Example #1
0
def configure_apache():

    put("conf/matt_cv","/etc/apache2/sites-available/matt_cv",use_sudo=True)

    # Make sure port 8001 is enabled
    files.comment("/etc/apache2/ports.conf","NameVirtualHost *:8001",use_sudo=True)
    files.comment("/etc/apache2/ports.conf","Listen 8001",use_sudo=True)
Example #2
0
def setup_kiosk():
    """ set up kiosk parts 
        based on https://www.danpurdy.co.uk/web-development/raspberry-pi-kiosk-screen-tutorial/
        or
        http://www.raspberry-projects.com/pi/pi-operating-systems/raspbian/gui/auto-run-browser-on-startup
    """
    with hide("running", "stderr"):
        #@xscreensaver -no-splash

        comment("/etc/xdg/lxsession/LXDE-pi/autostart", "@xscreensaver -no-splash", use_sudo=True)

        append("/etc/xdg/lxsession/LXDE-pi/autostart",
                     "@xset s off", use_sudo=True, escape=True)
        append("/etc/xdg/lxsession/LXDE-pi/autostart",
                     "@xset -dpms", use_sudo=True, escape=True)
        append("/etc/xdg/lxsession/LXDE-pi/autostart",
                     "@xset s noblank", use_sudo=True, escape=True)

        append("/etc/xdg/lxsession/LXDE-pi/autostart",
                     """@sed -i 's/"exited_cleanly": false/"exited_cleanly": true/' ~/.config/chromium/Default/Preferences""",
                     use_sudo=True, escape=True)

        #auto start
        if not contains("/etc/xdg/lxsession/LXDE-pi/autostart",
                                             "@chromium --noerrdialogs --kiosk http://www.page-to.display --incognito",
                                             use_sudo=True, escape=True):

            append("/etc/xdg/lxsession/LXDE-pi/autostart",
                         "@chromium --noerrdialogs --kiosk http://dashingdemo.herokuapp.com/sample --incognito",
                         use_sudo=True, escape=True)
Example #3
0
    def oldVolumeDetach(self):
        env.use_ssh_config = True
        try:
            with settings(warn_only = True, host_string = self.ip):
                if not DRY and self.old_volume_id:
                    sudo('umount {0}'.format(MOUNT_POINT))

                    ## comment out old record in fstab
                    uuid = sudo('lsblk -l -o NAME,UUID,MOUNTPOINT |grep "{0}" | cut -f2 -d" "'.format(MOUNT_POINT))
                    if len(uuid) == 36:
                        files.comment('/etc/fstab', 'UUID={0}.*'.format(uuid), use_sudo=True, char='# ')
                    sudo('vgchange -an {0}'.format(VOLUME_DEFAULTS['vg_name']))

                    volume = self.conn.get_all_volumes(volume_ids=(self.old_volume_id))[0]
                    volume.detach()

                    if DELETEOLD:
                        n = 0
                        while n < SLEEP:
                            try:
                                volume.delete()
                                break
                            except boto.exception.EC2ResponseError:
                                n += 10
                                time.sleep(10)
                                continue
                        return

                    volume.add_tags({'instance': self.name, 'date': time.strftime('%Y-%m-%d-%H:%M')})
        except Exception as e:
            raise
Example #4
0
def configure_postgres():
    """Upload Postgres configuration from ``etc/`` and restart the server."""

    version = sudo("psql --version | grep -ro '[8-9].[0-9]'")
    conf_dir_prefix = "/etc/postgresql/%s/" % version

    # pg_hba.conf
    comment('/etc/postgresql/%s/main/pg_hba.conf' % version,
            'local   all         postgres                          ident',
            use_sudo=True)
    sed('/etc/postgresql/%s/main/pg_hba.conf' % version,
        'local   all         all                               ident',
        'local   all         all                               md5',
        use_sudo=True)

    # postgres.conf
    uncomment(conf_dir_prefix + 'main/postgresql.conf', '#autovacuum = on', use_sudo=True)
    uncomment(conf_dir_prefix + 'main/postgresql.conf', '#track_activities = on', use_sudo=True)
    uncomment(conf_dir_prefix + 'main/postgresql.conf', '#track_counts = on', use_sudo=True)
    sed(conf_dir_prefix + 'main/postgresql.conf',
        "#listen_addresses",
        "listen_addresses",
        use_sudo=True)

    # restart server
    sudo('/etc/init.d/postgresql-%s restart || /etc/init.d/postgresql restart ' % version)
Example #5
0
    def fab_criar_crons(self):
        ''' Insere tarefa definida em ../cron/cronconf no crontab do servidor '''
        crontab_location = '/etc/crontab'
        with cd(env.code_root):
            if os.path.exists('cron'):
                from cron.cronconf import CRONS
                import re
                sudo('chmod 646 ' + crontab_location)

                for cron in CRONS:

                    if cron['comando_de_projeto'] and not cron['django_management']:
                        linha_cron = cron['tempo'] + ' ' + cron['usuario'] + ' ' + env.code_root +'/'+ cron['comando']
                    else:
                        if cron['comando_de_projeto'] and cron['django_management']:
                            linha_cron =  cron['tempo'] + ' ' + cron['usuario'] + ' /usr/bin/python ' + env.code_root + '/' + cron['comando'] + ' --settings=med_alliance.settings.' + env.ambiente
                        else:
                            linha_cron =  cron['tempo'] + ' ' + cron['usuario'] + ' ' + cron['comando']
                    if cron['ligado']:
                        if not contains(crontab_location, re.escape(linha_cron)):
                            append(crontab_location, linha_cron, use_sudo=False)
                        else:
                            uncomment(crontab_location, re.escape(linha_cron))
                    else:
                        if contains(crontab_location, re.escape(linha_cron)):
                            comment(crontab_location, re.escape(linha_cron))

                sudo('chmod 644 ' + crontab_location)
Example #6
0
def _decommission_host(host):
    files.comment(
        '/etc/nginx/sites-available/{}_commcare'.format(env.deploy_env),
        '^[ ]*server[ ]+{}'.format(host),
        use_sudo=True,
    )
    _check_and_reload_nginx()
Example #7
0
def base():
  "Installs & configures Git / EtcKeeper / DenyHosts"
  
  with settings(hide('stdout')):
    # Require 
    require.deb.packages([
        'etckeeper',
        'git',
        'denyhosts',
    ])

    # git
    sudo('git config --global user.name "DevOp"')
    sudo('git config --global user.email admin@{}'.format(env.host))

    # etckeeper
    conf_file = '/etc/etckeeper/etckeeper.conf'
    comment(conf_file, 'VCS="bzr"', use_sudo=True, backup='') 
    uncomment(conf_file, 'VCS="git"', use_sudo=True, backup='') 

    sudo('etckeeper init')
    sudo('etckeeper commit "Initial commit."')

