def setup_rabbitmq(user=None):
""" installs official rabbitmq package and sets up user
"""
deb.add_apt_key(
url='http://www.rabbitmq.com/rabbitmq-signing-key-public.asc')
require.deb.source('rabbitmq-server', 'http://www.rabbitmq.com/debian/',
'testing', 'main')
require.deb.uptodate_index(max_age={'hour': 1})
require.deb.packages([
'rabbitmq-server',
])
if user is None:
user = SITE_USER
envfile = join(home_directory(SITE_USER), 'site/bin/environment.sh')
secret = randomstring(64)
sudo('rabbitmqctl delete_user guest')
sudo('rabbitmqctl add_user %s "%s"' % (user, secret))
sudo('rabbitmqctl set_permissions -p / %s ".*" ".*" ".*"' % user)
amqp_url = 'amqp://%s:%s@localhost:5672//' % (SITE_USER, secret)
sed(envfile,
'DJANGO_BROKER_URL=".*"',
'DJANGO_BROKER_URL="%s"' % amqp_url,
use_sudo=True)
def install_nginx():
"""
Install NGINX and make it use certs.
"""
if system.distrib_id() == 'Debian':
require_file(url='http://nginx.org/packages/keys/nginx_signing.key')
deb.add_apt_key('nginx_signing.key')
su_delete('nginx_signing.key')
url = 'http://nginx.org/packages/debian/'
distrib = 'squeeze'
if system.distrib_release().startswith('7'):
distrib = 'wheezy'
require.deb.source('nginx', url, distrib, 'nginx')
require.deb.package('nginx')
contents = PROXIED_SITE_TEMPLATE % {
'server_name': 'cozy',
'port': 443,
'proxy_url': 'http://127.0.0.1:9104'
}
require.files.file('/etc/nginx/conf.d/cozy.conf', contents=contents,
use_sudo=True)
service.restart('nginx')
else:
require.deb.ppa("ppa:nginx/stable")
require.nginx.site("cozy",
template_contents=PROXIED_SITE_TEMPLATE,
enabled=True,
port=443,
proxy_url='http://127.0.0.1:9104'
)
print(green("Nginx successfully installed."))
def install_passenger():
""" Installs nginx with passenger support """
# add pgp key
print(green('Adding PGP key'))
deb.add_apt_key(keyid='561F9B9CAC40B2F7', keyserver='keyserver.ubuntu.com')
# add https support for apt
utils.deb.install('apt-transport-https')
# ubuntu 12.04 (precise)
cmd = ('echo "deb https://oss-binaries.phusionpassenger.com/apt/passenger '
'precise main" > /etc/apt/sources.list.d/passenger.list')
sudo(cmd)
cmd = 'sudo chmod 600 /etc/apt/sources.list.d/passenger.list'
sudo(cmd)
# update apt index
deb.update_index(quiet=False)
print(green('Installing nginx and passenger'))
utils.deb.install('nginx-full')
utils.deb.install('passenger')
print(green('Activating passenger'))
uncomment('/etc/nginx/nginx.conf', 'passenger_root', use_sudo=True)
uncomment('/etc/nginx/nginx.conf', 'passenger_ruby', use_sudo=True)
def test_add_apt_key_with_key_id_from_specific_key_server():
from fabtools.deb import add_apt_key
try:
add_apt_key(keyid='7BD9BF62', keyserver='keyserver.ubuntu.com')
run_as_root('apt-key finger | grep -q 7BD9BF62')
finally:
run_as_root('apt-key del 7BD9BF62', quiet=True)
def key(keyid,
filename=None,
url=None,
keyserver='subkeys.pgp.net',
update=False):
"""
Require a PGP key for APT.
