def config_monit(config_dir):
config_instance = Config(config_dir)
monit_template_dir = config_instance.config_path('monit')
remote_conf_path = config_instance.remote_path('conf')
run('mkdir -p {}'.format(remote_conf_path))
upload_template('monitrc',
remote_conf_path,
template_dir=monit_template_dir,
context=config_instance.context,
use_sudo=True,
use_jinja=True)
sudo('chown root:root %s' %
config_instance.remote_path('conf/', 'monitrc'))
sudo('chmod 700 %s' % config_instance.remote_path('conf/', 'monitrc'))
if config_instance.MONIT_SLACK_NOTIFICATIONS:
upload_template('notify_and_execute.py',
remote_conf_path,
template_dir=monit_template_dir,
context=config_instance.context,
use_sudo=True,
use_jinja=True)
with cd(remote_conf_path):
sudo('chmod +x notify_and_execute.py')
sudo('monit -c %s reload' %
config_instance.remote_path('conf/', 'monitrc'))
def config_celery(config_dir):
config_instance = Config(config_dir)
celery_configs = config_instance.config_path('celery', 'systemd')
remote_conf_path = '/etc/systemd/system/'
upload_template('celeryd',
os.path.join(
remote_conf_path,
'{}.service'.format(config_instance.celeryd_name)),
template_dir=celery_configs,
context=config_instance.context,
use_sudo=True,
use_jinja=True)
sudo('systemctl reenable {}.service'.format(config_instance.celeryd_name))
upload_template('celerybeat',
os.path.join(
remote_conf_path,
'{}.service'.format(config_instance.celerybeat_name)),
template_dir=celery_configs,
context=config_instance.context,
use_sudo=True,
use_jinja=True)
sudo('systemctl reenable {}.service'.format(
config_instance.celerybeat_name))
def config_newrelic_monitor(config_dir):
config_instance = Config(config_dir)
upload_template('newrelic.ini',
config_instance.NEWRELIC_INI,
template_dir=config_instance.config_path('new_relic'),
context=config_instance.context,
use_jinja=True)
def config_letsencrypt(config_dir):
config_instance = Config(config_dir)
nginx_configs = config_instance.config_path('nginx')
remote_conf_path = config_instance.remote_path('conf')
letsencrypt_dir = getattr(config_instance, 'LETSENCRYPT_DIR')
if not letsencrypt_dir:
letsencrypt_dir = config_instance.LETSENCRYPT_DIR = '/opt/letsencrypt/'
upload_template('letsencrypt/letsencrypt_config.ini',
remote_conf_path,
template_dir=nginx_configs,
context=config_instance.context,
use_sudo=True,
mode=0o750,
use_jinja=True)
sudo('mkdir -p %s' % letsencrypt_dir)
with cd(letsencrypt_dir):
sudo('wget https://dl.eff.org/certbot-auto')
sudo('chmod a+x certbot-auto')
config_nginx(config_dir,
conf_template='letsencrypt/nginx_getting_cert.conf')
sudo('service nginx restart')
with cd(letsencrypt_dir):
sudo(
'./certbot-auto certonly --non-interactive --agree-tos --expand --config %s'
% config_instance.remote_path('conf', 'letsencrypt_config.ini'))
sudo('chmod -R 755 /etc/letsencrypt/archive /etc/letsencrypt/live')
