salted-rails 0.0.7 → 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/salted-rails/capistrano_helper.rb +3 -3
- data/lib/salted-rails/config.rb +85 -72
- data/lib/salted-rails/helper_base.rb +8 -7
- data/lib/salted-rails/vagrant_helper.rb +8 -6
- data/lib/salted-rails/version.rb +1 -1
- data/salt/apt/dist_upgrade.sls +5 -0
- data/salt/apt/salt_packages.sls +8 -0
- data/salt/apt/update_packages.sls +1 -1
- data/salt/bin/change_mirror.sh +6 -5
- data/salt/net/ufw.sls +4 -0
- data/salt/top.sls +15 -3
- data/salt/www/nginx/etc/nginx/sites-available/admin.conf +14 -8
- data/salt/www/nginx/init.sls +0 -16
- data/salt/www/nginx/srv/www/admin/df.php +13 -0
- data/salt/www/nginx/srv/www/admin/dpkg.php +13 -0
- data/salt/www/nginx/srv/www/admin/facter.php +13 -0
- data/salt/www/nginx/srv/www/admin/free.php +13 -0
- data/salt/www/nginx/srv/www/admin/ifconfig.php +13 -0
- data/salt/www/nginx/srv/www/admin/index.php +11 -0
- data/salt/www/nginx/srv/www/admin/ps.php +13 -0
- metadata +10 -2
|
@@ -10,7 +10,7 @@ require 'salted-rails/helper_base'
|
|
|
10
10
|
module SaltedRails
|
|
11
11
|
class CapistranoHelper < HelperBase
|
|
12
12
|
|
|
13
|
-
def initialize(
|
|
13
|
+
def initialize(project_root, logger = Log4r::Logger.new("salted_rails::capistrano_helper"))
|
|
14
14
|
super(rail_root, logger)
|
|
15
15
|
end
|
|
16
16
|
|
|
@@ -55,7 +55,7 @@ module SaltedRails
|
|
|
55
55
|
# # Provisioning #2: masterless highstate call
|
|
56
56
|
# config.vm.provision :salt do |salt|
|
|
57
57
|
# @logger.info 'Configuring salt provisioner' if @logger
|
|
58
|
-
# minion_file = @
|
|
58
|
+
# minion_file = @project_root + 'config/salt/vagrant/minion'
|
|
59
59
|
# minion_file = @salt_root + 'salt/vagrant/minion' unless File.exists? minion_file
|
|
60
60
|
# salt.minion_config = minion_file
|
|
61
61
|
# salt.run_highstate = true
|
|
@@ -75,7 +75,7 @@ module SaltedRails
|
|
|
75
75
|
# configure_memory(memory)
|
|
76
76
|
# vm_config.vm.boot_mode == :gui
|
|
77
77
|
# vm_config.vm.provision :salt do |salt|
|
|
78
|
-
# minion_file = @
|
|
78
|
+
# minion_file = @project_root + 'config/salt/vagrant/gui_minion'
|
|
79
79
|
# minion_file = @salt_root + 'salt/vagrant/gui_minion' unless File.exists? minion_file
|
|
80
80
|
# salt.minion_config = minion_file
|
|
81
81
|
# end
|
data/lib/salted-rails/config.rb
CHANGED
|
@@ -7,11 +7,10 @@ require 'log4r'
|
|
|
7
7
|
module SaltedRails
|
|
8
8
|
class Config
|
|
9
9
|
|
|
10
|
+
attr_accessor :admin_password
|
|
10
11
|
attr_accessor :box
|
|
11
12
|
attr_accessor :ca_path
|
|
12
13
|
attr_accessor :copy_from_home
|
|
13
|
-
attr_accessor :admin_password
|
|
14
|
-
attr_accessor :web_password
|
|
15
14
|
attr_accessor :databases
|
|
16
15
|
attr_accessor :domain
|
|
17
16
|
attr_accessor :files
|
|
@@ -21,16 +20,17 @@ module SaltedRails
|
|
|
21
20
|
attr_accessor :logger
|
|
22
21
|
