ubuntu-machine 0.5.3.2.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. data/MIT-LICENSE +20 -0
  2. data/README +15 -0
  3. data/lib/capistrano/ext/ubuntu-machine.rb +30 -0
  4. data/lib/capistrano/ext/ubuntu-machine/apache.rb +118 -0
  5. data/lib/capistrano/ext/ubuntu-machine/aptitude.rb +99 -0
  6. data/lib/capistrano/ext/ubuntu-machine/extras.rb +39 -0
  7. data/lib/capistrano/ext/ubuntu-machine/ffmpeg.rb +43 -0
  8. data/lib/capistrano/ext/ubuntu-machine/gems.rb +41 -0
  9. data/lib/capistrano/ext/ubuntu-machine/git.rb +15 -0
  10. data/lib/capistrano/ext/ubuntu-machine/helpers.rb +36 -0
  11. data/lib/capistrano/ext/ubuntu-machine/iptables.rb +20 -0
  12. data/lib/capistrano/ext/ubuntu-machine/lmsensors.rb +26 -0
  13. data/lib/capistrano/ext/ubuntu-machine/machine.rb +50 -0
  14. data/lib/capistrano/ext/ubuntu-machine/mysql.rb +64 -0
  15. data/lib/capistrano/ext/ubuntu-machine/network.rb +42 -0
  16. data/lib/capistrano/ext/ubuntu-machine/ntp.rb +37 -0
  17. data/lib/capistrano/ext/ubuntu-machine/odbc.rb +44 -0
  18. data/lib/capistrano/ext/ubuntu-machine/php.rb +8 -0
  19. data/lib/capistrano/ext/ubuntu-machine/postfix.rb +7 -0
  20. data/lib/capistrano/ext/ubuntu-machine/rails3.rb +7 -0
  21. data/lib/capistrano/ext/ubuntu-machine/ruby.rb +86 -0
  22. data/lib/capistrano/ext/ubuntu-machine/ssh.rb +64 -0
  23. data/lib/capistrano/ext/ubuntu-machine/templates/apache2.erb +7 -0
  24. data/lib/capistrano/ext/ubuntu-machine/templates/deflate.conf.erb +3 -0
  25. data/lib/capistrano/ext/ubuntu-machine/templates/freetds.conf.erb +8 -0
  26. data/lib/capistrano/ext/ubuntu-machine/templates/iptables.erb +46 -0
  27. data/lib/capistrano/ext/ubuntu-machine/templates/my.cnf.erb +3 -0
  28. data/lib/capistrano/ext/ubuntu-machine/templates/new_db.erb +5 -0
  29. data/lib/capistrano/ext/ubuntu-machine/templates/ntp.conf.erb +16 -0
  30. data/lib/capistrano/ext/ubuntu-machine/templates/ntpdate.erb +13 -0
  31. data/lib/capistrano/ext/ubuntu-machine/templates/odbc.ini.erb +8 -0
  32. data/lib/capistrano/ext/ubuntu-machine/templates/odbcinst.ini.erb +7 -0
  33. data/lib/capistrano/ext/ubuntu-machine/templates/passenger.conf.erb +2 -0
  34. data/lib/capistrano/ext/ubuntu-machine/templates/passenger.load.erb +1 -0
  35. data/lib/capistrano/ext/ubuntu-machine/templates/sources.jaunty.erb +55 -0
  36. data/lib/capistrano/ext/ubuntu-machine/templates/sources.lucid.erb +22 -0
  37. data/lib/capistrano/ext/ubuntu-machine/templates/sshd_config.erb +80 -0
  38. data/lib/capistrano/ext/ubuntu-machine/templates/vhost.erb +17 -0
  39. data/lib/capistrano/ext/ubuntu-machine/templates/vsftpd.conf.erb +158 -0
  40. data/lib/capistrano/ext/ubuntu-machine/templates/xsendfile.load.erb +1 -0
  41. data/lib/capistrano/ext/ubuntu-machine/tmpfs.rb +17 -0
  42. data/lib/capistrano/ext/ubuntu-machine/utils.rb +49 -0
  43. data/lib/capistrano/ext/ubuntu-machine/vsftpd.rb +63 -0
  44. metadata +130 -0
@@ -0,0 +1,20 @@
1
+ namespace :iptables do
2
+ desc <<-DESC
3
+ Harden iptables configuration. Only allows ssh, http, and https connections and packets from SAN.
4
+
5
+ See "iptables" section on \
6
+ http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-1
7
+ DESC
8
+ task :configure, :roles => :gateway do
9
+ sudo "apt-get install iptables -y"
10
+ put render("iptables", binding), "iptables.up.rules"
11
+ sudo "mv iptables.up.rules /etc/iptables.up.rules"
12
+
13
+ sudo "iptables-restore < /etc/iptables.up.rules"
14
+
15
+ # ensure that the iptables rules are applied when we reboot the server
16
+ run "cat /etc/network/interfaces > ~/tmp_interfaces"
17
+ run "echo 'pre-up iptables-restore < /etc/iptables.up.rules' >> ~/tmp_interfaces"
18
+ sudo "mv ~/tmp_interfaces /etc/network/interfaces"
19
+ end
20
+ end
@@ -0,0 +1,26 @@
1
+ require 'yaml'
2
+ namespace :lmsensors do
3
+ desc "Install lmsensors. Not relevant for virtual servers as they usually do not have sensors available."
4
+ task :install do
5
+ sudo "aptitude install -y lm-sensors"
6
+ to_probe = []
7
+ sudo "sensors-detect", :pty => true do |ch, stream, data|
8
+ if [/YES\/no/,/yes\/NO/,/to continue/].find { |regex| data =~ regex}
9
+ # prompt, and then send the response to the remote process
10
+ ch.send_data(Capistrano::CLI.ui.ask(data) + "\n")
11
+ elsif offset = data =~ /#----cut here----\s+# Chip drivers/
12
+ text = data[offset,data.size - offset]
13
+ text.gsub!('# Chip drivers','').gsub!('#----cut here----','')
14
+ to_probe = text.strip.split("\n").map{|str| str.strip}
15
+ Capistrano::Configuration.default_io_proc.call(ch, stream, data)
16
+ else
17
+ # use the default handler for all other text
18
+ Capistrano::Configuration.default_io_proc.call(ch, stream, data)
19
+ end
20
+ end
21
+ puts "Will modprobe the following modules: %s" % to_probe.join(',')
22
+ to_probe.each do |mod|
23
+ sudo "modprobe #{mod}"
24
+ end
25
+ end
26
+ end
@@ -0,0 +1,50 @@
1
+ namespace :machine do
2
+
3
+ desc "Change the root password, create a new user and allow him to sudo and to SSH"
4
+ task :initial_setup do
5
+ set :user_to_create , user
6
+ set :user, 'root'
7
+
8
+ run_and_watch_prompt("passwd", [/Enter new UNIX password/, /Retype new UNIX password:/])
9
+
10
+ run_and_watch_prompt("adduser #{user_to_create}", [/Enter new UNIX password/, /Retype new UNIX password:/, /\[\]\:/, /\[y\/N\]/i])
11
+
12
+ # force the non-interactive mode
13
+ run "cat /etc/environment > ~/environment.tmp"
14
+ run 'echo DEBIAN_FRONTEND=noninteractive >> ~/environment.tmp'
15
+ sudo 'mv ~/environment.tmp /etc/environment'
16
+ # prevent this env variable to be skipped by sudo
17
+ run "echo 'Defaults env_keep = \"DEBIAN_FRONTEND\"' >> /etc/sudoers"
18
+
19
+ run "echo '#{user_to_create} ALL=(ALL)ALL' >> /etc/sudoers"
20
+ run "echo 'AllowUsers #{user_to_create}' >> /etc/ssh/sshd_config"
21
+ run "/etc/init.d/ssh reload"
22
+ end
23
+
24
+ task :configure do
25
+ ssh.setup
26
+ iptables.configure
27
+ aptitude.setup
28
+ end
29
+
30
+ task :install_dev_tools do
31
+ mysql.install
32
+ apache.install
33
+ ruby.install
34
+ postfix.install
35
+ gems.install_rubygems
36
+ ruby.install_enterprise
37
+ ruby.install_passenger
38
+ git.install
39
+ php.install
40
+ rails3.install
41
+ end
42
+
43
+
44
+ desc = "Ask for a user and change his password"
45
+ task :change_password do
46
+ user_to_update = Capistrano::CLI.ui.ask("Name of the user whose you want to update the password : ")
47
+
48
