def sys_firewall_secure_server(): """ Secure the server right away - Ex: (cmd)""" sudo('ufw logging on') sudo('ufw default deny incoming; ufw default allow outgoing') sudo('ufw allow ssh') sudo('ufw disable; echo "y" | ufw enable; sudo ufw status verbose') sys_etc_git_commit('Server is secured down')
def web_nginx_setup_domain(domain, proto='http', interface='*', upstream_address='', upstream_port=''): """ Setup Nginx config file for a domain - Ex: (cmd:<domain>,[protocol],[port])""" if 'https' in proto or 'ssl' in proto: proto = 'https' ssl_crt = '/etc/ssl/nginx/crt/{}.combo.crt'.format(domain) ssl_key = '/etc/ssl/nginx/key/{}.key'.format(domain) if not files.exists(ssl_crt, use_sudo=True) or not files.exists(ssl_key, use_sudo=True): warn('ssl certificate and key not found.\n{}\n{}'.format(ssl_crt, ssl_key)) cfgdir = os.path.join(os.path.dirname( __file__), '../cfg') nginx_avail_dir = '/etc/nginx/sites-available' nginx_enabled_dir = '/etc/nginx/sites-enabled' localcfg = os.path.expanduser(os.path.join(cfgdir, 'nginx/{}.conf'.format(proto))) remotecfg = '{}/{}.{}'.format(nginx_avail_dir, proto, domain) sudo('rm -rf ' + remotecfg) put(localcfg, remotecfg, use_sudo=True) if upstream_address and upstream_port: sudo('sed -i "s/upstream_address/{}/g" {}'.format(upstream_address, remotecfg)) sudo('sed -i "s/upstream_port/{}/g" {}'.format(upstream_port, remotecfg)) sudo('sed -i "s/public_interface/{}/g" {}'.format(interface, remotecfg)) sudo('sed -i "s/example\.com/{}/g" {}'.format(domain.replace('.', '\.'), remotecfg)) sudo('chown -R root:root {}'.format(nginx_avail_dir)) sudo('chmod -R 755 {}'.format(nginx_avail_dir)) with cd(nginx_enabled_dir): sudo('ln -sf {}'.format(remotecfg)) time.sleep(2) sys_reload_service('nginx') sys_etc_git_commit('Setup Nginx Config for Domain {}'.format(domain))
def sys_git_configure(user, name, email): """ Configure git for a given user - Ex: (cmd:<user>,<name>,<email>)""" sudo("apt-get install -y git-core") with settings(warn_only=True): sudo('sudo -u {0} git config --global user.name "{1}"'.format(user, name)) sudo('sudo -u {0} git config --global user.email "{1}"'.format(user, email)) sys_etc_git_commit("Configured git for user: {0}".format(user))
def sys_ssh_disable_password_authentication(): """ Diable password authentication - Ex: (cmd)""" sshd_config = '/etc/ssh/sshd_config' files.sed(sshd_config, before='\s*#\s*\sPasswordAuthentication\s*(yes|no)', after='PasswordAuthentication no',use_sudo=True) files.sed(sshd_config, before='\s*PasswordAuthentication\s*yes', after='PasswordAuthentication no',use_sudo=True) sudo('service ssh reload') sys_etc_git_commit('Disable password authentication')
def db_psql_remove_cluster(version, cluster): """ Remove a clauster if exists - Ex: (cmd:<pgversion><cluster>)""" with settings(warn_only=True): sudo('pg_dropcluster --stop {} {}'.format(version, cluster)) sys_etc_git_commit('Removed postgres cluster ({} {})'.format(version, cluster))
def sys_firewall_secure_server(): """ Secure the server right away - Ex: (cmd)""" sudo("ufw logging on") sudo("ufw default deny incoming; ufw default allow outgoing") sudo("ufw allow ssh") sudo('ufw disable; echo "y" | ufw enable; sudo ufw status verbose') sys_etc_git_commit("Server is secured down")
