smartmachine 1.0.1 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -14
- data/lib/smart_machine/apps/container.rb +1 -0
- data/lib/smart_machine/apps/manager.rb +1 -1
- data/lib/smart_machine/base.rb +6 -0
- data/lib/smart_machine/buildpackers/buildpacker.rb +49 -1
- data/lib/smart_machine/buildpackers/rails.rb +87 -12
- data/lib/smart_machine/commands/grid.rb +8 -0
- data/lib/smart_machine/commands/grid_commands/elasticsearch.rb +0 -3
- data/lib/smart_machine/commands/grid_commands/nextcloud.rb +65 -0
- data/lib/smart_machine/commands/grid_commands/terminal.rb +107 -0
- data/lib/smart_machine/commands/machine.rb +8 -0
- data/lib/smart_machine/configuration.rb +23 -1
- data/lib/smart_machine/credentials.rb +9 -0
- data/lib/smart_machine/docker.rb +10 -9
- data/lib/smart_machine/engine.rb +44 -9
- data/lib/smart_machine/grids/nextcloud.rb +93 -0
- data/lib/smart_machine/grids/prereceiver/Dockerfile +10 -13
- data/lib/smart_machine/grids/redis.rb +8 -3
- data/lib/smart_machine/grids/redmine.rb +61 -0
- data/lib/smart_machine/grids/terminal/entrypoint.rb +95 -0
- data/lib/smart_machine/grids/terminal/haproxy.cfg +45 -0
- data/lib/smart_machine/grids/terminal/init.el +310 -0
- data/lib/smart_machine/grids/terminal/wetty.rb +44 -0
- data/lib/smart_machine/grids/terminal.rb +179 -0
- data/lib/smart_machine/machine.rb +26 -5
- data/lib/smart_machine/syncer.rb +8 -7
- data/lib/smart_machine/templates/dotsmartmachine/config/nextcloud.yml +27 -0
- data/lib/smart_machine/templates/dotsmartmachine/config/redis.yml +6 -1
- data/lib/smart_machine/templates/dotsmartmachine/config/terminal.yml +13 -0
- data/lib/smart_machine/templates/dotsmartmachine/grids/nginx/fastcgi.conf +1 -1
- data/lib/smart_machine/templates/dotsmartmachine/grids/nginx/nginx.tmpl +448 -314
- data/lib/smart_machine/version.rb +3 -3
- data/lib/smart_machine.rb +3 -1
- metadata +57 -24
- data/lib/smart_machine/buildpackers/rails/Dockerfile +0 -21
- data/lib/smart_machine/commands/grid_commands/scheduler.rb +0 -15
- data/lib/smart_machine/engine/Dockerfile +0 -30
- data/lib/smart_machine/grids/elasticsearch/.keep +0 -0
- data/lib/smart_machine/grids/minio/.keep +0 -0
- data/lib/smart_machine/grids/nginx/.keep +0 -0
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/APKBUILD +0 -49
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/fcgiwrap.confd +0 -6
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/fcgiwrap.initd +0 -43
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/fcgiwrap.pre-install +0 -7
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/packages/main/x86_64/APKINDEX.tar.gz +0 -0
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/packages/main/x86_64/fcgiwrap-1.1.1-r4.apk +0 -0
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/packages/main/x86_64/fcgiwrap-doc-1.1.1-r4.apk +0 -0
