbolize_keys(rule_map)
               if rule_map[:source_group_name]
-                cloud.remove_security_group_rule(group_name, nil, nil, nil, {:name => rule_map[:source_group_name], :account => rule_map[:source_group_account]})
+                cloud.remove_security_group_rule(group_name, rule_map[:protocol], rule_map[:from_port], rule_map[:to_port], {:name => rule_map[:source_group_name], :account => rule_map[:source_group_account]})
               else
                 rule_map[:source_ips].each do |source_ip|
                   cloud.remove_security_group_rule(group_name, rule_map[:protocol], rule_map[:from_port], rule_map[:to_port], source_ip)
@@ -160,7 +184,7 @@ namespace :rubber do
           logger.debug "Missing rule, creating: #{rule_map.inspect}"
           rule_map = Rubber::Util::symbolize_keys(rule_map)
           if rule_map[:source_group_name]
-            cloud.add_security_group_rule(group_name, nil, nil, nil, {:name => rule_map[:source_group_name], :account => rule_map[:source_group_account]})
+            cloud.add_security_group_rule(group_name, rule_map[:protocol], rule_map[:from_port], rule_map[:to_port], {:name => rule_map[:source_group_name], :account => rule_map[:source_group_account]})
           else
             rule_map[:source_ips].each do |source_ip|
               cloud.add_security_group_rule(group_name, rule_map[:protocol], rule_map[:from_port], rule_map[:to_port], source_ip)
@@ -191,7 +215,7 @@ namespace :rubber do
         logger.debug "Creating new rule: #{rule_map.inspect}"
         rule_map = Rubber::Util::symbolize_keys(rule_map)
         if rule_map[:source_group_name]
-          cloud.add_security_group_rule(group_name, nil, nil, nil, {:name => rule_map[:source_group_name], :account => rule_map[:source_group_account]})
+          cloud.add_security_group_rule(group_name, rule_map[:protocol], rule_map[:from_port], rule_map[:to_port], {:name => rule_map[:source_group_name], :account => rule_map[:source_group_account]})
         else
           rule_map[:source_ips].each do |source_ip|
             cloud.add_security_group_rule(group_name, rule_map[:protocol], rule_map[:from_port], rule_map[:to_port], source_ip)

data/lib/rubber/recipes/rubber/volumes.rb

@@ -258,7 +258,9 @@ namespace :rubber do
           done
           echo 'Devices ready'
 
+          udevadm control --stop-exec-queue
           #{mdadm_init}
+          udevadm control --start-exec-queue
 
           # set reconstruction speed
           echo $((30*1024)) > /proc/sys/dev/raid/speed_limit_min

data/lib/rubber/util.rb

@@ -36,7 +36,7 @@ module Rubber
       alias_patterns = instance_aliases.to_s.strip.split(/\s*,\s*/)
       alias_patterns.each do |a|
         if a =~ /~/
-          range = a.split(/~/)
+          range = a.split(/\s*~\s*/)
           range_items = (range.first..range.last).to_a
           raise "Invalid range, '#{a}', sequence generated no items" if range_items.size == 0
           aliases.concat(range_items)

data/lib/rubber/version.rb

@@ -1,4 +1,4 @@
 module Rubber
-  VERSION = "2.0.8"
+  VERSION = "2.1.0"
 end
 

data/rubber.gemspec

@@ -34,7 +34,7 @@ Gem::Specification.new do |s|
   s.add_dependency 'thor'
   s.add_dependency 'clamp'
   s.add_dependency 'open4'
-  s.add_dependency 'fog', '~> 1.2'
+  s.add_dependency 'fog', '~> 1.5'
   s.add_dependency 'json'
   
   s.add_development_dependency('rake')

data/templates/base/config/rubber/rubber.yml

@@ -136,6 +136,20 @@ cloud_provider: aws
 # keys are the parameters to the ec2 AuthorizeSecurityGroupIngress API
 # source_security_group_name, source_security_group_owner_id
 # ip_protocol, from_port, to_port, cidr_ip
+# If you want to use a source_group outside of this project, add "external_group: true"
+# to prevent group_isolation from mangling its name, e.g.  to give access to graphite
+# server to other projects
+#
+# security_groups:
+#   graphite_server:
+#     description: The graphite_server security group to allow projects to send graphite data
+#     rules:
+#       - source_group_name: yourappname_production_collectd
+#         source_group_account: 123456
+#         external_group: true
+#         protocol: tcp
+#         from_port: "#{graphite_server_port}"
+#         to_port: "#{graphite_server_port}"
 #
 security_groups:
   default:

data/templates/complete_unicorn_nginx/config/rubber/role/haproxy/haproxy-unicorn.conf

