safeguard-devise 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/.vagrant/machines/default/virtualbox/action_provision +1 -0
- data/.vagrant/machines/default/virtualbox/action_set_name +1 -0
- data/.vagrant/machines/default/virtualbox/id +1 -0
- data/Gemfile +25 -0
- data/Gemfile.lock +186 -0
- data/Rakefile +51 -0
- data/VERSION +1 -0
- data/Vagrantfile +128 -0
- data/app/controllers/devise/devise_safeguard_controller.rb +56 -0
- data/app/views/devise/verify_safeguard.html.erb +9 -0
- data/app/views/devise/verify_safeguard.html.haml +7 -0
- data/config/locales/pt-BR.yml +5 -0
- data/lib/devise-safeguard/controllers/helpers.rb +54 -0
- data/lib/devise-safeguard/hooks/safeguard_authenticatable.rb +7 -0
- data/lib/devise-safeguard/models/safeguard_authenticatable.rb +18 -0
- data/lib/devise-safeguard/rails.rb +7 -0
- data/lib/devise-safeguard/routes.rb +17 -0
- data/lib/generators/active_record/devise_safeguard_generator.rb +13 -0
- data/lib/generators/active_record/templates/migration.rb +15 -0
- data/lib/generators/devise_safeguard/devise_safeguard_generator.rb +30 -0
- data/lib/generators/devise_safeguard/install_generator.rb +44 -0
- data/lib/safeguard-devise.rb +24 -0
- data/puppet/manifests/default.pp +66 -0
- data/puppet/modules/elasticsearch/CHANGELOG +62 -0
- data/puppet/modules/elasticsearch/CONTRIBUTORS +20 -0
- data/puppet/modules/elasticsearch/LICENSE +13 -0
- data/puppet/modules/elasticsearch/Modulefile +9 -0
- data/puppet/modules/elasticsearch/README.md +147 -0
- data/puppet/modules/elasticsearch/Rakefile +5 -0
- data/puppet/modules/elasticsearch/manifests/config.pp +64 -0
- data/puppet/modules/elasticsearch/manifests/init.pp +208 -0
- data/puppet/modules/elasticsearch/manifests/java.pp +50 -0
- data/puppet/modules/elasticsearch/manifests/package.pp +84 -0
- data/puppet/modules/elasticsearch/manifests/params.pp +103 -0
- data/puppet/modules/elasticsearch/manifests/plugin.pp +97 -0
- data/puppet/modules/elasticsearch/manifests/python.pp +34 -0
- data/puppet/modules/elasticsearch/manifests/service.pp +114 -0
- data/puppet/modules/elasticsearch/manifests/template.pp +118 -0
- data/puppet/modules/elasticsearch/metadata.json +41 -0
- data/puppet/modules/elasticsearch/spec/classes/elasticsearch_init_spec.rb +596 -0
- data/puppet/modules/elasticsearch/spec/defines/template_spec.rb +66 -0
- data/puppet/modules/elasticsearch/spec/spec_helper.rb +2 -0
- data/puppet/modules/elasticsearch/templates/etc/default/elasticsearch.erb +5 -0
- data/puppet/modules/elasticsearch/templates/etc/elasticsearch/elasticsearch.yml.erb +93 -0
- data/puppet/modules/memcached/.gitignore +2 -0
- data/puppet/modules/memcached/Modulefile +8 -0
- data/puppet/modules/memcached/README.md +29 -0
- data/puppet/modules/memcached/manifests/init.pp +33 -0
- data/puppet/modules/memcached/manifests/params.pp +21 -0
- data/puppet/modules/memcached/templates/memcached.conf.erb +46 -0
- data/puppet/modules/memcached/templates/memcached_sysconfig.erb +5 -0
- data/puppet/modules/mysql/.fixtures.yml +3 -0
- data/puppet/modules/mysql/.gemfile +5 -0
- data/puppet/modules/mysql/LICENSE +201 -0
- data/puppet/modules/mysql/Modulefile +8 -0
- data/puppet/modules/mysql/README.md +124 -0
- data/puppet/modules/mysql/files/mysqltuner.pl +966 -0
- data/puppet/modules/mysql/lib/puppet/parser/functions/mysql_password.rb +15 -0
- data/puppet/modules/mysql/lib/puppet/provider/database/mysql.rb +42 -0
- data/puppet/modules/mysql/lib/puppet/provider/database_grant/mysql.rb +177 -0
- data/puppet/modules/mysql/lib/puppet/provider/database_user/mysql.rb +42 -0
- data/puppet/modules/mysql/lib/puppet/type/database.rb +17 -0
- data/puppet/modules/mysql/lib/puppet/type/database_grant.rb +75 -0
- data/puppet/modules/mysql/lib/puppet/type/database_user.rb +25 -0
- data/puppet/modules/mysql/manifests/backup.pp +68 -0
- data/puppet/modules/mysql/manifests/config.pp +122 -0
- data/puppet/modules/mysql/manifests/db.pp +77 -0
- data/puppet/modules/mysql/manifests/init.pp +24 -0
- data/puppet/modules/mysql/manifests/java.pp +24 -0
- data/puppet/modules/mysql/manifests/params.pp +91 -0
- data/puppet/modules/mysql/manifests/python.pp +26 -0
- data/puppet/modules/mysql/manifests/ruby.pp +28 -0
- data/puppet/modules/mysql/manifests/server/account_security.pp +13 -0
- data/puppet/modules/mysql/manifests/server/monitor.pp +19 -0
- data/puppet/modules/mysql/manifests/server/mysqltuner.pp +22 -0
- data/puppet/modules/mysql/manifests/server.pp +52 -0
- data/puppet/modules/mysql/templates/my.cnf.erb +42 -0
- data/puppet/modules/mysql/templates/my.cnf.pass.erb +6 -0
- data/puppet/modules/mysql/templates/mysqlbackup.sh.erb +23 -0
- data/puppet/modules/postgresql/GPL-3 +674 -0
- data/puppet/modules/postgresql/Modulefile +13 -0
- data/puppet/modules/postgresql/README.md +156 -0
- data/puppet/modules/postgresql/lib/puppet/provider/pg_database/debian_postgresql.rb +30 -0
- data/puppet/modules/postgresql/lib/puppet/provider/pg_database/default.rb +17 -0
- data/puppet/modules/postgresql/lib/puppet/provider/pg_user/debian_postgresql.rb +63 -0
