diff -r d0d59d12db94 -r d8949733849d deploy/config/code.conf.in
--- /dev/null
+++ b/deploy/config/code.conf.in
@@ -0,0 +1,94 @@
+
+# A test Apache config. Lacks SSL, lacks a desirable extra layer of
+# authentication for admin interface paths. Do not deploy this.
+
+PerlLoadModule Apache::Authn::SoundSoftware
+
+
+ ServerName code.soundsoftware.ac.uk
+ ServerAdmin chris.cannam@soundsoftware.ac.uk
+
+ DocumentRoot /var/www/code/public
+ PassengerRestartDir restart_files
+ PassengerHighPerformance on
+ PassengerMaxRequests 50000
+ PassengerStatThrottleRate 5
+ PassengerStartTimeout 60
+ PassengerFriendlyErrorPages on
+ RailsSpawnMethod smart
+ ExpiresDefault "access plus 1 minute"
+
+
+ Order allow,deny
+ Deny from all
+ Satisfy All
+
+
+
+ Order allow,deny
+ Deny from all
+ Satisfy All
+
+
+
+ Order allow,deny
+ Deny from all
+ Satisfy All
+
+
+
+ Options -MultiViews
+
+
+
+ # Avoid other sites embedding our fonts
+ RewriteEngine on
+ RewriteCond %{HTTP_REFERER} !^$
+ RewriteCond %{HTTP_REFERER} !^http(s)?://code.soundsoftware.ac.uk/.*$ [NC]
+ RewriteRule \.(ttf|woff|eot|otf|svg|zip|gz|html|txt)$ - [F]
+
+
+ ScriptAlias /hg "/var/hg/index.cgi"
+
+
+ AuthName "Mercurial"
+ AuthType Basic
+ Require valid-user
+ PerlAccessHandler Apache::Authn::SoundSoftware::access_handler
+ PerlAuthenHandler Apache::Authn::SoundSoftware::authen_handler
+ PerlSetVar HTTPS "on"
+ SoundSoftwareDSN "dbi:Pg:database=code;host=localhost"
+ SoundSoftwareDbUser "code"
+ SoundSoftwareDbPass "INSERT_POSTGRES_PASSWORD_HERE"
+ SoundSoftwareRepoPrefix "/var/hg/"
+ #!!! "on" in production please!:
+ SoundSoftwareSslRequired "off"
+ Options +ExecCGI
+ AddHandler cgi-script .cgi
+ ExpiresDefault now
+
+
+ Alias /git "/var/files/git-mirror"
+
+
+ Options -Indexes +FollowSymLinks
+ Order allow,deny
+ Allow from all
+
+
+ Order allow,deny
+ Deny from all
+
+
+ Order allow,deny
+ Deny from all
+
+
+ ErrorLog /var/log/apache2/code-error.log
+ CustomLog /var/log/apache2/code-access.log vhost_combined
+
+ LogLevel warn
+ ServerSignature Off
+
+
+
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.daily/00-backup-db
--- /dev/null
+++ b/deploy/config/cron.daily/00-backup-db
@@ -0,0 +1,6 @@
+#!/bin/sh
+outfile="/var/files/backups/postgres-dumpall-`date +%Y%m%d%H%M`"
+oldmask=`umask`
+umask 0277
+su postgres -c /usr/bin/pg_dumpall > "$outfile" && bzip2 "$outfile"
+umask "$oldmask"
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.daily/10-extract-docs
--- /dev/null
+++ b/deploy/config/cron.daily/10-extract-docs
@@ -0,0 +1,3 @@
+#!/bin/bash
+cd /tmp
+/var/www/code/docgen/extract-docs.sh
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.daily/15-get-statistics
--- /dev/null
+++ b/deploy/config/cron.daily/15-get-statistics
@@ -0,0 +1,2 @@
+#!/bin/bash
+sudo -u code sh -c "cd /var/www/code ; ./script/rails runner -e production extra/soundsoftware/get-statistics.rb >> log/statistics.log"
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.daily/20-check-end-of-external-repo-log
--- /dev/null
+++ b/deploy/config/cron.daily/20-check-end-of-external-repo-log
@@ -0,0 +1,2 @@
+#!/bin/bash
+tail -2 /var/log/external-repos.log
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.hourly/00-drupal-cron
--- /dev/null