::
from fabtools import require
# Varnish signing key from URL
require.deb.key('C4DEFFEB', url='http://repo.varnish-cache.org/debian/GPG-key.txt')
# Nginx signing key from default key server (subkeys.pgp.net)
require.deb.key('7BD9BF62')
# From custom key server
require.deb.key('7BD9BF62', keyserver='keyserver.ubuntu.com')
# From file
require.deb.key('7BD9BF62', filename='nginx.asc')
"""
if not apt_key_exists(keyid):
add_apt_key(keyid=keyid,
filename=filename,
url=url,
keyserver=keyserver,
update=update)
def install():
# add pgp key
print(green('Adding PGP key'))
deb.add_apt_key(keyid='58118E89F3A912897C070ADBF76221572C52609D',
keyserver='p80.pool.sks-keyservers.net')
# add https support for apt
utils.deb.install('apt-transport-https')
# obtain the LSB version name
id_, release, codename = run('lsb_release --id --release --codename --short').split("\r\n")
# add docker apt sources list
source = "deb https://apt.dockerproject.org/repo {}-{} main".format(id_.lower(), codename)
append('/etc/apt/sources.list.d/docker.list', source, use_sudo=True)
# update apt index
deb.update_index(quiet=False)
# install docker.io
utils.deb.install('docker-engine')
# install docker compose
cmd = 'pip install -U docker-compose'
sudo(cmd)
# add current user to docker group
current_user = env.user
cmd = "gpasswd -a {} docker".format(current_user)
sudo(cmd)
print(green("User {} added to docker group.".format(current_user)))
print(red("Remember to log out and back in to use it."))
def test_add_apt_key_without_key_id_from_url():
from fabtools.deb import add_apt_key
try:
add_apt_key(url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
finally:
run_as_root('apt-key del C4DEFFEB', quiet=True)
def test_add_apt_key_with_key_id_from_specific_key_server():
from fabtools.deb import add_apt_key
try:
add_apt_key(keyid='7BD9BF62', keyserver='keyserver.ubuntu.com')
run_as_root('apt-key finger | grep -q 7BD9BF62')
finally:
run_as_root('apt-key del 7BD9BF62', quiet=True)
def key(keyid, filename=None, url=None, keyserver='subkeys.pgp.net',
update=False):
"""
Require a PGP key for APT.
::
from fabtools import require
# Varnish signing key from URL
require.deb.key('C4DEFFEB', url='http://repo.varnish-cache.org/debian/GPG-key.txt')
# Nginx signing key from default key server (subkeys.pgp.net)
require.deb.key('7BD9BF62')
# From custom key server
require.deb.key('7BD9BF62', keyserver='keyserver.ubuntu.com')
# From file
require.deb.key('7BD9BF62', filename='nginx.asc')
"""
if not apt_key_exists(keyid):
add_apt_key(keyid=keyid, filename=filename, url=url,
keyserver=keyserver, update=update)
def test_add_apt_key_without_key_id_from_file():
from fabtools.deb import add_apt_key
reset()
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key'
)
add_apt_key(filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
def install():
# add pgp key
print(green('Adding PGP key'))
deb.add_apt_key(keyid='58118E89F3A912897C070ADBF76221572C52609D',
keyserver='p80.pool.sks-keyservers.net')
# add https support for apt
utils.deb.install('apt-transport-https')
# obtain the LSB version name
id_, release, codename = run(
'lsb_release --id --release --codename --short').split("\r\n")
# add docker apt sources list
source = "deb https://apt.dockerproject.org/repo {}-{} main".format(
id_.lower(), codename)
append('/etc/apt/sources.list.d/docker.list', source, use_sudo=True)
# update apt index
deb.update_index(quiet=False)
# install docker.io
utils.deb.install('docker-engine')
# install docker compose
cmd = 'pip install -U docker-compose'
sudo(cmd)
# add current user to docker group
current_user = env.user
cmd = "gpasswd -a {} docker".format(current_user)
sudo(cmd)
print(green("User {} added to docker group.".format(current_user)))
print(red("Remember to log out and back in to use it."))
def test_add_apt_key_without_key_id_from_url():
from fabtools.deb import add_apt_key
try:
add_apt_key(url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
finally:
run_as_root('apt-key del C4DEFFEB', quiet=True)
def test_add_apt_key_without_key_id_from_file():
from fabtools.deb import add_apt_key
try:
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key')
add_apt_key(filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
finally:
run_as_root('apt-key del C4DEFFEB', quiet=True)
def test_add_apt_key_with_key_id_from_file():
from fabtools.deb import add_apt_key
try:
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key'
)
add_apt_key(keyid='C4DEFFEB', filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
finally:
run_as_root('apt-key del C4DEFFEB', quiet=True)
def setup_elasticsearch():
deb.add_apt_key(
url='http://packages.elasticsearch.org/GPG-KEY-elasticsearch')
require.deb.source(
'elasticsearch',
'http://packages.elasticsearch.org/elasticsearch/1.1/debian', 'stable',
'main')
require.deb.uptodate_index(max_age={'hour': 1})
require.deb.packages([
'elasticsearch',
])
sudo('update-rc.d elasticsearch defaults 95 10')
def install_nginx():
'''
Install NGINX and make it use certs.