- data/puppet/modules/postgresql/lib/puppet/provider/pg_user/default.rb +17 -0
- data/puppet/modules/postgresql/lib/puppet/type/pg_database.rb +29 -0
- data/puppet/modules/postgresql/lib/puppet/type/pg_user.rb +45 -0
- data/puppet/modules/postgresql/manifests/db.pp +20 -0
- data/puppet/modules/postgresql/manifests/init.pp +12 -0
- data/puppet/modules/postgresql/manifests/params.pp +15 -0
- data/puppet/modules/postgresql/manifests/server.pp +47 -0
- data/puppet/modules/postgresql/templates/pg_hba.conf.erb +105 -0
- data/puppet/modules/postgresql/templates/postgresql.conf.erb +559 -0
- data/puppet/modules/redis/CHANGELOG +41 -0
- data/puppet/modules/redis/Gemfile +7 -0
- data/puppet/modules/redis/Gemfile.lock +18 -0
- data/puppet/modules/redis/Modulefile +10 -0
- data/puppet/modules/redis/README.md +34 -0
- data/puppet/modules/redis/Rakefile +6 -0
- data/puppet/modules/redis/manifests/init.pp +153 -0
- data/puppet/modules/redis/manifests/params.pp +39 -0
- data/puppet/modules/redis/metadata.json +31 -0
- data/puppet/modules/redis/spec/spec_helper.rb +17 -0
- data/puppet/modules/redis/templates/redis.debian.conf.erb +217 -0
- data/puppet/modules/redis/templates/redis.logrotate.erb +9 -0
- data/puppet/modules/redis/templates/redis.rhel.conf.erb +547 -0
- data/puppet/modules/redis/tests/init.pp +8 -0
- data/puppet/upgrade-puppet.sh +16 -0
- data/safeguard-devise.gemspec +249 -0
- data/spec/controllers/safeguard_devise_controller_spec.rb +67 -0
- data/spec/devise/safeguard_authenticatable_spec.rb +71 -0
- data/spec/orm/active_record.rb +4 -0
- data/spec/routing/routes_spec.rb +13 -0
- data/spec/safeguard-devise-test-app/.gitignore +16 -0
- data/spec/safeguard-devise-test-app/Gemfile +14 -0
- data/spec/safeguard-devise-test-app/Gemfile.lock +119 -0
- data/spec/safeguard-devise-test-app/README.rdoc +28 -0
- data/spec/safeguard-devise-test-app/Rakefile +6 -0
- data/spec/safeguard-devise-test-app/app/assets/images/.keep +0 -0
- data/spec/safeguard-devise-test-app/app/assets/javascripts/application.js +13 -0
- data/spec/safeguard-devise-test-app/app/assets/stylesheets/application.css +13 -0
- data/spec/safeguard-devise-test-app/app/controllers/application_controller.rb +5 -0
- data/spec/safeguard-devise-test-app/app/controllers/concerns/.keep +0 -0
- data/spec/safeguard-devise-test-app/app/controllers/home_controller.rb +6 -0
- data/spec/safeguard-devise-test-app/app/helpers/application_helper.rb +2 -0
- data/spec/safeguard-devise-test-app/app/mailers/.keep +0 -0
- data/spec/safeguard-devise-test-app/app/models/.keep +0 -0
- data/spec/safeguard-devise-test-app/app/models/concerns/.keep +0 -0
- data/spec/safeguard-devise-test-app/app/models/user.rb +6 -0
- data/spec/safeguard-devise-test-app/app/views/devise/devise_safeguard/verify_safeguard.html.erb +9 -0
- data/spec/safeguard-devise-test-app/app/views/devise/devise_safeguard/verify_safeguard.html.haml +6 -0
- data/spec/safeguard-devise-test-app/app/views/home/index.html.erb +1 -0
- data/spec/safeguard-devise-test-app/app/views/layouts/application.html.erb +14 -0
- data/spec/safeguard-devise-test-app/bin/bundle +3 -0
- data/spec/safeguard-devise-test-app/bin/rails +4 -0
- data/spec/safeguard-devise-test-app/bin/rake +4 -0
- data/spec/safeguard-devise-test-app/config/application.rb +31 -0
- data/spec/safeguard-devise-test-app/config/boot.rb +4 -0
- data/spec/safeguard-devise-test-app/config/database.yml +25 -0
- data/spec/safeguard-devise-test-app/config/environment.rb +5 -0
- data/spec/safeguard-devise-test-app/config/environments/development.rb +29 -0
- data/spec/safeguard-devise-test-app/config/environments/production.rb +80 -0
- data/spec/safeguard-devise-test-app/config/environments/test.rb +36 -0
- data/spec/safeguard-devise-test-app/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/safeguard-devise-test-app/config/initializers/devise.rb +259 -0
- data/spec/safeguard-devise-test-app/config/initializers/filter_parameter_logging.rb +4 -0
- data/spec/safeguard-devise-test-app/config/initializers/inflections.rb +16 -0
- data/spec/safeguard-devise-test-app/config/initializers/mime_types.rb +5 -0
- data/spec/safeguard-devise-test-app/config/initializers/secret_token.rb +12 -0
- data/spec/safeguard-devise-test-app/config/initializers/session_store.rb +3 -0
- data/spec/safeguard-devise-test-app/config/initializers/wrap_parameters.rb +14 -0
- data/spec/safeguard-devise-test-app/config/locales/devise.en.yml +59 -0
- data/spec/safeguard-devise-test-app/config/locales/devise.safeguard.pt-BR.yml +5 -0
- data/spec/safeguard-devise-test-app/config/locales/en.yml +23 -0
- data/spec/safeguard-devise-test-app/config/routes.rb +59 -0
- data/spec/safeguard-devise-test-app/config.ru +4 -0
- data/spec/safeguard-devise-test-app/db/migrate/20140220191103_create_users.rb +9 -0
- data/spec/safeguard-devise-test-app/db/migrate/20140220191247_add_devise_to_users.rb +49 -0
- data/spec/safeguard-devise-test-app/db/migrate/20140220191522_devise_safeguard_add_to_users.rb +15 -0
