Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

cloudless-box (8) Versions 1.4.3

Cloudless box is an opinionated solution to run one or more Ruby on Rails, Node or Meteor applications on single server with databases, backup, firewall and more.

Policyfile
Berkshelf
Knife
cookbook 'cloudless-box', '= 1.4.3', :supermarket
cookbook 'cloudless-box', '= 1.4.3'
knife supermarket install cloudless-box
knife supermarket download cloudless-box
README
Dependencies
Quality 0%

cloudless-box

Cloudless box is an opinionated solution to run one or more Ruby on Rails, Node or Meteor applications on single server with PostgreSQL, MongoDB or Redis databases. Includes firewall, backup and more.

Features

  • comes with complete setup guide, possible to follow by people unfamiliar with Chef
  • configures one or many web applications on single server in efficient and secure way
  • puts Ruby on Rails, Node, Meteor and static websites behind efficient Passenger proxy
  • manages deployments in a centralized way (no need for Capistrano for each app)
  • configures separate PostgreSQL, MongoDB and/or Redis databases for all apps
  • comes with an automatic solution to backup all app databases to S3 every night
  • includes preconfigured essentials like NTP, ImageMagick, FFmpeg and bower
  • runs per-app cron tasks with whenever's intuitive syntax
  • takes care of IPTables and SSH configuration

Setup

This section guides users new to Chef through a complete process of setting up cloudless-box on their own server, while managing the whole process with a Hosted Chef server. If you've already wrapped your head around Hosted Chef, Berkshelf and Knife, you can skip this section and just use this cookbook as usually.

Prepare Chef

First, visit the Get Chef page, download Chef Development Kit for your operating system and install it. Then, visit the Hosted Chef page and sign in to Chef Manage or register for a free account.

If you've just created new account, you'll have to authorize your computer with the Chef server. Visit Chef Manage and click Administration and Organizations. There, you can download the Starter Kit. Do so. After downloading it, copy the .chef directory inside it to your home directory:

mkdir ~/.chef
cp /.chef/* ~/.chef/

You are now ready to work with your Hosted Chef account.

Install cloudless-box

Next step is to upload cloudless-box to your Hosted Chef account. Invoke the following:

git clone https://github.com/karolsluszniak/cloudless-box.git
cd cloudless-box
berks install
berks upload

Now you have cloudless-box cookbook and all its dependencies ready on your Hosted Chef account.

Bootstrap new server

Go back to Chef Manage page in order to create configuration for your server. Click Policy, Environments and Create. Name the environment and click Next. On Constraints tab, select cloudless-box and enter current version of cloudless-box (you can find it at Policy/Cookbooks). Next is Default attributes tab. It's here where you write JSON that lists and configures your server's apps according to the Configuration section below. You can also leave it empty for now and start by bootstrapping cloudless-box without any apps.

Finally, you can bootstrap your server with the following command:

knife bootstrap 
--ssh-user root --ssh-password --sudo --use-sudo-password --node-name --environment --run-list 'recipe[cloudless-box]'

That's it! You can re-provision the server by logging into it and executing:

chef-client

This is usually done when your web apps were updated and they need re-deploy or when you have changed your server's environment attributes.

Secure new server

It's recommended to disable root user after completing the bootstrap and using sudo-enabled account for future server visits. This step is not directly related to this cookbook, nor is it required, but it's strongly recommended for improving security.

In order to create new user, invoke the following:

adduser 
gpasswd -a  wheel
passwd 

Finish by entering your new user's password. Now you should be able to log into your server with new account. You can re-provision your server at any time using new account:

sudo chef-client

Next, let's disable root user completely. Invoke the following:

passwd -d root
yum -y install nano
nano /etc/ssh/sshd_config

Move to the end of the file and add the following:

PermitRootLogin no

Hit Ctrl+O and Ctrl+X. Finish by restarting SSH:

service sshd restart

Configuration

Applications

Complete attribute description coming soon. In the meantime, this is a sample JSON with attributes for sample multi-app setup:

{
  "cloudless-box": {
    "applications": {
      "my-rails-app": {
        "layout": "rails",
        "ruby": "2.2.2",
        "postgresql": true,
        "url": "my-rails-app.com",
        "repository": "git@bitbucket.org:user/repo.git",
        "env": {
          "aws_s3_bucket": "(...)",
          "aws_access_key_Id": "(...)",
          "aws_secret_access_key": "(...)"
        }
      },
      "my-meteor-app": {
        "layout": "meteor",
        "mongodb": true,
        "repository": "git@github.com:user/repo.git"
      },
      "my-node-app": {
        "layout": "node",
        "bower": true,
        "repository": "git@bitbucket.org:user/repo.git",
        "env": {
          "google_analytics_id": "(...)"
        }
      }
    }
  }
}

Private repos

If some of your applications are stored on private repositories, their initial deploy will fail due to SSH access denial. In such case, you'll see error messages but the whole chef-client run will finish with remaining tasks. Among others, it will still create system accounts and SSH keys for these applications. You can display SSH key for specific app with the following command:

sudo cat /home/deploy-/.ssh/id_rsa.pub

Add this key as a deployment key in your app's repo settings on GitHub or BitBucket and re-provision with chef-client to finish the deployment.

Backup

Simply add S3 backup credentials to have a daily backup of all your PostgreSQL and MongoDB databases:

{
  "cloudless-box": {
    "backup": {
      "bucket": "(...)",
      "access_key_id": "(...)",
      "secret_access_key": "(...)"
    }
  }
}

Firewall

This cookbook will add exclusion rules for SSH and HTTP and close all other ports for security. You can stop cloudless-box from touching your firewall settings with:

{
  "cloudless-box": {
    "firewall": false
  }
}

Foodcritic Metric
            

1.4.3 failed this metric

FC002: Avoid string interpolation where not required: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/recipes/firewall.rb:5
FC015: Consider converting definition to a LWRP: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/definitions/bower_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/definitions/file_line.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/definitions/meteor_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/definitions/node_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/definitions/rails_app.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/definitions/shared_dir.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/definitions/whenever_schedule.rb:1
FC023: Prefer conditional attributes: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/recipes/bower.rb:1
FC023: Prefer conditional attributes: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/recipes/certificates.rb:9
FC023: Prefer conditional attributes: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/recipes/meteor.rb:1
FC039: Node method cannot be accessed with key: /tmp/cook/0b38d7496c94a34603f651c7/cloudless-box/recipes/backup.rb:7