Created
November 21, 2013 02:32
-
-
Save robwilkerson/7575165 to your computer and use it in GitHub Desktop.
A Vagrant provisioner file template.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Provisions the Vagrant VM for this project. This file should never be | |
# executed manually. It is intended to be run only in the context of the | |
# `vagrant up` execution. | |
# NOTE: This script is executed by Vagrant as the root user. | |
set -e | |
# | |
# PREPARE THE BOX | |
# General updates that need to be made to the box for this application. | |
# | |
# Set a helpful hostname as a convenient reference. | |
echo "Setting hostname..." | |
echo "${1:git-project-name}" > /etc/hostname | |
echo "127.0.0.1 ${1}" >> /etc/hosts | |
hostname ${1} | |
echo "Complete." | |
echo "Updating installed packages..." | |
apt-get upgrade -qq -y | |
apt-get update -qq -y | |
echo "Complete." | |
# Generate a self-signed certificate | |
echo -n "Generating a self-signed SSL cert..." | |
openssl req -new -x509 -days 365 -subj "/C=US/ST=MD/L=Baltimore/O=Canonical Technologies, LLC/CN=localhost" -nodes -out /etc/ssl/certs/localhost.pem -keyout /etc/ssl/private/localhost.key > /dev/null 2>&1 | |
echo "complete."${2: | |
# | |
# INSTALL SSH KEYS | |
# If the script has to SCP from or SSH to any upstream server to retrieve data | |
# or assets, we'll need the appropriate key or keys in place. This can be | |
# removed if the provisioner does not require anything from upstream | |
# environments. | |
# | |
# If does not already exist, the appropriate private key should be | |
# added to the repository within a .meta/ directory in the project root. | |
# e.g. <project root>/.meta/the-appropriate-key.pem | |
# | |
if [ ! -e "/vagrant/.meta" ]; then | |
mkdir -p /vagrant/.meta | |
fi | |
echo "Installing any SSH keys..." | |
PRD_HOST="${3:upstream-host-or-ip}" | |
PRD_USER="${4:upstream-username}" | |
IDENTITY_FILE="${5:webteam-ec2.pem}" | |
mkdir ~/.ssh | |
cp /vagrant/.meta/\$IDENTITY_FILE ~/.ssh | |
chmod 600 ~/.ssh/\$IDENTITY_FILE | |
echo "Complete."} | |
# | |
# NEW PACKAGE INSTALLATION | |
# Install any additional software (e.g. Java, Compass, Ruby, etc.) required | |
# by this application. | |
# | |
echo "Installing new packages..." | |
echo "--> Installing the GD extension for PHP..." | |
apt-get install php5-gd -qq -y > /dev/null 2>&1 | |
echo "<-- Complete." | |
# Install other packages/gems/etc. as required. | |
# | |
# CONFIGURE SERVICES | |
# This should be done by copying the appropriate configuration files from the | |
# production box where this application lives or will live. | |
# | |
echo "--> Configuring PHP modules (apc, curl, gd, memcache, etc.)..." | |
mv /etc/php5/conf.d /etc/php5/conf.d.default | |
scp -o StrictHostKeyChecking=no \ | |
-i ~/.ssh/\$IDENTITY_FILE \ | |
-r -q \ | |
\$PRD_USER@\$PRD_HOST:/etc/php5/conf.d /etc/php5 | |
echo "<-- Complete." | |
echo "--> Configuring MySQL..." | |
mv /etc/mysql/my.cnf /etc/mysql/my.cnf.default | |
scp -o StrictHostKeyChecking=no \ | |
-i ~/.ssh/\$IDENTITY_FILE \ | |
-q \ | |
\$PRD_USER@\$PRD_HOST:/etc/mysql/my.cnf /etc/mysql | |
echo "<-- Complete." | |
echo "--> Configuring PHP..." | |
mv /etc/php5/fpm/php.ini /etc/php5/fpm/php.ini.default | |
scp -o StrictHostKeyChecking=no \ | |
-i ~/.ssh/\$IDENTITY_FILE \ | |
-q \ | |
\$PRD_USER@\$PRD_HOST:/etc/php5/fpm/php.ini /etc/php5/fpm | |
# And now force a few development settings | |
# PHP.INI | |
sed -i -r -e 's/display_errors = Off/display_errors = On/g' /etc/php5/fpm/php.ini | |
# APC.INI | |
sed -i -r -e 's/apc.stat=0/apc.stat=1/g' /etc/php5/fpm/php.ini | |
echo "<-- Complete." | |
echo "--> Configuring Nginx..." | |
echo "----> nginx.conf and fastcgi_params..." | |
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.default | |
mv /etc/nginx/fastcgi_params /etc/nginx/fastcgi_params.default | |
scp -o StrictHostKeyChecking=no \ | |
-i ~/.ssh/\$IDENTITY_FILE \ | |
-q \ | |
\$PRD_USER@\$PRD_HOST:/etc/nginx/nginx.conf /etc/nginx/fastcgi_params /etc/nginx | |
# sendfile is broken on Virtualbox | |
sudo sed -i -e 's/sendfile\s*on/sendfile off/g' /etc/nginx/nginx.conf | |
echo "<---- Complete." | |
echo "----> Nginx includes..." | |
scp -o StrictHostKeyChecking=no \ | |
-i ~/.ssh/\$IDENTITY_FILE \ | |
-r -q \ | |
\$PRD_USER@\$PRD_HOST:/etc/nginx/includes /etc/nginx | |
echo "<---- Complete." | |
echo "----> Default virtual host..." | |
cat > /etc/nginx/sites-enabled/default << "EOF" | |
server { | |
listen 80; | |
server_name localhost; | |
root /vagrant/www; | |
index index.php; | |