- data/spec/safeguard-devise-test-app/db/schema.rb +37 -0
- data/spec/safeguard-devise-test-app/db/seeds.rb +7 -0
- data/spec/safeguard-devise-test-app/lib/assets/.keep +0 -0
- data/spec/safeguard-devise-test-app/lib/tasks/.keep +0 -0
- data/spec/safeguard-devise-test-app/log/.keep +0 -0
- data/spec/safeguard-devise-test-app/public/404.html +58 -0
- data/spec/safeguard-devise-test-app/public/422.html +58 -0
- data/spec/safeguard-devise-test-app/public/500.html +57 -0
- data/spec/safeguard-devise-test-app/public/favicon.ico +0 -0
- data/spec/safeguard-devise-test-app/public/robots.txt +5 -0
- data/spec/safeguard-devise-test-app/test/controllers/.keep +0 -0
- data/spec/safeguard-devise-test-app/test/fixtures/.keep +0 -0
- data/spec/safeguard-devise-test-app/test/fixtures/users.yml +9 -0
- data/spec/safeguard-devise-test-app/test/helpers/.keep +0 -0
- data/spec/safeguard-devise-test-app/test/integration/.keep +0 -0
- data/spec/safeguard-devise-test-app/test/mailers/.keep +0 -0
- data/spec/safeguard-devise-test-app/test/models/.keep +0 -0
- data/spec/safeguard-devise-test-app/test/models/user_test.rb +7 -0
- data/spec/safeguard-devise-test-app/test/test_helper.rb +15 -0
- data/spec/safeguard-devise-test-app/vendor/assets/javascripts/.keep +0 -0
- data/spec/safeguard-devise-test-app/vendor/assets/stylesheets/.keep +0 -0
- data/spec/spec_helper.rb +31 -0
- data/spec/tests_helper/helpers.rb +34 -0
- metadata +381 -0
@@ -0,0 +1,547 @@
|
|
1
|
+
# Redis configuration file example
|
2
|
+
|
3
|
+
# Note on units: when memory size is needed, it is possible to specifiy
|
4
|
+
# it in the usual form of 1k 5GB 4M and so forth:
|
5
|
+
#
|
6
|
+
# 1k => 1000 bytes
|
7
|
+
# 1kb => 1024 bytes
|
8
|
+
# 1m => 1000000 bytes
|
9
|
+
# 1mb => 1024*1024 bytes
|
10
|
+
# 1g => 1000000000 bytes
|
11
|
+
# 1gb => 1024*1024*1024 bytes
|
12
|
+
#
|
13
|
+
# units are case insensitive so 1GB 1Gb 1gB are all the same.
|
14
|
+
|
15
|
+
# By default Redis does not run as a daemon. Use 'yes' if you need it.
|
16
|
+
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
|
17
|
+
daemonize <%= @conf_daemonize %>
|
18
|
+
|
19
|
+
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
|
20
|
+
# default. You can specify a custom pid file location here.
|
21
|
+
pidfile <%= @conf_pidfile_real %>
|
22
|
+
|
23
|
+
# Accept connections on the specified port, default is 6379.
|
24
|
+
# If port 0 is specified Redis will not listen on a TCP socket.
|
25
|
+
port <%= @conf_port %>
|
26
|
+
|
27
|
+
# If you want you can bind a single interface, if the bind option is not
|
28
|
+
# specified all the interfaces will listen for incoming connections.
|
29
|
+
#
|
30
|
+
bind <%= @conf_bind %>
|
31
|
+
|
32
|
+
# Specify the path for the unix socket that will be used to listen for
|
33
|
+
# incoming connections. There is no default, so Redis will not listen
|
34
|
+
# on a unix socket when not specified.
|
35
|
+
#
|
36
|
+
# unixsocket /tmp/redis.sock
|
37
|
+
# unixsocketperm 755
|
38
|
+
|
39
|
+
# Close the connection after a client is idle for N seconds (0 to disable)
|
40
|
+
timeout <%= @conf_timeout %>
|
41
|
+
|
42
|
+
# Set server verbosity to 'debug'
|
43
|
+
# it can be one of:
|
44
|
+
# debug (a lot of information, useful for development/testing)
|
45
|
+
# verbose (many rarely useful info, but not a mess like the debug level)
|
46
|
+
# notice (moderately verbose, what you want in production probably)
|
47
|
+
# warning (only very important / critical messages are logged)
|
48
|
+
loglevel <%= @conf_loglevel %>
|
49
|
+
|
50
|
+
# Specify the log file name. Also 'stdout' can be used to force
|
51
|
+
# Redis to log on the standard output. Note that if you use standard
|
52
|
+
# output for logging but daemonize, logs will be sent to /dev/null
|
53
|
+
logfile <%= @conf_logfile_real %>
|
54
|
+
|
55
|
+
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
|
56
|
+
# and optionally update the other syslog parameters to suit your needs.
|
57
|
+
<% if @conf_syslog_enabled != 'UNSET' %>
|
58
|
+
syslog-enabled <%= @conf_syslog_enabled %>
|
59
|
+
<% else %>
|
60
|
+
# syslog-enabled no
|
61
|
+
<% end %>
|
62
|
+
|
63
|
+
# Specify the syslog identity.
|
64
|
+
<% if @conf_syslog_ident != 'UNSET' %>
|
65
|
+
syslog-ident <%= @conf_syslog_ident %>
|
66
|
+
<% else %>
|
67
|
+
# syslog-ident redis
|
68
|
+
<% end %>
|
69
|
+
|
70
|
+
# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
|
71
|
+
<% if @conf_syslog_facility != 'UNSET' %>
|
72
|
+
syslog-facility <%= @conf_syslog_facility %>
|
73
|
+
<% else %>
|
74
|
+
# syslog-facility local0
|
75
|
+
<% end %>
|
76
|
+
|
77
|
+
# Set the number of databases. The default database is DB 0, you can select
|
78
|
+
# a different one on a per-connection basis using SELECT <dbid> where
|
79
|
+
# dbid is a number between 0 and 'databases'-1
|
80
|
+
databases <%= @conf_databases %>
|
81
|
+
|
82
|
+
################################ SNAPSHOTTING #################################
|
83
|
+
#
|
84
|
+
# Save the DB on disk:
|
85
|
+
#
|
86
|
+
# save <seconds> <changes>
|
87
|
+
#
|
88
|
+
# Will save the DB if both the given number of seconds and the given
|
89
|
+
# number of write operations against the DB occurred.
|
90
|
+
#
|
91
|
+
# In the example below the behaviour will be to save:
|
92
|
+
# after 900 sec (15 min) if at least 1 key changed
|
93
|
+
# after 300 sec (5 min) if at least 10 keys changed
|
94
|
+
# after 60 sec if at least 10000 keys changed
|
95
|
+
#
|
96
|
+
# Note: you can disable saving at all commenting all the "save" lines.
|
97
|
+
|
98
|
+
<% if @conf_nosave != 'UNSET' %>
|
99
|
+
#do not persist to disk:
|
100
|
+
#save 900 1
|
101
|
+
#save 300 10
|
102
|
+
#save 60 10000
|
103
|
+
<% else %>
|
104
|
+
<% if @conf_save != 'UNSET' %>
|
105
|
+
save <%= @conf_save %>
|
106
|
+
<% else %>
|
107
|
+
save 900 1
|
108
|
+
save 300 10
|
109
|
+
save 60 10000
|
110
|
+
<% end %>
|
111
|
+
<% end %>
|
112
|
+
|
113
|
+
# Compress string objects using LZF when dump .rdb databases?
|
114
|
+
# For default that's set to 'yes' as it's almost always a win.
|
115
|
+
# If you want to save some CPU in the saving child set it to 'no' but
|
116
|
+
# the dataset will likely be bigger if you have compressible values or keys.
|
117
|
+
rdbcompression <%= @conf_rdbcompression %>
|
118
|
+
|
119
|
+
# The filename where to dump the DB
|
120
|
+
dbfilename <%= @conf_dbfilename %>
|
121
|
+
|
122
|
+
# The working directory.
|
123
|
+
#
|
124
|
+
# The DB will be written inside this directory, with the filename specified
|
125
|
+
# above using the 'dbfilename' configuration directive.
|
126
|
+
#
|
127
|
+
# Also the Append Only File will be created inside this directory.
|
128
|
+
#
|
129
|
+
# Note that you must specify a directory here, not a file name.
|
130
|
+
dir <%= @conf_dir %>
|
131
|
+
|
132
|
+
################################# REPLICATION #################################
|
133
|
+
|
134
|
+
# Master-Slave replication. Use slaveof to make a Redis instance a copy of
|
135
|
+
# another Redis server. Note that the configuration is local to the slave
|
136
|
+
# so for example it is possible to configure the slave to save the DB with a
|
137
|
+
# different interval, or to listen to another port, and so on.
|
138
|
+
#
|
139
|
+
<% if @conf_slaveof != 'UNSET' %>
|
140
|
+
slaveof <%= @conf_slaveof %>
|
141
|
+
<% else %>
|
142
|
+
# slaveof <masterip> <masterport>
|
143
|
+
<% end %>
|
144
|
+
|
145
|
+
# If the master is password protected (using the "requirepass" configuration
|
146
|
+
# directive below) it is possible to tell the slave to authenticate before
|
147
|
+
# starting the replication synchronization process, otherwise the master will
|
148
|
+
# refuse the slave request.
|
149
|
+
#
|
150
|
+
<% if @conf_masterauth != 'UNSET' %>
|
151
|
+
masterauth <%= @conf_masterauth %>
|
152
|
+
<% else %>
|
153
|
+
# masterauth <master-password>
|
154
|
+
<% end %>
|
155
|
+
|
156
|
+
# When a slave lost the connection with the master, or when the replication
|
157
|
+
# is still in progress, the slave can act in two different ways:
|
158
|
+
#
|
159
|
+
# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will
|
160
|
+
# still reply to client requests, possibly with out of data data, or the
|
161
|
+
# data set may just be empty if this is the first synchronization.
|
162
|
+
#
|
163
|
+
# 2) if slave-serve-stale data is set to 'no' the slave will reply with
|
164
|
+
# an error "SYNC with master in progress" to all the kind of commands
|
165
|
+
# but to INFO and SLAVEOF.
|
166
|
+
#
|
167
|
+
slave-serve-stale-data <%= @conf_slave_server_stale_data %>
|
168
|
+
|
169
|
+
# Slaves send PINGs to server in a predefined interval. It's possible to change
|
170
|
+
# this interval with the repl_ping_slave_period option. The default value is 10
|
171
|
+
# seconds.
|
172
|
+
#
|
173
|
+
# repl-ping-slave-period 10
|
174
|
+
repl-ping-slave-period <%= @conf_repl_ping_slave_period %>
|
175
|
+
|
176
|
+
# The following option sets a timeout for both Bulk transfer I/O timeout and
|
177
|
+
# master data or ping response timeout. The default value is 60 seconds.
|
178
|
+
#
|
179
|
+
# It is important to make sure that this value is greater than the value
|
180
|
+
# specified for repl-ping-slave-period otherwise a timeout will be detected
|
181
|
+
# every time there is low traffic between the master and the slave.
|
182
|
+
#
|
183
|
+
# repl-timeout 60
|
184
|
+
repl-timeout <%= @conf_repl_timeout %>
|
185
|
+
|
186
|
+
################################## SECURITY ###################################
|
187
|
+
|
188
|
+
# Require clients to issue AUTH <PASSWORD> before processing any other
|
189
|
+
# commands. This might be useful in environments in which you do not trust
|
190
|
+
# others with access to the host running redis-server.
|
191
|
+
#
|
192
|
+
# This should stay commented out for backward compatibility and because most
|
193
|
+
# people do not need auth (e.g. they run their own servers).
|
194
|
+
#
|
195
|
+
# Warning: since Redis is pretty fast an outside user can try up to
|
196
|
+
# 150k passwords per second against a good box. This means that you should
|
197
|
+
# use a very strong password otherwise it will be very easy to break.
|
198
|
+
#
|
199
|
+
<% if @conf_requirepass != 'UNSET' %>
|
200
|
+
requirepass <%= @conf_requirepass %>
|
201
|
+
<% else %>
|
202
|
+
# requirepass foobared
|
203
|
+
<% end %>
|
204
|
+
|
205
|
+
# Command renaming.
|
206
|
+
#
|
207
|
+
# It is possilbe to change the name of dangerous commands in a shared
|
208
|
+
