skippy-ec2onrails 0.9.10

data/README.textile

@@ -0,0 +1,214 @@
+h1. EC2 on Rails
+
+h2. Deploy a Ruby on Rails app on EC2 in five minutes
+
+Main Page: "https://ec2onrails.rubyforge.org":https://ec2onrails.rubyforge.org
+
+Code on Github: "https://github.com/pauldowman/ec2onrails":https://github.com/pauldowman/ec2onrails
+
+EC2 on Rails is an Ubuntu Linux server image for "Amazon's EC2 hosting service":http://www.amazon.com/b/ref=sc_fe_l_2/102-6342260-7987311?ie=UTF8&node=201590011&no=3435361 that's ready to run a standard Ruby on Rails application with little or no customization. It's a Ruby on Rails "virtual appliance":http://en.wikipedia.org/wiki/Virtual_appliance.
+
+If you have an EC2 account and can start EC2 instances you're five minutes away from deploying your Rails app.
+
+EC2 on Rails is "opinionated software":http://gettingreal.37signals.com/ch04_Make_Opinionated_Software.php: the opinion is that for many rails apps the server setup can be generalized and shared the same way as the web application framework itself. For many people (Twitter, this isn't for you) the server image can be treated the same way as other shared libraries. And if the day comes when your needs areunique enough that EC2 on Rails can't be configured to work for you then you can bundle your own image from it or fork the build source and customize it. 
+
+But until then, why spend your time configuring servers?
+
+Features of the EC2 image:
+
+* Ready to deploy a Rails app with little or no configuration of the server required
+* Optional Amazon Elastic Block Store (EBS) setup and support for MySQL database persistence.
+* Automatic backup of MySQL database to S3 (EBS enabled: snapshots taken every 2 hrs; Non-EBS enabled: full backup nightly + incremental backup using binary logs every 5 minutes if not using )
+* Capistrano tasks to customize the server image, archive and restore the database to/from S3, and more (available as a rubygem)
+* Mongrel_cluster behind Apache 2.2, configured according to 
+  "Coda Hale's excellent guide":http://blog.codahale.com/2006/06/19/time-for-a-grown-up-server-rails-mongrel-apache-capistrano-and-you/
+* Ruby on Rails 2.1.0, 2.0.2 and 1.2.6
+* Ruby 1.8.6
+* MySQL 5
+* "memcached":http://www.danga.com/memcached/
+* "monit":http://www.tildeslash.com/monit/ configured to monitor apache, mongrel, mysql, memcached, drive space and system load
+* Ubuntu 8.04 LTS "Hardy" base image built using "Eric Hammond's EC2 Ubuntu script":http://alestic.com/
+* SSL support
+* Amazon AMI tools installed
+* Apache or Nginx web proxies
+* MySQL, Apache/Nginx, and syslog configured to use /mnt for data and logging so you don't fill up EC2's small root filesystem
+* Automatically archives Rails and Apache logs to S3 nightly.
+* 32-bit and 64-bit images available (supports all instance types, small to extra large).
+* Created using a build file, full source is "available":http://rubyforge.org/scm/?group_id=4552 (the EC2 on Rails script is run from "Eric Hammond's EC2 Ubuntu script":http://alestic.com/)
+* Can be used as a clustered Rails app running on multiple instances
+* Automatically runs hourly, daily, weekly and monthly scripts if they exist in Rails application's script directory
+* Local "Postfix":http://www.postfix.org/ SMTP mail server (only available from within the instance, not listening on external network interfaces)
+
+
+h2. Using the image
+
+This documentation will be improved soon, for now hopefully this covers the basics. 
+
+The current AMI id's are:
+* ami-c9bc58a0 (32-bit)
+* ami-cbbc58a2 (64-bit)
+
+_I will keep these images available for as long as possible, they will not be deleted for at least a few years._
+
+
+h4. 1. Install the gem
+
+<pre>sudo gem install ec2onrails</pre>
+
+h4. 2. Add the config files to your Rails app
+
+You will need to place "Capfile":http://github.com/pauldowman/ec2onrails/tree/master/examples/Capfile?raw=true in the root of your rails folder, and put "deploy.rb":http://github.com/pauldowman/ec2onrails/tree/master/examples/deploy.rb?raw=true  and "s3.yml":http://github.com/pauldowman/ec2onrails/tree/master/examples/s3.yml?raw=true in the config folder.
+
+Within your rails directory, run
+<code>
+  wget -q -O Capfile http://github.com/pauldowman/ec2onrails/tree/master/examples/Capfile?raw=true
+  wget -q -O config/deploy.rb http://github.com/pauldowman/ec2onrails/tree/master/examples/deploy.rb?raw=true
+  wget -q -O config/s3.yml http://github.com/pauldowman/ec2onrails/tree/master/examples/s3.yml?raw=true
+</code>
+
+
+_Be sure to customize those files and read the comments._
+
+Also, use the hostname "db_primary" in your database.yml file. After running "cap ec2onrails:server:set_roles" it will resolve to the instance defined in your Capistrano "db" role.
+
+h4. 3. Start up one or more instances of the image.
+
+There is nothing EC2 on Rails-specific here yet (though soon there will be a Capistrano task to do this for you), if you've started EC2 instances before you can skip this section. Otherwise, I'm not going to lie, this part is complicated and will take a lot more than 5 minutes the first time.