def web_nginx_setup_domain(domain, proto='http', port=''): """ Setup Nginx config file for a domain - Ex: (cmd:<domain>,[protocol],[port])""" if 'https' in proto or 'ssl' in proto: proto = 'https' ssl_crt = '/etc/ssl/certs/{0}.crt'.format(domain) ssl_key = '/etc/ssl/private/{0}.key'.format(domain) if not files.exists(ssl_crt, use_sudo=True) or not files.exists( ssl_key, use_sudo=True): abort('ssl certificate and key not found.\n{0}\n{1}'.format( ssl_crt, ssl_key)) cfgdir = os.path.join(os.path.dirname(__file__), '../cfg') localcfg = os.path.expanduser( os.path.join(cfgdir, 'nginx/{0}.conf'.format(proto))) remotecfg = '/etc/nginx/conf.d/{0}.{1}.conf'.format(proto, domain) sudo('rm -rf ' + remotecfg) put(localcfg, remotecfg, use_sudo=True) if not port: port = sys_show_next_available_port() sudo('sed -i "s/port_num/{0}/g" {1}'.format(port, remotecfg)) sudo('sed -i "s/example\.com/{0}/g" {1}'.format(domain.replace('.', '\.'), remotecfg)) sudo('chown -R root:root /etc/nginx/conf.d') sudo('chmod -R 731 /etc/nginx/conf.d') sudo('service nginx reload') sys_etc_git_commit('Setup Nginx Config for Domain {0}'.format(domain))
def web_apache2_server_signature(sig=False): """ Set Apache Server Signature ON/OF - Ex: (cmd:[True|False])""" conf_file = '/etc/apache2/conf.d/security' sudo('sed -i /\s*\ServerSignature\s*.*/d {0}'.format(conf_file)) signature = 'ServerSignature {0}'.format('On' if sig else 'Off') sudo('sed -i \'1i{0}\' {1}'.format(signature, conf_file)) sys_etc_git_commit('Set Apache Signature to {0})'.format(signature))
def db_psql_remove_cluster(version, cluster): """ Remove a clauster if exists - Ex: (cmd:<pgversion><cluster>)""" with settings(warn_only=True): sudo('pg_dropcluster --stop {0} {1}'.format(version, cluster)) sys_etc_git_commit('Removed postgres cluster ({0} {1})'.format(version, cluster))
def sys_user_set_group_umask(username, umask='0002'): """ Set user umask - Ex: (cmd:<username>[umask])""" bashrc = '/home/{0}/.bashrc'.format(username) sudo('sed -i /\s*\umask\s*.*/d {0}'.format(bashrc)) sudo('sed -i \'1iumask {0}\' {1}'.format(str(umask), bashrc)) sys_etc_git_commit('Added umask ({0}) to user ({1})'.format( umask, username))
def sys_python_install_common(py_version='3.5'): """ Install common python application - Ex: (cmd) """ major = py_version.split('.')[0] if major == '2': major = '' requirements = '%s' % ' '.join([ 'python{}-dev'.format(major), 'python{}-setuptools'.format(major), 'python{}-psycopg2'.format(major), # 'python{}-imaging'.format(major), 'python{}-pip'.format(major), 'python{}-pil'.format(major), # 'virtualenvwrapper', 'python-dev', 'python-virtualenv', 'libfreetype6-dev', 'libjpeg62-dev', 'libpng12-dev', 'zlib1g-dev', 'liblcms2-dev', 'libwebp-dev', 'tcl8.5-dev', 'tk8.5-dev', 'gettext', ]) sudo('apt -y install {}'.format(requirements)) if major == '2': sudo('pip install pillow') else: sudo('pip3 install pillow') sys_etc_git_commit('Installed common python packages')
def db_pgis_install(psql_version=''): """ Install postgis of a given postgres version - Ex: (cmd:[pgversion])""" if not psql_version: psql_version = db_psql_default_installed_version() # requirements requirements = '%s' % ' '.join([ 'postgresql-{0}-postgis'.format(psql_version), 'postgis', 'proj', 'gdal-bin', 'binutils', 'libgeos-c1', 'libgeos-3.2.2', 'libgeos-dev', 'libgdal1-dev', 'libgeoip-dev', 'libpq-dev', 'libxml2', 'libxml2-dev' ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) sudo('service postgresql start') sys_etc_git_commit('Installed postgis for pqsl ({0})'.format(psql_version))
def sys_add_hosts(host, ip): """ Add ip:host to /etc/hosts - Ex: (cmd:<host>,<ip>)""" host_file = '/etc/hosts' sudo('sed -i /\s*\{0}\s*.*/d {1}'.format(host, host_file)) sudo('sed -i \'1i{0}\t{1}\' {2}'.format(ip, host, host_file)) sys_etc_git_commit('Added host:{0}, ip:{1} to: {2}'.format( host, ip, host_file))