@@ -0,0 +1,21 @@
+<%
+  @path = "/etc/haproxy/haproxy.cfg"
+  @additive = ["# start haproxy unicorn", "# end haproxy unicorn"]
+%>
+
+<%
+  backend_hosts = rubber_instances.for_role('app').collect { |i| i.name }
+%>
+
+listen unicorn_proxy 0.0.0.0:<%= rubber_env.web_port %>
+  option forwardfor
+  <% backend_hosts.each do |server| %>
+    server <%= server %> <%= server %>:<%= rubber_env.unicorn_listen_port %> maxconn <%= rubber_env.max_app_connections %> check
+  <% end %>
+
+listen unicorn_proxy_ssl 0.0.0.0:<%= rubber_env.web_ssl_port %>
+  mode tcp
+  option forwardfor
+  <% backend_hosts.each do |server| %>
+    server <%= server %> <%= server %>:<%= rubber_env.unicorn_listen_ssl_port %> maxconn <%= rubber_env.max_app_connections %> check
+  <% end %>

data/templates/complete_unicorn_nginx/config/rubber/rubber-complete.yml

@@ -0,0 +1,39 @@
+role_dependencies:
+  web: [haproxy]
+  app: [unicorn_nginx]
+  web_tools: [unicorn_nginx]
+
+web_port: 80
+web_ssl_port: 443
+web_tools_port: 8080
+web_tools_ssl_port: 8443
+
+security_groups:
+  web:
+    description: "To open up port #{web_port}/#{web_ssl_port} for http server on web role"
+    rules:
+      - protocol: tcp
+        from_port: "#{web_port}"
+        to_port: "#{web_port}"
+        source_ips: [0.0.0.0/0]
+      - protocol: tcp
+        from_port: "#{web_ssl_port}"
+        to_port: "#{web_ssl_port}"
+        source_ips: [0.0.0.0/0]
+  web_tools:
+    description: "To open up port #{web_tools_port}/#{web_tools_ssl_port} for internal/tools http server"
+    rules:
+      - protocol: tcp
+        from_port: "#{web_tools_port}"
+        to_port: "#{web_tools_port}"
+        source_ips: [0.0.0.0/0]
+      - protocol: tcp
+        from_port: "#{web_tools_ssl_port}"
+        to_port: "#{web_tools_ssl_port}"
+        source_ips: [0.0.0.0/0]
+
+roles:
+  web:
+    assigned_security_groups: [web]
+  web_tools:
+    assigned_security_groups: [web_tools]

data/templates/complete_unicorn_nginx/templates.rb

@@ -0,0 +1,8 @@
+database_engines = ['mysql', 'postgresql']
+if ! database_engines.any? {|d| @template_dependencies.include?(d)}
+  db = Rubber::Util::prompt("DATABASE",
+                            "The database engine to use (#{database_engines.join(', ')})",
+                            true,
+                            'mysql')
+  template_dependencies << db
+end

data/templates/complete_unicorn_nginx/templates.yml

@@ -0,0 +1,9 @@
+description: A fairly complete and scalable deployment setup using unicorn and nginx
+dependent_templates:
+  - base
+  - haproxy
+  - nginx
+  - unicorn
+  - monit
+  - collectd
+  - graphite

data/templates/complete_unicorn_nginx_mysql/templates.yml

@@ -0,0 +1,4 @@
+description: A fairly complete and scalable mysql deployment setup using unicorn/nginx
+dependent_templates:
+  - complete_unicorn_nginx
+  - mysql

data/templates/complete_unicorn_nginx_postgresql/templates.yml

@@ -0,0 +1,4 @@
+description: A fairly complete and scalable postgresql deployment setup using unicorn/nginx
+dependent_templates:
+  - complete_unicorn_nginx
+  - postgresql

