Permalink
Browse files

Just did a full Debian install with this commit (hardened)

  • Loading branch information...
1 parent 800a323 commit 481d492303380378faa3ab6fb8707dcbeb080441 Winton Welsh committed Sep 9, 2008
View
@@ -76,9 +76,11 @@ Set up your fresh Debian server
### On your machine
- cap debian:setup
+You may want to run the commands in [debian:aptitude](http://github.com/winton/cookbook/tree/master%2Flib%2Flib%2Frecipes%2Fdebian.rb?raw=true) from the remote shell if it is your first time doing so.
-(See **config/cookbook/recipes/debian.rb**. You might want to run the tasks individually to know what's going on.)
+ cap debian:aptitude
+ cap debian:config
+ cap debian:install
### On the server
View
@@ -40,6 +40,8 @@ set :cookbook, {
}
}
-# See config/cookbook/cookbook.rb for more cookbook options
+# If installed from gem
+require 'cookbook'
-require 'config/cookbook/cookbook'
+# If installed from plugin
+# require 'vendor/plugins/cookbook/lib/cookbook'
View
@@ -4,7 +4,7 @@
# Install
def gem_install(name, options='')
- sudo_puts "gem install #{name} #{options}"
+ sudo_puts "gem install #{name} #{options} --no-rdoc --no-ri -q"
end
def unpack_source(source)
View
@@ -118,7 +118,7 @@
install_source(:git) do |path|
sudo_puts [
"aptitude install tcl8.4 tk8.4 gettext -q -y",
- "cd #{path} && ./configure && make && sudo make install"
+ ";cd #{path} && ./configure && make && sudo make install"
]
end
end
@@ -127,35 +127,35 @@
task :lighttpd, :roles => :app do
sudo_puts 'aptitude install libpcre3-dev libbz2-dev -q -y'
install_source(:lighttpd) do |path|
- sudo_puts "cd #{path} && ./configure && make && sudo make install"
+ sudo_puts ";cd #{path} && ./configure && make && sudo make install"
end
end
desc 'Install Monit'
task :monit, :roles => :db do
sudo_puts 'aptitude install monit -q -y'
- monit.config.default
+ ROOT.monit.config.default
end
desc 'Install MySQL'
task :mysql, :roles => :db do
sudo_puts 'aptitude install mysql-server mysql-client libmysqlclient15-dev libmysql-ruby -q -y'
ROOT.mysql.config
+ ROOT.mysql.create.user
puts [
'',
"It is highly recommended you run mysql_secure_installation manually.",
"See http://dev.mysql.com/doc/refman/5.1/en/mysql-secure-installation.html",
''
].join("\n")
- ROOT.mysql.create.user
end
desc 'Install Nginx'
task :nginx, :roles => :app do
# apache2-utils for htpasswd, rest for nginx build
sudo_puts 'aptitude install apache2-utils libpcre3 libpcre3-dev libpcrecpp0 libssl-dev zlib1g-dev -q -y'
install_source(:nginx) do |path|
- sudo_puts "cd #{path} && ./configure --sbin-path=/usr/local/sbin --with-http_ssl_module && make && sudo make install"
+ sudo_puts ";cd #{path} && ./configure --sbin-path=/usr/local/sbin --with-http_ssl_module && make && sudo make install"
end
upload_from_erb '/etc/init.d/nginx', binding, :chown => 'root', :chmod => '+x', :folder => 'nginx'
sudo '/usr/sbin/update-rc.d -f nginx defaults'
@@ -175,14 +175,14 @@
desc 'Install Ruby'
task :ruby, :roles => :app do
install_source(:ruby) do |path|
- sudo_puts "cd #{path} && ./configure && make && sudo make install"
+ sudo_puts ";cd #{path} && ./configure && make && sudo make install"
end
end
desc 'Install RubyGems'
task :rubygems, :roles => :app do
install_source(:rubygems) do |path|
- sudo_puts "cd #{path} && ruby setup.rb"
+ run_puts "cd #{path} && sudo ruby setup.rb"
end
gems.update
gems.install
@@ -191,7 +191,7 @@
desc 'Install Sphinx'
task :sphinx, :roles => :app do
install_source(:sphinx) do |path|
- sudo_puts "cd #{path} && ./configure && make && sudo make install"
+ sudo_puts ";cd #{path} && ./configure && make && sudo make install"
end
end
end
View
@@ -58,7 +58,7 @@
task :mongrel, :roles => :app do
gem_install :mongrel
gem_install :mongrel_cluster
- mongrel.config.survive_reboot
+ ROOT.mongrel.config.survive_reboot
end
desc 'Install Rails'
View
@@ -65,17 +65,17 @@
namespace :ultrasphinx do
desc "Configures ultrasphinx"
task :default, :roles => :app do
- sudo "cd #{release_path} && rake RAILS_ENV=production ultrasphinx:configure"
+ sudo ";cd #{release_path} && rake RAILS_ENV=production ultrasphinx:configure"
end
desc "Stop ultrasphinx"
task :stop, :roles => :app do
- sudo "cd #{release_path} && rake RAILS_ENV=production ultrasphinx:daemon:stop"
+ sudo ";cd #{release_path} && rake RAILS_ENV=production ultrasphinx:daemon:stop"
end
desc "Start ultrasphinx"
task :start, :roles => :app do
- sudo "cd #{release_path} && rake RAILS_ENV=production ultrasphinx:daemon:start"
+ sudo ";cd #{release_path} && rake RAILS_ENV=production ultrasphinx:daemon:start"
end
desc "Restart ultrasphinx"
View
@@ -45,13 +45,13 @@
usr = ask "Upload ssh public keys to which user? (default: #{user})", user
keys = ask "Press enter to copy all public keys (~/.ssh/*.pub), or paste a key: ", get_ssh_keys
- if k.empty?
+ if keys.empty?
ssh.setup if yes("No keys found. Generate ssh keys now?")
else
sudo_each [
"mkdir /home/#{usr}/.ssh",
"touch /home/#{usr}/.ssh/authorized_keys",
- "echo \"#{keys}\" >> /home/#{usr}/.ssh/authorized_keys",
+ "echo \"#{keys.strip}\" | sudo tee /home/#{usr}/.ssh/authorized_keys",
"chmod 0700 /home/#{usr}/.ssh",
"chmod 0600 /home/#{usr}/.ssh/authorized_keys",
"chown -R #{usr} /home/#{usr}/.ssh",
@@ -1,4 +1,4 @@
-export PS1='\e[01;30m\h \e[33m\u \e[01;34m\w\e[00m: '
+export PS1='\e[01;31m\h \e[01;32m\u \e[00;33m\w\e[00m: '
alias free="free -m"

0 comments on commit 481d492

Please sign in to comment.