def install_ssh_key(): """ Installs ssh public key from `key_filename` env into authorized_keys file """ with open(env.key_filename + '.pub', 'r') as ssh_key_fp: ssh_public_key = ssh_key_fp.readline().strip("\n\r ") ssh_key_fp.close() abort_msg = None utils.puts("Checking previous installation...") with settings(abort_exception=FabricException): try: run('! grep \"{0}\" ~/.ssh/authorized_keys > /dev/null'.format( ssh_public_key.replace('"', '\\\\"'))) except (FabricException): abort_msg = "Public key is already installed on authorized_keys file" if abort_msg: utils.abort(abort_msg) run("[ ! -d ~/.ssh ] && mkdir ~/.ssh || true") run("echo \"{0}\" >> ~/.ssh/authorized_keys ".format( ssh_public_key.replace('"', '\\\\"')))
def create_run_dir(): """ Create a `run` directory inside the project root for the socket and pid files """ utils.puts("Creating run dir...") abort_msg = None with settings(abort_exception=FabricException): try: run('which setfacl > /dev/null 2>&1') except (FabricException): abort_msg = "This conf uses POSIX acl setfacl command" if abort_msg: utils.abort(abort_msg) # TODO: remove diffs on requirements.txt run_dir = env.deploy_path + '/run' run("[ -d \"{0}\" ] || mkdir \"{0}\" ".format(run_dir)) run("setfacl -m 'u:{1}:rwx' \"{0}\"".format(run_dir, env.service_user)) run("setfacl -n -m 'm::rwx' \"{0}\"".format(run_dir)) run("setfacl -d -m 'u:{1}:rwx' \"{0}\"".format(run_dir, env.service_user)) run("setfacl -d -n -m 'm::rwx' \"{0}\"".format(run_dir))
def deploy_virtualenv(): """ Create the virtualenv inside the root project directory """ utils.puts("Checking virtualenv...") abort_msg = None with settings(abort_exception=FabricException): try: run('which virtualenv > /dev/null 2>&1') except (FabricException): abort_msg = "python-virtualenv must be installed" if abort_msg: utils.abort(abort_msg) # TODO: remove diffs on requirements.txt run(("[ -f \"{0}/virtualenv/bin/activate\" ] || " + "virtualenv -p $(which python3) --prompt='({1}) ' \"{0}/virtualenv\"" ).format(env.deploy_path, name)) utils.puts("Installing from requirements.txt...") run(("source {0}/virtualenv/bin/activate && " + "pip install -r {0}/current/requirements.txt").format( env.deploy_path))
def starting(): """ Start a deployment, make sure server(s) ready. """ if "local" in env.roles: utils.abort("Cannot run deploy in local role") abort_msg = None utils.puts("Check server packages...") with settings(abort_exception=FabricException): try: run('which python3 > /dev/null 2>&1') except (FabricException): abort_msg = "Python 3 must be installed" try: run('which virtualenv > /dev/null 2>&1') except (FabricException): abort_msg = "virtualenv for python must be installed" if abort_msg: utils.abort(abort_msg) execute('check', host=env.host) execute('set_previous_revision', host=env.host)
def run(self, *args, **kwargs): for func in self.prereqs: execute(func, host=env.host) # set role specific variables from roledefs with settings(**self.role_settings()): result = super(WrappedCallableDependenciesTask, self).run(*args, **kwargs) for func in self.postreqs: execute(func, host=env.host) return result
def install_git_ssh(): """ Installs ssh kit for git (automation/keys/deploy.key) """ abort_msg = None git_key_name = "git.{0}.key".format(name) utils.puts("Checking previous installation...") with settings(abort_exception=FabricException): try: run('[ ! -f ~/.ssh/{0} ]'.format(git_key_name)) except FabricException: abort_msg = "{0} already exists".format(git_key_name) if abort_msg: utils.abort(abort_msg) utils.puts("Copying key...") put(current_path + '/automation/keys/deploy.key', '~/.ssh/' + git_key_name) with open(current_path + '/automation/ssh.git.conf', 'r') as ssh_conf_fp: ssh_git_conf = ssh_conf_fp.read() ssh_conf_fp.close() git_parsed_url = urlparse(env.repo_url).hostname git_username = git_parsed_url.username or 'git' if not git_parsed_url.username: utils.puts("Not user present in git URL, using `git` as default") utils.puts("Adding conf to user ssh config file...") run("echo \"{0}\" >> ~/.ssh/config ".format( ssh_git_conf\ .format( user=git_username, host=git_parsed_url.hostname, key_name=git_key_name )\ .replace('"', '\\\\"') )) utils.puts("Enforce permissions for user ssh config file and key...") run("chmod 600 ~/.ssh/config") run("chmod 600 ~/.ssh/" + git_key_name) utils.puts("Adding {0} to known_hosts".format(git_parsed_url.hostname)) run(("(host={0}; ssh-keyscan -H $host; " "for ip in $(dig {0} +short); do " "ssh-keyscan -H $host,$ip; " "ssh-keyscan -H $ip; " "done) 2> /dev/null >> ~/.ssh/known_hosts").format( git_parsed_url.hostname))