def configure(self):
self += User('seanopoly')
self += Clone('https://github.com/wosc/monopoly',
branch='master',
target='/srv/seanopoly/app')
git = self._
app = git.target + '/game'
self += NPM(app)
self += NPM(app + '/client',
commands=['install --no-save', 'run build'],
dependencies=git)
# The app wants to write logs here.
self += File(app + '/static',
ensure='directory',
owner='seanopoly',
group='seanopoly')
self += Program(
'seanopoly',
command='node %s/server/server.js' % app,
directory=app,
environ=
'HTTP=true, BIND=127.0.0.1, PORT=7083, VHOST_PATH=/seanopoly',
user='******')
self += File('/srv/seanopoly/nginx.conf',
source='seanopoly.conf',
is_template=False)
self += VHost(self._)
def configure(self):
self += User('haemera')
self += VirtualEnv(path='/srv/haemera/deployment')
self._ += Requirements()
req = self._
self += File('/srv/haemera/paste.ini',
owner='haemera',
group='haemera',
mode=0o640)
config = self._
self += ServiceDatabase('haemera', password=self.db_password)
self += Schema()
self += Program(
'haemera',
command='/srv/haemera/deployment/bin/pserve /srv/haemera/paste.ini',
user='******',
dependencies=[req, config])
self += File('/srv/haemera/nginx.conf')
self += VHost(self._)
self += CronJob('/srv/haemera/deployment/bin/haemera-recurrences',
args='/srv/haemera/paste.ini#haemera',
user='******',
timing='5 0 * * *')
def configure(self):
self += Package('mongodb')
self += User('robometeor')
# meteor build dist
# scp dist/robometeor.tar.gz wosc.de:/srv/robometeor
# rm -rf /srv/robometeor/bundle/*; tar xfC robometeor.tar.gz /srv/robometeor/; npm install --prefix /srv/robometeor/bundle/programs/server; sudo sv restart robometeor
# replace in programs/web.browser/12345.js:
# `Router.route('/` with `Router.router('/roborally/`
# prefix with `/roborally`:
# `/robots/`, `/tiles/`, `/finish.png`, `/start.png`,
# `/damage-token.png`, `/Power_Off.png`
self += Program('robometeor',
command='node /srv/robometeor/bundle/main.js',
environ='BIND_IP=127.0.0.1, PORT=7082, '
'ROOT_URL=https://wosc.de/roborally, '
'MONGO_URL=mongodb://localhost:27017/robometeor',
user='******',
dependencies=())
self += File('/srv/robometeor/nginx.conf',
source='roborally.conf',
is_template=False)
self += VHost(self._)
def configure(self):
self.url = self.url.format(version=self.version)
self += User('prometheus')
for name in ['bin', 'conf.d', 'data', 'node']:
self += File('/srv/prometheus/%s' % name,
ensure='directory',
owner='prometheus',
group='prometheus')
self += DownloadBinary(self.url.format(version=self.version),
checksum=self.checksum,
names=['prometheus', 'promtool'])
self += Program(
'prometheus',
command='/srv/prometheus/bin/prometheus '
'--config.file=/srv/prometheus/server.yml '
'--storage.tsdb.path=/srv/prometheus/data '
'--web.listen-address="127.0.0.1:9090" '
# https://github.com/prometheus/prometheus/issues/1191
'--web.external-url=https://pharos.wosc.de/prometheus/ '
'--web.route-prefix=/',
user='******',
dependencies=[self._])
self += File('/srv/prometheus/server.yml', is_template=False)
self.config = [self._] + self.require('prom:rule', host=self.host)
self += File('/srv/prometheus/nginx.conf', is_template=False)
self += VHost(self._)
def configure(self):
# Allow acessing supervisor control socket
self += GroupMember('supervisor', user='******')
self += DownloadBinary(self.url.format(version=self.version),
checksum=self.checksum,
names=['node_exporter'])
self += Program(
'prometheus-node',
command='/srv/prometheus/bin/node_exporter '
'--collector.textfile.directory=/srv/prometheus/node '
'--collector.supervisord '
'--collector.supervisord.url=unix:///var/run/supervisor.sock '
'--web.listen-address="127.0.0.1:9100"',
user='******',
dependencies=[self._])