+
+Read the "running an instance section":http://docs.amazonwebservices.com/AWSEC2/2007-08-29/GettingStartedGuide/running-an-instance.html in Amazon's getting started guide.
+
+For the AMI id's of the current images do <code>cap ec2onrails:ami_ids</code> from within the app that you configured in the previous step (they're also listed earlier on this page).
+
+_NOTE: Only use the images that match the current version of the gem._
+
+Please see the "change log":http://ec2onrails.rubyforge.org/svn/trunk/gem/CHANGELOG for release notes, and see the "list of open issues":http://rubyforge.org/tracker/?atid=17558&group_id=4552&func=browse.
+
+As is "standard for public AMI's":http://docs.amazonwebservices.com/AWSEC2/2007-08-29/DeveloperGuide/public-ami-guidelines.html, password-based logins are disabled. You log in with your own "public/private keypair":http://docs.amazonwebservices.com/AWSEC2/2007-08-29/GettingStartedGuide/running-an-instance.html.
+
+Most basic things can be configured automatically by the Capistrano tasks, but if you want to you can login by ssh as a user named "admin" (has sudo ability) or as "app" (the user that the app runs as, does not have sudo ability). The Capistrano tasks automatically use the app user to deploy the app, and the admin user for server admin tasks that require sudo.
+
+IMPORTANT: Double-check "your firewall settings":http://docs.amazonwebservices.com/AWSEC2/2007-08-29/GettingStartedGuide/running-an-instance.html. Be sure that you haven't allowed public access to any ports other than TCP 22 and TCP 80 (and possibly TCP 443 if you're going to enable HTTPS). If you're using multiple instances, be sure to allow them network access to each other.
+
+
+h4. 4. Copy your public key from the server to keep Capistrano happy
+
+This is a workaround for a quirk in Capistrano. Technically all you should need to connect to the server is the private  key file, the public key is on the server. But for some reason "Capistrano requires that you have both the public key and the private key files together on the client":http://groups.google.com/group/capistrano/browse_thread/thread/1102208ff925d18.
+
+There is a Capistrano task that tries to fix this for you. From within the root of your rails app do:
+
+<pre>cap ec2onrails:get_public_key_from_server</pre>
+
+Note, this will only work if you have an external ssh command in the path, it won't work for most Windows users.
+
+
+h4. 5. Deploy the app with Capistrano
+
+Now that the gem is installed, your deploy.rb is configured and you can start and stop EC2 instances, this is the only thing you'll need to do from now on.
+
+<pre>
+cap ec2onrails:setup
+cap deploy:cold
+</pre>
+
+Yes, it's that easy! The setup task will set the server's timezone, install any gems and Ubuntu packages that you specified in the config file, and create your database.
+
+That's it, your app is now running on EC2!!
+
+
+h2. Capistrano tasks
+
+"Capistrano":http://capify.org is the most commonly used Rails deployment tool. It comes with many standard "tasks", and the EC2 on Rails gem includes Capistrano tasks specifically for configuring the server instance.
+
+Capistrano is run from the command-line using the "cap" command, with a task name given as an argument.
+
+h3. Commonly-used tasks
+
+You'll mostly need just the following Capistrano tasks:
+
+* <code>cap ec2onrails:ami_ids</code> Shows the AMI id's of the images that match the current version of the gem.
+
+* <code>cap ec2onrails:setup</code> This task configures a newly-launched instance. This is the first thing you should do after starting a new instance. It can be run more than once without ill effect. After running  "cap ec2onrails:setup" the next thing to do is run "cap deploy:cold"
+
+* <code>cap ec2onrails:db:enable_ebs</code> This task will move the _primary_ mysql database onto an Amazon Elastic Storage Block (EBS) volume. You can call this task with the optional SIZE parameter defined (defaults to 10 gigs) like <pre>cap ec2onrails:db:enable_ebs SIZE=10</pre>
+
+You should then specify your own volume (or the one created by this task) in your capistrano deploy.rb file like so: <pre>role :db, "ec2-xx-xxx-xx-xxx.compute-1.amazonaws.com", :primary => true, :ebs_vol_id => 'vol-12345abc'</pre>
+
+*NOTE* MySQL EBS is not enabled by default.  You may call this task at anytime to move your MySQL over to EBS, but just make sure you keep track of the volume-id that is printed out by this task and use it to modify your deploy.rb file
+
+* <code>cap ec2onrails:server:set_roles</code> Customizes each instance for it's role(s) (as defined in your Capistrano deploy.rb file). Run this after starting or stopping instances. For now this just makes sure that only the appropriate services (Apache, Mongrel, and/or MySQL) are running. Eventually this will customize settings for the running services also. Note that an instance can have more than one role. If there's only one instance it will have all roles.