+ run_and_watch_prompt("passwd #{user_to_update}", [/Enter new UNIX password/, /Retype new UNIX password:/])
49
+ end
50
+ end
@@ -0,0 +1,64 @@
1
+ #TODO : change root password
2
+
3
+ namespace :mysql do
4
+ desc "Restarts MySQL database server"
5
+ task :restart, :roles => :db do
6
+ sudo "/etc/init.d/mysql restart"
7
+ end
8
+
9
+ desc "Starts MySQL database server"
10
+ task :start, :roles => :db do
11
+ sudo "/etc/init.d/mysql start"
12
+ end
13
+
14
+ desc "Stops MySQL database server"
15
+ task :stop, :roles => :db do
16
+ sudo "/etc/init.d/mysql stop"
17
+ end
18
+
19
+ desc "Export MySQL database"
20
+ task :export, :roles => :db do
21
+ database = Capistrano::CLI.ui.ask("Which database should we export: ")
22
+ sudo_and_watch_prompt("mysqldump -u root -p #{database} > #{database}.sql", /Enter\spassword/)
23
+ download "#{database}.sql", "#{default_local_files_path}/database.sql"
24
+ run "rm #{database}.sql"
25
+ end
26
+
27
+ desc "Create a new MySQL database, a new MySQL user, and load a local MySQL dump file"
28
+ task :create_database, :roles => :db do
29
+ db_root_password = Capistrano::CLI.ui.ask("MySQL root password : ")
30
+ db_name = Capistrano::CLI.ui.ask("Which database should we create: ")
31
+ db_username = Capistrano::CLI.ui.ask("Which database username should we create: ")
32
+ db_user_password = Capistrano::CLI.ui.ask("Choose a password for the new database username: ")
33
+ file_to_upload = Capistrano::CLI.ui.ask("Do you want to import a database file? (y/n) : ")
34
+ if file_to_upload == "y"
35
+ file = Capistrano::CLI.ui.ask("Which database file should we import (it must be located in #{default_local_files_path}): ")
36
+ upload "#{default_local_files_path}/#{file}", "#{file}"
37
+ end
38
+ create_db_tmp_file = "create_#{db_name}.sql"
39
+ put render("new_db", binding), create_db_tmp_file
40
+ run "mysql -u root -p#{db_root_password} < #{create_db_tmp_file}"
41
+ if file_to_upload == "y"
42
+ run "mysql -u root -p#{db_root_password} #{db_name} < #{file}"
43
+ run "rm #{file}"
44
+ end
45
+ run "rm #{create_db_tmp_file}"
46
+ end
47
+
48
+ desc "Install MySQL"
49
+ task :install, :roles => :db do
50
+ db_root_password = Capistrano::CLI.ui.ask("Choose a MySQL root password : ")
51
+
52
+ sudo "aptitude install -y mysql-server mysql-client libmysqlclient15-dev"
53
+ run "mysqladmin -u root password #{db_root_password}"
54
+ end
55
+
56
+ desc "Ask for a MySQL user and change his password"
57
+ task :change_password, :roles => :db do
58
+ user_to_update = Capistrano::CLI.ui.ask("Name of the MySQL user whose you want to update the password : ")
59
+ old_password = Capistrano::CLI.ui.ask("Old password for #{user_to_update} : ")
60
+ new_password = Capistrano::CLI.ui.ask("New password for #{user_to_update} : ")
61
+
62
+ run "mysqladmin -u #{user_to_update} -p#{old_password} password \"#{new_password}\""
63
+ end
64
+ end
@@ -0,0 +1,42 @@
1
+ namespace :network do
2
+ _cset :network_interfaces_config do
3
+ abort "Please specify the location of the /etc/network/interfaces config you want to upload.\n For example:\n set :network_interfaces_config, File.expand_path(File.join(File.dirname(__FILE__),'interfaces'))"
4
+ end
5
+ _cset :resolv_config do
6
+ abort "Please specify the location of the /etc/resolv.conf config you want to upload.\n For example:\n set :resolv_config, File.expand_path(File.join(File.dirname(__FILE__),'resolv.conf'))"
