timruffles/deploy.sh

## deploy.sh
#!/bin/bash

# run on source machine to build and then copy over

set -eo pipefail

main() {
	if [[ -z $SKIP_BUILD ]]; then
		grunt build
	fi

	if [[ -z $SKIP_TAR ]]; then
	  tar -zcvf app.tar.gz -C dist . 2>/dev/null
		scp app.tar.gz $TARGET:/deployment/app.tar.gz
	fi

	source credentials.sh

	cat > deployment/app.env <<CONF
NODE_ENV=production
PORT=443
PG_DB_URL=postgres://app:$PG_PASSWORD@localhost/app
COOKIE_SECRET=$COOKIE_SECRET
PASSWORD_BCRYPT_WORK_FACTOR=12
CONF

	scp deployment/app.env $TARGET:/deployment/app.env
	ssh $TARGET bash /deployment/deploy-version.sh

	rm deployment/app.env
}

main

## provision.sh
# simply scp this to the target machine and run (as root)
NODE_VERSION=5.5.0
PSQL_VERSION=9.5

set -euo pipefail

main() {
	install_general

	/deployment/slack-message.sh "started provisioning of $(hostname)"

	install_node

	install_postgres
	# provision_db
	configure_crontab

	configure_users
	configure_permissions
	configure_services

	/deployment/slack-message.sh "finished provisioning of $(hostname)"
}

install_general() {
	apt-get install --yes curl vim-nox
}

install_node() {
	if [[ $(node -v || echo nope) =~ $NODE_VERSION ]]; then
		echo node installed
		return
	fi

	# http://www.hostingadvice.com/how-to/install-nodejs-ubuntu-14-04/

	# install node, place in /usr/local
	wget http://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.gz -O /tmp/node.tar.gz
	tar -C /usr/local --strip-components 1 -xzf /tmp/node.tar.gz
	de


	# ensure npm can install native packages (remove when we can build elsewhere)
	apt-get install --yes python-software-properties python g++ make

	# ensure we can bind to priviledged ports
	apt-get install --yes privbind

	echo node installed
}

install_postgres() {
	if [[ $(psql --version || echo nope) =~ $PSQL_VERSION ]]; then
		echo pg installed
		return
	fi

	# https://wiki.postgresql.org/wiki/Apt#PostgreSQL_packages_for_Debian_and_Ubuntu
	echo 'deb http://apt.postgresql.org/pub/repos/apt/ wheezy-pgdg main' > /etc/apt/sources.list.d/pgdg.list

	apt-get install --yes wget ca-certificates
	wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
	apt-get update --yes
	apt-get install --yes postgresql-$PSQL_VERSION

	cp /deployment/pg_hba.conf /etc/postgresql/$PSQL_VERSION/main/pg_hba.conf

	echo pg installed
}

provision_db() {
	su postgres

	if psql postgres -tAc "SELECT 1 FROM pg_roles WHERE rolname='USR_NAME'"; then
		echo db provisioned
		exit
		return
	fi

	createuser --superuser app
	createdb app -O app
	exit

	echo db provisioned
}

configure_services() {
	cp /deployment/app.service /etc/systemd/system/app.service

	systemctl daemon-reload
}

configure_crontab() {
	cp /deployment/crontab /var/spool/cron/crontabs/root
	# ensure we have correct perms on our crontab
	chmod u=rw,g=,o= /var/spool/cron/crontabs/root
}

configure_users() {
	groupadd --force ops
	usermod --append --groups ops postgres

	# application user
	useradd --create-home app || true
}

configure_permissions() {
	chown root:ops /deployment
	mkdir -p /pg_backups
	chown postgres:postgres /pg_backups

	mkdir -p /srv/app
	chown app:app /srv/app
}

main


## version-deployed.sh
# this script is run on the target machine, and starts up the deployed
# version

set -euo pipefail
set -x

# able to do negative globs
shopt -s extglob

TARBALL=/deployment/app.tar.gz

if [[ ! -f $TARBALL ]]; then
	echo missing $TARBALL file
fi

rm -rf /srv/app/!(node_modules)

tar -xf $TARBALL -C /srv/app
chown -R app:app /srv/app

cd /srv/app
su app -c 'npm install --production'