# environment. For instance the CONFIG command may be renamed into something
|
209
|
+
# of hard to guess so that it will be still available for internal-use
|
210
|
+
# tools but not available for general clients.
|
211
|
+
#
|
212
|
+
# Example:
|
213
|
+
#
|
214
|
+
# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
|
215
|
+
#
|
216
|
+
# It is also possilbe to completely kill a command renaming it into
|
217
|
+
# an empty string:
|
218
|
+
#
|
219
|
+
# rename-command CONFIG ""
|
220
|
+
|
221
|
+
################################### LIMITS ####################################
|
222
|
+
|
223
|
+
# Set the max number of connected clients at the same time. By default there
|
224
|
+
# is no limit, and it's up to the number of file descriptors the Redis process
|
225
|
+
# is able to open. The special value '0' means no limits.
|
226
|
+
# Once the limit is reached Redis will close all the new connections sending
|
227
|
+
# an error 'max number of clients reached'.
|
228
|
+
#
|
229
|
+
# maxclients 128
|
230
|
+
<% if @conf_maxclients != 'UNSET' %>
|
231
|
+
maxclients <%= @conf_maxclients %>
|
232
|
+
<% end %>
|
233
|
+
|
234
|
+
# Don't use more memory than the specified amount of bytes.
|
235
|
+
# When the memory limit is reached Redis will try to remove keys
|
236
|
+
# accordingly to the eviction policy selected (see maxmemmory-policy).
|
237
|
+
#
|
238
|
+
# If Redis can't remove keys according to the policy, or if the policy is
|
239
|
+
# set to 'noeviction', Redis will start to reply with errors to commands
|
240
|
+
# that would use more memory, like SET, LPUSH, and so on, and will continue
|
241
|
+
# to reply to read-only commands like GET.
|
242
|
+
#
|
243
|
+
# This option is usually useful when using Redis as an LRU cache, or to set
|
244
|
+
# an hard memory limit for an instance (using the 'noeviction' policy).
|
245
|
+
#
|
246
|
+
# WARNING: If you have slaves attached to an instance with maxmemory on,
|
247
|
+
# the size of the output buffers needed to feed the slaves are subtracted
|
248
|
+
# from the used memory count, so that network problems / resyncs will
|
249
|
+
# not trigger a loop where keys are evicted, and in turn the output
|
250
|
+
# buffer of slaves is full with DELs of keys evicted triggering the deletion
|
251
|
+
# of more keys, and so forth until the database is completely emptied.
|
252
|
+
#
|
253
|
+
# In short... if you have slaves attached it is suggested that you set a lower
|
254
|
+
# limit for maxmemory so that there is some free RAM on the system for slave
|
255
|
+
# output buffers (but this is not needed if the policy is 'noeviction').
|
256
|
+
#
|
257
|
+
# maxmemory <bytes>
|
258
|
+
<% if @conf_maxmemory != 'UNSET' %>
|
259
|
+
maxmemory <%= @conf_maxmemory %>
|
260
|
+
<% end %>
|
261
|
+
|
262
|
+
# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
|
263
|
+
# is reached? You can select among five behavior:
|
264
|
+
#
|
265
|
+
# volatile-lru -> remove the key with an expire set using an LRU algorithm
|
266
|
+
# allkeys-lru -> remove any key accordingly to the LRU algorithm
|
267
|
+
# volatile-random -> remove a random key with an expire set
|
268
|
+
# allkeys->random -> remove a random key, any key
|
269
|
+
# volatile-ttl -> remove the key with the nearest expire time (minor TTL)
|
270
|
+
# noeviction -> don't expire at all, just return an error on write operations
|
271
|
+
#
|
272
|
+
# Note: with all the kind of policies, Redis will return an error on write
|
273
|
+
# operations, when there are not suitable keys for eviction.
|
274
|
+
#
|
275
|
+
# At the date of writing this commands are: set setnx setex append
|
276
|
+
# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
|
277
|
+
# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
|
278
|
+
# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
|
279
|
+
# getset mset msetnx exec sort
|
280
|
+
#
|
281
|
+
# The default is:
|
282
|
+
#
|
283
|
+
# maxmemory-policy volatile-lru
|
284
|
+
<% if @conf_maxmemory_policy != 'UNSET' %>
|
285
|
+
maxmemory-policy <%= @conf_maxmemory_policy %>
|
286
|
+
<% end %>
|
287
|
+
|
288
|
+
# LRU and minimal TTL algorithms are not precise algorithms but approximated
|
289
|
+
# algorithms (in order to save memory), so you can select as well the sample
|
290
|
+
# size to check. For instance for default Redis will check three keys and
|
291
|
+
# pick the one that was used less recently, you can change the sample size
|
292
|
+
# using the following configuration directive.
|
293
|
+
#
|
294
|
+
# maxmemory-samples 3
|
295
|
+
<% if @conf_maxmemory_samples != 'UNSET' %>
|
296
|
+
maxmemory-samples <%= @conf_maxmemory_samples %>
|
297
|
+
<% end %>
|
298
|
+
|
299
|
+
############################## APPEND ONLY MODE ###############################
|
300
|
+
|
301
|
+
# By default Redis asynchronously dumps the dataset on disk. If you can live
|
302
|
+
# with the idea that the latest records will be lost if something like a crash
|
303