data/templates/monit/config/rubber/role/unicorn/monit-unicorn.conf

@@ -0,0 +1,7 @@
+<%
+  @path = '/etc/monit/monit.d/monit-unicorn.conf'
+%>
+check process unicorn with pidfile /var/run/unicorn.pid
+  group unicorn-<%= Rubber.env %>
+  start program = "/usr/bin/env service unicorn start"
+  stop program = "/usr/bin/env service unicorn stop"

data/templates/nginx/config/rubber/role/web_tools/nginx-tools.conf

@@ -13,6 +13,47 @@ server
   rewrite (.*) https://$host:<%= rubber_env.web_tools_ssl_port %>$1 break;
 }
 
+# Web Tools Proxies
+<%
+  Array(rubber_env.web_tools_proxies).each do |name, settings|
+    proxy_host = rubber_instances.for_role(settings.role).first.full_name rescue nil
+    next unless proxy_host
+
+    host = "#{name}-#{rubber_env.full_host}"
+    host_and_port = "#{host}:#{rubber_env.web_tools_ssl_port}"
+
+    # don't use settings.path here - mapping the host/port is sufficient,
+    # and path can be done in tools-index.html.  This allows admin sites
+    # that hit other paths on same host/port to still function, e.g. elasticsearch
+    proxy_url = "http://#{proxy_host}:#{settings.port}/"
+%>
+server
+  {
+    listen <%= rubber_env.web_tools_ssl_port %>;
+    server_name <%= host %>;
+
+    ssl                  on;
+    <% if rubber_env.use_ssl_key %>
+      ssl_certificate <%= Rubber.root %>/config/<%= rubber_env.domain %>.crt;
+      ssl_certificate_key <%= Rubber.root %>/config/<%= rubber_env.domain %>.key;
+    <% else %>
+      ssl_certificate  /etc/ssl/certs/ssl-cert-snakeoil.pem;
+      ssl_certificate_key  /etc/ssl/private/ssl-cert-snakeoil.key;
+    <% end %>
+
+    auth_basic            "Rubber Admin Tools";
+    auth_basic_user_file  <%= Rubber.root %>/config/<%= rubber_env.app_name %>.auth;
+
+    client_max_body_size 10M;
+    root /var/www;
+
+    location /
+    {
+      proxy_pass <%= proxy_url %>;
+    }
+  }
+<% end %>
+
 # This server is setup to serve https.
 server
 {

data/templates/nginx/config/rubber/role/web_tools/tools-index.html

@@ -1,5 +1,6 @@
 <%
   @path = "/var/www/index.html"
+  tools_host = rubber_instances.for_role('web_tools').first
 %>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
 <html>
@@ -11,24 +12,25 @@
 		<h1>Rubber Admin Tools</h1>
 		<ul>
 
-      <% if File.exist?("/var/www/munin") %>
-        <li><a href="/munin/">Munin</a></li>
+      <%
+        tools_html_path = "/var/www"
+        tools_html_prefix = "#{tools_html_path}/rubber-web-tools-"
+        Dir["#{tools_html_prefix}*.html"].each do |tools_file|
+          tool_path = tools_file.gsub(tools_html_path, '')
+          tool_name = tools_file.gsub(tools_html_prefix, '').split('.').first
+          tool_name = tool_name.capitalize
+      %>
+          <li><a href="<%= tool_path %>"><%= tool_name %></a></li>
       <% end %>
 
-      <% if cruise_host = rubber_instances.for_role('cruise').first %>
-        <li><a href="http://<%= cruise_host %>/cruise/">CruiseControl</a></li>
-      <% end %>
-
-		  <% rubber_instances.for_role('haproxy').each do |ic| %>
-		      <li><a href="/haproxy_<%= ic.name %>/">HAProxy <%= ic.name %></a></li>
-		  <% end %>
-
-      <% rubber_instances.each do |ic| %>
-          <li><a href="/monit_<%= ic.name %>/">Monit <%= ic.name %></a></li>
-      <% end %>
-
-      <% if graphite_host = rubber_instances.for_role('graphite_web').first %>
-          <li><a href="/graphite/">Graphite</a></li>
+      <%
+        # add the ip aliases for web tools hosts so we can map internal tools
+        # to their own vhost to make proxying easier (rewriting url paths for
+        # proxy is a real pain, e.g. '/graphite/' externally to '/' on the
+        # graphite web app)
+        Array(rubber_env.web_tools_proxies).each do |name, settings|
+      %>
+        <li><a href="https://<%= name %>-<%= tools_host.full_name %>:<%= rubber_env.web_tools_ssl_port %><%= settings.path || '/' %>"><%= name.capitalize %></a></li>
       <% end %>
 
