From a19df583be2bb8397c0202ed8a55618e36312ee2 Mon Sep 17 00:00:00 2001 From: Jeroen van Baarsen Date: Wed, 23 Nov 2016 15:28:36 +0100 Subject: [PATCH] Allow server to be installed as other user then root Sometimes you don't want your server to run as root user, this PR adds a way to set the user when creating a new server. To make it simple for "normal" usage, we default to root. Fixes: #94 --- CHANGELOG | 3 ++ Vagrantfile | 2 +- app/controllers/servers_controller.rb | 2 +- app/jobs/create_backup_job.rb | 2 +- app/jobs/disable_swap_job.rb | 2 +- app/jobs/enable_ssl_job.rb | 6 ++-- app/jobs/enable_swap_job.rb | 2 +- app/jobs/install_server_job.rb | 29 +++++++++---------- app/models/server.rb | 2 +- app/models/ssh_execution.rb | 8 +++-- app/views/servers/_new.html.erb | 9 ++++++ .../20161123123228_add_user_to_server.rb | 5 ++++ db/schema.rb | 7 +++-- 13 files changed, 49 insertions(+), 30 deletions(-) create mode 100644 db/migrate/20161123123228_add_user_to_server.rb diff --git a/CHANGELOG b/CHANGELOG index 4066cba..2325ea6 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,8 @@ Please view this file on the master branch, on stable branches it's out of date. +Unreleased +* Allow execution user to be set for a server, defaults to root Fixes: #94 (jvanbaarsen) + V 0.2.0 * 2016-09-19 * Mark all existing services as linked (jvanbaarsen) * Store the amount of resources a server has (jvanbaarsen) diff --git a/Vagrantfile b/Vagrantfile index b5317a3..2cd6377 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,7 +1,7 @@ # -*- mode: ruby -*- # vi: set ft=ruby : -BOX_NAME = ENV["BOX_NAME"] || "bento/ubuntu-14.04" +BOX_NAME = ENV["BOX_NAME"] || "bento/ubuntu-16.04" BOX_MEMORY = ENV["BOX_MEMORY"] || "1024" DOKKU_DOMAIN = ENV["DOKKU_DOMAIN"] || "dokku.me" DOKKU_IP = ENV["DOKKU_IP"] || "10.0.0.3" diff --git a/app/controllers/servers_controller.rb b/app/controllers/servers_controller.rb index 9b99ca9..1115b77 100644 --- a/app/controllers/servers_controller.rb +++ b/app/controllers/servers_controller.rb @@ -77,7 +77,7 @@ def destroy private def server_params - params.require(:server).permit(:name, :ip) + params.require(:server).permit(:name, :username, :ip) end def set_server diff --git a/app/jobs/create_backup_job.rb b/app/jobs/create_backup_job.rb index ed70b0c..2b9a77c 100644 --- a/app/jobs/create_backup_job.rb +++ b/app/jobs/create_backup_job.rb @@ -23,7 +23,7 @@ def backup_name def run_backup SshExecution.new(app.server).execute(command: backup_command) - SshExecution.new(app.server).scp(from: "/root/#{backup_name}", + SshExecution.new(app.server).scp(from: "/#{app.server.username}/#{backup_name}", to: Rails.root.join("backups", app.clean_name, backup_name)) SshExecution.new(app.server).execute(command: "rm #{backup_name}") end diff --git a/app/jobs/disable_swap_job.rb b/app/jobs/disable_swap_job.rb index 965f0a5..9c2f114 100644 --- a/app/jobs/disable_swap_job.rb +++ b/app/jobs/disable_swap_job.rb @@ -26,6 +26,6 @@ def remove_swap_script end def swap_file - "/root/disable_swap.sh" + "/#{server.username}/disable_swap.sh" end end diff --git a/app/jobs/enable_ssl_job.rb b/app/jobs/enable_ssl_job.rb index c6bf00e..56e965e 100644 --- a/app/jobs/enable_ssl_job.rb +++ b/app/jobs/enable_ssl_job.rb @@ -21,15 +21,15 @@ def create_tmp_file(data) end def server_cert_path - "/root/#{app.clean_name}.server.crt" + "/#{app.server.username}/#{app.clean_name}.server.crt" end def server_key_path - "/root/#{app.clean_name}.server.key" + "/#{app.server.username}/#{app.clean_name}.server.key" end def server_tar_path - "/root/#{app.clean_name}.cert.tar" + "/#{app.server.username}/#{app.clean_name}.cert.tar" end def copy_file(from:, to:) diff --git a/app/jobs/enable_swap_job.rb b/app/jobs/enable_swap_job.rb index 049e2dd..7dd9415 100644 --- a/app/jobs/enable_swap_job.rb +++ b/app/jobs/enable_swap_job.rb @@ -26,6 +26,6 @@ def remove_swap_script