From 872e96eb5bde812e3fb91ccbc8ba73aa604996cd Mon Sep 17 00:00:00 2001 From: Nikolaus Schlemm Date: Mon, 17 Nov 2014 17:25:01 +0100 Subject: [PATCH] initial commit for playground: vagrant with nginx+nodejs+bower --- .gitignore | 2 + Vagrantfile | 129 +++++++++++++++++++++++ salt/minion | 220 +++++++++++++++++++++++++++++++++++++++ salt/roots/core.sls | 14 +++ salt/roots/nginx/init.sls | 15 +++ salt/roots/nodejs.sls | 17 +++ salt/roots/playground/init.sls | 43 ++++++++ salt/roots/playground/nginx.conf | 38 +++++++ salt/roots/python.sls | 12 +++ salt/roots/top.sls | 7 ++ 10 files changed, 497 insertions(+) create mode 100644 .gitignore create mode 100644 Vagrantfile create mode 100644 salt/minion create mode 100644 salt/roots/core.sls create mode 100644 salt/roots/nginx/init.sls create mode 100644 salt/roots/nodejs.sls create mode 100644 salt/roots/playground/init.sls create mode 100644 salt/roots/playground/nginx.conf create mode 100644 salt/roots/python.sls create mode 100644 salt/roots/top.sls diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..128b3d0 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.vagrant/ +static/ diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 0000000..2d35cea --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,129 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +# Vagrantfile API/syntax version. Don't touch unless you know what you're doing! +VAGRANTFILE_API_VERSION = "2" + +Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| + # All Vagrant configuration is done here. The most common configuration + # options are documented and commented below. For a complete reference, + # please see the online documentation at vagrantup.com. + + # Every Vagrant virtual environment requires a box to build off of. + config.vm.box = "ubuntu/trusty64" + + # Disable automatic box update checking. If you disable this, then + # boxes will only be checked for updates when the user runs + # `vagrant box outdated`. This is not recommended. + # config.vm.box_check_update = false + + # Create a forwarded port mapping which allows access to a specific port + # within the machine from a port on the host machine. In the example below, + # accessing "localhost:8080" will access port 80 on the guest machine. + config.vm.network "forwarded_port", guest: 80, host: 8080 + + # Create a private network, which allows host-only access to the machine + # using a specific IP. + # config.vm.network "private_network", ip: "192.168.33.10" + + # Create a public network, which generally matched to bridged network. + # Bridged networks make the machine appear as another physical device on + # your network. + # config.vm.network "public_network" + + # If true, then any SSH connections made will enable agent forwarding. + # Default value: false + config.ssh.forward_agent = true + + # Share an additional folder to the guest VM. The first argument is + # the path on the host to the actual folder. The second argument is + # the path on the guest to mount the folder. And the optional third + # argument is a set of non-required options. + # config.vm.synced_folder "../data", "/vagrant_data" + config.vm.synced_folder '.', '/vagrant' #, nfs: true + config.vm.synced_folder "salt/roots/", "/srv/salt/" #, nfs: true + + # Provider-specific configuration so you can fine-tune various + # backing providers for Vagrant. These expose provider-specific options. + # Example for VirtualBox: + # + # config.vm.provider "virtualbox" do |vb| + # # Don't boot with headless mode + # vb.gui = true + # + # # Use VBoxManage to customize the VM. For example to change memory: + # vb.customize ["modifyvm", :id, "--memory", "1024"] + # end + # + # View the documentation for the provider you're using for more + # information on available options. + + config.vm.provision :salt do |salt| + salt.minion_config = "salt/minion" + salt.run_highstate = true + end + + # Enable provisioning with CFEngine. CFEngine Community packages are + # automatically installed. For example, configure the host as a + # policy server and optionally a policy file to run: + # + # config.vm.provision "cfengine" do |cf| + # cf.am_policy_hub = true + # # cf.run_file = "motd.cf" + # end + # + # You can also configure and bootstrap a client to an existing + # policy server: + # + # config.vm.provision "cfengine" do |cf| + # cf.policy_server_address = "10.0.2.15" + # end + + # Enable provisioning with Puppet stand alone. Puppet manifests + # are contained in a directory path relative to this Vagrantfile. + # You will need to create the manifests directory and a manifest in + # the file default.pp in the manifests_path