- data/lib/smart_machine/grids/prereceiver/fcgiwrap/packages/main/x86_64/fcgiwrap-openrc-1.1.1-r4.apk +0 -0
- data/lib/smart_machine/grids/redis/.keep +0 -0
- data/lib/smart_machine/grids/scheduler/Dockerfile +0 -14
- data/lib/smart_machine/grids/scheduler.rb +0 -188
- data/lib/smart_machine/templates/dotsmartmachine/grids/scheduler/crontabs/.keep +0 -0
data/lib/smart_machine/engine.rb
CHANGED
@@ -8,18 +8,12 @@ module SmartMachine
|
|
8
8
|
@machine = SmartMachine::Machine.new
|
9
9
|
|
10
10
|
@gem_cache_dir = Gem::Specification.find_by_name("smartmachine").cache_dir
|
11
|
-
@gem_cache_dir = "../smartmachine/pkg"
|
12
11
|
|
13
12
|
if platform_on_machine?(os: "linux", distro_name: "debian")
|
14
13
|
@docker_gid = "getent group docker | cut -d: -f3"
|
15
14
|
@docker_gname = "docker"
|
16
15
|
@docker_socket_path = "/var/run/docker.sock"
|
17
16
|
@remote_smartmachine_dir = "/home/`whoami`/smartmachine"
|
18
|
-
# elsif platform_on_machine?(os: "mac")
|
19
|
-
# @docker_gid = "id -g"
|
20
|
-
# @docker_gname = "staff"
|
21
|
-
# @docker_socket_path = "/Users/`whoami`/Library/Containers/com.docker.docker/Data/docker.sock"
|
22
|
-
# @remote_smartmachine_dir = "/Users/`whoami`/Desktop/smartmachine"
|
23
17
|
else
|
24
18
|
raise("OS not supported to set docker_gid, docker_gname and docker_socket_path")
|
25
19
|
end
|
@@ -29,7 +23,6 @@ module SmartMachine
|
|
29
23
|
puts "-----> Installing SmartMachine Engine"
|
30
24
|
|
31
25
|
if @machine.run_on_machine commands: "mkdir -p #{@remote_smartmachine_dir}/tmp/engine"
|
32
|
-
@scp.upload!(local_path: "#{SmartMachine.config.gem_dir}/lib/smart_machine/engine/Dockerfile", remote_path: "~/smartmachine/tmp/engine")
|
33
26
|
@scp.upload!(local_path: "#{@gem_cache_dir}/smartmachine-#{SmartMachine.version}.gem", remote_path: "~/smartmachine/tmp/engine")
|
34
27
|
end
|
35
28
|
|
@@ -37,12 +30,12 @@ module SmartMachine
|
|
37
30
|
command = [
|
38
31
|
"docker image build --quiet --tag #{engine_image_name_with_version}",
|
39
32
|
"--build-arg SMARTMACHINE_MASTER_KEY=#{SmartMachine::Credentials.new.read_key}",
|
40
|
-
"--build-arg SMARTMACHINE_VERSION=#{SmartMachine.version}",
|
41
33
|
"--build-arg USER_NAME=`id -un`",
|
42
34
|
"--build-arg USER_UID=`id -u`",
|
43
35
|
"--build-arg DOCKER_GID=`#{@docker_gid}`",
|
44
36
|
"--build-arg DOCKER_GNAME=#{@docker_gname}",
|
45
|
-
"#{@remote_smartmachine_dir}/tmp/engine"
|
37
|
+
"-f- #{@remote_smartmachine_dir}/tmp/engine",
|
38
|
+
"<<'EOF'\n#{dockerfile}EOF"
|
46
39
|
]
|
47
40
|
@machine.run_on_machine commands: command.join(" ")
|
48
41
|
puts "done"
|
@@ -103,5 +96,47 @@ module SmartMachine
|
|
103
96
|
def engine_image_name
|
104
97
|
"smartmachine/smartengine"
|
105
98
|
end
|
99
|
+
|
100
|
+
def dockerfile
|
101
|
+
file = <<~'DOCKERFILE'
|
102
|
+
FROM ruby:%<smartmachine_ruby_version>s-bullseye
|
103
|
+
LABEL maintainer="plainsource <plainsource@humanmind.me>"
