/
deploy.rb.sample
444 lines (377 loc) · 16.8 KB
/
deploy.rb.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
#!/bin/bash
#
# CHANGES TO BE MADE ON THE DESTIN SERVER
# setup for Ubuntu 12.04LTS desktop 32bits
# install vbox-tools
# set fixed ip on remote linux station
# set password for root with "sudo passwd root" command
# manually install "apt-get -y install ssh openssh-server"
##### ATTENTION
##### How to secure your linux
##### http://feross.org/how-to-setup-your-linode/
##### https://library.linode.com/securing-your-server
##### http://securityroots.com/blog/2014/01/protecting-app-rails-fail2ban/
#
#
#
# CHANGES TO BE MADE ON HOST COMMANDER
# make sure your "commander linux" is with capistrano, ruby and git installed
# git clone automate_files
# enter automate_files folder
#
# update config/deploy.rb with your needs
# remember to set your password overwriting {senha} param
# make sure the port, domains, hosts setting are ok
# user the command "capify ." to start use capistrano
# use it with cap command
# FOR MANNUAL INSTALLATION hit "cap basics"
# FOR A FULL INSTALLATION hit "cap prepare"
# Seteps to get a Server Setup Proccess
# ----------------------------------------------------------------------------
# +full installation
#
# +webmin adjusts
#
# +dns
#
# +server users
#
# +apache virtual domains
#
# +database users for mysql-postgresql
#
# +deploy script staging/production
# - database file
# - virtual config
#
# +gen guides to access
# - root access (shell, mysql)
# - production user (shell, postgres, mysql, virtual)
# - staging user (shell, postgres, mysql, virtual)
#
# +create the redirections for virtuals
# pending
#
# ---------------------------------------------------------------------------
#-----------------------------------------------------------------------
#
# After Settings:
#
# > setup dns server via webmin and sets local to use it - 30m
# > setup and test apache main domain... questions about log files - 30m
# > setup and test 2 email users on the main domain - update config files - check templates - 30m
# > add virtual domain to start an fresh app - 30m
# execute #{folder}/automate_files/rvm_install
# execute #{folder}/automate_files/heorku_toolbelt
# install mailutils and kerio follow kerio_install script
#
# ----------------------------------------------------------------------------------------------
# Desktop adds
#
#teamview 30m
# wget http://www.teamviewer.com/download/version_8x/teamviewer_linux.deb
# sudo dpkg -i teamviewer* && sudo apt-get install -f
#
#adobe-flashplugin 30m
# via Ubuntu Software Center
# http://ubuntuguide.net/install-adobe-flash-plugin-in-ubuntu-12-04both-3264-bit
#
#skype 30m
# sudo apt-add-repository "deb http://archive.canonical.com/ $(lsb_release -sc) partner"
# sudo apt-get update && sudo apt-get install skype
#
#smb-w7/xp 30m
# sudo apt-get install system-config-samba
# sudo smbpasswd -a <username>
# http://www.liberiangeek.net/2012/05/windows-7-vs-ubuntu-12-04-how-to-enable-advanced-file-sharing/
#
#gtalk 30m
#use empathy
#http://www.ubuntututorials.com/install-google-talk-ubuntu-12-04/
#
#filezilla 30m
#sudo apt-get -y install filezilla filezilla-common
#
#mirc 30m
#sudo apt-get install xchat
#http://wiki.ubuntu-br.org/IRC/ComoUsar
#
#forwardhq 30m
#gem install forward
#foward [port]
#
# Chrome
# wget -q -O- https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
# sudo sh -c 'echo "deb http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google.list'
# sudo apt-get update
# sudo apt-get install -y google-chrome-stable
#
# Safari Installation
# http://www.guguncube.com/694/ubuntu-installation-of-firefox-chrome-opera-safari-internet-browsers-in-ubuntu-12-04-12-10-13-10
#
#
# SETUP SSL CERTIFCATE ON UBUNTU
#
# https://www.digitalocean.com/community/articles/how-to-set-up-multiple-ssl-certificates-on-one-ip-with-apache-on-ubuntu-12-04
# https://www.digitalocean.com/community/articles/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-12-04
# :: INFO ABAOUT CUSTOMS REDIRECTS
# https://www.linode.com/wiki/index.php/Apache2_SSL_in_Ubuntu
# http://www.cyberciti.biz/faq/apache-redirect-domaincom-to-wwwdomaincom/
# :: WHERE TO BUY
# http://www.instantssl.com/
# http://www.rapidssl.com/
# http://www.cheapssls.com/
#-----------------------------------------------------------------------