attr_accessor :machine
|
|
23
22
|
attr_accessor :machines
|
|
23
|
+
attr_accessor :mapped_ports
|
|
24
24
|
attr_accessor :memory
|
|
25
25
|
attr_accessor :mirror
|
|
26
26
|
attr_accessor :packages
|
|
27
27
|
attr_accessor :ports
|
|
28
|
-
attr_accessor :mapped_ports
|
|
29
28
|
attr_accessor :private_key_path
|
|
30
|
-
attr_accessor :
|
|
29
|
+
attr_accessor :project_root
|
|
31
30
|
attr_accessor :region
|
|
32
31
|
attr_accessor :roles
|
|
33
32
|
attr_accessor :salt_root
|
|
33
|
+
attr_accessor :staging_password
|
|
34
34
|
attr_accessor :sync_vagrant
|
|
35
35
|
attr_accessor :versions
|
|
36
36
|
|
|
@@ -39,17 +39,17 @@ module SaltedRails
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
# pass vm.ui for the logger if you want debugging info
|
|
42
|
-
def initialize(
|
|
42
|
+
def initialize(project_root, machine = 'default')
|
|
43
43
|
@logger = Log4r::Logger.new("vagrant::salted-rails")
|
|
44
44
|
@machine = machine
|
|
45
|
-
@
|
|
46
|
-
@
|
|
45
|
+
@project_root = project_root
|
|
46
|
+
@project_root += '/' unless @project_root =~ /\/$/
|
|
47
47
|
@salt_root = nil
|
|
48
48
|
# see salt/vagrant/top.sls for other roles
|
|
49
49
|
@roles = %w{ app web db }
|
|
50
50
|
@domain = nil
|
|
51
51
|
@admin_password = nil
|
|
52
|
-
@
|
|
52
|
+
@staging_password = nil
|
|
53
53
|
@private_key_path = nil
|
|
54
54
|
@mirror = nil
|
|
55
55
|
@memory = nil
|
|
@@ -60,18 +60,18 @@ module SaltedRails
|
|
|
60
60
|
@ca_path = nil
|
|
61
61
|
@region = nil
|
|
62
62
|
@forward_agent = true
|
|
63
|
-
@files = [ '.ruby-version', '.java-version', '.php-version', 'config/database.yml', 'Gemfile', 'Gemfile.lock' ].select{ |f| File.exist?(@
|
|
63
|
+
@files = [ '.ruby-version', '.java-version', '.php-version', 'config/database.yml', 'Gemfile', 'Gemfile.lock' ].select{ |f| File.exist?(@project_root + f) }
|
|
64
64
|
@packages = nil
|
|
65
65
|
@copy_from_home = [ ]
|
|
66
66
|
|
|
67
67
|
ENV['REMOTE_MACHINE'] = 'true'
|
|
68
|
-
database_file = @
|
|
68
|
+
database_file = @project_root + 'config/database.yml'
|
|
69
69
|
@databases = YAML.load(ERB.new(IO.read(database_file)).result) rescue { }
|
|
70
70
|
ENV['REMOTE_MACHINE'] = nil
|
|
71
71
|
|
|
72
72
|
@gems = { }
|
|
73
|
-
if File.exists? @
|
|
74
|
-
File.foreach(@
|
|
73
|
+
if File.exists? @project_root + 'Gemfile'
|
|
74
|
+
File.foreach(@project_root + 'Gemfile') do |line|
|
|
75
75
|
if line =~ /^\s*gem\s*['"]([^'"]+)['"][,\s]*(['"]([^'"]+)['"])?/
|
|
76
76
|
gem = $1
|
|
77
77
|
version = $3.to_s
|
|
@@ -96,6 +96,71 @@ module SaltedRails
|
|
|
96
96
|
@roles.include? 'gui'
|
|
97
97
|
end
|
|
98
98
|
|
|
99
|
+
def define(machine, &block)
|
|
100
|
+
obj = self.clone
|
|
101
|
+
obj.machine = machine
|
|
102
|
+
obj.machines = [ ]
|
|
103
|
+
obj.logger = @logger
|
|
104
|
+
@machines << obj
|
|
105
|
+
yield(obj) if block_given?