'''
if system.distrib_id() == 'Debian':
if not is_arm():
key_url = 'http://nginx.org/packages/keys/nginx_signing.key'
require.file(url=key_url)
deb.add_apt_key('nginx_signing.key')
su_delete('nginx_signing.key')
url = 'http://nginx.org/packages/debian/'
distrib = 'squeeze'
if system.distrib_release().startswith('7'):
distrib = 'wheezy'
elif system.distrib_release().startswith('8'):
distrib = 'jessie'
require.deb.source('nginx', url, distrib, 'nginx')
require.deb.package('nginx')
contents = PROXIED_SITE_TEMPLATE % {
'server_name': 'cozy',
'port': 443,
'proxy_url': 'http://127.0.0.1:9104'
}
require.files.file(
'/etc/nginx/conf.d/cozy.conf',
contents=contents,
use_sudo=True)
else:
require.deb.ppa('ppa:nginx/stable')
require.nginx.site(
'cozy',
template_contents=PROXIED_SITE_TEMPLATE,
enabled=True,
port=443,
proxy_url='http://127.0.0.1:9104'
)
delete_if_exists('/etc/nginx/conf.d/default.conf')
delete_if_exists('/etc/nginx/conf.d/example_ssl.conf')
delete_if_exists('/etc/nginx/sites-enabled/default')
service.restart('nginx')
print(green('Nginx successfully installed.'))
def setup_rabbitmq(user=None):
""" installs official rabbitmq package and sets up user
"""
deb.add_apt_key(url='http://www.rabbitmq.com/rabbitmq-signing-key-public.asc')
require.deb.source('rabbitmq-server', 'http://www.rabbitmq.com/debian/', 'testing', 'main')
require.deb.uptodate_index(max_age={'hour': 1})
require.deb.packages(['rabbitmq-server',])
if user is None:
user = SITE_USER
envfile = join(home_directory(SITE_USER), 'site/bin/environment.sh')
secret = randomstring(64)
sudo('rabbitmqctl delete_user guest')
sudo('rabbitmqctl add_user %s "%s"' % (user, secret))
sudo('rabbitmqctl set_permissions -p / %s ".*" ".*" ".*"' % user)
amqp_url = 'amqp://%s:%s@localhost:5672//' % (SITE_USER, secret)
sed(envfile, 'DJANGO_BROKER_URL=".*"', 'DJANGO_BROKER_URL="%s"' % amqp_url, use_sudo=True)
def install_nginx():
'''
Install NGINX and make it use certs.
'''
if system.distrib_id() == 'Debian':
if not is_arm():
key_url = 'http://nginx.org/packages/keys/nginx_signing.key'
require.file(url=key_url)
deb.add_apt_key('nginx_signing.key')
su_delete('nginx_signing.key')
url = 'http://nginx.org/packages/debian/'
distrib = 'squeeze'
if system.distrib_release().startswith('7'):
distrib = 'wheezy'
require.deb.source('nginx', url, distrib, 'nginx')
require.deb.package('nginx')
contents = PROXIED_SITE_TEMPLATE % {
'server_name': 'cozy',
'port': 443,
'proxy_url': 'http://127.0.0.1:9104'
}
require.files.file(
'/etc/nginx/conf.d/cozy.conf',
contents=contents,
use_sudo=True)
else:
require.deb.ppa('ppa:nginx/stable')
require.nginx.site(
'cozy',
template_contents=PROXIED_SITE_TEMPLATE,
enabled=True,
port=443,
proxy_url='http://127.0.0.1:9104'
)
delete_if_exists('/etc/nginx/conf.d/default.conf')
delete_if_exists('/etc/nginx/conf.d/example_ssl.conf')
delete_if_exists('/etc/nginx/sites-enabled/default')
service.restart('nginx')
print(green('Nginx successfully installed.'))
