def install_package():
"""Install the Hadroid Python package."""
with tempfile.NamedTemporaryFile() as src_files:
local('git ls-files --exclude-standard > {}'.format(src_files.name))
rsync_project(
remote_dir=env.code_path,
local_dir='./',
extra_opts=('--rsync-path="sudo -u {} rsync" --files-from={}'
.format(env.app_user, src_files.name)),
delete=True,
default_opts='-thrvz')
with sudosu(user=env.app_user), python.virtualenv(env.venv_path), \
cd(env.code_path):
with settings(warn_only=True):
sudo('pip uninstall -y hadroid')
sudo('pip install -e .')
python类sudo()的实例源码
def _deploy_appconf():
"""
jinja renders appconf files.
"""
appconf = {'app_shortname' : env.app_shortname,
'app_name' : env.appname,
'deploy_dir' : env.deploydir,
'virtualenv_dir' : env.virtualenv_dir,
'app_user' : env.chown_user,
'app_group' : env.chown_group,
}
if env.sudo:
usesudo = True
else:
usesudo = False
for template,conffile in APPCONF_FILES:
print red("%s :: %s" % (template, conffile))
upload_template(template, os.path.join(env.deploydir, 'appconf', conffile), context=appconf, use_jinja=True, template_dir='appconf', use_sudo=usesudo)
def install_uwsgi(self):
if self.args.force or prompt(red(' * Install Uwsgi service (y/n)?'), default='y') == 'y':
sudo('pip3 install uwsgi')
# uwsgi config need real env path
with cd(self.python_env_dir):
real_env_path = run('pwd')
# get user
home_user = run('echo $USER')
# uwsgi config string
django_uwsgi_ini = self.django_uwsgi_ini.format(self.nginx_web_dir, self.project, real_env_path, home_user)
# modify uwsgi config file
with cd(self.project_dir):
if not exists('{0}.ini'.format(self.project)):
run('touch {0}.ini'.format(self.project))
put(StringIO(django_uwsgi_ini), '{0}.ini'.format(self.project), use_sudo=True)
print(green(' * Installed Uwsgi service in the system.'))
print(green(' * Done '))
print()
def common_config_nginx_ssl(self):
"""
Convert nginx server from http to https
"""
if prompt(red(' * Change url from http to https (y/n)?'), default='n') == 'y':
if not exists(self.nginx_ssl_dir):
sudo('mkdir -p {0}'.format(self.nginx_ssl_dir))
# generate ssh key
sudo('openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout {0}/cert.key -out {0}/cert.pem'.format(self.nginx_ssl_dir))
# do nginx config config
put(StringIO(self.nginx_web_ssl_config), '/etc/nginx/sites-available/default', use_sudo=True)
sudo('service nginx restart')
print(green(' * Make Nginx from http to https.'))
print(green(' * Done'))
print()
def spark_install(self):
"""
download and install spark
:return:
"""
sudo('apt-get -y install build-essential python-dev python-six \
python-virtualenv libcurl4-nss-dev libsasl2-dev libsasl2-modules \
maven libapr1-dev libsvn-dev zlib1g-dev')
with cd('/tmp'):
if not exists('spark.tgz'):
sudo('wget {0} -O spark.tgz'.format(
bigdata_conf.spark_download_url
))
sudo('rm -rf spark-*')
sudo('tar -zxf spark.tgz')
sudo('rm -rf {0}'.format(bigdata_conf.spark_home))
sudo('mv spark-* {0}'.format(bigdata_conf.spark_home))
def generate_ssh(self, server, args, configure):
"""
??????SSH?? generate ssh
:param server:
:param args:
:param configure:
:return:
"""
self.reset_server_env(server, configure)
# chmod project root owner
sudo('chown {user}:{user} -R {path}'.format(
user=configure[server]['user'],
path=bigdata_conf.project_root
))
# generate ssh key
if not exists('~/.ssh/id_rsa.pub'):
run('ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa')
def install_php(self):
if self.args.force or prompt(red(' * Install PHP (y/n)?'), default='y') == 'y':
try:
sudo('apt-get install php5 php5-cli php5-mysql php5-gd php5-curl libapache2-mod-php5 php5-mcrypt -y')
# do apache config
put(StringIO(self.apache_dir_index), '/etc/apache2/mods-enabled/dir.conf', use_sudo=True)
sudo('service apache2 restart')
print(green(' * Installed php5 and php5-mysql in the system.'))
except:
print(red(' * Install php5 and php5-mysql failed.'))
# write phpinfo for test
put(StringIO(self.phpinfo), '{0}/info.php'.format(self.apache_web_dir), use_sudo=True)
print(green(' * Done'))
print()
def virtualbox_host():
'''Install a VirtualBox host system.
More Infos:
* overview: https://wiki.ubuntuusers.de/VirtualBox/
* installation: https://wiki.ubuntuusers.de/VirtualBox/Installation/
'''
if query_yes_no(question='Uninstall virtualbox-dkms?', default='yes'):
run('sudo apt-get remove virtualbox-dkms')
install_packages([
'virtualbox',
'virtualbox-qt',
'virtualbox-dkms',
'virtualbox-guest-dkms',
'virtualbox-guest-additions-iso',
])
users = [env.user]
for username in users:
run(flo('sudo adduser {username} vboxusers'))
#run('newgrp - vboxusers')
def server_letsencrypt():
'''Create tls-webserver certificates which are trusted by the web pki.