|
|
106
|
+
end
|
|
107
|
+
|
|
108
|
+
def provider
|
|
109
|
+
pat = File.join(@project_root, '.vagrant','machines',@machine,'*','id')
|
|
110
|
+
prov = Dir.glob(pat).collect{|path| File.basename(File.dirname(path))}.first
|
|
111
|
+
prov ||= ARGV.select{|a| a =~ /^--provider=/}.collect{|a| a.sub(/.*=/, '')}.first
|
|
112
|
+
prov ||= ENV['VAGRANT_DEFAULT_PROVIDER'] || 'virtualbox'
|
|
113
|
+
prov
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
# Clone
|
|
117
|
+
def clone
|
|
118
|
+
obj = self.dup
|
|
119
|
+
obj.roles = @roles.dup
|
|
120
|
+
obj.ports = @ports.dup
|
|
121
|
+
obj.mapped_ports = @mapped_ports.dup
|
|
122
|
+
obj.files = @files.dup
|
|
123
|
+
obj.copy_from_home = @copy_from_home.dup
|
|
124
|
+
obj.databases = @databases.dup
|
|
125
|
+
obj.gems = @gems.dup
|
|
126
|
+
obj
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
def to_hash
|
|
130
|
+
{
|
|
131
|
+
'admin_password' => @admin_password,
|
|
132
|
+
'databases' => @databases,
|
|
133
|
+
'disable_vagrant_sync' => @disable_vagrant_sync,
|
|
134
|
+
'domain' => @domain,
|
|
135
|
+
'files' => @files,
|
|
136
|
+
'forward_agent' => @forward_agent,
|
|
137
|
+
'gems' => @gems,
|
|
138
|
+
'hostname' => @hostname,
|
|
139
|
+
'machine' => @machine,
|
|
140
|
+
'mapped_ports' => @mapped_ports,
|
|
141
|
+
'memory' => @memory,
|
|
142
|
+
'mirror' => @mirror,
|
|
143
|
+
'ports' => @ports,
|
|
144
|
+
'region' => @region,
|
|
145
|
+
'roles' => @roles,
|
|
146
|
+
'provider' => provider,
|
|
147
|
+
'staging_password' => @staging_password,
|
|
148
|
+
'versions' => @versions
|
|
149
|
+
}
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
def to_yaml
|
|
153
|
+
normalize
|
|
154
|
+
self.to_hash.to_yaml
|
|
155
|
+
end
|
|
156
|
+
|
|
157
|
+
def configure_vagrant(config)
|
|
158
|
+
require 'salted-rails/vagrant_helper'
|
|
159
|
+
normalize
|
|
160
|
+
helper = SaltedRails::VagrantHelper.new(self)
|
|
161
|
+
helper.configure_vagrant(config)
|
|
162
|
+
end
|
|
163
|
+
|
|
99
164
|
def normalize
|
|
100
165
|
@versions['mysql'] ||= '5.5' if @roles.include?('mysql')
|
|
101
166
|
@versions['teamcity'] ||= '8.0.4' if @roles.include?('teamcity')
|
|
@@ -103,13 +168,13 @@ module SaltedRails
|
|
|
103
168
|
@roles << 'gui' if @roles.include?('rubymine') and not @roles.include?('gui')
|
|
104
169
|
|
|
105
170
|
%w{ ruby php java }.each do |lang|
|
|
106
|
-
version = File.open(@
|
|
171
|
+
version = File.open(@project_root + ".#{lang}-version", 'r') do |f_in|
|
|
107
172
|
f_in.gets.gsub(/\s/,'')
|
|
108
173
|
end rescue nil
|
|
109
174
|
@versions[lang] ||= version if version
|
|
110
175
|
end
|
|
111
176
|
unless @versions.include?('ruby')
|
|
112
|
-
File.open(@
|
|
177
|
+
File.open(@project_root + '.rvmrc', 'r') do |f_in|
|
|
113
178
|
while (line = f_in.gets) and not @versions.include('ruby')
|
|
114
179
|
@versions['ruby'] = $1 if line =~ /^\s*environment_id=['"]([^"'@]+)/
|
|
115
180
|
end
|
|
@@ -131,7 +196,7 @@ module SaltedRails
|
|
|
131
196
|
if @hostname
|
|
132
197
|
@domain = @hostname.sub(/^[^.]*\.?/, '')
|
|
133
198
|
else
|
|
134
|
-
@domain = sanitize_dns_name(File.basename(File.expand_path(@
|
|
199
|
+
@domain = sanitize_dns_name(File.basename(File.expand_path(@project_root).sub(/\/$/, '').sub(/\/(app|site|web|www|website)\d*$/, ''))) + '.test'
|
|
135
200
|
@domain = 'railsapp.test' if @domain == '.test'
|
|
136
201
|
end
|
|
137
202
|
end
|
|
@@ -153,8 +218,8 @@ module SaltedRails
|
|
|
153
218
|
@mirror ||= 'auto'
|
|
154
219
|
@salt_root ||= File.dirname(__FILE__) + '/../../'
|
|
155
220
|
@ca_path ||= '/etc/ssl/certs/ca-certificates.crt'
|
|
221
|
+
@ca_path = nil unless File.exist?(@ca_path)
|
|
156
222
|
@box ||= 'preciseCloud32'
|
|
157
|
-
@ca_path = nil unless File.exist?(@ca_path)
|
|
158
223
|
@region ||= 'San Francisco 1'
|
|
159
224
|
|
|
160
225
|
{
|
|
@@ -164,65 +229,13 @@ module SaltedRails
|
|
|
164
229
|
@ports << port if @roles.include?(role) and not @ports.include?(port)
|
|
165
230
|
end
|
|
166
231
|
|
|
167
|
-
@sync_vagrant =
|
|
232
|
+
@sync_vagrant = (provider == 'virtualbox') if @sync_vagrant.nil?