    # denyhosts
    conf_file = '/etc/denyhosts.conf'
    comment(conf_file, 'BLOCK_SERVICE\s*=\s*sshd', use_sudo=True, backup='') 
    uncomment(conf_file, 'BLOCK_SERVICE\s*=\s*ALL', use_sudo=True, backup='') 
    sed(conf_file, 'DENY_THRESHOLD_INVALID\s*=\s*5'
        , 'DENY_THRESHOLD_INVALID = 3', use_sudo=True, backup='')
    sed(conf_file, 'DENY_THRESHOLD_VALID\s*=\s*10'
        , 'DENY_THRESHOLD_VALID = 3', use_sudo=True, backup='')
    sed(conf_file, 'DENY_THRESHOLD_ROOT\s*=\s*1'
        , 'DENY_THRESHOLD_ROOT = 3', use_sudo=True, backup='')

    sudo('etckeeper commit "Auto-config DenyHosts.conf."')
Example #8
0
def mongodb(version='2.6.4'):
    deb.key('7F0CEB10', keyserver='keyserver.ubuntu.com')
    deb.source('mongodb', 'http://downloads-distro.mongodb.org/repo/ubuntu-upstart', 'dist', '10gen')
    deb.package('mongodb-org', version=version, update=False)

    comment("/etc/mongod.conf", "^bind_ip.*", char='#', use_sudo=True)
    run('sudo service mongod restart')
Example #9
0
    def set_maintanance_mode(self, on=True):
        settings_local_path = self.project_path + 'settings_local.py'

        if on:
            uncomment(settings_local_path, r'MAINTENANCE_MODE.*')
        else:
            comment(settings_local_path, r'MAINTENANCE_MODE.*')
Example #10
0
def initialize_postgres():
    """Initialize the main database."""

    version = sudo("psql --version | grep -ro '[8-9].[0-9]'")
    conf_dir_prefix = "/etc/postgresql/%s/" % version

    # temporarily allow root access from localhost
    sudo('mv /etc/postgresql/%s/main/pg_hba.conf /etc/postgresql/%s/main/pg_hba.conf.bak' % (version, version))
    sudo('echo "local all postgres ident" > /etc/postgresql/%s/main/pg_hba.conf' % version)
    sudo('cat /etc/postgresql/%s/main/pg_hba.conf.bak >> /etc/postgresql/%s/main/pg_hba.conf' % (version, version))
    sudo('service postgresql-%s restart || /etc/init.d/postgresql restart ' % version)

    # set password
    password = prompt('Enter a new database password for user `postgres`:')
    sudo('psql template1 -c "ALTER USER postgres with encrypted password \'%s\';"' % password, user='******')

    # configure daily dumps of all databases
    with mode_sudo():
        dir_ensure('/var/backups/postgresql', recursive=True)
    sudo("echo 'localhost:*:*:postgres:%s' > /root/.pgpass" % password)
    sudo('chmod 600 /root/.pgpass')
    sudo("echo '0 7 * * * pg_dumpall --username postgres --file /var/backups/postgresql/postgresql_$(date +%%Y-%%m-%%d).dump' > /etc/cron.d/pg_dump")

    # remove temporary root access
    comment('/etc/postgresql/%s/main/pg_hba.conf' % version, 'local all postgres ident', use_sudo=True)
    sudo('service postgresql%s restart || /etc/init.d/postgresql restart' % version)
Example #11
0
def authorize_remove(username, publickeyfile):
    ''' args: (remote) username, (local) publickeyfile; remove publickeyfile entries from authorized_keys of user'''
    authorized_file = __get_authorized_file(username)
    keys = __get_authorized_keys(publickeyfile)
    for key in keys:
        if contains_exact(authorized_file, key, use_sudo=True):
            warn("public key exists, commeting it out")
            comment(authorized_file, key, use_sudo=True)
Example #12
0
def config_ntp_chrony_sync():
    sudo('apt-get -y install chrony')
    comment('/etc/chrony/chrony.conf',
            'server ..debian.pool.ntp.org',
            use_sudo=True,
            char='#',
            backup='.bak')
    append('/etc/chrony/chrony.conf', ntpUsPool, True)
    sudo('service chrony restart')
Example #13
0
def setup_etckeeper():
    if not is_installed('etckeeper'):
        sudo('apt-get install git etckeeper -y')
        comment('/etc/etckeeper/etckeeper.conf', 'VCS="bzr"', use_sudo=True)
        uncomment('/etc/etckeeper/etckeeper.conf', 'VCS="git"', use_sudo=True)
        sudo('etckeeper init')
        sudo('etckeeper commit -m "Initial commit."')
    else:
        print("skip, etckeeper is already installed!")
Example #14
0
def debug(param="on"):
    """Toogle DEBUG variable in local_settings.py"""
    with cd(env.path):
        config_path = '{vhost_path}/config/local_settings.py'.format(**env)
        if param == "on":
            uncomment(config_path, r'(DEBUG)')
        else:
            comment(config_path, r'^(DEBUG)')
        execute(restart_webserver)
Example #15
0
def configure_postgresql():
    pg_hba = "/etc/postgresql/8.4/main/pg_hba.conf"
    params = {
        "db_name": getattr(env, "db_name", env.project_name),
        "db_user": getattr(env, "db_user", env.project_name),
    }
    append(pg_hba, "local {db_name} {db_user} password".format(**params), use_sudo=True)
    comment(pg_hba, "local   all         all                               ident", use_sudo=True)
    sudo("service postgresql restart")
Example #16
0
def node_config():
    """
    Basic system setup
    """
    if not exists('/usr/sbin/ntpdate'):
        sudo('apt-get -y install ntpdate')
    if not exists('/usr/bin/sshfs'):
        # handy to copy files onto the cluster
        sudo('apt-get -y install sshfs')

    put('files/interfaces', '/etc/network/interfaces', use_sudo=True)
    upload_template('files/hadoop.sh', '/etc/profile.d/hadoop.sh', context={'hadoop_home': HADOOP_INSTALL}, use_sudo=True)
    run('mkdir -m 0755 -p ~/bin')
    upload_template('files/exec-all.sh', 'bin/exec-all', context={'slaves_list': ' '.join(SLAVES)}, mode=0755)
    if exists('python_games'):
        run('rm -rf python_games')
    if not exists('/usr/share/pam-configs/systemd'):
        sudo('apt-get -y install libpam-systemd')

    # Hadoop user
    if failure('egrep -q "^hadoop:" /etc/passwd'):
        sudo('adduser --system --shell=/bin/bash --home /home/hadoop --group --disabled-password hadoop')
        #sudo('chsh -s /bin/bash hadoop')
    
    sudo('grep -q "^supergroup" /etc/group || groupadd supergroup')
    sudo('usermod -a -G supergroup pi')
    sudo('usermod -a -G supergroup hadoop')

    # mount USB key (formatted "mkfs.ext4 -L HADOOP")
    append('/etc/fstab', 'LABEL=HADOOP /hadoop ext4 defaults,relatime,noauto 0 0', use_sudo=True)
    append('/etc/rc.local', 'mount /hadoop || true', use_sudo=True)
    append('/etc/rc.local', 'chown hadoop:hadoop /hadoop || true', use_sudo=True)
    comment('/etc/rc.local', '^exit 0', use_sudo=True)
    sudo('mkdir -p /hadoop')
    sudo('chown hadoop:hadoop /hadoop')

