smartmachine 1.0.1 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -14
- data/lib/smart_machine/apps/container.rb +1 -0
- data/lib/smart_machine/apps/manager.rb +1 -1
- data/lib/smart_machine/base.rb +6 -0
- data/lib/smart_machine/buildpackers/buildpacker.rb +49 -1
- data/lib/smart_machine/buildpackers/rails.rb +87 -12
- data/lib/smart_machine/commands/grid.rb +8 -0
- data/lib/smart_machine/commands/grid_commands/elasticsearch.rb +0 -3
- data/lib/smart_machine/commands/grid_commands/nextcloud.rb +65 -0
- data/lib/smart_machine/commands/grid_commands/terminal.rb +107 -0
- data/lib/smart_machine/commands/machine.rb +8 -0
- data/lib/smart_machine/configuration.rb +23 -1
- data/lib/smart_machine/credentials.rb +9 -0
- data/lib/smart_machine/docker.rb +10 -9
- data/lib/smart_machine/engine.rb +44 -9
- data/lib/smart_machine/grids/nextcloud.rb +93 -0
- data/lib/smart_machine/grids/prereceiver/Dockerfile +10 -13
- data/lib/smart_machine/grids/redis.rb +8 -3
- data/lib/smart_machine/grids/redmine.rb +61 -0
- data/lib/smart_machine/grids/terminal/entrypoint.rb +95 -0
- data/lib/smart_machine/grids/terminal/haproxy.cfg +45 -0
- data/lib/smart_machine/grids/terminal/init.el +310 -0
- data/lib/smart_machine/grids/terminal/wetty.rb +44 -0
- data/lib/smart_machine/grids/terminal.rb +179 -0
- data/lib/smart_machine/machine.rb +26 -5
- data/lib/smart_machine/syncer.rb +8 -7
- data/lib/smart_machine/templates/dotsmartmachine/config/nextcloud.yml +27 -0
- data/lib/smart_machine/templates/dotsmartmachine/config/redis.yml +6 -1
- data/lib/smart_machine/templates/dotsmartmachine/config/terminal.yml +13 -0
- data/lib/smart_machine/templates/dotsmartmachine/grids/nginx/fastcgi.conf +1 -1
- data/lib/smart_machine/templates/dotsmartmachine/grids/nginx/nginx.tmpl +448 -314
- data/lib/smart_machine/version.rb +3 -3
- data/lib/smart_machine.rb +3 -1
- metadata +57 -24
- data/lib/smart_machine/buildpackers/rails/Dockerfile +0 -21
- data/lib/smart_machine/commands/grid_commands/scheduler.rb +0 -15
- data/lib/smart_machine/engine/Dockerfile +0 -30
- data/lib/smart_machine/grids/elasticsearch/.keep +0 -0
- data/lib/smart_machine/grids/minio/.keep +0 -0
- data/lib/smart_machine/grids/nginx/.keep +0 -0
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/APKBUILD +0 -49
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/fcgiwrap.confd +0 -6
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/fcgiwrap.initd +0 -43
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/fcgiwrap.pre-install +0 -7
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/packages/main/x86_64/APKINDEX.tar.gz +0 -0
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/packages/main/x86_64/fcgiwrap-1.1.1-r4.apk +0 -0
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/packages/main/x86_64/fcgiwrap-doc-1.1.1-r4.apk +0 -0
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/packages/main/x86_64/fcgiwrap-openrc-1.1.1-r4.apk +0 -0
- data/lib/smart_machine/grids/redis/.keep +0 -0
- data/lib/smart_machine/grids/scheduler/Dockerfile +0 -14
- data/lib/smart_machine/grids/scheduler.rb +0 -188
- data/lib/smart_machine/templates/dotsmartmachine/grids/scheduler/crontabs/.keep +0 -0
data/lib/smart_machine/engine.rb
CHANGED
@@ -8,18 +8,12 @@ module SmartMachine
|
|
8
8
|
@machine = SmartMachine::Machine.new
|
9
9
|
|
10
10
|
@gem_cache_dir = Gem::Specification.find_by_name("smartmachine").cache_dir
|
11
|
-
@gem_cache_dir = "../smartmachine/pkg"
|
12
11
|
|
13
12
|
if platform_on_machine?(os: "linux", distro_name: "debian")
|
14
13
|
@docker_gid = "getent group docker | cut -d: -f3"
|
15
14
|
@docker_gname = "docker"
|
16
15
|
@docker_socket_path = "/var/run/docker.sock"
|
17
16
|
@remote_smartmachine_dir = "/home/`whoami`/smartmachine"
|
18
|
-
# elsif platform_on_machine?(os: "mac")
|
19
|
-
# @docker_gid = "id -g"
|
20
|
-
# @docker_gname = "staff"
|
21
|
-
# @docker_socket_path = "/Users/`whoami`/Library/Containers/com.docker.docker/Data/docker.sock"
|
22
|
-
# @remote_smartmachine_dir = "/Users/`whoami`/Desktop/smartmachine"
|
23
17
|
else
|
24
18
|
raise("OS not supported to set docker_gid, docker_gname and docker_socket_path")
|
25
19
|
end
|
@@ -29,7 +23,6 @@ module SmartMachine
|
|
29
23
|
puts "-----> Installing SmartMachine Engine"
|
30
24
|
|
31
25
|
if @machine.run_on_machine commands: "mkdir -p #{@remote_smartmachine_dir}/tmp/engine"
|
32
|
-
@scp.upload!(local_path: "#{SmartMachine.config.gem_dir}/lib/smart_machine/engine/Dockerfile", remote_path: "~/smartmachine/tmp/engine")
|
33
26
|
@scp.upload!(local_path: "#{@gem_cache_dir}/smartmachine-#{SmartMachine.version}.gem", remote_path: "~/smartmachine/tmp/engine")
|
34
27
|
end
|
35
28
|
|
@@ -37,12 +30,12 @@ module SmartMachine
|
|
37
30
|
command = [
|
38
31
|
"docker image build --quiet --tag #{engine_image_name_with_version}",
|
39
32
|
"--build-arg SMARTMACHINE_MASTER_KEY=#{SmartMachine::Credentials.new.read_key}",
|
40
|
-
"--build-arg SMARTMACHINE_VERSION=#{SmartMachine.version}",
|
41
33
|
"--build-arg USER_NAME=`id -un`",
|
42
34
|
"--build-arg USER_UID=`id -u`",
|
43
35
|
"--build-arg DOCKER_GID=`#{@docker_gid}`",
|
44
36
|
"--build-arg DOCKER_GNAME=#{@docker_gname}",
|
45
|
-
"#{@remote_smartmachine_dir}/tmp/engine"
|
37
|
+
"-f- #{@remote_smartmachine_dir}/tmp/engine",
|
38
|
+
"<<'EOF'\n#{dockerfile}EOF"
|
46
39
|
]
|
47
40
|
@machine.run_on_machine commands: command.join(" ")
|
48
41
|
puts "done"
|
@@ -103,5 +96,47 @@ module SmartMachine
|
|
103
96
|
def engine_image_name
|
104
97
|
"smartmachine/smartengine"
|
105
98
|
end
|
99
|
+
|
100
|
+
def dockerfile
|
101
|
+
file = <<~'DOCKERFILE'
|
102
|
+
FROM ruby:%<smartmachine_ruby_version>s-bullseye
|
103
|
+
LABEL maintainer="plainsource <plainsource@humanmind.me>"