|
|
168
233
|
|
|
234
|
+
unless @roles.include?('secure') or @roles.include?('insecure')
|
|
235
|
+
@roles << (provider == 'virtualbox' ? 'insecure' : 'secure')
|
|
236
|
+
end
|
|
169
237
|
@machines.each {|m| m.normalize}
|
|
170
238
|
end
|
|
171
239
|
|
|
172
|
-
def define(machine, &block)
|
|
173
|
-
obj = self.clone
|
|
174
|
-
obj.machine = machine
|
|
175
|
-
obj.machines = [ ]
|
|
176
|
-
obj.logger = @logger
|
|
177
|
-
@machines << obj
|
|
178
|
-
yield(obj) if block_given?
|
|
179
|
-
end
|
|
180
|
-
|
|
181
|
-
# Clone
|
|
182
|
-
def clone
|
|
183
|
-
obj = self.dup
|
|
184
|
-
obj.roles = @roles.dup
|
|
185
|
-
obj.ports = @ports.dup
|
|
186
|
-
obj.files = @files.dup
|
|
187
|
-
obj.copy_from_home = @copy_from_home.dup
|
|
188
|
-
obj.databases = @databases.dup
|
|
189
|
-
obj.gems = @gems.dup
|
|
190
|
-
obj
|
|
191
|
-
end
|
|
192
|
-
|
|
193
|
-
def to_hash
|
|
194
|
-
{
|
|
195
|
-
'admin_password' => @admin_password,
|
|
196
|
-
'databases' => @databases,
|
|
197
|
-
'disable_vagrant_sync' => @disable_vagrant_sync,
|
|
198
|
-
'domain' => @domain,
|
|
199
|
-
'files' => @files,
|
|
200
|
-
'forward_agent' => @forward_agent,
|
|
201
|
-
'gems' => @gems,
|
|
202
|
-
'hostname' => @hostname,
|
|
203
|
-
'machine' => @machine,
|
|
204
|
-
'mapped_ports' => @mapped_ports,
|
|
205
|
-
'memory' => @memory,
|
|
206
|
-
'mirror' => @mirror,
|
|
207
|
-
'ports' => @ports,
|
|
208
|
-
'region' => @region,
|
|
209
|
-
'roles' => @roles,
|
|
210
|
-
'user_password' => @user_password,
|
|
211
|
-
'versions' => @versions
|
|
212
|
-
}
|
|
213
|
-
end
|
|
214
|
-
|
|
215
|
-
def to_yaml
|
|
216
|
-
normalize
|
|
217
|
-
self.to_hash.to_yaml
|
|
218
|
-
end
|
|
219
|
-
|
|
220
|
-
def configure_vagrant(config)
|
|
221
|
-
require 'salted-rails/vagrant_helper'
|
|
222
|
-
normalize
|
|
223
|
-
helper = SaltedRails::VagrantHelper.new(self)
|
|
224
|
-
helper.configure_vagrant(config)
|
|
225
|
-
end
|
|
226
|
-
|
|
227
240
|
end
|
|
228
241
|
end
|
|
@@ -13,7 +13,7 @@ module SaltedRails
|
|
|
13
13
|
|
|
14
14
|
def initialize(config)
|
|
15
15
|
@config = config
|
|
16
|
-
@config.logger.info "SaltedRails: Helper created with config.