|
104
|
+
|
105
|
+
# User
|
106
|
+
# --- Fix to change docker gid to 998 (if it is in use) so that addgroup is free to create a group with docker gid.
|
107
|
+
ARG USER_NAME
|
108
|
+
ARG USER_UID
|
109
|
+
ARG DOCKER_GID
|
110
|
+
ARG DOCKER_GNAME
|
111
|
+
RUN sed -i "s/$DOCKER_GID/998/" /etc/group && \
|
112
|
+
adduser --disabled-password --gecos "" --uid "$USER_UID" "$USER_NAME" && \
|
113
|
+
addgroup --gid "$DOCKER_GID" "$DOCKER_GNAME" && adduser "$USER_NAME" "$DOCKER_GNAME"
|
114
|
+
|
115
|
+
# Add docker repository for debian
|
116
|
+
RUN apt-get update && apt-get install -y --no-install-recommends lsb-release && \
|
117
|
+
mkdir -p /etc/apt/keyrings && \
|
118
|
+
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \
|
119
|
+
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null && \
|
120
|
+
apt-get update
|
121
|
+
|
122
|
+
# Essentials
|
123
|
+
RUN apt-get update && \
|
124
|
+
apt-get install -y --no-install-recommends \
|
125
|
+
docker-ce-cli \
|
126
|
+
rsync && \
|
127
|
+
rm -rf /var/lib/apt/lists/*
|
128
|
+
|
129
|
+
# smartmachine gem
|
130
|
+
COPY ./smartmachine-%<smartmachine_version>s.gem ./smartmachine-%<smartmachine_version>s.gem
|
131
|
+
RUN gem install --no-document ./smartmachine-%<smartmachine_version>s.gem && \
|
132
|
+
rm ./smartmachine-%<smartmachine_version>s.gem
|
133
|
+
|
134
|
+
# SmartMachine master key
|
135
|
+
ARG SMARTMACHINE_MASTER_KEY
|
136
|
+
ENV SMARTMACHINE_MASTER_KEY=$SMARTMACHINE_MASTER_KEY
|
137
|
+
DOCKERFILE
|
138
|
+
|
139
|
+
format(file, "smartmachine_ruby_version": SmartMachine.ruby_version, "smartmachine_version": SmartMachine.version)
|
140
|
+
end
|
106
141
|
end
|
107
142
|
end
|
@@ -0,0 +1,93 @@
|
|
1
|
+
module SmartMachine
|
2
|
+
class Grids
|
3
|
+
class Nextcloud < SmartMachine::Base
|
4
|
+
def initialize(name:)
|
5
|
+
config = SmartMachine.config.grids.nextcloud.dig(name.to_sym)
|
6
|
+
raise "nextcloud config for #{name} not found." unless config
|
7
|
+
|
8
|
+
@image = config.dig(:image)
|
9
|
+
@host = config.dig(:host)
|
10
|
+
@admin_user = config.dig(:admin_user)
|
11
|
+
@admin_password = config.dig(:admin_password)
|
12
|
+
@mysql_host = config.dig(:mysql_host)
|
13
|
+
@mysql_port = config.dig(:mysql_port)
|
14
|
+
@mysql_user = config.dig(:mysql_user)
|
15
|
+
@mysql_password = config.dig(:mysql_password)
|
16
|
+
@mysql_database_name = config.dig(:mysql_database_name)
|
17
|
+
@redis_host = config.dig(:redis_host)
|
18
|
+
@redis_port = config.dig(:redis_port)
|
19
|
+
@redis_password = config.dig(:redis_password)
|
20
|
+
|
21
|
+
@name = name.to_s
|
22
|
+
@home_dir = File.expand_path('~')
|
23
|
+
end
|
24
|
+
|
25
|
+
def uper
|
26
|
+
FileUtils.mkdir_p("#{@home_dir}/machine/grids/nextcloud/#{@name}/html")
|
27
|
+
|
28
|
+
# Creating & Starting containers
|
29
|
+
print "-----> Creating container #{@name} ... "
|
30
|
+
|
31
|
+
command = [
|
32
|
+
"docker create",
|
33
|
+
"--name='#{@name}'",
|
34
|
+
"--env VIRTUAL_HOST=#{@host}",
|
35
|
+
"--env LETSENCRYPT_HOST=#{@host}",
|
36
|
+
"--env LETSENCRYPT_EMAIL=#{SmartMachine.config.sysadmin_email}",
|
37
|
+
"--env LETSENCRYPT_TEST=false",
|
38
|
+
"--env NEXTCLOUD_TRUSTED_DOMAINS=#{@host}",
|
39
|
+
"--env NEXTCLOUD_ADMIN_USER=#{@admin_user}",
|
40
|
+
"--env NEXTCLOUD_ADMIN_PASSWORD=#{@admin_password}",
|
41
|
+
"--env MYSQL_HOST=#{@mysql_host}:#{@mysql_port}",
|
42
|
+
"--env MYSQL_USER=#{@mysql_user}",
|
43
|
+
"--env MYSQL_PASSWORD=#{@mysql_password}",
|
44
|
+
"--env MYSQL_DATABASE=#{@mysql_database_name}",
|
45
|
+
"--env REDIS_HOST=#{@redis_host}",
|
46
|
+
"--env REDIS_HOST_PORT=#{@redis_port}",
|
47
|
+
"--env REDIS_HOST_PASSWORD=#{@redis_password}",
|
48
|
+
"--user `id -u`:`id -g`",
|
49
|
+
"--sysctl net.ipv4.ip_unprivileged_port_start=0",
|
50
|
+
"--volume='#{@home_dir}/smartmachine/grids/nextcloud/#{@name}/html:/var/www/html'",
|
51
|
+
"--restart='always'",
|
52
|
+
"--network='nginx-network'",
|
53
|
+
"#{@image}"
|
54
|
+
]
|
55
|
+
if system(command.compact.join(" "), out: File::NULL)
|
56
|
+
system("docker network connect #{@mysql_host}-network #{@name}")
|
57
|
+
system("docker network connect #{@redis_host}-network #{@name}")