+++ b/deploy/config/cron.hourly/00-drupal-cron
@@ -0,0 +1,3 @@
+#!/bin/bash
+/usr/bin/wget -O - -q -t 1 http://www.soundsoftware.ac.uk/cron.php
+
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.hourly/10-redmine-fetch-changesets
--- /dev/null
+++ b/deploy/config/cron.hourly/10-redmine-fetch-changesets
@@ -0,0 +1,3 @@
+#!/bin/bash
+sudo -u code sh -c "cd /var/www/code ; ./script/rails runner \"Repository.fetch_changesets\" -e production 2>&1 | grep -v 'Not trusting' | grep -v 'svn:' | grep -v 'working copy' | grep -v 'deprecated' | grep -v 'version_requirements'"
+exit 0
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.hourly/20-convert-external-repos
--- /dev/null
+++ b/deploy/config/cron.hourly/20-convert-external-repos
@@ -0,0 +1,2 @@
+#!/bin/bash
+sudo -H -u www-data /var/www/code/reposman/run-external.sh
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.hourly/30-expire-explore-cache
--- /dev/null
+++ b/deploy/config/cron.hourly/30-expire-explore-cache
@@ -0,0 +1,2 @@
+#!/bin/sh
+rm -f /var/www/code/tmp/cache/*/*/views*explore*
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.hourly/40-export-git
--- /dev/null
+++ b/deploy/config/cron.hourly/40-export-git
@@ -0,0 +1,3 @@
+#!/bin/bash
+logfile="/var/www/code/log/export-git.log"
+sudo -u code sh -c "cd /tmp ; /var/www/code/extra/soundsoftware/export-git.sh production /var/hg /var/files/git-mirror >> $logfile 2>&1"
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.minutely/00-redmine-repositories
--- /dev/null
+++ b/deploy/config/cron.minutely/00-redmine-repositories
@@ -0,0 +1,3 @@
+#!/bin/bash
+sudo -u www-data /var/www/code/reposman/run-reposman.sh
+
diff -r d0d59d12db94 -r d8949733849d deploy/config/cron.monthly/00-backup-files
--- /dev/null
+++ b/deploy/config/cron.monthly/00-backup-files
@@ -0,0 +1,10 @@
+#!/bin/sh
+for location in var/www etc/apache2 etc/cron.*; do
+ target="/var/files/backups/`echo $location | sed 's,/,_,g'`-`date +%Y%m%d%H%M`"
+ oldmask=`umask`
+ umask 0277
+ cd /
+ tar cjf "$target".tar.bz2 "$location"
+ umask "$oldmask"
+done
+
diff -r d0d59d12db94 -r d8949733849d deploy/config/database.yml.in
--- /dev/null
+++ b/deploy/config/database.yml.in
@@ -0,0 +1,7 @@
+production:
+ adapter: postgresql
+ database: code
+ host: localhost
+ username: code
+ password: "INSERT_POSTGRES_PASSWORD_HERE"
+
diff -r d0d59d12db94 -r d8949733849d deploy/config/hgweb.config
--- /dev/null
+++ b/deploy/config/hgweb.config
@@ -0,0 +1,6 @@
+[paths]
+/ = /var/hg/*
+
+[web]
+allow_archive = gz, zip, bz2
+allow_push = *
diff -r d0d59d12db94 -r d8949733849d deploy/config/index.cgi
--- /dev/null
+++ b/deploy/config/index.cgi
@@ -0,0 +1,67 @@
+#!/usr/bin/env python
+#
+# An example CGI script to export multiple hgweb repos, edit as necessary
+
+# adjust python path if not a system-wide install:
+#import sys
+#sys.path.insert(0, "/path/to/python/lib")
+
+# enable importing on demand to reduce startup time
+from mercurial import demandimport; demandimport.enable()
+
+# Uncomment to send python tracebacks to the browser if an error occurs:
+import cgitb
+cgitb.enable()
+
+# If you'd like to serve pages with UTF-8 instead of your default
+# locale charset, you can do so by uncommenting the following lines.
