To check out this repository please hg clone the following URL, or open the URL using EasyMercurial or your preferred Mercurial client.
root / deploy / config @ 1587:d8949733849d
| 1 | 1570:ae2f71010562 | Chris | |
|---|---|---|---|
| 2 | # A test Apache config. Lacks SSL, lacks a desirable extra layer of |
||
| 3 | # authentication for admin interface paths. Do not deploy this. |
||
| 4 | |||
| 5 | PerlLoadModule Apache::Authn::SoundSoftware |
||
| 6 | |||
| 7 | <VirtualHost *:80> |
||
| 8 | ServerName code.soundsoftware.ac.uk |
||
| 9 | ServerAdmin chris.cannam@soundsoftware.ac.uk |
||
| 10 | |||
| 11 | DocumentRoot /var/www/code/public |
||
| 12 | PassengerRestartDir restart_files |
||
| 13 | PassengerHighPerformance on |
||
| 14 | PassengerMaxRequests 50000 |
||
| 15 | PassengerStatThrottleRate 5 |
||
| 16 | PassengerStartTimeout 60 |
||
| 17 | 1571:4c2b25b7e85f | Chris | PassengerFriendlyErrorPages on |
| 18 | 1570:ae2f71010562 | Chris | RailsSpawnMethod smart |
| 19 | ExpiresDefault "access plus 1 minute" |
||
| 20 | |||
| 21 | <DirectoryMatch "^/.*/\.svn/"> |
||
| 22 | Order allow,deny |
||
| 23 | Deny from all |
||
| 24 | Satisfy All |
||
| 25 | </DirectoryMatch> |
||
| 26 | |||
| 27 | <DirectoryMatch "^/.*/\.hg/"> |
||
| 28 | Order allow,deny |
||
| 29 | Deny from all |
||
| 30 | Satisfy All |
||
| 31 | </DirectoryMatch> |
||
| 32 | |||
| 33 | <DirectoryMatch "^/.*/\.git/"> |
||
| 34 | Order allow,deny |
||
| 35 | Deny from all |
||
| 36 | Satisfy All |
||
| 37 | </DirectoryMatch> |
||
| 38 | |||
| 39 | <Directory /var/www/code/public> |
||
| 40 | Options -MultiViews |
||
| 41 | </Directory> |
||
| 42 | |||
| 43 | <Directory /var/www/code/public/themes/soundsoftware/stylesheets/fonts> |
||
| 44 | # Avoid other sites embedding our fonts |
||
| 45 | RewriteEngine on |
||
| 46 | RewriteCond %{HTTP_REFERER} !^$
|
||
| 47 | RewriteCond %{HTTP_REFERER} !^http(s)?://code.soundsoftware.ac.uk/.*$ [NC]
|
||
| 48 | RewriteRule \.(ttf|woff|eot|otf|svg|zip|gz|html|txt)$ - [F] |
||
| 49 | </Directory> |
||
| 50 | |||
| 51 | ScriptAlias /hg "/var/hg/index.cgi" |
||
| 52 | |||
| 53 | <Location /hg> |
||
| 54 | AuthName "Mercurial" |
||
| 55 | AuthType Basic |
||
| 56 | Require valid-user |
||
| 57 | PerlAccessHandler Apache::Authn::SoundSoftware::access_handler |
||
| 58 | PerlAuthenHandler Apache::Authn::SoundSoftware::authen_handler |
||
| 59 | PerlSetVar HTTPS "on" |
||
| 60 | SoundSoftwareDSN "dbi:Pg:database=code;host=localhost" |
||
| 61 | SoundSoftwareDbUser "code" |
||
| 62 | SoundSoftwareDbPass "INSERT_POSTGRES_PASSWORD_HERE" |
||
| 63 | SoundSoftwareRepoPrefix "/var/hg/" |
||
| 64 | 1576:d1de6986e429 | Chris | #!!! "on" in production please!: |
| 65 | SoundSoftwareSslRequired "off" |
||
| 66 | 1570:ae2f71010562 | Chris | Options +ExecCGI |
| 67 | AddHandler cgi-script .cgi |
||
| 68 | ExpiresDefault now |
||
| 69 | </Location> |
||
| 70 | |||
| 71 | Alias /git "/var/files/git-mirror" |
||
| 72 | |||
| 73 | <Directory "/var/files/git-mirror"> |
||
| 74 | Options -Indexes +FollowSymLinks |
||
| 75 | Order allow,deny |
||
| 76 | Allow from all |
||
| 77 | </Directory> |
||
| 78 | <Directory ~ "/var/files/git-mirror/.*\.workdir"> |
||
| 79 | Order allow,deny |
||
| 80 | Deny from all |
||
| 81 | </Directory> |
||
| 82 | <Directory ~ "/var/files/git-mirror/__.*"> |
||
| 83 | Order allow,deny |
||
| 84 | Deny from all |
||
| 85 | </Directory> |
||
| 86 | |||
| 87 | ErrorLog /var/log/apache2/code-error.log |
||
| 88 | CustomLog /var/log/apache2/code-access.log vhost_combined |
||
| 89 | |||
| 90 | LogLevel warn |
||
| 91 | ServerSignature Off |
||
| 92 | |||
| 93 | </VirtualHost> |
||
| 94 | |||
| 95 | 1586:d0d59d12db94 | Chris | #!/bin/sh |
| 96 | outfile="/var/files/backups/postgres-dumpall-`date +%Y%m%d%H%M`" |
||
| 97 | oldmask=`umask` |
||
| 98 | umask 0277 |
||