def db_pgis_configure(pg_version='', pgis_version=''): """ Configure postgis template - Ex: (cmd:[pgversion],[gisversion]) """ if not pg_version: pg_version = db_psql_default_installed_version() if not pgis_version: pgis_version = db_pgis_get_latest_version(pg_version) sudo('sudo -u postgres psql -d postgres -c \"UPDATE pg_database SET datistemplate=\'false\' WHERE datname=\'template_postgis\';\"') with settings(warn_only=True): sudo('sudo -u postgres psql -d postgres -c \"DROP database template_postgis;\"') sudo('sudo -u postgres createdb -E UTF8 template_postgis') with settings(warn_only=True): sudo('sudo -u postgres createlang -d template_postgis plpgsql') sudo('sudo -u postgres psql -d postgres -c \"UPDATE pg_database SET datistemplate=\'true\' WHERE datname=\'template_postgis\';\"') postgis_path = '/usr/share/postgresql/{0}/contrib/postgis-{1}'.format(pg_version, pgis_version) sudo('sudo -u postgres psql -d template_postgis -f {0}/postgis.sql'.format(postgis_path)) sudo('sudo -u postgres psql -d template_postgis -f {0}/spatial_ref_sys.sql'.format(postgis_path)) sudo('sudo -u postgres psql -d template_postgis -c \"GRANT ALL ON geometry_columns TO PUBLIC;\"') sudo('sudo -u postgres psql -d template_postgis -c \"GRANT ALL ON spatial_ref_sys TO PUBLIC;\"') sudo('sudo -u postgres psql -d template_postgis -c \"GRANT ALL ON geography_columns TO PUBLIC;\"') sys_etc_git_commit('Configured postgis ({0}) for pqsl ({1})'.format(pg_version, pgis_version))
def sys_ssh_enable_password_authentication(): """ Enable password authentication - Ex: (cmd)""" sshd_config = '/etc/ssh/sshd_config' files.sed(sshd_config, before='\s*#\s*PasswordAuthentication\s*(yes|no)', after='PasswordAuthentication yes',use_sudo=True) files.sed(sshd_config, before='\s*PasswordAuthentication\s*no', after='PasswordAuthentication yes',use_sudo=True) sys_etc_git_commit('Enable password authentication') sys_reload_service('ssh');
def sys_ssh_set_port(port=22): """ Set ssh port - Ex: (cmd:[port])""" sshd_config = '/etc/ssh/sshd_config' files.sed(sshd_config, before='\s*#\s*Port\s*[0-9]*', after='Port {0}'.format(port), use_sudo=True) files.sed(sshd_config, before='\s*Port\s*[0-9]*', after='Port {0}'.format(port), use_sudo=True) sudo('service ssh reload') sys_etc_git_commit('Configured ssh (Port={0})'.format(port))
def db_pgis_configure(pg_version='', pgis_version='', legacy=False): """ Configure postgis template - Ex: (cmd:[pgversion],[gisversion]) """ if not pg_version: pg_version = db_psql_default_installed_version() if not pgis_version: pgis_version = db_pgis_get_latest_version(pg_version) # Allows non-superusers the ability to create from this template sudo('sudo -u postgres psql -d postgres -c \"UPDATE pg_database SET datistemplate=\'false\' WHERE datname=\'template_postgis\';\"') with settings(warn_only=True): sudo('sudo -u postgres psql -d postgres -c \"DROP database template_postgis;\"') sudo('sudo -u postgres createdb -E UTF8 template_postgis') with settings(warn_only=True): sudo('sudo -u postgres psql -d template_postgis -c \"CREATE EXTENSION postgis;\"') sudo('sudo -u postgres psql -d template_postgis -c \"CREATE EXTENSION postgis_topology;\"') if legacy: postgis_path = '/usr/share/postgresql/{}/contrib/postgis-{}'.format(pg_version, pgis_version) sudo('sudo -u postgres psql -d template_postgis -f {}/legacy.sql'.format(postgis_path)) # Enabling users to alter spatial tables. sudo('sudo -u postgres psql -d template_postgis -c \"GRANT ALL ON geometry_columns TO PUBLIC;\"') sudo('sudo -u postgres psql -d template_postgis -c \"GRANT ALL ON spatial_ref_sys TO PUBLIC;\"') sudo('sudo -u postgres psql -d template_postgis -c \"GRANT ALL ON geography_columns TO PUBLIC;\"') sys_etc_git_commit('Configured postgis ({}) for pqsl ({})'.format(pg_version, pgis_version))