 		</ul>

data/templates/passenger_nginx/config/rubber/role/web_tools/nginx-tools.conf

@@ -13,6 +13,47 @@ server
   rewrite (.*) https://$host:<%= rubber_env.web_tools_ssl_port %>$1 break;
 }
 
+# Web Tools Proxies
+<%
+  Array(rubber_env.web_tools_proxies).each do |name, settings|
+    proxy_host = rubber_instances.for_role(settings.role).first.full_name rescue nil
+    next unless proxy_host
+
+    host = "#{name}-#{rubber_env.full_host}"
+    host_and_port = "#{host}:#{rubber_env.web_tools_ssl_port}"
+
+    # don't use settings.path here - mapping the host/port is sufficient,
+    # and path can be done in tools-index.html.  This allows admin sites
+    # that hit other paths on same host/port to still function, e.g. elasticsearch
+    proxy_url = "http://#{proxy_host}:#{settings.port}/"
+%>
+server
+  {
+    listen <%= rubber_env.web_tools_ssl_port %>;
+    server_name <%= host %>;
+
+    ssl                  on;
+    <% if rubber_env.use_ssl_key %>
+      ssl_certificate <%= Rubber.root %>/config/<%= rubber_env.domain %>.crt;
+      ssl_certificate_key <%= Rubber.root %>/config/<%= rubber_env.domain %>.key;
+    <% else %>
+      ssl_certificate  /etc/ssl/certs/ssl-cert-snakeoil.pem;
+      ssl_certificate_key  /etc/ssl/private/ssl-cert-snakeoil.key;
+    <% end %>
+
+    auth_basic            "Rubber Admin Tools";
+    auth_basic_user_file  <%= Rubber.root %>/config/<%= rubber_env.app_name %>.auth;
+
+    client_max_body_size 10M;
+    root /var/www;
+
+    location /
+    {
+      proxy_pass <%= proxy_url %>;
+    }
+  }
+<% end %>
+
 # This server is setup to serve https.
 server
 {

data/templates/passenger_nginx/config/rubber/role/web_tools/tools-index.html

@@ -1,5 +1,6 @@
 <%
   @path = "/var/www/index.html"
+  tools_host = rubber_instances.for_role('web_tools').first
 %>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
 <html>
@@ -10,29 +11,26 @@
 	<body>
 		<h1>Rubber Admin Tools</h1>
 		<ul>
-
-      <% if File.exist?("/var/www/munin") %>
-        <li><a href="/munin/">Munin</a></li>
-      <% end %>
-
-      <% if cruise_host = rubber_instances.for_role('cruise').first %>
-        <li><a href="http://<%= cruise_host %>/cruise/">CruiseControl</a></li>
-      <% end %>
-
-		  <% rubber_instances.for_role('haproxy').sort {|a,b| a.name <=> b.name }.each do |ic| %>
-		      <li><a href="/haproxy_<%= ic.name %>/">HAProxy <%= ic.name %></a></li>
-		  <% end %>
-
-      <% rubber_instances.sort {|a,b| a.name <=> b.name }.each do |ic| %>
-          <li><a href="/monit_<%= ic.name %>/">Monit <%= ic.name %></a></li>
-      <% end %>
       
-      <% if resque_host = rubber_instances.for_role('resque_web').first %>
-          <li><a href="/resque/">Resque</a></li>
+      <%
+        tools_html_path = "/var/www"
+        tools_html_prefix = "#{tools_html_path}/rubber-web-tools-"
+        Dir["#{tools_html_prefix}*.html"].each do |tools_file|
+          tool_path = tools_file.gsub(tools_html_path, '')
+          tool_name = tools_file.gsub(tools_html_prefix, '').split('.').first
+          tool_name = tool_name.capitalize
+      %>
+          <li><a href="<%= tool_path %>"><%= tool_name %></a></li>
       <% end %>
 