|
104
|
+
|
105
|
+
# User
|
106
|
+
# --- Fix to change docker gid to 998 (if it is in use) so that addgroup is free to create a group with docker gid.
|
107
|
+
ARG USER_NAME
|
108
|
+
ARG USER_UID
|
109
|
+
ARG DOCKER_GID
|
110
|
+
ARG DOCKER_GNAME
|
111
|
+
RUN sed -i "s/$DOCKER_GID/998/" /etc/group && \
|
112
|
+
adduser --disabled-password --gecos "" --uid "$USER_UID" "$USER_NAME" && \
|
113
|
+
addgroup --gid "$DOCKER_GID" "$DOCKER_GNAME" && adduser "$USER_NAME" "$DOCKER_GNAME"
|
114
|
+
|
115
|
+
# Add docker repository for debian
|
116
|
+
RUN apt-get update && apt-get install -y --no-install-recommends lsb-release && \
|
117
|
+
mkdir -p /etc/apt/keyrings && \
|
118
|
+
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \
|
119
|
+
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null && \
|
120
|
+
apt-get update
|
121
|
+
|
122
|
+
# Essentials
|
123
|
+
RUN apt-get update && \
|
124
|
+
apt-get install -y --no-install-recommends \
|
125
|
+
docker-ce-cli \
|
126
|
+
rsync && \
|
127
|
+
rm -rf /var/lib/apt/lists/*
|
128
|
+
|
129
|
+
# smartmachine gem
|
130
|
+
COPY ./smartmachine-%<smartmachine_version>s.gem ./smartmachine-%<smartmachine_version>s.gem
|
131
|
+
RUN gem install --no-document ./smartmachine-%<smartmachine_version>s.gem && \
|
132
|
+
rm ./smartmachine-%<smartmachine_version>s.gem
|
133
|
+
|
134
|
+
# SmartMachine master key
|
135
|
+
ARG SMARTMACHINE_MASTER_KEY
|
136
|
+
ENV SMARTMACHINE_MASTER_KEY=$SMARTMACHINE_MASTER_KEY
|
137
|
+
DOCKERFILE
|
138
|
+
|
139
|
+
format(file, "smartmachine_ruby_version": SmartMachine.ruby_version, "smartmachine_version": SmartMachine.version)
|
140
|
+
end
|
106
141
|
end
|
107
142
|
end
|
@@ -0,0 +1,93 @@
|
|
1
|
+
module SmartMachine
|
2
|
+
class Grids
|
3
|
+
class Nextcloud < SmartMachine::Base
|
4
|
+
def initialize(name:)
|
5
|
+
config = SmartMachine.config.grids.nextcloud.dig(name.to_sym)
|
6
|
+
raise "nextcloud config for #{name} not found." unless config
|
7
|
+
|
8
|
+
@image = config.dig(:image)
|
9
|
+
@host = config.dig(:host)
|
10
|
+
@admin_user = config.dig(:admin_user)
|
11
|
+
@admin_password = config.dig(:admin_password)
|
12
|
+
@mysql_host = config.dig(:mysql_host)
|
13
|
+
@mysql_port = config.dig(:mysql_port)
|
14
|
+
@mysql_user = config.dig(:mysql_user)
|
15
|
+
@mysql_password = config.dig(:mysql_password)
|
16
|
+
@mysql_database_name = config.dig(:mysql_database_name)
|
17
|
+
@redis_host = config.dig(:redis_host)
|
18
|
+
@redis_port = config.dig(:redis_port)
|
19
|
+
@redis_password = config.dig(:redis_password)
|
20
|
+
|
21
|
+
@name = name.to_s
|
22
|
+
@home_dir = File.expand_path('~')
|
23
|
+
end
|
24
|
+
|
25
|
+
def uper
|
26
|
+
FileUtils.mkdir_p("#{@home_dir}/machine/grids/nextcloud/#{@name}/html")
|
27
|
+
|
28
|
+
# Creating & Starting containers
|
29
|
+
print "-----> Creating container #{@name} ... "
|
30
|
+
|
31
|
+
command = [
|
32
|
+
"docker create",
|
33
|
+
"--name='#{@name}'",
|
34
|
+
"--env VIRTUAL_HOST=#{@host}",
|
35
|
+
"--env LETSENCRYPT_HOST=#{@host}",
|
36
|
+
"--env LETSENCRYPT_EMAIL=#{SmartMachine.config.sysadmin_email}",
|
37
|
+
"--env LETSENCRYPT_TEST=false",
|
38
|
+
"--env NEXTCLOUD_TRUSTED_DOMAINS=#{@host}",
|
39
|
+
"--env NEXTCLOUD_ADMIN_USER=#{@admin_user}",
|
40
|
+
"--env NEXTCLOUD_ADMIN_PASSWORD=#{@admin_password}",
|
41
|
+
"--env MYSQL_HOST=#{@mysql_host}:#{@mysql_port}",
|
42
|
+
"--env MYSQL_USER=#{@mysql_user}",
|
43
|
+
"--env MYSQL_PASSWORD=#{@mysql_password}",
|
44
|
+
"--env MYSQL_DATABASE=#{@mysql_database_name}",
|
45
|
+
"--env REDIS_HOST=#{@redis_host}",
|
46
|
+
"--env REDIS_HOST_PORT=#{@redis_port}",
|
47
|
+
"--env REDIS_HOST_PASSWORD=#{@redis_password}",
|
48
|
+
"--user `id -u`:`id -g`",
|
49
|
+
"--sysctl net.ipv4.ip_unprivileged_port_start=0",
|
50
|
+
"--volume='#{@home_dir}/smartmachine/grids/nextcloud/#{@name}/html:/var/www/html'",
|
51
|
+
"--restart='always'",
|
52
|
+
"--network='nginx-network'",
|
53
|
+
"#{@image}"
|
54
|
+
]
|
55
|
+
if system(command.compact.join(" "), out: File::NULL)
|
56
|
+
system("docker network connect #{@mysql_host}-network #{@name}")
|
57
|
+
system("docker network connect #{@redis_host}-network #{@name}")
