SoundSoftware Code Site

Deploying the SoundSoftware site

After deployment

----------------

There is a smoke test script at test/smoketest.sh which checks that

the home page, a project page, a repo page etc can be retrieved. Some

of the pages it tries to retrieve are dependent on their generating

cron scripts having run at least once since the server was set up.

#!/bin/bash

# To be sourced into a container-specific start.sh file, not run

# standalone

usage() {

    echo "Usage: $0 <database-password> <api-key> <api-httpauth-password>" 1>&2

    exit 2

}

dbpass="$1"

if [ -z "$dbpass" ]; then

    usage

fi

apikey="$2"

if [ -z "$apikey" ]; then

    usage

fi

apipass="$3"

if [ -z "$apipass" ]; then

    usage

fi

set -eu -o pipefail

rootdir="$mydir/../.."

deploydir="$rootdir"/deploy

if [ ! -d "$deploydir" ]; then

    echo "ERROR: Unexpected repository layout - expected directory at $deploydir"

    exit 2

fi

managerdir="$deploydir/vagrant"

if [ ! -d "$managerdir" ]; then

    echo "ERROR: Required directory $managerdir not found"

    exit 2

fi

configdir="$deploydir/config"

if [ ! -d "$configdir" ]; then

    echo "ERROR: Required directory $configdir not found"

    exit 2

fi

if [ ! -f "$rootdir/postgres-dumpall" ]; then

    echo "ERROR: I expect to find a Postgres SQL multi-db dump file in $rootdir/postgres-dumpall"

    exit 2

fi

fontdir="$rootdir"/public/themes/soundsoftware/stylesheets/fonts

if [ ! -f "$fontdir/24BC0E_0_0.woff" ]; then

    echo "ERROR: I expect to find necessary webfonts in $fontdir"

    exit 2

fi

apischeme=http

apihost=localhost

#apischeme=https

#apihost=code.soundsoftware.ac.uk

for f in "$configdir"/*.in "$rootdir"/extra/soundsoftware/extract-docs.sh ; do

    out="$configdir"/$(basename "$f" .in).gen

    cat "$f" | sed \

                   -e 's/INSERT_DATABASE_PASSWORD_HERE/'"$dbpass"'/g' \

                   -e 's/INSERT_API_KEY_HERE/'"$apikey"'/g' \

                   -e 's/INSERT_API_SCHEME_HERE/'"$apischeme"'/g' \

                   -e 's/INSERT_API_HOST_HERE/'"$apihost"'/g' \

                   -e 's/INSERT_API_USER_HERE/user/g' \

                   -e 's/INSERT_API_PASSWORD_HERE/'"$apipass"'/g' \

                   > "$out"

done

# A test Apache config. Lacks SSL, lacks a desirable extra layer of

# authentication for admin interface paths. Do not deploy this.

# Note this has been updated for Apache 2.4, which introduced a number

# of (welcome) changes to access control directives.

PerlLoadModule Apache::Authn::SoundSoftware

<VirtualHost *:80>

        ServerName code.soundsoftware.ac.uk

        ServerAdmin chris.cannam@soundsoftware.ac.uk

        DocumentRoot /var/www/code/public

        PassengerRestartDir restart_files

        PassengerHighPerformance on

        PassengerMaxRequests 50000

        PassengerStatThrottleRate 5

	PassengerStartTimeout 60

	PassengerFriendlyErrorPages on

        RailsSpawnMethod smart

        ExpiresDefault "access plus 1 minute"