directory. + # + # config.vm.provision "puppet" do |puppet| + # puppet.manifests_path = "manifests" + # puppet.manifest_file = "default.pp" + # end + + # Enable provisioning with chef solo, specifying a cookbooks path, roles + # path, and data_bags path (all relative to this Vagrantfile), and adding + # some recipes and/or roles. + # + # config.vm.provision "chef_solo" do |chef| + # chef.cookbooks_path = "../my-recipes/cookbooks" + # chef.roles_path = "../my-recipes/roles" + # chef.data_bags_path = "../my-recipes/data_bags" + # chef.add_recipe "mysql" + # chef.add_role "web" + # + # # You may also specify custom JSON attributes: + # chef.json = { mysql_password: "foo" } + # end + + # Enable provisioning with chef server, specifying the chef server URL, + # and the path to the validation key (relative to this Vagrantfile). + # + # The Opscode Platform uses HTTPS. Substitute your organization for + # ORGNAME in the URL and validation key. + # + # If you have your own Chef Server, use the appropriate URL, which may be + # HTTP instead of HTTPS depending on your configuration. Also change the + # validation key to validation.pem. + # + # config.vm.provision "chef_client" do |chef| + # chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME" + # chef.validation_key_path = "ORGNAME-validator.pem" + # end + # + # If you're using the Opscode platform, your validator client is + # ORGNAME-validator, replacing ORGNAME with your organization name. + # + # If you have your own Chef Server, the default validation client name is + # chef-validator, unless you changed the configuration. + # + # chef.validation_client_name = "ORGNAME-validator" +end diff --git a/salt/minion b/salt/minion new file mode 100644 index 0000000..8726574 --- /dev/null +++ b/salt/minion @@ -0,0 +1,220 @@ +##### Primary configuration settings ##### +########################################## +# Set the location of the salt master server, if the master server cannot be +# resolved, then the minion will fail to start. +master: localhost + +# Set the port used by the master reply and authentication server +#master_port: 4506 + +# The user to run salt +#user: root + +# The root directory prepended to these options: pki_dir, cachedir, log_file. +#root_dir: / + +# The directory to store the pki information in +#pki_dir: /etc/salt/pki + +# Explicitly declare the id for this minion to use, if left commented the id +# will be the hostname as returned by the python call: socket.getfqdn() +# Since salt uses detached ids it is possible to run multiple minions on the +# same machine but with different ids, this can be useful for salt compute +# clusters. +#id: testing + +# Append a domain to a hostname in the event that it does not exist. This is +# usefule for systems where socket.getfqdn() does not actually result in a +# FQDN (for instance, Solaris). +#append_domain: + +# If the the connection to the server is interrupted, the minion will +# attempt to reconnect. sub_timeout allows you to control the rate +# of reconnection attempts (in seconds). To disable reconnects, set +# this value to 0. +#sub_timeout: 60 + +# Where cache data goes +#cachedir: /var/cache/salt + +# The minion can locally cache the return data from jobs sent to it, this +# can be a good way to keep track of jobs the minion has executed +# (on the minion side). By default this feature is disabled, to enable +# set cache_jobs to True +#cache_jobs: False + +# When waiting for a master to accept the minion's public key, salt will +# continuously attempt to reconnect until successful. This is the time, in +# seconds, between those reconnection attempts. +#acceptance_wait_time = 10 + +# When healing a dns_check is run, this is to make sure that the originally +# resolved dns has not changed, if this is something that does not happen in +# your environment then set this value to False. +#dns_check: True + + +##### Minion module management ##### +########################################## +# Disable specific modules. This allows the admin to limit the level of +# access the master has to the minion +#disable_modules: [cmd,test] +#disable_returners: [] +# +# Modules can be loaded from arbitrary paths. This enables the easy deployment +# of third party modules. Modules for returners and minions can be loaded. +# Specify a list of extra directories to search for minion modules and +# returners. These paths must be fully qualified! +#module_dirs: [] +#returner_dirs: [] +#states_dirs: [] +#render_dirs: [] +# +# A module provider can be statically overwritten or extended for the minion +# via the providers option, in this case the default module will be +# overwritten by the specified