#
#
# CAPISTRANO REQUIRES
# add the command below to bashrc of the dev user
# eval `ssh-agent -s`
#
#
server "192.168.1.7", :web, :app, :db, primary: true
set :plat, "i386" # [i386,amd64]
set :port, 22
set :user, "root"
set :application, "pub"
set :deploy_to, "/root/pack"
set :use_sudo, true
set :folder, "~/pack"
set :hostname, "server"
set :gemOptions, "--no-ri --no-rdoc"
set :domain, "domain.net"
default_run_options[:pty] = true
ssh_options[:forward_agent] = true
# if you want to send pem key
#ssh_options[:auth_methods] = ["publickey"]
#ssh_options[:keys] = ["/home/max/Downloads/youintop_aws_key.pem"]
task :basics do
run "export DEBIAN_FRONTEND=noninteractive"
run "sudo apt-get -y update"
run "sudo apt-get -y upgrade"
run "sudo apt-get -y install ntp ntpdate"
run "sudo apt-get -y install ssh openssh-server"
run "sudo apt-get -y install lynx libcurl4-gnutls-dev libexpat1-dev gettext libz-dev libssl-dev build-essential"
run "sudo apt-get -y install nmap tree unzip unrar-free bind9 dnsutils apache2 libcurl4-openssl-dev apache2-prefork-dev libapr1-dev libaprutil1-dev sqlite3 mysql-client"
run 'echo "mysql-server mysql-server/root_password password {senha}" | sudo debconf-set-selections; echo "mysql-server mysql-server/root_password_again password {senha}" | sudo debconf-set-selections; sudo apt-get -y install mysql-server'
run "sudo apt-get -y install postgresql libpq-dev" # need configure see attach url
# sudo apt-get -y install pgadmin3 #needs X-11
run "sudo apt-get -y install libtool autoconf"
run "sudo apt-get -y install libxslt-dev libxml2-dev"
run "sudo apt-get -y install libqt4-dev libqtwebkit-dev"
# https://www.digitalocean.com/community/articles/how-to-install-git-on-ubuntu-12-04
run "sudo apt-get -y install git git-core"
run 'mkdir -p ~/pack; cd ~/pack; if [ ! -d ~/pack/automate_files ]; then git clone git://github.com/inforserver2/automate_files.git; fi'
# http://www.compilando.org/wp/sem-categoria/resolva-o-erro-add-apt-repository-command-not-found-no-ubuntu-natty-11-04
run "sudo apt-get -y install python-software-properties"
# install ruby
run "sudo add-apt-repository -y ppa:brightbox/ruby-ng-experimental"
run "sudo apt-get update"
run "sudo apt-get install -y ruby2.0 ruby2.0-dev"
run "sudo ln -sf /usr/bin/ruby2.0 /usr/bin/ruby"
# install python 3.3
run "sudo add-apt-repository -y ppa:fkrull/deadsnakes"
run "sudo apt-get update"
run "sudo apt-get -y install python3.3 python3.3-dev"
#follow to update libxml to version 2.8 - Depends on python3.3-dev
run "#{folder}/automate_files/libxml_update"
# PHP
# http://www.inoweb.com.br/site/blog/7-instalando-apache-php-mysql-phpmyadmin-ubuntu-12
run "sudo apt-get -y install php5 libapache2-mod-php5"
run "sudo apt-get -y install php5-mysql php5-curl php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-mhash php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-json php5-pgsql"
# JAVA
# http://www.ubuntudicas.com.br/blog/2012/04/instale-o-oracle-java-jdk-7-no-ubuntu-12-04-e-11-10/
run "sudo add-apt-repository -y ppa:webupd8team/java"
#-
run "sudo apt-get -y update"
run "sudo echo oracle-java7-installer shared/accepted-oracle-license-v1-1 select true | sudo debconf-set-selections"
run "sudo apt-get -y install oracle-java7-installer"
run "sudo apt-get -y install aspell libevent-dev libgmp10 libgmp-dev curl libfile-next-perl"
# http://hantys.blogspot.com.br/2012/04/instalando-imagemagick-ubuntu-1204.html
run "sudo apt-get -y install libperl-dev"
run "sudo apt-get -y install libmagickwand-dev libmagickcore-dev libmagick++-dev libmagickcore4-extra libgraphviz-dev libgvc5"
# via repository
run "sudo apt-get -y install imagemagick"