#        <Location /sys>

#		AuthType Basic

#		AuthUserFile "/etc/apache2/auth/user.htpasswd"

#		AuthName "code.soundsoftware.ac.uk"

#		Require user user

#	</Location>

#	<Location /admin>

#		AuthType Digest

#		AuthUserFile "/etc/apache2/auth/admin.htdigest"

#		AuthName "code.soundsoftware.ac.uk admin interface"

#		Require user admin

#	</Location>

        <DirectoryMatch "^/.*/\.svn/">

                Require all denied

        </DirectoryMatch>

        <DirectoryMatch "^/.*/\.hg/">

                Require all denied

        </DirectoryMatch>

        <DirectoryMatch "^/.*/\.git/">

                Require all denied

        </DirectoryMatch>

        <Directory /var/www/code/public>

                Options -MultiViews

	</Directory>

        <Directory /var/www/code/public/themes/soundsoftware/stylesheets/fonts>

		# Avoid other sites embedding our fonts

		RewriteEngine on

		RewriteCond %{HTTP_REFERER} !^$

		RewriteCond %{HTTP_REFERER} !^http(s)?://code.soundsoftware.ac.uk/.*$ [NC]

		RewriteRule \.(ttf|woff|eot|otf|svg|zip|gz|html|txt)$ - [F]

	</Directory>

	ScriptAlias /hg "/var/hg/index.cgi"

	<Location /hg>

               	AuthName "Mercurial"

                AuthType Basic

                Require valid-user

		PerlAccessHandler Apache::Authn::SoundSoftware::access_handler

      		PerlAuthenHandler Apache::Authn::SoundSoftware::authen_handler

		PerlSetVar HTTPS "on"

		SoundSoftwareDSN "dbi:Pg:database=code;host=localhost"

    		SoundSoftwareDbUser "code"

     		SoundSoftwareDbPass "INSERT_DATABASE_PASSWORD_HERE"

		SoundSoftwareRepoPrefix "/var/hg/"

                #!!! "on" in production please!:

                SoundSoftwareSslRequired "off"

		Options +ExecCGI

		AddHandler cgi-script .cgi

		ExpiresDefault now

        </Location>

	Alias /git "/var/files/git-mirror"

	<Directory "/var/files/git-mirror">

		Options -Indexes +FollowSymLinks

                Require all granted

	</Directory>

	<Directory ~ "/var/files/git-mirror/.*\.workdir">

                Require all denied

	</Directory>

	<Directory ~ "/var/files/git-mirror/__.*">

                Require all denied

	</Directory>

	ErrorLog /var/log/apache2/code-error.log

	CustomLog /var/log/apache2/code-access.log vhost_combined

        LogLevel warn

        ServerSignature Off

</VirtualHost>

#!/bin/sh

outfile="/var/files/backups/postgres-dumpall-`date +%Y%m%d%H%M`"

oldmask=`umask`

umask 0277

su postgres -c /usr/bin/pg_dumpall > "$outfile" && bzip2 "$outfile"

umask "$oldmask"

#!/bin/bash

cd /tmp

/var/www/code/docgen/extract-docs.sh

#!/bin/bash

sudo -u code sh -c "cd /var/www/code ; ./script/rails runner -e production extra/soundsoftware/get-statistics.rb >> log/statistics.log"

#!/bin/bash

tail -2 /var/log/external-repos.log

#!/bin/bash

## No longer used - this site is now static

# /usr/bin/wget -O - -q -t 1 http://www.soundsoftware.ac.uk/cron.php

#!/bin/bash

sudo -u code sh -c "cd /var/www/code ; ./script/rails runner \"Repository.fetch_changesets\" -e production 2>&1 | grep -v 'Not trusting' | grep -v 'svn:' | grep -v 'working copy' | grep -v 'deprecated' | grep -v 'version_requirements'"

exit 0

#!/bin/bash

sudo -H -u www-data /var/www/code/reposman/run-external.sh

#!/bin/sh

rm -f /var/www/code/tmp/cache/*/*/views*explore*

#!/bin/bash

logfile="/var/www/code/log/export-git.log"

sudo -u code sh -c "cd /tmp ; /var/www/code/extra/soundsoftware/export-git.sh production /var/hg /var/files/git-mirror >> $logfile 2>&1"

#!/bin/bash

sudo -u www-data /var/www/code/reposman/run-reposman.sh

#!/bin/sh

cd /

for location in var/www etc/apache2 etc/cron.*; do

	target="/var/files/backups/`echo $location | sed 's,/,_,g'`-`date +%Y%m%d%H%M`"

	oldmask=`umask`

	umask 0277

	tar cjf "$target".tar.bz2 "$location"

	umask "$oldmask"

done

production:

  adapter: postgresql

  database: code

  host: localhost

  username: code

  password: "INSERT_DATABASE_PASSWORD_HERE"

