RubyGems - subspace - Versions diffs - 1.0.6 → 1.0.7 - Mend

subspace 1.0.6 → 1.0.7

Files changed (13) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -2
data/README.md +16 -0
data/ansible/roles/common/tasks/main.yml +23 -0
data/ansible/roles/common/templates/motd +1 -1
data/ansible/roles/common/templates/terminalcolor +25 -0
data/ansible/roles/delayed_job/tasks/main.yml +11 -1
data/ansible/roles/monit/handlers/main.yml +4 -5
data/ansible/roles/sidekiq/tasks/main.yml +1 -0
data/lib/subspace/cli.rb +2 -0
data/lib/subspace/version.rb +1 -1
data/template/provision/playbook.yml.erb +9 -3
metadata +4 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5a9de98c95a992ec3893a5503623eb34302acdba0cb51389dd9919f4c4df7906
-  data.tar.gz: 6ce8825a905cbe988d0a746855ffbd455a13097c1653aa920cb145c572f57408
+  metadata.gz: 16254186781d02c9bcbae985b9251472b9daab254ba2db81dd03de7d7e464ce4
+  data.tar.gz: 7e924dd5ff57579a5db778c7a5b109c9ce99f42df8855d4bda4ef82f42aa9d8d
 SHA512:
-  metadata.gz: 5c0e6ced6a695f19e2ebc5606f0e8bfab0e31d997272fcce6e5d37f8e16b090add480fb731fbdbd47a302d9b7c996c07034509f948627130f95a0651affd7d5a
-  data.tar.gz: 665022e50009cab85ba71ce611f5bbabe558ecb837393a82d5adf6c694cd58170a7717a468d31068ca15ad126b48fc0d652caeea70497f70dac98e2a6cb29031
+  metadata.gz: 30673a2bbab4e6c6a8303eb3cf8ecbf1c15bd434a8adb757f3f9f6bbdd86867beb2066708bda03e1509a201cea5a9e253842ee257e58913e132e0a91beb98ff4
+  data.tar.gz: b5dcbc7ecdafbef131c00911aa2f271b0586a9ad534f2ceb56936a5811d6d57f54c1440bab5acc81569c46bd5fe45083cee6a9c2b1d7ff9aa2ea9fc620e34d93

data/CHANGELOG.md CHANGED Viewed

@@ -4,9 +4,13 @@ This is a [changelog](https://keepachangelog.com/en/0.3.0/).
 This project attempts to follow [semantic versioning](https://semver.org/)
-## Unreleased
+## 1.0.7
-* _nada_
+* enhancements
+  * Add a terminal environment prompt background color to the `common` role, so you know what environment you're `ssh`'d into.
+* bug fixes
+  * Stop all monit jobs before changing the monit config.
 ## 1.0.6 - 2018-11-12

data/README.md CHANGED Viewed

@@ -39,6 +39,12 @@ Or install it yourself as:
 Initialize the project for subspace. Creates `config/provision` with all
 necessary files.
+### `subspace bootstrap <environment>`
+Ensures the $HOME/.ssh directory is present and ensures python is installed.
+Python is required to be installed on the remote server for the `provision`
+command to work.
 ### `subspace provision <environment>`
 Runs the playbook at `config/provision/<environment.yml>`.
@@ -132,6 +138,16 @@ Note: we grant the deploy user limited sudo access to run `service xyz restart`
 This is a description of all the roles that are included by installing subspace, along with their configuration.
+## alienvault
+Fixes CVEs on remote servers by installing updated versions of packages
+depending on the operating system version.
+Each CVE fix is tagged by the CVE name so updates can be targeted to a specific
+vulnerability.
+Variables: None
 ## apache
 The most important file for an apache install is the "project.conf" file that gets created in `sites-available` and symlinked to `sites-enabled`.  This is generated in a sensible way, but if you want to customize it you can do so by setting this variable to anything other than "project.conf":

data/ansible/roles/common/tasks/main.yml CHANGED Viewed

@@ -2,6 +2,21 @@
   - name: Test connection
     ping:
+  - name: Create terminal color file and make it executable
+    file:
+      path: "/etc/profile.d/termcolor.sh"
+      state: touch
+      mode: a+x
+    become: true
+  - name: Set terminal color
+    vars:
+      terminal_env_playbook: "{{terminal_env | default('not provided', true) }}"
+    template:
+      src: terminalcolor
+      dest: "/etc/profile.d/termcolor.sh"
+    become: true
   - name: Set MOTD
     template:
       src: motd
@@ -43,6 +58,14 @@
     tags:
       - upgrade
+  - name: /usr/lib/update-notifier/apt-check --human-readable
+    command: /usr/lib/update-notifier/apt-check --human-readable
+    tags:
+      - upgrade
+    register: out
+  - debug: var=out
   - name: apt-get upgrade
     apt: upgrade=full
     become: true

data/ansible/roles/common/templates/motd CHANGED Viewed

@@ -8,6 +8,6 @@ This server brought to you by:
 ~~~ https://github.com/tenforwardconsulting/subspace ~~~
 If you need to make configuration changes to the server, please modify the
-config/provision directory in the app or risk the changes dissapearing.
+config/provision directory in the app or risk the changes disappearing.
 Last subspace run: {{ansible_date_time.iso8601}}

data/ansible/roles/common/templates/terminalcolor ADDED Viewed

@@ -0,0 +1,25 @@
+{% if terminal_env_playbook == 'production'  %}
+export PROMPT_COMMAND='export PS1="\[\e[0;37m\]\[\e[1;41m\][\u@\h \W]\$ \[\e[0m\]"'
+#Write a big red rectangle to warn when you're logged into production
+echo -e '\e[0;41m\e[37m' #Set terminal colors
+for run in {1..4}
+do
+    echo "     !!!      PRODUCTION     !!!"
+done
+echo -e '\e[0m' #Reset terminal color to default
+echo ''
+{% elif terminal_env_playbook == 'development' or terminal_env_playbook == 'dev'  %}
+export PROMPT_COMMAND='export PS1="\[\e[0;37m\]\[\e[1;44m\][\u@\h \W]\$ \[\e[0m\]"'
+{% elif terminal_env_playbook == 'qa' %}
+export PROMPT_COMMAND='export PS1="\[\e[0;37m\]\[\e[1;43m\][\u@\h \W]\$ \[\e[0m\]"'
+{% else %}
+echo ''
+echo -e $'
+    No terminal environment color defined.
+    Define variable \e[0;43m\e[37m terminal_env \e[0m in your vars.
+    Acceptable values are \'development\', \'dev\', \'qa\', or \'production\'.
+    '
+echo ''
+{% endif %}

data/ansible/roles/delayed_job/tasks/main.yml CHANGED Viewed

@@ -1,12 +1,18 @@
 ---
   - set_fact: delayed_job_installed="true"
+  - name: Monit Stop All
+    shell: monit stop all
+    become: true
   - name: Install delayed_job monit script
     template:
       src: delayed-job-monit-rc
       dest: /etc/monit/conf.d/delayed_job_{{project_name}}_{{rails_env}}
     become: true
-    notify: reload_monit
+    notify:
+      - reload_monit
+      - restart_monit
   - name: Remove old upstart files
     file:
@@ -19,3 +25,7 @@
       path: /etc/monit/conf.d/delayed_job
       state: absent
     become: true
+  - name: Monit Start All
+    shell: monit start all
+    become: true

data/ansible/roles/monit/handlers/main.yml CHANGED Viewed

@@ -1,15 +1,14 @@
 ---
+  - name: reload_monit
+    shell: monit reload
+    become: true
   - name: restart_monit
     service:
       name: monit
       state: restarted
     become: true
-  - name: reload_monit
-    shell: monit reload
-    become: true
   - name: validate_monit
     shell: monit validate
     become: true

data/ansible/roles/sidekiq/tasks/main.yml CHANGED Viewed

@@ -14,5 +14,6 @@
       dest: /etc/monit/conf-enabled/sidekiq_{{project_name}}_{{rails_env}}
       state: link
     notify:
+      - reload_monit
       - restart_monit

data/lib/subspace/cli.rb CHANGED Viewed

@@ -39,6 +39,7 @@ class Subspace::Cli
       copy the authorized_keys file.  You will possibly need to type a password here.'
       c.option '--password', "Ask for a password instead of using ssh keys"
       c.option '--yum', "Use yum instead of apt to install python"
+      c.option "-i", "--private-key PRIVATE-KEY", "Alias for private-key"
       Subspace::Commands::Bootstrap::PASS_THROUGH_PARAMS.each do |param_name|
         c.option "--#{param_name} #{param_name.upcase}", "Passed directly through to ansible-playbook command"
       end
@@ -49,6 +50,7 @@ class Subspace::Cli
       c.syntax = 'subspace provision [options]'
       c.summary = ''
       c.description = ''
+      c.option "-i", "--private-key PRIVATE-KEY", "Alias for private-key"
       Subspace::Commands::Provision::PASS_THROUGH_PARAMS.each do |param_name|
         c.option "--#{param_name} #{param_name.upcase}", "Passed directly through to ansible-playbook command"
       end

data/lib/subspace/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Subspace
-  VERSION = "1.0.6"
+  VERSION = "1.0.7"
 end

data/template/provision/playbook.yml.erb CHANGED Viewed

@@ -1,16 +1,22 @@
 ---
   - hosts: <%= @env %>
-    sudo: yes
+    become: yes
     vars_files:
       - ./vars/<%= @env %>.yml
     roles:
       - common
+      - yarn
+      - nodejs
       - ruby-common
       - rails
-      - apache
-      - passenger
+      - puma
+      - nginx
       - letsencrypt
+      - nginx # This is included twice intentionally. I think there is a bug that is fixed by running it both before and after the letsencrypt role.
       - postgresql
+      - monit
+      - logrotate
+      - collectd
       - delayed_job

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: subspace
 version: !ruby/object:Gem::Version
-  version: 1.0.6
+  version: 1.0.7
 platform: ruby
 authors:
 - Brian Samson
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2018-11-12 00:00:00.000000000 Z
+date: 2019-02-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -131,6 +131,7 @@ files:
 - ansible/roles/common/tasks/swap.yml
 - ansible/roles/common/templates/motd
 - ansible/roles/common/templates/motd2
+- ansible/roles/common/templates/terminalcolor
 - ansible/roles/delayed_job/README.md
 - ansible/roles/delayed_job/defaults/main.yml
 - ansible/roles/delayed_job/handlers/main.yml
@@ -297,7 +298,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.7.7
+rubygems_version: 2.7.8
 signing_key:
 specification_version: 4
 summary: Ansible-based server provisioning for rails projects