run "sudo apt-get -y install memcached"
run "sudo apt-get -y install perl libnet-ssleay-perl libauthen-pam-perl libpam-runtime openssl libio-pty-perl apt-show-versions python"
# install redis
run "sudo add-apt-repository -y ppa:rwky/redis"
run "sudo apt-get -y update"
run "sudo apt-get -y install redis-server"
run "sudo apt-get -y install ack-grep"
# INSTALL SOLR-TOMCAT
# https://github.com/sunspot/sunspot/wiki/Configure-Solr-on-Ubuntu%2C-the-quickest-way
run "sudo apt-get -y install openjdk-6-jdk"
run "sudo apt-get -y install solr-tomcat"
run "sudo service tomcat6 start"
end
task :step2 do
run "#{folder}/automate_files/webmin_load_src"
run "#{folder}/automate_files/git_completion_setup"
run "cd #{folder}; wget http://www.webmin.com/jcameron-key.asc; sudo apt-key add jcameron-key.asc; sudo rm -rf jcameron-key.asc*"
run "sudo apt-get -y update"
run "sudo apt-get -y install webmin"
# Install Sphinx
# run "#{folder}/automate_files/sphinx_install #{plat}"
run "sudo add-apt-repository -y ppa:builds/sphinxsearch-stable"
run "sudo apt-get -y install sphinxsearch"
end
task :keygen do
run "ssh-keygen -t rsa -q -N '' -f ~/.ssh/id_rsa "
end
task :vim do
run "sudo apt-get -y install exuberant-ctags ncurses-term ack ncurses-dev"
# compile vim if wants CommandT
# run "#{folder}/automate_files/compile_vim"
# install vim normally
run "sudo apt-get -y install vim vim-nox vim-gtk"
run "#{folder}/automate_files/load_vimfiles"
run "#{folder}/automate_files/personal_vim"
# run "#{folder}/automate_files/command_t_install"
end
task :pear do
# perl-extensions
run "sudo pear channel-discover pear.horde.org"
run "sudo pear channel-update pear.horde.org"
run "sudo pear install Horde/Horde_Yaml-beta"
end
task :rails do
# Update rubygems
run "( ! sudo gem list | grep rubygems-update ) && (gem install rubygems-update #{gemOptions} && sudo update_rubygems) || echo rubygems-update already installed!"
# install ruby on rails and utilities
run "( ! sudo gem list | grep rails ) && sudo gem install rails #{gemOptions} -f || echo rails already installed!"
run "( ! sudo gem list | grep whenever ) && sudo gem install whenever #{gemOptions}|| echo whenever already installed!"
run "( ! sudo gem list | grep annotate ) && sudo gem install annotate #{gemOptions}|| echo annotate already installed!"
run "( ! sudo gem list | grep astrails-safe ) && sudo gem install astrails-safe #{gemOptions}|| echo astrails-safe already installed!"
run "( ! sudo gem list | grep delayed_job ) && sudo gem install delayed_job #{gemOptions}|| echo delayed_job already installed!"
run "( ! sudo gem list | grep therubyracer ) && sudo gem install therubyracer #{gemOptions}|| echo therubyracer already installed!"
run "( ! sudo gem list | grep pg ) && sudo gem install pg #{gemOptions}|| echo pg already installed!"
run "( ! sudo gem list | grep mysql2 ) && sudo gem install mysql2 #{gemOptions}|| echo mysql already installed!"
run "( ! sudo gem list | grep rmagick ) && sudo gem install rmagick #{gemOptions}|| echo rmagick already installed!"
run "( ! sudo gem list | grep sqlite3 ) && sudo gem install sqlite3 #{gemOptions}|| echo sqlite already installed!"
run "( ! sudo gem list | grep carrierwave ) && sudo gem install carrierwave #{gemOptions}|| echo carrierwave already installed!"
run "( ! sudo gem list | grep rspec ) && sudo gem install rspec-rails #{gemOptions}|| echo rspec already installed!"
run "( ! sudo gem list | grep sass ) && sudo gem install sass #{gemOptions}|| echo sass already installed!"
run "( ! sudo gem list | grep forward ) && sudo gem install forward #{gemOptions}|| echo forward already installed!"
run "( ! sudo gem list | grep nokogiri ) && sudo gem install nokogiri #{gemOptions}|| echo nokogiri already installed!"
run "( ! sudo gem list | grep capistrano ) && sudo gem install capistrano #{gemOptions}|| echo capistrano already installed!"
# setup passenger
run "( ! sudo gem list | grep passenger ) && sudo gem install passenger #{gemOptions}|| echo passenger already installed!"