def sys_ssh_enable_root_login(): """ Enable root login - Ex: (cmd)""" sshd_config = '/etc/ssh/sshd_config' files.sed(sshd_config, before='\s*#\s*\PermitRootLogin\s*(yes|no)', after='PermitRootLogin yes',use_sudo=True) files.sed(sshd_config, before='\s*PermitRootLogin\s*no', after='PermitRootLogin yes',use_sudo=True) sudo('service ssh reload') sys_etc_git_commit('Endabled root login')
def sys_ssh_disable_root_login(): """ Disable root login - Ex: (cmd)""" sshd_config = '/etc/ssh/sshd_config' files.sed(sshd_config, before='\s*#\s*PermitRootLogin\s*(yes|no)', after='PermitRootLogin no',use_sudo=True) files.sed(sshd_config, before='\s*PermitRootLogin\s*yes', after='PermitRootLogin no',use_sudo=True) sudo('sudo passwd -l root') sys_etc_git_commit('Diabled root login') sys_reload_service('ssh');
def sys_user_delete(username): """ Delete new user - Ex: (cmd:<user>)""" with settings(warn_only=True): if username == 'root': warn('Cannot delete root user') sudo('pkill -KILL -u {}'.format(username)) sudo('userdel {}'.format(username)) sys_etc_git_commit('Deleted user({})'.format(username))
def sys_docker_install(): url = "https://download.docker.com/linux/ubuntu" sudo('curl -fsSL {}/gpg | apt-key add -'.format(url)) sudo('add-apt-repository \"deb [arch=amd64] {} $(lsb_release -cs) stable\"'.format(url)) sudo('apt update') sudo('apt -y install docker-ce') sudo('systemctl enable docker') sys_etc_git_commit('Installed docker (ce)')
def web_apache2_set_port(port=''): """ Setup Apache2 to listen to new port - Ex: (cmd:[port])""" remotecfg = '/etc/apache2/ports.conf' port = sys_show_next_available_port(port) sudo('echo \"Listen 127.0.0.1:{0}\" >> {1}'.format(port, remotecfg)) sudo('service apache2 reload') sys_etc_git_commit('Apache now listens on port {0}'.format(port))
def sys_redis_configure_pass(password=None): """ Configure redis-server set password - Ex: set - (cmd:[password]) - remove (cmd) """ redis_conf = '/etc/redis/redis.conf' sudo('sed -i /\s*\"requirepass"\s*.*/d {}'.format(redis_conf)) if password: sudo('echo "requirepass {}" >> {}'.format(password, redis_conf)) sys_etc_git_commit('Configured redis-server (passwor={*****})') sys_restart_service('redis-server')
def sys_memcached_configure_interface(interface='0.0.0.0'): """ Configure memcached - Ex: (cmd:[interface]) """ memcached_conf = '/etc/memcached.conf' sudo('sed -i "s/-l\s\+[0-9.]\+/-l {0}/g" {1}'.format( interface, memcached_conf)) sudo('service memcached restart') sys_etc_git_commit( 'Configured memcached (interface={0})'.format(interface))
def web_apache2_set_port(port=''): """ Setup Apache2 to listen to new port - Ex: (cmd:[port])""" remotecfg = '/etc/apache2/ports.conf' port = sys_show_next_available_port(port) sudo('echo \"Listen 127.0.0.1:{}\" >> {}'.format(port, remotecfg)) sys_reload_service('apache2') sys_etc_git_commit('Apache now listens on port {}'.format(port))
def sys_configure_timezone(zone='Canada/Eastern'): """ Configure system time zone - Ex: (cmd:<zone>) """ zone = os.path.abspath(os.path.join('/usr/share/zoneinfo', zone)) if files.exists(zone): sudo('ln -sf {0} /etc/localtime'.format(zone)) sys_etc_git_commit('Updated system timezone to ({0})'.format(zone)) else: print >> sys.stderr, 'Zone not found {0}'.format(zone)