|
58
|
+
|
59
|
+
# This is needed to set the correct file permissions for redis-session.ini file inside the container.
|
60
|
+
FileUtils.touch("#{@home_dir}/machine/grids/nextcloud/#{@name}/redis-session.ini")
|
61
|
+
system("docker cp #{@home_dir}/machine/grids/nextcloud/#{@name}/redis-session.ini #{@name}:/usr/local/etc/php/conf.d/redis-session.ini")
|
62
|
+
FileUtils.rm("#{@home_dir}/machine/grids/nextcloud/#{@name}/redis-session.ini")
|
63
|
+
|
64
|
+
puts "done"
|
65
|
+
puts "-----> Starting container #{@name} ... "
|
66
|
+
if system("docker start #{@name}", out: File::NULL)
|
67
|
+
puts "done"
|
68
|
+
else
|
69
|
+
raise "Error: Could not start the created #{@name} container"
|
70
|
+
end
|
71
|
+
else
|
72
|
+
raise "Error: Could not create #{@name} container"
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
def downer
|
77
|
+
# Disconnecting networks
|
78
|
+
system("docker network disconnect nginx-network #{@name}")
|
79
|
+
system("docker network disconnect #{@mysql_host}-network #{@name}")
|
80
|
+
|
81
|
+
# Stopping & Removing containers - in reverse order
|
82
|
+
print "-----> Stopping container #{@name} ... "
|
83
|
+
if system("docker stop '#{@name}'", out: File::NULL)
|
84
|
+
puts "done"
|
85
|
+
print "-----> Removing container #{@name} ... "
|
86
|
+
if system("docker rm '#{@name}'", out: File::NULL)
|
87
|
+
puts "done"
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
@@ -4,17 +4,14 @@ FROM smartmachine/smartengine:$SMARTMACHINE_VERSION
|
|
4
4
|
LABEL maintainer="plainsource <plainsource@humanmind.me>"
|
5
5
|
|
6
6
|
# FCGI Essentials
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
apk add --update git-daemon && \
|
17
|
-
apk add --update spawn-fcgi && \
|
18
|
-
rm -rf /var/cache/apk/*
|
7
|
+
RUN apt-get update && \
|
8
|
+
apt-get install -y --no-install-recommends \
|
9
|
+
fcgiwrap \
|
10
|
+
coreutils \
|
11
|
+
util-linux \
|
12
|
+
git \
|
13
|
+
git-daemon-run \
|
14
|
+
spawn-fcgi && \
|
15
|
+
rm -rf /var/lib/apt/lists/*
|
19
16
|
|
20
|
-
CMD ["spawn-fcgi", "-n", "-p", "9000", "/usr/
|
17
|
+
CMD ["spawn-fcgi", "-n", "-p", "9000", "--", "/usr/sbin/fcgiwrap", "-f"]
|
@@ -5,13 +5,18 @@ module SmartMachine
|
|
5
5
|
config = SmartMachine.config.grids.redis.dig(name.to_sym)
|
6
6
|
raise "redis config for #{name} not found." unless config
|
7
7
|
|
8
|
+
@image = config.dig(:image)
|
8
9
|
@port = config.dig(:port)
|
9
10
|
@password = config.dig(:password)
|
10
11
|
@appendonly = config.dig(:appendonly)
|
11
12
|
@maxmemory = config.dig(:maxmemory)
|
12
13
|
@maxmemory_policy = config.dig(:maxmemory_policy)
|
13
|
-
@
|
14
|
-
|
14
|
+
if @image.start_with?("redislabs/redismod")
|
15
|
+
@modules = config.dig(:modules)&.map { |module_name| "--loadmodule /usr/lib/redis/modules/#{module_name}.so" } || []
|
16
|
+
@modules.push("Plugin /var/opt/redislabs/modules/rg/plugin/gears_python.so")
|
17
|
+
else
|
18
|
+
@modules = []
|
19
|
+
end
|
15
20
|
|
16
21
|
@name = name.to_s
|
17
22
|
@home_dir = File.expand_path('~')
|
@@ -39,7 +44,7 @@ module SmartMachine
|
|
39
44
|
"--volume='#{@home_dir}/smartmachine/grids/redis/#{@name}/data:/data'",
|
40
45
|
"--restart='always'",
|
41
46
|
"--network='#{@name}-network'",
|
42
|
-
"
|
47
|
+
"#{@image} --port #{@port} --requirepass #{@password} --appendonly #{@appendonly} --maxmemory #{@maxmemory} --maxmemory-policy #{@maxmemory_policy} #{@modules.join(' ')}".squish
|
43
48
|
]
|
44
49
|
if system(command.compact.join(" "), out: File::NULL)
|
45
50
|
puts "done"