access_log /var/log/nginx/localhost.access.log; | |
error_log /var/log/nginx/localhost.error.log; | |
client_max_body_size 5M;${6: | |
pagespeed on; | |
# pagespeed Statistics on; | |
# pagespeed StatisticsLogging on; | |
# pagespeed LogDir /var/log/pagespeed-umass-memorial-hospital-main; | |
pagespeed RewriteLevel PassThrough; # We're going to enable filters manually | |
pagespeed ImageRecompressionQuality 80; | |
pagespeed FileCachePath /var/cache/nginx-pagespeed; | |
# pagespeed LoadFromFile "http://www.umassmemorial.org/sites/umass-memorial-hospital/files/" | |
# "/vagrant/www/sites/umass-memorial-hospital/files/"; | |
pagespeed EnableFilters extend_cache,insert_dns_prefetch; | |
pagespeed EnableFilters collapse_whitespace,remove_comments; | |
pagespeed EnableFilters lazyload_images,insert_image_dimensions,sprite_images,rewrite_images; | |
pagespeed EnableFilters canonicalize_javascript_libraries,combine_javascript,rewrite_javascript; | |
pagespeed EnableFilters combine_css,rewrite_css,move_css_to_head; | |
# Ensure requests for pagespeed optimized resources go to the pagespeed | |
# handler and no extraneous headers get set. | |
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" { add_header "" ""; } | |
location ~ "^/ngx_pagespeed_static/" { } | |
location ~ "^/ngx_pagespeed_beacon\$" { } | |
location /ngx_pagespeed_statistics { allow 127.0.0.1; deny all; } | |
location /ngx_pagespeed_global_statistics { allow 127.0.0.1; deny all; } | |
location /ngx_pagespeed_message { allow 127.0.0.1; deny all; } | |
location /pagespeed_console { allow 127.0.0.1; deny all; }} | |
# Include the config for a drupal site | |
include /etc/nginx/includes/drupal7; | |
# Adds expires headers for performance | |
include /etc/nginx/includes/expire_content; | |
# Ignore and/or deny certain common file requests | |
include /etc/nginx/includes/ignore; | |
} | |
EOF | |
echo "<---- Complete." | |
echo "<-- Complete." | |
echo "Complete." | |
# | |
# UPDATE APPLICATION CONFIG FILES (as req'd) | |
# | |
echo -n "Updating ${7:config-file-name}..." | |
cp ${8:config-file-basename}.sample.${9:config-file-ext} ${8}.${9} | |
sed -i -e 's/${10:replace-this}/${11:with-this}/g' ${8}.${9} | |
echo "complete." | |
# | |
# PREPARE THE FILE SYSTEM | |
# | |
echo "Preparing the file system..." | |
echo "--> Creating new directories and/or symlinks as required..." | |
# if [ ! -e "/vagrant/path/to/directory-or-file" ]; then | |
# mkdir /vagrant/path/to/new-directory | |
# ln -s /vagrant/path/to/directory-or-file /vagrant/path/to/symlink | |
# fi | |
echo "--> Complete." | |
echo "--> Ensuring ownership & permissions are correct..." | |
# chown -R www-data:www-data /vagrant/path/to/directory-or-file | |
# chmod -R 777 /vagrant/path/to/directory-or-file | |
echo "<-- Complete." | |
echo "Complete." | |
# | |
# INSTALL AND/OR UPDATE DATABASE | |
# | |
echo "Creating the project database (if it doesn't exist)..." | |
if [ -z `mysql --batch --skip-column-names -e "SHOW DATABASES LIKE '${12:database_name}'" | grep ${12}` ]; then | |
echo "--> Creating a fresh database..." | |
mysql -uroot --execute "DROP DATABASE IF EXISTS ${12}; CREATE DATABASE ${12} CHARACTER SET utf8 COLLATE utf8_unicode_ci;" | |
echo "<-- Complete." | |
echo "--> Dumping the production database..." | |
ssh -o StrictHostKeyChecking=no \ | |
-i ~/.ssh/\$IDENTITY_FILE \ | |
\$PRD_USER@\$PRD_HOST "mysqldump -h ${13:database.host.tld} -P ${14:3306} -u ${15:dbusername} -p'${16:dbpassword}' --opt --no-create-db --complete-insert --databases ${12} | gzip > /tmp/${12}.dump.sql.gz" > /dev/null | |
scp -o StrictHostKeyChecking=no \ | |
-i ~/.ssh/\$IDENTITY_FILE \ | |
\$PRD_USER@\$PRD_HOST:/tmp/${12}.dump.sql.gz /tmp | |
ssh -o StrictHostKeyChecking=no \ | |
-i ~/.ssh/\$IDENTITY_FILE \ | |
\$PRD_USER@\$PRD_HOST "rm /tmp/${12}.dump.sql.gz" | |
echo "<-- Complete." | |
echo "--> Populating the newly created development database from production..." | |
gunzip < /tmp/${12}.dump.sql.gz | mysql -D ${12} | |
rm /tmp/${12}.dump.sql.gz | |
echo "<-- Complete." | |
echo "--> Applying release-specific updates..." | |
# cat /vagrant/${17:path/to/}${12}/release.sql | sed -e s/@DB_NAME@/${12}/ | mysql -uroot | |
echo "<-- Complete." | |
fi | |
echo "Complete." | |
# | |
# RESTART SERVICES (if we touched their config) | |
# | |
echo "Bouncing all of the services we've touched while provisioning..." | |
service memcached restart | |
service nginx restart | |
service php5-fpm restart | |
service mysql restart | |
echo "Complete." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment