Last active
June 22, 2018 19:01
-
-
Save timruffles/1d045ef101fba9d1b72b to your computer and use it in GitHub Desktop.
pure bash provisioning - node + postgres on ubuntu 15.10. Whole /deployment directory has been scp'd to machine, containing all config files etc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# run on source machine to build and then copy over | |
set -eo pipefail | |
main() { | |
if [[ -z $SKIP_BUILD ]]; then | |
grunt build | |
fi | |
if [[ -z $SKIP_TAR ]]; then | |
tar -zcvf app.tar.gz -C dist . 2>/dev/null | |
scp app.tar.gz $TARGET:/deployment/app.tar.gz | |
fi | |
source credentials.sh | |
cat > deployment/app.env <<CONF | |
NODE_ENV=production | |
PORT=443 | |
PG_DB_URL=postgres://app:$PG_PASSWORD@localhost/app | |
COOKIE_SECRET=$COOKIE_SECRET | |
PASSWORD_BCRYPT_WORK_FACTOR=12 | |
CONF | |
scp deployment/app.env $TARGET:/deployment/app.env | |
ssh $TARGET bash /deployment/deploy-version.sh | |
rm deployment/app.env | |
} | |
main |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# simply scp this to the target machine and run (as root) | |
NODE_VERSION=5.5.0 | |
PSQL_VERSION=9.5 | |
set -euo pipefail | |
main() { | |
install_general | |
/deployment/slack-message.sh "started provisioning of $(hostname)" | |
install_node | |
install_postgres | |
# provision_db | |
configure_crontab | |
configure_users | |
configure_permissions | |
configure_services | |
/deployment/slack-message.sh "finished provisioning of $(hostname)" | |
} | |
install_general() { | |
apt-get install --yes curl vim-nox | |
} | |
install_node() { | |
if [[ $(node -v || echo nope) =~ $NODE_VERSION ]]; then | |
echo node installed | |
return | |
fi | |
# http://www.hostingadvice.com/how-to/install-nodejs-ubuntu-14-04/ | |
# install node, place in /usr/local | |
wget http://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.gz -O /tmp/node.tar.gz | |
tar -C /usr/local --strip-components 1 -xzf /tmp/node.tar.gz | |
de | |
# ensure npm can install native packages (remove when we can build elsewhere) | |
apt-get install --yes python-software-properties python g++ make | |
# ensure we can bind to priviledged ports | |
apt-get install --yes privbind | |
echo node installed | |
} | |
install_postgres() { | |
if [[ $(psql --version || echo nope) =~ $PSQL_VERSION ]]; then | |
echo pg installed | |
return | |
fi | |
# https://wiki.postgresql.org/wiki/Apt#PostgreSQL_packages_for_Debian_and_Ubuntu | |
echo 'deb http://apt.postgresql.org/pub/repos/apt/ wheezy-pgdg main' > /etc/apt/sources.list.d/pgdg.list | |
apt-get install --yes wget ca-certificates | |
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - | |
apt-get update --yes | |
apt-get install --yes postgresql-$PSQL_VERSION | |
cp /deployment/pg_hba.conf /etc/postgresql/$PSQL_VERSION/main/pg_hba.conf | |
echo pg installed | |
} | |
provision_db() { | |
su postgres | |
if psql postgres -tAc "SELECT 1 FROM pg_roles WHERE rolname='USR_NAME'"; then | |
echo db provisioned | |
exit | |
return | |
fi | |
createuser --superuser app | |
createdb app -O app | |
exit | |
echo db provisioned | |
} | |
configure_services() { | |
cp /deployment/app.service /etc/systemd/system/app.service | |
systemctl daemon-reload | |
} | |
configure_crontab() { | |
cp /deployment/crontab /var/spool/cron/crontabs/root | |
# ensure we have correct perms on our crontab | |
chmod u=rw,g=,o= /var/spool/cron/crontabs/root | |
} | |
configure_users() { | |
groupadd --force ops | |
usermod --append --groups ops postgres | |
# application user | |
useradd --create-home app || true | |
} | |
configure_permissions() { | |
chown root:ops /deployment | |
mkdir -p /pg_backups | |
chown postgres:postgres /pg_backups | |
mkdir -p /srv/app | |
chown app:app /srv/app | |
} | |
main | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# this script is run on the target machine, and starts up the deployed | |
# version | |
set -euo pipefail | |
set -x | |
# able to do negative globs | |
shopt -s extglob | |
TARBALL=/deployment/app.tar.gz | |
if [[ ! -f $TARBALL ]]; then | |
echo missing $TARBALL file | |
fi | |
rm -rf /srv/app/!(node_modules) | |
tar -xf $TARBALL -C /srv/app | |
chown -R app:app /srv/app | |
cd /srv/app | |
su app -c 'npm install --production' | |
systemctl restart app |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment