Add all files needed to bring up VM and run agaric.com locally

2018-08-20 10:45:20 -04:00 · 2018-08-20 10:45:20 -04:00 · 4d2bc0ee24
commit 4d2bc0ee24
parent 52c8b60bac
742 changed files with 24037 additions and 0 deletions
--- a/box/examples/prod/README.md
+++ b/box/examples/prod/README.md
@ -0,0 +1,5 @@
+# Drupal VM Production Configuration Example
+
+> **Important**: This feature is currently in 'experimental' status, and the security of your servers is _your_ responsibility.
+
+See [Deploying Drupal VM to a production environment](http://docs.drupalvm.com/en/latest/other/production/#example-drupal-vm-on-digitalocean) for a guide on how you can build a Drupal environment with Drupal VM on a cloud provider such as DigitalOcean.
--- a/box/examples/prod/bootstrap/example.vars.yml
+++ b/box/examples/prod/bootstrap/example.vars.yml
@ -0,0 +1,15 @@
+---
+admin_user: my_admin_username
+
+# On RHEL/CentOS, 'wheel'; on Debian/Ubuntu, 'sudo'.
+admin_group: sudo
+
+# IMPORTANT: Configure your own password for the admin user account. To generate
+# a password hash, use either of the following commands:
+#   - `openssl passwd -1 [password]`
+#   - `mkpasswd --method=SHA-512`.
+admin_password: $1$HgT69GsW$qZ8FUJHafZZWD76KXgAZO/
+
+# Configuration for copying local public SSH key to admin's authorized_keys.
+admin_copy_ssh_pubkey: true
+admin_pubkey: ~/.ssh/id_rsa.pub
--- a/box/examples/prod/bootstrap/init.yml
+++ b/box/examples/prod/bootstrap/init.yml
@ -0,0 +1,40 @@
+---
+- hosts: drupalvm
+  gather_facts: no
+
+  vars_files:
+    - vars.yml
+
+  pre_tasks:
+    # See: https://github.com/geerlingguy/drupal-vm/issues/1245
+    - name: Install Python if it's not available.
+      raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
+      register: output
+      changed_when: output.stdout != ""
+    - action: setup
+
+  tasks:
+    - name: Create admin user account.
+      user:
+        name: "{{ admin_user }}"
+        createhome: yes
+        home: "/home/{{ admin_user }}"
+        generate_ssh_key: yes
+        ssh_key_comment: "ansible-{{ inventory_hostname }}"
+        password: "{{ admin_password }}"
+        groups: "{{ admin_group }}"
+        shell: /bin/bash
+
+    - name: Add local SSH public key to admin account authorized_keys.
+      authorized_key:
+        user: "{{ admin_user }}"
+        key: "{{ lookup('file', admin_pubkey) }}"
+        manage_dir: yes
+      when: admin_copy_ssh_pubkey
+
+    - name: Disable requiretty.
+      lineinfile:
+        dest: /etc/sudoers
+        regexp: '^Defaults.+requiretty'
+        line: 'Defaults    !requiretty'
+        state: present
--- a/box/examples/prod/example.inventory
+++ b/box/examples/prod/example.inventory
@ -0,0 +1,2 @@
+[drupalvm]
+1.2.3.4 ansible_ssh_user=my_admin_username
--- a/box/examples/prod/prod.config.yml
+++ b/box/examples/prod/prod.config.yml
@ -0,0 +1,47 @@
+---
+# Normally, this would be set to the hostname of your DigitalOcean Droplet.
+drupal_domain: "drupalvm.test"
+vagrant_hostname: "{{ drupal_domain }}"
+
+# Add only the `apache_vhosts` or `nginx_vhosts` you need. If installing a
+# single Drupal site, the variable should look like this (Apache):
+apache_vhosts:
+  - servername: "{{ drupal_domain }}"
+    documentroot: "{{ drupal_core_path }}"
+    extra_parameters: "{{ apache_vhost_php_fpm_parameters }}"
+
+# Since this will be a publicly-accessible instance of Drupal VM, make sure you
+# configure secure passwords, especially for Drupal and MySQL!
+drupal_account_pass: admin
+drupal_db_password: drupal
+mysql_root_password: root
+
+# Only install extras that you will need/use on your site, and don't install
+# development-related software on production environments!
+installed_extras:
+  - drush
+  # - memcached
+  # - redis
+  # - solr
+  - varnish
+
+# Disable Apache package upgrades.
+apache_packages_state: installed
+
+# Disable the dashboard page. Also remove any unneeded virtualhosts.
+dashboard_install_dir: ''
+
+# Enable a more hardened security configuration.
+extra_security_enabled: true
+
+# Restrict the firewall to only ports that are required for external services.
+firewall_allowed_tcp_ports:
+  - "22"
+  - "80"
+  - "443"
+firewall_log_dropped_packets: true
+
+# Set Apache to listen on port 81 (internal only), and Varnish on 80.
+apache_listen_port: "81"
+varnish_listen_port: "80"
+varnish_default_backend_port: "81"
--- a/box/examples/scripts/README.md
+++ b/box/examples/scripts/README.md
@ -0,0 +1,18 @@
+# Example Scripts for Drupal VM
+
+## Post-Provision Scripts
+
+Drupal VM allows you to run extra shell scripts at the end of the provisioning process, in case you need to do extra custom setup, configure your environment, or install extra software outside the purview of Drupal VM.