end def swap_file - "/root/enable_swap.sh" + "/#{server.username}/enable_swap.sh" end end diff --git a/app/jobs/install_server_job.rb b/app/jobs/install_server_job.rb index 009a37b..4d2a2e0 100644 --- a/app/jobs/install_server_job.rb +++ b/app/jobs/install_server_job.rb @@ -19,10 +19,10 @@ def perform(server) attr_reader :server def install_dokku - "sudo echo 'dokku dokku/web_config boolean false' | debconf-set-selections && "\ - "sudo echo 'dokku dokku/vhost_enable boolean false' | debconf-set-selections && " \ - "sudo echo 'dokku dokku/hostname string intercity.dokku' | debconf-set-selections && " \ - "sudo echo 'dokku dokku/skip_key_file boolean true' | debconf-set-selections && " \ + "sudo echo 'dokku dokku/web_config boolean false' | sudo debconf-set-selections && "\ + "sudo echo 'dokku dokku/vhost_enable boolean false' | sudo debconf-set-selections && " \ + "sudo echo 'dokku dokku/hostname string intercity.dokku' | sudo debconf-set-selections && " \ + "sudo echo 'dokku dokku/skip_key_file boolean true' | sudo debconf-set-selections && " \ "wget https://raw.githubusercontent.com/dokku/dokku/#{server.latest_dokku_version}/bootstrap.sh && "\ "sudo DOKKU_TAG=#{server.latest_dokku_version} bash bootstrap.sh" end @@ -30,17 +30,16 @@ def install_dokku def perform_installation SshExecution.new(server).execute_with_block do |ssh| ssh.open_channel do |channel| - channel.exec install_dokku do |exec_channel, _| - exec_channel.on_data do |_, data| - if data =~ /Initial apt-get update/ - server.update(install_step: 1) - elsif data =~ /Installing docker/ - server.update(install_step: 2) - elsif data =~ /Installing dokku/ - server.update(install_step: 3) - elsif data =~ /Importing herokuish into docker/ - server.update(install_step: 4) - end + channel.exec install_dokku + channel.on_data do |_, data| + if data =~ /Initial apt-get update/ + server.update(install_step: 1) + elsif data =~ /Installing docker/ + server.update(install_step: 2) + elsif data =~ /Installing dokku/ + server.update(install_step: 3) + elsif data =~ /Importing herokuish into docker/ + server.update(install_step: 4) end end end diff --git a/app/models/server.rb b/app/models/server.rb index 8c60262..42f0465 100644 --- a/app/models/server.rb +++ b/app/models/server.rb @@ -8,7 +8,7 @@ class Server < ActiveRecord::Base enum status: { fresh: 0, connected: 10, installing: 20, up: 30, down: 40 } - validates :name, :ip, presence: true + validates :name, :ip, :username, presence: true def service?(service) services.include?(service) diff --git a/app/models/ssh_execution.rb b/app/models/ssh_execution.rb index cc79b2c..4beaf7c 100644 --- a/app/models/ssh_execution.rb +++ b/app/models/ssh_execution.rb @@ -16,9 +16,11 @@ def scp(from:, to:, direction: :download) ssh_key_maintainer.create_key_for_connection case direction when :upload - cmd = "scp -oStrictHostKeyChecking=no -i #{ssh_key_maintainer.key} #{from} root@#{@server.ip}:#{to}" + # rubocop:disable Metrics/LineLength + cmd = "scp -oStrictHostKeyChecking=no -i #{ssh_key_maintainer.key} #{from} #{@server.username}@#{@server.ip}:#{to}" else - cmd = "scp -oStrictHostKeyChecking=no -i #{ssh_key_maintainer.key} root@#{@server.ip}:#{from} #{to}" + cmd = "scp -oStrictHostKeyChecking=no -i #{ssh_key_maintainer.key} #{@server.username}@#{@server.ip}:#{from} #{to}" + # rubocop:enable Metrics/LineLength end system(cmd) ensure @@ -27,7 +29,7 @@ def scp(from:, to:, direction: :download) def execute_with_block ssh_key_maintainer.create_key_for_connection - executioner.start(@server.ip, "root", + executioner.start(@server.ip, @server.username, port: 22, keys: [ssh_key_maintainer.key], paranoid: false, timeout: ssh_timeout, diff --git a/app/views/servers/_new.html.erb b/app/views/servers/_new.html.erb index 185885b..d78ca5c 100644 --- a/app/views/servers/_new.html.erb +++ b/app/views/servers/_new.html.erb @@ -6,10 +6,19 @@