blob: 6fb37350079c825835a41ab30d5ed42834c293cf (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
|
# -*- coding: utf-8 -*-
#
# SPDX-License-Identifier: ISC
#
# Copyright (C) 2019 rsiddharth <s@ricketyspace.net>
#
# This file is part of nfsw.
#
VERSION=0.2.1
VENV_DIR=/usr/local/virtualenv/.nfsw
VENV_CMD=virtualenv-3
JSHINT=~/.npm-packages/bin/jshint
TARBALL=nfsw-${VERSION}.tar.gz
PRD_HOST=vela
PRD_WHEEL=nfsw-${VERSION}-py3-none-any.whl
ACME_CONF=etc/acme-client.conf
UWSGI_INI=etc/uwsgi/nfsw.ini
RC_D=etc/rc.d/nfsw
NGINX_DIR=etc/nginx
NEWSYSLOG=etc/newsyslog.conf
SSH_PUB=lyra.pub
TB=bin/tball
TB_CNF=etc/tball
CRON=cron/root
dunno:
@echo "Give me somepin to make"
dev:
pip install -r requirements.txt
.PHONY: dev
va:
@echo ${VENV_DIR}/bin/activate
.PHONY: va
venv:
rm -rf *.egg-info
${SHELL} -c 'if [[ -d $(VENV_DIR) ]] then \
rm -rf $(VENV_DIR); fi'
${VENV_CMD} --clear --python=python3 $(VENV_DIR)
.PHONY: venv
jsh:
${JSHINT} nfsw/static/io.js
${JSHINT} nfsw/static/epilogue.js
.PHONY: jsh
build:
python setup.py bdist_wheel
.PHONY: build
archive:
mkdir -p archive \
&& git archive --format=tar --prefix=nfsw-${VERSION}/ \
v${VERSION} | gzip > archive/${TARBALL} \
&& gpg2 -sb --armor -o archive/${TARBALL}.sig archive/${TARBALL}
.PHONY: archive
archive-up:
rsync archive/* root@lyra:/var/www/root/nfsw/
.PHONY: archive-up
prd-init:
ssh root@${PRD_HOST} \\"echo 'https://cdn.openbsd.org/pub/OpenBSD' \
> /etc/installurl \
&& pkg_add -I -v git redis py3-virtualenv cowsay \
rsync-3.1.3-iconv nginx bash \
&& git config --global --add user.name rsiddharth \
&& git config --global --add user.email s@ricketyspace.net \
&& git -C /etc init \
&& git -C /etc add . \
&& git -C /etc commit -m 'Initial commit' \
&& useradd -v -c 'NFSW daemon' \
-e 0 -L daemon -s /sbin/nologin \
-d /var/empty _nfsw \
&& git -C /etc add . \
&& git -C /etc commit -m 'Add _nfsw user'\\"
.PHONY: prd-init
prd-nginx:
rsync -a ${NGINX_DIR}/ \
root@${PRD_HOST}:/${NGINX_DIR}
rsync -a ${NEWSYSLOG} \
root@${PRD_HOST}:/${NEWSYSLOG}
ssh root@${PRD_HOST} \\"rcctl enable nginx \
&& rcctl restart nginx \
&& git -C /etc add nginx rc.conf.local\\"
.PHONY: prd-nginx
prd-acme:
rsync ${ACME_CONF} root@${PRD_HOST}:/${ACME_CONF}
.PHONY: prd-acme
prd-venv:
ssh root@${PRD_HOST} \\"mkdir -p /usr/local/virtualenv/ && \
${VENV_CMD} --clear --python=python3 \
${VENV_DIR}-prd \
&& chown -R _nfsw:wheel ${VENV_DIR}-prd \\"
.PHONY: prd-venv
prd-install:
ssh root@${PRD_HOST} \\"mkdir -p /var/www/nfsw/wheel/\\"
rsync dist/${PRD_WHEEL} \
root@${PRD_HOST}:/var/www/nfsw/wheel/
ssh root@${PRD_HOST} \\". ${VENV_DIR}-prd/bin/activate \
&& pip install /var/www/nfsw/wheel/${PRD_WHEEL} \
&& chown -R _nfsw:wheel ${VENV_DIR}-prd \
&& chown -R _nfsw:wheel /var/www/nfsw/ \\"
.PHONY: prd-install
prd-upgrade:
ssh root@${PRD_HOST} \\"mkdir -p /var/www/nfsw/wheel/\\"
rsync dist/${PRD_WHEEL} \
root@${PRD_HOST}:/var/www/nfsw/wheel/
ssh root@${PRD_HOST} \\". ${VENV_DIR}-prd/bin/activate \
&& pip install --upgrade /var/www/nfsw/wheel/${PRD_WHEEL} \
&& chown -R _nfsw:wheel ${VENV_DIR}-prd \
&& chown -R _nfsw:wheel /var/www/nfsw/ \\"
.PHONY: prd-upgrade
prd-initdb:
ssh root@${PRD_HOST} \\". ${VENV_DIR}-prd/bin/activate \
&& FLASK_APP=nfsw flask init-db \
&& chown -R _nfsw:wheel ${VENV_DIR}-prd \\"
.PHONY: prd-initdb
prd-config:
ssh root@${PRD_HOST} \\"echo \"SECRET_KEY=b'`openssl rand -hex 16`'\" \
> ${VENV_DIR}-prd/var/nfsw-instance/config.py\\"
.PHONY: prd-config
prd-rcd:
ssh root@${PRD_HOST} mkdir -p -m 755 /etc/uwsgi
rsync ${UWSGI_INI} root@${PRD_HOST}:/${UWSGI_INI}
rsync ${RC_D} root@${PRD_HOST}:/${RC_D}
ssh root@${PRD_HOST} \\"chmod 555 /${RC_D} \
&& chmod 444 /${UWSGI_INI} \
&& chown root:wheel /${RC_D} \
&& rcctl enable nfsw redis \
&& rcctl restart nfsw redis \
&& git -C /etc add rc.conf.local rc.d/nfsw uwsgi/\\"
.PHONY: prd-rcd
prd-rr:
ssh root@${PRD_HOST} rcctl restart nfsw redis nginx
.PHONY: prd-reload
prd-sk:
rsync ssh/${SSH_PUB} root@${PRD_HOST}:~/.ssh/
ssh root@${PRD_HOST} \\"cat ~/.ssh/${SSH_PUB} \
>> ~/.ssh/authorized_keys\\"
.PHONY: prd-sk
prd-tb:
rsync -a ${TB} root@${PRD_HOST}:/usr/local/bin/tball
rsync -a ${TB_CNF} root@${PRD_HOST}:/${TB_CNF}
rsync -a ${CRON} root@${PRD_HOST}:~/.cron
ssh root@${PRD_HOST} \\"mkdir -p \
/var/backups/nfsw/instance \
&& crontab ~/.cron \
&& git -C /etc add tball\\"
.PHONY: prd-tb
clean:
rm -rf build/ dist/ nfsw.egg-info/ instance archive/
find ./ -type d -name '__pycache__' -exec rm -rf {} +
.PHONY: clean
|