module. In this example the pkg module will +# be provided by the yumpkg5 module instead of the system default. +# +# providers: +# pkg: yumpkg5 +# +# Enable Cython modules searching and loading. (Default: False) +#cython_enable: False + +##### State Management Settings ##### +########################################### +# The state management system executes all of the state templates on the minion +# to enable more granular control of system state management. The type of +# template and serialization used for state management needs to be configured +# on the minion, the default renderer is yaml_jinja. This is a yaml file +# rendered from a jinja template, the available options are: +# yaml_jinja +# yaml_mako +# json_jinja +# json_mako +# +#renderer: yaml_jinja +# +# state_verbose allows for the data returned from the minion to be more +# verbose. Normaly only states that fail or states that have changes are +# returned, but setting state_verbose to True will return all states that +# were checked +#state_verbose: False +# +# autoload_dynamic_modules Turns on automatic loading of modules found in the +# environments on the master. This is turned on by default, to turn of +# autoloading modules when states run set this value to False +#autoload_dynamic_modules: True +# +# clean_dynamic_modules keeps the dynamic modules on the minion in sync with +# the dynamic modules on the master, this means that if a dynamic module is +# not on the master it will be deleted from the minion. By default this is +# enabled and can be disabled by changing this value to False +#clean_dynamic_modules: True +# +# Normally the minion is not isolated to any single environment on the master +# when running states, but the environment can be isolated on the minion side +# by statically setting it. Remember that the recommended way to manage +# environments is to issolate via the top file. +#environment: None +# +# If using the local file directory, then the state top file name needs to be +# defined, by default this is top.sls. +#state_top: top.sls + +##### File Directory Settings ##### +########################################## +# The Salt Minion can redirect all file server operations to a local directory, +# this allows for the same state tree that is on the master to be used if +# coppied completely onto the minion. This is a literal copy of the settings on +# the master but used to reference a local directory on the minion. + +# Set the file client, the client defaults to looking on the master server for +# files, but can be directed to look at the local file directory setting +# defined below by setting it to local. +file_client: local + +# The file directory works on environments passed to the minion, each environment +# can have multiple root directories, the subdirectories in the multiple file +# roots cannot match, otherwise the downloaded files will not be able to be +# reliably ensured. A base environment is required to house the top file. +# Example: +# file_roots: +# base: +# - /srv/salt/ +# dev: +# - /srv/salt/dev/services +# - /srv/salt/dev/states +# prod: +# - /srv/salt/prod/services +# - /srv/salt/prod/states +# +# Default: +#file_roots: +# base: +# - /srv/salt + +# The hash_type is the hash to use when discovering the hash of a file in +# the minion directory, the default is md5, but sha1, sha224, sha256, sha384 +# and sha512 are also supported. +#hash_type: md5 + +# The Salt pillar is searched for locally if file_client is set to local. If +# this is the case, and pillar data is defined, then the pillar_roots need to +# also be configured on the minion: +#pillar_roots: +# base: +# - /srv/pillar + +###### Security settings ##### +########################################### +# Enable "open mode", this mode still maintains encryption, but turns off +# authentication, this is only intended for highly secure environments or for +# the situation where your keys end up in a bad state. If you run in open mode +# you do so at your own risk! +#open_mode: False + + +###### Thread settings ##### +########################################### +# Disable multiprocessing support, by default when a minion receives a +# publication a new process is spawned and the command is executed therein. +#multiprocessing: True + +###### Logging settings ##### +########################################### +# The location of the minion log file +#log_file: /var/log/salt/minion +# +# The level of messages to send to the log file. +# One of 'info', 'quiet', 'critical', 'error', 'debug', 'warning'. +# Default: 'warning' +#log_level: warning +# +# Logger levels can be used to tweak specific loggers logging levels. +# For