|
|
16
|
+
@config.logger.info "SaltedRails: Helper created with config.project_root = #{@config.project_root}"
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
private
|
|
@@ -25,7 +25,7 @@ module SaltedRails
|
|
|
25
25
|
#
|
|
26
26
|
# # Create custom files
|
|
27
27
|
# [ 'pillar/vagrant', 'pillar/capistrano', 'salt/vagrant', 'salt/capistrano'].each do |custom|
|
|
28
|
-
# file = @config.
|
|
28
|
+
# file = @config.project_root + 'config/' + custom + '.sls'
|
|
29
29
|
# dir = File.dirname(file)
|
|
30
30
|
# unless File.directory? dir
|
|
31
31
|
# FileUtils.mkdir_p dir
|
|
@@ -41,12 +41,13 @@ module SaltedRails
|
|
|
41
41
|
|
|
42
42
|
def pillarize_application_configuration
|
|
43
43
|
@config.logger.info 'SaltedRails: Creating pillar application data'
|
|
44
|
+
@config.normalize
|
|
44
45
|
|
|
45
46
|
# Destination
|
|
46
|
-
salt_dir = @config.
|
|
47
|
+
salt_dir = @config.project_root + 'tmp/salt/'
|
|
47
48
|
FileUtils.rm_rf salt_dir if File.directory? salt_dir
|
|
48
49
|
FileUtils.mkdir_p salt_dir unless File.directory? salt_dir
|
|
49
|
-
pillar_dir = @config.
|
|
50
|
+
pillar_dir = @config.project_root + 'tmp/pillar/'
|
|
50
51
|
FileUtils.rm_rf pillar_dir if File.directory? pillar_dir
|
|
51
52
|
FileUtils.mkdir_p pillar_dir unless File.directory? pillar_dir
|
|
52
53
|
pillar_app_file = pillar_dir + 'railsapp.sls'
|
|
@@ -57,12 +58,12 @@ module SaltedRails
|
|
|
57
58
|
unless File.directory? dir
|
|
58
59
|
FileUtils.mkdir_p dir
|
|
59
60
|
end
|
|
60
|
-
FileUtils.cp(@config.
|
|
61
|
+
FileUtils.cp(@config.project_root + f, dest)
|
|
61
62
|
end
|
|
62
63
|
dest = salt_dir + 'packages.txt'
|
|
63
64
|
if @config.packages
|
|
64
65
|
src = @config.packages
|
|
65
|
-
src = @config.
|
|
66
|
+
src = @config.project_root + src unless src =~ /^\//
|
|
66
67
|
dir = File.dirname(dest)
|
|
67
68
|
unless File.directory? dir
|
|
68
69
|
FileUtils.mkdir_p dir
|
|
@@ -92,7 +93,7 @@ module SaltedRails
|
|
|
92
93
|
File.open(pillar_app_file, 'w') do |f_out|
|
|
93
94
|
if_command = 'if'
|
|
94
95
|
@config.machines.each do |machine_config|
|
|
95
|
-
f_out.puts "{% #{if_command} grains['fqdn'] == '#{machine_config.hostname}' %}"
|
|
96
|
+
f_out.puts "{% #{if_command} (grains['fqdn'] == '#{machine_config.hostname}') or (grains['fqdn'] == '#{machine_config.machine}') %}"
|
|
96
97
|
if_command = 'elif'
|
|
97
98
|
f_out.puts machine_config.to_yaml
|
|
98
99
|
end
|
|
@@ -12,6 +12,7 @@ module SaltedRails
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def configure_vagrant(vagrant_config)
|
|
15
|
+
@config.normalize
|
|
15
16
|
port_offset = 0
|
|
16
17
|
configure_virtualbox(vagrant_config)
|
|
17
18
|
configure_vbguest(vagrant_config)
|
|
@@ -109,10 +110,10 @@ module SaltedRails
|
|
|
109
110
|
|
|
110
111
|
def configure_salt(vagrant_config, config = @config)
|
|
111
112
|
config.logger.info "Configuring saltstack (#{config.machine})"
|
|
112
|
-
vagrant_config.vm.synced_folder config.
|
|
113
|
-
vagrant_config.vm.synced_folder config.
|
|
114
|
-
vagrant_config.vm.synced_folder config.
|
|
115
|
-
vagrant_config.vm.synced_folder config.