|
58
|
+
|
59
|
+
# This is needed to set the correct file permissions for redis-session.ini file inside the container.
|
60
|
+
FileUtils.touch("#{@home_dir}/machine/grids/nextcloud/#{@name}/redis-session.ini")
|
61
|
+
system("docker cp #{@home_dir}/machine/grids/nextcloud/#{@name}/redis-session.ini #{@name}:/usr/local/etc/php/conf.d/redis-session.ini")
|
62
|
+
FileUtils.rm("#{@home_dir}/machine/grids/nextcloud/#{@name}/redis-session.ini")
|
63
|
+
|
64
|
+
puts "done"
|
65
|
+
puts "-----> Starting container #{@name} ... "
|
66
|
+
if system("docker start #{@name}", out: File::NULL)
|
67
|
+
puts "done"
|
68
|
+
else
|
69
|
+
raise "Error: Could not start the created #{@name} container"
|
70
|
+
end
|
71
|
+
else
|
72
|
+
raise "Error: Could not create #{@name} container"
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
def downer
|
77
|
+
# Disconnecting networks
|
78
|
+
system("docker network disconnect nginx-network #{@name}")
|
79
|
+
system("docker network disconnect #{@mysql_host}-network #{@name}")
|
80
|
+
|
81
|
+
# Stopping & Removing containers - in reverse order
|
82
|
+
print "-----> Stopping container #{@name} ... "
|
83
|
+
if system("docker stop '#{@name}'", out: File::NULL)
|
84
|
+
puts "done"
|
85
|
+
print "-----> Removing container #{@name} ... "
|
86
|
+
if system("docker rm '#{@name}'", out: File::NULL)
|
87
|
+
puts "done"
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
@@ -4,17 +4,14 @@ FROM smartmachine/smartengine:$SMARTMACHINE_VERSION
|
|
4
4
|
LABEL maintainer="plainsource <plainsource@humanmind.me>"
|
5
5
|
|
6
6
|
# FCGI Essentials
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
apk add --update git-daemon && \
|
17
|
-
apk add --update spawn-fcgi && \
|
18
|
-
rm -rf /var/cache/apk/*
|
7
|
+
RUN apt-get update && \
|
8
|
+
apt-get install -y --no-install-recommends \
|
9
|
+
fcgiwrap \
|
10
|
+
coreutils \
|
11
|
+
util-linux \
|
12
|
+
git \
|
13
|
+
git-daemon-run \
|
14
|
+
spawn-fcgi && \
|
15
|
+
rm -rf /var/lib/apt/lists/*
|
19
16
|
|
20
|
-
CMD ["spawn-fcgi", "-n", "-p", "9000", "/usr/
|
17
|
+
CMD ["spawn-fcgi", "-n", "-p", "9000", "--", "/usr/sbin/fcgiwrap", "-f"]
|
@@ -5,13 +5,18 @@ module SmartMachine
|
|
5
5
|
config = SmartMachine.config.grids.redis.dig(name.to_sym)
|
6
6
|
raise "redis config for #{name} not found." unless config
|
7
7
|
|
8
|
+
@image = config.dig(:image)
|
8
9
|
@port = config.dig(:port)
|
9
10
|
@password = config.dig(:password)
|
10
11
|
@appendonly = config.dig(:appendonly)
|
11
12
|
@maxmemory = config.dig(:maxmemory)
|
12
13
|
@maxmemory_policy = config.dig(:maxmemory_policy)
|
13
|
-
@
|
14
|
-
|
14
|
+
if @image.start_with?("redislabs/redismod")
|
15
|
+
@modules = config.dig(:modules)&.map { |module_name| "--loadmodule /usr/lib/redis/modules/#{module_name}.so" } || []
|
16
|
+
@modules.push("Plugin /var/opt/redislabs/modules/rg/plugin/gears_python.so")
|
17
|
+
else
|
18
|
+
@modules = []
|
19
|
+
end
|
15
20
|
|
16
21
|
@name = name.to_s
|
17
22
|
@home_dir = File.expand_path('~')
|
@@ -39,7 +44,7 @@ module SmartMachine
|
|
39
44
|
"--volume='#{@home_dir}/smartmachine/grids/redis/#{@name}/data:/data'",
|
40
45
|
"--restart='always'",
|
41
46
|
"--network='#{@name}-network'",
|
42
|
-
"
|
47
|
+
"#{@image} --port #{@port} --requirepass #{@password} --appendonly #{@appendonly} --maxmemory #{@maxmemory} --maxmemory-policy #{@maxmemory_policy} #{@modules.join(' ')}".squish
|
43
48
|
]
|
44
49
|
if system(command.compact.join(" "), out: File::NULL)
|
45
50
|
puts "done"