[paths]

/ = /var/hg/*

[web]

allow_archive = gz, zip, bz2

allow_push = *

#!/usr/bin/env python

#

# An example CGI script to export multiple hgweb repos, edit as necessary

# adjust python path if not a system-wide install:

#import sys

#sys.path.insert(0, "/path/to/python/lib")

# enable importing on demand to reduce startup time

from mercurial import demandimport; demandimport.enable()

# Uncomment to send python tracebacks to the browser if an error occurs:

import cgitb

cgitb.enable()

# If you'd like to serve pages with UTF-8 instead of your default

# locale charset, you can do so by uncommenting the following lines.

# Note that this will cause your .hgrc files to be interpreted in

# UTF-8 and all your repo files to be displayed using UTF-8.

#

import os

os.environ["HGENCODING"] = "UTF-8"

from mercurial.hgweb.hgwebdir_mod import hgwebdir

import mercurial.hgweb.wsgicgi as wsgicgi

# The config file looks like this.  You can have paths to individual

# repos, collections of repos in a directory tree, or both.

#

# [paths]

# virtual/path1 = /real/path1

# virtual/path2 = /real/path2

# virtual/root = /real/root/*

# / = /real/root2/*

# virtual/root2 = /real/root2/**

#

# [collections]

# /prefix/to/strip/off = /root/of/tree/full/of/repos

#

# paths example:

#

# * First two lines mount one repository into one virtual path, like

# '/real/path1' into 'virtual/path1'.

#

# * The third entry mounts every mercurial repository found in '/real/root'

# in 'virtual/root'. This format is preferred over the [collections] one,

# since using absolute paths as configuration keys is not supported on every

# platform (especially on Windows).

#

# * The fourth entry is a special case mounting all repositories in

# /'real/root2' in the root of the virtual directory.

#

# * The fifth entry recursively finds all repositories under the real root,

# and mounts them using their relative path (to given real root) under the

# virtual root.

#

# collections example: say directory tree /foo contains repos /foo/bar,

# /foo/quux/baz.  Give this config section:

#   [collections]

#   /foo = /foo

# Then repos will list as bar and quux/baz.

#

# Alternatively you can pass a list of ('virtual/path', '/real/path') tuples

# or use a dictionary with entries like 'virtual/path': '/real/path'

application = hgwebdir('hgweb.config')

wsgicgi.launch(application)

# see "man logrotate" for details

# rotate log files weekly

weekly

# use the syslog group by default, since this is the owning group

# of /var/log/syslog.

su root syslog

# keep 4 weeks worth of backlogs

rotate 4

# create new (empty) log files after rotating old ones

create

# uncomment this if you want your log files compressed

#compress

# packages drop log rotation information into this directory

include /etc/logrotate.d

# no packages own wtmp, or btmp -- we'll rotate them here

/var/log/wtmp {

    missingok

    monthly

    create 0664 root utmp

    rotate 1

}

/var/log/btmp {

    missingok

    monthly

    create 0660 root utmp

    rotate 1

}

# system-specific logs may be configured here

/var/www/code/log/*.log {

	weekly

	missingok

	rotate 52

	compress

	delaycompress

	create 640 code code

	sharedscripts

	postrotate

		touch /var/www/code/restart_files/restart.txt

	endscript

}

/var/log/reposman.log {

        weekly

        missingok

        rotate 52

        compress

        delaycompress

        create 640 www-data code

        sharedscripts

}

/var/log/external-repos.log {

        weekly

        missingok

        rotate 52

        compress

        delaycompress

        create 640 www-data code

        sharedscripts

}

PassengerMaxPoolSize 60

LoadModule passenger_module /var/lib/gems/2.3.0/gems/passenger-4.0.60/buildout/apache2/mod_passenger.so