|
|
113
|
+
vagrant_config.vm.synced_folder config.project_root + 'config/salt/', '/srv/salt/config/'
|
|
114
|
+
vagrant_config.vm.synced_folder config.project_root + 'config/pillar/', '/srv/pillar/config/'
|
|
115
|
+
vagrant_config.vm.synced_folder config.project_root + 'tmp/salt/', '/srv/salt/generated/'
|
|
116
|
+
vagrant_config.vm.synced_folder config.project_root + 'tmp/pillar/', '/srv/pillar/generated/'
|
|
116
117
|
vagrant_config.vm.synced_folder config.salt_root + 'salt/', '/srv/salt/salted-rails/'
|
|
117
118
|
vagrant_config.vm.synced_folder config.salt_root + 'pillar/', '/srv/pillar/salted-rails/'
|
|
118
119
|
# Bootstrap salt
|
|
@@ -120,7 +121,7 @@ module SaltedRails
|
|
|
120
121
|
# Provisioning #2: masterless highstate call
|
|
121
122
|
vagrant_config.vm.provision :salt do |salt|
|
|
122
123
|
config.logger.info 'Configuring salt provisioner'
|
|
123
|
-
minion_file = config.
|
|
124
|
+
minion_file = config.project_root + 'config/salt/vagrant/minion'
|
|
124
125
|
minion_file = config.salt_root + 'salt/vagrant/minion' unless File.exist?(minion_file)
|
|
125
126
|
salt.minion_config = minion_file
|
|
126
127
|
salt.run_highstate = true
|
|
@@ -128,7 +129,8 @@ module SaltedRails
|
|
|
128
129
|
# current package (salt-minion_0.17.0.1-1precise_all.deb) in ppa:saltstack/salt is broken as of Oct 10 2013:
|
|
129
130
|
# Unable to run multiple states and returns unhelpfull messages about list and get
|
|
130
131
|
salt.install_type = 'git'
|
|
131
|
-
salt.install_args = 'v0.16.4'
|
|
132
|
+
#salt.install_args = 'v0.16.4'
|
|
133
|
+
salt.install_args = 'v0.17.1'
|
|
132
134
|
end
|
|
133
135
|
end
|
|
134
136
|
|
data/lib/salted-rails/version.rb
CHANGED
data/salt/bin/change_mirror.sh
CHANGED
|
@@ -11,29 +11,30 @@ if grep 'http://[a-z.]*archive.ubuntu.com/ubuntu' /etc/apt/sources.list > /dev/n
|
|
|
11
11
|
case "$1" in
|
|
12
12
|
[a-z][a-z]|usa)
|
|
13
13
|
echo "Configuring mirror for region: $1"
|
|
14
|
-
|
|
14
|
+
sed -i.original -e 's#http://[a-z.]*[archivesecurity]*.ubuntu.com/ubuntu#http://'"$1"'.archive.ubuntu.com/ubuntu/#' /etc/apt/sources.list
|
|
15
15
|
;;
|
|
16
16
|
mirror|auto)
|
|
17
17
|
echo "Configuring automatic selection of mirror"
|
|
18
|
-
|
|
18
|
+
sed -i.original -e 's#http://[a-z.]*[archivesecurity]*.ubuntu.com/ubuntu#mirror://mirrors.ubuntu.com/mirrors.txt#' /etc/apt/sources.list
|
|
19
19
|
;;
|
|
20
20
|
sfo1)
|
|
21
21
|
echo "Configuring mirror for DIGITAL OCEAN: $1"
|
|
22
|
-
|
|
22
|
+
sed -i.original -e 's#http://[a-z.]*[archivesecurity]*.ubuntu.com/ubuntu#http://mirrors.sfo1.digitalocean.com/ubuntu/#' /etc/apt/sources.list
|
|
23
23
|
;;
|
|
24
24
|
internode)
|
|
25
25
|
echo "Configuring mirror for ISP: $1"
|
|
26
|
-
|
|
26
|
+
sed -i.original -e 's#http://[a-z.]*[archivesecurity]*.ubuntu.com/ubuntu#http://mirror.internode.on.net/pub/ubuntu/ubuntu/#' /etc/apt/sources.list
|
|
27
27
|
;;
|
|
28
28
|
[hmf]*://*ubuntu*)
|
|
29
29
|
echo "Configuring mirror for $1"
|
|
30
|
-
|
|
30
|
+