def sys_install_postfix(): """ Install postfix for outgoing email (loopback) - Ex: (cmd)""" sudo('echo \"postfix postfix/main_mailer_type select Internet Site\" | debconf-set-selections') sudo('echo \"postfix postfix/mailname string localhost\" | debconf-set-selections') sudo('echo \"postfix postfix/destinations string localhost.localdomain, localhost\" | debconf-set-selections') sudo('apt-get -y install postfix') sudo('/usr/sbin/postconf -e \"inet_interfaces = loopback-only\"') sudo('service postfix start') sys_etc_git_commit('Installed postfix on loopback for outgoing mail')
def sys_install_postfix(): """ Install postfix for outgoing email (loopback) - Ex: (cmd)""" sudo('echo \"postfix postfix/main_mailer_type select Internet Site\" | debconf-set-selections') sudo('echo \"postfix postfix/mailname string localhost\" | debconf-set-selections') sudo('echo \"postfix postfix/destinations string localhost.localdomain, localhost\" | debconf-set-selections') sudo('apt -y install postfix') sudo('/usr/sbin/postconf -e \"inet_interfaces = loopback-only\"') sys_etc_git_commit('Installed postfix on loopback for outgoing mail') sys_restart_service('postfix')
def sys_memcached_configure_memory(memory=''): """ Configure memcached - Ex: (cmd:[RAM-MB]) """ memcached_conf = '/etc/memcached.conf' if not memory: total_mem = sudo("free -m | head -2 | grep Mem | awk '{print $2}'") memory = eval(total_mem) / 8 sudo('sed -i "s/-m\s\+[0-9]\+/-m {0}/g" {1}'.format(memory, memcached_conf)) sudo('service memcached restart') sys_etc_git_commit('Configured memcached (memory={0})'.format(memory))
def sys_git_configure(user, name, email): """ Configure git for a given user - Ex: (cmd:<user>,<name>,<email>)""" sudo('apt-get install -y git-core') with settings(warn_only=True): sudo('sudo -u {0} git config --global user.name \"{1}\"'.format( user, name)) sudo('sudo -u {0} git config --global user.email \"{1}\"'.format( user, email)) sys_etc_git_commit('Configured git for user: {0}'.format(user))
def sys_install_common(): """ Install common application - Ex: (cmd)""" requirements = "%s" % " ".join( ["build-essential", "gcc", "git", "subversion", "mercurial", "wget", "vim", "less", "sudo"] ) # install requirements sudo("apt-get -y install {0}".format(requirements)) sys_etc_git_commit("Installed common system packages")
def sys_time_install_common(): """ Install common time / zone related - Ex: (cmd)""" requirements = '%s' % ' '.join([ 'ntpdate', ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) sys_etc_git_commit('Installed time / zone related system packages')
def web_apache_install(): """ Install apache2 - Ex: (cmd)""" requirements = '%s' % ' '.join([ 'apache2', ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) util_apache2_bootstrap() sys_etc_git_commit('Installed apache2')
def sys_memcached_configure_memory(memory=''): """ Configure memcached - Ex: (cmd:[RAM-MB]) """ memcached_conf = '/etc/memcached.conf' if not memory: total_mem = sudo("free -m | head -2 | grep Mem | awk '{print $2}'") memory = eval(total_mem) / 8 sudo('sed -i "s/-m\s\+[0-9]\+/-m {0}/g" {1}'.format( memory, memcached_conf)) sudo('service memcached restart') sys_etc_git_commit('Configured memcached (memory={0})'.format(memory))