|
+
# happens this is the preferred way to run Redis. If instead you care a lot
|
304
|
+
# about your data and don't want to that a single record can get lost you should
|
305
|
+
# enable the append only mode: when this mode is enabled Redis will append
|
306
|
+
# every write operation received in the file appendonly.aof. This file will
|
307
|
+
# be read on startup in order to rebuild the full dataset in memory.
|
308
|
+
#
|
309
|
+
# Note that you can have both the async dumps and the append only file if you
|
310
|
+
# like (you have to comment the "save" statements above to disable the dumps).
|
311
|
+
# Still if append only mode is enabled Redis will load the data from the
|
312
|
+
# log file at startup ignoring the dump.rdb file.
|
313
|
+
#
|
314
|
+
# IMPORTANT: Check the BGREWRITEAOF to check how to rewrite the append
|
315
|
+
# log file in background when it gets too big.
|
316
|
+
|
317
|
+
appendonly <%= @conf_appendonly %>
|
318
|
+
|
319
|
+
# The name of the append only file (default: "appendonly.aof")
|
320
|
+
# appendfilename appendonly.aof
|
321
|
+
<% if @conf_appendfilename != 'UNSET' %>
|
322
|
+
appendfilename <%= @conf_appendfilename %>
|
323
|
+
<% end %>
|
324
|
+
|
325
|
+
# The fsync() call tells the Operating System to actually write data on disk
|
326
|
+
# instead to wait for more data in the output buffer. Some OS will really flush
|
327
|
+
# data on disk, some other OS will just try to do it ASAP.
|
328
|
+
#
|
329
|
+
# Redis supports three different modes:
|
330
|
+
#
|
331
|
+
# no: don't fsync, just let the OS flush the data when it wants. Faster.
|
332
|
+
# always: fsync after every write to the append only log . Slow, Safest.
|
333
|
+
# everysec: fsync only if one second passed since the last fsync. Compromise.
|
334
|
+
#
|
335
|
+
# The default is "everysec" that's usually the right compromise between
|
336
|
+
# speed and data safety. It's up to you to understand if you can relax this to
|
337
|
+
# "no" that will will let the operating system flush the output buffer when
|
338
|
+
# it wants, for better performances (but if you can live with the idea of
|
339
|
+
# some data loss consider the default persistence mode that's snapshotting),
|
340
|
+
# or on the contrary, use "always" that's very slow but a bit safer than
|
341
|
+
# everysec.
|
342
|
+
#
|
343
|
+
# If unsure, use "everysec".
|
344
|
+
|
345
|
+
# appendfsync always
|
346
|
+
appendfsync <%= @conf_appendfsync %>
|
347
|
+
# appendfsync no
|
348
|
+
|
349
|
+
# When the AOF fsync policy is set to always or everysec, and a background
|
350
|
+
# saving process (a background save or AOF log background rewriting) is
|
351
|
+
# performing a lot of I/O against the disk, in some Linux configurations
|
352
|
+
# Redis may block too long on the fsync() call. Note that there is no fix for
|
353
|
+
# this currently, as even performing fsync in a different thread will block
|
354
|
+
# our synchronous write(2) call.
|
355
|
+
#
|
356
|
+
# In order to mitigate this problem it's possible to use the following option
|
357
|
+
# that will prevent fsync() from being called in the main process while a
|
358
|
+
# BGSAVE or BGREWRITEAOF is in progress.
|
359
|
+
#
|
360
|
+
# This means that while another child is saving the durability of Redis is
|
361
|
+
# the same as "appendfsync none", that in pratical terms means that it is
|
362
|
+
# possible to lost up to 30 seconds of log in the worst scenario (with the
|
363
|
+
# default Linux settings).
|
364
|
+
#
|
365
|
+
# If you have latency problems turn this to "yes". Otherwise leave it as
|
366
|
+
# "no" that is the safest pick from the point of view of durability.
|
367
|
+
no-appendfsync-on-rewrite <%= @conf_no_appendfsync_on_rewrite %>
|
368
|
+
|
369
|
+
# Automatic rewrite of the append only file.
|
370
|
+
# Redis is able to automatically rewrite the log file implicitly calling
|
371
|
+
# BGREWRITEAOF when the AOF log size will growth by the specified percentage.
|
372
|
+
#
|
373
|
+
# This is how it works: Redis remembers the size of the AOF file after the
|
374
|
+
# latest rewrite (or if no rewrite happened since the restart, the size of
|
375
|
+
# the AOF at startup is used).
|
376
|
+
#
|
377
|
+
# This base size is compared to the current size. If the current size is
|
378
|
+
# bigger than the specified percentage, the rewrite is triggered. Also
|
379
|
+
# you need to specify a minimal size for the AOF file to be rewritten, this
|
380
|
+
# is useful to avoid rewriting the AOF file even if the percentage increase
|
381
|
+
# is reached but it is still pretty small.
|
382
|
+
#
|
383
|
+
# Specify a precentage of zero in order to disable the automatic AOF
|
384
|
+
# rewrite feature.
|
385
|
+
|
386
|
+
auto-aof-rewrite-percentage <%= @conf_auto_aof_rewrite_percentage %>
|
387
|
+
auto-aof-rewrite-min-size <%= @conf_auto_aof_rewrite_min_size %>
|
388
|
+
|
389
|
+
################################## SLOW LOG ###################################