sed -i.original -e 's#http://[a-z.]*[archivesecurity]*.ubuntu.com/ubuntu#'"$1"'#' /etc/apt/sources.list
|
|
31
31
|
;;
|
|
32
32
|
*)
|
|
33
33
|
echo "Invalid mirror ($1) ignored!" >&2
|
|
34
34
|
exit 1
|
|
35
35
|
;;
|
|
36
36
|
esac
|
|
37
|
+
apt-get update
|
|
37
38
|
else
|
|
38
39
|
echo "/etc/apt/sources.list has already been changed to non ubuntu.com mirror (leaving as is)"
|
|
39
40
|
fi
|
data/salt/net/ufw.sls
CHANGED
data/salt/top.sls
CHANGED
|
@@ -3,13 +3,14 @@ base:
|
|
|
3
3
|
- apt.partner-sources
|
|
4
4
|
- apt.unwanted
|
|
5
5
|
- apt.load_packages
|
|
6
|
+
- apt.dist_upgrade
|
|
7
|
+
- apt.salt_packages
|
|
6
8
|
- vagrant.minion
|
|
7
9
|
- www.users
|
|
8
10
|
- utils
|
|
9
11
|
- crons
|
|
10
12
|
- net.hosts
|
|
11
13
|
- net.ntp
|
|
12
|
-
- net.ufw
|
|
13
14
|
- scm
|
|
14
15
|
- editors.vim
|
|
15
16
|
- lang.ruby
|
|
@@ -38,12 +39,23 @@ base:
|
|
|
38
39
|
- editors.gvim
|
|
39
40
|
- www.chromium
|
|
40
41
|
{%- endif %}
|
|
41
|
-
{%- if 'rubymine' in pillar['
|
|
42
|
+
{%- if 'rubymine' in pillar['roles'] %}
|
|
42
43
|
- editors.rubymine
|
|
43
44
|
{%- endif %}
|
|
44
|
-
{%- if 'teamcity' in pillar['
|
|
45
|
+
{%- if 'teamcity' in pillar['roles'] %}
|
|
45
46
|
- ci.teamcity
|
|
46
47
|
{%- endif %}
|
|
47
48
|
{%- if 'cruisecontrolrb' in pillar['roles'] %}
|
|
48
49
|
- ci.cruisecontrolrb
|
|
49
50
|
{%- endif %}
|
|
51
|
+
{%- if 'secure' in pillar['roles'] %}
|
|
52
|
+
- net.ufw
|
|
53
|
+
#TODO: net.fail2ban
|
|
54
|
+
{%- endif %}
|
|
55
|
+
{%- if 'monitored' in pillar['roles'] %}
|
|
56
|
+
#TODO: - server.monit
|
|
57
|
+
#TODO: - server.munin
|
|
58
|
+
{%- endif %}
|
|
59
|
+
|
|
60
|
+
# # cookbook 'ack' ?
|
|
61
|
+
|
|
@@ -1,24 +1,30 @@
|
|
|
1
1
|
server {
|
|
2
|
-
listen *:880;
|
|
3
2
|
|
|
4
|
-
{%- if pillar['
|
|
5
|
-
|
|
3
|
+
{%- if 'secure' in pillar['roles'] %}
|
|
4
|
+
listen 880 ssl;
|
|
6
5
|
ssl_certificate /etc/pki/self_signed/certs/localhost.crt;
|
|
7
6
|
ssl_certificate_key /etc/pki/self_signed/certs/localhost.key;
|
|
8
7
|
|
|
8
|
+
error_page 497 https://$http_host$request_uri;
|
|
9
|
+
|
|
10
|
+
satisfy all;
|
|
11
|
+
{%- else %}
|
|
12
|
+
listen 880;
|
|
13
|
+
satisfy any;
|
|
14
|
+
{%- endif %}
|
|
15
|
+
|
|
16
|
+
{%- if ('secure' in pillar['roles']) or pillar['admin_password'] %}
|
|
9
17
|
auth_basic "Restricted site";
|
|
10
18
|
auth_basic_user_file /etc/nginx/admin.d/htpasswd;
|
|
11
19
|
{%- endif %}
|
|
12
20
|
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
# Allow private IP range
|
|
21
|
+
# Allow ssh (localhost)
|
|
22
|
+
allow 127.0.0.0/8;
|
|
23
|
+
# Allow private IP range (virtualbox)
|
|
16
24
|
allow 10.0.0.0/8;
|
|
17
25
|
allow 172.16.0.0/12;
|
|
18
26
|
allow 192.168.0.0/16;
|
|
19
|
-
|
|
20
27
|
# todo: add list of dynamic ips - of admins
|
|
21
|
-
|
|
22
28
|
deny all;
|
|
23
29
|
|
|
24
30
|
#listen [::1]:880 default ipv6only=on; ## listen for ipv6
|
data/salt/www/nginx/init.sls
CHANGED
|
@@ -100,20 +100,4 @@ admin-user:
|
|
|
100
100
|
- require:
|
|
101
101
|