def install_passenger():
""" Installs nginx with passenger support """
# add pgp key
print(green('Adding PGP key'))
deb.add_apt_key(keyid='561F9B9CAC40B2F7', keyserver='keyserver.ubuntu.com')
# add https support for apt
utils.deb.install('apt-transport-https')
# We obtain the Ubuntu version name
print 'You need to specify the Ubuntu version'
p_t = 'Do you wish to see the version names?'
p_r = prompt(p_t, default='yes')
if (p_r == 'yes'):
print('12.04 -> ' + green('Precise', True) + ' Pangolin')
print('12.10 -> ' + green('Quantal', True) + ' Quetzal')
print('13.04 -> ' + green('Raring', True) + ' Ringtail')
print('13.10 -> ' + green('Saucy', True) + ' Salamander')
print('14.04 -> ' + green('Trusty', True) + ' Thar')
p_t = 'What version are you deploying to? (only first name needed)'
version = prompt(p_t, default='Trusty')
version = version.lower()
# ubuntu 12.04 (precise)
cmd = (
'echo "deb https://oss-binaries.phusionpassenger.com/apt/passenger ' +
version + ' main" > /etc/apt/sources.list.d/passenger.list')
sudo(cmd)
cmd = 'sudo chmod 644 /etc/apt/sources.list.d/passenger.list'
sudo(cmd)
# update apt index
deb.update_index(quiet=False)
print(green('Installing nginx and passenger'))
utils.deb.install('nginx-full')
utils.deb.install('passenger')
print(green('Activating passenger'))
uncomment('/etc/nginx/nginx.conf', 'passenger_root', use_sudo=True)
uncomment('/etc/nginx/nginx.conf', 'passenger_ruby', use_sudo=True)
def install_passenger():
""" Installs nginx with passenger support """
# add pgp key
print(green('Adding PGP key'))
deb.add_apt_key(keyid='561F9B9CAC40B2F7', keyserver='keyserver.ubuntu.com')
# add https support for apt
utils.deb.install('apt-transport-https')
# We obtain the Ubuntu version name
print 'You need to specify the Ubuntu version'
p_t = 'Do you wish to see the version names?'
p_r = prompt(p_t, default='yes')
if (p_r == 'yes'):
print('12.04 -> ' + green('Precise', True) + ' Pangolin')
print('12.10 -> ' + green('Quantal', True) + ' Quetzal')
print('13.04 -> ' + green('Raring', True) + ' Ringtail')
print('13.10 -> ' + green('Saucy', True) + ' Salamander')
print('14.04 -> ' + green('Trusty', True) + ' Thar')
p_t = 'What version are you deploying to? (only first name needed)'
version = prompt(p_t, default='Trusty')
version = version.lower()
# ubuntu 12.04 (precise)
cmd = ('echo "deb https://oss-binaries.phusionpassenger.com/apt/passenger '
+ version + ' main" > /etc/apt/sources.list.d/passenger.list')
sudo(cmd)
cmd = 'sudo chmod 644 /etc/apt/sources.list.d/passenger.list'
sudo(cmd)
# update apt index
deb.update_index(quiet=False)
print(green('Installing nginx and passenger'))
utils.deb.install('nginx-full')
utils.deb.install('passenger')
print(green('Activating passenger'))
uncomment('/etc/nginx/nginx.conf', 'passenger_root', use_sudo=True)
uncomment('/etc/nginx/nginx.conf', 'passenger_ruby', use_sudo=True)
def test_add_apt_key_with_key_id_from_specific_key_server():
from fabtools.deb import add_apt_key
reset()
add_apt_key(keyid='7BD9BF62', keyserver='keyserver.ubuntu.com')
run_as_root('apt-key finger | grep -q 7BD9BF62')
def setup_elasticsearch():
deb.add_apt_key(url='http://packages.elasticsearch.org/GPG-KEY-elasticsearch')
require.deb.source('elasticsearch', 'http://packages.elasticsearch.org/elasticsearch/1.1/debian', 'stable', 'main')
require.deb.uptodate_index(max_age={'hour': 1})
require.deb.packages(['elasticsearch',])
sudo('update-rc.d elasticsearch defaults 95 10')
def test_add_apt_key_with_key_id_from_file():
from fabtools.deb import add_apt_key
reset()
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key')
add_apt_key(keyid='C4DEFFEB', filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
def test_add_apt_key_without_key_id_from_url():
from fabtools.deb import add_apt_key
reset()
add_apt_key(url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
def test_add_apt_key_without_key_id_from_default_key_server():
from fabtools.deb import add_apt_key
reset()
add_apt_key(keyid='7BD9BF62')
run_as_root('apt-key finger | grep -q 7BD9BF62')
def test_add_apt_key_without_key_id_from_url():
from fabtools.deb import add_apt_key
reset()
add_apt_key(url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
def test_add_apt_key_with_key_id_from_specific_key_server():
from fabtools.deb import add_apt_key
reset()
add_apt_key(keyid='7BD9BF62', keyserver='keyserver.ubuntu.com')
run_as_root('apt-key finger | grep -q 7BD9BF62')
def add_apt_sources():
deb.add_apt_key(url='http://www.rabbitmq.com/rabbitmq-signing-key-public.asc')
require.deb.source('rabbitmq-server', 'http://www.rabbitmq.com/debian/', 'testing', 'main')
require.deb.uptodate_index(max_age={'hour': 1})
def deb():
"""
Check deb functions.