    # SSH keys
    if not os.path.isfile(install_file('hadoop_id_rsa')):
        local(cmd("ssh-keygen -t rsa -b 4096 -N '' -C 'cluster root key' -f %s", install_file('hadoop_id_rsa')))
    sudo('mkdir -p -m 0700 /home/hadoop/.ssh')
    upload_template('files/ssh-config', '.ssh/config', context={'host_list': ' '.join(HOSTS)}, mode=0600)
    if not exists('/home/hadoop/.ssh/id_rsa'):
        put(install_file('hadoop_id_rsa.pub'), '/home/hadoop/.ssh/id_rsa.pub', mode=0644, use_sudo=True)
        put(install_file('hadoop_id_rsa.pub'), '/home/hadoop/.ssh/authorized_keys', mode=0644, use_sudo=True)
        put(install_file('hadoop_id_rsa'), '/home/hadoop/.ssh/id_rsa', mode=0600, use_sudo=True)

    sudo('chown -R hadoop:hadoop /home/hadoop/.ssh')

    # /etc/hosts dynamic reconfig (needed by zookeeper)
    if not exists('/etc/hosts.template'):
        sudo('(grep -v 127.0.1.1 /etc/hosts | grep -v "# auto"; echo "HOST # auto") > /etc/hosts.template')
    put('files/update-hosts.sh', '/etc/network/if-up.d/update-hosts.sh', mode=0755, use_sudo=True)
    
    # Java
    if not exists('/usr/bin/java'):
        sudo('apt-get -y install openjdk-8-jre')
Example #17
0
def stop_sendmail_logging():
    """
    Stop sendmail logging
    """
    print '=== STOP SENDMAIL LOGGING'
    from fabric.contrib.files import append, comment

    comment('/etc/rsyslog.conf', 'mail', use_sudo=True)
    append('/etc/rsyslog.conf', 'mail.none', use_sudo=True)
    sudo('/etc/init.d/rsyslog restart')
Example #18
0
def stop_sendmail_logging():
    """
    Stop sendmail logging
    """
    print '=== STOP SENDMAIL LOGGING'
    from fabric.contrib.files import append, comment

    comment('/etc/rsyslog.conf', 'mail', use_sudo=True)
    append('/etc/rsyslog.conf', 'mail.none', use_sudo=True)
    sudo('/etc/init.d/rsyslog restart')
Example #19
0
def setup_hostname():
    """ Reference:
        http://library.linode.com/getting-started#sph_set-the-hostname
    """
    logger = logging.getLogger("%s.setup_hostname" % (APP_NAME, ))
    logger.debug("entry.")
    sudo("echo %s > /etc/hostname" % (REMOTE_HOSTNAME, ))
    sudo("hostname -F /etc/hostname")
    if exists("/etc/default/dhcpcd", use_sudo=True):
        comment("/etc/default/dhcpcd", "SET_HOSTNAME.*=.*yes", use_sudo=True)
Example #20
0
def disable_ssh_passwords():
    sshd_config = '/etc/ssh/sshd_config'
    comment(sshd_config, '^ *PasswordAuthentication', use_sudo=True)
    append(sshd_config, 'PasswordAuthentication no', use_sudo=True)
    print("========================================")
    print("Password authentication disabled for SSH.")
    print("Restart the SSH daemon by logging into the console and running:")
    print("sudo service ssh restart")
    print("Alternatively, reboot the server if console access isn't readily available.")
    print("========================================")
Example #21
0
def ftp():
    """
    Установка vsftpd
    """
    run('apt-get -y install vsftpd')
    upload_template('conf/vsftpd.conf', '/etc/vsftpd.conf', backup=False)
    comment('/etc/pam.d/vsftpd',
            'auth  required    pam_shells.so',
            backup=False)
    run('service vsftpd restart')
Example #22
0
def debug_uwsgi():
    """
    Task for un-daemonizing uwsgi, for debugging purposes
    """
    with virtualenv():
        with settings(warn_only=True):
            local('killall uwsgi') 
        comment('%s/extras/uwsgi/phaidra.ini' % env.directory,
            r'^daemonize'
        )
        restart_uwsgi()
Example #23
0
def init_postfix():
    """Install postfix, make it forward to Mark Lurie"""
    install_packages("postfix")
    enable_service("postfix")
    
    append("/etc/postfix/virtual", "@wonderhop.com [email protected]", use_sudo=True)
    sudo("postmap /etc/postfix/virtual")
    comment("/etc/postfix/main.cf", "^mydestination")
    append("/etc/postfix/main.cf", "virtual_alias_maps = hash:/etc/postfix/virtual", use_sudo=True)
    append("/etc/postfix/main.cf", "mydestination = wonderhop.com, localhost")
    service("postfix", "reload")
Example #24
0
def default():
    '''
    example host
    '''
    env.name = 'prod'
    env.user = '******'
    env.hosts = ['myhost'] 

    sudo_nopasswd('joe')
    comment('/etc/ssh/sshd_config', '^PasswordAuthentication', use_sudo=True)
    sudo('service ssh reload')
Example #25
0
    def add_spark_slave(self, master, slave, configure):
        """
        add spark slave
        :return:
        """
        # go to master server, add config
        self.reset_server_env(master, configure)
        with cd(bigdata_conf.spark_home):
            if not exists('conf/spark-env.sh'):
                sudo('cp conf/spark-env.sh.template conf/spark-env.sh')

            spark_env = bigdata_conf.spark_env.format(
                spark_home=bigdata_conf.spark_home,
                hadoop_home=bigdata_conf.hadoop_home,
                host=env.host_string,
                SPARK_WORKER_MEMORY=configure[master].get(
                    'SPARK_WORKER_MEMORY', '512M'
                )
            )

            put(StringIO(spark_env), 'conf/spark-env.sh', use_sudo=True)

            if not exists('conf/slaves'):
                sudo('cp conf/slaves.template conf/slaves')

        # comment slaves localhost
        comment('{0}/conf/slaves'.format(bigdata_conf.spark_home),
                'localhost', use_sudo=True)

        # add slave into config
        append('{0}/conf/slaves'.format(bigdata_conf.spark_home),
               '\n{0}'.format(configure[slave]['host']), use_sudo=True)

        run('scp -r {0} {1}@{2}:/opt'.format(
            bigdata_conf.spark_home,
            configure[slave]['user'],
            configure[slave]['host']
        ))

        # go to slave server
        self.reset_server_env(slave, configure)

        append(bigdata_conf.global_env_home, 'export SPARK_LOCAL_IP={0}'.format(
            configure[slave]['host']
        ), use_sudo=True)
        run('source {0}'.format(bigdata_conf.global_env_home))

