def setup(name, **kwargs):
env = Environment.get_instance()
config = env.config.mongodb.copy()
config.update(kwargs)
config['configpath'] = "/etc/mongodb/%s.conf" % name
if 'dbpath' not in kwargs:
config['dbpath'] = os.path.join(config.dbpath, name)
if 'logfilename' not in kwargs:
config['logfilename'] = "%s.log" % name
Directory("/etc/mongodb", owner="root", group="root", mode=0755)
Directory(config.dbpath,
owner="mongodb",
group="mongodb",
mode=0755,
recursive=True)
File(config.configpath,
owner="root",
group="root",
mode=0644,
content=Template("mongodb/mongodb.conf.j2",
variables=dict(mongodb=config)))
# notifies = [("restart", env.resources["MonitService"]["mongodb-%s" % name])])
controller = kwargs.get("controller")
if controller == "monit":
env.include_recipe("monit")
env.cookbooks.monit.rc(
"mongodb-%s" % name,
Template("mongodb/monit.conf.j2",
variables=dict(name=name, mongodb=config)))
env.cookbooks.monit.MonitService(
"mongodb-%s" % name,
subscribes=[("restart", env.resources["File"][config.configpath])])
elif controller == "supervisord":
env.include_recipe("supervisor")
env.cookbooks.supervisor.configuration(
"mongodb-%s" % name,
Template("mongodb/supervisord.conf.j2",
variables=dict(name=name, mongodb=config)))
env.cookbooks.supervisor.SupervisorService(
"mongodb-%s" % name,
subscribes=[("restart", env.resources["File"][config.configpath])])
else:
Service("mongodb-%s" % name,
subscribes=[("restart",
env.resources["File"][config.configpath])])
File("/etc/init/mongodb-%s.conf" % name,
owner="root",
group="root",
mode=0644,
content=Template("mongodb/upstart.conf.j2",
variables=dict(mongodb=config)),
notifies=[
("reload", env.resources["Service"]["mongodb-%s" % name],
True),
])
def Service(service_description,
host_name=None,
hostgroup_name=None,
check_command=None,
use="generic-service",
notification_interval=0,
action="create"):
env = Environment.get_instance()
values = dict(
host_name=host_name,
hostgroup_name=hostgroup_name,
service_description=service_description,
check_command=check_command,
use=use,
notification_interval=notification_interval,
)
if host_name:
env.config.nagios3.hosts[host_name]["services"][
service_description] = values
return
File("/etc/nagios3/conf.d/service_%s.cfg" % service_description.lower(),
content=Template("nagios3/service.cfg.j2", values),
action=action,
notifies=[("restart", env.resources["Service"]["nagios3"])])
def rc(name, content):
env = Environment.get_instance()
return File("monitrc-%s" % name,
content = content,
owner = "root",
group = "root",
mode = 0644,
path = "%s/monit.d/%s" % (env.config.monit.config_path, name),
notifies = [("restart", env.resources["Service"]["monit"])])
def configuration(name, content):
env = Environment.get_instance()
return File("supervisor-%s" % name,
content = content,
owner = "root",
group = "root",
mode = 0644,
path = os.path.join(env.config.supervisor.custom_config_path, name) + ".conf",
notifies = [("reload", env.resources["Service"]["supervisor"])])
import os
from kokki import Package, File, Template, Service
env.include_recipe("postgresql9")
Service("postgresql",
supports_restart=True,
supports_reload=True,
supports_status=True,
action="nothing")
Package("postgresql-" + env.config.postgresql9.version,
notifies=[("stop", env.resources["Service"]["postgresql"], True)])
File("pg_hba.conf",
owner="postgres",
group="postgres",
mode=0600,
path=os.path.join(env.config.postgresql9.config_dir, "pg_hba.conf"),
content=Template("postgresql9/pg_hba.conf.j2"),
notifies=[("reload", env.resources["Service"]["postgresql"])])
File("postgresql.conf",
owner="postgres",
group="postgres",
mode=0666,
path=os.path.join(env.config.postgresql9.config_dir, "postgresql.conf"),
content=Template("postgresql9/postgresql.conf.j2"),
notifies=[("restart", env.resources["Service"]["postgresql"])])
from kokki import Package, Directory, Link, File, Template
env.include_recipe("cloudera")
Package("flume")
Directory("/etc/flume/conf.kokki", owner="root", group="root", mode=0755)
Link("/etc/flume/conf", to="/etc/flume/conf.kokki")
