JohnSmall/digital-ocean-rails.sh

## digital-ocean-rails.sh
#! /bin/bash
# this is a useful little script to setup a rails user, with postgresql, and nginx version of Phusion Passenger on a Digital Ocean droplet
# Once run it's ready to recieve a Capistrano deployment.
# The best way to run it is ssh root@my_do_host 'bash -s' < digital-ocean-rails.sh
set -e -x # die on the first error and send stdout to /var/log/syslog
#create a password and save it
PWD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
mkdir -p passwords
echo "rails,$PWD" >> passwords/users.txt
#create a user called rails and allow them to sudo without a password
useradd -m -U -p $PWD -s /bin/bash rails
usermod -aG sudo rails
chmod u=rw /etc/sudoers.d/90-cloud-init-users
echo "rails ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/90-cloud-init-users
chmod u=r /etc/sudoers.d/90-cloud-init-users
#copy the authorized keys you used to create your droplet to the rails account
mkdir /home/rails/.ssh
cp .ssh/authorized_keys /home/rails/.ssh
chown -R rails:rails /home/rails/.ssh
# now start installing stuff
export DEBIAN_FRONTEND=noninteractive # no prompts please
apt-get update && apt-get upgrade -y
apt-get -y -q install build-essential
apt-get -y -q install libreadline6 libreadline6-dev
apt-get -y -q install libnotify-bin
apt-get install -y git-core
apt-get install -y postgresql postgresql-client postgresql-contrib
apt-get install -y libpq-dev
apt-get -y install xsltproc
apt-get -y install unzip
apt-get install -y libxslt1-dev libxml2-dev
apt-get install -y sqlite3
apt-get -y -q install libcurl4-openssl-dev
#you can cut this out if you want to use the rubyracer
curl -sL https://deb.nodesource.com/setup | bash -
apt-get -y -q install nodejs
#create a postgresql rails user
su postgres -c "cd && createuser rails --superuser"
su rails -c "cd & createdb rails"
#create a db password
DBPWD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
echo "rails,$DBPWD" >> passwords/db_passwords.txt
#make sure the environment variable for the database password is the first line in .bashrc.
#this is required for Capistrano to deploy properly
#see http://superuser.com/questions/246837/how-do-i-add-text-to-the-beginning-of-a-file-in-bash
#and http://stackoverflow.com/questions/23672631/capistrano-and-environment-variables
sed -i "1iexport RAILS_PASSWORD=$DBPWD" /home/rails/.bashrc
# now put together a string with substrings that contain single and double quotes because we're going to be sending a string to su rails -c
# to set up the rails db password
temp1="alter role rails with password '$DBPWD'"
temp2="cd && psql -c \"$temp1\""
su rails -lc "$temp2"
#passenger phusion
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7
apt-get install -y apt-transport-https ca-certificates
sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger xenial main > /etc/apt/sources.list.d/passenger.list'
apt-get update
apt-get install -y nginx-extras passenger
sed -i 's/# include \/etc\/nginx\/passenger.conf/include \/etc\/nginx\/passenger.conf/g' /etc/nginx/nginx.conf
service nginx restart
/usr/bin/passenger-config validate-install
/usr/sbin/passenger-memory-stats
#setup RVM in the rails account
su rails -c 'gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3'
su rails -c '\curl -sSL https://get.rvm.io | bash -s stable --ruby'
#and make sure bundler is in the shared global gems so Capistrano can run it to install your gems
#assuming you've got Capistrano3 rvm gem in your project
su rails -lc 'cd && rvm @global do gem install bundler'
#you might need this. But rails is in the sudoers group and has passwordless sudo rights
echo "Rails user password is $PWD"
#you'll might need this. But if you set
# password: <%= ENV['RAILS_PASSWORD'] %>
# in your database.yml then it'll pick it up from the environment set up in the first line of .bashrc
echo "Rails db password is $DBPWD"
	#! /bin/bash
	# this is a useful little script to setup a rails user, with postgresql, and nginx version of Phusion Passenger on a Digital Ocean droplet
