toquen 0.1.1 → 0.1.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -0
  3. data/lib/toquen/aws.rb +7 -1
  4. data/lib/toquen/capistrano.rb +26 -36
  5. data/lib/toquen/local_writer.rb +4 -1
  6. data/lib/toquen/version.rb +1 -1
  7. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 12bb92a9c1a199d33e77b7c902603120b442cc43
4
- data.tar.gz: 13da56549c30b17f39a2e5fafac352cb5d8ecc7d
3
+ metadata.gz: 4170f1693c5c6bfaa962826d43179a5f6eee4583
4
+ data.tar.gz: 541031a124b960ed711485f99805ccda367f00e6
5
5
  SHA512:
6
- metadata.gz: d7c316d71f39b4fc65019b5632cf5c686b13f0dde8b9ae43efbd71956dca23115bc40e1ebd1cb2ce9d3e51367a54ed70f9bedae19829ec1eb7931dcfd778b641
7
- data.tar.gz: 70de592b929668e36cd7aaaf7a9d94fe931e644714e40a0a2a2b86e70f3103fda262c95480a85571436739024a4c28875fcf91a16c6c6e81f00adbc587c13b3a
6
+ metadata.gz: d794d3149af0c9ad3b1002109496b9bc1f94959b29a8e9e8963062a7c2a84d1d695e886f823c35ad0859df0592baeddf1ee109e5f84766d9f7f63777892fdfac
7
+ data.tar.gz: b9067b1456a24d82bd83485f0229b4cc45d302098328dab95cb0180251fc03ae0bb38ed07fc80f12ac6d73878d9d92b4051ba3acfaf81d42b0956911ffec7c2d
data/README.md CHANGED
@@ -115,3 +115,5 @@ And then, when you're finished:
115
115
  Or, if you want to do everything in one step:
116
116
 
117
117
  $ cap databases open_ssh cook close_ssh
118
+
119
+ **Note**: You can also use the task *open_port[22]* and *close_port[22]* to open and close SSH (or any other port).
data/lib/toquen/aws.rb CHANGED
@@ -8,6 +8,7 @@ module Toquen
8
8
  @key_id = fetch(:aws_access_key_id)
9
9
  @key = fetch(:aws_secret_access_key)
10
10
  @regions = fetch(:aws_regions, ['us-east-1'])
11
+ AWS.config(:access_key_id => @key_id, :secret_access_key => @key)
11
12
  end
12
13
 
13
14
  def server_details
@@ -20,6 +21,11 @@ module Toquen
20
21
  }
21
22
  end
22
23
 
24
+ def get_security_groups(ids)
25
+ ectwo = AWS::EC2.new
26
+ ids.map { |id| ectwo.security_groups[id] }
27
+ end
28
+
23
29
  def authorize_ingress(secgroup, protocol, port, ip)
24
30
  # test if exists first
25
31
  return false if secgroup.ingress_ip_permissions.to_a.select { |p|
@@ -52,7 +58,7 @@ module Toquen
52
58
  :type => i.instance_type,
53
59
  :external_dns => i.public_dns_name,
54
60
  :internal_dns => i.private_dns_name,
55
- :security_groups => i.security_groups
61
+ :security_groups => i.security_groups.to_a.map(&:id)
56
62
  }
57
63
  end
58
64
  end
data/lib/toquen/capistrano.rb CHANGED
@@ -81,20 +81,9 @@ task :cook do
81
81
  end
82
82
  before :cook, :update_kitchen
83
83
 
84
- desc "Open SSH ingress to current machine"
85
- task :open_ssh do
86
- secgroups = {}
87
- filter_roles = Set.new fetch(:filter)[:roles]
88
- aws = Toquen::AWSProxy.new
89
- aws.regions.each do |region|
90
- aws.server_details_in(region).each do |instance|
91
- instance_roles = instance[:roles] + ["all", "server-#{instance[:name]}"]
92
- unless (filter_roles.intersection instance_roles.to_set).empty?
93
- instance[:security_groups].each { |sg| secgroups[sg.id] = sg }
94
- end
95
- end
96
- end
97
-
84
+ desc "Open a port of ingress to the current machine"
85
+ task :open_port, :port do |t, args|
86
+ port = (args[:port] || 22).to_i
98
87
  run_locally do
99
88
  ivip = StunClient.get_ip
100
89
  if ivip.nil?
@@ -103,30 +92,20 @@ task :open_ssh do
103
92
  end
104
93
 