        # go to master server, restart server
        self.reset_server_env(master, configure)
        with cd(bigdata_conf.spark_home):
            run('./sbin/stop-master.sh')
            run('./sbin/stop-slaves.sh')
            run('./sbin/start-master.sh')
            run('./sbin/start-slaves.sh')
Example #26
0
def configure_postgresql():
    pg_hba = '/etc/postgresql/8.4/main/pg_hba.conf'
    params = {'db_name': getattr(env, 'db_name', env.project_name),
              'db_user': getattr(env, 'db_user', env.project_name)}
    append(pg_hba,
           'local {db_name} {db_user} password'.format(**params),
           use_sudo=True)
    comment(pg_hba,
            'local   all         all                               ident',
            use_sudo=True)
    sudo('service postgresql restart')
Example #27
0
def setup_etckeeper():
    """Setup etckeeper tool with git backend"""
    if not utils.is_installed('etckeeper'):
        utils.apt_get_update()
        sudo('apt-get install git etckeeper -y')
        comment('/etc/etckeeper/etckeeper.conf', 'VCS="bzr"', use_sudo=True)
        uncomment('/etc/etckeeper/etckeeper.conf', 'VCS="git"', use_sudo=True)
        sudo('etckeeper init')
        sudo('etckeeper commit -m "Initial commit."')
    else:
        print("skip, etckeeper is already installed!")
Example #28
0
def setPulsarConfig():
    with cd("/home/%s/%s/" % (user, pulsar_project)):
        run("cp server.ini.sample server.ini")
    sed(
        "/home/koala/pulsar/server.ini",
        before="8913",
        # before='8000',
        after="%s" % port_http,
        use_sudo=True,
    )
    comment("/home/koala/pulsar/server.ini", regex="host = localhost", use_sudo=True)
Example #29
0
def _update_settings(source_folder, site_name):
    settings_path = source_folder + '/django/sailtrail/settings/'
    secret_key_file = settings_path + 'secret_key.py'
    if not exists(secret_key_file):
        chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
        key = ''.join(random.SystemRandom().choice(chars) for _ in range(50))
        append(secret_key_file, "SECRET_KEY = '%s'" % (key, ))

    settings_file = settings_path + '__init__.py'
    comment(settings_file, r'from')
    append(settings_file, '\nfrom .common import *')
    append(settings_file, '\nfrom .secret_key import SECRET_KEY')
Example #30
0
def _setup_wins():
    wins_packages = [
        'samba',
        'smbclient',
        'winbind',
    ]

    _install_packages(wins_packages)
    sudo('sed -i s/\'hosts:.*/hosts:          files dns wins/\' /etc/nsswitch.conf')
    resolved_config = '/etc/systemd/resolved.conf'
    comment(resolved_config, '^ *Domains', use_sudo=True)
    append(resolved_config, 'Domains=localdomain', use_sudo=True)
    sudo('service systemd-resolved restart')
Example #31
0
def configure_postgresql():
    pg_hba = '/etc/postgresql/8.4/main/pg_hba.conf'
    params = {
        'db_name': getattr(env, 'db_name', env.project_name),
        'db_user': getattr(env, 'db_user', env.project_name)
    }
    append(pg_hba,
           'local {db_name} {db_user} password'.format(**params),
           use_sudo=True)
    comment(pg_hba,
            'local   all         all                               ident',
            use_sudo=True)
    sudo('service postgresql restart')
Example #32
0
def nginx_relog(reload=True):
    ts = datetime.datetime.now().strftime('%Y%m%d_%H%M%S')
    sudo('cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.{ts}'.format(ts=ts))
    comment('/etc/nginx/nginx.conf',
            '^\s*[^#]\s*access_log /var/log/nginx/access.log',
            use_sudo=True)
    # comment('/etc/nginx/nginx.conf','\s*[^#]\s*error_log /var/log/nginx/error.log',use_sudo=True)
    put('conf/nginx.logs.conf',
        '/etc/nginx/conf.d/nginx.logs.conf',
        use_sudo=True)
    if reload:
        sudo('nginx -t')
        sudo('service nginx start')
        sudo('service nginx reload')
Example #33
0
def ntp_configuration():
    sudo('/etc/init.d/ntp stop')
    files.comment('/etc/ntp.conf',
               r'^server [0123]\.ubuntu\.pool\.ntp\.org$',
               use_sudo=True)
    files.comment('/etc/ntp.conf',
               r'^server ntp\.ubuntu\.com$',
               use_sudo=True)
    files.append('/etc/ntp.conf',
                 ['', '# KAT NTP servers',
                  'server ff-ntp.karoo.kat.ac.za prefer minpoll 4 maxpoll 6',
                  'server katfs.kat.ac.za minpoll 4 maxpoll 6'],
                   use_sudo=True)
    sudo('/etc/init.d/ntp start')
Example #34
0
def base():
    "Installs & configures Git / EtcKeeper / DenyHosts"

    with settings(hide('stdout')):
        # Require
        require.deb.packages([
            'etckeeper',
            'git',
            'denyhosts',
        ])

        # git
        sudo('git config --global user.name "DevOp"')
        sudo('git config --global user.email admin@{}'.format(env.host))

        # etckeeper
        conf_file = '/etc/etckeeper/etckeeper.conf'
        comment(conf_file, 'VCS="bzr"', use_sudo=True, backup='')
        uncomment(conf_file, 'VCS="git"', use_sudo=True, backup='')

        sudo('etckeeper init')
        sudo('etckeeper commit "Initial commit."')

        # denyhosts
        conf_file = '/etc/denyhosts.conf'
        comment(conf_file,
                'BLOCK_SERVICE\s*=\s*sshd',
                use_sudo=True,
                backup='')
        uncomment(conf_file,
                  'BLOCK_SERVICE\s*=\s*ALL',
                  use_sudo=True,
                  backup='')
        sed(conf_file,
            'DENY_THRESHOLD_INVALID\s*=\s*5',
            'DENY_THRESHOLD_INVALID = 3',
            use_sudo=True,
            backup='')
        sed(conf_file,
            'DENY_THRESHOLD_VALID\s*=\s*10',
            'DENY_THRESHOLD_VALID = 3',
            use_sudo=True,
            backup='')
        sed(conf_file,
            'DENY_THRESHOLD_ROOT\s*=\s*1',
            'DENY_THRESHOLD_ROOT = 3',
            use_sudo=True,
            backup='')