PassengerRoot /var/lib/gems/2.3.0/gems/passenger-4.0.60

PassengerDefaultRuby /usr/bin/ruby2.3

# Apache::DBI is supposed to be a transparent replacement for Perl DBI with

# better performance when multiple connections are made with common DSN, user

# and password

PerlModule Apache::DBI

#!/bin/bash

logfile=/var/log/external-repos.log

(

flock -s 200

echo >> $logfile

date >> $logfile

/var/www/code/reposman/convert-external-repos.rb \

	-s /var/hg \

	-r INSERT_API_SCHEME_HERE://INSERT_API_HOST_HERE/ \

	-k INSERT_API_KEY_HERE \

	-v \

	--http-user=INSERT_API_USER_HERE \

	--http-pass=INSERT_API_PASSWORD_HERE \

        -c "/var/www/code/reposman/update-external-repo.sh" \

	>> $logfile 2>&1

date >> $logfile

echo Done >> $logfile

)200>>$logfile

#!/bin/bash

logfile=/var/log/reposman.log

(

flock -s 200

echo >> $logfile

/var/www/code/reposman/reposman-soundsoftware.rb \

	-s /var/hg \

	-r INSERT_API_SCHEME_HERE://INSERT_API_HOST_HERE/ \

	-k INSERT_API_KEY_HERE \

	--http-user=INSERT_API_USER_HERE \

	--http-pass=INSERT_API_PASSWORD_HERE \

	-o www-data \

	-g code \

	-c "/var/www/code/reposman/run-hginit.sh" \

	--scm=Mercurial \

	>> $logfile 2>&1

)200>>$logfile

FROM ubuntu:16.04

MAINTAINER Chris Cannam <cannam@all-day-breakfast.com>

COPY . /var/www/code

WORKDIR /var/www/code

INSERT_PROVISIONING_HERE

# Start Postgres and foregrounded Apache

RUN echo "#!/bin/bash"                      > container-run.sh

RUN echo "/etc/init.d/postgresql start"    >> container-run.sh

RUN echo "apache2ctl -D FOREGROUND"        >> container-run.sh

RUN chmod +x container-run.sh

EXPOSE 80

CMD ./container-run.sh

# For documentation and experimental purposes only. As a

# reconstruction of the machine image that runs this application,

# there are lots of things missing here; but as a good Docker

# configuration, it fails by mixing together rather a lot of concerns.

FROM ubuntu:16.04

MAINTAINER Chris Cannam <cannam@all-day-breakfast.com>

RUN apt-get update && \

    apt-get install -y \

    apache2 \

    apache2-dev \

    apt-utils \

    build-essential \

    cron \

    curl \

    doxygen \

    exim4 \

    git \

    graphviz \

    imagemagick \

    libapache-dbi-perl \

    libapache2-mod-perl2 \

    libapr1-dev \

    libaprutil1-dev \

    libauthen-simple-ldap-perl \

    libcurl4-openssl-dev \

    libdbd-pg-perl \

    libpq-dev \

    libmagickwand-dev \

    libio-socket-ssl-perl \

    logrotate \

    mercurial \

    postgresql \

    rsync \

    ruby \

    ruby-dev \

    sudo

# Also used on the live site, for javadoc extraction, but this is

# would be by far the biggest package here: let's omit it while we're

# not making use of it

#   openjdk-9-jdk-headless

RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Passenger gets installed through gem, not apt

RUN gem install passenger -v 4.0.60 --no-rdoc --no-ri

RUN passenger-install-apache2-module --languages=ruby

# Copy across webapp, set up ownership

COPY . /var/www/code

RUN groupadd code

RUN useradd -g code -G www-data code

RUN chown -R code.www-data /var/www/code

RUN find /var/www/code -type d -exec chmod g+s \{\} \;

# Initialise /var/hg (in reality this would be mounted from somewhere)

RUN mkdir -p /var/hg

RUN chown code.www-data /var/hg

RUN chmod g+s /var/hg

COPY extra/soundsoftware/scripted-deploy/config/index.cgi /var/hg/

COPY extra/soundsoftware/scripted-deploy/config/hgweb.config /var/hg/

RUN chmod +x /var/hg/index.cgi

# We're based in the code webapp directory from here on

WORKDIR /var/www/code

# Set up database config etc

RUN cp extra/soundsoftware/scripted-deploy/config/database.yml.interpolated config/database.yml