| 99 | su postgres -c /usr/bin/pg_dumpall > "$outfile" && bzip2 "$outfile" |
||
| 100 | umask "$oldmask" |
||
| 101 | #!/bin/bash |
||
| 102 | cd /tmp |
||
| 103 | /var/www/code/docgen/extract-docs.sh |
||
| 104 | #!/bin/bash |
||
| 105 | sudo -u code sh -c "cd /var/www/code ; ./script/rails runner -e production extra/soundsoftware/get-statistics.rb >> log/statistics.log" |
||
| 106 | #!/bin/bash |
||
| 107 | tail -2 /var/log/external-repos.log |
||
| 108 | #!/bin/bash |
||
| 109 | /usr/bin/wget -O - -q -t 1 http://www.soundsoftware.ac.uk/cron.php |
||
| 110 | |||
| 111 | #!/bin/bash |
||
| 112 | sudo -u code sh -c "cd /var/www/code ; ./script/rails runner \"Repository.fetch_changesets\" -e production 2>&1 | grep -v 'Not trusting' | grep -v 'svn:' | grep -v 'working copy' | grep -v 'deprecated' | grep -v 'version_requirements'" |
||
| 113 | exit 0 |
||
| 114 | #!/bin/bash |
||
| 115 | sudo -H -u www-data /var/www/code/reposman/run-external.sh |
||
| 116 | #!/bin/sh |
||
| 117 | rm -f /var/www/code/tmp/cache/*/*/views*explore* |
||
| 118 | #!/bin/bash |
||
| 119 | logfile="/var/www/code/log/export-git.log" |
||
| 120 | sudo -u code sh -c "cd /tmp ; /var/www/code/extra/soundsoftware/export-git.sh production /var/hg /var/files/git-mirror >> $logfile 2>&1" |
||
| 121 | #!/bin/bash |
||
| 122 | sudo -u www-data /var/www/code/reposman/run-reposman.sh |
||
| 123 | |||
| 124 | #!/bin/sh |
||
| 125 | for location in var/www etc/apache2 etc/cron.*; do |
||
| 126 | target="/var/files/backups/`echo $location | sed 's,/,_,g'`-`date +%Y%m%d%H%M`" |
||
| 127 | oldmask=`umask` |
||
| 128 | umask 0277 |
||
| 129 | cd / |
||
| 130 | tar cjf "$target".tar.bz2 "$location" |
||
| 131 | umask "$oldmask" |
||
| 132 | done |
||
| 133 | |||
| 134 | 1570:ae2f71010562 | Chris | production: |
| 135 | adapter: postgresql |
||
| 136 | database: code |
||
| 137 | host: localhost |
||
| 138 | username: code |
||
| 139 | password: "INSERT_POSTGRES_PASSWORD_HERE" |
||
| 140 | |||
| 141 | 1576:d1de6986e429 | Chris | [paths] |
| 142 | / = /var/hg/* |
||
| 143 | |||
| 144 | [web] |
||
| 145 | allow_archive = gz, zip, bz2 |
||
| 146 | allow_push = * |
||
| 147 | #!/usr/bin/env python |
||
| 148 | # |
||
| 149 | # An example CGI script to export multiple hgweb repos, edit as necessary |
||
| 150 | |||
| 151 | # adjust python path if not a system-wide install: |
||
| 152 | #import sys |
||
| 153 | #sys.path.insert(0, "/path/to/python/lib") |
||
| 154 | |||
| 155 | # enable importing on demand to reduce startup time |
||
| 156 | from mercurial import demandimport; demandimport.enable() |
||
| 157 | |||
| 158 | # Uncomment to send python tracebacks to the browser if an error occurs: |
||
| 159 | import cgitb |
||
| 160 | cgitb.enable() |
||
| 161 | |||
| 162 | # If you'd like to serve pages with UTF-8 instead of your default |
||
| 163 | # locale charset, you can do so by uncommenting the following lines. |
||
| 164 | # Note that this will cause your .hgrc files to be interpreted in |
||
| 165 | # UTF-8 and all your repo files to be displayed using UTF-8. |
||
| 166 | # |
||
| 167 | import os |
||
| 168 | os.environ["HGENCODING"] = "UTF-8" |
||
| 169 | |||
| 170 | from mercurial.hgweb.hgwebdir_mod import hgwebdir |
||
| 171 | import mercurial.hgweb.wsgicgi as wsgicgi |
||
| 172 | |||
| 173 | # The config file looks like this. You can have paths to individual |
||
| 174 | # repos, collections of repos in a directory tree, or both. |
||
| 175 | # |
||
| 176 | # [paths] |
||
| 177 | # virtual/path1 = /real/path1 |
||
| 178 | # virtual/path2 = /real/path2 |
||
| 179 | # virtual/root = /real/root/* |
||
| 180 | # / = /real/root2/* |
||
| 181 | # virtual/root2 = /real/root2/** |
||
| 182 | # |
||
| 183 | # [collections] |
||
| 184 | # /prefix/to/strip/off = /root/of/tree/full/of/repos |
||
| 185 | # |
||