|
@@ -0,0 +1,61 @@
|
|
1
|
+
# TODO: This is a placeholder for creating the Redmine grid.
|
2
|
+
# Modify this code as needed with the latest code structure
|
3
|
+
# and make the redmine grid functional.
|
4
|
+
|
5
|
+
# # The main SmartCloud Grids Redmine driver
|
6
|
+
# module SmartCloud
|
7
|
+
# class Grids
|
8
|
+
# class Redmine < SmartCloud::Base
|
9
|
+
# def initialize
|
10
|
+
# end
|
11
|
+
|
12
|
+
# def self.up
|
13
|
+
# if SmartCloud::Docker.running?
|
14
|
+
# # Creating & Starting containers
|
15
|
+
# print "-----> Creating container redmine ... "
|
16
|
+
# if system("docker create \
|
17
|
+
# --name='redmine' \
|
18
|
+
# --env VIRTUAL_HOST=redmine.#{SmartCloud.config.apps_domain} \
|
19
|
+
# --env LETSENCRYPT_HOST=redmine.#{SmartCloud.config.apps_domain} \
|
20
|
+
# --env LETSENCRYPT_EMAIL=#{SmartCloud.config.sysadmin_email} \
|
21
|
+
# --env LETSENCRYPT_TEST=false \
|
22
|
+
# --env REDMINE_SECRET_KEY_BASE=#{SmartCloud.credentials.redmine[:secret_key_base]} \
|
23
|
+
# --env REDMINE_DB_MYSQL=#{SmartCloud.credentials.redmine[:database_host]} \
|
24
|
+
# --env REDMINE_DB_PORT=#{SmartCloud.credentials.redmine[:database_port]} \
|
25
|
+
# --env REDMINE_DB_USERNAME=#{SmartCloud.credentials.redmine[:database_username]} \
|
26
|
+
# --env REDMINE_DB_PASSWORD=#{SmartCloud.credentials.redmine[:database_password]} \
|
27
|
+
# --env REDMINE_DB_DATABASE=#{SmartCloud.credentials.redmine[:database_name]} \
|
28
|
+
# --env REDMINE_PLUGINS_MIGRATE=#{SmartCloud.credentials.redmine[:plugins_migrate]} \
|
29
|
+
# --volume='#{SmartCloud.config.user_home_path}/.smartcloud/apps/repositories:/repositories:ro' \
|
30
|
+
# --volume='#{SmartCloud.config.user_home_path}/.smartcloud/grids/redmine/files:/usr/src/redmine/files' \
|
31
|
+
# --restart='always' \
|
32
|
+
# --network='nginx-network' \
|
33
|
+
# redmine:4.0.5-alpine", out: File::NULL)
|
34
|
+
|
35
|
+
# system("docker network connect mysql-network redmine")
|
36
|
+
|
37
|
+
# puts "done"
|
38
|
+
# print "-----> Starting container redmine ... "
|
39
|
+
# if system("docker start redmine", out: File::NULL)
|
40
|
+
# puts "done"
|
41
|
+
# end
|
42
|
+
# end
|
43
|
+
# end
|
44
|
+
# end
|
45
|
+
|
46
|
+
# def self.down
|
47
|
+
# if SmartCloud::Docker.running?
|
48
|
+
# # Stopping & Removing containers - in reverse order
|
49
|
+
# print "-----> Stopping container redmine ... "
|
50
|
+