+
+To use an extra script, configure the path to the script (relative to `provisioning/playbook.yml`) in `config.yml`:
+
+```yaml
+post_provision_scripts:
+  - "../examples/post-provision.sh"
+```
+
+The above example results in the example `post-provision.sh` script running after the main Drupal VM setup is complete. Note that this script would run _every_ time you provision the environment (e.g. once when you run `vagrant up`, then again every time you run `vagrant provision` again).
+
+You can define as many scripts as you would like, and any arguments after the path will be passed to the shell script itself (e.g. `"../examples/post-provision.sh --option"`).
+
+Generally, you should place your post-provision scripts inside a `scripts` directory in the root of your Drupal VM project directory; this directory is gitignored, so you can continue to update Drupal VM without accidentally overwriting your scripts.
--- a/box/examples/scripts/configure-solr.sh
+++ b/box/examples/scripts/configure-solr.sh
@ -0,0 +1,38 @@
+#!/bin/bash
+#
+# Example shell script to run post-provisioning.
+#
+# This script configures the default Apache Solr search core to use one of the
+# Drupal Solr module's configurations. This shell script presumes you have
+# `solr` in the `installed_extras`, and is currently set up for the D8 versions
+# of Apache Solr Search or Search API Solr.
+
+SOLR_CORE_NAME="d8"
+SOLR_SETUP_COMPLETE_FILE="/etc/drupal_vm_solr_config_complete_$SOLR_CORE_NAME"
+
+# Search API Solr module.
+SOLR_DOWNLOAD="http://ftp.drupal.org/files/projects/search_api_solr-8.x-1.x-dev.tar.gz"
+SOLR_DOWNLOAD_DIR="/tmp"
+SOLR_MODULE_NAME="search_api_solr"
+SOLR_VERSION="5.x"
+SOLR_CORE_PATH="/var/solr/data/$SOLR_CORE_NAME"
+
+# Check to see if we've already performed this setup.
+if [ ! -e "$SOLR_SETUP_COMPLETE_FILE" ]; then
+  # Download and expand the Solr module.
+  wget -qO- $SOLR_DOWNLOAD | tar xvz -C $SOLR_DOWNLOAD_DIR
+
+  # Copy new Solr collection core with the Solr configuration provided by module.
+  sudo su - solr -c "/opt/solr/bin/solr create -c $SOLR_CORE_NAME -d $SOLR_DOWNLOAD_DIR/$SOLR_MODULE_NAME/solr-conf/$SOLR_VERSION/"
+
+  # Adjust the autoCommit time so index changes are committed in 1s.
+  sudo sed -i 's/\(<maxTime>\)\([^<]*\)\(<[^>]*\)/\11000\3/g' $SOLR_CORE_PATH/conf/solrconfig.xml
+
+  # Restart Apache Solr.
+  sudo service solr restart
+
+  # Create a file to indicate this script has already run.
+  sudo touch $SOLR_SETUP_COMPLETE_FILE
+else
+  exit 0
+fi
--- a/box/examples/scripts/pareview.sh
+++ b/box/examples/scripts/pareview.sh
@ -0,0 +1,55 @@
+#!/bin/bash
+#
+# Example shell script to set up PAReview.sh.
+#
+# You also need to adjust your `config.yml` to add in some other dependencies.
+#
+#     ```
+#     post_provision_scripts:
+#       - "../examples/scripts/pareview.sh"
+#    
+#     composer_global_packages:
+#       - { name: hirak/prestissimo, release: '^0.3' }
+#       - { name: drupal/coder, release: '^' }
+#    
+#     nodejs_version: "6.x"
+#     nodejs_npm_global_packages:
+#       - eslint
+#     ```
+#
+# After running `vagrant provision`, `pareview.sh` should be available anywhere
+# in your Vagrant user's $PATH, so you can run commands like:
+#
+#     $ pareview.sh /path/to/my/module
+#     $ pareview.sh http://git.drupal.org/project/rules.git 8.x-1.x
+#
+# See: https://github.com/klausi/pareviewsh
+
+PAREVIEW_SETUP_COMPLETE_FILE="/etc/drupal_vm_pareview_config_complete"
+HOME_PATH="/home/vagrant"
+
+# Check to see if we've already performed this setup.
+if [ ! -e "$PAREVIEW_SETUP_COMPLETE_FILE" ]; then
+  # Register the `Drupal` and `DrupalPractice` Standard with PHPCS.
+  $HOME_PATH/.composer/vendor/bin/phpcs --config-set installed_paths $HOME_PATH/.composer/vendor/drupal/coder/coder_sniffer
+
+  # Download DrupalSecure.
+  git clone --branch master https://git.drupal.org/sandbox/coltrane/1921926.git /opt/drupalsecure_code_sniffs
+
+  # Move the DrupalSecure directory into the PHPCS Standards.
+  sudo ln -sv /opt/drupalsecure_code_sniffs/DrupalSecure $HOME_PATH/.composer/vendor/squizlabs/php_codesniffer/CodeSniffer/Standards
+
+  # Install Codespell.
+  sudo apt-get install -y python-pip
+  pip install codespell
+
+  # Install PAReview script.
+  sudo wget -O /opt/pareview.sh https://raw.githubusercontent.com/klausi/pareviewsh/7.x-1.x/pareview.sh
+  sudo chmod +x /opt/pareview.sh
+  sudo ln -s /opt/pareview.sh /usr/local/bin
+
+  # Create a file to indicate this script has already run.
+  sudo touch $PAREVIEW_SETUP_COMPLETE_FILE
+else
+  exit 0
+fi