-      <% if graphite_host = rubber_instances.for_role('graphite_web').first %>
-          <li><a href="/graphite/">Graphite</a></li>
+      <%
+        # add the ip aliases for web tools hosts so we can map internal tools
+        # to their own vhost to make proxying easier (rewriting url paths for
+        # proxy is a real pain, e.g. '/graphite/' externally to '/' on the
+        # graphite web app)
+        Array(rubber_env.web_tools_proxies).each do |name, settings|
+      %>
+        <li><a href="https://<%= name %>-<%= tools_host.full_name %>:<%= rubber_env.web_tools_ssl_port %><%= settings.path || '/' %>"><%= name.capitalize %></a></li>
       <% end %>
 
 		</ul>

data/templates/postgresql/config/rubber/deploy-postgresql.rb

@@ -1,4 +1,3 @@
-
 namespace :rubber do
   
   namespace :postgresql do
@@ -58,9 +57,9 @@ namespace :rubber do
             create_replication_user_cmd << " PASSWORD '#{env.db_replication_pass}'" if env.db_replication_pass
 
             rubber.sudo_script "create_master_db", <<-ENDSCRIPT
-              sudo -u postgres psql -c "#{create_user_cmd}"
-              sudo -u postgres psql -c "#{create_replication_user_cmd}"
-              sudo -u postgres psql -c "CREATE DATABASE #{env.db_name} WITH OWNER #{env.db_user}"
+              sudo -i -u postgres psql -c "#{create_user_cmd}"
+              sudo -i -u postgres psql -c "#{create_replication_user_cmd}"
+              sudo -i -u postgres psql -c "CREATE DATABASE #{env.db_name} WITH OWNER #{env.db_user}"
             ENDSCRIPT
           end
         end

data/templates/redis/config/rubber/rubber-redis.yml

@@ -1,4 +1,4 @@
-redis_server_version: 2.4.12
+redis_server_version: 2.4.16
 redis_server_pid_file: /var/run/redis-server.pid
 redis_server_conf_file: /etc/redis.conf
 redis_server_log_file: /var/log/redis-server.log

data/templates/resque/templates.yml

@@ -1,3 +1,4 @@
 description: The resque background queue system
 dependent_templates:
-  - redis
+  - redis
+skip_unknown_roles: true

data/templates/unicorn/config/rubber/role/unicorn/unicorn-upstart.conf

@@ -0,0 +1,13 @@
+<%
+  @path = "/etc/init/unicorn.conf"
+  current_path = "/mnt/#{rubber_env.app_name}-#{Rubber.env}/current"
+  @backup = false
+%>
+description "unicorn daemon"
+
+start on runlevel [2345]
+stop on runlevel [016]
+
+script
+  exec /bin/bash -l -c 'cd <%= current_path %> && exec bundle exec unicorn_rails -c <%= current_path %>/config/unicorn.rb -E <%= Rubber.env %> -D >> log/unicorn_upstart.log 2>&1'
+end script

data/templates/unicorn/config/rubber/role/unicorn/unicorn.rb

@@ -1,5 +1,6 @@
 <%
   @path = "#{Rubber.root}/config/unicorn.rb"
+  current_path = "/mnt/#{rubber_env.app_name}-#{Rubber.env}/current"
 %>
 worker_processes 2
 working_directory "<%= Rubber.root %>"
@@ -22,6 +23,13 @@ pid "/var/run/unicorn.pid"
 stderr_path "<%= Rubber.root %>/log/unicorn.stderr.log"
 stdout_path "<%= Rubber.root %>/log/unicorn.stdout.log"
 
+# Because of Capistano, we need to tell unicorn where find the current Gemfile
+# Read about Unicorn, Capistrano, and Bundler here:
+# http://unicorn.bogomips.org/Sandbox.html
+before_exec do |server|
+  ENV['BUNDLE_GEMFILE'] = "<%= current_path %>/Gemfile"
+end
+
 before_fork do |server, worker|
   ##
   # When sent a USR2, Unicorn will suffix its pidfile with .oldbin and

data/templates/zookeeper/config/rubber/rubber-zookeeper.yml

@@ -1,4 +1,4 @@
-zookeeper_version: 3.3.5
+zookeeper_version: 3.3.6
 zookeeper_package_url: "http://www.ecoficial.com/am/zookeeper/stable/zookeeper-#{zookeeper_version}.tar.gz"
 zookeeper_install_dir: "/usr/local/zookeeper-#{zookeeper_version}"
 zookeeper_data_dir: /mnt/zookeeper/data

data/test/dns/aws_test.rb

@@ -123,6 +123,12 @@ class AwsTest < Test::Unit::TestCase
           assert_equal ['1.1.1.2'], attributes[:data]
         end
         
