add options in base install

base/config_files/postgresql.conf

@@ -3,6 +3,7 @@
 # Please refer to the PostgreSQL documentation for details on
 # configuration settings.
 
+listen_addresses = '*'
 data_directory = '/var/lib/pgsql/13/data'
 hba_file = '/var/lib/pgsql/13/data/pg_hba.conf'
 ident_file = '/var/lib/pgsql/13/data/pg_ident.conf'

base/install_app_base.sh

@@ -1,76 +1,122 @@
 #!/bin/bash
 set -eu
 
-#URLS
-repo_nginx=http://nginx.org/packages/centos/7/x86_64/RPMS
-repo_redis_ib01=https://download-ib01.fedoraproject.org/pub/epel/7/x86_64/Packages/j
-repo_redis=https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/r
-repo_node=https://rpm.nodesource.com/pub_14.x/el/7/x86_64
-
+usage() {
+  echo "Usage: $0 [ -u USERNAME ] [ -p PATH DIRECTORY MAWIDABP ] [-g GROUP]" 1>&2
+}
+
+exit_abnormal() {
+  usage
+  exit 1
+}
+
+while getopts u:p:g: option; do
+  case ${option} in
+    u) user=${OPTARG};;
+    p) mawidabp_path=${OPTARG};;
+    g) group=${OPTARG};;
+    :) echo "Error: -${OPTARG} requires an argument."
+      exit_abnormal
+      ;;
+    *)
+      exit_abnormal;;
+    esac
+  done
+
+user=${user-deployer}
+mawidabp_path=${mawidabp_path-/var/www/mawidabp.com}
+group=${group-nginx}
 dir=$(cd "$(dirname "$0")" && pwd)
 dir_conf=$dir/config_files
+dir_templates=$dir/templates
 dir_services=$dir/services
 dir_nginx=/etc/nginx
 
-echo "Instalación Paquete NGINX"
-rpm -ivh $repo_nginx/nginx-1.18.0-1.el7.ngx.x86_64.rpm
+#Create config files
+eval "echo \"$(cat $dir_templates/nginx.conf)\" > $dir_conf/nginx.conf"
+eval "echo \"$(cat $dir_templates/mawidabp.com)\" > $dir_conf/mawidabp.com"
+eval "echo \"$(cat $dir_templates/sudoers)\" > $dir_conf/sudoers"
+eval "echo \"$(cat $dir_templates/sidekiq.service)\" > $dir_services/sidekiq.service"
+eval "echo \"$(cat $dir_templates/unicorn.service)\" > $dir_services/unicorn.service"
+
+#URLS
+repo_nginx=http://smi01cl0001.cc.bna.net/repo/mawida
+repo_redis_ib01=http://smi01cl0001.cc.bna.net/repo/mawida
+repo_redis=http://smi01cl0001.cc.bna.net/repo/mawida
+repo_node=http://smi01cl0001.cc.bna.net/repo/mawida
+repo_postgresql=https://yum.postgresql.org/13/redhat/rhel-7.7-x86_64
+repo_epel=https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/l
+
+#Install NGINX
+rpm -iUvh --replacepkgs $repo_nginx/nginx-1.18.0-1.el7.ngx.x86_64.rpm
 
-echo creamos directorios sites
+#Create sites folders
 mkdir -p /etc/nginx/sites-available
 mkdir -p /etc/nginx/sites-enabled
 
-echo "Arrancamos y habilitamos nginx"
+#Start and enable NGINX
 systemctl start nginx
 systemctl enable nginx
 
-
-echo "Copiamos archivo de configuración Nginx"
+#Copy config files to NGINX
 /bin/cat $dir_conf/nginx.conf > $dir_nginx/nginx.conf
 cp $dir_conf/mawidabp.com $dir_nginx/sites-available/
 
-echo "Creamos enlace simbolico"
-ln -s $dir_nginx/sites-available/mawidabp.com $dir_nginx/sites-enabled/mawidabp.com
+#Create symbolic link
+if [ ! "$(ls -A /etc/nginx/sites-enabled/mawidabp.com)" ]
+then
+  ln -s $dir_nginx/sites-available/mawidabp.com $dir_nginx/sites-enabled/mawidabp.com
+fi
 
-echo "Recargamos nginx"
+#Restart NGINX
 systemctl restart nginx
 
-echo "Instalamos Redis"
-rpm -ivh $repo_redis_ib01/jemalloc-3.6.0-1.el7.x86_64.rpm
-rpm -ivh $repo_redis_ib01/jemalloc-devel-3.6.0-1.el7.x86_64.rpm
-rpm -ivh $repo_redis/redis-3.2.12-2.el7.x86_64.rpm
+#Install REDIS
+rpm -iUvh --replacepkgs $repo_redis_ib01/jemalloc-3.6.0-1.el7.x86_64.rpm
+rpm -iUvh --replacepkgs $repo_redis_ib01/jemalloc-devel-3.6.0-1.el7.x86_64.rpm
+rpm -iUvh --replacepkgs $repo_redis/redis-3.2.12-2.el7.x86_64.rpm
 
-systemctl start redis
+#Copy config file to REDIS
+/bin/cat $dir_conf/redis.conf > /etc/redis.conf
+
+#Enable REDIS
 systemctl enable redis
+systemctl start redis
 
-echo "Instalamos nodejs"
-rpm -ivh $repo_node/nodejs-14.15.1-1nodesource.x86_64.rpm
+#Install NODEJS
+rpm -iUvh --replacepkgs $repo_node/nodejs-14.15.1-1nodesource.x86_64.rpm
 
-echo "Instalamos ImageMagick"
+#Install IMAGEMAGICK
 yum -y install ImageMagick
 
-echo "Instalamos libyaml"
+#Install LIBYAML
 yum -y install libyaml
 
-echo "Crear usuario deployer"
-adduser deployer -G nginx
-passwd deployer
+#Crearte user
+if ! id -u $user >/dev/null 2>&1;
+then
+  adduser $user -G $group
+  passwd $user
+fi
 
-echo "Copiamos archivos de sudoers"
-cp $dir_conf/sudoers_deployer /etc/sudoers.d/deployer
+#Copy sudores files to sudores
+cp $dir_conf/sudoers /etc/sudoers.d/$user
 
-echo "Creamos directorios"
-mkdir -p /var/www/mawidabp.com/
-chown -R deployer: /var/www/
+#Create folders
+mkdir -p $mawidabp_path
+chown -R $user: $mawidabp_path
 
-echo "Exportamos RBENV"
-su deployer -c 'echo export PATH="$HOME/.rbenv/bin:$PATH" >> ~/.bashrc'
-#su deployer -c 'echo eval "$(rbenv init -)"'
+#Export RBENV
+su $user -c 'echo export PATH="$HOME/.rbenv/bin:$PATH" >> ~/.bashrc'
 
-
-echo "Copiamos servicios"
+#Copy services files to system
 cp $dir_services/*.service /usr/lib/systemd/system/
 
-echo "Reemplazamos archivo de configuración selinux"
+#Replace selinux file
 /bin/cat $dir_services/selinux_config > /etc/selinux/config
 
-echo "Finalizado por favor reinicie S.O."
+#Install Postgresql-libs && libpq
+rpm -iUvh --replacepkgs $repo_postgresql/postgresql13-libs-13.1-1PGDG.rhel7.x86_64.rpm
+rpm -ivh --replacepkgs $repo_epel/libpqxx-4.0.1-1.el7.x86_64.rpm
+
+echo "Finalizado "

base/services/redis.service

@@ -4,7 +4,7 @@ After=network.target
 Documentation=http://redis.io/documentation, man:redis-server(1)
 
 [Service]
-Type=forking
+Type=notify
 ExecStart=/usr/bin/redis-server /etc/redis.conf
 ExecStop=/bin/kill -s TERM $MAINPID
 PIDFile=/var/run/redis/redis-server.pid

base/config_files/mawidabp.com → base/templates/mawidabp.com

@@ -1,11 +1,11 @@
 # begin _app_stream
 upstream app_stream {
-  server unix:/run/unicorn/unicorn.sock fail_timeout=0;
+  server 127.0.0.1:3000 fail_timeout=10s;
 }
 # end _app_stream
 
 # begin _map
-map $http_upgrade $connection_upgrade {
+map \$http_upgrade \$connection_upgrade {
   default upgrade;
   ''      close;
 }
@@ -16,17 +16,17 @@ server {
   listen      80 deferred;
   listen      [::]:80 deferred;
   server_name mawidabp.com *.mawidabp.com;
-  return      301 https://$host$request_uri;
+  return      301 https://\$host\$request_uri;
 
 }
 
 
 server {
- # listen 443 deferred ssl http2;
- # listen [::]:443 deferred ssl http2;
+  #listen 443 deferred ssl http2;
+  #listen [::]:443 deferred ssl http2;
 
   # begin _rackserver
- # server_name mawidabp.com *.mawidabp.com;
+  server_name mawidabp.com *.mawidabp.com;
 
   client_body_in_file_only clean;
   client_body_buffer_size 32K;
@@ -36,7 +36,7 @@ server {
 
   server_tokens off;
 