        sudo('etckeeper commit "Auto-config DenyHosts.conf."')
Example #35
0
 def switchRS(self, enabled=None, disabled=None):
     env.use_ssh_config = True
     try:
         with settings(hide('warnings', 'running', 'stdout', 'stderr'),
                       warn_only=True,
                       host_string=self.ip):
             if disabled:
                 if not DRY:
                     files.comment('/etc/mongod.conf',
                                   '.*replSetName\:.*',
                                   use_sudo=True,
                                   backup='.bak')
                     files.comment('/etc/mongod.conf',
                                   '.*security\:.*',
                                   use_sudo=True,
                                   backup='')
                     files.comment('/etc/mongod.conf',
                                   '.*authorization\:.*',
                                   use_sudo=True,
                                   backup='')
                     files.comment('/etc/mongod.conf',
                                   '.*keyFile\:.*',
                                   use_sudo=True,
                                   backup='')
                 print 'Disabled replicaset in config on %s' % self.name
             elif enabled:
                 if not DRY:
                     sudo('mv /etc/mongod.conf.bak /etc/mongod.conf')
                 print 'Enabled replicaset in config on %s' % self.name
     except Exception as e:
         raise
Example #36
0
def setup_hostname():
    """ Reference:
        http://library.linode.com/getting-started#sph_set-the-hostname
    """
    logger = logging.getLogger("%s.setup_hostname" % (APP_NAME, ))
    logger.debug("entry.")
    sudo("echo %s > /etc/hostname" % (REMOTE_HOSTNAME, ))
    sudo("hostname -F /etc/hostname")
    if exists("/etc/default/dhcpcd",
              use_sudo = True):
        comment("/etc/default/dhcpcd",
                "SET_HOSTNAME.*=.*yes",
                use_sudo = True)
    sudo("echo %s %s >> /etc/hosts" % (REMOTE_IP_ADDRESS, REMOTE_HOSTNAME))
Example #37
0
def update_locale():
    """
    Setup en_US.UTF-8 system locale
    """
    check_sudo()
    check_os()
    comment('/etc/locale.gen', r'^[^#]', use_sudo=True)
    uncomment('/etc/locale.gen', r'en_US\.UTF\-8', use_sudo=True, backup='')
    sudo('locale-gen')
    sudo('echo \'LANGUAGE="en_US.UTF-8"\' > /etc/default/locale'
         )  # will be locale warning. it's ok
    sudo('echo \'LANG="en_US.UTF-8"\' >> /etc/default/locale')
    sudo('echo \'LC_ALL="en_US.UTF-8"\' >> /etc/default/locale')
    disconnect_all()
Example #38
0
 def redis_configure(self, bind=None, loglevel=None):
     if bind is None:
         bind = self.redis_bind
     if loglevel is None:
         loglevel = self.redis_loglevel
     if bind == '': # all interfaces
         files.comment(self.redis_conf, self.redis_bind_pattern,
                       use_sudo=True)
     else:
         files.sed(self.redis_conf, self.redis_bind_pattern, bind,
                   use_sudo=True)
     loglevel = 'loglevel {0}'.format(loglevel)
     files.sed(self.redis_conf, self.redis_loglevel_pattern, loglevel,
               use_sudo=True)
     self.redis_service('restart')
Example #39
0
def _configure_supervisord(daemons):
    for daemon in daemons:
        config_file_path = os.path.join(PYPLN_DEPLOY_ROOT,
                "server_config/{}.conf".format(daemon))
        sudo("ln -sf {} /etc/supervisor/conf.d/".format(config_file_path))

    # Commenting out the path to the socket that supervisorctl uses should make
    # it fallback to it's default of connecting on localhost:9001.  This should
    # allow non-root users to control the running processes.
    supervisor_conf = "/etc/supervisor/supervisord.conf"
    comment(supervisor_conf,
                "^serverurl=unix:///var/run/supervisor.sock .*",
                use_sudo=True, char=";")
    append(supervisor_conf, ["[inet_http_server]", "port=127.0.0.1:9001"],
                use_sudo=True)
    _restart_supervisord()
Example #40
0
def jsl_acer_inspireone_fix():
    """
    Fix for Acer Aspire One netbook
    - set xorg modesetting
    - disable numlock in notebook
    """
    xorgconf = '/etc/X11/xorg.conf.d/20-gpudriver.conf'
    if not is_dir(xorgconf):
        append(xorgconf, 'Section "Device"')
        append(xorgconf, '  Identifier "gma500_gfx"')
        append(xorgconf, '  Driver     "modesetting"')
        append(xorgconf, '  Option     "SWCursor"       "ON"')
        append(xorgconf, 'EndSection')

    # Configure slim
    slim_file = '/etc/slim.conf'
    comment(slim_file, '^numlock.*')
Example #41
0
def _update_settings(source_folder, site_name):
    settings_path = source_folder + '/webtranslate/settings.py'
    sed(settings_path, "DEBUG = True", "DEBUG = False")

    allowed_host = site_name
    # hack to allow www.example.com a domain to also match example.com
    if allowed_host.startswith('www'):
        allowed_host = allowed_host[
            3:]  # remove the 'www' so its just '.example.com'
    sed(settings_path, 'ALLOWED_HOSTS =.+$',
        'ALLOWED_HOSTS = ["%s"]' % (allowed_host, ))
    comment(settings_path, "SECRET_KEY =")
    _comment_databases_setting(settings_path)
    secrets_file = source_folder + '/webtranslate/secrets.py'
    if not exists(secrets_file):
        _create_secrets_file(secrets_file, site_name)
    append(settings_path, '\nfrom .secrets import SECRET_KEY')
    append(settings_path, '\nfrom .secrets import DATABASES')
Example #42
0
def setup_kiosk():
    """ set up kiosk parts 
        based on https://www.danpurdy.co.uk/web-development/raspberry-pi-kiosk-screen-tutorial/
        or
        http://www.raspberry-projects.com/pi/pi-operating-systems/raspbian/gui/auto-run-browser-on-startup
    """
    with hide("running", "stderr"):
        #@xscreensaver -no-splash

        comment("/etc/xdg/lxsession/LXDE-pi/autostart",
                "@xscreensaver -no-splash",
                use_sudo=True)

        append("/etc/xdg/lxsession/LXDE-pi/autostart",
               "@xset s off",
               use_sudo=True,
               escape=True)
        append("/etc/xdg/lxsession/LXDE-pi/autostart",
               "@xset -dpms",
               use_sudo=True,
               escape=True)
        append("/etc/xdg/lxsession/LXDE-pi/autostart",
               "@xset s noblank",
               use_sudo=True,
               escape=True)

        append(
            "/etc/xdg/lxsession/LXDE-pi/autostart",
            """@sed -i 's/"exited_cleanly": false/"exited_cleanly": true/' ~/.config/chromium/Default/Preferences""",
            use_sudo=True,
            escape=True)

        #auto start
        if not contains(
                "/etc/xdg/lxsession/LXDE-pi/autostart",
                "@chromium --noerrdialogs --kiosk http://www.page-to.display --incognito",
                use_sudo=True,
                escape=True):

            append(
                "/etc/xdg/lxsession/LXDE-pi/autostart",
                "@chromium --noerrdialogs --kiosk http://dashingdemo.herokuapp.com/sample --incognito",
                use_sudo=True,
                escape=True)
Example #43
0
def _update_settings(source_folder, site_name):
  settings_path = source_folder + '/webtranslate/settings.py'
  sed(settings_path, "DEBUG = True", "DEBUG = False")
  
  allowed_host = site_name
  # hack to allow www.example.com a domain to also match example.com
  if allowed_host.startswith('www'):
    allowed_host = allowed_host[3:]  # remove the 'www' so its just '.example.com'
  sed(settings_path,
      'ALLOWED_HOSTS =.+$',
      'ALLOWED_HOSTS = ["%s"]' % (allowed_host,)
      )
  comment(settings_path, "SECRET_KEY =")
  _comment_databases_setting(settings_path)
  secrets_file = source_folder + '/webtranslate/secrets.py'
  if not exists(secrets_file):
    _create_secrets_file(secrets_file, site_name)
  append(settings_path, '\nfrom .secrets import SECRET_KEY')
  append(settings_path, '\nfrom .secrets import DATABASES')
Example #44
0
def install_ntp():
    """
    Install ntp daemon
    """
    check_sudo()
    check_os()
    if not confirm('Do you want install NTP client?'):
        return
    print_green('INFO: Install ntp...')
    apt_install('ntp ntpdate', noconfirm=True)
    print_red(
        "Go to http://www.pool.ntp.org/ and select servers in your server's country.\n"
        "For example (Ukraine):\n"
        "    0.ua.pool.ntp.org\n"
        "    1.ua.pool.ntp.org\n"
        "    2.ua.pool.ntp.org\n"
        "    3.ua.pool.ntp.org")