+# Note that this will cause your .hgrc files to be interpreted in
+# UTF-8 and all your repo files to be displayed using UTF-8.
+#
+import os
+os.environ["HGENCODING"] = "UTF-8"
+
+from mercurial.hgweb.hgwebdir_mod import hgwebdir
+import mercurial.hgweb.wsgicgi as wsgicgi
+
+# The config file looks like this. You can have paths to individual
+# repos, collections of repos in a directory tree, or both.
+#
+# [paths]
+# virtual/path1 = /real/path1
+# virtual/path2 = /real/path2
+# virtual/root = /real/root/*
+# / = /real/root2/*
+# virtual/root2 = /real/root2/**
+#
+# [collections]
+# /prefix/to/strip/off = /root/of/tree/full/of/repos
+#
+# paths example:
+#
+# * First two lines mount one repository into one virtual path, like
+# '/real/path1' into 'virtual/path1'.
+#
+# * The third entry mounts every mercurial repository found in '/real/root'
+# in 'virtual/root'. This format is preferred over the [collections] one,
+# since using absolute paths as configuration keys is not supported on every
+# platform (especially on Windows).
+#
+# * The fourth entry is a special case mounting all repositories in
+# /'real/root2' in the root of the virtual directory.
+#
+# * The fifth entry recursively finds all repositories under the real root,
+# and mounts them using their relative path (to given real root) under the
+# virtual root.
+#
+# collections example: say directory tree /foo contains repos /foo/bar,
+# /foo/quux/baz. Give this config section:
+# [collections]
+# /foo = /foo
+# Then repos will list as bar and quux/baz.
+#
+# Alternatively you can pass a list of ('virtual/path', '/real/path') tuples
+# or use a dictionary with entries like 'virtual/path': '/real/path'
+
+application = hgwebdir('hgweb.config')
+wsgicgi.launch(application)
diff -r d0d59d12db94 -r d8949733849d deploy/config/logrotate.conf
--- /dev/null
+++ b/deploy/config/logrotate.conf
@@ -0,0 +1,65 @@
+# see "man logrotate" for details
+# rotate log files weekly
+weekly
+
+# keep 4 weeks worth of backlogs
+rotate 4
+
+# create new (empty) log files after rotating old ones
+create
+
+# uncomment this if you want your log files compressed
+#compress
+
+# packages drop log rotation information into this directory
+include /etc/logrotate.d
+
+# no packages own wtmp, or btmp -- we'll rotate them here
+/var/log/wtmp {
+ missingok
+ monthly
+ create 0664 root utmp
+ rotate 1
+}
+
+/var/log/btmp {
+ missingok
+ monthly
+ create 0660 root utmp
+ rotate 1
+}
+
+# system-specific logs may be configured here
+/var/www/code/log/*.log {
+ weekly
+ missingok
+ rotate 52
+ compress
+ delaycompress
+ create 640 code code
+ sharedscripts
+ postrotate
+ touch /var/www/code/restart_files/restart.txt
+ endscript
+}
+
+/var/log/reposman.log {
+ weekly
+ missingok
+ rotate 52
+ compress
+ delaycompress
+ create 640 www-data code
+ sharedscripts
+}
+
+/var/log/external-repos.log {
+ weekly
+ missingok