def sys_security_install_common(): """ Install common security application - Ex: (cmd) """ requirements = '%s' % ' '.join([ 'fail2ban', 'logcheck', 'logcheck-database', ]) sudo('apt -y install {}'.format(requirements)) sys_etc_git_commit('Installed common security packages')
def sys_docker_config(): """ docker-server config - Ex: (cmd:)""" cfgdir = os.path.join(os.path.dirname( __file__), '../cfg') localcfg = os.path.expanduser(os.path.join(cfgdir, 'docker/daemon.json')) remotecfg = '/etc/docker/daemon.json' sudo('rm -rf ' + remotecfg) put(localcfg, remotecfg, use_sudo=True) sys_mkdir('/docker') sys_etc_git_commit('Configured docker') sys_restart_service('docker')
def sys_security_install_common(): """ Install common security application - Ex: (cmd) """ requirements = '%s' % ' '.join([ 'fail2ban', 'logcheck', 'logcheck-database', ]) sudo('apt-get -y install {0}'.format(requirements)) sys_etc_git_commit('Installed common security packages')
def web_supervisor_install(): """ Install Supervisor - Ex: (cmd)""" requirements = '%s' % ' '.join([ 'supervisor', ]) # install requirements sudo('apt -y install {}'.format(requirements)) web_supervisor_bootstrap() sys_etc_git_commit('Installed Supervisor')
def sys_mount_device_format(device, mount_point, filesystem='xfs'): """ Mount a device which survives a reboot - Ex: (cmd:<device>,<mountpoint>,[filesystem]) """ if util_mount_is_mounted(device): abort('Device ({}) is already mounted'.format(device)) util_mount_validate_vars(device, mount_point, filesystem) sudo('mkfs.{} -f {}'.format(filesystem, device)) sys_mount_device(device, mount_point, filesystem) sys_mount_fstab_add(device, mount_point, filesystem) sys_etc_git_commit('Mounted {} on {} using {}'.format(device, mount_point, filesystem))
def db_pgpool2_install(): """ Install pgpool2 - Ex: (cmd:)""" # requirements requirements = '%s' % ' '.join([ 'pgpool2', ]) # install requirements sudo('apt -y install {}'.format(requirements)) sys_etc_git_commit('Installed pgpool2')
def web_nginx_install(): """ Install Nginx - Ex: (cmd)""" requirements = '%s' % ' '.join([ 'nginx', ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) util_nginx_bootstrap() sudo('service nginx restart') sys_etc_git_commit('Installed Nginx')
def db_pgbouncer_install(): """ Install pgbouncer - Ex: (cmd:)""" # requirements requirements = '%s' % ' '.join([ 'pgbouncer', ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) sys_etc_git_commit('Installed pgbouncer')
def db_pgpool2_install(): """ Install pgpool2 - Ex: (cmd:)""" # requirements requirements = '%s' % ' '.join([ 'pgpool2', ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) sys_etc_git_commit('Installed pgpool2')
def sys_memcached_config(): """ Install memcached - Ex: (cmd:)""" cfgdir = os.path.join(os.path.dirname(__file__), '../cfg') localcfg = os.path.expanduser( os.path.join(cfgdir, 'memcached/memcached.conf')) remotecfg = '/etc/memcached.conf' sudo('rm -rf ' + remotecfg) put(localcfg, remotecfg, use_sudo=True) sys_memcached_configure_memory() sudo('service memcached start') sys_etc_git_commit('Configured memcached')
def web_apache2_install_mods(): """ Install apache2 related packages - Ex: (cmd)""" requirements = '%s' % ' '.join([ 'libapache2-mod-wsgi', 'libapache2-mod-rpaf', ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) with settings(warn_only=True): sudo('a2enmod wsgi') sudo('a2enmod rpaf') sys_etc_git_commit('Installed apache2 and related packages')