# TODO Check this on a server this domain name.
remote_conf_path = '/etc/systemd/system/'
upload_template('letsencrypt/systemd/service',
os.path.join(remote_conf_path,
'letsencrypt-updater.service'),
template_dir=nginx_configs,
context=config_instance.context,
use_sudo=True,
use_jinja=True)
upload_template('letsencrypt/systemd/timer',
os.path.join(remote_conf_path,
'letsencrypt-updater.timer'),
template_dir=nginx_configs,
context=config_instance.context,
use_sudo=True,
use_jinja=True)
sudo('systemctl reenable letsencrypt-updater.timer')
config_nginx(config_dir)
sudo('service nginx restart')
def config_nginx(config_dir, conf_template='nginx.conf'):
config_instance = Config(config_dir)
nginx_configs = config_instance.config_path('nginx')
remote_sa_path = '/etc/nginx/sites-available/%s' % config_instance.project_name
upload_template(conf_template,
remote_sa_path,
template_dir=nginx_configs,
context=config_instance.context,
use_sudo=True,
use_jinja=True)
sudo('ln -sf %s /etc/nginx/sites-enabled' % remote_sa_path)
def config_target(config_dir):
config_instance = Config(config_dir)
remote_conf_path = '/etc/systemd/system/'
upload_template('target',
os.path.join(
remote_conf_path,
'{}.target'.format(config_instance.project_name)),
template_dir=config_instance.config_path(),
context=config_instance.context,
use_sudo=True,
use_jinja=True)
sudo('systemctl reenable {}.target'.format(config_instance.project_name))
def config_gunicorn(config_dir):
config_instance = Config(config_dir)
gunicorn_configs = config_instance.config_path('gunicorn', 'systemd')
remote_conf_path = '/etc/systemd/system/'
upload_template('service',
os.path.join(
remote_conf_path,
'{}.service'.format(config_instance.gunicorn_name)),
template_dir=gunicorn_configs,
context=config_instance.context,
use_sudo=True,
use_jinja=True)
sudo('systemctl reenable {}.service'.format(config_instance.gunicorn_name))
def setup_newrelic_server_monitor(config_dir):
config_instance = Config(config_dir)
apt_sources_file = '/etc/apt/sources.list.d/newrelic.list'
apt_repository = 'deb http://apt.newrelic.com/debian/ newrelic non-free'
newrelic_gpg_key = 'https://download.newrelic.com/548C16BF.gpg'
server_monitor_package = 'newrelic-sysmond'
if exists(apt_sources_file):
# Check if repository already in file. Otherwise, add to the end.
sudo("grep -q '{0}' {1} || sudo echo '{0}' >> {1}".format(
apt_repository, apt_sources_file))
else:
sudo("echo '{0}' >> {1}".format(apt_repository, apt_sources_file))
# Trust the New Relic GPG key
sudo("wget -O- {0} | apt-key add -".format(newrelic_gpg_key))
# Install the Server Monitor package
sudo('apt-get update', warn_only=True, quiet=True)
sudo('apt-get -y --no-upgrade install {}'.format(server_monitor_package))
# Add license key to config file
newrelic_sysmon_config_path = '/etc/newrelic/nrsysmond.cfg'
if not exists(newrelic_sysmon_config_path, use_sudo=True):
# Upload config file with New Relic account license key (set in settings.base)
upload_template('newrelic_system_monitor.cfg',
newrelic_sysmon_config_path,
template_dir=config_instance.config_path('new_relic'),
context=config_instance.context,
use_sudo=True,
use_jinja=True)
else:
print(
'New Relic System Monitor configuration file is already exist. '
'Make sure it contains the right new relic license key for Razortheory account.'
)
# Start the daemon
sudo('/etc/init.d/newrelic-sysmond start')
def install_rabbitmq(config_dir):
config_instance = Config(config_dir)
sudo('echo "deb http://www.rabbitmq.com/debian/ testing main" |'
' tee /etc/apt/sources.list.d/rabbitmq.list > /dev/null')
with cd('/tmp'):
run('wget -O rabbitmq-release-signing-key.asc'
' http://www.rabbitmq.com/rabbitmq-release-signing-key.asc')
sudo('apt-key add rabbitmq-release-signing-key.asc')
sudo('apt-get update')
sudo('apt-get -y install rabbitmq-server')
sudo('service rabbitmq-server start')
systemd_override_dir = '/etc/systemd/system/rabbitmq-server.service.d'
sudo('mkdir -p {}'.format(systemd_override_dir))
systemd_override = os.path.join(systemd_override_dir, 'override.conf')
upload_template('override',
systemd_override,
template_dir=config_instance.config_path('rabbitmq'),
context=config_instance.context,
use_sudo=True,
use_jinja=True)
sudo('systemctl daemon-reload')