|
@@ -0,0 +1,61 @@
|
|
1
|
+
# TODO: This is a placeholder for creating the Redmine grid.
|
2
|
+
# Modify this code as needed with the latest code structure
|
3
|
+
# and make the redmine grid functional.
|
4
|
+
|
5
|
+
# # The main SmartCloud Grids Redmine driver
|
6
|
+
# module SmartCloud
|
7
|
+
# class Grids
|
8
|
+
# class Redmine < SmartCloud::Base
|
9
|
+
# def initialize
|
10
|
+
# end
|
11
|
+
|
12
|
+
# def self.up
|
13
|
+
# if SmartCloud::Docker.running?
|
14
|
+
# # Creating & Starting containers
|
15
|
+
# print "-----> Creating container redmine ... "
|
16
|
+
# if system("docker create \
|
17
|
+
# --name='redmine' \
|
18
|
+
# --env VIRTUAL_HOST=redmine.#{SmartCloud.config.apps_domain} \
|
19
|
+
# --env LETSENCRYPT_HOST=redmine.#{SmartCloud.config.apps_domain} \
|
20
|
+
# --env LETSENCRYPT_EMAIL=#{SmartCloud.config.sysadmin_email} \
|
21
|
+
# --env LETSENCRYPT_TEST=false \
|
22
|
+
# --env REDMINE_SECRET_KEY_BASE=#{SmartCloud.credentials.redmine[:secret_key_base]} \
|
23
|
+
# --env REDMINE_DB_MYSQL=#{SmartCloud.credentials.redmine[:database_host]} \
|
24
|
+
# --env REDMINE_DB_PORT=#{SmartCloud.credentials.redmine[:database_port]} \
|
25
|
+
# --env REDMINE_DB_USERNAME=#{SmartCloud.credentials.redmine[:database_username]} \
|
26
|
+
# --env REDMINE_DB_PASSWORD=#{SmartCloud.credentials.redmine[:database_password]} \
|
27
|
+
# --env REDMINE_DB_DATABASE=#{SmartCloud.credentials.redmine[:database_name]} \
|
28
|
+
# --env REDMINE_PLUGINS_MIGRATE=#{SmartCloud.credentials.redmine[:plugins_migrate]} \
|
29
|
+
# --volume='#{SmartCloud.config.user_home_path}/.smartcloud/apps/repositories:/repositories:ro' \
|
30
|
+
# --volume='#{SmartCloud.config.user_home_path}/.smartcloud/grids/redmine/files:/usr/src/redmine/files' \
|
31
|
+
# --restart='always' \
|
32
|
+
# --network='nginx-network' \
|
33
|
+
# redmine:4.0.5-alpine", out: File::NULL)
|
34
|
+
|
35
|
+
# system("docker network connect mysql-network redmine")
|
36
|
+
|
37
|
+
# puts "done"
|
38
|
+
# print "-----> Starting container redmine ... "
|
39
|
+
# if system("docker start redmine", out: File::NULL)
|
40
|
+
# puts "done"
|
41
|
+
# end
|
42
|
+
# end
|
43
|
+
# end
|
44
|
+
# end
|
45
|
+
|
46
|
+
# def self.down
|
47
|
+
# if SmartCloud::Docker.running?
|
48
|
+
# # Stopping & Removing containers - in reverse order
|
49
|
+
# print "-----> Stopping container redmine ... "
|
50
|
+