run "#{folder}/automate_files/passenger_config"
end
task :php_modules do
run "#{folder}/automate_files/setup_ioncube_zend #{plat}"
# PHPMYADMIN
#cd ~/pack
#wget http://downloads.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.5.2.2/phpMyAdmin-3.5.2.2-english.tar.gz
#tar -zxvf phpMyAdmin-3.5.2.2-english.tar.gz
#cp -rf phpMyAdmin-3.5.2.2-english /var/www/tools/phpMyAdmin
# OR
# http://gercogandia.blogspot.com.br/2012/11/automatic-unattended-install-of.html
run 'echo "phpmyadmin phpmyadmin/app-password-confirm password {senha}" | sudo debconf-set-selections; echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections; echo "phpmyadmin phpmyadmin/mysql/admin-pass password {senha}" | sudo debconf-set-selections; echo "phpmyadmin phpmyadmin/mysql/app-pass password {senha}" | sudo debconf-set-selections; echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2" | sudo debconf-set-selections; sudo apt-get install phpmyadmin -y'
# PHPPGADMIN
# config at http://www.vivaolinux.com.br/dica/Instalacao-e-configuracao-do-PostgreSQL-e-phpPgAdmin-no-Debian
# cd ~/pack
# wget http://downloads.sourceforge.net/phppgadmin/phpPgAdmin-5.0.4.tar.gz
# tar -zxvf phpPgAdmin-5.0.4.tar.gz
# cp -rf phpPgAdmin-5.0.4 /var/www/tools/phpPgAdmin
# OR
run "sudo useradd -m -s /bin/bash deploy"
run "sudo passwd -l deploy"
run "sudo apt-get -y install phppgadmin"
run "sudo sed -i 's/^local all all peer$/local all all trust/' /etc/postgresql/9.1/main/pg_hba.conf"
run "sudo sed -i '$ a\local all deploy md5' /etc/postgresql/9.1/main/pg_hba.conf"
run 'sudo sed -i "s#_security[\']] = true#_security\'] = false#g" /etc/phppgadmin/config.inc.php'
run "sudo sed -i 's/^# allow from all/ allow from all/' /etc/phppgadmin/apache.conf"
run "sudo -u postgres psql -d postgres -U postgres -c \"ALTER USER postgres WITH PASSWORD '{senha}'\""
run "#{folder}/automate_files/set_mod_rewrite_on"
run "sudo service postgresql restart"
run "sudo service apache2 restart"
end
task :js do
# node.js
#cd /root/pack
#wget http://nodejs.org/dist/v0.8.11/node-v0.8.11.tar.gz
#tar -zxvf node-v0.8.11.tar.gz
#cd node-v0.8.11
#./configure && make && make install
# or
run "sudo add-apt-repository -y ppa:chris-lea/node.js"
run "sudo apt-get -y update"
run "sudo apt-get -y install nodejs"
# cofee-script
run "sudo npm install coffee-script@1.1.2"
# bower
run "sudo npm install -g bower"
end
task :cfg do
run "#{folder}/automate_files/set_hostname #{hostname} #{domain}"
run "echo nameserver 127.0.0.1 > /etc/resolv.conf"
# then setup dns for the domain
# create virtual domains
# adduser username
end
task :adjusts do
# dpkg -s ?
# dpkg --purge ...
# apt-get clean
# sed -n 'Np' file
# MAIL=~/Maildir
# to fix problemas with apt-get
# sudo rm -rf /var/lib/dpkg/info/*
# sudo apt-get clean
# sudo apt-get install -f
# sudo apt-get upgrade -f
# sudo apt-get dist-upgrade -f
# sudo apt-get update
# sudo dpkg --configure -a
# Solving Problems with PPA offline
# http://askubuntu.com/questions/208037/some-index-files-failed-to-download-while-updating
# sudo su (login as root)
#cd /var/lib/apt/lists/
#rm -fr *
#cd /etc/apt/sources.list.d/
#rm -fr *
#cd /etc/apt
#sudo cp sources.list sources.list.old
#sudo cp sources.list sources.list.tmp
#sed 's/ubuntuarchive.hnsdc.com/us.archive.ubuntu.com/' sources.list.tmp | sudo tee sources.list
#sudo rm sources.list.tmp*
#apt-get clean
#apt-get update
end
task :tools do
run "#{folder}/automate_files/rvm_install"
run "#{folder}/automate_files/heroku_toolbelt"
end
task :mail do
run 'sudo DEBIAN_FRONTEND=noninteractive apt-get -y install postfix'
run "rm -rf /etc/postfix/main.cf"
run "sudo apt-get install -y sasl2-bin"
run "sudo apt-get -y install dovecot-common dovecot-pop3d dovecot-imapd"
run "sudo apt-get -y install pflogsumm"
run "sudo apt-get -y install mailutils"
run "#{folder}/automate_files/mail/postfix_conf"
run "#{folder}/automate_files/mail/dovecot_conf"
run "#{folder}/automate_files/mail/ssl_conf"
run "#{folder}/automate_files/mail/virtual_conf"
run "sudo apt-get -y install clamav-daemon amavisd-new spamassassin"
run "#{folder}/automate_files/mail/clamav"
run "sudo apt-get -y install opendkim"
run "#{folder}/automate_files/mail/opendkim_install"
# automate_files/mail/dkim_add #{domain}"
end
task :prepare do
basics
step2
keygen
vim
pear
rails
php_modules
js
cfg
tools
# mail
end
# pending a manual to postfix and dovecote basic including catchall functionality