+
+Note that due to the way that Capistrano works all tasks are run against all hosts that are currently defined in the deploy.rb file. So if you start a new instance then add it to your deploy.rb you will need to run  "cap ec2onrails:setup" again which will be run on all existing instances.
+
+
+h3. Database management tasks
+
+* <code>cap ec2onrails:db:archive</code> Archive the MySQL database to the bucket specified in your deploy.rb. This is for archiving a snapshot of your database into any S3 bucket. For example, you might want to do this before deploying.
+
+* <code>cap ec2onrails:db:restore</code> Restore the MySQL database from the bucket specified in your deploy.rb For example, I use this to restore the current production data (from my actual production backup bucket) onto a staging server that has the current production version of my app. I then deploy the new version which tests migrations exactly as they'll run on the production server.
+
+To get a full list of the Capistrano tasks at any time type <code>cap -T</code> from with your rails app root.
+
+h2. Building the image
+
+Building the image is not required, most people will simply use the prebuilt public image, but there is also a build script that builds the image. It's meant to be called by "Eric Hammond's EC2 Ubuntu script":http://alestic.com/.
+
+Here is how you go about setting it up:
+
+
+h4. Notes
+
+* amazon-keypair is your amazon keypair, which in this case has has had the public and private keys copied into the ~/.ssh folder
+* we need to copy the ec2onrails source folder onto the image instance
+* HOST_PUBLIC_INSTANCE is the hostname of the instance that you will soon be creating.  run <code>ec2-describe-instances</code> to find this value.  It will look something like <code>ec2-xxx-xxx-xxx-xxx.compute-x.amazonaws.com</code>
+
+h4. Getting started...
+
+* launch one of Eric's default images (see "Eric Hammond's":http://alestic.com/ page for the most recent ami-images): <code>ec2-run-instances ami-1cd73375 -k amazon-keypair</code> (for a 64-bit image, launch: <code>ec2-run-instances ami-17d7337e -k amazon-keypair --instance-type m1.large</code>)
+* lets get your amazon keypair up onto the instance: <code>scp -i ~/.ssh/id_rsa-amazon-keypair ~/.ec2/{cert,pk}-*.pem root@HOST_PUBLIC_ADDRESS:/mnt/</code>
+* ditto for getting the ec2onrails server code up onto your new instance: <code>scp -rp -i ~/.ssh/id_rsa-amazon-keypair ~/your/copy/of/ec2onrails/. root@HOST_PUBLIC_ADDRESS:/mnt/ec2onrails</code>
+* time to log into your instance: <code>ssh -i ~/.ssh/id_rsa-amazon-keypair root@HOST_PUBLIC_ADDRESS</code>
+* get the most recent ec2ubuntu script: <code>curl -Lo /mnt/ec2ubuntu-build-ami http://ec2ubuntu-build-ami.notlong.com</code>
+* time to get the instance ready for ec2onrails.  The script will end with a command you need to run to finish creating an amazon ami-image. <pre>bash /mnt/ec2ubuntu-build-ami \ 
+--codename hardy \ 
+--bucket YOURNAME_ec2onrails \ 
+--prefix ec2onrails \ 
+--user YOUR_AMAZON_USER_ID \ 
+--access-key AMAZON_ACCESS_KEY \ 
+--secret-key AMAZON_SECRET_KEY \ 
+--private-key /mnt/pk-*.pem \ 
+--cert /mnt/cert-*.pem \ 
+--script /mnt/ec2onrails/server/build-ec2onrails.sh</pre>
+
+h2. Mailing lists
+
+There are two Google groups, one for  "announcements":http://groups.google.com/group/ec2-on-rails-announce (usually just new release announcements) and one for "discussion":http://groups.google.com/group/ec2-on-rails-discuss.
+
+
+h2. Comments
+
+Comments are welcome. Send an email to "Paul Dowman":http://pauldowman.com/contact/  or to the "Google group":http://groups.google.com/group/ec2-on-rails-discuss. If you find bugs please file them "here":http://rubyforge.org/tracker/?atid=17558&group_id=4552&func=browse  or send me an "email":http://pauldowman.com/contact/.
+
+
+h2. Change log
+
+See the "change log":http://ec2onrails.rubyforge.org/svn/trunk/gem/CHANGELOG.
+
+
+h2. How to submit patches
+
+Pleae read the "8 steps for fixing other people's code":http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/. The source code can be checked out anonymously using: 
+<pre>
+svn checkout http://ec2onrails.rubyforge.org/svn/trunk ec2onrails
+</pre>
+
+Code on Github: "https://github.com/pauldowman/ec2onrails":https://github.com/pauldowman/ec2onrails
+
+Patches can be submitted to the "RubyForge Tracker":http://rubyforge.org/tracker/?atid=17560&group_id=4552&func=browse  or "emailed directly to me":http://pauldowman.com/contact/ .
+
+h2. License
+
+This code is free to use under the terms of the GPL v2. 
+
+If you find EC2 on Rails useful please "recommend Paul Dowman":http://www.workingwithrails.com/person/10131-paul-dowman at Working With Rails.
+
+Copyright 2007 Paul Dowman, http://pauldowman.com/ This is free software, and you are welcome to redistribute it under certain conditions. This software comes with ABSOLUTELY NO WARRANTY. See the file named COPYING for details.