+ rotate 52
+ compress
+ delaycompress
+ create 640 www-data code
+ sharedscripts
+}
+
diff -r d0d59d12db94 -r d8949733849d deploy/config/passenger.conf
--- /dev/null
+++ b/deploy/config/passenger.conf
@@ -0,0 +1,2 @@
+PassengerMaxPoolSize 60
+
diff -r d0d59d12db94 -r d8949733849d deploy/config/passenger.load
--- /dev/null
+++ b/deploy/config/passenger.load
@@ -0,0 +1,3 @@
+LoadModule passenger_module /var/lib/gems/2.3.0/gems/passenger-4.0.60/buildout/apache2/mod_passenger.so
+PassengerRoot /var/lib/gems/2.3.0/gems/passenger-4.0.60
+PassengerDefaultRuby /usr/bin/ruby2.3
diff -r d0d59d12db94 -r d8949733849d deploy/config/perl.conf
--- /dev/null
+++ b/deploy/config/perl.conf
@@ -0,0 +1,4 @@
+# Apache::DBI is supposed to be a transparent replacement for Perl DBI with
+# better performance when multiple connections are made with common DSN, user
+# and password
+PerlModule Apache::DBI
diff -r d0d59d12db94 -r d8949733849d deploy/docker/Dockerfile.in
--- /dev/null
+++ b/deploy/docker/Dockerfile.in
@@ -0,0 +1,20 @@
+
+FROM ubuntu:16.04
+MAINTAINER Chris Cannam
+
+COPY . /var/www/code
+
+WORKDIR /var/www/code
+
+INSERT_PROVISIONING_HERE
+
+# Start Postgres and foregrounded Apache
+
+RUN echo "#!/bin/bash" > container-run.sh
+RUN echo "/etc/init.d/postgresql start" >> container-run.sh
+RUN echo "apache2ctl -D FOREGROUND" >> container-run.sh
+RUN chmod +x container-run.sh
+
+EXPOSE 80
+CMD ./container-run.sh
+
diff -r d0d59d12db94 -r d8949733849d deploy/docker/Dockerfile.inline
--- /dev/null
+++ b/deploy/docker/Dockerfile.inline
@@ -0,0 +1,139 @@
+
+# For documentation and experimental purposes only. As a
+# reconstruction of the machine image that runs this application,
+# there are lots of things missing here; but as a good Docker
+# configuration, it fails by mixing together rather a lot of concerns.
+
+FROM ubuntu:16.04
+MAINTAINER Chris Cannam
+
+RUN apt-get update && \
+ apt-get install -y \
+ apache2 \
+ apache2-dev \
+ apt-utils \
+ build-essential \
+ cron \
+ curl \
+ doxygen \
+ exim4 \
+ git \
+ graphviz \
+ imagemagick \
+ libapache-dbi-perl \
+ libapache2-mod-perl2 \
+ libapr1-dev \
+ libaprutil1-dev \
+ libauthen-simple-ldap-perl \
+ libcurl4-openssl-dev \
+ libdbd-pg-perl \
+ libpq-dev \
+ libmagickwand-dev \
+ libio-socket-ssl-perl \
+ logrotate \
+ mercurial \
+ postgresql \
+ rsync \
+ ruby \
+ ruby-dev \
+ sudo
+
+# Also used on the live site, for javadoc extraction, but this is
+# would be by far the biggest package here: let's omit it while we're
+# not making use of it
+# openjdk-9-jdk-headless
+
+RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+
+# Passenger gets installed through gem, not apt
+
+RUN gem install passenger -v 4.0.60 --no-rdoc --no-ri
+RUN passenger-install-apache2-module --languages=ruby
+
+
+# Copy across webapp, set up ownership
+
+COPY . /var/www/code
+
+RUN groupadd code
+RUN useradd -g code -G www-data code
