use of org.platformlayer.ops.packages.PackageDependency in project platformlayer by platformlayer.
the class JenkinsServiceController method addChildren.
@Override
protected void addChildren() throws OpsException {
JenkinsService model = OpsContext.get().getInstance(JenkinsService.class);
InstanceBuilder vm;
{
vm = InstanceBuilder.build(model.dnsName, this, model.getTags());
vm.publicPorts.add(PORT);
vm.hostPolicy.allowRunInContainer = true;
vm.minimumMemoryMb = 2048;
addChild(vm);
}
// If we're building Java projects, we'll want a JDK
vm.addChild(JavaVirtualMachine.buildJdk7());
{
PackageDependency jenkinsPackage = PackageDependency.build("jenkins");
jenkinsPackage.repositoryKey = new RepositoryKey();
jenkinsPackage.repositoryKey.setUrl("http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key");
jenkinsPackage.repository = new Repository();
jenkinsPackage.repository.setKey("jenkins");
jenkinsPackage.repository.getSource().add("deb http://pkg.jenkins-ci.org/debian binary/");
vm.addChild(jenkinsPackage);
}
// We use curl for backups
vm.addChild(PackageDependency.build("curl"));
// Jenkins git usually relies on git being installed
// git-core is valid on both Debian & Ubuntu
vm.addChild(PackageDependency.build("git-core"));
vm.addChild(SimpleFile.build(getClass(), new File("/etc/default/jenkins")));
vm.addChild(EnsureJenkinsSshKey.class);
{
// Adding a known-host entry for github.com doesn't reduce security (?)
EnsureKnownHost knownHost = vm.addChild(EnsureKnownHost.class);
knownHost.user = "jenkins";
knownHost.homeDir = new File("/var/lib/jenkins");
knownHost.host = "github.com";
knownHost.algorithm = "ssh-rsa";
knownHost.key = "AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
}
// Collectd not in wheezy??
// instance.addChild(CollectdCollector.build());
// TODO: If we're going to support SSH git....
// TODO: We need to ssh-keygen for jenkins
// TODO: Someone has to add the jenkins ssh key to the git repo
// TODO: We need to set the git user variables (name & email)
// TODO: We need to add the ssh key(s) of any git repos we're going to be using over ssh
// su -c "ssh-keygen -q -f /var/lib/jenkins/.ssh/id_rsa -N ''" jenkins
// scp root@[2001:470:8157:2::f]:/var/lib/jenkins/.ssh/id_rsa.pub .
// cat id_rsa.pub | ssh -p29418 <gerritip> gerrit create-account --ssh-key - --full-name Jenkins jenkins
{
PublicEndpoint endpoint = injected(PublicEndpoint.class);
// endpoint.network = null;
endpoint.publicPort = PORT;
endpoint.backendPort = PORT;
endpoint.dnsName = model.dnsName;
endpoint.tagItem = model.getKey();
endpoint.parentItem = model.getKey();
endpoint.transport = Transport.Ipv6;
vm.addChild(endpoint);
}
{
BackupDirectory backup = injected(BackupDirectory.class);
backup.itemKey = model.getKey();
File jenkinsRoot = new File("/var/lib/jenkins");
backup.backupRoot = jenkinsRoot;
String[] excludes = { "jobs/*/workspace", "jobs/*/modules", "jobs/*/builds/*/workspace.tar.gz", ".m2/repository" };
for (String exclude : excludes) {
backup.excludes.add(new File(jenkinsRoot, exclude));
}
vm.addChild(backup);
}
}
use of org.platformlayer.ops.packages.PackageDependency in project platformlayer by platformlayer.
the class MysqlServerController method addChildren.
@Override
protected void addChildren() throws OpsException {
MysqlServer model = OpsContext.get().getInstance(MysqlServer.class);
InstanceBuilder instance = InstanceBuilder.build(model.dnsName, this, model.getTags());
// TODO: Memory _really_ needs to be configurable here!
instance.publicPorts.add(3306);
instance.minimumMemoryMb = 2048;
instance.hostPolicy.allowRunInContainer = true;
addChild(instance);
{
PackageDependency serverPackage = instance.addChild(PackageDependency.build("mysql-server"));
// mysql-server-5.1 mysql-server/root_password_again password
// mysql-server-5.1 mysql-server/root_password password
// mysql-server-5.1 mysql-server-5.1/start_on_boot boolean true
// mysql-server-5.1 mysql-server-5.1/postrm_remove_databases boolean false
// mysql-server-5.1 mysql-server/error_setting_password error
// mysql-server-5.1 mysql-server-5.1/nis_warning note
// mysql-server-5.1 mysql-server-5.1/really_downgrade boolean false
// mysql-server-5.1 mysql-server/password_mismatch error
// mysql-server-5.1 mysql-server/no_upgrade_when_using_ndb error
// We need to install with a default password, which we then change
String plaintextPassword = DEFAULT_BOOTSTRAP_PASSWORD.plaintext();
serverPackage.addConfiguration("mysql-server-5.1", "mysql-server/root_password", "password", plaintextPassword);
serverPackage.addConfiguration("mysql-server-5.1", "mysql-server/root_password_again", "password", plaintextPassword);
}
// TODO: Is there a window of vulnerability when first booting a machine?
// Do we need to secure it so that mysql doesn't listen remotely initially (or isn't running)?
// Maybe use mysql-server-5.1 mysql-server-5.1/start_on_boot boolean true
instance.addChild(PackageDependency.build("mysql-client"));
instance.addChild(MysqlServerBootstrap.build());
instance.addChild(SimpleFile.build(getClass(), new File("/etc/mysql/conf.d/bind_all.cnf")));
instance.addChild(SimpleFile.build(getClass(), new File("/etc/mysql/conf.d/skip_name_resolve.cnf")));
// Collectd not restarting correctly (doesn't appear to be hostname problems??)
// instance.addChild(CollectdCollector.build());
{
PublicEndpoint endpoint = injected(PublicEndpoint.class);
// endpoint.network = null;
endpoint.publicPort = 3306;
endpoint.backendPort = 3306;
endpoint.dnsName = model.dnsName;
endpoint.tagItem = model.getKey();
endpoint.parentItem = model.getKey();
instance.addChild(endpoint);
}
instance.addChild(ManagedService.build("mysql"));
}
Aggregations