New rubber config, minimal

Whatlock · Oct 18, 2012 · 3855a5a · 3855a5a
1 parent 148ef06
commit 3855a5a
Show file tree

Hide file tree

Showing 66 changed files with 3,961 additions and 3 deletions.
diff --git a/config/deploy.rb b/config/deploy.rb
@@ -11,9 +11,9 @@
 
 # Use a simple directory tree copy here to make demo easier.
 # You probably want to use your own repository for a real app
-set :scm, :git
-set :repository, "git://github.com/Whatlock/doyle.git"
-set :deploy_via, :remote_cache
+set :scm, :none
+set :repository, "."
+set :deploy_via, :copy
 
 # Easier to do system level config as root - probably should do it through
 # sudo in the future.  We use ssh keys for access, so no passwd needed

diff --git a/config/rubber/common/crontab b/config/rubber/common/crontab
@@ -0,0 +1,18 @@
+<%
+  @read_cmd = 'crontab -l'
+  @write_cmd = 'crontab -'
+
+%>
+
+# cron clears out environment variables, but Rubber.root/script/rubber uses
+# "rvm do default" to run, so no longer any need to setup ruby env vars here,
+# all we need is PATH
+PATH=<%= ENV['PATH'] %>
+
+MAILTO=<%= rubber_env.admin_email %>
+# don't need to set RUBBER_ENV for each script since we set it for all cron here
+RUBBER_ENV=<%= Rubber.env %>
+RAILS_ENV=<%= Rubber.env %>
+
+# Roll all rails logs at midnight
+0 0 * * * <%= Rubber.root %>/script/rubber cron --task util:rotate_logs --directory=<%= Rubber.root %>/log
diff --git a/config/rubber/common/database.yml b/config/rubber/common/database.yml
@@ -0,0 +1,12 @@
+<%
+  @path = "#{Rubber.root}/config/database.yml"
+%>
+
+<%= Rubber.env %>:
+  adapter: postgresql
+  encoding: unicode
+  database: <%= rubber_env.db_name %>
+  username: <%= rubber_env.db_user %>
+  password: <%= rubber_env.db_pass %>
+  host: <%= rubber_instances.for_role('db', 'primary' => true).first.full_name %>
+  pool: 5
diff --git a/config/rubber/common/ntp-sysctl.conf b/config/rubber/common/ntp-sysctl.conf
@@ -0,0 +1,7 @@
+<%
+  @path = "/etc/sysctl.d/60-ntp.conf"
+  @post = "/usr/sbin/service procps start"
+%>
+
+# allows us to set machine clock (xen clocks from ec2 tend to drift a lot)
+xen.independent_wallclock=1
diff --git a/config/rubber/common/ntp.conf b/config/rubber/common/ntp.conf
@@ -0,0 +1,57 @@
+<%
+  @path = "/etc/ntp.conf"
+  @post = "/usr/sbin/service ntp restart"
+%>
+# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
+
+driftfile /var/lib/ntp/ntp.drift
+
+
+# Enable this if you want statistics to be logged.
+#statsdir /var/log/ntpstats/
+
+statistics loopstats peerstats clockstats
+filegen loopstats file loopstats type day enable
+filegen peerstats file peerstats type day enable
+filegen clockstats file clockstats type day enable
+
+
+# You do need to talk to an NTP server or two (or three).
+server 0.us.pool.ntp.org
+server 1.us.pool.ntp.org
+server 2.us.pool.ntp.org
+server 3.us.pool.ntp.org
+
+<% rubber_instances.each do |ic| %>
+peer <%= ic.full_name %>
+<% end %>
+
+# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
+# details.  The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
+# might also be helpful.
+#
+# Note that "restrict" applies to both servers and clients, so a configuration
+# that might be intended to block requests from certain clients could also end
+# up blocking replies from your own upstream servers.
+
+# By default, exchange time with everybody, but don't allow configuration.
+restrict -4 default kod notrap nomodify nopeer noquery
+restrict -6 default kod notrap nomodify nopeer noquery
+
+# Local users may interrogate the ntp server more closely.
+restrict 127.0.0.1
+restrict ::1
+
+# Clients from this (example!) subnet have unlimited access, but only if
+# cryptographically authenticated.
+#restrict 192.168.123.0 mask 255.255.255.0 notrust
+
+
+# If you want to provide time to your local subnet, change the next line.
+# (Again, the address is an example only.)
+#broadcast 192.168.123.255
+
+# If you want to listen to time broadcasts on your local subnet, de-comment the
+# next lines.  Please do this only if you trust everybody on the network!
+#disable auth
+#broadcastclient
diff --git a/config/rubber/common/rsyslog.conf b/config/rubber/common/rsyslog.conf
@@ -0,0 +1,71 @@
+<%
+  log_dir = "/var/log/#{rubber_env.app_name}"
+  log_spool_dir = "/var/spool/rsyslog"
+
+  @path = "/etc/rsyslog.conf"
+  @post = <<-ENDSCRIPT
+    mkdir -p #{log_dir} #{log_spool_dir}
+    chown syslog:adm #{log_dir} #{log_spool_dir}
+    /usr/sbin/service rsyslog restart
+  ENDSCRIPT
+%>
+
+#  /etc/rsyslog.conf	Configuration file for rsyslog.
+#
+#			For more information see
+#			/usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
+#
+#  Default logging rules can be found in /etc/rsyslog.d/50-default.conf
+
+
+#################
+#### MODULES ####
+#################
+
+$ModLoad imuxsock # provides support for local system logging