def sys_swap_configure(size='512'): """ Ceates and install a swap file, given file size in MB - Ex (cmd:[Size-MB]) """ swap_file = '/swap/{0}MiB.swap'.format(size) sudo('mkdir -p /swap') if not files.exists(swap_file): sudo('fallocate -l {0}m {1}'.format(size, swap_file)) sudo('chmod 600 {0}'.format(swap_file)) sudo('mkswap {0}'.format(swap_file)) sudo('swapon {0}'.format(swap_file)) sudo('echo "{0} swap swap defaults 0 0" | sudo tee -a /etc/fstab'. format(swap_file)) sys_etc_git_commit('Added swap file ({0})'.format(swap_file)) else: print >> sys.stderr, 'Swap file ({0}) Exists'.format(swap_file)
def web_geoip_install_requirements(): """ Install GeoIP Requirements - Ex: (cmd)""" requirements = '%s' % ' '.join([ 'zlibc', 'zlib1g-dev', 'libssl-dev', 'build-essential', # 'linux-headers-`uname -r`', 'libtool', ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) sys_etc_git_commit('Installed GeoIP')
def web_geoip_install_maxmind_api(): """ Install Maxmind C API - Ex: (cmd) """ tmp_dir = '/tmp/maxmind' geoip_url = 'http://www.maxmind.com/download/geoip/api/c/GeoIP.tar.gz' geocity_url = 'http://www.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz' sudo('rm -rf {0}; mkdir -p {0}'.format(tmp_dir)) with cd(tmp_dir): sudo('wget {0}'.format(geoip_url)) sudo('tar xvf GeoIP.tar.gz') with cd('GeoIP-*'): sudo('./configure') sudo('make') sudo('make install') sys_etc_git_commit('Installed Maxmind C API')
def db_psql_set_permission(version='', cluster='main'): """ Set default permission for postgresql - Ex: (cmd:<version>,[cluster])""" if not version: version = db_psql_default_installed_version() cfgdir = os.path.join(os.path.dirname( __file__), '../cfg') localcfg = os.path.expanduser(os.path.join(cfgdir, 'postgresql/pg_hba.conf')) remotecfg = '/etc/postgresql/{0}/{1}/pg_hba.conf'.format(version, cluster) sudo('rm -rf ' + remotecfg) put(localcfg, remotecfg, use_sudo=True) sudo('chown postgres:postgres {0}'.format(remotecfg)) sudo('chmod 644 {0}'.format(remotecfg)) sudo('service postgresql start') sys_etc_git_commit('Set default postgres access for cluster ({0} {1})'.format(version, cluster))
def db_psql_create_cluster(version='', cluster='main', encoding='UTF-8', data_dir='/var/lib/postgresql'): """ Make a new postgresql clauster - Ex: (cmd:[pgversion],[cluster],[encoding],[datadir])""" if not version: version = db_psql_default_installed_version() if not version: version = db_psql_latest_version() db_psql_remove_cluster(version, cluster) data_dir = db_psql_make_data_dir(version, data_dir) sudo('chown -R postgres {0}'.format(data_dir)) sudo('pg_createcluster --start -e {0} {1} {2} -d {3}'.format(encoding, version, cluster, data_dir)) sudo('service postgresql start') sys_etc_git_commit('Created new postgres cluster ({0} {1})'.format(version, cluster))
def sys_install_common(): """ Install common application - Ex: (cmd)""" requirements = '%s' % ' '.join([ 'build-essential', 'gcc', 'git', 'subversion', 'mercurial', 'wget', 'vim', 'less', 'sudo', ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) sys_etc_git_commit('Installed common system packages')
def db_psql_install(version=''): """ Install postgres of a given version or the latest version - Ex: (cmd:[9.1])""" if not version: version = db_psql_latest_version() # requirements requirements = '%s' % ' '.join([ 'postgresql-{0}'.format(version), 'postgresql-client-{0}'.format(version), 'postgresql-contrib-{0}'.format(version), 'postgresql-server-dev-{0}'.format(version), 'postgresql-client-common' ]) # install requirements sudo('apt-get -y install {0}'.format(requirements)) sys_etc_git_commit('Installed postgres ({0})'.format(version))