    def read_ntp_servers():
        ntp_server_list = []
        while True:
            t = prompt('Set NTP-server host. (Set empty string to continue)',
                       default='').strip()
            if not t:
                break
            ntp_server_list.append(t)
        return ntp_server_list

    while True:
        ntp_servers = read_ntp_servers()
        print_yellow('You wrote following NTP-server list:\n    {}'.format(
            '\n    '.join(ntp_servers or ('-empty-', ))))
        if confirm('Are you confirm this NTP-server list?'):
            break
    if ntp_servers:
        ntp_conf_fn = '/etc/ntp.conf'
        comment(ntp_conf_fn, r'^server\s', use_sudo=True)
        for ntp_server in ntp_servers:
            append(ntp_conf_fn,
                   'server {} iburst'.format(ntp_server),
                   use_sudo=True)
    print_green('INFO: Install ntp... OK')
Example #45
0
def initialize_postgres():
    """Initialize the main database."""

    version = sudo("psql --version | grep -ro '[8-9].[0-9]'")
    conf_dir_prefix = "/etc/postgresql/%s/" % version

    # temporarily allow root access from localhost
    sudo(
        'mv /etc/postgresql/%s/main/pg_hba.conf /etc/postgresql/%s/main/pg_hba.conf.bak'
        % (version, version))
    sudo(
        'echo "local all postgres ident" > /etc/postgresql/%s/main/pg_hba.conf'
        % version)
    sudo(
        'cat /etc/postgresql/%s/main/pg_hba.conf.bak >> /etc/postgresql/%s/main/pg_hba.conf'
        % (version, version))
    sudo('service postgresql-%s restart || /etc/init.d/postgresql restart ' %
         version)

    # set password
    password = prompt('Enter a new database password for user `postgres`:')
    sudo(
        'psql template1 -c "ALTER USER postgres with encrypted password \'%s\';"'
        % password,
        user='******')

    # configure daily dumps of all databases
    with mode_sudo():
        dir_ensure('/var/backups/postgresql', recursive=True)
    sudo("echo 'localhost:*:*:postgres:%s' > /root/.pgpass" % password)
    sudo('chmod 600 /root/.pgpass')
    sudo(
        "echo '0 7 * * * pg_dumpall --username postgres --file /var/backups/postgresql/postgresql_$(date +%%Y-%%m-%%d).dump' > /etc/cron.d/pg_dump"
    )

    # remove temporary root access
    comment('/etc/postgresql/%s/main/pg_hba.conf' % version,
            'local all postgres ident',
            use_sudo=True)
    sudo('service postgresql%s restart || /etc/init.d/postgresql restart' %
         version)
Example #46
0
def prepare_boot():
    """
    Install boot
    """
    # Prepare mkinitcpio
    config_file = '/mnt/etc/mkinitcpio.conf'
    comment(config_file, '^HOOKS')
    with watch(config_file):
        append(config_file, 'HOOKS="base udev autodetect modconf block keyboard lvm2 encrypt filesystems fsck"')
    run_on_archroot('mkinitcpio -p linux')

    # Prepare syslinux
    config_file = '/mnt/boot/syslinux/syslinux.cfg'
    with watch(config_file):
        sed(config_file, 'root=/dev/sda3', 'root=/dev/vg/root')
    run_on_archroot('syslinux-install_update -iam')

    # Configure home encrypted mount
    config_file = '/mnt/etc/crypttab'
    with watch(config_file):
        append(config_file, 'home /dev/vg/home', 'root=/dev/vg/root')
Example #47
0
def prepare_boot():
    """
    Install boot
    """
    # Prepare mkinitcpio
    config_file = '/mnt/etc/mkinitcpio.conf'
    comment(config_file, '^HOOKS')
    with watch(config_file):
        append(config_file, 'HOOKS="base udev autodetect modconf block keyboard lvm2 encrypt filesystems fsck"')
    run_on_archroot('mkinitcpio -p linux')

    # Prepare syslinux
    config_file = '/mnt/boot/syslinux/syslinux.cfg'
    with watch(config_file):
        sed(config_file, 'root=/dev/sda3', 'root=/dev/vg/root')
    run_on_archroot('syslinux-install_update -iam')

    # Configure home encrypted mount
    config_file = '/mnt/etc/crypttab'
    with watch(config_file):
        append(config_file, 'home /dev/vg/home', 'root=/dev/vg/root')
Example #48
0
    def oldVolumeDetach(self):
        env.use_ssh_config = True
        try:
            with settings(warn_only=True, host_string=self.ip):
                if not DRY and self.old_volume_id:
                    sudo('umount {0}'.format(MOUNT_POINT))

                    ## comment out old record in fstab
                    uuid = sudo(
                        'lsblk -l -o NAME,UUID,MOUNTPOINT |grep "{0}" | cut -f2 -d" "'
                        .format(MOUNT_POINT))
                    if len(uuid) == 36:
                        files.comment('/etc/fstab',
                                      'UUID={0}.*'.format(uuid),
                                      use_sudo=True,
                                      char='# ')
                    sudo('vgchange -an {0}'.format(VOLUME_DEFAULTS['vg_name']))

                    volume = self.conn.get_all_volumes(
                        volume_ids=(self.old_volume_id))[0]
                    volume.detach()

                    if DELETEOLD:
                        n = 0
                        while n < SLEEP:
                            try:
                                volume.delete()
                                break
                            except boto.exception.EC2ResponseError:
                                n += 10
                                time.sleep(10)
                                continue
                        return