-  root /var/www/mawidabp.com/current/public;
+  root $mawidabp_path/current/public;
   # end _rackserver
 
   # begin _ssl
@@ -45,15 +45,15 @@ server {
   #ssl_certificate_key     /etc/ssl/private/mawidabp.com.key;
   #ssl_trusted_certificate /etc/ssl/certs/mawidabp.com.bundle-crt;
 
-  #ssl_protocols TLSv1.2 TLSv1.3;
-  #ssl_prefer_server_ciphers on;
-  #ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";
-  #ssl_session_timeout 1d;
-  #ssl_session_cache shared:SSL:50m;
-  #ssl_session_tickets off;
-  #ssl_stapling on;
-  #ssl_stapling_verify on;
-  #ssl_ecdh_curve prime256v1:secp384r1:secp521r1;
+  ssl_protocols TLSv1.2 TLSv1.3;
+  ssl_prefer_server_ciphers on;
+  ssl_ciphers \"ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS\";
+  ssl_session_timeout 1d;
+  ssl_session_cache shared:SSL:50m;
+  ssl_session_tickets off;
+  ssl_stapling on;
+  ssl_stapling_verify on;
+  ssl_ecdh_curve prime256v1:secp384r1:secp521r1;
   #ssl_dhparam /etc/nginx/dhparams.pem;
 
   resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] valid=300s;
@@ -64,35 +64,35 @@ server {
   # end _ssl
 
   # begin _rackapp
-  try_files $uri/index.html $uri.html $uri @app;
+  try_files \$uri/index.html \$uri.html \$uri @app;
 
   location /private_files/ {
-    alias /var/www/mawidabp.com/current/private/;
+    alias $mawidabp_path/current/private/;
     internal;
   }
 
   location /cable {
     proxy_http_version 1.1;
 
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto $scheme;
-    proxy_set_header Host $http_host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection $connection_upgrade;
+    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto \$scheme;
+    proxy_set_header Host \$http_host;
+    proxy_set_header X-Real-IP \$remote_addr;
+    proxy_set_header Upgrade \$http_upgrade;
+    proxy_set_header Connection \$connection_upgrade;
 
     proxy_pass http://app_stream/cable;
   }
 
   location @app {
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto \$scheme;
     #cambiar esta linea
-    proxy_set_header X-Accel-Mapping "/var/www/mawidabp.com/current/private/=/private_files/";
-    proxy_set_header Host $http_host;
+    proxy_set_header X-Accel-Mapping \"$mawidabp_path/current/private/=/private_files/\";
+    proxy_set_header Host \$http_host;
     proxy_redirect off;
     # Extra app directives
-    
+
 
     proxy_pass http://app_stream;
   }
@@ -109,8 +109,7 @@ server {
 
   error_page 500 502 503 504 /500.html;
   location = /500.html {
-    root /var/www/mawidabp.com/current/public;
+    root $mawidabp_path/current/public;
   }
   # end _rackapp
-
 }

base/config_files/nginx.conf → base/templates/nginx.conf

@@ -13,9 +13,9 @@ http {
   include /etc/nginx/mime.types;
   default_type application/octet-stream;
 
-  log_format main '$remote_addr - $remote_user [$time_local] "$request" '
-                  '$status $body_bytes_sent "$http_referer" '
-                  '"$http_user_agent" "$http_x_forwarded_for"';
+  log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
+                  '\$status \$body_bytes_sent "\$http_referer" '
+                  '"\$http_user_agent" "\$http_x_forwarded_for"';
 
   access_log /var/log/nginx/access.log main;
 
@@ -39,7 +39,5 @@ http {
              application/javascript application/x-javascript
              application/atom+xml application/json;
 
-
-
   include /etc/nginx/sites-enabled/*;
 }

base/services/sidekiq.service → base/templates/sidekiq.service

@@ -5,15 +5,15 @@ After=redis.service syslog.target network.target
 
 [Service]
 Type=simple
-User=deployer
-Group=nginx
+User=$user
+Group=$group
 UMask=0002
 EnvironmentFile=/etc/environment
-WorkingDirectory=/var/www/mawidabp.com/current
+WorkingDirectory=$mawidabp_path/current
 
-ExecStart=/home/deployer/.rbenv/shims/bundle exec \
-  "sidekiq -e production \
-  -C config/sidekiq.yml 2>&1 >> log/sidekiq.log"
+ExecStart=/home/$user/.rbenv/shims/bundle exec \
+  \"sidekiq -e production \
+  -C config/sidekiq.yml 2>&1 >> log/sidekiq.log\"
 
 RestartSec=1
 Restart=on-failure