From: Chris Koeritz Date: Sun, 19 Nov 2017 01:31:35 +0000 (+0000) Subject: Merge branch 'dev' of feistymeow.org:feisty_meow into dev X-Git-Tag: 2.140.102^2~1^2~1 X-Git-Url: https://feistymeow.org/gitweb/?a=commitdiff_plain;h=724b676c3dad28e5af57dc16f3da6a56332a2a69;hp=27d8761f3ddbaface70ba3bc5c6b07ea1301604a;p=feisty_meow.git Merge branch 'dev' of feistymeow.org:feisty_meow into dev --- diff --git a/production/feisty_meow_config.ini b/production/feisty_meow_config.ini index 7abba849..9ebbd74e 100644 --- a/production/feisty_meow_config.ini +++ b/production/feisty_meow_config.ini @@ -3,7 +3,7 @@ # specifies the version of the code that is being constructed here. major=2 minor=140 -revision=100 +revision=101 build=420 # specifies the remainder of the version record info. diff --git a/production/sites/cakelampvm.com/hello.txt b/production/sites/cakelampvm.com/hello.txt index 7bf0d1b8..f430c4fb 100644 --- a/production/sites/cakelampvm.com/hello.txt +++ b/production/sites/cakelampvm.com/hello.txt @@ -1,25 +1,2 @@ Welcome to the CakePHP LAMP VM. - -Please refer to the built-in documentation available at: http://cakelampvm.com - -Some first steps to make this vm your own: - -#### - -1) change your password for the developer account. -(may eventually be automatically required) - -#### - -2) change your git configuration for user and email. this is how we've -configured it so far: - - # git config --global user.email "developer@cakelampvm.com" - # git config --global user.name "Developer J. Cakemo" - -if you're developing on a real project, you probably don't want the bogus -email and even more bogus name above attached to your commits. -Just run the two commands again but with proper values. - -#### - +Documentation is available at: http://cakelampvm.com diff --git a/production/sites/cakelampvm.com/rolling/default_page.001/001-default-http.conf b/production/sites/cakelampvm.com/rolling/default_page.001/001-default-http.conf new file mode 100644 index 00000000..13600811 --- /dev/null +++ b/production/sites/cakelampvm.com/rolling/default_page.001/001-default-http.conf @@ -0,0 +1,21 @@ + + + + Options +ExecCGI +Indexes +FollowSymLinks +Includes +MultiViews + Require all granted + + + + + ServerName cakelampvm.com + ServerAlias www.cakelampvm.com + DocumentRoot /opt/feistymeow.org/feisty_meow/production/sites/cakelampvm.com + DirectoryIndex vm_index.html + + ServerAdmin developer@localhost + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + diff --git a/production/sites/cakelampvm.com/rolling/default_page.001/001-default-ssl.conf b/production/sites/cakelampvm.com/rolling/default_page.001/001-default-ssl.conf new file mode 100644 index 00000000..c89b4590 --- /dev/null +++ b/production/sites/cakelampvm.com/rolling/default_page.001/001-default-ssl.conf @@ -0,0 +1,37 @@ + + + + Options +ExecCGI +Indexes +FollowSymLinks +Includes +MultiViews + Require all granted + + + + ServerName cakelampvm.com + ServerAlias www.cakelampvm.com + DocumentRoot /opt/feistymeow.org/feisty_meow/production/sites/cakelampvm.com + DirectoryIndex vm_index.html + + ServerAdmin developer@localhost + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + + # A self-signed (snakeoil) certificate can be created by installing + # the ssl-cert package. See + # /usr/share/doc/apache2/README.Debian.gz for more info. + # If both key and certificate are stored in the same file, only the + # SSLCertificateFile directive is needed. + SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem + SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key + + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + + + diff --git a/scripts/site_avenger/clean_mapsdemo.sh b/scripts/site_avenger/clean_mapsdemo.sh new file mode 100644 index 00000000..5054cdd7 --- /dev/null +++ b/scripts/site_avenger/clean_mapsdemo.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +# some code i wrote to add to revamp that turned out to be unsuitable. +# but it corrects a problem in cakelampvm v002 release that i find annoying, +# so here it is as its own file. + +# clean out some old files that were not checked in in mapsdemo. +echo Doing some git repository maintenance in fred account. +# +# change over to fred folder +pushd /home/fred +test_or_die "changing dir to fred's home; what have you done with fred?" + +pushd apps/mapsdemo/avenger5 +test_or_die "changing dir to mapsdemo app" + +rpuffer . &>/dev/null +if [ $? -ne 0 ]; then + # it seems our old files are still conflicting this. + if [ -f config/config_google.php ]; then + \rm -f config/config_google.php + test_or_die "removing old config for google" + fi + if [ -f config/app.php ]; then + \rm -f config/app.php + test_or_die "removing old config for app" + fi + + git reset --hard HEAD + test_or_die "resetting git's hard head" + + rpuffer . +#hmmm: use output saver thing when that exists. + test_or_die "puffing out mapsdemo app after inadequate corrective action was taken" +fi + +popd + +popd +#...coolness, if we got to here. + + diff --git a/scripts/site_avenger/revamp_cakelampvm.sh b/scripts/site_avenger/revamp_cakelampvm.sh index d024cd10..d966b69f 100644 --- a/scripts/site_avenger/revamp_cakelampvm.sh +++ b/scripts/site_avenger/revamp_cakelampvm.sh @@ -16,9 +16,21 @@ export FEISTY_MEOW_APEX="$( \cd "$WORKDIR/../.." && \pwd )" export NO_HELLO=right source "$FEISTY_MEOW_APEX/scripts/core/launch_feisty_meow.sh" +source "$FEISTY_MEOW_SCRIPTS/system/common_sysadmin.sh" ############## +echo "Regenerating feisty meow loading dock." + +reconfigure_feisty_meow +test_or_die "feisty meow reconfiguration" +chown -R "$(logname)":"$(logname)" /home/$(logname)/.