+RUN chown -R code.www-data /var/www/code
+RUN find /var/www/code -type d -exec chmod g+s \{\} \;
+
+
+# Initialise /var/hg (in reality this would be mounted from somewhere)
+
+RUN mkdir -p /var/hg
+RUN chown code.www-data /var/hg
+RUN chmod g+s /var/hg
+COPY extra/soundsoftware/scripted-deploy/config/index.cgi /var/hg/
+COPY extra/soundsoftware/scripted-deploy/config/hgweb.config /var/hg/
+RUN chmod +x /var/hg/index.cgi
+
+
+# We're based in the code webapp directory from here on
+
+WORKDIR /var/www/code
+
+
+# Set up database config etc
+
+RUN cp extra/soundsoftware/scripted-deploy/config/database.yml.interpolated config/database.yml
+
+
+# Install Rails and dependencies (database.yml must be populated before this)
+
+RUN gem install bundler
+RUN bundle install
+
+
+# Initialise Redmine token (bundler must be installed before this)
+
+RUN bundle exec rake generate_secret_token
+
+
+# Import Postgres database from postgres-dumpall file
+
+RUN chown postgres postgres-dumpall
+RUN /etc/init.d/postgresql start && sudo -u postgres psql -f postgres-dumpall postgres
+RUN rm postgres-dumpall
+
+
+# Install Perl auth module for Hg access
+
+RUN mkdir -p /usr/local/lib/site_perl/Apache/Authn/
+RUN cp extra/soundsoftware/SoundSoftware.pm /usr/local/lib/site_perl/Apache/Authn/
+
+
+# Set up Apache config (todo: insert variables)
+
+RUN rm -f /etc/apache2/sites-enabled/000-default.conf
+
+RUN cp extra/soundsoftware/scripted-deploy/config/passenger.conf /etc/apache2/mods-available/
+RUN cp extra/soundsoftware/scripted-deploy/config/passenger.load /etc/apache2/mods-available/
+RUN cp extra/soundsoftware/scripted-deploy/config/perl.conf /etc/apache2/mods-available/
+
+RUN ln -s ../mods-available/passenger.conf /etc/apache2/mods-enabled/
+RUN ln -s ../mods-available/passenger.load /etc/apache2/mods-enabled/
+RUN ln -s ../mods-available/perl.conf /etc/apache2/mods-enabled/
+RUN ln -s ../mods-available/expires.load /etc/apache2/mods-enabled/
+RUN ln -s ../mods-available/rewrite.load /etc/apache2/mods-enabled/
+RUN ln -s ../mods-available/cgi.load /etc/apache2/mods-enabled/
+
+RUN cp extra/soundsoftware/scripted-deploy/config/code.conf.interpolated /etc/apache2/sites-available/code.conf
+RUN ln -s ../sites-available/code.conf /etc/apache2/sites-enabled/10-code.conf
+
+RUN apache2ctl configtest
+
+
+# Start Postgres and foregrounded Apache
+
+RUN echo "#!/bin/bash" > container-run.sh
+RUN echo "/etc/init.d/postgresql start" >> container-run.sh
+RUN echo "apache2ctl -D FOREGROUND" >> container-run.sh
+RUN chmod +x container-run.sh
+
+EXPOSE 80
+CMD ./container-run.sh
+
diff -r d0d59d12db94 -r d8949733849d deploy/docker/start.sh
--- /dev/null
+++ b/deploy/docker/start.sh
@@ -0,0 +1,70 @@
+#!/bin/bash
+
+mydir=$(dirname "$0")
+
+dbpwd="$1"
+if [ -z "$dbpwd" ]; then
+ echo "Usage: $0 " 1>&2
+ exit 2
+fi
+
+set -eu -o pipefail
+
+rootdir="$mydir/../.."
