RubyGems - subspace - Versions diffs - 1.0.6 → 1.0.7 - Mend

subspace 1.0.6 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -2
data/README.md +16 -0
data/ansible/roles/common/tasks/main.yml +23 -0
data/ansible/roles/common/templates/motd +1 -1
data/ansible/roles/common/templates/terminalcolor +25 -0
data/ansible/roles/delayed_job/tasks/main.yml +11 -1
data/ansible/roles/monit/handlers/main.yml +4 -5
data/ansible/roles/sidekiq/tasks/main.yml +1 -0
data/lib/subspace/cli.rb +2 -0
data/lib/subspace/version.rb +1 -1
data/template/provision/playbook.yml.erb +9 -3
metadata +4 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5a9de98c95a992ec3893a5503623eb34302acdba0cb51389dd9919f4c4df7906
-  data.tar.gz: 6ce8825a905cbe988d0a746855ffbd455a13097c1653aa920cb145c572f57408
+  metadata.gz: 16254186781d02c9bcbae985b9251472b9daab254ba2db81dd03de7d7e464ce4
+  data.tar.gz: 7e924dd5ff57579a5db778c7a5b109c9ce99f42df8855d4bda4ef82f42aa9d8d
 SHA512:
-  metadata.gz: 5c0e6ced6a695f19e2ebc5606f0e8bfab0e31d997272fcce6e5d37f8e16b090add480fb731fbdbd47a302d9b7c996c07034509f948627130f95a0651affd7d5a
-  data.tar.gz: 665022e50009cab85ba71ce611f5bbabe558ecb837393a82d5adf6c694cd58170a7717a468d31068ca15ad126b48fc0d652caeea70497f70dac98e2a6cb29031
+  metadata.gz: 30673a2bbab4e6c6a8303eb3cf8ecbf1c15bd434a8adb757f3f9f6bbdd86867beb2066708bda03e1509a201cea5a9e253842ee257e58913e132e0a91beb98ff4
+  data.tar.gz: b5dcbc7ecdafbef131c00911aa2f271b0586a9ad534f2ceb56936a5811d6d57f54c1440bab5acc81569c46bd5fe45083cee6a9c2b1d7ff9aa2ea9fc620e34d93

data/CHANGELOG.md CHANGED Viewed

@@ -4,9 +4,13 @@ This is a [changelog](https://keepachangelog.com/en/0.3.0/).
 This project attempts to follow [semantic versioning](https://semver.org/)
-## Unreleased
+## 1.0.7
-* _nada_
+* enhancements
+  * Add a terminal environment prompt background color to the `common` role, so you know what environment you're `ssh`'d into.
+* bug fixes
+  * Stop all monit jobs before changing the monit config.
 ## 1.0.6 - 2018-11-12

data/README.md CHANGED Viewed

@@ -39,6 +39,12 @@ Or install it yourself as:
 Initialize the project for subspace. Creates `config/provision` with all
 necessary files.
+### `subspace bootstrap <environment>`
+Ensures the $HOME/.ssh directory is present and ensures python is installed.
+Python is required to be installed on the remote server for the `provision`
+command to work.
 ### `subspace provision <environment>`
 Runs the playbook at `config/provision/<environment.yml>`.
@@ -132,6 +138,16 @@ Note: we grant the deploy user limited sudo access to run `service xyz restart`
 This is a description of all the roles that are included by installing subspace, along with their configuration.
+## alienvault
+Fixes CVEs on remote servers by installing updated versions of packages
+depending on the operating system version.
+Each CVE fix is tagged by the CVE name so updates can be targeted to a specific
+vulnerability.
+Variables: None
 ## apache
 The most important file for an apache install is the "project.conf" file that gets created in `sites-available` and symlinked to `sites-enabled`.  This is generated in a sensible way, but if you want to customize it you can do so by setting this variable to anything other than "project.conf":

data/ansible/roles/common/tasks/main.yml CHANGED Viewed

@@ -2,6 +2,21 @@
   - name: Test connection
     ping:
+  - name: Create terminal color file and make it executable
+    file:
+      path: "/etc/profile.d/termcolor.sh"
+      state: touch
+      mode: a+x
+    become: true
+  - name: Set terminal color
+    vars:
+      terminal_env_playbook: "{{terminal_env | default('not provided', true) }}"
+    template:
+      src: terminalcolor
+      dest: "/etc/profile.d/termcolor.sh"
+    become: true
   - name: Set MOTD
     template:
       src: motd
@@ -43,6 +58,14 @@
     tags:
       - upgrade
+  - name: /usr/lib/update-notifier/apt-check --human-readable
+    command: /usr/lib/update-notifier/apt-check --human-readable
+    tags:
+      - upgrade
+    register: out
+  - debug: var=out
   - name: apt-get upgrade
     apt: upgrade=full
     become: true

