def config_monit(config_dir): config_instance = Config(config_dir) monit_template_dir = config_instance.config_path('monit') remote_conf_path = config_instance.remote_path('conf') run('mkdir -p {}'.format(remote_conf_path)) upload_template('monitrc', remote_conf_path, template_dir=monit_template_dir, context=config_instance.context, use_sudo=True, use_jinja=True) sudo('chown root:root %s' % config_instance.remote_path('conf/', 'monitrc')) sudo('chmod 700 %s' % config_instance.remote_path('conf/', 'monitrc')) if config_instance.MONIT_SLACK_NOTIFICATIONS: upload_template('notify_and_execute.py', remote_conf_path, template_dir=monit_template_dir, context=config_instance.context, use_sudo=True, use_jinja=True) with cd(remote_conf_path): sudo('chmod +x notify_and_execute.py') sudo('monit -c %s reload' % config_instance.remote_path('conf/', 'monitrc'))
def config_celery(config_dir): config_instance = Config(config_dir) celery_configs = config_instance.config_path('celery', 'systemd') remote_conf_path = '/etc/systemd/system/' upload_template('celeryd', os.path.join( remote_conf_path, '{}.service'.format(config_instance.celeryd_name)), template_dir=celery_configs, context=config_instance.context, use_sudo=True, use_jinja=True) sudo('systemctl reenable {}.service'.format(config_instance.celeryd_name)) upload_template('celerybeat', os.path.join( remote_conf_path, '{}.service'.format(config_instance.celerybeat_name)), template_dir=celery_configs, context=config_instance.context, use_sudo=True, use_jinja=True) sudo('systemctl reenable {}.service'.format( config_instance.celerybeat_name))
def config_newrelic_monitor(config_dir): config_instance = Config(config_dir) upload_template('newrelic.ini', config_instance.NEWRELIC_INI, template_dir=config_instance.config_path('new_relic'), context=config_instance.context, use_jinja=True)
def config_letsencrypt(config_dir): config_instance = Config(config_dir) nginx_configs = config_instance.config_path('nginx') remote_conf_path = config_instance.remote_path('conf') letsencrypt_dir = getattr(config_instance, 'LETSENCRYPT_DIR') if not letsencrypt_dir: letsencrypt_dir = config_instance.LETSENCRYPT_DIR = '/opt/letsencrypt/' upload_template('letsencrypt/letsencrypt_config.ini', remote_conf_path, template_dir=nginx_configs, context=config_instance.context, use_sudo=True, mode=0o750, use_jinja=True) sudo('mkdir -p %s' % letsencrypt_dir) with cd(letsencrypt_dir): sudo('wget https://dl.eff.org/certbot-auto') sudo('chmod a+x certbot-auto') config_nginx(config_dir, conf_template='letsencrypt/nginx_getting_cert.conf') sudo('service nginx restart') with cd(letsencrypt_dir): sudo( './certbot-auto certonly --non-interactive --agree-tos --expand --config %s' % config_instance.remote_path('conf', 'letsencrypt_config.ini')) sudo('chmod -R 755 /etc/letsencrypt/archive /etc/letsencrypt/live') # TODO Check this on a server this domain name. remote_conf_path = '/etc/systemd/system/' upload_template('letsencrypt/systemd/service', os.path.join(remote_conf_path, 'letsencrypt-updater.service'), template_dir=nginx_configs, context=config_instance.context, use_sudo=True, use_jinja=True) upload_template('letsencrypt/systemd/timer', os.path.join(remote_conf_path, 'letsencrypt-updater.timer'), template_dir=nginx_configs, context=config_instance.context, use_sudo=True, use_jinja=True) sudo('systemctl reenable letsencrypt-updater.timer') config_nginx(config_dir) sudo('service nginx restart')
def config_nginx(config_dir, conf_template='nginx.conf'): config_instance = Config(config_dir) nginx_configs = config_instance.config_path('nginx') remote_sa_path = '/etc/nginx/sites-available/%s' % config_instance.project_name upload_template(conf_template, remote_sa_path, template_dir=nginx_configs, context=config_instance.context, use_sudo=True, use_jinja=True) sudo('ln -sf %s /etc/nginx/sites-enabled' % remote_sa_path)
def config_target(config_dir): config_instance = Config(config_dir) remote_conf_path = '/etc/systemd/system/' upload_template('target', os.path.join( remote_conf_path, '{}.target'.format(config_instance.project_name)), template_dir=config_instance.config_path(), context=config_instance.context, use_sudo=True, use_jinja=True) sudo('systemctl reenable {}.target'.format(config_instance.project_name))
def config_gunicorn(config_dir): config_instance = Config(config_dir) gunicorn_configs = config_instance.config_path('gunicorn', 'systemd') remote_conf_path = '/etc/systemd/system/' upload_template('service', os.path.join( remote_conf_path, '{}.service'.format(config_instance.gunicorn_name)), template_dir=gunicorn_configs, context=config_instance.context, use_sudo=True, use_jinja=True) sudo('systemctl reenable {}.service'.format(config_instance.gunicorn_name))
def setup_newrelic_server_monitor(config_dir): config_instance = Config(config_dir) apt_sources_file = '/etc/apt/sources.list.d/newrelic.list' apt_repository = 'deb http://apt.newrelic.com/debian/ newrelic non-free' newrelic_gpg_key = 'https://download.newrelic.com/548C16BF.gpg' server_monitor_package = 'newrelic-sysmond' if exists(apt_sources_file): # Check if repository already in file. Otherwise, add to the end. sudo("grep -q '{0}' {1} || sudo echo '{0}' >> {1}".format( apt_repository, apt_sources_file)) else: sudo("echo '{0}' >> {1}".format(apt_repository, apt_sources_file)) # Trust the New Relic GPG key sudo("wget -O- {0} | apt-key add -".format(newrelic_gpg_key)) # Install the Server Monitor package sudo('apt-get update', warn_only=True, quiet=True) sudo('apt-get -y --no-upgrade install {}'.format(server_monitor_package)) # Add license key to config file newrelic_sysmon_config_path = '/etc/newrelic/nrsysmond.cfg' if not exists(newrelic_sysmon_config_path, use_sudo=True): # Upload config file with New Relic account license key (set in settings.base) upload_template('newrelic_system_monitor.cfg', newrelic_sysmon_config_path, template_dir=config_instance.config_path('new_relic'), context=config_instance.context, use_sudo=True, use_jinja=True) else: print( 'New Relic System Monitor configuration file is already exist. ' 'Make sure it contains the right new relic license key for Razortheory account.' ) # Start the daemon sudo('/etc/init.d/newrelic-sysmond start')
def install_rabbitmq(config_dir): config_instance = Config(config_dir) sudo('echo "deb http://www.rabbitmq.com/debian/ testing main" |' ' tee /etc/apt/sources.list.d/rabbitmq.list > /dev/null') with cd('/tmp'): run('wget -O rabbitmq-release-signing-key.asc' ' http://www.rabbitmq.com/rabbitmq-release-signing-key.asc') sudo('apt-key add rabbitmq-release-signing-key.asc') sudo('apt-get update') sudo('apt-get -y install rabbitmq-server') sudo('service rabbitmq-server start') systemd_override_dir = '/etc/systemd/system/rabbitmq-server.service.d' sudo('mkdir -p {}'.format(systemd_override_dir)) systemd_override = os.path.join(systemd_override_dir, 'override.conf') upload_template('override', systemd_override, template_dir=config_instance.config_path('rabbitmq'), context=config_instance.context, use_sudo=True, use_jinja=True) sudo('systemctl daemon-reload')