+
+deploydir="$rootdir"/deploy
+if [ ! -d "$deploydir" ]; then
+ echo "ERROR: Unexpected repository layout - expected directory at $deploydir"
+ exit 2
+fi
+
+managerdir="$deploydir/docker"
+if [ ! -d "$managerdir" ]; then
+ echo "ERROR: Required directory $managerdir not found"
+ exit 2
+fi
+
+configdir="$deploydir/config"
+if [ ! -d "$configdir" ]; then
+ echo "ERROR: Required directory $configdir not found"
+ exit 2
+fi
+
+if [ ! -f "$rootdir/postgres-dumpall" ]; then
+ echo "ERROR: I expect to find a Postgres SQL multi-db dump file in $rootdir/postgres-dumpall"
+ exit 2
+fi
+
+fontdir="$rootdir"/public/themes/soundsoftware/stylesheets/fonts
+if [ ! -f "$fontdir/24BC0E_0_0.woff" ]; then
+ echo "ERROR: I expect to find necessary webfonts in $fontdir"
+ exit 2
+fi
+
+for f in database.yml code.conf ; do
+ cat "$configdir/$f.in" |
+ sed 's/INSERT_POSTGRES_PASSWORD_HERE/'"$dbpwd"'/g' > \
+ "$configdir/$f"
+done
+
+provisioning_commands=$(
+ for x in "$deploydir"/provision.d/[0-9]*; do
+ echo "RUN /bin/bash /var/www/code/deploy/provision.d/$(basename $x)"
+ done | sed 's/$/\\n/' | fmt -2000 | sed 's/ RUN/RUN/g' )
+
+( echo
+ echo "### DO NOT EDIT THIS FILE - it is generated from Dockerfile.in"
+ echo
+) > "$managerdir/Dockerfile"
+
+cat "$managerdir/Dockerfile.in" |
+ sed 's,INSERT_PROVISIONING_HERE,'"$provisioning_commands"',' >> \
+ "$managerdir/Dockerfile"
+
+cd "$rootdir"
+
+dockertag="cannam/soundsoftware-site"
+
+sudo docker build -t "$dockertag" -f "deploy/docker/Dockerfile" .
+sudo docker run -p 8080:80 -d "$dockertag"
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/000-system-packages.sh
--- /dev/null
+++ b/deploy/provision.d/000-system-packages.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+set -e
+
+apt-get update && \
+ apt-get dist-upgrade -y && \
+ apt-get install -y \
+ ack-grep \
+ apache2 \
+ apache2-dev \
+ apt-utils \
+ build-essential \
+ cron \
+ curl \
+ doxygen \
+ exim4 \
+ git \
+ graphviz \
+ imagemagick \
+ libapache-dbi-perl \
+ libapache2-mod-perl2 \
+ libapr1-dev \
+ libaprutil1-dev \
+ libauthen-simple-ldap-perl \
+ libcurl4-openssl-dev \
+ libdbd-pg-perl \
+ libpq-dev \
+ libmagickwand-dev \
+ libio-socket-ssl-perl \
+ logrotate \
+ mercurial \
+ postgresql \
+ rsync \
+ ruby \
+ ruby-dev \
+ sudo
+
+apt-get clean && rm -rf /var/lib/apt/lists/*
+locale-gen en_US.UTF-8
+
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/010-passenger.sh
--- /dev/null
+++ b/deploy/provision.d/010-passenger.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+set -e
+
+# Passenger gets installed through gem, not apt
+
+if [ ! -f /var/lib/gems/2.3.0/gems/passenger-4.0.60/buildout/apache2/mod_passenger.so ]; then
+ gem install passenger -v 4.0.60 --no-rdoc --no-ri
+ passenger-install-apache2-module --languages=ruby
+fi
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/020-users.sh
--- /dev/null
+++ b/deploy/provision.d/020-users.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -e
+
+if ! grep -q '^code:' /etc/passwd ; then
+ groupadd code
+ useradd -g code -G www-data code
+fi
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/030-webapp-dir.sh
--- /dev/null
+++ b/deploy/provision.d/030-webapp-dir.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -e
+
+if [ ! -d /var/www/code ]; then
+ if [ ! -d /code-to-deploy ]; then
+ echo "ERROR: Expected to find code tree at /code-to-deploy: is the deployment script being invoked correctly?"
