Skip to content
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
148 lines (116 sloc) 4.48 KB
# -*- mode: ruby -*-
# vi: set ft=ruby :
$priv_script = <<SCRIPT
apt-get -y update
apt-get -y install apt-transport-https ca-certificates curl \
dkms linux-headers-amd64 linux-image-amd64
curl -s > \
curl -s > \
echo >/etc/apt/sources.list.d/postgresql.list \
'deb stretch-pgdg main 9.6'
echo >/etc/apt/sources.list.d/nodesource.list \
'deb stretch main'
apt-get -y update
apt-mark hold grub-pc
apt-get -y dist-upgrade
# Provides split-dns for Weasyl VPN users (otherwise unused)
mkdir -p /etc/dnsmasq.d/
echo "server=/" > /etc/dnsmasq.d/
apt-get install -y dnsmasq
if ! grep -Fxq "prepend domain-name-servers;" /etc/dhcp/dhclient.conf
echo "prepend domain-name-servers;" >> /etc/dhcp/dhclient.conf
dhclient -x
dhclient eth0
apt-get -y install \
git-core libffi-dev libmagickcore-dev libpam-systemd libssl-dev \
libxml2-dev libxslt-dev memcached nginx pkg-config liblzma-dev \
python-dev python-virtualenv sassc
# Assure that nginx attempts restart if it can't immediately use its proxy host at startup.
mkdir -p /etc/systemd/system/nginx.service.d
echo "[Service]
RestartSec=5" > /etc/systemd/system/nginx.service.d/restart.conf
systemctl daemon-reload
apt-get -y --allow-unauthenticated install \
libpq-dev nodejs postgresql-9.6 postgresql-contrib-9.6
# Required to get Pillow >= 5.0.0 to build from source (since we've disabled using wheels from PyPI)
apt-get -y install build-essential
sudo -u postgres dropdb weasyl
sudo -u postgres dropuser vagrant
sudo -u postgres createuser -drs vagrant
sudo -u postgres createdb -E UTF8 -O vagrant weasyl
sudo -u postgres createdb -E UTF8 -O vagrant weasyl_test
sudo -u vagrant psql weasyl -c 'CREATE EXTENSION hstore;'
curl \
| unxz | sudo -u vagrant psql weasyl
openssl req -subj '/' -nodes -new -newkey rsa:2048 \
-keyout /etc/ssl/private/weasyl.key.pem -out /tmp/weasyl.req.pem
openssl x509 -req -days 3650 -in /tmp/weasyl.req.pem \
-signkey /etc/ssl/private/weasyl.key.pem -out /etc/ssl/private/weasyl.crt.pem
cat >/etc/nginx/sites-available/weasyl <<NGINX
server {
listen 8443 ssl http2;
ssl_certificate /etc/ssl/private/weasyl.crt.pem;
ssl_certificate_key /etc/ssl/private/weasyl.key.pem;
rewrite "^(/static/(submission|character)/../../../../../../)(.+)-(.+)\$" \\$1\\$4 break;
# Allows trailing slash after a profile name
rewrite ^/(.*)/$ /\\$1 permanent;
location /static {
root /home/vagrant/weasyl;
try_files \\$uri @proxy;
location /css {
root /home/vagrant/weasyl/build;
location / {
if (\\$request_method = HEAD) {
gzip off;
proxy_redirect off;
proxy_set_header X-Forwarded-Proto \\$scheme;
proxy_set_header Host \\$http_host;
proxy_set_header X-Real-IP \\$remote_addr;
proxy_set_header X-Forwarded-For \\$proxy_add_x_forwarded_for;
client_max_body_size 30m;
client_body_buffer_size 128k;
proxy_connect_timeout 10;
proxy_send_timeout 30;
proxy_read_timeout 30;
proxy_buffers 32 4k;
location @proxy {
ln -fs /etc/nginx/sites-available/weasyl /etc/nginx/sites-enabled
/etc/init.d/nginx restart
$unpriv_script = <<SCRIPT
# Install libweasyl into the weasyl directory and upgrade this VM's DB.
ln -s /vagrant ~/weasyl
cd ~/weasyl
make install-libweasyl upgrade-db
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| = "debian/stretch64"
config.vm.synced_folder '.', '/vagrant', type: "virtualbox"
config.vm.hostname = "vagrant-weasyl"
config.vm.provision :shell, :privileged => true, :inline => $priv_script
config.vm.provision :shell, :privileged => false, :inline => $unpriv_script :forwarded_port, host: 8443, guest: 8443
# Increase memory.
config.vm.provider "virtualbox" do |v|
v.memory = 1024
config.vm.provider "vmware_fusion" do |v|
v.vmx["memsize"] = "1024"
You can’t perform that action at this time.