| 186 | # paths example: |
||
| 187 | # |
||
| 188 | # * First two lines mount one repository into one virtual path, like |
||
| 189 | # '/real/path1' into 'virtual/path1'. |
||
| 190 | # |
||
| 191 | # * The third entry mounts every mercurial repository found in '/real/root' |
||
| 192 | # in 'virtual/root'. This format is preferred over the [collections] one, |
||
| 193 | # since using absolute paths as configuration keys is not supported on every |
||
| 194 | # platform (especially on Windows). |
||
| 195 | # |
||
| 196 | # * The fourth entry is a special case mounting all repositories in |
||
| 197 | # /'real/root2' in the root of the virtual directory. |
||
| 198 | # |
||
| 199 | # * The fifth entry recursively finds all repositories under the real root, |
||
| 200 | # and mounts them using their relative path (to given real root) under the |
||
| 201 | # virtual root. |
||
| 202 | # |
||
| 203 | # collections example: say directory tree /foo contains repos /foo/bar, |
||
| 204 | # /foo/quux/baz. Give this config section: |
||
| 205 | # [collections] |
||
| 206 | # /foo = /foo |
||
| 207 | # Then repos will list as bar and quux/baz. |
||
| 208 | # |
||
| 209 | # Alternatively you can pass a list of ('virtual/path', '/real/path') tuples
|
||
| 210 | # or use a dictionary with entries like 'virtual/path': '/real/path' |
||
| 211 | |||
| 212 | application = hgwebdir('hgweb.config')
|
||
| 213 | wsgicgi.launch(application) |
||
| 214 | 1586:d0d59d12db94 | Chris | # see "man logrotate" for details |
| 215 | # rotate log files weekly |
||
| 216 | weekly |
||
| 217 | |||
| 218 | # keep 4 weeks worth of backlogs |
||
| 219 | rotate 4 |
||
| 220 | |||
| 221 | # create new (empty) log files after rotating old ones |
||
| 222 | create |
||
| 223 | |||
| 224 | # uncomment this if you want your log files compressed |
||
| 225 | #compress |
||
| 226 | |||
| 227 | # packages drop log rotation information into this directory |
||
| 228 | include /etc/logrotate.d |
||
| 229 | |||
| 230 | # no packages own wtmp, or btmp -- we'll rotate them here |
||
| 231 | /var/log/wtmp {
|
||
| 232 | missingok |
||
| 233 | monthly |
||
| 234 | create 0664 root utmp |
||
| 235 | rotate 1 |
||
| 236 | } |
||
| 237 | |||
| 238 | /var/log/btmp {
|
||
| 239 | missingok |
||
| 240 | monthly |
||
| 241 | create 0660 root utmp |
||
| 242 | rotate 1 |
||
| 243 | } |
||
| 244 | |||
| 245 | # system-specific logs may be configured here |
||
| 246 | /var/www/code/log/*.log {
|
||
| 247 | weekly |
||
| 248 | missingok |
||
| 249 | rotate 52 |
||
| 250 | compress |
||
| 251 | delaycompress |
||
| 252 | create 640 code code |
||
| 253 | sharedscripts |
||
| 254 | postrotate |
||
| 255 | touch /var/www/code/restart_files/restart.txt |
||
| 256 | endscript |
||
| 257 | } |
||
| 258 | |||
| 259 | /var/log/reposman.log {
|
||
| 260 | weekly |
||
| 261 | missingok |
||
| 262 | rotate 52 |
||
| 263 | compress |
||
| 264 | delaycompress |
||
| 265 | create 640 www-data code |
||
| 266 | sharedscripts |
||
| 267 | } |
||
| 268 | |||
| 269 | /var/log/external-repos.log {
|
||
| 270 | weekly |
||
| 271 | missingok |
||
| 272 | rotate 52 |
||
| 273 | compress |
||
| 274 | delaycompress |
||
| 275 | create 640 www-data code |
||
| 276 | sharedscripts |
||
| 277 | } |
||
| 278 | |||
| 279 | 1571:4c2b25b7e85f | Chris | PassengerMaxPoolSize 60 |
| 280 | |||
| 281 | LoadModule passenger_module /var/lib/gems/2.3.0/gems/passenger-4.0.60/buildout/apache2/mod_passenger.so |
||
| 282 | PassengerRoot /var/lib/gems/2.3.0/gems/passenger-4.0.60 |
||
| 283 | PassengerDefaultRuby /usr/bin/ruby2.3 |
||
| 284 | # Apache::DBI is supposed to be a transparent replacement for Perl DBI with |
||
| 285 | # better performance when multiple connections are made with common DSN, user |
||
| 286 | # and password |
||
| 287 | PerlModule Apache::DBI |