# Install Rails and dependencies (database.yml must be populated before this)

RUN gem install bundler

RUN bundle install

# Initialise Redmine token (bundler must be installed before this)

RUN bundle exec rake generate_secret_token

# Import Postgres database from postgres-dumpall file

RUN chown postgres postgres-dumpall

RUN /etc/init.d/postgresql start && sudo -u postgres psql -f postgres-dumpall postgres

RUN rm postgres-dumpall

# Install Perl auth module for Hg access

RUN mkdir -p /usr/local/lib/site_perl/Apache/Authn/

RUN cp extra/soundsoftware/SoundSoftware.pm /usr/local/lib/site_perl/Apache/Authn/

# Set up Apache config (todo: insert variables)

RUN rm -f /etc/apache2/sites-enabled/000-default.conf

RUN cp extra/soundsoftware/scripted-deploy/config/passenger.conf /etc/apache2/mods-available/

RUN cp extra/soundsoftware/scripted-deploy/config/passenger.load /etc/apache2/mods-available/

RUN cp extra/soundsoftware/scripted-deploy/config/perl.conf      /etc/apache2/mods-available/

RUN ln -s ../mods-available/passenger.conf  /etc/apache2/mods-enabled/

RUN ln -s ../mods-available/passenger.load  /etc/apache2/mods-enabled/

RUN ln -s ../mods-available/perl.conf       /etc/apache2/mods-enabled/

RUN ln -s ../mods-available/expires.load    /etc/apache2/mods-enabled/

RUN ln -s ../mods-available/rewrite.load    /etc/apache2/mods-enabled/

RUN ln -s ../mods-available/cgi.load        /etc/apache2/mods-enabled/

RUN cp extra/soundsoftware/scripted-deploy/config/code.conf.interpolated /etc/apache2/sites-available/code.conf

RUN ln -s ../sites-available/code.conf /etc/apache2/sites-enabled/10-code.conf

RUN apache2ctl configtest

# Start Postgres and foregrounded Apache

RUN echo "#!/bin/bash"                      > container-run.sh

RUN echo "/etc/init.d/postgresql start"    >> container-run.sh

RUN echo "apache2ctl -D FOREGROUND"        >> container-run.sh

RUN chmod +x container-run.sh

EXPOSE 80

CMD ./container-run.sh

#!/bin/bash

mydir=$(dirname "$0")

. "$mydir"/../any/prepare.sh

provisioning_commands=$(

    for x in "$deploydir"/provision.d/[0-9]*.sh; do

        echo "RUN /bin/bash /var/www/code/deploy/provision.d/$(basename $x)"

    done | sed 's/$/\\n/' | fmt -2000 | sed 's/ RUN/RUN/g' )

( echo

  echo "### DO NOT EDIT THIS FILE - it is generated from Dockerfile.in"

  echo

) > "$managerdir/Dockerfile"

cat "$managerdir/Dockerfile.in" |

    sed 's,INSERT_PROVISIONING_HERE,'"$provisioning_commands"',' >> \

        "$managerdir/Dockerfile.gen"

cd "$rootdir"

dockertag="cannam/soundsoftware-site"

sudo docker build -t "$dockertag" -f "deploy/docker/Dockerfile.gen" .

sudo docker run -p 8080:80 -d "$dockertag"

