udienz/a foreman setting example

## a foreman setting example
echo "deb http://apt.puppetlabs.com wheezy main" >>/etc/apt/sources.list
apt-get update
apt-get install foreman unicorn
/etc/init.d/foreman stop
#disable /etc/init.d/foreman
rcconf

## etc_default_unicorn
# Change paramentres below to appropriate values and set CONFIGURED to yes.
CONFIGURED=yes

# Default timeout until child process is killed during server upgrade,
# it has *no* relation to option "timeout" in server's config.rb.
TIMEOUT=60

# Path to your web application, sh'ld be also set in server's config.rb,
# option "working_directory". Rack's config.ru is located here.
APP_ROOT=/usr/share/foreman

# Server's config.rb, it's not a rack's config.ru
CONFIG_RB="$APP_ROOT/unicorn.conf.rb"

# Where to store PID, sh'ld be also set in server's config.rb, option "pid".
PID=/run/unicorn.pid

# Additional arguments passed to unicorn, see man (1) unicorn.
UNICORN_OPTS="-D -E production -c $CONFIG_RB"

## etc_foreman_settings.yaml
---
#your default puppet server - can be overridden in the host level
#if none specified, plain "puppet" will be used.
#:puppet_server: puppet
:unattended: true
:puppetconfdir: /etc/puppet/puppet.conf
:failed_report_email_notification: true
:login: true
:require_ssl: false

## etc_nginx_sites-enabled_foreman.conf
upstream foreman {
    server 127.0.0.1:3200;
}

server {
        listen 80;
        server_name <%= fqdn %>;

        access_log /var/log/nginx/access-foreman.log;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Client-Verify $ssl_client_verify;
        proxy_set_header X-Client-DN $ssl_client_s_dn;
        proxy_set_header X-SSL-Issuer $ssl_client_i_dn;

        location / {
            proxy_pass http://foreman;
            proxy_read_timeout 65;
        }
}

server {
        listen 443 default_server ssl;
        server_name <%= fqdn %>;

        access_log /var/log/nginx/access-foreman.log;

        ssl on;
        ssl_certificate /var/lib/puppet/ssl/certs/<%= fqdn %>.pem;
        ssl_certificate_key /var/lib/puppet/ssl/private_keys/<%= fqdn %>.pem;
        ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA;
        ssl_session_cache shared:SSL:40m;
        ssl_session_timeout 5m;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Client-Verify $ssl_client_verify;
        proxy_set_header X-Client-DN $ssl_client_s_dn;
        proxy_set_header X-SSL-Issuer $ssl_client_i_dn;

        location / {
            proxy_pass http://foreman;
            proxy_read_timeout 65;
        }
}

## script.sh
#!/bin/bash

# Install puppet and augeas
wget http://apt.puppetlabs.com/puppetlabs-release-$(lsb_release -cs).deb
sudo dpkg -i puppetlabs-release-$(lsb_release -cs).deb
sudo apt-get update
sudo apt-get install puppet augeas-tools -y
rm puppetlabs-release-$(lsb_release -cs).deb
sudo sed -i 's/START=no/START=yes/' /etc/default/puppet
sudo sed -i '/templatedir=.*/d' /etc/puppet/puppet.conf
sudo puppet agent --enable

# install foreman
sudo su -c 'echo "deb http://deb.theforeman.org/ $(lsb_release -cs) 1.10" > /etc/apt/sources.list.d/foreman.list'
sudo su -c 'echo "deb http://deb.theforeman.org/ plugins 1.10" >> /etc/apt/sources.list.d/foreman.list'
sudo su -c 'wget -q http://deb.theforeman.org/pubkey.gpg -O- | apt-key add -'
sudo apt-get update

sudo apt-get install foreman foreman-installer unicorn

sudo augtool -s set /files/etc/default/foreman/START no
sudo augtool -s set /files/etc/default/unicorn/TIMEOUT 60
sudo augtool -s set /files/etc/default/unicorn/APP_ROOT "/usr/share/foreman"
sudo augtool -s set /files/etc/default/unicorn/CONFIG_RB '\"$APP_ROOT/unicorn.conf.rb\"'
sudo augtool -s set /files/etc/default/unicorn/UNICORN_OPTS '\"-D -E production -c $CONFIG_RB\"'
sudo augtool -s set /files/etc/default/unicorn/CONFIGURED yes

## usr_share_foreman_unicorn.conf.rb
# config/unicorn.conf.rb
worker_processes Integer(ENV["WEB_CONCURRENCY"] || 3)
working_directory "/usr/share/foreman"
timeout 15
preload_app true
listen 3200

stderr_path "/var/log/foreman/unicorn.stderr.log"
stdout_path "/var/log/foreman/unicorn.stdout.log"

before_fork do |server, worker|
  Signal.trap 'TERM' do
    puts 'Unicorn master intercepting TERM and sending myself QUIT instead'
    Process.kill 'QUIT', Process.pid
  end

  defined?(ActiveRecord::Base) and
    ActiveRecord::Base.connection.disconnect!
end

after_fork do |server, worker|
  Signal.trap 'TERM' do
    puts 'Unicorn worker intercepting TERM and doing nothing. Wait for master to send QUIT'
  end

  defined?(ActiveRecord::Base) and
    ActiveRecord::Base.establish_connection
end
	echo "deb http://apt.puppetlabs.com wheezy main" >>/etc/apt/sources.list
	apt-get update
	apt-get install foreman unicorn
	/etc/init.d/foreman stop
	#disable /etc/init.d/foreman
	rcconf
	# Change paramentres below to appropriate values and set CONFIGURED to yes.
	CONFIGURED=yes