[a-zA-Z0-9]* +test_or_die "fix after reconfigured as sudo" + +############## + +echo "Making some important permission changes..." + # fix up the main web storage. chown -R www-data:www-data /var/www test_or_die "chown www-data" @@ -28,7 +40,7 @@ test_or_die "group_perm www-data" ############## # set up access on some important folders for the developer user. -chown -R developer:developer /home/developer +chown -R developer:developer /home/developer /home/developer/.[a-zA-Z0-9]* test_or_die "chown developer home" harsh_perm /home/developer/.ssh test_or_die "harsh_perm setting on developer .ssh" @@ -40,8 +52,10 @@ test_or_die "group perms on apache2 and bind" ############## # fix perms for fred user. -chown -R fred:fred /home/fred /home/archives/stuffing +chown -R fred:fred /home/fred /home/archives/stuffing /home/fred/.[a-zA-Z0-9]* test_or_die "chown fred home" +group_perm $HOME/apps +test_or_die "group perms on fred's apps" harsh_perm /home/fred/.ssh test_or_die "harsh_perm setting on fred .ssh" chown -R fred:fred /opt/feistymeow.org @@ -49,6 +63,8 @@ test_or_die "chown feisty meow to fred" group_perm /opt/feistymeow.org test_or_die "group perms on feisty meow" +echo "Done with important permission changes." + ############## # # some slightly tricky bits start here. we want to massage the vm into the @@ -56,6 +72,8 @@ test_or_die "group perms on feisty meow" # ############## +echo "Updating developer welcome file." + # only update hello if they've still got the file there. we don't want to # keep forcing our hellos at people. if [ -f "$HOME/hello.txt" ]; then @@ -68,29 +86,66 @@ fi # install a better editor app. -echo " -The script is about to install the bluefish editor and some dependencies. +echo "The script is about to install the bluefish editor and some dependencies. If the app is not already installed, then this process takes only about a -minute on a slower home DSL internet connection... - -" +minute on a slower home DSL internet connection..." apt-get install -y bluefish &> "/tmp/install_bluefish-$(logname).log" -test_or_continue "failed to install bluefish editor. not good." +test_or_continue "installing bluefish editor" ############## +# deploy any site updates here to the VM's cakelampvm.com site. +# +# we want to upgrade the default apache site to the latest, since the new +# version mirrors the one on the internet (but with green checks instead +# of red X's) and since we also support https on the new default version. +# we can do this again later if needed, by upping the numbers on the apache +# site config files. our original site was 000 and the new version is 001, +# which we've done as a prefix on the config for some reason. makes the +# code below easy at least. +if [ -L /etc/apache2/sites-enabled/000-default.conf ]; then + # the old site is in place still, so let's update that. + echo "Updating default web sites to latest version." + + a2enmod ssl + test_or_die "enabling SSL for secure websites" + + restart_apache + test_or_die "getting SSL loaded in apache" + + a2dissite 000-default + test_or_die "disabling old apache site" + + rm -f /etc/apache2/sites-available/000-default.conf + test_or_die "removing old apache site" + + # copy in our new 000 version (which + cp $FEISTY_MEOW_APEX/production/sites/cakelampvm.com/rolling/default_page.001/* \ + /etc/apache2/sites-available + test_or_die "installing new apache default sites" + + # there should only be ours at this version level and with that prefix. + a2ensite 001-* + test_or_die "enabling new apache default sites" + + restart_apache +fi -#hmmm: todo -# deploy the site updater here to fix the local cakelampvm.com site... - +############## ############## # sequel--tell them they're great and show the hello again also. -regenerate +echo " + +" +regenerate +test_or_die "regenerating feisty meow scripts" +chown -R "$(logname)":"$(logname)" /home/$(logname)/.[a-zA-Z0-9]* +test_or_die "fix after regenerate as sudo" echo " diff --git a/scripts/system/common_sysadmin.sh b/scripts/system/common_sysadmin.sh index 223067f6..4ab80ed3 100644 --- a/scripts/system/common_sysadmin.sh +++ b/scripts/system/common_sysadmin.sh @@ -181,7 +181,7 @@ function restart_bind() echo "The bind service did not restart properly. Please check the error logs." exit 1 fi - echo DNS server restarted. + echo DNS service restarted. } ############################################################################ @@ -317,6 +317,7 @@ function restart_apache() echo "Please consult the apache error logs for more details." exit 1 fi + echo Apache2 service restarted. } # sets up the serverpilot storage location for a user hosted web site.