#!/bin/bash

set -e

# Install necessary system packages. This assumes we are deploying on

# Ubuntu 16.04.

# We aim to make all of these provisioning scripts non-destructive if

# run more than once. In this case, running the script again will

# install any outstanding updates.

apt-get update && \

    apt-get dist-upgrade -y && \

    apt-get install -y \

            ack-grep \

            apache2 \

            apache2-dev \

            apt-utils \

            build-essential \

            cron \

            curl \

            doxygen \

            exim4 \

            git \

            graphviz \

            imagemagick \

            libapache-dbi-perl \

            libapache2-mod-perl2 \

            libapr1-dev \

            libaprutil1-dev \

            libauthen-simple-ldap-perl \

            libcurl4-openssl-dev \

            libdbd-pg-perl \

            libpq-dev \

            libmagickwand-dev \

            libio-socket-ssl-perl \

            logrotate \

            mercurial \

            openjdk-9-jdk-headless \

            postgresql \

            rsync \

            ruby \

            ruby-dev \

            sudo

locale-gen en_US.UTF-8

#!/bin/bash

set -e

# Phusion Passenger as application server.

# This gets installed through gem, not apt, and we ask for a specific

# version (the last in the 4.0.x line).

if [ ! -f /var/lib/gems/2.3.0/gems/passenger-4.0.60/buildout/apache2/mod_passenger.so ]; then

    gem install passenger -v 4.0.60 --no-rdoc --no-ri

    passenger-install-apache2-module --languages=ruby

fi

#!/bin/bash

set -e

# The webapp directory is owned and run by the code user, in group

# www-data. The repos and other things served directly are the other

# way around -- owned by the www-data user, in group code.

for user in code docgen ; do

    if ! grep -q "^$user:" /etc/passwd ; then

        groupadd "$user"

        useradd -g "$user" -G www-data "$user"

    fi

done

#!/bin/bash

set -e

# We might be running in one of two ways:

#

# 1. The code directory is already at /var/www/code, either because a

# previous provisioning step has imported it there or because this

# script has been run before -- in this situation all we do is

# re-check the ownership and permissions. OR

#

# 2. The code directory has not yet been copied to /var/www/code, in

# which case we expect to find it at /code-to-deploy, e.g. as a

# Vagrant shared folder, and we copy it over from there. (We don't

# deploy directly from shared folders as we might not be able to

# manipulate ownership and permissions properly there.)

if [ ! -d /var/www/code ]; then

    if [ ! -d /code-to-deploy ]; then

        echo "ERROR: Expected to find code tree at /var/www/code or /code-to-deploy: is the deployment script being invoked correctly?"

        exit 2

    fi

    cp -a /code-to-deploy /var/www/code

fi

chown -R code.www-data /var/www/code

find /var/www/code -type d -exec chmod g+s \{\} \;

#!/bin/bash

set -e

# In a real deployment, /var/hg is probably mounted from somewhere

# else. But in an empty deployment we need to create it, and in both

# cases we set up the config files with their current versions here.

if [ ! -f /var/hg/index.cgi ]; then

    mkdir -p /var/hg

fi

cp /var/www/code/deploy/config/index.cgi /var/hg/

cp /var/www/code/deploy/config/hgweb.config /var/hg/

chmod +x /var/hg/index.cgi

chown -R www-data.code /var/hg

find /var/hg -type d -exec chmod g+s \{\} \;

#!/bin/bash

set -e

# Copy across the database config file (the source file has presumably

# been generated from a skeleton, earlier in provisioning)

infile=/var/www/code/deploy/config/database.yml.gen

outfile=/var/www/code/config/database.yml

if [ ! -f "$outfile" ]; then

    if [ ! -f "$infile" ]; then

        echo "ERROR: Database config file $infile not found - has the database secret been interpolated from $infile.in correctly?"

        exit 2

    fi

    cp "$infile" "$outfile"