7
+ end
8
+
9
+ desc "Configure /etc/resolv.conf and /etc/network/interfaces"
10
+ task :configure do
11
+ configure_resolv_conf
12
+ configure_network_interfaces
13
+ end
14
+
15
+ desc "Configure network interfaces"
16
+ task :configure_network_interfaces do
17
+ put File.read(network_interfaces_config), "interfaces.tmp"
18
+ sudo "mv interfaces.tmp /etc/network/interfaces"
19
+ restart
20
+ end
21
+
22
+ desc "Configure /etc/resolv.conf"
23
+ task :configure_resolv_conf do
24
+ put File.read(resolv_config), "resolv.conf.tmp"
25
+ sudo "mv resolv.conf.tmp /etc/resolv.conf"
26
+ end
27
+
28
+ desc "Start the network"
29
+ task :start do
30
+ sudo "/etc/init.d/networking start"
31
+ end
32
+
33
+ desc "Restart the network"
34
+ task :restart do
35
+ sudo "/etc/init.d/networking restart"
36
+ end
37
+
38
+ desc "Stop the network"
39
+ task :stop do
40
+ sudo "/etc/init.d/networking stop"
41
+ end
42
+ end
@@ -0,0 +1,37 @@
1
+ require 'yaml'
2
+ namespace :ntp do
3
+ set :ntp_default_ntpd_opts, "NTPD_OPTS='-g'"
4
+ set :ntp_pool_servers, (0..2).map {|num| "#{num}.pool.ntp.org"}
5
+
6
+ desc "Install NTP"
7
+ task :install do
8
+ sudo "aptitude install -y ntp"
9
+ configure
10
+ end
11
+
12
+ desc "Configure NTP"
13
+ task :configure do
14
+ put render("ntpdate", binding), "ntpdate.tmp"
15
+ sudo "mv ntpdate.tmp /etc/default/ntpdate"
16
+ put render("ntp.conf", binding), "ntp.conf.tmp"
17
+ sudo "mv ntp.conf.tmp /etc/ntp.conf"
18
+ run "echo '#{ntp_default_ntpd_opts}' > ntp.tmp"
19
+ sudo "mv ntp.tmp /etc/default/ntp"
20
+ restart
21
+ end
22
+
23
+ desc "Start the NTP server"
24
+ task :start do
25
+ sudo "/etc/init.d/ntp start"
26
+ end
27
+
28
+ desc "Restart the NTP server"
29
+ task :restart do
30
+ sudo "/etc/init.d/ntp restart"
31
+ end
32
+
33
+ desc "Stop the NTP server"
34
+ task :stop do
35
+ sudo "/etc/init.d/ntp stop"
36
+ end
37
+ end
@@ -0,0 +1,44 @@
1
+ namespace :odbc do
2
+ _cset(:odbc_sourcename) { abort "Please specify the odbc sourcename:\n set :odbc_sourcename, 'MyFirstSQLServer'" }
3
+ _cset(:odbc_database) { abort "Please specify the odbc database:\n set :odbc_database, 'MyDB'" }
4
+ _cset(:odbc_host) { abort "Please specify the odbc host:\n set :odbc_host, '127.0.0.1'" }
5
+ _cset :odbc_port, '1433'
6
+
7
+ desc "Install ODBC/FreeTDS"
8
+ task :install, :roles => :app do
9
+ profile_lines = ["export ODBCINI=/etc/odbc.ini",
10
+ "export ODBCSYSINI=/etc",
11
+ "export FREETDSCONF=/etc/freetds/freetds.conf"]
12
+ sudo_add_to_file('/etc/profile',profile_lines)
13
+
14
+ freetds = "freetds-0.82"
15
+ sudo "sudo apt-get install unixodbc unixodbc-dev tdsodbc -y"
16
+ run "wget -nv ftp://ftp.ibiblio.org/pub/Linux/ALPHA/freetds/stable/#{freetds}.tar.gz"
17
+ run "tar xvzf #{freetds}.tar.gz && cd #{freetds} && ./configure && make"
18
+ sudo_keepalive
19
+ run "cd #{freetds} && sudo make install"
20
+ run "rm #{freetds}.tar.gz && rm -Rf #{freetds}"
21
+ end
22
+
23
+ desc "Install the ruby ODBC library"
24
+ task :install_rubyodbc, :roles => :app do
25
+ rubyodbc = "ruby-odbc-0.9996"
26
+ run "wget -nv http://www.ch-werner.de/rubyodbc/#{rubyodbc}.tar.gz"
27
+ run "tar xvzf #{rubyodbc}.tar.gz && cd #{rubyodbc} && ruby extconf.rb && make"
28
+ sudo_keepalive
29
+ run "cd #{rubyodbc} && sudo make install"
30
+ run "rm #{rubyodbc}.tar.gz && rm -Rf #{rubyodbc}"
31
+ end
32
+
33
+ desc "Install FreeTDS/ODBC configuration files"
34
+ task :config_files, :roles => :app do
35
+ put render("odbc.ini", binding), "odbc.ini"
36
+ sudo "mv odbc.ini /etc/odbc.ini"
37
+ put render("odbcinst.ini", binding), "odbcinst.ini"
38
+ sudo "mv odbcinst.ini /etc/odbcinst.ini"
39
+ put render("freetds.conf", binding), "more_freetds.conf"
40
+ run "cat /etc/freetds/freetds.conf more_freetds.conf > freetds.conf"
41
+ sudo "mv freetds.conf /etc/freetds/freetds.conf"
42
+ run "rm more_freetds.conf"
43
+ end
44
+ end
@@ -0,0 +1,8 @@
1
+ namespace :php do
2
+ desc "Install PHP 5"
3
+ task :install, :roles => :app do
4
+ sudo "apt-get install libapache2-mod-php5 php5 php5-common php5-curl php5-dev php5-gd php5-imagick php5-mcrypt php5-memcache php5-mhash php5-mysql php5-pspell php5-snmp php5-sqlite php5-xmlrpc php5-xsl -y"
5
+ sudo "/etc/init.d/apache2 reload"
6
+ end
7
+
8
+ end
@@ -0,0 +1,7 @@
1
+ namespace :postfix do
2
+ desc "Install postfix"
3
+ task :install, :roles => :app do
4
+ sudo "sudo apt-get install postfix -y"
5
+ end
6
+
7
+ end
@@ -0,0 +1,7 @@
1
+ namespace :rails3 do
2
+ desc "Install Rails3"
3
+ task :install, :roles => :app do
4
+ sudo "/opt/ruby-enterprise/bin/gem install rails --no-ri --no-rdoc"
5
+ sudo "apt-get install libxml2-dev libxslt1-dev"
6
+ end
7
+ end
@@ -0,0 +1,86 @@
1
+ require 'net/http'
2
+
3
+ namespace :ruby do
4
+ desc "Install Ruby 1.8"
5
+ task :install, :roles => :app do
6
+ sudo "apt-get install -y ruby1.8-dev ruby1.8 ri1.8 rdoc1.8 irb1.8 libreadline-ruby1.8 libruby1.8 libopenssl-ruby sqlite3 libsqlite3-ruby1.8"
7
+ sudo "apt-get install -y libmysql-ruby1.8"
8
+
9
+ sudo "ln -s /usr/bin/ruby1.8 /usr/bin/ruby"
10
+ sudo "ln -s /usr/bin/ri1.8 /usr/bin/ri"
11
+ sudo "ln -s /usr/bin/rdoc1.8 /usr/bin/rdoc"
12
+ sudo "ln -s /usr/bin/irb1.8 /usr/bin/irb"
13
+ end
14
+
15
+
16
+ set :ruby_enterprise_url do
17
+ Net::HTTP.get('www.rubyenterpriseedition.com', '/download.html').scan(/http:.*\.tar\.gz/).first
18
+ end
19
+
20
+ set :ruby_enterprise_version do
21
+ "#{ruby_enterprise_url[/(ruby-enterprise.*)(.tar.gz)/, 1]}"
22
+ end
23
+
24
+ set :passenger_version do
25
+ `gem list passenger$ -r`.gsub(/[\n|\s|passenger|(|)]/,"")
26
+ end
27
+
28
+
29
+ desc "Install Ruby Enterpise Edition"
30
+ task :install_enterprise, :roles => :app do
31
+ sudo "apt-get install libssl-dev -y"
32
+ sudo "apt-get install libreadline5-dev -y"
33
+
34
+ run "test ! -d /opt/#{ruby_enterprise_version}"
35
+ run "wget #{ruby_enterprise_url}"
36
+ run "tar xzvf #{ruby_enterprise_version}.tar.gz"
37
+ run "rm #{ruby_enterprise_version}.tar.gz"
38
+ sudo "./#{ruby_enterprise_version}/installer --auto /opt/#{ruby_enterprise_version}"
39
+ sudo "rm -rf #{ruby_enterprise_version}/"
40
+
41
+ # create a "permanent" link to the current REE install
42
+ sudo "ln -s /opt/#{ruby_enterprise_version} /opt/ruby-enterprise"
43
+
44
+ # add REE bin to the path
45
+ run "cat /etc/environment > ~/environment.tmp"
46
+ run 'echo PATH="/opt/ruby-enterprise/bin:$PATH" >> ~/environment.tmp'
47
+ sudo 'mv ~/environment.tmp /etc/environment'
48
+ end
49
+
50
+ desc "Install Phusion Passenger"
51
+ task :install_passenger, :roles => :app do
52
+ # sudo apt-get install libcurl4-openssl-dev
53
+ sudo "apt-get install libcurl4-openssl-dev -y"
54
+
55
+
56
+ # rake 0.8.5 needs latest version of rdoc
57
+ sudo "gem install rdoc"
58
+
59
+ # because passenger-install-apache2-module do not find the rake installed by REE
60
+ sudo "gem install rake"
61
+
62
+ sudo "apt-get install apache2-mpm-prefork -y"
63
+ sudo "apt-get install libapr1-dev -y"
64
+ sudo "apt-get install apache2-prefork-dev -y"
65
+
66
+ # call the upgrade_passenger task
67
+ upgrade_passenger
68
+ end
69
+
70
+ desc "Upgrade Phusion Passenger"
71
+ task :upgrade_passenger, :roles => :app do
72
+ sudo "/opt/#{ruby_enterprise_version}/bin/ruby /opt/#{ruby_enterprise_version}/bin/gem install passenger"
73
+ run "sudo /opt/#{ruby_enterprise_version}/bin/ruby /opt/#{ruby_enterprise_version}/bin/passenger-install-apache2-module --auto"
74
+
75
+ put render("passenger.load", binding), "/home/#{user}/passenger.load"
76
+ put render("passenger.conf", binding), "/home/#{user}/passenger.conf"
77
+
78
+ sudo "mv /home/#{user}/passenger.load /etc/apache2/mods-available/"
79
+ sudo "mv /home/#{user}/passenger.conf /etc/apache2/mods-available/"
80
+
81
+ sudo "a2enmod passenger"
82
+ apache.force_reload
83
+ end
84
+
85
+
86
+ end
@@ -0,0 +1,64 @@
1
+ namespace :ssh do
2
+
3
+ desc <<-DESC
4
+ Setup SSH on the gateway host. Runs `upload_keys`, `install_ovh_ssh_key` AND \
5
+ `configure_sshd` then reloads the SSH service to finalize the changes.
6
+ DESC
7
+ task :setup, :roles => :gateway do
8
+ upload_keys
9
+ configure_sshd
10
+ install_ovh_ssh_key if ["ovh-rps", "ovh-dedie"].include?(hosting_provider)
11
+ reload
12
+ end
13
+
14
+
15
+ desc <<-DESC
16
+ Uploads your local public SSH keys to the server. A .ssh folder is created if \
17
+ one does not already exist. The SSH keys default to the ones set in \
18
+ Capistrano's ssh_options. You can change this by setting ssh_options[:keys] = \
19
+ ["/home/user/.ssh/id_dsa"].
20
+
21
+ See "SSH copy" and "SSH Permissions" sections on \
22
+ http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-1
23
+ DESC
24
+ task :upload_keys, :roles => :gateway do
25
+ run "mkdir -p ~/.ssh"
26
+ run "chown -R #{user}:#{user} ~/.ssh"
27
+ run "chmod 700 ~/.ssh"
28
+
29
+ authorized_keys = ssh_options[:keys].collect { |key| File.read("#{key}.pub") }.join("\n")
30
+ put authorized_keys, "./.ssh/authorized_keys2", :mode => 0600
31
+ end
32
+
33
+ desc <<-DESC
34
+ Configure SSH daemon with more secure settings recommended by Slicehost. The \
35
+ will be configured to run on the port configured in Capistrano's "ssh_options". \
36
+ This defaults to the standard SSH port 22. You can change this by setting \
37
+ ssh_options[:port] = 3000. Note that this change will not take affect until \
38
+ reload the SSH service with `cap ssh:reload`.
39
+
40
+ See "SSH config" section on \
41
+ http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-1
42
+ DESC
43
+ task :configure_sshd, :roles => :gateway do
44
+ put render("sshd_config", binding), "sshd_config"
45
+ sudo "mv sshd_config /etc/ssh/sshd_config"
46
+ end
47
+
48
+ desc <<-DESC
49
+ Install OVH SSH Keys
50
+ DESC
51
+ task :install_ovh_ssh_key, :roles => :gateway do
52
+ sudo "wget ftp://ftp.ovh.net/made-in-ovh/cle-ssh-public/installer_la_cle.sh -O installer_la_cle.sh"
53
+ sudo "sh installer_la_cle.sh"
54
+ end
55
+
56
+ desc <<-DESC
57
+ Reload SSH service.
58
+ DESC
59
+ task :reload, :roles => :gateway do
60
+ sudo "/etc/init.d/ssh reload"
61
+ end
62
+
63
+
64
+ end