data/Rakefile

@@ -0,0 +1,36 @@
+require "./lib/ec2onrails/version"
+ 
+begin
+  require 'echoe'
+rescue LoadError
+  abort "You'll need to have `echoe' installed to use ec2onrails' Rakefile"
+end
+ 
+version = Ec2onrails::VERSION::STRING.dup
+ 
+Echoe.new('ec2onrails', version) do |p|
+  p.changelog        = "CHANGELOG"
+ 
+  p.author           = ['Paul Dowman', 'Adam Greene']
+  p.email            = "paul@pauldowman.com"
+ 
+  p.summary = <<-DESC.strip.gsub(/\n\s+/, " ")
+    Client-side libraries (Capistrano tasks) for managing and 
+    deploying to EC2 on Rails servers.
+  DESC
+  
+  #OTHER helpful options
+  # p.install_message = "perhaps telling them where to find the example docs?"
+  # p.rdoc_pattern
+  p.url              = "http://ec2onrails.rubyforge.org"
+  p.need_zip         = true
+  p.rdoc_pattern     = /^(lib|README.textile|CHANGELOG)/
+ 
+  p.dependencies     = [
+                        'capistrano          >= 2.4.3', 
+                        'archive-tar-minitar >= 0.5.2', 
+                        'optiflag            >= 0.6.5']
+                        
+  p.development_dependencies = ['rake >=0.7.1']
+  
+end

data/TODO

@@ -0,0 +1,102 @@
+here are a list of upcoming changes or ones I'm thinking about
+
+FUTURE CHANGES
+[ ] do not change the Capify file.  This is an issue if you want to use ec2 for staging but something else (engineyard) for production.  The issue is that require 'ec2onrails/recipes' cannot be called until after the deploy file has been run because of some loading dependencies.  SO, is it possible to not have this behavior, or is this making a mnt out of a mole-hill?
+
+[ ] be able to save an ami file after cap ec2onrails:setup is run... this way you can just launch more instances of that specific ami file (can we automate this? )
+
+[ ] use mongrel_cluster from app directory (shared or directly in the app/config dir), and then default to the one at /etc/mongrel_cluster/app.yml
+
+[ ] customize roles.  For example, lets say I want to have nginx publish to multiple proxy's instead of the set_roles.rb default ones.  Have a hook where I, as an end user, can extend custom roles... but where do I put it?  is there a custom_roles_file location pref that is set in the cap deploy file?
+
+[ ] hook memcached into nginx...
+
+[ ] hook ssl setup hooks for nginx
+
+[ ] automatic firewall setup.  The hitch is can we find the amazon user_id automatically?
+
+[ ] automatic and randomized initial mysql root password setup.  Place the root password in a text file only to be read by 'root', perhaps in /etc/ec2onrails/mysq_root_passwd.  'mysqladmin -u root -h localhost password subGen1us'
+
+[ ] rename the root username for mysql, like 'update user set user="mydbadmin" where user="root";'.  Make sure we do this at startup but also have a check that if a user is upgrading their server that this is switched
+
+[ ] multi-database setup.  Master -> n slave(s)
+
+[ ] when generating roles file for each server, so each server knows where/how to find the internal IP of other servers in the cluster, generate this based on the roles that actually exist so arbitrary new ones can be added (recipes.rb, task :set_roles).  Capistrano has a variable 'roles', that should be useable...?  is an array, with Capistrano::ServerDefinition objects, which have the following attributes :host, :user, :port, :options
+
+[ ] allow memcache servers to reside on a separate host/cluster
+
+[ ] do a little memcache optimization, especially if it is its own host
+
+[ ] allow to pull memcache file from application directory ./config
+
+[ ] hook in pauls postfix changes to be able to use an external smtp provider.  make it configurable:
+    http://pauldowman.com/2008/02/17/smtp-mail-from-ec2-web-server-setup/
+    also see this file for updates:
+    http://www.babbleon.co.uk/2008/05/email-with-ec2/ 
+    
+[ ] preload mysql timezone information (UPDATE: not sure if this is needed...)
+
+[ ] mysql optimizations are not calculating the num of cores avail correctly
+
+[ ] right now cron has a task called 'app' in cron.daily, cron.hourly, cron.monthly, and cron.weekly.  BUT, these are run on every server.  we should probably provide some sort of mechanism so a user can specify particular jobs for particular roles
+
+[ ] consolidate all logs to /mnt/log, including /mnt/app/current... it makes it easier to rotate and shuffle them off to s3
+
+[ ] get all user-data and meta-data variables from the amazon image in a similar way to rightscale?  Makes it dead simple to use/manipulate that information.  UPDATE: rightscale gave us permission to use their open-sourced files, as long as we credit them
+
+[ ] hook in encryption of backup archives
+