# if system("docker stop 'redmine'", out: File::NULL)
|
51
|
+
# puts "done"
|
52
|
+
# print "-----> Removing container redmine ... "
|
53
|
+
# if system("docker rm 'redmine'", out: File::NULL)
|
54
|
+
# puts "done"
|
55
|
+
# end
|
56
|
+
# end
|
57
|
+
# end
|
58
|
+
# end
|
59
|
+
# end
|
60
|
+
# end
|
61
|
+
# end
|
@@ -0,0 +1,95 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'fileutils'
|
5
|
+
require 'logger'
|
6
|
+
|
7
|
+
logger = Logger.new(STDOUT)
|
8
|
+
STDOUT.sync = true
|
9
|
+
|
10
|
+
# sshd
|
11
|
+
system('service rsyslog start && service ssh start')
|
12
|
+
|
13
|
+
# fail2ban
|
14
|
+
system('fail2ban-client start')
|
15
|
+
|
16
|
+
# haproxy
|
17
|
+
# system('haproxy -W -db -f /etc/haproxy/haproxy.cfg')
|
18
|
+
|
19
|
+
# initial setup
|
20
|
+
unless File.exist?('/run/initial_container_start')
|
21
|
+
FileUtils.touch('/run/initial_container_start')
|
22
|
+
|
23
|
+
username = ENV.delete('USERNAME')
|
24
|
+
packages = ENV.delete('PACKAGES').to_s
|
25
|
+
password = ENV.delete('PASSWORD')
|
26
|
+
container_name = ENV.delete('CONTAINER_NAME')
|
27
|
+
|
28
|
+
# apt-get
|
29
|
+
system('apt-get update', out: File::NULL)
|
30
|
+
|
31
|
+
# packages
|
32
|
+
unless packages.empty?
|
33
|
+
system("apt-get install -y --no-install-recommends #{packages}")
|
34
|
+
|
35
|
+
logger.info 'Packages setup completed.'
|
36
|
+
end
|
37
|
+
|
38
|
+
# user
|
39
|
+
unless system("id -u #{username}", [:out, :err] => File::NULL)
|
40
|
+
system("adduser --gecos '' --disabled-login #{username}", out: File::NULL)
|
41
|
+
system("adduser #{username} sudo", out: File::NULL)
|
42
|
+
system("echo '#{username}:#{password}' | chpasswd")
|
43
|
+
|
44
|
+
logger.info 'User setup completed.'
|
45
|
+
end
|
46
|
+
|
47
|
+
# user > ssh keys
|
48
|
+
# TODO: Change container_name to `hostname` when hostname has been set to container_name inside the container.
|
49
|
+
unless Dir.exist?("/home/#{username}/.ssh")
|
50
|
+
commands = [
|
51
|
+
"mkdir -p /home/#{username}/.ssh",
|
52
|
+
"ssh-keygen -b 4096 -q -f /home/#{username}/.ssh/id_rsa -N '' -C '#{username}@#{container_name}'",
|
53
|
+
"touch /home/#{username}/.ssh/authorized_keys",
|
54
|
+
"chown -R #{username}:#{username} /home/#{username}/.ssh",
|
55
|
+
"chmod -R 700 /home/#{username}/.ssh && chmod 600 /home/#{username}/.ssh/*"
|
56
|
+
]
|
57
|
+
system(commands.join(' && '))
|
58
|
+
|
59
|
+
logger.info 'User > SSH setup completed.'