File("flume-config",
path="/etc/flume/conf.kokki/flume-conf.xml",
owner="root",
group="root",
mode=0644,
content=Template("flume/flume-conf.xml.j2"))
File("flume-site-config",
path="/etc/flume/conf.kokki/flume-site.xml",
owner="root",
group="root",
mode=0644,
content=Template("flume/flume-site.xml.j2"))
File("flume-log-config",
path="/etc/flume/conf.kokki/log4j.properties",
owner="root",
group="root",
mode=0644,
content=Template("flume/log4j.properties.j2"))
from kokki import Package, Service, File, Template, Link
Package("memcached", action="upgrade")
Package("libmemcache-dev", action="upgrade")
Service("memcached")
File("/etc/memcached.conf",
content=Template("memcached/memcached.conf.j2"),
owner="root",
group="root",
mode=0644,
notifies=[("restart", env.resources["Service"]["memcached"], True)])
if "librato.silverline" in env.included_recipes:
File("/etc/default/memcached",
owner="root",
group="root",
mode=0644,
content=("ENABLE_MEMCACHED=yes\n"
"export SL_NAME=memcached\n"),
notifies=[("restart", env.resources["Service"]["memcached"])])
if "munin.node" in env.included_recipes:
for n in ('bytes', 'connections', 'curr_items', 'items', 'queries'):
Link("/etc/munin/plugins/memcached_%s" % n,
to="/etc/munin/python-munin/plugins/memcached_%s" % n,
notifies=[("restart", env.resources['Service']['munin-node'])])
from kokki import Package, Directory, File, Template
Package("munin")
Directory(env.config.munin.dbdir, owner="munin", group="munin", mode=0755)
File("/etc/munin/munin.conf",
owner="root",
group="root",
mode=0644,
content=Template("munin/munin.conf.j2"))
env.include_recipe("ssh")
Group("sysadmin", gid=2300)
for username, user in env.config.users.items():
home = "/home/%s" % username
User(username,
uid=user['id'],
home=home,
groups=user.get('groups', []),
password=user.get('password'))
Directory(env.cookbooks.ssh.ssh_path_for_user(username),
owner=username,
group=username,
mode=0700)
if user.get('sshkey'):
env.cookbooks.ssh.SSHAuthorizedKey("%s-%s" %
(username, user['sshkey_id']),
user=username,
keytype=user['sshkey_type'],
key=user['sshkey'])
File(os.path.join(env.cookbooks.ssh.ssh_path_for_user(username),
"authorized_keys"),
owner=username,
group=username,
mode=0600)
from kokki import Package, File, Template
Package("sudo", action="upgrade")
File(
"/etc/sudoers",
owner="root",
group="root",
mode=0440,
content=Template("sudo/sudoers.j2"),
)
from kokki import Directory, File, Template
Directory("{0}gunicorn/".format(env.config.deploy_home),
mode=0755,
owner="deploy",
action="create")
for site in env.config.gunicorn.sites:
File("{0}gunicorn/{1}.conf".format(env.config.deploy_home, site["name"]),
content=Template(
"gunicorn/gunicorn.conf.j2",
variables={
"name": site["name"],
"port": site["port"],
"worker_count": site["worker_count"],
"python_version": env.config.python_version,
"virtualenvs_root": env.config.virtualenvs_root,
},
),
owner="root",
group="root",
mode=0644)
if env.system.lsb['codename'] == 'karmic':
def enter_the_multiverse():
with open("/etc/apt/sources.list", "r") as fp:
source = fp.read().split(' ')[1]
return (
"deb {source} karmic multiverse\n"
"deb-src {source} karmic multiverse\n"
"deb {source} karmic-updates multiverse\n"
"deb-src {source} karmic-updates multiverse\n"
"deb http://security.ubuntu.com/ubuntu karmic-security multiverse\n"
).format(source=source)
File("/etc/apt/sources.list.d/multiverse.list",
owner="root",
group="root",
mode=0644,
not_if=lambda: os.path.exists(
"/etc/apt/sources.list.d/multiverse.list"),
content=enter_the_multiverse,
notifies=[("run", env.resources["Execute"]["apt-update-java"], True)])
if env.system.lsb['codename'] == 'lucid':
Execute(
'add-apt-repository "deb http://archive.canonical.com/ lucid partner" ; apt-get update',
not_if="grep 'lucid partner' /etc/apt/sources.list > /dev/null")
Script("accept-java-license",
not_if="debconf-show sun-java6-jre | grep accepted > /dev/null",
cwd="/usr/local/src",
code="""#!/bin/sh
apt = "deb http://www.serverdensity.com/downloads/linux/debian lenny main"
