From: David Lutterkort <[email protected]> For now, these are just the most important files from cavia, our public site. --- support/README | 9 ++++++ support/crontab | 2 ++ support/dev.sh | 17 +++++++++++ support/prod.sh | 13 ++++++++ support/ssl.conf | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 133 insertions(+) create mode 100644 support/README create mode 100644 support/crontab create mode 100755 support/dev.sh create mode 100755 support/prod.sh create mode 100644 support/ssl.conf
diff --git a/support/README b/support/README new file mode 100644 index 0000000..55abea0 --- /dev/null +++ b/support/README @@ -0,0 +1,9 @@ +This directory contains files used to maintain the public API instances +https://api.deltacloud.org/ and https://dev.deltacloud.org/ + +We could/should puppetize this, but for now, here is where these files go +on cavia: + +dev.sh -> symlinked from ~/bin/dev +prod.sh -> symlinked from ~/bin/prod +ssl.conf -> /etc/httpd/conf.d diff --git a/support/crontab b/support/crontab new file mode 100644 index 0000000..6d77681 --- /dev/null +++ b/support/crontab @@ -0,0 +1,2 @@ [email protected] +30 * * * * ${HOME}/bin/dev diff --git a/support/dev.sh b/support/dev.sh new file mode 100755 index 0000000..d767826 --- /dev/null +++ b/support/dev.sh @@ -0,0 +1,17 @@ +#! /bin/bash +# Restart the dev server (https://dev.deltacloud.org) + +dev_dir=${HOME}/code/deltacloud/server +port=3002 +pid_file=$dev_dir/tmp/pids/thin.pid +logdir=${HOME}/log +cd $dev_dir + +[ -f $pid_file ] && thin -P $pid_file stop + +# TODO: update the git checkout +git pull +bundle update +rake mock:fixtures:reset + +./bin/deltacloudd -c -i mock -p $port -e production -d --logdir $logdir/dev/classic -u $USER -g $USER -f deltacloud,cimi,ec2 diff --git a/support/prod.sh b/support/prod.sh new file mode 100755 index 0000000..e42b45f --- /dev/null +++ b/support/prod.sh @@ -0,0 +1,13 @@ +#! /bin/bash +# Restart the prod server (https://api.deltacloud.org) +# FIXME: This is a crazy hack. There's no clean separation of code and runtime +# files (like pid_file) + +gem_dir=${HOME}/gems +port=3001 +pid_file=${HOME}/tmp/prod/thin.pid +logdir=${HOME}/log + +[ -f $pid_file ] && thin -P $pid_file stop + +GEM_PATH=$gem_dir:$GEM_HOME:/usr/lib/ruby/gems/1.8 $gem_dir/bin/deltacloudd -e production -i ec2 -f deltacloud,cimi,ec2 -d --pid $pid_file -p $port --logdir $logdir/prod diff --git a/support/ssl.conf b/support/ssl.conf new file mode 100644 index 0000000..8cba8a2 --- /dev/null +++ b/support/ssl.conf @@ -0,0 +1,92 @@ +LoadModule ssl_module modules/mod_ssl.so +Listen 443 +NameVirtualHost *:443 + +SSLPassPhraseDialog builtin +SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) +SSLSessionCacheTimeout 300 +SSLMutex default +SSLRandomSeed startup file:/dev/urandom 256 +SSLRandomSeed connect builtin +SSLCryptoDevice builtin + +SSLStrictSNIVHostCheck on + +<VirtualHost *:443> + ServerName dev.deltacloud.org + + ErrorLog logs/ssl_dev_error_log + TransferLog logs/ssl_dev_access_log + LogLevel warn + SSLEngine on + SSLProtocol all -SSLv2 + SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW + SSLCertificateFile /etc/pki/tls/certs/dev.crt + SSLCertificateKeyFile /etc/pki/tls/private/deltacloud.key + <Files ~ "\.(cgi|shtml|phtml|php3?)$"> + SSLOptions +StdEnvVars + </Files> + <Directory "/var/www/cgi-bin"> + SSLOptions +StdEnvVars + </Directory> + SetEnvIf User-Agent ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + CustomLog logs/ssl_request_log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + ProxyPass / http://localhost:3002/ + ProxyPassReverse / http://localhost:3002/ + ProxyPreserveHost On + RequestHeader set X_FORWARDED_SCHEME 'https' + Header add X-Deltacloud-Stability development +</VirtualHost> + +<VirtualHost *:80> + ServerName dev.deltacloud.org + + ErrorLog logs/dev_error_log + TransferLog logs/dev_access_log + LogLevel warn + SetEnvIf User-Agent ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + ProxyPass / http://localhost:3002/ + ProxyPassReverse / http://localhost:3002/ + ProxyPreserveHost On + RequestHeader set X_FORWARDED_SCHEME 'http' + Header add X-Deltacloud-Stability development +</VirtualHost> + +<VirtualHost *:443> + ServerName api.deltacloud.org + + ErrorLog logs/ssl_error_log + TransferLog logs/ssl_access_log + LogLevel warn + SSLEngine on + SSLProtocol all -SSLv2 + SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW + SSLCertificateFile /etc/pki/tls/certs/api.crt + SSLCertificateKeyFile /etc/pki/tls/private/deltacloud.key + <Files ~ "\.(cgi|shtml|phtml|php3?)$"> + SSLOptions +StdEnvVars + </Files> + <Directory "/var/www/cgi-bin"> + SSLOptions +StdEnvVars + </Directory> + SetEnvIf User-Agent ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + CustomLog logs/ssl_request_log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + ProxyPass / http://localhost:3001/ + ProxyPassReverse / http://localhost:3001/ + ProxyPreserveHost On + RequestHeader set X_FORWARDED_SCHEME 'https' + Header add X-Deltacloud-Stability stable +</VirtualHost> + +Redirect permanent / https://api.deltacloud.org/ -- 1.8.1
