Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

cloudless-box (8) Versions 1.4.0

Cloudless box is an opinionated solution to run one or more Ruby on Rails, Node or Meteor applications on single server with databases, backup, firewall and more.

Berkshelf/Librarian
Policyfile
Knife
cookbook 'cloudless-box', '= 1.4.0'
cookbook 'cloudless-box', '= 1.4.0', :supermarket
knife cookbook site install cloudless-box
knife cookbook site download cloudless-box
README
Dependencies
Quality 0%

cloudless-box

Cloudless box is an opinionated solution to run one or more Ruby on Rails, Node or Meteor applications on single server with PostgreSQL, MongoDB or Redis databases. Includes firewall, backup and more.

Features

  • configures one or many web applications on single server in efficient and secure way
  • puts Ruby on Rails, Node, Meteor and static websites behind efficient Passenger server
  • manages deployments in a centralized way (no need for Capistrano for each app)
  • runs per-app cron tasks with whenever
  • have separate PostgreSQL, MongoDB and/or Redis databases for all your web apps
  • just add S3 credentials to have all your data automatically backed up every night
  • preconfigured essentials include Git, NTP, ImageMagick, FFmpeg and bower
  • takes care of IPTables and SSH configuration

Setup

Bootstrapping

Visit the Get Chef page. There, do the following:

  • download and install Chef Development Kit
  • sign up for a free Hosted Chef account

After logging into Hosted Chef management page, do the following:

  • create new environment for your server
    • add cloudless-box as environment's cookbook dependency
    • configure environment attributes according to Configuration section
  • download Starter Kit for your organization

After obtaining Starter Kit, cd into it and invoke the following command to bootstrap your new server:

knife bootstrap <address> --ssh-user root --ssh-password <your-password> --sudo --use-sudo-password --node-name <node-name> --environment <env-name> --run-list 'recipe[cloudless-box]'

Securing the server

It's recommended to disable root user after completing the bootstrap and using another, sudo-enabled account for future server visits.

Create new user

In order to create new user, invoke the following:

adduser <myuser>
gpasswd -a <myuser> wheel
passwd <myuser>

Finish by entering your new user's password. Now you should be able to log into your server with new account. You can re-provision your server at any time using new account:

sudo chef-client

This is usually done when web app updates have been pushed and they need re-deploy or when you have changed your server's Chef configuration.

Disable root access

Next, let's disable root user completely. Invoke the following:

passwd -d root
yum -y install nano
nano /etc/ssh/sshd_config

Move to the end of the file and add the following:

PermitRootLogin no

Hit Ctrl+O and Ctrl+X. Finish by restarting SSH:

service sshd restart

Configuration

Coming soon. Sorry for inconvenience.

Private repos

If some of your applications are stored on private repositories, their initial deploy will fail due to access denial. In such case, you'll see error messages but the whole Chef run will finish with remaining tasks. Among others, it will still create system accounts and SSH keys for these applications. You can display SSH key for specific app with the following command:

sudo cat /home/deploy-<app-name>/.ssh/id_rsa.pub

Add this key as a deployment key in GitHub or BitBucket and re-provision to finish the deployment.

Backup

Simply add S3 backup credentials to have a daily backup of all your PostgreSQL and MongoDB databases:

node['cloudless-box']['backup'] = {
    'bucket' => '',
    'access_key_id' => '',
    'secret_access_key' => ''
}

Firewall

This cookbook will add exclusion rules for SSH and HTTP and close all other ports for security. You can disable this by setting:

node['cloudless-box']['firewall'] = false

Foodcritic Metric
            

1.4.0 failed this metric

FC002: Avoid string interpolation where not required: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/firewall.rb:5
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/bower_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/file_line.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/meteor_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/node_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/rails_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/shared_dir.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/definitions/whenever_schedule.rb:1
FC023: Prefer conditional attributes: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/bower.rb:1
FC023: Prefer conditional attributes: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/certificates.rb:9
FC023: Prefer conditional attributes: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/meteor.rb:1
FC039: Node method cannot be accessed with key: /tmp/cook/d54fd08687306a41f01b3143/cloudless-box/recipes/backup.rb:7