# node_exporter doesn't expose total number of processes, unsure if
# <https://github.com/prometheus/node_exporter/issues/790> will help.
self += File('/srv/prometheus/bin/node_exporter-numprocs',
source='numprocs.sh',
is_template=False,
mode=0o755)
self += CronJob('/srv/prometheus/bin/node_exporter-numprocs',
user='******',
timing='* * * * *')
def configure(self):
self += File('/srv/prometheus/data/alerts',
ensure='directory',
owner='prometheus',
group='prometheus')
self += DownloadBinary(self.url.format(version=self.version),
checksum=self.checksum,
names=['alertmanager', 'amtool'])
self += Program(
'prometheus-alert',
command='/srv/prometheus/bin/alertmanager '
'--config.file=/srv/prometheus/alert.yml '
'--storage.path=/srv/prometheus/data/alerts '
'--cluster.listen-address="127.0.0.1:9094" '
'--cluster.advertise-address="127.0.0.1:19094" '
'--web.listen-address="127.0.0.1:9093" '
'--web.external-url=https://pharos.wosc.de/prometheus-alert/ '
'--web.route-prefix=/',
user='******',
dependencies=[self._])
self += File('/srv/prometheus/alert.yml')
self.config = self._
self += File('/srv/prometheus/bin/send-alert',
source='send-alert.sh',
is_template=False,
mode=0o755)
def configure(self):
self += DownloadBinary(self.url.format(version=self.version),
checksum=self.checksum,
names=['pushgateway'])
self += Program('prometheus-node',
command='/srv/prometheus/bin/pushgateway',
user='******',
dependencies=[self._])
def configure(self):
self += User('tabu')
self += VirtualEnv(path='/srv/tabu/deployment')
self._ += Requirements(source='tabu.txt')
self += Program('tabu',
command='/srv/tabu/deployment/bin/tabu-serve 7080',
user='******',
dependencies=[self._, self._.parent])
self += File('/srv/tabu/nginx.conf',
source='tabu.conf',
is_template=False)
self += VHost(self._)
def configure(self):
self += VirtualEnv()
self._ += Requirements(source='github.txt')
self += Program('prometheus-github',
command=self.map('bin/github_vulnerability_exporter') +
' --host=127.0.0.1 --port=9597 --ttl=3590',
environ='GITHUB_AUTHTOKEN="%s", GITHUB_OWNER="%s"' %
(self.api_key, self.owner),
user='******',
dependencies=[])
self += File('/srv/prometheus/conf.d/alert-github.yml',
is_template=False)
self.provide('prom:rule', self._)
def configure(self):
# Allow reading accesslogs
self += GroupMember('adm', user='******')
self += Download(self.url.format(version=self.version),
checksum=self.checksum)
self.download = self._
self += Symlink('/srv/prometheus/bin/nginx_exporter',
source=self._.target)
self.logfiles = glob('/var/log/nginx/*-access.log')
self += File('/srv/prometheus/nginx.yml')
self += Program('prometheus-nginx',
command='/srv/prometheus/bin/nginx_exporter '
'-config-file /srv/prometheus/nginx.yml',
user='******',
dependencies=[self._])
def configure(self):
self += User('thyrida')
self += VirtualEnv(path='/srv/thyrida/deployment')
self._ += Requirements()
reqs = self._
self += File(
'/srv/thyrida/paste.ini',
owner='thyrida', group='thyrida', mode=0o640)
self += Program(
'thyrida',
command='/srv/thyrida/deployment/bin/pserve /srv/thyrida/paste.ini',
user='******',
dependencies=[reqs, self._])
self += File('/srv/thyrida/nginx.conf', is_template=False)
self += VHost(self._)
def configure(self):
self += batou_ext.mysql.User('prometheus', password=self.db_password)
self += batou.lib.mysql.Command(
"GRANT PROCESS, REPLICATION CLIENT, SELECT ON *.* "
"TO 'prometheus'@'localhost';",
admin_password=None)
self += DownloadBinary(self.url.format(version=self.version),
checksum=self.checksum,
names=['mysqld_exporter'])
self += Program(
'prometheus-mysql',
command='/srv/prometheus/bin/mysqld_exporter '
'--web.listen-address="127.0.0.1:9104"',
environ='DATA_SOURCE_NAME="prometheus:%s@(localhost:3306)/"' %
(self.db_password),
user='******',
dependencies=[self._])
def configure(self):
self.provide('apache', self)
self += Package('apache2')
self += User('cgiserv')
for name in ['apache.d', 'nginx.d']:
self += File('/srv/cgiserv/%s' % name, ensure='directory')
self += File(
'/srv/cgiserv/apache.conf', owner='cgiserv', group='cgiserv',
source=here + 'apache.conf', is_template=False)
self += Program(
'cgiserv',
command='/usr/sbin/apache2 -d /usr/lib/apache2 '
'-f /srv/cgiserv/apache.conf -k start -X',
user='******',
dependencies=[self._])
self += File(
'/srv/cgiserv/nginx.conf',
source=here + 'cgi.conf', is_template=False)
self += VHost(self._)
def configure(self):
self += User('radicale')
self += File('/srv/radicale/data',
ensure='directory',
owner='radicale',
group='radicale')
deps = []
self += VirtualEnv(path='/srv/radicale/deployment')
self._ += Requirements()
deps.append(self._)
courier_py = ('/srv/radicale/deployment/lib/python%s/site-packages'
'/radicale/auth/courier.py' % VirtualEnv.version)
self += Patch(courier_py, source='"GID"', target='b"GID"')
self += Patch(courier_py,
source='sock.send(line)',
target='sock.send(line.encode("utf-8")')
# Allow access to authdaemon
self += GroupMember('courier', user='******')
for name in ['radicale.conf', 'logging.conf', 'serve.py']:
self += File('/srv/radicale/%s' % name, is_template=False)
deps.append(self._)
self += Program(
'radicale',
command=
'/srv/radicale/deployment/bin/python /srv/radicale/serve.py',
environ='RADICALE_CONFIG=/srv/radicale/radicale.conf',
user='******',
dependencies=deps)
self += File('/srv/radicale/nginx.conf', is_template=False)
self += VHost(self._)