- file: {{ pillar['etc_dir'] }}/nginx/admin.d/htpasswd
|
|
102
102
|
|
|
103
|
-
# module.run:
|
|
104
|
-
# - name: apache.useradd
|
|
105
|
-
# - pwfile: {{ pillar['etc_dir'] }}/nginx/admin.d/htpasswd
|
|
106
|
-
# - user: 'admin'
|
|
107
|
-
# - password: '{{ pillar['admin_password'] }}'
|
|
108
|
-
# - require:
|
|
109
|
-
# - file: {{ pillar['etc_dir'] }}/nginx/admin.d/htpasswd
|
|
110
|
-
#
|
|
111
|
-
# Unfortunately this produces an error even when htpasswd is present:
|
|
112
|
-
# State: - module
|
|
113
|
-
# Name: apache.useradd
|
|
114
|
-
# Function: run
|
|
115
|
-
# Result: False
|
|
116
|
-
# Comment: Module function apache.useradd is not available
|
|
117
|
-
# Changes:
|
|
118
|
-
|
|
119
103
|
{%- endif %}
|
|
@@ -13,6 +13,17 @@ while (false !== ($entry = $d->read())) {
|
|
|
13
13
|
}
|
|
14
14
|
}
|
|
15
15
|
$d->close();
|
|
16
|
+
|
|
17
|
+
function command_exist($cmd) {
|
|
18
|
+
$returnVal = shell_exec("which $cmd");
|
|
19
|
+
return !empty($returnVal);
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
$commands = array('facter' => 'System info', 'df' => 'Disk Free', 'ps' => 'Process Status', 'free' => 'Memory Free Status', 'dpkg' => 'Packages installed', 'ifconfig' => 'Network Interfaces');
|
|
23
|
+
foreach ($commands as $cmd => $desc) {
|
|
24
|
+
echo '<li><a href="/' . $cmd . '.php">' . $cmd . ' - ' . $desc . "</a>\n";
|
|
25
|
+
}
|
|
26
|
+
|
|
16
27
|
?>
|
|
17
28
|
<li><a href="phpinfo.php">phpinfo</a>
|
|
18
29
|
</ul>
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: salted-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.8
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2013-10-
|
|
12
|
+
date: 2013-10-31 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
@@ -69,8 +69,10 @@ files:
|
|
|
69
69
|
- pillar/common.sls
|
|
70
70
|
- pillar/vagrant.sls
|
|
71
71
|
- pillar/vagrant/top.sls
|
|
72
|
+
- salt/apt/dist_upgrade.sls
|
|
72
73
|
- salt/apt/load_packages.sls
|
|
73
74
|
- salt/apt/partner-sources.sls
|
|
75
|
+
- salt/apt/salt_packages.sls
|
|
74
76
|
- salt/apt/unwanted.sls
|
|
75
77
|
- salt/apt/update_packages.sls
|
|
76
78
|
- salt/bin/change_mirror.sh
|
|
@@ -175,10 +177,16 @@ files:
|
|
|
175
177
|
- salt/www/nginx/etc/nginx/sites-available/.gitignore
|
|
176
178
|
- salt/www/nginx/etc/nginx/sites-available/admin.conf
|
|
177
179
|
- salt/www/nginx/init.sls
|
|
180
|
+
- salt/www/nginx/srv/www/admin/df.php
|
|
181
|
+
- salt/www/nginx/srv/www/admin/dpkg.php
|
|
182
|
+
- salt/www/nginx/srv/www/admin/facter.php
|
|
178
183
|
- salt/www/nginx/srv/www/admin/favicon.ico
|
|
179
184
|
- salt/www/nginx/srv/www/admin/favicon.png
|
|
185
|
+
- salt/www/nginx/srv/www/admin/free.php
|
|
186
|
+
- salt/www/nginx/srv/www/admin/ifconfig.php
|
|
180
187
|
- salt/www/nginx/srv/www/admin/index.php
|
|
181
188
|
- salt/www/nginx/srv/www/admin/phpinfo.php
|
|
189
|
+
- salt/www/nginx/srv/www/admin/ps.php
|
|
182
190
|
- salt/www/nginx/srv/www/admin/robots.txt
|
|
183
191
|
- salt/www/users.sls
|
|
184
192
|
- salted-rails.gemspec
|