cookbook 'cloudless-box', '= 1.4.0'
cloudless-box (8) Versions 1.4.0 Follow0
Cloudless box is an opinionated solution to run one or more Ruby on Rails, Node or Meteor applications on single server with databases, backup, firewall and more.
cookbook 'cloudless-box', '= 1.4.0', :supermarket
knife supermarket install cloudless-box
knife supermarket download cloudless-box
cloudless-box
Cloudless box is an opinionated solution to run one or more Ruby on Rails, Node or Meteor applications on single server with PostgreSQL, MongoDB or Redis databases. Includes firewall, backup and more.
Features
- configures one or many web applications on single server in efficient and secure way
- puts Ruby on Rails, Node, Meteor and static websites behind efficient Passenger server
- manages deployments in a centralized way (no need for Capistrano for each app)
- runs per-app cron tasks with whenever
- have separate PostgreSQL, MongoDB and/or Redis databases for all your web apps
- just add S3 credentials to have all your data automatically backed up every night
- preconfigured essentials include Git, NTP, ImageMagick, FFmpeg and bower
- takes care of IPTables and SSH configuration
Setup
Bootstrapping
Visit the Get Chef page. There, do the following:
- download and install Chef Development Kit
- sign up for a free Hosted Chef account
After logging into Hosted Chef management page, do the following:
- create new environment for your server
- add cloudless-box as environment's cookbook dependency
- configure environment attributes according to Configuration section
- download Starter Kit for your organization
After obtaining Starter Kit, cd into it and invoke the following command to bootstrap your new server:
knife bootstrap --ssh-user root --ssh-password --sudo --use-sudo-password --node-name --environment --run-list 'recipe[cloudless-box]'
Securing the server
It's recommended to disable root user after completing the bootstrap and using another, sudo-enabled account for future server visits.
Create new user
In order to create new user, invoke the following:
adduser
gpasswd -a wheel
passwd
Finish by entering your new user's password. Now you should be able to log into your server with new account. You can re-provision your server at any time using new account:
sudo chef-client
This is usually done when web app updates have been pushed and they need re-deploy or when you have changed your server's Chef configuration.
Disable root access
Next, let's disable root user completely. Invoke the following:
passwd -d root
yum -y install nano
nano /etc/ssh/sshd_config
Move to the end of the file and add the following:
PermitRootLogin no
Hit Ctrl+O
and Ctrl+X
. Finish by restarting SSH:
service sshd restart
Configuration
Coming soon. Sorry for inconvenience.
Private repos
If some of your applications are stored on private repositories, their initial deploy will fail due to access denial. In such case, you'll see error messages but the whole Chef run will finish with remaining tasks. Among others, it will still create system accounts and SSH keys for these applications. You can display SSH key for specific app with the following command:
sudo cat /home/deploy-/.ssh/id_rsa.pub
Add this key as a deployment key in GitHub or BitBucket and re-provision to finish the deployment.
Backup
Simply add S3 backup credentials to have a daily backup of all your PostgreSQL and MongoDB databases:
node['cloudless-box']['backup'] = {
'bucket' => '',
'access_key_id' => '',
'secret_access_key' => ''
}
Firewall
This cookbook will add exclusion rules for SSH and HTTP and close all other ports for security. You can disable this by setting:
node['cloudless-box']['firewall'] = false
Dependent cookbooks
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
Foodcritic Metric
1.4.0 failed this metric
FC002: Avoid string interpolation where not required: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/firewall.rb:5
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/bower_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/file_line.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/meteor_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/node_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/rails_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/shared_dir.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/whenever_schedule.rb:1
FC023: Prefer conditional attributes: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/bower.rb:1
FC023: Prefer conditional attributes: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/certificates.rb:9
FC023: Prefer conditional attributes: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/meteor.rb:1
FC039: Node method cannot be accessed with key: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/backup.rb:7
1.4.0 failed this metric
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/bower_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/file_line.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/meteor_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/node_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/rails_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/shared_dir.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/whenever_schedule.rb:1
FC023: Prefer conditional attributes: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/bower.rb:1
FC023: Prefer conditional attributes: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/certificates.rb:9
FC023: Prefer conditional attributes: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/meteor.rb:1
FC039: Node method cannot be accessed with key: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/backup.rb:7