# if ver == '5.0':
# apt = "deb http://apt.librato.com/debian/ lenny non-free"
if not apt:
raise Fail("Can't find a serverdensity package for your platform/version")
Execute("apt-update-serverdensity",
command = "apt-get update",
action = "nothing")
Execute("curl http://www.serverdensity.com/downloads/boxedice-public.key | apt-key add -",
not_if = "(apt-key list | grep 'Server Density' > /dev/null)")
File(apt_list_path,
owner = "root",
group ="root",
mode = 0644,
content = apt+"\n",
notifies = [("run", env.resources["Execute"]["apt-update-serverdensity"], True)])
Package("sd-agent")
Directory(env.config.serverdensity.plugin_directory,
owner = "sd-agent",
group = "sd-agent",
mode = 0770,
recursive = True)
Service("sd-agent",
supports_restart = True)
import os
from kokki import Directory, Package, File, Template, Service
Package("python-rackspace-cloudfiles")
Package("duplicity")
Directory("{0}/dbdumps/".format(env.config.cloudfiles.deploy_home),
owner = "postgres",
group = "deploy",
mode = 0750)
# /etc/crontab and the files in /etc/cron.d must be owned by root# and must *not* be group- or other-writable
File("/etc/cron.d/dbdumps",
owner = "root",
group = "root",
mode = 0644,
content = Template("postgresql-cloudfiles-backup/cronfile.j2"),
)
File("{0}/duplicity_uploader.sh".format(env.config.cloudfiles.deploy_home),
owner = "postgres",
group = "postgres",
mode = 0740,
content = Template("postgresql-cloudfiles-backup/duplicity_uploader.sh.j2"),
)
File("{0}/duplicity_downloader.sh".format(env.config.cloudfiles.deploy_home),
owner = "postgres",
group = "postgres",
mode = 0740,
from kokki import Package, Directory, File, Template, Service
Package("nginx")
Directory(env.config.nginx.log_dir,
mode=0755,
owner=env.config.nginx.user,
action='create')
for nxscript in ('nxensite', 'nxdissite'):
File("/usr/sbin/%s" % nxscript,
content=Template("nginx/%s.j2" % nxscript),
mode=0755,
owner="root",
group="root")
File("nginx.conf",
path="%s/nginx.conf" % env.config.nginx.dir,
content=Template("nginx/nginx.conf.j2"),
owner="root",
group="root",
mode=0644)
File("%s/sites-available/default" % env.config.nginx.dir,
content=Template("nginx/default-site.j2"),
owner="root",
group="root",
mode=0644)
Service("nginx",
supports_status=True,
from kokki import Package, File, Template, Service
if env.system.platform == "amazon":
Package("perl-NetAddr-IP")
Package("munin-node")
File("munin-node.conf",
path = "/etc/munin/munin-node.conf",
owner = "root",
group = "root",
mode = 0644,
content = Template("munin/munin-node.conf.j2"))
Service("munin-node",
subscribes = [("restart", env.resources["File"]["munin-node.conf"])])
File("/etc/munin/plugin-conf.d/python",
owner = "root",
group = "root",
mode = 0644,
content = (
"[*]\n"
"env.PYTHON_EGG_CACHE /tmp/munin-egg-cache\n"
),
notifies = [("restart", env.resources["Service"]["munin-node"])])
if env.system.ec2:
File("/etc/munin/plugins/if_err_eth0",
action = "delete",
from kokki import Package, Service, File, Template
Package("exim4", action="upgrade")
Service("exim4", supports_restart=True)
File("/etc/exim4/update-exim4.conf.conf",
owner="root",
group="root",
mode=0644,
content=Template("exim4/update-exim4.conf.conf.j2"),
notifies=[("restart", env.resources["Service"]["exim4"])])
File("/etc/exim4/exim4.conf.localmacros",
owner="root",
group="root",
mode=0644,
content="AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS = 1\nMAIN_TLS_ENABLE = 1\n",
notifies=[("restart", env.resources["Service"]["exim4"])])
File("/etc/exim4/passwd.client",
mode=0640,
content=Template("exim4/passwd.client.j2"),
notifies=[("restart", env.resources["Service"]["exim4"])])
Package("python-pycurl")
Package("python-imaging")
# Clone project
Directory(os.path.dirname(env.config.avatartare.path), mode=0755)
Execute(
"git clone git://github.com/samuel/avatartare.git %s" %
env.config.avatartare.path,
creates=env.config.avatartare.path,
)
# Bootstrap the environment
Execute(
"avatartare-bootstrap",
command="python bin/bootstrap.py env",
cwd=env.config.avatartare.path,