example, if you want to have the salt library at the 'warning' level, +# but you still wish to have 'salt.modules' at the 'debug' level: +# log_granular_levels: { +# 'salt': 'warning', +# 'salt.modules': 'debug' +# } +# +#log_granular_levels: {} + +###### Module configuration ##### +########################################### +# Salt allows for modules to be passed arbitrary configuration data, any data +# passed here in valid yaml format will be passed on to the salt minion modules +# for use. It is STRONGLY recommended that a naming convention be used in which +# the module name is followed by a . and then the value. Also, all top level +# data must be applied via the yaml dict construct, some examples: +# +# A simple value for the test module: +#test.foo: foo +# +# A list for the test module: +#test.bar: [baz,quo] +# +# A dict for the test module: +#test.baz: {spam: sausage, cheese: bread} + diff --git a/salt/roots/core.sls b/salt/roots/core.sls new file mode 100644 index 0000000..601cdff --- /dev/null +++ b/salt/roots/core.sls @@ -0,0 +1,14 @@ +core-packages: + pkg.installed: + - names: + - ack-grep + - aptitude + - bash-completion + - colordiff + - command-not-found + - curl + - dstat + - git + - htop + - pydf + - vim diff --git a/salt/roots/nginx/init.sls b/salt/roots/nginx/init.sls new file mode 100644 index 0000000..bbc3e44 --- /dev/null +++ b/salt/roots/nginx/init.sls @@ -0,0 +1,15 @@ +nginx: + pkgrepo.managed: + - ppa: nginx/stable + - require_in: + - pkg: nginx + pkg: + - installed +# - latest + - required: + - pkgrepo: nginx + service: + - running + - watch: + - pkg: nginx +# - file: /etc/nginx/nginx.conf diff --git a/salt/roots/nodejs.sls b/salt/roots/nodejs.sls new file mode 100644 index 0000000..ea11d55 --- /dev/null +++ b/salt/roots/nodejs.sls @@ -0,0 +1,17 @@ +nodesource_repo: + pkgrepo.managed: + - humanname: Nodesource + - name: deb https://deb.nodesource.com/node {{ grains['oscodename'] }} main + - dist: {{ grains['oscodename'] }} + - file: /etc/apt/sources.list.d/nodesource.list + - key_url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key + +nodejs: + pkg.installed: + - require: + - pkgrepo: nodesource_repo + +npm: + pkg.installed: + - require: + - pkg: nodejs diff --git a/salt/roots/playground/init.sls b/salt/roots/playground/init.sls new file mode 100644 index 0000000..01c37cc --- /dev/null +++ b/salt/roots/playground/init.sls @@ -0,0 +1,43 @@ +include: + - nginx + - nodejs + - python + +www-data: + user.present: + - groups: + - vagrant + - remove_groups: False + +/vagrant/static: + file.directory: + - user: vagrant + - group: vagrant +# fails on mac ... +# - mode: 0775 + +bower: + npm.installed: + - require: + - pkg: npm + +/etc/nginx/sites-available/default: + file.managed: + - source: salt://playground/nginx.conf + - user: www-data + - group: www-data + - mode: 0400 + +/etc/nginx/sites-enabled/default: + file.symlink: + - target: /etc/nginx/sites-available/default + - require: + - file: /etc/nginx/sites-available/default + +extend: + nginx: + service: + - watch: + - file: /etc/nginx/sites-available/default + - file: /etc/nginx/sites-enabled/default + - user: www-data diff --git a/salt/roots/playground/nginx.conf b/salt/roots/playground/nginx.conf new file mode 100644 index 0000000..9cc8c1a --- /dev/null +++ b/salt/roots/playground/nginx.conf @@ -0,0 +1,38 @@ +server { + listen 80; + + server_name playground.local 127.0.0.1 localhost; + + # Vagrant requirement + sendfile off; + + access_log /var/log/nginx/playground-access.log; + error_log /var/log/nginx/playground-error.log; + + location /static/ { + expires max; + add_header Cache-Control public; + alias /vagrant/static/; + } + + location /media/ { + expires off; + alias /vagrant/media/; + } + + location /docs/ { + expires off; + alias /vagrant/docs/_build/html/; + } + + location / { +# include /etc/nginx/uwsgi_params; +# uwsgi_pass unix:///run/uwsgi/app/playground/socket; +# proxy_set_header X-Forwarded-Protocol $scheme; +# proxy_pass_header Server; +# proxy_set_header Host $http_host; +# proxy_redirect off; +# proxy_set_header X-Real-IP $remote_addr; +# proxy_set_header X-Scheme $scheme; + } +} diff --git a/salt/roots/python.sls b/salt/roots/python.sls new file mode 100644 index 0000000..9d45338 --- /dev/null +++ b/salt/roots/python.sls @@ -0,0 +1,12 @@ +ipython: + pkg.installed + +python: + pkg.installed + +python-dev: + pkg.installed + +python-pip: + pkg.installed + diff --git a/salt/roots/top.sls b/salt/roots/top.sls new file mode 100644 index 0000000..263a496 --- /dev/null +++ b/salt/roots/top.sls @@ -0,0 +1,7 @@ +base: + '*': + - playground + - core + - nginx + - nodejs + - python -- 2.0.0