|
390
|
+
|
391
|
+
# The Redis Slow Log is a system to log queries that exceeded a specified
|
392
|
+
# execution time. The execution time does not include the I/O operations
|
393
|
+
# like talking with the client, sending the reply and so forth,
|
394
|
+
# but just the time needed to actually execute the command (this is the only
|
395
|
+
# stage of command execution where the thread is blocked and can not serve
|
396
|
+
# other requests in the meantime).
|
397
|
+
#
|
398
|
+
# You can configure the slow log with two parameters: one tells Redis
|
399
|
+
# what is the execution time, in microseconds, to exceed in order for the
|
400
|
+
# command to get logged, and the other parameter is the length of the
|
401
|
+
# slow log. When a new command is logged the oldest one is removed from the
|
402
|
+
# queue of logged commands.
|
403
|
+
|
404
|
+
# The following time is expressed in microseconds, so 1000000 is equivalent
|
405
|
+
# to one second. Note that a negative number disables the slow log, while
|
406
|
+
# a value of zero forces the logging of every command.
|
407
|
+
slowlog-log-slower-than <%= @conf_slowlog_log_slower_than %>
|
408
|
+
|
409
|
+
# There is no limit to this length. Just be aware that it will consume memory.
|
410
|
+
# You can reclaim memory used by the slow log with SLOWLOG RESET.
|
411
|
+
slowlog-max-len <%= @conf_slowlog_max_len %>
|
412
|
+
|
413
|
+
################################ VIRTUAL MEMORY ###############################
|
414
|
+
|
415
|
+
### WARNING! Virtual Memory is deprecated in Redis 2.4
|
416
|
+
### The use of Virtual Memory is strongly discouraged.
|
417
|
+
|
418
|
+
# Virtual Memory allows Redis to work with datasets bigger than the actual
|
419
|
+
# amount of RAM needed to hold the whole dataset in memory.
|
420
|
+
# In order to do so very used keys are taken in memory while the other keys
|
421
|
+
# are swapped into a swap file, similarly to what operating systems do
|
422
|
+
# with memory pages.
|
423
|
+
#
|
424
|
+
# To enable VM just set 'vm-enabled' to yes, and set the following three
|
425
|
+
# VM parameters accordingly to your needs.
|
426
|
+
|
427
|
+
vm-enabled <%= @conf_vm_enabled %>
|
428
|
+
# vm-enabled yes
|
429
|
+
|
430
|
+
# This is the path of the Redis swap file. As you can guess, swap files
|
431
|
+
# can't be shared by different Redis instances, so make sure to use a swap
|
432
|
+
# file for every redis process you are running. Redis will complain if the
|
433
|
+
# swap file is already in use.
|
434
|
+
#
|
435
|
+
# The best kind of storage for the Redis swap file (that's accessed at random)
|
436
|
+
# is a Solid State Disk (SSD).
|
437
|
+
#
|
438
|
+
# *** WARNING *** if you are using a shared hosting the default of putting
|
439
|
+
# the swap file under /tmp is not secure. Create a dir with access granted
|
440
|
+
# only to Redis user and configure Redis to create the swap file there.
|
441
|
+
vm-swap-file <%= @conf_vm_swap_file %>
|
442
|
+
|
443
|
+
# vm-max-memory configures the VM to use at max the specified amount of
|
444
|
+
# RAM. Everything that deos not fit will be swapped on disk *if* possible, that
|
445
|
+
# is, if there is still enough contiguous space in the swap file.
|
446
|
+
#
|
447
|
+
# With vm-max-memory 0 the system will swap everything it can. Not a good
|
448
|
+
# default, just specify the max amount of RAM you can in bytes, but it's
|
449
|
+
# better to leave some margin. For instance specify an amount of RAM
|
450
|
+
# that's more or less between 60 and 80% of your free RAM.
|
451
|
+
vm-max-memory <%= @conf_vm_max_memory %>
|
452
|
+
|
453
|
+
# Redis swap files is split into pages. An object can be saved using multiple
|
454
|
+
# contiguous pages, but pages can't be shared between different objects.
|
455
|
+
# So if your page is too big, small objects swapped out on disk will waste
|
456
|
+
# a lot of space. If you page is too small, there is less space in the swap
|
457
|
+
# file (assuming you configured the same number of total swap file pages).
|
458
|
+
#
|
459
|
+
# If you use a lot of small objects, use a page size of 64 or 32 bytes.
|
460
|
+
# If you use a lot of big objects, use a bigger page size.
|
461
|
+
# If unsure, use the default :)
|
462
|
+
vm-page-size <%= @conf_vm_page_size %>
|
463
|
+
|
464
|
+
# Number of total memory pages in the swap file.
|
465
|
+
# Given that the page table (a bitmap of free/used pages) is taken in memory,
|
466
|
+
# every 8 pages on disk will consume 1 byte of RAM.
|
467
|
+
#
|
468
|
+
# The total swap size is vm-page-size * vm-pages
|
469
|
+
#
|
470
|
+
# With the default of 32-bytes memory pages and 134217728 pages Redis will
|
471
|
+
# use a 4 GB swap file, that will use 16 MB of RAM for the page table.
|
472
|
+
#
|
473
|
+
# It's better to use the smallest acceptable value for your application,
|
474
|
+
# but the default is large in order to work in most conditions.
|