                    volume.add_tags({
                        'instance': self.name,
                        'date': time.strftime('%Y-%m-%d-%H:%M')
                    })
        except Exception as e:
            raise
Example #49
0
 def memcached_configure(self, **kwargs):
     for key, (opt, pat) in self.memcached_conf_patterns.iteritems():
         if key in kwargs:
             val = kwargs[key]
         else:
             val = getattr(self, 'memcached_{0}'.format(key), None)
         if val is None:
             continue
         full_pat = '^#?\s*{0}\s+{1}'.format(opt, pat)
         full_val = '{0} {1}'.format(opt, val)
         # we don't know if the config file contains the line or not, so
         # comment it out if it does and then add a new line with the date
         files.comment(self.memcached_conf, full_pat, use_sudo=True)
         if val != '':
             date = datetime.datetime.now().strftime('%Y-%m-%d')
             message = '\n# {0}; added by fabulaws {1}\n{2}'\
                       ''.format(key, date, full_val)
             files.append(self.memcached_conf, message, use_sudo=True)
     if self.memcached_ulimit is not None:
         ulimit = 'ulimit -n {0}'.format(self.memcached_ulimit)
         files.append(self.memcached_init_default, ulimit, use_sudo=True)
     self.memcached_service('restart')
Example #50
0
 def memcached_configure(self, **kwargs):
     for key, (opt, pat) in self.memcached_conf_patterns.iteritems():
         if key in kwargs:
             val = kwargs[key]
         else:
             val = getattr(self, 'memcached_{0}'.format(key), None)
         if val is None:
             continue
         full_pat = '^#?\s*{0}\s+{1}'.format(opt, pat)
         full_val = '{0} {1}'.format(opt, val)
         # we don't know if the config file contains the line or not, so
         # comment it out if it does and then add a new line with the date
         files.comment(self.memcached_conf, full_pat, use_sudo=True)
         if val != '':
             date = datetime.datetime.now().strftime('%Y-%m-%d')
             message = '\n# {0}; added by fabulaws {1}\n{2}'\
                       ''.format(key, date, full_val)
             files.append(self.memcached_conf, message, use_sudo=True)
     if self.memcached_ulimit is not None:
         ulimit = 'ulimit -n {0}'.format(self.memcached_ulimit)
         files.append(self.memcached_init_default, ulimit, use_sudo=True)
     self.memcached_service('restart')
Example #51
0
    def fab_criar_crons(self):
        ''' Insere tarefa definida em ../cron/cronconf no crontab do servidor '''
        crontab_location = '/etc/crontab'
        with cd(env.code_root):
            if os.path.exists('cron'):
                from cron.cronconf import CRONS
                import re
                sudo('chmod 646 ' + crontab_location)

                for cron in CRONS:

                    if cron['comando_de_projeto'] and not cron[
                            'django_management']:
                        linha_cron = cron['tempo'] + ' ' + cron[
                            'usuario'] + ' ' + env.code_root + '/' + cron[
                                'comando']
                    else:
                        if cron['comando_de_projeto'] and cron[
                                'django_management']:
                            linha_cron = cron['tempo'] + ' ' + cron[
                                'usuario'] + ' /usr/bin/python ' + env.code_root + '/' + cron[
                                    'comando'] + ' --settings=med_alliance.settings.' + env.ambiente
                        else:
                            linha_cron = cron['tempo'] + ' ' + cron[
                                'usuario'] + ' ' + cron['comando']
                    if cron['ligado']:
                        if not contains(crontab_location,
                                        re.escape(linha_cron)):
                            append(crontab_location,
                                   linha_cron,
                                   use_sudo=False)
                        else:
                            uncomment(crontab_location, re.escape(linha_cron))
                    else:
                        if contains(crontab_location, re.escape(linha_cron)):
                            comment(crontab_location, re.escape(linha_cron))

                sudo('chmod 644 ' + crontab_location)
Example #52
0
def install_vpn():
    sudo('apt-get -qy install pptpd')

    files.append('/etc/pptpd.conf', 'localip 192.168.240.1', use_sudo=True)
    files.append('/etc/pptpd.conf',
                 'remoteip 192.168.240.2-102',
                 use_sudo=True)

    files.append('/etc/ppp/pptpd-options', 'ms-dns 8.8.8.8', use_sudo=True)
    files.append('/etc/ppp/pptpd-options', 'ms-dns 8.8.4.4', use_sudo=True)

    files.append('/etc/ppp/chap-secrets',
                 '%(username)s pptpd %(password)s *' % ({
                     'username': VPN_USER,
                     'password': VPN_PASS,
                 }),
                 use_sudo=True)

    sudo('/etc/init.d/pptpd restart')

    files.uncomment('/etc/sysctl.conf',
                    'net\.ipv4\.ip_forward=1',
                    use_sudo=True)

    sudo('sysctl -p')
    sudo('iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE')

    if not files.contains(
            '/etc/rc.local',
            'iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE',
            use_sudo=True):
        files.comment('/etc/rc.local', 'exit 0', use_sudo=True)
        files.append('/etc/rc.local',
                     'iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE',
                     use_sudo=True)
        files.append('/etc/rc.local', 'exit 0', use_sudo=True)
Example #53
0
def setup_db():
    require.deb.uptodate_index()
    require.deb.package("software-properties-common")
    sudo(
        "apt-key adv --recv-keys"
        " --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db")
    sudo(
        "sudo add-apt-repository"
        " 'deb http://mariadb.bytenet.in//repo/10.0/ubuntu trusty main'")
    require.deb.uptodate_index()
    require.deb.package("mariadb-server")
    run("mysql_secure_installation")
    put(env.mariadb_cnf_file, env.mariadb_cnf_path, use_sudo=True)
    sudo("service mysql restart")
    password = raw_input("Please Enter password: "******"CREATE DATABASE %s;" % env.project
    sql = 'CREATE USER "' + env.deploy_user + '"@"%" ' \
        + ' IDENTIFIED BY "' + password + '";' \
        + ' GRANT ALL PRIVILEGES ON *.* TO "' + env.deploy_user + '"@"%";' \
        + ' FLUSH PRIVILEGES;'
    run(mysql_cmd % create_sql)
    run(mysql_cmd % sql)
    files.comment(env.mariadb_cnf_path, "skip-grant-tables", use_sudo=True)
    sudo("service mysql restart")
Example #54
0
def configure_smtp():
    main_cf = '/etc/postfix/main.cf'
    comment(main_cf, "^inet_interfaces = all$", use_sudo=True)
    append(main_cf, "inet_interfaces = loopback-only", use_sudo=True)
Example #55
0
def pogs_install(with_db):
    """
    Perform the tasks to install the whole BOINC server on a single machine
    """
    # Get the packages
    sudo('yum --assumeyes --quiet install {0}'.format(YUM_BOINC_PACKAGES))

    # Setup Users
    for user in env.list_of_users:
        sudo('useradd {0}'.format(user))
        sudo('mkdir /home/{0}/.ssh'.format(user))
        sudo('chmod 700 /home/{0}/.ssh'.format(user))
        sudo('chown {0}:{0} /home/{0}/.ssh'.format(user))
        sudo('mv /home/ec2-user/{0}.pub /home/{0}/.ssh/authorized_keys'.format(
            user))
        sudo('chmod 700 /home/{0}/.ssh/authorized_keys'.format(user))
        sudo('chown {0}:{0} /home/{0}/.ssh/authorized_keys'.format(user))

        # Add them to the sudoers
        sudo(
            '''su -l root -c 'echo "{0} ALL = NOPASSWD: ALL" >> /etc/sudoers' '''
            .format(user))

    nfs_mkdir('archive')
    nfs_mkdir('boinc-magphys')
    nfs_mkdir('galaxies')
    nfs_mkdir('projects')
    nfs_mkdir('logs_ami')
    run('mkdir -p /home/ec2-user/archive/to_store')

    # Clone our code
    if env.branch == '':
        run('git clone git://github.com/ICRAR/boinc-magphys.git')
    else:
        run('git clone -b {0} git://github.com/ICRAR/boinc-magphys.git'.format(
            env.branch))