# if system("docker stop 'redmine'", out: File::NULL)
|
51
|
+
# puts "done"
|
52
|
+
# print "-----> Removing container redmine ... "
|
53
|
+
# if system("docker rm 'redmine'", out: File::NULL)
|
54
|
+
# puts "done"
|
55
|
+
# end
|
56
|
+
# end
|
57
|
+
# end
|
58
|
+
# end
|
59
|
+
# end
|
60
|
+
# end
|
61
|
+
# end
|
@@ -0,0 +1,95 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'fileutils'
|
5
|
+
require 'logger'
|
6
|
+
|
7
|
+
logger = Logger.new(STDOUT)
|
8
|
+
STDOUT.sync = true
|
9
|
+
|
10
|
+
# sshd
|
11
|
+
system('service rsyslog start && service ssh start')
|
12
|
+
|
13
|
+
# fail2ban
|
14
|
+
system('fail2ban-client start')
|
15
|
+
|
16
|
+
# haproxy
|
17
|
+
# system('haproxy -W -db -f /etc/haproxy/haproxy.cfg')
|
18
|
+
|
19
|
+
# initial setup
|
20
|
+
unless File.exist?('/run/initial_container_start')
|
21
|
+
FileUtils.touch('/run/initial_container_start')
|
22
|
+
|
23
|
+
username = ENV.delete('USERNAME')
|
24
|
+
packages = ENV.delete('PACKAGES').to_s
|
25
|
+
password = ENV.delete('PASSWORD')
|
26
|
+
container_name = ENV.delete('CONTAINER_NAME')
|
27
|
+
|
28
|
+
# apt-get
|
29
|
+
system('apt-get update', out: File::NULL)
|
30
|
+
|
31
|
+
# packages
|
32
|
+
unless packages.empty?
|
33
|
+
system("apt-get install -y --no-install-recommends #{packages}")
|
34
|
+
|
35
|
+
logger.info 'Packages setup completed.'
|
36
|
+
end
|
37
|
+
|
38
|
+
# user
|
39
|
+
unless system("id -u #{username}", [:out, :err] => File::NULL)
|
40
|
+
system("adduser --gecos '' --disabled-login #{username}", out: File::NULL)
|
41
|
+
system("adduser #{username} sudo", out: File::NULL)
|
42
|
+
system("echo '#{username}:#{password}' | chpasswd")
|
43
|
+
|
44
|
+
logger.info 'User setup completed.'
|
45
|
+
end
|
46
|
+
|
47
|
+
# user > ssh keys
|
48
|
+
# TODO: Change container_name to `hostname` when hostname has been set to container_name inside the container.
|
49
|
+
unless Dir.exist?("/home/#{username}/.ssh")
|
50
|
+
commands = [
|
51
|
+
"mkdir -p /home/#{username}/.ssh",
|
52
|
+
"ssh-keygen -b 4096 -q -f /home/#{username}/.ssh/id_rsa -N '' -C '#{username}@#{container_name}'",
|
53
|
+
"touch /home/#{username}/.ssh/authorized_keys",
|
54
|
+
"chown -R #{username}:#{username} /home/#{username}/.ssh",
|
55
|
+
"chmod -R 700 /home/#{username}/.ssh && chmod 600 /home/#{username}/.ssh/*"
|
56
|
+
]
|
57
|
+
system(commands.join(' && '))
|
58
|
+
|
59
|
+
logger.info 'User > SSH setup completed.'
|
60
|
+
end
|
61
|
+
|
62
|
+
# user > emacs
|
63
|
+
unless Dir.exist?("/home/#{username}/.emacs.d")
|
64
|
+
commands = [
|
65
|
+
"mkdir -p /home/#{username}/.emacs.d",
|
66
|
+
"cp /root/.emacs.d/* /home/#{username}/.emacs.d",
|
67
|
+
"chown -R #{username}:#{username} /home/#{username}/.emacs.d"
|
68
|
+
]
|
69
|
+
system(commands.join(' && '))
|
70
|
+
|
71
|
+
logger.info 'User > Emacs setup completed.'
|
72
|
+
end
|
73
|
+
|
74
|
+
# user > asdf > ruby > smartmachine
|
75
|
+
unless Dir.exist?("/home/#{username}/.asdf")
|
76
|
+
user_bash = "sudo -u #{username} bash --login -c"
|
77
|
+
|
78
|
+
commands = [
|
79
|
+
"#{user_bash} \"git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch $(git -c 'versionsort.suffix=-' ls-remote --exit-code --refs --sort='version:refname' --tags https://github.com/asdf-vm/asdf.git '*.*.*' | tail --lines=1 | cut --delimiter='/' --fields=3)\"",
|
80
|
+
"#{user_bash} 'echo -e \"\n# asdf version manager\n. \"\$HOME/.asdf/asdf.sh\"\n. \"\$HOME/.asdf/completions/asdf.bash\"\" >> ~/.profile'",
|
81
|
+
'apt-get install -y --no-install-recommends autoconf bison patch build-essential rustc libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libgmp-dev libncurses5-dev libffi-dev libgdbm6 libgdbm-dev libdb-dev uuid-dev', # Dependencies for ruby from https://github.com/rbenv/ruby-build/wiki#ubuntudebianmint
|
82
|
+
"#{user_bash} 'asdf plugin add ruby https://github.com/asdf-vm/asdf-ruby.git'",
|
83
|
+
"#{user_bash} 'asdf install ruby latest'",
|
84
|
+
"#{user_bash} 'asdf global ruby latest'",
|
85
|
+
"#{user_bash} 'gem install smartmachine'"
|
86
|
+
]
|
87
|
+
system(commands.join(' && '))
|
88
|
+
|
89
|
+
logger.info 'User > asdf > ruby > smartmachine setup completed.'
|
90
|
+
end
|
91
|
+
|
92
|
+
logger.info 'Initial setup completed.'
|
93
|
+
end
|
94
|
+
|
95
|
+
exec(*ARGV)
|
@@ -0,0 +1,45 @@
|
|
1
|
+
global
|
2
|
+
log stdout format raw local0
|
3
|
+
chroot /var/lib/haproxy
|
4
|
+
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
|
5
|
+
stats timeout 30s
|
6
|
+
user haproxy
|
7
|
+
group haproxy
|
8
|
+
daemon
|
9
|
+
|
10
|
+
# Default SSL material locations
|
11
|
+
ca-base /etc/ssl/certs
|
12
|
+
crt-base /etc/ssl/private
|
13
|
+
|
14
|
+
# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
|
15
|
+
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
16
|
+
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
|
17
|
+
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
|
18
|
+
|
19
|
+
defaults
|
20
|
+
log global
|
21
|
+
mode http
|
22
|
+
option httplog
|
23
|
+
option dontlognull
|
24
|
+
timeout connect 5000
|
25
|
+
timeout client 50000
|
26
|
+
timeout server 50000
|
27
|
+
errorfile 400 /etc/haproxy/errors/400.http
|
28
|
+
errorfile 403 /etc/haproxy/errors/403.http
|
29
|
+
errorfile 408 /etc/haproxy/errors/408.http
|
30
|
+
errorfile 500 /etc/haproxy/errors/500.http
|
31
|
+
errorfile 502 /etc/haproxy/errors/502.http
|
32
|
+
errorfile 503 /etc/haproxy/errors/503.http
|
33
|
+
errorfile 504 /etc/haproxy/errors/504.http
|
34
|
+
|
35
|
+
frontend myfrontend
|
36
|
+
bind :80
|
37
|
+
use_backend myservers
|
38
|
+
stats enable
|
39
|
+
stats uri /frontend/stats
|
40
|
+
stats refresh 10s
|
41
|
+
|
42
|
+
backend myservers
|
43
|
+
server server1 127.0.0.1:8000
|
44
|
+
server server2 127.0.0.1:8001
|
45
|
+
server server3 127.0.0.1:8002
|