"""
from fabtools import require
from fabtools import deb
from fabtools.utils import run_as_root
# deb.add_apt_key with keyid
reset()
deb.add_apt_key(keyid='C4DEFFEB', url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
reset()
deb.add_apt_key(keyid='7BD9BF62')
deb.add_apt_key(keyid='7BD9BF62') # Intentionally repeated
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
deb.add_apt_key(keyid='7BD9BF62', keyserver='keyserver.ubuntu.com')
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key')
deb.add_apt_key(keyid='C4DEFFEB', filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
# deb.add_apt_key without keyid
reset()
deb.add_apt_key(url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
reset()
deb.add_apt_key(keyid='7BD9BF62')
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key')
deb.add_apt_key(filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
# require.deb.key
reset()
require.deb.key(keyid='C4DEFFEB', url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
reset()
require.deb.key(keyid='7BD9BF62')
require.deb.key(keyid='7BD9BF62') # Intentionally repeated
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
require.deb.key(keyid='7BD9BF62', keyserver='keyserver.ubuntu.com')
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key')
require.deb.key(keyid='C4DEFFEB', filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
def add_apt_sources():
deb.add_apt_key(
url='http://www.rabbitmq.com/rabbitmq-signing-key-public.asc')
require.deb.source('rabbitmq-server', 'http://www.rabbitmq.com/debian/',
'testing', 'main')
require.deb.uptodate_index(max_age={'hour': 1})
def deb():
"""
Check deb functions.
"""
from fabtools import require
from fabtools import deb
from fabtools.utils import run_as_root
# deb.add_apt_key with keyid
reset()
deb.add_apt_key(keyid='C4DEFFEB',
url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
reset()
deb.add_apt_key(keyid='7BD9BF62')
deb.add_apt_key(keyid='7BD9BF62') # Intentionally repeated
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
deb.add_apt_key(keyid='7BD9BF62', keyserver='keyserver.ubuntu.com')
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key'
)
deb.add_apt_key(keyid='C4DEFFEB', filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
# deb.add_apt_key without keyid
reset()
deb.add_apt_key(url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
reset()
deb.add_apt_key(keyid='7BD9BF62')
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key'
)
deb.add_apt_key(filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
# require.deb.key
reset()
require.deb.key(keyid='C4DEFFEB',
url='http://repo.varnish-cache.org/debian/GPG-key.txt')
run_as_root('apt-key finger | grep -q C4DEFFEB')
reset()
require.deb.key(keyid='7BD9BF62')
require.deb.key(keyid='7BD9BF62') # Intentionally repeated
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
require.deb.key(keyid='7BD9BF62', keyserver='keyserver.ubuntu.com')
run_as_root('apt-key finger | grep -q 7BD9BF62')
reset()
run('wget http://repo.varnish-cache.org/debian/GPG-key.txt -O /tmp/tmp.fabtools.test.key'
)
require.deb.key(keyid='C4DEFFEB', filename='/tmp/tmp.fabtools.test.key')
run_as_root('apt-key finger | grep -q C4DEFFEB')
