node.rb in meroku-2.0.28

- old
+ new

@@ -3,62 +3,45 @@
 module Meroku
   # A node is an ec2 node, that powers meroku
   class Node
     include Meroku::Shared
     include Meroku::Aws
-    attr_reader :instance_id, :connection
+    include Meroku::Sshable
+    attr_reader :instance_id
 
     def initialize
       make_instance && associate_address
-      start_ssh && configure_keys
-      install_packages
+      start_ssh && user_creations && configure_keys
+      install_packages && homedir_creations
       database_inits && git_clone
-      nginx_configs && start_rails && close_ssh
-      puts 'Node created'
+      nginx_configs
+      start_rails
+      close_ssh
     end
 
-    def execute_script(script)
-      script.each_line do |line|
-        puts line
-        execute(line)
-      end
-    end
+    private
 
     def start_ssh
       @connection = Net::SSH.start(ip_address, 'ubuntu', sshopts)
     end
 
-    def close_ssh
-      @connection.close
-    end
-
-    def execute(command)
-      @connection.exec(command) { |_ch, _stream, data| puts data }
-      @connection.loop
-    end
-
-    private
-
-    def sshopts
-      {
-        verify_host_key: false,
-        key_data: Meroku::Shared.secrets.private_key
-      }
-    end
-
     def configure_keys
+      configure_host_keys
       execute_script <<~HEREDOC
-        sudo curl -s -o /etc/ssh/ssh_host_ecdsa_key #{bucket}ssh_host_ecdsa_key
-        sudo curl -s -o /etc/ssh/ssh_host_ecdsa_key.pub #{bucket}ssh_host_ecdsa_key.pub
-        sudo service ssh restart
         curl -s -o /home/ubuntu/letsencrypt_fullchain.pem #{bucket}letsencrypt_fullchain.pem
         curl -s -o /home/ubuntu/letsencrypt_privkey.pem #{bucket}letsencrypt_privkey.pem
         curl -s https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
         echo "Dpkg::Use-Pty "0";" | sudo tee /etc/apt/apt.conf.d/00usepty
       HEREDOC
     end
 
+    def configure_host_keys
+      execute_script <<~HEREDOC
+        sudo sh -c 'curl -s #{bucket}ssh_host_.tar | tar xvf - -C /etc/ssh/'
+      HEREDOC
+    end
+
     def install_packages
       ubuntu_site = 'http://archive.ubuntu.com/ubuntu/'
       postgres_site = 'http://apt.postgresql.org/pub/repos/apt/'
       execute_script <<~HEREDOC
         sudo apt-add-repository ppa:brightbox/ruby-ng --yes 2>/dev/null >/dev/null
@@ -66,19 +49,37 @@
         echo "deb #{ubuntu_site} trusty-security main universe" | sudo tee -a /etc/apt/sources.list
         echo "deb #{ubuntu_site} trusty-updates main universe" | sudo tee -a /etc/apt/sources.list
         echo "deb #{postgres_site} trusty-pgdg main" | sudo tee -a /etc/apt/sources.list
         DEBIAN_FRONTEND=noninteractive sudo apt-get update -qq
         DEBIAN_FRONTEND=noninteractive sudo apt-get upgrade -yqq --force-yes 2>/dev/null >/dev/null
-        DEBIAN_PRIORITY=critical DEBIAN_FRONTEND=noninteractive sudo apt-get install -q -y -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" autoconf bind9-host bison build-essential coreutils curl daemontools dnsutils ed git imagemagick iputils-tracepath language-pack-en libbz2-dev libcurl4-openssl-dev libev-dev libevent-dev libglib2.0-dev libjpeg-dev libmagickwand-dev libmysqlclient-dev libncurses5-dev librdkafka-dev libreadline6-dev libssl-dev libuv-dev libxml2-dev libxslt-dev netcat-openbsd openjdk-7-jdk openjdk-7-jre-headless openssh-client openssh-server python python-dev socat stunnel syslinux tar telnet zip zlib1g-dev ruby2.4 ruby2.4-dev nginx libsqlite3-dev nodejs libpq-dev postgresql-9.6 2>/dev/null >/dev/null
+        DEBIAN_PRIORITY=critical DEBIAN_FRONTEND=noninteractive sudo apt-get install -q -y -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" autoconf bind9-host bison build-essential coreutils curl daemontools dnsutils ed git imagemagick iputils-tracepath language-pack-en libbz2-dev libcurl4-openssl-dev libev-dev libevent-dev libglib2.0-dev libjpeg-dev libmagickwand-dev libmysqlclient-dev libncurses5-dev librdkafka-dev libreadline6-dev libssl-dev libuv-dev libxml2-dev libxslt-dev netcat-openbsd openjdk-7-jdk openjdk-7-jre-headless openssh-client openssh-server python python-dev socat stunnel syslinux tar telnet zip zlib1g-dev ruby2.4 ruby2.4-dev nginx libsqlite3-dev nodejs libpq-dev postgresql-9.6 awscli 2>/dev/null >/dev/null
       HEREDOC
     end
 