+        should "find no records" do
+          # Wildcard search.
+          records = @dns.find_host_records(:host => 'foo', :domain => @domain)
+          assert_equal 0, records.size
+        end
+      
         should "find_records" do
           # Set up some sample records.
           created = []

data/test/dns/zerigo_test.rb

@@ -121,6 +121,12 @@ class ZerigoTest < Test::Unit::TestCase
           assert_equal ['1.1.1.2'], attributes[:data]
         end
         
+        should "find no records" do
+          # Wildcard search.
+          records = @dns.find_host_records(:host => 'foo', :domain => @domain)
+          assert_equal 0, records.size
+        end
+      
         should "find_records" do
           # Set up some sample records.
           created = []

data/test/instance_test.rb

@@ -226,7 +226,10 @@ class InstanceTest < Test::Unit::TestCase
       should "create new instance in filesystem when instance file doesn't exist" do
         tempfile = Tempfile.new('instancestorage')
         location = "file:#{tempfile.path}"
+
+        tempfile.close
         tempfile.unlink
+
         Instance.any_instance.expects(:load_from_file).never
         Instance.any_instance.expects(:save_to_file)
         Instance.new(location).save

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubber
 version: !ruby/object:Gem::Version
-  version: 2.0.8
+  version: 2.1.0
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-08-01 00:00:00.000000000 Z
+date: 2012-08-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capistrano
@@ -99,7 +99,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -107,7 +107,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.5'
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
@@ -345,6 +345,12 @@ files:
 - templates/complete_passenger_nginx_mysql/templates.yml
 - templates/complete_passenger_nginx_postgresql/templates.yml
 - templates/complete_passenger_postgresql/templates.yml
+- templates/complete_unicorn_nginx/config/rubber/role/haproxy/haproxy-unicorn.conf
+- templates/complete_unicorn_nginx/config/rubber/rubber-complete.yml
+- templates/complete_unicorn_nginx/templates.rb
+- templates/complete_unicorn_nginx/templates.yml
+- templates/complete_unicorn_nginx_mysql/templates.yml
+- templates/complete_unicorn_nginx_postgresql/templates.yml
 - templates/cruise/config/rubber/deploy-cruise.rb
 - templates/cruise/config/rubber/role/cruise/cruise
 - templates/cruise/config/rubber/role/cruise/my.cnf
@@ -450,6 +456,7 @@ files:
 - templates/monit/config/rubber/role/resque_web/monit-resque_web.conf
 - templates/monit/config/rubber/role/resque_worker/monit-resque_pool.conf
 - templates/monit/config/rubber/role/sphinx/monit-sphinx.conf
+- templates/monit/config/rubber/role/unicorn/monit-unicorn.conf
 - templates/monit/config/rubber/role/web_tools/monit-admin-nginx.conf
 - templates/monit/config/rubber/role/web_tools/rubber-web-tools-monit.html
 - templates/monit/config/rubber/rubber-monit.yml
@@ -581,6 +588,7 @@ files:
 - templates/torquebox/templates.yml
 - templates/unicorn/config/rubber/deploy-unicorn.rb
 - templates/unicorn/config/rubber/role/nginx/unicorn_nginx.conf
+- templates/unicorn/config/rubber/role/unicorn/unicorn-upstart.conf
 - templates/unicorn/config/rubber/role/unicorn/unicorn.rb
 - templates/unicorn/config/rubber/rubber-unicorn.yml
 - templates/unicorn/templates.yml
@@ -648,7 +656,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4060872164563619130
+      hash: -230817372791926441
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -657,7 +665,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4060872164563619130
+      hash: -230817372791926441
 requirements: []
 rubyforge_project: rubber
 rubygems_version: 1.8.24