fi

#!/bin/bash

set -e

# Install Ruby gems for the web app.

# We aim to make all of these provisioning scripts non-destructive if

# run more than once. In this case, running the script again will

# install any outstanding updates.

cd /var/www/code

gem install bundler

bundle install

#!/bin/bash

set -e

# Create a session token if it hasn't already been created.

cd /var/www/code

if [ ! -f config/initializers/secret_token.rb ]; then

    bundle exec rake generate_secret_token

fi

#!/bin/bash

set -e

# Start the database and if a dump file is found, load it. The dump

# file is then deleted so that the db won't be overwritten on

# subsequent runs. (The original repo contains no dump file, so it

# should exist only if you have provided some data to load.)

/etc/init.d/postgresql start

cd /var/www/code

if [ -f postgres-dumpall ]; then

    chmod ugo+r postgres-dumpall

    sudo -u postgres psql -f postgres-dumpall postgres

    rm postgres-dumpall

fi

#!/bin/bash

set -e

# Install the Apache mod_perl module used for hg repo access control

if [ ! -f /usr/local/lib/site_perl/Apache/Authn/SoundSoftware.pm ]; then

    mkdir -p /usr/local/lib/site_perl/Apache/Authn/

    cp /var/www/code/extra/soundsoftware/SoundSoftware.pm \

       /usr/local/lib/site_perl/Apache/Authn/

fi

#!/bin/bash

set -e

# Install Apache config files and module loaders

cd /var/www/code

codeconffile=/var/www/code/deploy/config/code.conf.gen

if [ ! -f "$codeconffile" ]; then

    echo "ERROR: Apache config file $codeconffile not found - has the database secret been interpolated from its input file correctly?"

    exit 2

fi

if [ ! -f /etc/apache2/sites-enabled/10-code.conf ]; then

    rm -f /etc/apache2/sites-enabled/000-default.conf

    cp deploy/config/passenger.conf /etc/apache2/mods-available/

    cp deploy/config/passenger.load /etc/apache2/mods-available/

    cp deploy/config/perl.conf      /etc/apache2/mods-available/

    ln -s ../mods-available/passenger.conf  /etc/apache2/mods-enabled/

    ln -s ../mods-available/passenger.load  /etc/apache2/mods-enabled/

    ln -s ../mods-available/perl.conf       /etc/apache2/mods-enabled/

    ln -s ../mods-available/expires.load    /etc/apache2/mods-enabled/

    ln -s ../mods-available/rewrite.load    /etc/apache2/mods-enabled/

    ln -s ../mods-available/cgi.load        /etc/apache2/mods-enabled/

    cp "$codeconffile" /etc/apache2/sites-available/code.conf

    ln -s ../sites-available/code.conf /etc/apache2/sites-enabled/10-code.conf

    apache2ctl configtest

fi

#!/bin/bash

set -e

# In case we are running without a properly mounted /var/hg directory,

# check for the existence of one repo and, if absent, attempt to clone

# it so that we have something we can serve for test purposes.

if [ ! -d /var/hg/vamp-plugin-sdk ]; then

    echo "Cloning vamp-plugin-sdk repo for testing..."

    cd /var/hg

    hg clone https://code.soundsoftware.ac.uk/hg/vamp-plugin-sdk

    chown -R www-data.code vamp-plugin-sdk

fi

#!/bin/bash

set -e

# Copy docgen scripts, including the generated scripts with

# interpolated API key etc, to the directory they will be run from.

# These are run from cron jobs to do the (currently daily) update of

# extracted documentation from Doxygen, Javadoc, and MATLAB, and to

# enable displaying them with the redmine_embedded plugin. (The API

# key is needed to automatically switch on the embedded module for a

# project the first time its docs are extracted.)

cd /var/www/code

mkdir -p docgen

for file in \

    doxysafe.pl \

    extract-doxygen.sh \

    extract-javadoc.sh \

    extract-matlabdocs.sh \

    matlab-docs.conf \

    matlab-docs-credit.html \

    matlab-docs.pl ; do

    if [ ! -f docgen/"$file" ]; then

        cp extra/soundsoftware/"$file" docgen/

    fi

done

for file in \

    extract-docs.sh ; do

    if [ ! -f docgen/"$file" ]; then

        cp deploy/config/"$file".gen docgen/"$file"