+ exit 2
+ fi
+ cp -a /code-to-deploy /var/www/code
+fi
+
+chown -R code.www-data /var/www/code
+find /var/www/code -type d -exec chmod g+s \{\} \;
+
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/040-hg-dir.sh
--- /dev/null
+++ b/deploy/provision.d/040-hg-dir.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+set -e
+
+if [ ! -f /var/hg/index.cgi ]; then
+ mkdir -p /var/hg
+ chown code.www-data /var/hg
+ chmod g+s /var/hg
+ cp /var/www/code/deploy/config/index.cgi /var/hg/
+ cp /var/www/code/deploy/config/hgweb.config /var/hg/
+ chmod +x /var/hg/index.cgi
+fi
+
+if [ ! -d /var/hg/vamp-plugin-sdk ]; then
+ # This project can be used for testing
+ echo "Cloning vamp-plugin-sdk repo for testing..."
+ cd /var/hg
+ hg clone https://code.soundsoftware.ac.uk/hg/vamp-plugin-sdk
+ chown -R code.www-data vamp-plugin-sdk
+fi
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/050-webapp-db.sh
--- /dev/null
+++ b/deploy/provision.d/050-webapp-db.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -e
+
+infile=/var/www/code/deploy/config/database.yml
+
+if [ ! -f "$infile" ]; then
+ echo "ERROR: Database config file $infile not found - has the database secret been interpolated from $infile.in correctly?"
+ exit 2
+fi
+
+if [ ! -f /var/www/code/config/database.yml ]; then
+ cp "$infile" /var/www/code/config/database.yml
+fi
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/060-bundler.sh
--- /dev/null
+++ b/deploy/provision.d/060-bundler.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+set -e
+
+cd /var/www/code
+gem install bundler
+bundle install
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/070-secret-token.sh
--- /dev/null
+++ b/deploy/provision.d/070-secret-token.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+set -e
+
+cd /var/www/code
+bundle exec rake generate_secret_token
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/080-database-load.sh
--- /dev/null
+++ b/deploy/provision.d/080-database-load.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -e
+
+/etc/init.d/postgresql start
+
+cd /var/www/code
+
+if [ -f postgres-dumpall ]; then
+ chmod ugo+r postgres-dumpall
+ sudo -u postgres psql -f postgres-dumpall postgres
+ rm postgres-dumpall # This was just a copy of the shared folder file anyway
+fi
+
+
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/090-perl-auth-module.sh
--- /dev/null
+++ b/deploy/provision.d/090-perl-auth-module.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -e
+
+if [ ! -f /usr/local/lib/site_perl/Apache/Authn/SoundSoftware.pm ]; then
+ mkdir -p /usr/local/lib/site_perl/Apache/Authn/
+ cp /var/www/code/extra/soundsoftware/SoundSoftware.pm /usr/local/lib/site_perl/Apache/Authn/
+fi
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/100-apache-config.sh
--- /dev/null
+++ b/deploy/provision.d/100-apache-config.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+set -e
+
+cd /var/www/code
+
+codeconffile=/var/www/code/deploy/config/code.conf
+
+if [ ! -f "$codeconffile" ]; then
+ echo "ERROR: Apache config file $codeconffile not found - has the database secret been interpolated from $codeconffile.in correctly?"