creates="%s/env" % env.config.avatartare.path,
)
# Config
File("avatartare-local_settings.py",
path="%s/local_settings.py" % env.config.avatartare.path,
content=Template("avatartare/local_settings.py.j2"),
notifies=[("restart", env.resources["SupervisorService"]["avatartare"])])
# Setup Supervisor to start and monitor the processes
File("%s/avatartare.conf" % env.config.supervisor.custom_config_path,
content=Template("avatartare/supervisor.j2"),
notifies=[("restart", env.resources["SupervisorService"]["avatartare"])])
ver = env.system.lsb['release']
apt = "deb http://packages.cloudkick.com/ubuntu lucid main"
# if ver == '5.0':
# apt = "deb http://apt.librato.com/debian/ lenny non-free"
if not apt:
raise Fail("Can't find a cloudkick package for your platform/version")
Execute("apt-update-cloudkick", command="apt-get update", action="nothing")
Execute(
"curl http://packages.cloudkick.com/cloudkick.packages.key | apt-key add -",
not_if="(apt-key list | grep 'Cloudkick' > /dev/null)")
File(apt_list_path,
owner="root",
group="root",
mode=0644,
content=apt + "\n",
notifies=[("run", env.resources["Execute"]["apt-update-cloudkick"], True)
])
File("/etc/cloudkick.conf",
owner="root",
group="root",
mode=0644,
content=Template("cloudkick/cloudkick.conf.j2"))
Package("cloudkick-agent", action="upgrade")
Service("cloudkick-agent",
supports_restart=True,
from kokki import File, Template
File("/etc/security/limits.conf",
owner="root",
group="root",
mode=0644,
content=Template("limits/limits.conf.j2"))
from kokki import Package, File, Template, Directory, Service
Package("monit")
Service("monit",
supports_status=False,
supports_restart=True,
action="nothing")
File("%s/monitrc" % env.config.monit.config_path,
owner="root",
group="root",
mode=0700,
content=Template("monit/monitrc.j2"),
notifies=[("restart", env.resources["Service"]["monit"])])
if env.system.platform == "ubuntu":
File("/etc/default/monit",
content=Template("monit/default.j2"),
notifies=[("restart", env.resources["Service"]["monit"])])
Directory("%s/monit.d" % env.config.monit.config_path,
owner="root",
group="root",
mode=0700)
apt = 'deb http://downloads.mongodb.org/distros/ubuntu %s 10gen' % ver
elif env.system.platform == "debian":
ver = env.system.lsb['release']
if ver == '5.0':
apt = 'deb http://downloads.mongodb.org/distros/debian 5.0 10gen'
if not apt:
raise Fail("Can't find a mongodb package for your platform/version")
Execute("apt-update-mongo", command="apt-get update", action="nothing")
Execute("apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10",
not_if="(apt-key list | grep 10gen.com > /dev/null)")
File(apt_list_path,
owner="root",
group="root",
mode=0644,
content=apt + "\n",
notifies=[("run", env.resources["Execute"]["apt-update-mongo"], True)])
###
Package("mongodb-stable")
if env.config.mongodb.nodefault:
Service("mongodb")
File(env.config.mongodb.configpath,
action="delete",
notifies=[("stop", env.resources["Service"]["mongodb"], True)])
File("/etc/init/mongodb.conf", action="delete")
File("/etc/init.d/mongodb", action="delete")
Directory(env.config.apache.log_dir,
mode=0700,
owner=env.config.apache.user,
group=env.config.apache.user)
if env.system.platform in ("centos", "redhat", "fedora", "suse"):
Service("apache2",
service_name="httpd",
restart_command="/sbin/service httpd restart && sleep 1",
reload_command="/sbin/service httpd reload && sleep 1",
supports_restart=True,
supports_reload=True,
supports_status=True)
File("/usr/local/bin/apache2_module_conf_generate.pl",
mode=0755,
owner="root",
group="root",
content=StaticFile("apache2/files/apache2_module_conf_generate.pl"))
for d in ('sites-available', 'sites-enabled', 'mods-available',
'mods-enabled'):
Directory("%s/%s" % (env.config.apache.dir, d),
mode=0755,
owner="root",
group="root")
libdir = "lib64" if env.system.architecture == "x86_64" else "lib"
Execute(
"generate-module-list",
command=
Service("redis",
supports_restart=True,
supports_reload=True,
supports_status=True,
action="nothing")
Directory(env.config.redis.dbdir,