    fi

done

chown code.www-data docgen/*

chmod +x docgen/*.sh

#!/bin/bash

set -e

# Copy reposman (repository manager) scripts, including the generated

# scripts with interpolated API key etc, to the directory they will be

# run from.

# There are two sets of scripts here:

#

# 1. The reposman script that plods through all the projects that have

# repositories defined, creates those repositories on disc, and

# registers their locations with the projects. This happens often,

# currently every minute.

#

# 2. The external repo management script that plods through all the

# projects that have external repositories defined, clones or updates

# those external repos to their local locations, and if necessary

# registers them with the projects. This happens less often, currently

# every hour.

cd /var/www/code

mkdir -p reposman

for file in \

    convert-external-repos.rb \

    reposman-soundsoftware.rb \

    run-hginit.sh \

    update-external-repo.sh ; do

    if [ ! -f reposman/"$file" ]; then

        cp extra/soundsoftware/"$file" reposman/

    fi

done

for file in \

    run-external.sh \

    run-reposman.sh ; do

    if [ ! -f reposman/"$file" ]; then

        cp deploy/config/"$file".gen reposman/"$file"

    fi

done

chown code.www-data reposman/*

chmod +x reposman/*.sh

chmod +x reposman/*.rb

touch /var/log/reposman.log

touch /var/log/external-repos.log

chown www-data.code /var/log/reposman.log

chown www-data.code /var/log/external-repos.log

#!/bin/bash

set -e

# Initialise directories used as targets for cron activity (if they

# don't already exist)

for dir in \

    /var/files/backups \

    /var/doc \

    /var/files/git-mirror ; do

    if [ ! -d "$dir" ]; then

        mkdir -p "$dir"

        chown -R code.www-data "$dir"

        chmod g+s "$dir"

    fi

done

# Copy cron scripts to the appropriate destinations

cd /var/www/code

if [ ! -d /etc/cron.minutely ]; then

    mkdir -p /etc/cron.minutely

    echo '*  *    * * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.minutely )' >> /etc/crontab

fi

for t in minutely hourly daily monthly; do

    for s in deploy/config/cron.$t/[0-9]* ; do

        name=$(basename $s)

        dest="/etc/cron.$t/$name"

        if [ ! -f "$dest" ]; then

            cp "$s" "$dest"

            chmod +x "$dest"

        fi

    done

done

#!/bin/bash

cd /var/www/code

cp deploy/config/logrotate.conf /etc/logrotate.conf

#!/bin/bash

set -e

# Last action: start the webserver

apache2ctl restart

#!/bin/bash

# The big problem with this test script is that it needs the cron

# scripts that generate some of this stuff to have been run at least

# once

usage() {

    echo 1>&2

    echo "Usage: $0 <uri-base>" 1>&2

    echo 1>&2

    echo "  e.g. $0 https://code.soundsoftware.ac.uk" 1>&2

    echo "    or $0 http://localhost:8080" 1>&2

    echo 1>&2

    exit 2

}

uribase="$1"

if [ -z "$uribase" ]; then

    usage

fi

set -eu

# A project known to exist, be public, and have a repository

project_with_repo=vamp-plugin-sdk

# A project known to exist, be public, and have embedded documentation

project_with_docs=vamp-plugin-sdk

# A project known to exist, be public, and have a bibliography

project_with_biblio=sonic-visualiser

tried=0

succeeded=0

mydir=$(dirname "$0")

try() {

    mkdir -p "$mydir/output"

    origin=$(pwd)

    cd "$mydir/output"

    path="$1"

    description="$2"

    url="$uribase$path"

    echo

    echo "Trying \"$description\" [$url]..."

    echo

    if wget "$url" ; then

        echo "+++ Succeeded"

        succeeded=$(($succeeded + 1))

    else

        echo "--- FAILED"

    fi

    tried=$(($tried + 1))

    cd "$origin"

}

try "/" "Front page"

try "/projects/$project_with_repo" "Project page"

try "/projects/$project_with_biblio" "Project page with bibliography"

try "/projects/$project_with_repo/repository" "Repository page"

try "/hg/$project_with_repo" "Mercurial repo"

try "/projects/$project_with_docs/embedded" "Project documentation page (from docgen cron script)"

try "/git/$project_with_repo/info/refs" "Git repo mirror"

echo

echo "Passed $succeeded of $tried"

echo

# -*- mode: ruby -*-

# vi: set ft=ruby :

Vagrant.configure("2") do |config|