|
60
|
+
end
|
61
|
+
|
62
|
+
# user > emacs
|
63
|
+
unless Dir.exist?("/home/#{username}/.emacs.d")
|
64
|
+
commands = [
|
65
|
+
"mkdir -p /home/#{username}/.emacs.d",
|
66
|
+
"cp /root/.emacs.d/* /home/#{username}/.emacs.d",
|
67
|
+
"chown -R #{username}:#{username} /home/#{username}/.emacs.d"
|
68
|
+
]
|
69
|
+
system(commands.join(' && '))
|
70
|
+
|
71
|
+
logger.info 'User > Emacs setup completed.'
|
72
|
+
end
|
73
|
+
|
74
|
+
# user > asdf > ruby > smartmachine
|
75
|
+
unless Dir.exist?("/home/#{username}/.asdf")
|
76
|
+
user_bash = "sudo -u #{username} bash --login -c"
|
77
|
+
|
78
|
+
commands = [
|
79
|
+
"#{user_bash} \"git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch $(git -c 'versionsort.suffix=-' ls-remote --exit-code --refs --sort='version:refname' --tags https://github.com/asdf-vm/asdf.git '*.*.*' | tail --lines=1 | cut --delimiter='/' --fields=3)\"",
|
80
|
+
"#{user_bash} 'echo -e \"\n# asdf version manager\n. \"\$HOME/.asdf/asdf.sh\"\n. \"\$HOME/.asdf/completions/asdf.bash\"\" >> ~/.profile'",
|
81
|
+
'apt-get install -y --no-install-recommends autoconf bison patch build-essential rustc libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libgmp-dev libncurses5-dev libffi-dev libgdbm6 libgdbm-dev libdb-dev uuid-dev', # Dependencies for ruby from https://github.com/rbenv/ruby-build/wiki#ubuntudebianmint
|
82
|
+
"#{user_bash} 'asdf plugin add ruby https://github.com/asdf-vm/asdf-ruby.git'",
|
83
|
+
"#{user_bash} 'asdf install ruby latest'",
|
84
|
+
"#{user_bash} 'asdf global ruby latest'",
|
85
|
+
"#{user_bash} 'gem install smartmachine'"
|
86
|
+
]
|
87
|
+
system(commands.join(' && '))
|
88
|
+
|
89
|
+
logger.info 'User > asdf > ruby > smartmachine setup completed.'
|
90
|
+
end
|
91
|
+
|
92
|
+
logger.info 'Initial setup completed.'
|
93
|
+
end
|
94
|
+
|
95
|
+
exec(*ARGV)
|
@@ -0,0 +1,45 @@
|
|
1
|
+
global
|
2
|
+
log stdout format raw local0
|
3
|
+
chroot /var/lib/haproxy
|
4
|
+
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
|
5
|
+
stats timeout 30s
|
6
|
+
user haproxy
|
7
|
+
group haproxy
|
8
|
+
daemon
|
9
|
+
|
10
|
+
# Default SSL material locations
|
11
|
+
ca-base /etc/ssl/certs
|
12
|
+
crt-base /etc/ssl/private
|
13
|
+
|
14
|
+
# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
|
15
|
+
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
16
|
+
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
|
17
|
+
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
|
18
|
+
|
19
|
+
defaults
|
20
|
+
log global
|
21
|
+
mode http
|
22
|
+
option httplog
|
23
|
+
option dontlognull
|
24
|
+
timeout connect 5000
|
25
|
+
timeout client 50000
|
26
|
+
timeout server 50000
|
27
|
+
errorfile 400 /etc/haproxy/errors/400.http
|
28
|
+
errorfile 403 /etc/haproxy/errors/403.http
|
29
|
+
errorfile 408 /etc/haproxy/errors/408.http
|
30
|
+
errorfile 500 /etc/haproxy/errors/500.http
|
31
|
+
errorfile 502 /etc/haproxy/errors/502.http
|
32
|
+
errorfile 503 /etc/haproxy/errors/503.http
|
33
|
+
errorfile 504 /etc/haproxy/errors/504.http
|
34
|
+
|
35
|
+
frontend myfrontend
|
36
|
+
bind :80
|
37
|
+
use_backend myservers
|
38
|
+
stats enable
|
39
|
+
stats uri /frontend/stats
|
40
|
+
stats refresh 10s
|
41
|
+
|
42
|
+
backend myservers
|
43
|
+
server server1 127.0.0.1:8000
|
44
|
+
server server2 127.0.0.1:8001
|
45
|
+
server server3 127.0.0.1:8002
|