	# Default timeout until child process is killed during server upgrade,
	# it has no relation to option "timeout" in server's config.rb.
	TIMEOUT=60

	# Path to your web application, sh'ld be also set in server's config.rb,
	# option "working_directory". Rack's config.ru is located here.
	APP_ROOT=/usr/share/foreman

	# Server's config.rb, it's not a rack's config.ru
	CONFIG_RB="$APP_ROOT/unicorn.conf.rb"

	# Where to store PID, sh'ld be also set in server's config.rb, option "pid".
	PID=/run/unicorn.pid

	# Additional arguments passed to unicorn, see man (1) unicorn.
	UNICORN_OPTS="-D -E production -c $CONFIG_RB"
	---
	#your default puppet server - can be overridden in the host level
	#if none specified, plain "puppet" will be used.
	#:puppet_server: puppet
	:unattended: true
	:puppetconfdir: /etc/puppet/puppet.conf
	:failed_report_email_notification: true
	:login: true
	:require_ssl: false
	upstream foreman {
	server 127.0.0.1:3200;
	}

	server {
	listen 80;
	server_name <%= fqdn %>;

	access_log /var/log/nginx/access-foreman.log;

	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Client-Verify $ssl_client_verify;
	proxy_set_header X-Client-DN $ssl_client_s_dn;
	proxy_set_header X-SSL-Issuer $ssl_client_i_dn;

	location / {
	proxy_pass http://foreman;
	proxy_read_timeout 65;
	}
	}

	server {
	listen 443 default_server ssl;
	server_name <%= fqdn %>;

	access_log /var/log/nginx/access-foreman.log;

	ssl on;
	ssl_certificate /var/lib/puppet/ssl/certs/<%= fqdn %>.pem;
	ssl_certificate_key /var/lib/puppet/ssl/private_keys/<%= fqdn %>.pem;
	ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA;
	ssl_session_cache shared:SSL:40m;
	ssl_session_timeout 5m;

	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Client-Verify $ssl_client_verify;
	proxy_set_header X-Client-DN $ssl_client_s_dn;
	proxy_set_header X-SSL-Issuer $ssl_client_i_dn;

	location / {
	proxy_pass http://foreman;
	proxy_read_timeout 65;
	}
	}
	#!/bin/bash

	# Install puppet and augeas
	wget http://apt.puppetlabs.com/puppetlabs-release-$(lsb_release -cs).deb
	sudo dpkg -i puppetlabs-release-$(lsb_release -cs).deb
	sudo apt-get update
	sudo apt-get install puppet augeas-tools -y
	rm puppetlabs-release-$(lsb_release -cs).deb
	sudo sed -i 's/START=no/START=yes/' /etc/default/puppet
	sudo sed -i '/templatedir=.*/d' /etc/puppet/puppet.conf
	sudo puppet agent --enable

	# install foreman
	sudo su -c 'echo "deb http://deb.theforeman.org/ $(lsb_release -cs) 1.10" > /etc/apt/sources.list.d/foreman.list'
	sudo su -c 'echo "deb http://deb.theforeman.org/ plugins 1.10" >> /etc/apt/sources.list.d/foreman.list'
	sudo su -c 'wget -q http://deb.theforeman.org/pubkey.gpg -O- \| apt-key add -'
	sudo apt-get update

	sudo apt-get install foreman foreman-installer unicorn

	sudo augtool -s set /files/etc/default/foreman/START no
	sudo augtool -s set /files/etc/default/unicorn/TIMEOUT 60
	sudo augtool -s set /files/etc/default/unicorn/APP_ROOT "/usr/share/foreman"
	sudo augtool -s set /files/etc/default/unicorn/CONFIG_RB '\"$APP_ROOT/unicorn.conf.rb\"'
	sudo augtool -s set /files/etc/default/unicorn/UNICORN_OPTS '\"-D -E production -c $CONFIG_RB\"'
	sudo augtool -s set /files/etc/default/unicorn/CONFIGURED yes
	# config/unicorn.conf.rb
	worker_processes Integer(ENV["WEB_CONCURRENCY"] \|\| 3)
	working_directory "/usr/share/foreman"
	timeout 15
	preload_app true
	listen 3200

	stderr_path "/var/log/foreman/unicorn.stderr.log"
	stdout_path "/var/log/foreman/unicorn.stdout.log"

	before_fork do \|server, worker\|
	Signal.trap 'TERM' do
	puts 'Unicorn master intercepting TERM and sending myself QUIT instead'
	Process.kill 'QUIT', Process.pid
	end

	defined?(ActiveRecord::Base) and
	ActiveRecord::Base.connection.disconnect!
	end

	after_fork do \|server, worker\|
	Signal.trap 'TERM' do
	puts 'Unicorn worker intercepting TERM and doing nothing. Wait for master to send QUIT'
	end

	defined?(ActiveRecord::Base) and
	ActiveRecord::Base.establish_connection
	end