+$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
+#$ModLoad immark  # provides --MARK-- message capability
+
+$KLogPath /proc/kmsg
+
+# provides UDP syslog reception
+$ModLoad imudp
+$UDPServerRun 514
+
+# provides TCP syslog reception
+#$ModLoad imtcp
+#$InputTCPServerRun 514
+
+$WorkDirectory <%= log_spool_dir %>
+$template LogCollectorDynFile,"<%= log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%programname%.log"
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+#
+# Use traditional timestamp format.
+# To enable high precision timestamps, comment out the following line.
+#
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+# Don't filter duplicated messages
+$RepeatedMsgReduction off
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner syslog
+$FileGroup adm
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+$PrivDropToUser syslog
+$PrivDropToGroup adm
+# https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/484336
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+$IncludeConfig /etc/rsyslog.d/*.conf
+
diff --git a/config/rubber/common/rubber.profile b/config/rubber/common/rubber.profile
@@ -0,0 +1,13 @@
+<%
+  @path = "/etc/profile.d/rubber.sh"
+  current_path = "/mnt/#{rubber_env.app_name}-#{Rubber.env}/current" 
+%>
+
+# convenience to simply running rails console, etc with correct env
+export RUBBER_ENV=<%= Rubber.env %>
+export RAILS_ENV=<%= Rubber.env %>
+alias current="cd <%= current_path %>"
+alias release="cd <%= Rubber.root %>"
+
+# Always use rubygems
+export RUBYOPT="rubygems"
diff --git a/config/rubber/deploy-apache.rb b/config/rubber/deploy-apache.rb
@@ -0,0 +1,59 @@
+
+namespace :rubber do
+
+  namespace :apache do
+
+    rubber.allow_optional_tasks(self)
+
+    after "rubber:install_packages", "rubber:apache:install"
+
+    task :install, :roles => :apache do
+      rubber.sudo_script 'install_apache', <<-ENDSCRIPT
+        a2dissite default
+
+        # TODO: remove this once 12.04 is fixed
+        # https://bugs.launchpad.net/ubuntu/+source/mod-proxy-html/+bug/964397
+        if [[ ! -f /usr/lib/libxml2.so.2 ]]; then
+          ln -sf /usr/lib/x86_64-linux-gnu/libxml2.so.2 /usr/lib/libxml2.so.2
+        fi
+      ENDSCRIPT
+    end
+
+    # serial_task can only be called after roles defined - not normally a problem, but
+    # rubber auto-roles don't get defined till after all tasks are defined
+    on :load do
+      rubber.serial_task self, :serial_restart, :roles => :apache do
+        rsudo "service apache2 stop; service apache2 start"
+      end
+      rubber.serial_task self, :serial_reload, :roles => :apache do
+        rsudo "if ! ps ax | grep -v grep | grep -c apache2 &> /dev/null; then service apache2 start; else service apache2 reload; fi"
+      end
+    end
+
+    before "deploy:stop", "rubber:apache:stop"
+    after "deploy:start", "rubber:apache:start"
+    after "deploy:restart", "rubber:apache:reload"
+
+    desc "Stops the apache web server"
+    task :stop, :roles => :apache do
+      rsudo "service apache2 stop || true"
+    end
+
+    desc "Starts the apache web server"
+    task :start, :roles => :apache do
+      rsudo "service apache2 start"
+    end
+
+    desc "Restarts the apache web server"
+    task :restart, :roles => :apache do
+      serial_restart
+    end
+
+    desc "Reloads the apache web server"
+    task :reload, :roles => :apache do
+      serial_reload
+    end
+
+  end
+
+end
diff --git a/config/rubber/deploy-collectd.rb b/config/rubber/deploy-collectd.rb
@@ -0,0 +1,48 @@
+
+namespace :rubber do
+
+  namespace :collectd do
+
+    rubber.allow_optional_tasks(self)
+
+    after "rubber:bootstrap", "rubber:collectd:bootstrap"
+    after "deploy:restart", "rubber:collectd:restart_rubber_plugin"
+
+
+    task :bootstrap, :roles => :collectd do
+      exists = capture("echo $(grep Rubber /etc/collectd/collectd.conf 2> /dev/null)")
+      if exists.strip.size == 0
+        rubber.update_code_for_bootstrap
+
+        rubber.run_config(:file => "role/collectd", :force => true, :deploy_path => release_path)
+
+        restart
+      end
+    end
+
+    desc "Start collectd system monitoring"
+    task :start, :roles => :collectd do
+      rsudo "service collectd start"
+    end
+
+    desc "Stop collectd system monitoring"
+    task :stop, :roles => :collectd do
+      rsudo "service collectd stop || true"
+    end
+
+    desc "Restart collectd system monitoring"
+    task :restart, :roles => :collectd do
+      stop
+      start
+    end
+
+    desc "Restart collectd rubber plugin"
+    task :restart_rubber_plugin, :roles => :collectd do
+      # Need to kill rubber collectd runner script to force collectd to restart
+      # it after deploy so that the runner script gets the new paths
+      rsudo "pkill -fn #{rubber_env.rubber_collectd_runner.sub(/./, '[\0]')} ; exit 0"
+    end
+
+  end
+
+end