	# Once run it's ready to recieve a Capistrano deployment.
	# The best way to run it is ssh root@my_do_host 'bash -s' < digital-ocean-rails.sh
	set -e -x # die on the first error and send stdout to /var/log/syslog
	#create a password and save it
	PWD=$(cat /dev/urandom \| tr -dc 'a-zA-Z0-9' \| fold -w 20 \| head -n 1)
	mkdir -p passwords
	echo "rails,$PWD" >> passwords/users.txt
	#create a user called rails and allow them to sudo without a password
	useradd -m -U -p $PWD -s /bin/bash rails
	usermod -aG sudo rails
	chmod u=rw /etc/sudoers.d/90-cloud-init-users
	echo "rails ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/90-cloud-init-users
	chmod u=r /etc/sudoers.d/90-cloud-init-users
	#copy the authorized keys you used to create your droplet to the rails account
	mkdir /home/rails/.ssh
	cp .ssh/authorized_keys /home/rails/.ssh
	chown -R rails:rails /home/rails/.ssh
	# now start installing stuff
	export DEBIAN_FRONTEND=noninteractive # no prompts please
	apt-get update && apt-get upgrade -y
	apt-get -y -q install build-essential
	apt-get -y -q install libreadline6 libreadline6-dev
	apt-get -y -q install libnotify-bin
	apt-get install -y git-core
	apt-get install -y postgresql postgresql-client postgresql-contrib
	apt-get install -y libpq-dev
	apt-get -y install xsltproc
	apt-get -y install unzip
	apt-get install -y libxslt1-dev libxml2-dev
	apt-get install -y sqlite3
	apt-get -y -q install libcurl4-openssl-dev
	#you can cut this out if you want to use the rubyracer
	curl -sL https://deb.nodesource.com/setup \| bash -
	apt-get -y -q install nodejs
	#create a postgresql rails user
	su postgres -c "cd && createuser rails --superuser"
	su rails -c "cd & createdb rails"
	#create a db password
	DBPWD=$(cat /dev/urandom \| tr -dc 'a-zA-Z0-9' \| fold -w 20 \| head -n 1)
	echo "rails,$DBPWD" >> passwords/db_passwords.txt
	#make sure the environment variable for the database password is the first line in .bashrc.
	#this is required for Capistrano to deploy properly
	#see http://superuser.com/questions/246837/how-do-i-add-text-to-the-beginning-of-a-file-in-bash
	#and http://stackoverflow.com/questions/23672631/capistrano-and-environment-variables
	sed -i "1iexport RAILS_PASSWORD=$DBPWD" /home/rails/.bashrc
	# now put together a string with substrings that contain single and double quotes because we're going to be sending a string to su rails -c
	# to set up the rails db password
	temp1="alter role rails with password '$DBPWD'"
	temp2="cd && psql -c \"$temp1\""
	su rails -lc "$temp2"
	#passenger phusion
	apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7
	apt-get install -y apt-transport-https ca-certificates
	sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger xenial main > /etc/apt/sources.list.d/passenger.list'
	apt-get update
	apt-get install -y nginx-extras passenger
	sed -i 's/# include \/etc\/nginx\/passenger.conf/include \/etc\/nginx\/passenger.conf/g' /etc/nginx/nginx.conf
	service nginx restart
	/usr/bin/passenger-config validate-install
	/usr/sbin/passenger-memory-stats
	#setup RVM in the rails account
	su rails -c 'gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3'
	su rails -c '\curl -sSL https://get.rvm.io \| bash -s stable --ruby'
	#and make sure bundler is in the shared global gems so Capistrano can run it to install your gems
	#assuming you've got Capistrano3 rvm gem in your project
	su rails -lc 'cd && rvm @global do gem install bundler'
	#you might need this. But rails is in the sudoers group and has passwordless sudo rights
	echo "Rails user password is $PWD"
	#you'll might need this. But if you set
	# password: <%= ENV['RAILS_PASSWORD'] %>
	# in your database.yml then it'll pick it up from the environment set up in the first line of .bashrc
	echo "Rails db password is $DBPWD"