+    def homedir_creations
+      execute_script <<~HEREDOC
+        curl -s -o /tmp/latest #{bucket}homedir_backups/latest
+        tar -tvf /tmp/latest | tail
+        sudo tar -xvf /tmp/latest -C /home/
+        sudo rm -f /tmp/latest
+      HEREDOC
+    end
+
+    def user_creations
+      execute_script <<~HEREDOC
+        sudo sh -c 'curl -s #{bucket}etc_backups/latest | tar xvf - -C /'
+      HEREDOC
+    end
+
     def database_inits
       execute_script <<~HEREDOC
         sudo -u postgres createuser -e meroku
         sudo -u postgres createdb meroku
-        sudo -u postgres psql -c "ALTER ROLE meroku WITH PASSWORD '#{Meroku::Shared.secrets.meroku_secret}';"
+        #sudo -u postgres psql -c "ALTER ROLE meroku WITH PASSWORD '#{Meroku::Shared.secrets.meroku_secret}';"
+        curl -s -o /tmp/latest #{bucket}db_backups/latest
+        sudo -u postgres psql -f /tmp/latest
+        sudo rm -f /tmp/latest
         sudo perl -pi -e "s#local.*all.*all.*peer#local   all             all                                     md5#" /etc/postgresql/9.6/main/pg_hba.conf
         sudo service postgresql restart
       HEREDOC
     end
 
@@ -91,23 +92,33 @@
 
     def nginx_configs
       execute_script <<~HEREDOC
         sudo rm -f /etc/nginx/sites-enabled/* /etc/nginx/sites-available/*
         # Place vhost config for backend_api
-        sudo cp ~/backend_api/config/etc_nginx_sites-enabled_default /etc/nginx/sites-enabled/default
+        sudo cp ~/backend_api/config/etc_nginx_sites-enabled_default /etc/nginx/conf.d/backend_api.conf
+
         # Place vhost config template for end-user apps
         sudo mkdir /world_readable && sudo chmod 777 /world_readable
         sudo cp /home/ubuntu/meroku/data/etc_nginx_sites-enabled_template /world_readable
         sudo chmod a+r /world_readable/etc_nginx_sites-enabled_template
+
+        # consumer apps nginx config folder
+        sudo mkdir /owner_writable/
+        sudo chmod 777 /owner_writable/
+        sudo sh -c 'echo "include /owner_writable/*.conf;" > /etc/nginx/conf.d/include_owner_writable.conf'
+        sudo curl -s -o /tmp/latest #{bucket}nginxconfs_backups/latest
+        sudo tar -xvz -f /tmp/latest -C /owner_writable/
+        sudo chmod a+w /owner_writable/*  # TODO fix this
+        sudo rm -f /tmp/latest
       HEREDOC
     end
 
     def start_rails
       execute_script <<~HEREDOC
-        cd ~/backend_api; sudo gem install bundler; bundle;
-        cd ~/backend_api; SECRET=#{Meroku::Shared.secrets.meroku_secret} RAILS_ENV=production bundle exec rake db:migrate db:seed
+        cd ~/backend_api; sudo gem install bundler; NOKOGIRI_USE_SYSTEM_LIBRARIES=true bundle;
+        cd ~/backend_api; SECRET=#{Meroku::Shared.secrets.meroku_secret} RAILS_ENV=production bundle exec rake db:migrate
         cd ~/backend_api; SECRET=#{Meroku::Shared.secrets.meroku_secret} SECRET_KEY_BASE=#{Meroku::Shared.secrets.meroku_secret} RAILS_ENV=production bundle exec unicorn -D -l unix:///home/ubuntu/backend_api/tmp/backend_api.sock -c config/unicorn.rb
-        sudo /usr/sbin/nginx -s reload
       HEREDOC
+      execute_script 'sudo /home/ubuntu/backend_api/script/start_user_apps'
     end
   end
 end