systemctl restart app
	#!/bin/bash

	# run on source machine to build and then copy over

	set -eo pipefail

	main() {
	if [[ -z $SKIP_BUILD ]]; then
	grunt build
	fi

	if [[ -z $SKIP_TAR ]]; then
	tar -zcvf app.tar.gz -C dist . 2>/dev/null
	scp app.tar.gz $TARGET:/deployment/app.tar.gz
	fi

	source credentials.sh

	cat > deployment/app.env <<CONF
	NODE_ENV=production
	PORT=443
	PG_DB_URL=postgres://app:$PG_PASSWORD@localhost/app
	COOKIE_SECRET=$COOKIE_SECRET
	PASSWORD_BCRYPT_WORK_FACTOR=12
	CONF

	scp deployment/app.env $TARGET:/deployment/app.env
	ssh $TARGET bash /deployment/deploy-version.sh

	rm deployment/app.env
	}

	main
	# simply scp this to the target machine and run (as root)
	NODE_VERSION=5.5.0
	PSQL_VERSION=9.5

	set -euo pipefail

	main() {
	install_general

	/deployment/slack-message.sh "started provisioning of $(hostname)"

	install_node

	install_postgres
	# provision_db
	configure_crontab

	configure_users
	configure_permissions
	configure_services

	/deployment/slack-message.sh "finished provisioning of $(hostname)"
	}

	install_general() {
	apt-get install --yes curl vim-nox
	}

	install_node() {
	if [[ $(node -v \|\| echo nope) =~ $NODE_VERSION ]]; then
	echo node installed
	return
	fi

	# http://www.hostingadvice.com/how-to/install-nodejs-ubuntu-14-04/

	# install node, place in /usr/local
	wget http://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.gz -O /tmp/node.tar.gz
	tar -C /usr/local --strip-components 1 -xzf /tmp/node.tar.gz
	de


	# ensure npm can install native packages (remove when we can build elsewhere)
	apt-get install --yes python-software-properties python g++ make

	# ensure we can bind to priviledged ports
	apt-get install --yes privbind

	echo node installed
	}

	install_postgres() {
	if [[ $(psql --version \|\| echo nope) =~ $PSQL_VERSION ]]; then
	echo pg installed
	return
	fi

	# https://wiki.postgresql.org/wiki/Apt#PostgreSQL_packages_for_Debian_and_Ubuntu
	echo 'deb http://apt.postgresql.org/pub/repos/apt/ wheezy-pgdg main' > /etc/apt/sources.list.d/pgdg.list

	apt-get install --yes wget ca-certificates
	wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc \| apt-key add -
	apt-get update --yes
	apt-get install --yes postgresql-$PSQL_VERSION

	cp /deployment/pg_hba.conf /etc/postgresql/$PSQL_VERSION/main/pg_hba.conf

	echo pg installed
	}

	provision_db() {
	su postgres

	if psql postgres -tAc "SELECT 1 FROM pg_roles WHERE rolname='USR_NAME'"; then
	echo db provisioned
	exit
	return
	fi

	createuser --superuser app
	createdb app -O app
	exit

	echo db provisioned
	}

	configure_services() {
	cp /deployment/app.service /etc/systemd/system/app.service

	systemctl daemon-reload
	}

	configure_crontab() {
	cp /deployment/crontab /var/spool/cron/crontabs/root
	# ensure we have correct perms on our crontab
	chmod u=rw,g=,o= /var/spool/cron/crontabs/root
	}

	configure_users() {
	groupadd --force ops
	usermod --append --groups ops postgres

	# application user
	useradd --create-home app \|\| true
	}

	configure_permissions() {
	chown root:ops /deployment
	mkdir -p /pg_backups
	chown postgres:postgres /pg_backups

	mkdir -p /srv/app
	chown app:app /srv/app
	}

	main
	# this script is run on the target machine, and starts up the deployed
	# version

	set -euo pipefail
	set -x

	# able to do negative globs
	shopt -s extglob

	TARBALL=/deployment/app.tar.gz

	if [[ ! -f $TARBALL ]]; then
	echo missing $TARBALL file
	fi

	rm -rf /srv/app/!(node_modules)

	tar -xf $TARBALL -C /srv/app
	chown -R app:app /srv/app

	cd /srv/app
	su app -c 'npm install --production'

	systemctl restart app