data/ansible/roles/common/templates/motd CHANGED Viewed

@@ -8,6 +8,6 @@ This server brought to you by:
 ~~~ https://github.com/tenforwardconsulting/subspace ~~~
 If you need to make configuration changes to the server, please modify the
-config/provision directory in the app or risk the changes dissapearing.
+config/provision directory in the app or risk the changes disappearing.
 Last subspace run: {{ansible_date_time.iso8601}}

data/ansible/roles/common/templates/terminalcolor ADDED Viewed

@@ -0,0 +1,25 @@
+{% if terminal_env_playbook == 'production'  %}
+export PROMPT_COMMAND='export PS1="\[\e[0;37m\]\[\e[1;41m\][\u@\h \W]\$ \[\e[0m\]"'
+#Write a big red rectangle to warn when you're logged into production
+echo -e '\e[0;41m\e[37m' #Set terminal colors
+for run in {1..4}
+do
+    echo "     !!!      PRODUCTION     !!!"
+done
+echo -e '\e[0m' #Reset terminal color to default
+echo ''
+{% elif terminal_env_playbook == 'development' or terminal_env_playbook == 'dev'  %}
+export PROMPT_COMMAND='export PS1="\[\e[0;37m\]\[\e[1;44m\][\u@\h \W]\$ \[\e[0m\]"'
+{% elif terminal_env_playbook == 'qa' %}
+export PROMPT_COMMAND='export PS1="\[\e[0;37m\]\[\e[1;43m\][\u@\h \W]\$ \[\e[0m\]"'
+{% else %}
+echo ''
+echo -e $'
+    No terminal environment color defined.
+    Define variable \e[0;43m\e[37m terminal_env \e[0m in your vars.
+    Acceptable values are \'development\', \'dev\', \'qa\', or \'production\'.
+    '
+echo ''
+{% endif %}

data/ansible/roles/delayed_job/tasks/main.yml CHANGED Viewed

@@ -1,12 +1,18 @@
 ---
   - set_fact: delayed_job_installed="true"
+  - name: Monit Stop All
+    shell: monit stop all
+    become: true
   - name: Install delayed_job monit script
     template:
       src: delayed-job-monit-rc
       dest: /etc/monit/conf.d/delayed_job_{{project_name}}_{{rails_env}}
     become: true
-    notify: reload_monit
+    notify:
+      - reload_monit
+      - restart_monit
   - name: Remove old upstart files
     file:
@@ -19,3 +25,7 @@
       path: /etc/monit/conf.d/delayed_job
       state: absent
     become: true
+  - name: Monit Start All
+    shell: monit start all
+    become: true

data/ansible/roles/monit/handlers/main.yml CHANGED Viewed

@@ -1,15 +1,14 @@
 ---
+  - name: reload_monit
+    shell: monit reload
+    become: true
   - name: restart_monit
     service:
       name: monit
       state: restarted
     become: true
-  - name: reload_monit
-    shell: monit reload
-    become: true
   - name: validate_monit
     shell: monit validate
     become: true

data/ansible/roles/sidekiq/tasks/main.yml CHANGED Viewed

@@ -14,5 +14,6 @@
       dest: /etc/monit/conf-enabled/sidekiq_{{project_name}}_{{rails_env}}
       state: link
     notify:
+      - reload_monit
       - restart_monit

data/lib/subspace/cli.rb CHANGED Viewed

@@ -39,6 +39,7 @@ class Subspace::Cli
       copy the authorized_keys file.  You will possibly need to type a password here.'
       c.option '--password', "Ask for a password instead of using ssh keys"
       c.option '--yum', "Use yum instead of apt to install python"
+      c.option "-i", "--private-key PRIVATE-KEY", "Alias for private-key"
       Subspace::Commands::Bootstrap::PASS_THROUGH_PARAMS.each do |param_name|
         c.option "--#{param_name} #{param_name.upcase}", "Passed directly through to ansible-playbook command"
       end
@@ -49,6 +50,7 @@ class Subspace::Cli
       c.syntax = 'subspace provision [options]'
       c.summary = ''
       c.description = ''
+      c.option "-i", "--private-key PRIVATE-KEY", "Alias for private-key"
       Subspace::Commands::Provision::PASS_THROUGH_PARAMS.each do |param_name|
         c.option "--#{param_name} #{param_name.upcase}", "Passed directly through to ansible-playbook command"
       end

data/lib/subspace/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Subspace
-  VERSION = "1.0.6"
+  VERSION = "1.0.7"
 end

data/template/provision/playbook.yml.erb CHANGED Viewed

@@ -1,16 +1,22 @@
 ---
   - hosts: <%= @env %>
-    sudo: yes
+    become: yes
     vars_files:
       - ./vars/<%= @env %>.yml
     roles:
       - common
+      - yarn
+      - nodejs
       - ruby-common
       - rails
-      - apache
-      - passenger
+      - puma
+      - nginx
       - letsencrypt
+      - nginx # This is included twice intentionally. I think there is a bug that is fixed by running it both before and after the letsencrypt role.
       - postgresql
+      - monit
+      - logrotate
+      - collectd
       - delayed_job

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: subspace
 version: !ruby/object:Gem::Version
-  version: 1.0.6
+  version: 1.0.7
 platform: ruby
 authors:
 - Brian Samson
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2018-11-12 00:00:00.000000000 Z
+date: 2019-02-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -131,6 +131,7 @@ files:
 - ansible/roles/common/tasks/swap.yml
 - ansible/roles/common/templates/motd
 - ansible/roles/common/templates/motd2
+- ansible/roles/common/templates/terminalcolor
 - ansible/roles/delayed_job/README.md
 - ansible/roles/delayed_job/defaults/main.yml
 - ansible/roles/delayed_job/handlers/main.yml
@@ -297,7 +298,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.7.7
+rubygems_version: 2.7.8
 signing_key:
 specification_version: 4
 summary: Ansible-based server provisioning for rails projects