+[ ] hook in backup of server... or should we wait for persistent storage snapshots?  http://www.webmonkey.com/tutorial/Back_Up_a_Web_Server
+
+[ ] allow a non-standard ssh port (and make sure the firewall is setup correctly).  modify /etc/ssh/ssh_config, update /etc/services.  Also turn off root access...but only if we have another full sudo user like 'admin'
+
+[ ] should we go back to having a sudo user like 'admin' that we flip into when we need sudo access instead of root?
+
+[ ] install and setup an intrusion detection system.  Do we want to do something as simple fcheck(apt-get fcheck, run with fcheck -cadsxl, and add /mnt to its exclusion list?), or something more complex like snort or prelude?  fcheck is small, but simple; snort is quite complex and will either require its own capistrano role or live on the web role... plus it needs to be hooked into email and other notification paths to make it useful.
+
+[ ] make difficult security/hardening changes optional, especially if they will get in the way of getting up and running.  For example, do not install denyhosts by default...or disable it if the security_hardening flag == false
+
+POSSIBLE CHANGES
+[ ] do not put users custom files up there until before deploy:cold?  Right now I'm pushing a lot of custom stuff out there into monit which is failing because the code it is supposed to monitor is not there yet.  will pushing it to "before 'deploy:cold' cause an issues"
+
+[ ] possibly put /tmp on its own mnt point, and then lock it down in /etc/fstab. Modify tmp to something like this '/dev/hda2  /tmp  ext3  nodev,nosuid, noexec  0  0'
+this means nonone will be able to execute, or a bunch of other things, from within /tmp
+
+
+QUESTIONS
+* during setup, what do you choose for Postfix configurations?  ANSWER:
+
+* why install php5?  ANSWER: Can't tell... seems to run fine without it, so removing it as a direct aptitude fetch (if it is a dependency somewhere else, it will get downloaded)
+
+* WHO runs the script/migration?  App or db?  ANSWER: the (primary-) db does.  This make sense in that you don't want every app instance running a rake db:migration.  This means that the db role needs to be fully setup to handle rake db:migration, meaning the /etc/hosts file needs to contain db_primary as an alias to 127.0.0.1
+
+
+COMPLETED
+[X] Move to Echoe?  It just seems a LOT easier to setup and handle than hoe.  It can remove a lot of cruft, probably including ./config, ./script, ./tasks (or most of them), and ./website (move that to the README file?... looks like would need to be moved to ./docs  ).  A few folks have branched ec2onrails into github before and they've all done this...
+
+[X] set -y flag when installing/updating gems UPDATE: not needed... does it automatically for the other non-interactive flags we are using
+
+[X] mysql optimizations
+
+[X] hook in ebs, and use eric's writeup as the starting point:
+http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1663&categoryID=100
+
+
+[X] /etc/monit/monitrc needs to be chmod 700.  see error at: http://pastie.org/251895, with custom task at http://pastie.org/251896..  Perhaps this should be solved in set_roles.rb or init_services or something a bit higher`
+
+[X] remove the *_admin capistrano roles.  can we use admin for sudo access but continue to deploy and run under a user without sudo access?  It looks like we can if we add this to the recipes.rb file:
+        set :use_sudo, true
+        set :user, "app"
+        set :admin_runner, "admin"
+    UPDATE: this didn't work as then admin would need to behave as root... SO, here is what I did:
+        * remove _admin roles AND the admin user
+        * give app user full sudo access to begin with
+        * have /etc/sudoers -> /etc/sudoers.full_access
+        * after ec2onrails:setup, trigger ec2onrails:server:restrict_sudo_access
+            - flips /etc/sudoers -> /etc/sudoers.restricted_access
+            - at this point, the app user ONLY has access to sudo to monit
+        * provide cap tasks to restrict or grant full sudo access
+
+[X] allow config to be able to flip between nginx and apache as proxy... 
+
+[X] move to god from monit.  One advantage is that right now, we don't use monit to send start/stop/restart signals to the underlying processes.  Monit does not always stop mongrel, and if mongrel doesn't restart monit doesn't go in with the oh-holy 'kill -9'.  So we unmonit mongrel, then use the /etc/init.d/mongrel stop to kill it.  This works (quite well actually) BUT it makes it tricky because if we limit sudo access to only monit, we cannot run the /etc/init.d/*.  It would be best if we provide sudo access to ONLY one process.  God, supposedly, doesn't have this issue.  So if we use god instead of monit, can we have god be responsible for restarts and what not?

data/ec2onrails.gemspec

@@ -0,0 +1,42 @@
+Gem::Specification.new do |s|
+  s.name = %q{ec2onrails}
+  s.version = "0.9.10"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Paul Dowman, Adam Greene"]
+  s.date = %q{2008-12-19}
+  s.description = %q{Client-side libraries (Capistrano tasks) for managing and  deploying to EC2 on Rails servers.}
+  s.email = %q{paul@pauldowman.com}
+  s.extra_rdoc_files = ["CHANGELOG", "lib/ec2onrails/capistrano_utils.rb", "lib/ec2onrails/recipes.rb", "lib/ec2onrails/version.rb", "lib/ec2onrails.rb", "README.textile"]
+  s.files = ["CHANGELOG", "COPYING", "ec2onrails.gemspec", "examples/Capfile", "examples/deploy.rb", "examples/s3.yml", "lib/ec2onrails/capistrano_utils.rb", "lib/ec2onrails/recipes.rb", "lib/ec2onrails/version.rb", "lib/ec2onrails.rb", "Manifest", "Rakefile", "README.textile", "server/build-ec2onrails.sh", "server/files/etc/aliases", "server/files/etc/aliases.db", "server/files/etc/apache2/apache2.conf", "server/files/etc/apache2/conf.d/app.proxy_cluster.conf", "server/files/etc/apache2/conf.d/app.proxy_frontend.conf", "server/files/etc/apache2/mods-available/proxy.conf", "server/files/etc/apache2/sites-available/app.common", "server/files/etc/apache2/sites-available/app.custom", "server/files/etc/apache2/sites-available/default", "server/files/etc/apache2/sites-available/default-ssl", "server/files/etc/cron.d/backup_app_db_to_s3", "server/files/etc/cron.daily/app", "server/files/etc/cron.daily/logrotate_post", "server/files/etc/cron.hourly/app", "server/files/etc/cron.monthly/app", "server/files/etc/cron.weekly/app", "server/files/etc/denyhosts.conf", "server/files/etc/dpkg/dpkg.cfg", "server/files/etc/ec2onrails/balancer_members", "server/files/etc/ec2onrails/README", "server/files/etc/ec2onrails/roles.yml", "server/files/etc/environment", "server/files/etc/god/app.god", "server/files/etc/god/db.god", "server/files/etc/god/examples/have_god_daemonize.god", "server/files/etc/god/master.conf", "server/files/etc/god/memcache.god", "server/files/etc/god/notifications.god", "server/files/etc/god/system.god", "server/files/etc/god/web.god", "server/files/etc/init.d/ec2-every-startup", "server/files/etc/init.d/ec2-first-startup", "server/files/etc/init.d/god", "server/files/etc/init.d/nginx", "server/files/etc/init.d/set_roles", "server/files/etc/logrotate.d/apache2", "server/files/etc/logrotate.d/mongrel", "server/files/etc/logrotate.d/nginx", "server/files/etc/memcached.conf", "server/files/etc/mongrel_cluster/app.yml", "server/files/etc/motd.tail", "server/files/etc/mysql/my.cnf", "server/files/etc/nginx/nginx.conf", "server/files/etc/postfix/main.cf", "server/files/etc/rcS.d/S91ec2-first-startup", "server/files/etc/rcS.d/S92ec2-every-startup", "server/files/etc/rcS.d/S99set_roles", "server/files/etc/ssh/sshd_config", "server/files/etc/sudoers", "server/files/etc/sudoers.full_access", "server/files/etc/sudoers.restricted_access", "server/files/etc/syslog.conf", "server/files/usr/bin/god", "server/files/usr/local/ec2onrails/bin/archive_file.rb", "server/files/usr/local/ec2onrails/bin/backup_app_db.rb", "server/files/usr/local/ec2onrails/bin/ec2_meta_data.rb", "server/files/usr/local/ec2onrails/bin/exec_runner", "server/files/usr/local/ec2onrails/bin/init_services.rb", "server/files/usr/local/ec2onrails/bin/optimize_mysql.rb", "server/files/usr/local/ec2onrails/bin/rails_env", "server/files/usr/local/ec2onrails/bin/rebundle.sh", "server/files/usr/local/ec2onrails/bin/restore_app_db.rb", "server/files/usr/local/ec2onrails/bin/set_rails_env", "server/files/usr/local/ec2onrails/bin/set_roles.rb", "server/files/usr/local/ec2onrails/bin/setup_web_proxy.rb", "server/files/usr/local/ec2onrails/config", "server/files/usr/local/ec2onrails/COPYING", "server/files/usr/local/ec2onrails/lib/aws_helper.rb", "server/files/usr/local/ec2onrails/lib/god_helper.rb", "server/files/usr/local/ec2onrails/lib/god_patch.rb", "server/files/usr/local/ec2onrails/lib/mysql_helper.rb", "server/files/usr/local/ec2onrails/lib/roles_helper.rb", "server/files/usr/local/ec2onrails/lib/s3_helper.rb", "server/files/usr/local/ec2onrails/lib/utils.rb", "server/files/usr/local/ec2onrails/lib/vendor/ini.rb", "server/files/usr/local/ec2onrails/startup-scripts/every-startup/get-hostname.sh", "server/files/usr/local/ec2onrails/startup-scripts/first-startup/create-dirs.sh", "server/files/usr/local/ec2onrails/startup-scripts/first-startup/generate-default-web-cert-and-key.sh", "server/files/usr/local/ec2onrails/startup-scripts/first-startup/misc.sh", "server/files/usr/local/ec2onrails/startup-scripts/first-startup/prepare-mysql-data-dir.sh", "server/files/usr/local/ec2onrails/startup-scripts/first-startup/README", "server/files/usr/local/ec2onrails/startup-scripts/first-startup/setup-credentials.sh", "server/files/usr/local/ec2onrails/startup-scripts/first-startup/setup-file-permissions.sh", "server/rakefile.rb", "setup.rb", "test/autobench.conf", "test/spec/lib/s3_helper_spec.rb", "test/spec/lib/s3_old.yml", "test/spec/test_files/test1", "test/spec/test_files/test2", "test/test_app/app/controllers/application.rb", "test/test_app/app/controllers/db_fast_controller.rb", "test/test_app/app/controllers/fast_controller.rb", "test/test_app/app/controllers/slow_controller.rb", "test/test_app/app/controllers/very_slow_controller.rb", "test/test_app/app/helpers/application_helper.rb", "test/test_app/app/helpers/db_fast_helper.rb", "test/test_app/app/helpers/fast_helper.rb", "test/test_app/app/helpers/slow_helper.rb", "test/test_app/app/helpers/very_slow_helper.rb", "test/test_app/Capfile", "test/test_app/config/boot.rb", "test/test_app/config/database.yml", "test/test_app/config/deploy.rb", "test/test_app/config/environment.rb", "test/test_app/config/environments/development.rb", "test/test_app/config/environments/production.rb", "test/test_app/config/environments/test.rb", "test/test_app/config/routes.rb", "test/test_app/db/schema.rb", "test/test_app/doc/README_FOR_APP", "test/test_app/public/404.html", "test/test_app/public/500.html", "test/test_app/public/dispatch.cgi", "test/test_app/public/dispatch.fcgi", "test/test_app/public/dispatch.rb", "test/test_app/public/favicon.ico", "test/test_app/public/images/rails.png", "test/test_app/public/javascripts/application.js", "test/test_app/public/javascripts/controls.js", "test/test_app/public/javascripts/dragdrop.js", "test/test_app/public/javascripts/effects.js", "test/test_app/public/javascripts/prototype.js", "test/test_app/public/robots.txt", "test/test_app/Rakefile", "test/test_app/README", "test/test_app/script/about", "test/test_app/script/breakpointer", "test/test_app/script/console", "test/test_app/script/destroy", "test/test_app/script/generate", "test/test_app/script/performance/benchmarker", "test/test_app/script/performance/profiler", "test/test_app/script/performance/request", "test/test_app/script/plugin", "test/test_app/script/process/inspector", "test/test_app/script/process/reaper", "test/test_app/script/process/spawner", "test/test_app/script/runner", "test/test_app/script/server", "test/test_app/test/functional/db_fast_controller_test.rb", "test/test_app/test/functional/fast_controller_test.rb", "test/test_app/test/functional/slow_controller_test.rb", "test/test_app/test/functional/very_slow_controller_test.rb", "test/test_app/test/test_helper.rb", "test/test_ec2onrails.rb", "test/test_helper.rb", "TODO"]
+  s.has_rdoc = true
+  s.homepage = %q{http://ec2onrails.rubyforge.org}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Ec2onrails", "--main", "README.textile"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{ec2onrails}
+  s.rubygems_version = %q{1.2.0}
+  s.summary = %q{Client-side libraries (Capistrano tasks) for managing and  deploying to EC2 on Rails servers.}
+  s.test_files = ["test/test_app/test/functional/db_fast_controller_test.rb", "test/test_app/test/functional/fast_controller_test.rb", "test/test_app/test/functional/slow_controller_test.rb", "test/test_app/test/functional/very_slow_controller_test.rb", "test/test_app/test/test_helper.rb", "test/test_ec2onrails.rb", "test/test_helper.rb"]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 2
+
+    if current_version >= 3 then
+      s.add_runtime_dependency(%q<capistrano>, [">= 0", "= 2.4.3"])
+      s.add_runtime_dependency(%q<archive-tar-minitar>, [">= 0", "= 0.5.2"])
+      s.add_runtime_dependency(%q<optiflag>, [">= 0", "= 0.6.5"])
+      s.add_development_dependency(%q<rake>, [">= 0.7.1"])
+    else
+      s.add_dependency(%q<capistrano>, [">= 0", "= 2.4.3"])
+      s.add_dependency(%q<archive-tar-minitar>, [">= 0", "= 0.5.2"])
+      s.add_dependency(%q<optiflag>, [">= 0", "= 0.6.5"])
+      s.add_dependency(%q<rake>, [">= 0.7.1"])
+    end
+  else
+    s.add_dependency(%q<capistrano>, [">= 0", "= 2.4.3"])
+    s.add_dependency(%q<archive-tar-minitar>, [">= 0", "= 0.5.2"])
+    s.add_dependency(%q<optiflag>, [">= 0", "= 0.6.5"])
+    s.add_dependency(%q<rake>, [">= 0.7.1"])
+  end
+end