+ exit 2
+fi
+
+if [ ! -f /etc/apache2/sites-enabled/10-code.conf ]; then
+
+ rm -f /etc/apache2/sites-enabled/000-default.conf
+
+ cp deploy/config/passenger.conf /etc/apache2/mods-available/
+ cp deploy/config/passenger.load /etc/apache2/mods-available/
+ cp deploy/config/perl.conf /etc/apache2/mods-available/
+
+ ln -s ../mods-available/passenger.conf /etc/apache2/mods-enabled/
+ ln -s ../mods-available/passenger.load /etc/apache2/mods-enabled/
+ ln -s ../mods-available/perl.conf /etc/apache2/mods-enabled/
+ ln -s ../mods-available/expires.load /etc/apache2/mods-enabled/
+ ln -s ../mods-available/rewrite.load /etc/apache2/mods-enabled/
+ ln -s ../mods-available/cgi.load /etc/apache2/mods-enabled/
+
+ cp "$codeconffile" /etc/apache2/sites-available/code.conf
+ ln -s ../sites-available/code.conf /etc/apache2/sites-enabled/10-code.conf
+
+ apache2ctl configtest
+
+fi
+
diff -r d0d59d12db94 -r d8949733849d deploy/provision.d/110-apache-start.sh
--- /dev/null
+++ b/deploy/provision.d/110-apache-start.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -e
+
+apache2ctl restart
+
diff -r d0d59d12db94 -r d8949733849d deploy/vagrant/Vagrantfile
--- /dev/null
+++ b/deploy/vagrant/Vagrantfile
@@ -0,0 +1,9 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant.configure("2") do |config|
+ config.vm.box = "ubuntu/xenial64"
+ config.vm.network "forwarded_port", guest: 80, host: 8080
+ config.vm.synced_folder "../..", "/code-to-deploy"
+ config.vm.provision :shell, path: "vagrant-provision.sh"
+end
diff -r d0d59d12db94 -r d8949733849d deploy/vagrant/start.sh
--- /dev/null
+++ b/deploy/vagrant/start.sh
@@ -0,0 +1,53 @@
+#!/bin/bash
+
+mydir=$(dirname "$0")
+
+dbpwd="$1"
+if [ -z "$dbpwd" ]; then
+ echo "Usage: $0 " 1>&2
+ exit 2
+fi
+
+set -eu -o pipefail
+
+rootdir="$mydir/../.."
+
+deploydir="$rootdir"/deploy
+if [ ! -d "$deploydir" ]; then
+ echo "ERROR: Unexpected repository layout - expected directory at $deploydir"
+ exit 2
+fi
+
+managerdir="$deploydir/vagrant"
+if [ ! -d "$managerdir" ]; then
+ echo "ERROR: Required directory $managerdir not found"
+ exit 2
+fi
+
+configdir="$deploydir/config"
+if [ ! -d "$configdir" ]; then
+ echo "ERROR: Required directory $configdir not found"
+ exit 2
+fi
+
+if [ ! -f "$rootdir/postgres-dumpall" ]; then
+ echo "ERROR: I expect to find a Postgres SQL multi-db dump file in $rootdir/postgres-dumpall"
+ exit 2
+fi
+
+fontdir="$rootdir"/public/themes/soundsoftware/stylesheets/fonts
+if [ ! -f "$fontdir/24BC0E_0_0.woff" ]; then
+ echo "ERROR: I expect to find necessary webfonts in $fontdir"
+ exit 2
+fi
+
+for f in database.yml code.conf ; do
+ cat "$configdir/$f.in" |
+ sed 's/INSERT_POSTGRES_PASSWORD_HERE/'"$dbpwd"'/g' > \
+ "$configdir/$f"
+done
+
+cd "$managerdir"
+
+vagrant up
+
diff -r d0d59d12db94 -r d8949733849d deploy/vagrant/vagrant-provision.sh
--- /dev/null
+++ b/deploy/vagrant/vagrant-provision.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+#!!! still not covered:
+# * cron jobs
+# * https
+# * web fonts
+# * reposman scripts (and their API key setup, etc)
+# * docgen script install
+# * logrotate config (check against system one)
+
+set -e
+
+for f in /code-to-deploy/deploy/provision.d/[0-9]* ; do
+ case "$f" in
+ *~) ;;
+ *) echo "Running provision script: $f"
+ /bin/bash "$f";;
+ esac
+done
+