owner = "root",
group = "root",
mode = 0700,
recursive = True)
File("redis.conf",
path = env.config.redis.configfile,
owner = "root",
group = "root",
mode = 0644,
content = Template("redis/redis.conf.j2"),
notifies = [("reload", env.resources["Service"]["redis"], True)])
# env.cookbooks.monit.rc("redis",
# content = Template("redis/monit.conf.j2"))
File("/etc/init.d/redis",
owner = "root",
group = "root",
mode = 0755,
content = Template("redis/init.conf.j2",
variables = dict(
redis = dict(
Package("postgresql-contrib-9.1")
Package("postgis")
Package("gdal-bin")
Package("binutils")
Package("libgeos-3.2.2")
Package("libgeos-c1")
Package("libgeos-dev")
Package("libgdal1-1.8.0")
Package("libgdal1-dev")
Package("libxml2")
Package("libxml2-dev")
Package("checkinstall")
Package("proj")
File("pg_hba.conf",
owner="postgres",
group="postgres",
mode=0600,
path=os.path.join(env.config.postgresql9.config_dir, "pg_hba.conf"),
content=Template("postgresql9/pg_hba.conf.j2"),
notifies=[("reload", env.resources["Service"]["postgresql"])])
File("postgresql.conf",
owner="postgres",
group="postgres",
mode=0600,
path=os.path.join(env.config.postgresql9.config_dir, "postgresql.conf"),
content=Template("postgresql9/postgresql.conf.j2"),
notifies=[("restart", env.resources["Service"]["postgresql"])])
File("30-postgresql-shm.conf",
owner="root",
from kokki import Package, File, Execute, Template
Package("unattended-upgrades")
Execute("update-package-index", command="apt-get -qq update", action="nothing")
File("/etc/apt/apt.conf",
owner="root",
group="root",
mode=0644,
content=Template("apt/apt.conf.j2"))
File("/etc/apt/sources.list",
owner="root",
group="root",
mode=0644,
content="%s\n" % "\n".join(env.config.apt.sources),
notifies=[("run", env.resources["Execute"]["update-package-index"])])
Service("sendmail",
supports_restart=True,
supports_reload=True,
supports_status=True,
action="nothing")
Package("sasl2-bin")
Package("sendmail")
Execute("sendmailconfig", command="sendmailconfig --no-reload", action="nothing")
Execute("newaliases", command="newaliases", action="nothing")
File("/etc/mail/sendmail.mc",
owner="root",
group="smmsp",
mode=0644,
content=Template("sendmail/sendmail.mc.j2"),
notifies=[("run", env.resources["Execute"]["sendmailconfig"], True),
("restart", env.resources["Service"]["sendmail"])])
File("/etc/mail/submit.mc",
owner="root",
group="smmsp",
mode=0644,
content=Template("sendmail/submit.mc.j2"),
notifies=[("run", env.resources["Execute"]["sendmailconfig"], True),
("restart", env.resources["Service"]["sendmail"])])
File("/etc/aliases",
owner="root",
import os
from kokki import Execute, File, Template
Execute("pip install newrelic=={0}".format(env.config.newrelic.version))
File("{0}".format(env.config.newrelic.ini_file),
content=Template("newrelic/newrelic.ini.j2"),
owner="deploy",
group="root",
mode=0644)
File("{0}".format(env.config.newrelic.log_file),
content="",
owner="deploy",
group="root",
mode=0644)
for server in compute.servers.list():
if "loadbalancer" in server.name:
ip_addresses["loadbalancer_internal_ip"] = server.addresses[
"private"][0]
if "appnode" in server.name:
ip_addresses["appnode_internal_ips"] = server.addresses[
"private"]
return ip_addresses
Execute(
"iptables-restore",
action="nothing",
command=(
"iptables --flush && /sbin/iptables-restore < /etc/iptables.up.rules"),
)
File("/etc/iptables.up.rules",
owner="root",
group="root",
mode=0644,
notifies=[("run", env.resources["Execute"]["iptables-restore"], True)],
content=Template("iptables/iptables.up.rules.j2",
variables=get_openstack_ips()))
File("/etc/network/if-pre-up.d/iptables",
owner="root",
group="root",
mode=0644,
content=Template("iptables/iptables.j2"))
from kokki import Package, Service, File, Template
Package("pdns-server")
Service("pdns")
File("/etc/powerdns/pdns.conf",
owner="root",
group="root",
mode=0644,
content=Template("powerdns/pdns.conf"),
notifies=[("reload", env.resources["Service"]["pdns"])])
for be in env.config.powerdns.backends:
Package("pdns-backend-%s" % be)