data/examples/Capfile

@@ -0,0 +1,3 @@
+load 'deploy' if respond_to?(:namespace) # cap2 differentiator
+load 'config/deploy'
+require 'ec2onrails/recipes'

data/examples/deploy.rb

@@ -0,0 +1,101 @@
+# This is a sample Capistrano config file for EC2 on Rails.
+# It should be edited and customized.
+
+set :application, "yourapp"
+
+set :repository, "http://svn.foo.com/svn/#{application}/trunk"
+
+# NOTE: for some reason Capistrano requires you to have both the public and
+# the private key in the same folder, the public key should have the 
+# extension ".pub".
+ssh_options[:keys] = ["#{ENV['HOME']}/.ssh/your-ec2-key"]
+
+# Your EC2 instances. Use the ec2-xxx....amazonaws.com hostname, not
+# any other name (in case you have your own DNS alias) or it won't
+# be able to resolve to the internal IP address.
+role :web,      "ec2-12-xx-xx-xx.z-1.compute-1.amazonaws.com"
+role :app,      "ec2-34-xx-xx-xx.z-1.compute-1.amazonaws.com"
+role :memcache, "ec2-12-xx-xx-xx.z-1.compute-1.amazonaws.com"
+role :db,       "ec2-56-xx-xx-xx.z-1.compute-1.amazonaws.com", :primary => true
+# role :db,       "ec2-56-xx-xx-xx.z-1.compute-1.amazonaws.com", :primary => true, :ebs_vol_id => 'vol-12345abc'
+# optinally, you can specify Amazon's EBS volume ID if the database is persisted 
+# via Amazon's EBS.  See the main README for more information.
+
+# Whatever you set here will be taken set as the default RAILS_ENV value
+# on the server. Your app and your hourly/daily/weekly/monthly scripts
+# will run with RAILS_ENV set to this value.
+set :rails_env, "production"
+
+# EC2 on Rails config. 
+# NOTE: Some of these should be omitted if not needed.
+set :ec2onrails_config, {
+  # S3 bucket and "subdir" used by the ec2onrails:db:restore task
+  # NOTE: this only applies if you are not using EBS
+  :restore_from_bucket => "your-bucket",
+  :restore_from_bucket_subdir => "database",
+  
+  # S3 bucket and "subdir" used by the ec2onrails:db:archive task
+  # This does not affect the automatic backup of your MySQL db to S3, it's
+  # just for manually archiving a db snapshot to a different bucket if 
+  # desired.
+  # NOTE: this only applies if you are not using EBS
+  :archive_to_bucket => "your-other-bucket",
+  :archive_to_bucket_subdir => "db-archive/#{Time.new.strftime('%Y-%m-%d--%H-%M-%S')}",
+  
+  # Set a root password for MySQL. Run "cap ec2onrails:db:set_root_password"
+  # to enable this. This is optional, and after doing this the
+  # ec2onrails:db:drop task won't work, but be aware that MySQL accepts 
+  # connections on the public network interface (you should block the MySQL
+  # port with the firewall anyway). 
+  # If you don't care about setting the mysql root password then remove this.
+  :mysql_root_password => "your-mysql-root-password",
+  
+  # Any extra Ubuntu packages to install if desired
+  # If you don't want to install extra packages then remove this.
+  :packages => ["logwatch", "imagemagick"],
+  
+  # Any extra RubyGems to install if desired: can be "gemname" or if a 
+  # particular version is desired "gemname -v 1.0.1"
+  # If you don't want to install extra rubygems then remove this
+  # NOTE: if you are using rails 2.1, ec2onrails calls 'sudo rake gem:install',
+  # which will install gems defined in your rails configuration
+  :rubygems => ["rmagick", "rfacebook -v 0.9.7"],
+  
+  # Defines the web proxy that will be used.  Choices are :apache or :nginx
+  :web_proxy_server => :apache,
+  
+  # extra security measures are taken if this is true, BUT it makes initial
+  # experimentation and setup a bit tricky.  For example, if you do not
+  # have your ssh keys setup correctly, you will be locked out of your
+  # server after 3 attempts for upto 3 months.  
+  :harden_server => false,
+  
+  # Set the server timezone. run "cap -e ec2onrails:server:set_timezone" for 
+  # details
+  :timezone => "UTC",
+  
+  # Files to deploy to the server (they'll be owned by root). It's intended
+  # mainly for customized config files for new packages installed via the 
+  # ec2onrails:server:install_packages task. Subdirectories and files inside
+  # here will be placed in the same structure relative to the root of the
+  # server's filesystem. 
+  # If you don't need to deploy customized config files to the server then
+  # remove this.
+  :server_config_files_root => "../server_config",
+  
+  # If config files are deployed, some services might need to be restarted.
+  # If you don't need to deploy customized config files to the server then
+  # remove this.
+  :services_to_restart => %w(postfix sysklogd),
+  
+  # Set an email address to forward admin mail messages to. If you don't
+  # want to receive mail from the server (e.g. monit alert messages) then
+  # remove this.
+  :mail_forward_address => "you@yourdomain.com",
+  
+  # Set this if you want SSL to be enabled on the web server. The SSL cert 
+  # and key files need to exist on the server, The cert file should be in
+  # /etc/ssl/certs/default.pem and the key file should be in
+  # /etc/ssl/private/default.key (see :server_config_files_root).
+  :enable_ssl => true
+}

data/examples/s3.yml

@@ -0,0 +1,9 @@
+staging:
+  aws_access_key: ABC123
+  aws_secret_access_key: abc123abc123abc123abc123
+  bucket_base_name: yourbucket
+
+production:
+  aws_access_key: DEF456
+  aws_secret_access_key: def456def456def456def456
+  bucket_base_name: yourbucket

data/lib/ec2onrails/capistrano_utils.rb

@@ -0,0 +1,43 @@
+module Ec2onrails
+  module CapistranoUtils
+    def run_local(command)
+      result = system command
+      raise("error: #{$?}") unless result
+    end
+    
+    def run_init_script(script, arg)
+      # since init scripts might have the execute bit unset by the set_roles script we need to check
+      sudo "sh -c 'if [ -x /etc/init.d/#{script} ] ; then /etc/init.d/#{script} #{arg}; fi'"
+    end
+    
+    # return hostnames for the role named role_sym that has the specified options
+    def hostnames_for_role(role_sym, options = {})
+      role = roles[role_sym]
+      unless role
+        return []
+      end
+      # make sure we match the server with all the passed in options, BUT the server can
+      # have additional options defined.  e.g.: :primary => true and :ebs_vol_id => 'vol-1234abcd'
+      # but we want to select the server where :primary => true
+      role.select{|s| 
+        match = true
+        options.each_pair{|k,v| match = false if s.options[k] != v}
+      }.collect{|s| s.host}
+    end
+    
+    # Like the capture method, but does not print out error stream and swallows 
+    # an exception if the process's exit code != 0
+    def quiet_capture(command, options={})
+      output = ""
+      invoke_command(command, options.merge(:once => true)) do |ch, stream, data|
+        case stream
+        when :out then output << data
+        # when :err then warn "[err :: #{ch[:server]}] #{data}"
+        end
+      end
+    ensure
+      return (output || '').strip
+    end
+    
+  end
+end