475
|
+
vm-pages <%= @conf_vm_pages %>
|
476
|
+
|
477
|
+
# Max number of VM I/O threads running at the same time.
|
478
|
+
# This threads are used to read/write data from/to swap file, since they
|
479
|
+
# also encode and decode objects from disk to memory or the reverse, a bigger
|
480
|
+
# number of threads can help with big objects even if they can't help with
|
481
|
+
# I/O itself as the physical device may not be able to couple with many
|
482
|
+
# reads/writes operations at the same time.
|
483
|
+
#
|
484
|
+
# The special value of 0 turn off threaded I/O and enables the blocking
|
485
|
+
# Virtual Memory implementation.
|
486
|
+
vm-max-threads <%= @conf_vm_max_threads %>
|
487
|
+
|
488
|
+
############################### ADVANCED CONFIG ###############################
|
489
|
+
|
490
|
+
# Hashes are encoded in a special way (much more memory efficient) when they
|
491
|
+
# have at max a given numer of elements, and the biggest element does not
|
492
|
+
# exceed a given threshold. You can configure this limits with the following
|
493
|
+
# configuration directives.
|
494
|
+
hash-max-zipmap-entries <%= @conf_hash_max_zipmap_entries %>
|
495
|
+
hash-max-zipmap-value <%= @conf_hash_max_zipmap_value %>
|
496
|
+
|
497
|
+
# Similarly to hashes, small lists are also encoded in a special way in order
|
498
|
+
# to save a lot of space. The special representation is only used when
|
499
|
+
# you are under the following limits:
|
500
|
+
list-max-ziplist-entries <%= @conf_list_max_ziplist_entries %>
|
501
|
+
list-max-ziplist-value <%= @conf_list_max_ziplist_value %>
|
502
|
+
|
503
|
+
# Sets have a special encoding in just one case: when a set is composed
|
504
|
+
# of just strings that happens to be integers in radix 10 in the range
|
505
|
+
# of 64 bit signed integers.
|
506
|
+
# The following configuration setting sets the limit in the size of the
|
507
|
+
# set in order to use this special memory saving encoding.
|
508
|
+
set-max-intset-entries <%= @conf_set_max_intset_entries %>
|
509
|
+
|
510
|
+
# Similarly to hashes and lists, sorted sets are also specially encoded in
|
511
|
+
# order to save a lot of space. This encoding is only used when the length and
|
512
|
+
# elements of a sorted set are below the following limits:
|
513
|
+
zset-max-ziplist-entries <%= @conf_zset_max_ziplist_entries %>
|
514
|
+
zset-max-ziplist-value <%= @conf_zset_max_ziplist_value %>
|
515
|
+
|
516
|
+
# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
|
517
|
+
# order to help rehashing the main Redis hash table (the one mapping top-level
|
518
|
+
# keys to values). The hash table implementation redis uses (see dict.c)
|
519
|
+
# performs a lazy rehashing: the more operation you run into an hash table
|
520
|
+
# that is rhashing, the more rehashing "steps" are performed, so if the
|
521
|
+
# server is idle the rehashing is never complete and some more memory is used
|
522
|
+
# by the hash table.
|
523
|
+
#
|
524
|
+
# The default is to use this millisecond 10 times every second in order to
|
525
|
+
# active rehashing the main dictionaries, freeing memory when possible.
|
526
|
+
#
|
527
|
+
# If unsure:
|
528
|
+
# use "activerehashing no" if you have hard latency requirements and it is
|
529
|
+
# not a good thing in your environment that Redis can reply form time to time
|
530
|
+
# to queries with 2 milliseconds delay.
|
531
|
+
#
|
532
|
+
# use "activerehashing yes" if you don't have such hard requirements but
|
533
|
+
# want to free memory asap when possible.
|
534
|
+
activerehashing <%= @conf_activerehashing %>
|
535
|
+
|
536
|
+
################################## INCLUDES ###################################
|
537
|
+
|
538
|
+
# Include one or more other config files here. This is useful if you
|
539
|
+
# have a standard template that goes to all redis server but also need
|
540
|
+
# to customize a few per-server settings. Include files can include
|
541
|
+
# other files, so use this wisely.
|
542
|
+
#
|
543
|
+
# include /path/to/local.conf
|
544
|
+
# include /path/to/other.conf
|
545
|
+
<% if @conf_include != 'UNSET' %>
|
546
|
+
include <%= @conf_include %>
|
547
|
+
<% end %>
|
@@ -0,0 +1,16 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
apt-get install --yes lsb-release
|
4
|
+
DISTRIB_CODENAME=$(lsb_release --codename --short)
|
5
|
+
DEB="puppetlabs-release-${DISTRIB_CODENAME}.deb"
|
6
|
+
DEB_PROVIDES="/etc/apt/sources.list.d/puppetlabs.list" # Assume that this file's existence means we have the Puppet Labs repo added
|
7
|
+
|
8
|
+
if [ ! -e $DEB_PROVIDES ]
|
9
|
+
then
|
10
|
+
# Print statement useful for debugging, but automated runs of this will interpret any output as an error
|
11
|
+
# print "Could not find $DEB_PROVIDES - fetching and installing $DEB"
|
12
|
+
wget -q http://apt.puppetlabs.com/$DEB
|
13
|
+
sudo dpkg -i $DEB
|
14
|
+
fi
|
15
|
+
sudo apt-get update
|
16
|
+
sudo apt-get install --yes puppet
|