105
94
  ivip = "#{ivip}/32"
106
- secgroups.values.each do |sg|
107
- if aws.authorize_ingress sg, :tcp, 22, ivip
108
- info "Opened port tcp:22 on security group '#{sg.name}' (#{sg.id}) to #{ivip}"
95
+ aws = Toquen::AWSProxy.new
96
+ aws.get_security_groups(fetch(:filter)[:secgroups]).each do |sg|
97
+ if aws.authorize_ingress sg, :tcp, port, ivip
98
+ info "Opened port tcp:#{port} on security group '#{sg.name}' (#{sg.id}) to #{ivip}"
109
99
  else
110
- warn "Port tcp:22 in security group '#{sg.name}' (#{sg.id}) already open to #{ivip}"
100
+ warn "Port tcp:#{port} in security group '#{sg.name}' (#{sg.id}) already open to #{ivip}"
111
101
  end
112
102
  end
113
103
  end
114
104
  end
115
105
 
116
- desc "Close SSH ingress to current machine"
117
- task :close_ssh do
118
- secgroups = {}
119
- filter_roles = Set.new fetch(:filter)[:roles]
120
- aws = Toquen::AWSProxy.new
121
- aws.regions.each do |region|
122
- aws.server_details_in(region).each do |instance|
123
- instance_roles = instance[:roles] + ["all", "server-#{instance[:name]}"]
124
- unless (filter_roles.intersection instance_roles.to_set).empty?
125
- instance[:security_groups].each { |sg| secgroups[sg.id] = sg }
126
- end
127
- end
128
- end
129
-
106
+ desc "Close a port of ingress to the current machine"
107
+ task :close_port, :port do |t, args|
108
+ port = (args[:port] || 22).to_i
130
109
  run_locally do
131
110
  ivip = StunClient.get_ip
132
111
  if ivip.nil?
@@ -135,16 +114,27 @@ task :close_ssh do
135
114
  end
136
115
 
137
116
  ivip = "#{ivip}/32"
138
- secgroups.values.each do |sg|
139
- if aws.revoke_ingress sg, :tcp, 22, ivip
140
- info "Closed port tcp:22 on security group '#{sg.name}' (#{sg.id}) to #{ivip}"
117
+ aws = Toquen::AWSProxy.new
118
+ aws.get_security_groups(fetch(:filter)[:secgroups]).each do |sg|
119
+ if aws.revoke_ingress sg, :tcp, port, ivip
120
+ info "Closed port tcp:#{port} on security group '#{sg.name}' (#{sg.id}) to #{ivip}"
141
121
  else
142
- warn "Port tcp:22 in security group '#{sg.name}' (#{sg.id}) already closed to #{ivip}"
122
+ warn "Port tcp:#{port} in security group '#{sg.name}' (#{sg.id}) already closed to #{ivip}"
143
123
  end
144
124
  end
145
125
  end
146
126
  end
147
127
 
128
+ desc "Open SSH ingress to current machine"
129
+ task :open_ssh do
130
+ invoke "open_port", "22"
131
+ end
132
+
133
+ desc "Close SSH ingress to current machine"
134
+ task :close_ssh do
135
+ invoke "close_port", "22"
136
+ end
137
+
148
138
  desc "install toquen capistrano setup to current directory"
149
139
  task :toquen_install do
150
140
  unless Dir.exists?('config')
data/lib/toquen/local_writer.rb CHANGED
@@ -13,11 +13,14 @@ module Toquen
13
13
  open("config/deploy/#{name}.rb", 'w') do |f|
14
14
  f.write("# This file will be overwritten by toquen! Don't put anything here.\n")
15
15
  f.write("set :stage, '#{name}'.intern\n")
16
+ secgroups = []
16
17
  servers.each { |details|
17
18
  rstring = (details[:roles] + [ "all", "server-#{details[:name]}" ]).join(' ')
18
19
  f.write("server '#{details[:external_ip]}', roles: %w{#{rstring}}, awsname: '#{details[:name]}'\n")
20
+ secgroups += details[:security_groups]
19
21
  }
20
- f.write("set :filter, roles: %w{#{name}}\n")
22
+ secstring = secgroups.uniq.join(' ')
23
+ f.write("set :filter, roles: %w{#{name}}, secgroups: %w{#{secstring}}\n")
21
24
  end
22
25
  end
23
26
 
data/lib/toquen/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Toquen
2
- VERSION = "0.1.1"
2
+ VERSION = "0.1.2"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: toquen
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brian Muller