    # Create the .boto file
    run('''echo "[Credentials]
aws_access_key_id = {0}
aws_secret_access_key = {1}" >> /home/ec2-user/.boto'''.format(
        env.aws_access_key_id, env.aws_secret_access_key))

    # Setup the S3 environment
    if to_boolean(env.create_s3):
        with cd('/home/ec2-user/boinc-magphys/machine-setup/boinc-pogs'):
            run('fab --set project_name={0} create_s3'.format(
                env.project_name))

    if with_db:
        # Activate the DB
        sudo('mysql_install_db')
        sudo('chown -R mysql:mysql /var/lib/mysql/*')
        sudo('chkconfig mysqld --add')
        sudo('chkconfig mysqld on')
        sudo('service mysqld start')

        # Wait for it to start up
        time.sleep(5)

        # Setup the database for recording WU's
        run('mysql --user=root < /home/ec2-user/boinc-magphys/server/src/database/create_database.sql'
            )

        # Make the BOINC project
        with cd('/home/ec2-user/boinc/tools'):
            run('./make_project -v --no_query --url_base http://{0} --db_user root {1}'
                .format(env.hosts[0], env.project_name))

        run('''echo '# DB Settings
databaseUserid = "root"
databasePassword = ""
databaseHostname = "localhost"
databaseName = "magphys"
boincDatabaseName = "{0}"' > /home/ec2-user/boinc-magphys/server/src/config/pogs.settings'''
            .format(env.project_name))

    else:
        # Setup the database for recording WU's
        run('mysql --user={0} --host={1} --password={2} < /home/ec2-user/boinc-magphys/server/src/database/create_database.sql'
            .format(env.db_username, env.db_host_name, env.db_password))

        # Make the BOINC project
        with cd('/home/ec2-user/boinc/tools'):
            run('./make_project -v --no_query --drop_db_first --url_base http://{0} --db_user {1} --db_host={2} --db_passwd={3} {4}'
                .format(env.hosts[0], env.db_username, env.db_host_name,
                        env.db_password, env.project_name))

        run('''echo '# DB Settings
databaseUserid = "{0}"
databasePassword = "******"
databaseHostname = "{2}"
databaseName = "magphys"
boincDatabaseName = "{3}"' > /home/ec2-user/boinc-magphys/server/src/config/pogs.settings'''
            .format(env.db_username, env.db_password, env.db_host_name,
                    env.project_name))

    run('''echo '# Work Generation settings
min_pixels_per_file = "15"
row_height = "7"
threshold = "1000"
high_water_mark = "400"
report_deadline = "7"

# Archive settings
delete_delay = "5"
boinc_statistics_delay = "2"

# AWS settings
ami_id = "XXX"
instance_type = "m1.small"
key_name = "XXX"
security_groups = "XXX","YYY"
subnet_ids = "XXX","YYY"

# POGS Settings
tmp = "/tmp"
boinc_project_root = "/home/ec2-user/projects/{0}"
project_name = "{0}"' >> /home/ec2-user/boinc-magphys/server/src/config/pogs.settings'''
        .format(env.project_name))

    # Copy the config files
    run('cp /home/ec2-user/boinc-magphys/server/config/boinc_files/db_dump_spec.xml /home/ec2-user/projects/{0}/db_dump_spec.xml'
        .format(env.project_name))
    run('cp /home/ec2-user/boinc-magphys/server/config/boinc_files/html/user/* /home/ec2-user/projects/{0}/html/user/'
        .format(env.project_name))
    run('cp /home/ec2-user/boinc-magphys/server/config/boinc_files/hr_info.txt /home/ec2-user/projects/{0}/hr_info.txt'
        .format(env.project_name))
    run('cp /home/ec2-user/boinc-magphys/server/config/boinc_files/project_files.xml /home/ec2-user/projects/{0}/project_files.xml'
        .format(env.project_name))
    run('mkdir -p /home/ec2-user/projects/{0}/html/stats_archive'.format(
        env.project_name))
    run('mkdir -p /home/ec2-user/projects/{0}/html/stats_tmp'.format(
        env.project_name))

    comment('/home/ec2-user/projects/{0}/html/ops/create_forums.php'.format(
        env.project_name),
            '^die',
            char='// ')

    run('mkdir -p /home/ec2-user/projects/{0}/html/user/logos'.format(
        env.project_name))
    run('cp /home/ec2-user/boinc-magphys/server/logos/* /home/ec2-user/projects/{0}/html/user/logos/'
        .format(env.project_name))

    # Build the validator
    with cd('/home/ec2-user/boinc-magphys/server/src/magphys_validator'):
        run('make')

    # Setup the ops area password
    with cd('/home/ec2-user/projects/{0}/html/ops'.format(env.project_name)):
        run('htpasswd -bc .htpasswd {0} {1}'.format(env.ops_username,
                                                    env.ops_password))

    with cd('/home/ec2-user/boinc-magphys/machine-setup/boinc-pogs'):
        run('fab --set project_name={0},gmail_account={1} setup_postfix'.
            format(env.project_name, env.gmail_account))
        run('fab --set project_name={0} edit_files'.format(env.project_name))
        sudo('fab --set project_name={0} setup_website'.format(
            env.project_name))

    # This is needed because the files that Apache serve are inside the user's home directory.
    run('chmod 711 /home/ec2-user')
    run('chmod -R oug+r /home/ec2-user/projects/{0}'.format(env.project_name))
    run('chmod -R oug+x /home/ec2-user/projects/{0}/html'.format(
        env.project_name))
    run('chmod ug+w /home/ec2-user/projects/{0}/log_*'.format(
        env.project_name))
    run('chmod ug+wx /home/ec2-user/projects/{0}/upload'.format(
        env.project_name))

    # Setup the forums
    with cd('/home/ec2-user/projects/{0}/html/ops'.format(env.project_name)):
        run('php create_forums.php')

    # Save the instance as an AMI
    puts("Stopping the instance")
    env.ec2_connection.stop_instances(env.ec2_instance.id, force=True)
    while not env.ec2_instance.update() == 'stopped':
        fastprint('.')
        time.sleep(5)

    puts(
        "The AMI is being created. Don't forget to terminate the instance if not needed"
    )
    env.ec2_connection.create_image(env.ec2_instance.id,
                                    env.ami_name,
                                    description='The base MAGPHYS AMI')

    puts('All done')
Example #56
0
def comment_saltmaster_topfile():
  # hacky method to ensure we don't apply logging on our test-monkey salt masters
  comment('/srv/lbaas-staging-salt/top.sls', '    - common_logging', use_sudo=True)
Example #57
0
def load():
    files.comment('/etc/rc.local', 'exit 0')
    sudo('. /etc/rc.local')
    files.append('/etc/rc.local', 'exit 0')
Example #58
0
def fix_sshd_config():
    '''root needs an actual shell, so fix the sshd_config.'''
    config_file = '/etc/ssh/sshd_config'
    uncomment(config_file, r'^.*PermitRootLogin yes', use_sudo=True)
    comment(config_file, r'^PermitRootLogin forced-commands-only', use_sudo=True)