More info:
* www.letsencrypt.org
* https://letsencrypt.readthedocs.org/en/latest/
* https://tty1.net/blog/2015/using-letsencrypt-in-manual-mode_en.html
'''
checkup_git_repo(url='https://github.com/letsencrypt/letsencrypt.git')
sudo('service nginx stop')
options = ' '.join([
'--standalone',
'--rsa-key-size 4096',
# obtain a new certificate that duplicates an existing certificate
# '--duplicate',
])
from config import domain_groups
for domains in domain_groups:
domain_opts = ' '.join([flo(' -d {domain}') for domain in domains])
# command 'letsencrypt-auto' requests for root by itself via 'sudo'
run(flo('~/repos/letsencrypt/letsencrypt-auto certonly {options} {domain_opts}'))
# FIXME 'letsencrypt-auto reenwal' of already existing certificates
sudo('service nginx start')
sudo('tree /etc/letsencrypt')
def samba():
'''Install smb server samba and create a share (common read-write-access).
More infos:
* https://wiki.ubuntuusers.de/Samba%20Server/
'''
username = env.user
install_packages(['samba'])
run(flo('sudo smbpasswd -a {username}'))
path = '$HOME/shared'
sharename = 'shared'
comment = '"smb share; everyone has full access (read/write)"'
acl = flo('Everyone:F,{username}:F guest_ok=y')
with warn_only():
run(flo('mkdir {path}'))
run(flo('sudo net usershare add {sharename} {path} {comment} {acl}'))
run(flo('sudo net usershare info {sharename}'))
def _update_remote_bvars(stackname, buildvars):
LOG.info('updating %r with new vars %r', stackname, buildvars)
# not all projects have a 'revision'
#ensure(core_utils.hasallkeys(buildvars, ['revision']), "buildvars missing key 'revision'")
encoded = encode_bvars(buildvars)
fid = core_utils.ymd(fmt='%Y%m%d%H%M%S')
cmds = [
# make a backup
'if [ -f /etc/build-vars.json.b64 ]; then cp /etc/build-vars.json.b64 /tmp/build-vars.json.b64.%s; fi;' % fid,
]
map(sudo, cmds)
put(StringIO(encoded), "/etc/build-vars.json.b64", use_sudo=True)
LOG.info("%r updated", stackname)
#
#
#
def run_script(script_filename, *script_params, **environment_variables):
"""uploads a script for SCRIPTS_PATH and executes it in the /tmp dir with given params.
ASSUMES YOU ARE CONNECTED TO A STACK"""
start = datetime.now()
remote_script = _put_temporary_script(script_filename)
def escape_string_parameter(parameter):
return "'%s'" % parameter
env_string = ['%s=%s' % (k, v) for k, v in environment_variables.items()]
cmd = ["/bin/bash", remote_script] + map(escape_string_parameter, list(script_params))
retval = sudo(" ".join(env_string + cmd))
sudo("rm " + remote_script) # remove the script after executing it
end = datetime.now()
LOG.info("Executed script %s in %2.4f seconds", script_filename, (end - start).total_seconds())
return retval
def create_app_dir():
"""Create the application directory and setup a virtualenv."""
# create app dir
if exists(remote_app_dir) is False:
sudo('mkdir -p ' + remote_app_dir)
# create virtual env
with cd(remote_app_dir):
if exists(remote_app_dir + '/env') is False:
sudo('virtualenv env')
# Change permissions
sudo('chown {}:{} {} -R'.format(env.user, env.user, remote_app_dir))
# Create log dir
if exists(remote_log_dir) is False:
sudo('mkdir {}'.format(remote_log_dir))
def install_python():
sudo('apt-get update')
sudo('apt-get install python3-pip python3-dev python3-venv')
def fetch_sources_from_repo(branch, code_directory):
if exists(code_directory):
print('Removing the following directory: %s' % code_directory)
sudo('rm -rf %s' % code_directory)
git_clone_command = 'git clone {1} {2} --branch {0} --single-branch'
sudo(git_clone_command.format(branch, REPOSITORY_URL, code_directory))
def reinstall_venv():
with cd(PERMANENT_PROJECT_FOLDER):
sudo('rm -rf %s' % VENV_FOLDER)
sudo('python3 -m venv %s' % VENV_FOLDER)
def install_modules():
requirements_path = os.path.join(PROJECT_FOLDER, 'requirements.txt')
venv_activate_path = os.path.join(VENV_BIN_DIRECTORY, 'activate')
with prefix('source %s' % venv_activate_path):
sudo('pip install wheel')
sudo('pip install -r %s' % requirements_path)
def install_nginx():
sudo('apt-get update')
sudo('apt-get install nginx')
def setup_ufw():
sudo('ufw allow "Nginx Full"')
sudo('ufw allow OpenSSH')
sudo('echo "y" | ufw enable')
