├── .editorconfig ├── .gitignore ├── .gitmodules ├── CHANGELOG.md ├── LICENSE ├── Makefile ├── README.md ├── TODO.md ├── Vagrantfile ├── customization ├── etc │ └── .gitkeep └── home │ └── .gitkeep ├── documentation ├── VagrantVM.png └── docs │ ├── Makefile │ ├── conf.py │ ├── content │ ├── components │ │ ├── index.rst │ │ ├── provisioning.rst │ │ └── vagrantfile.rst │ ├── gettingStarted │ │ └── index.rst │ ├── introduction.rst │ ├── services │ │ ├── daemons │ │ │ ├── consul.rst │ │ │ ├── docker.rst │ │ │ ├── http-reverse-proxy.rst │ │ │ ├── mail-sandbox.rst │ │ │ ├── samba.rst │ │ │ └── ssh.rst │ │ ├── fileSharing.rst │ │ └── index.rst │ ├── troubleshooting │ │ └── index.rst │ ├── usage │ │ └── index.rst │ └── vagrantDockerVm.rst │ ├── index.rst │ └── make.bat ├── home ├── .bowerrc ├── .gitconfig ├── .gitignore_global ├── .my.cnf ├── .profile.local ├── .ssh │ ├── config.example │ └── known_hosts.example └── .subversion │ └── config ├── provision ├── ansible │ ├── ansible.cfg │ ├── inventory │ ├── playbook.yml │ └── roles │ │ ├── clitools │ │ ├── files │ │ │ ├── bash.clitools.completition │ │ │ ├── crontab │ │ │ └── zsh.clitools.completition │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── configuration.yml │ │ │ ├── install.yml │ │ │ └── main.yml │ │ └── templates │ │ │ └── clitools.ini.j2 │ │ ├── common │ │ ├── handlers │ │ │ └── main.yml │ │ └── tasks │ │ │ ├── debug.yml │ │ │ ├── locale.yml │ │ │ ├── main.yml │ │ │ ├── packages.yml │ │ │ ├── packages │ │ │ ├── ansible.yml │ │ │ ├── apt.yml │ │ │ ├── build-essentials.yml │ │ │ ├── default.yml │ │ │ ├── developer.yml │ │ │ ├── gem.yml │ │ │ ├── npm.yml │ │ │ ├── pip.yml │ │ │ └── system.yml │ │ │ ├── sysctl.yml │ │ │ ├── system.yml │ │ │ └── timezone.yml │ │ ├── consul │ │ └── tasks │ │ │ ├── install.yml │ │ │ ├── main.yml │ │ │ └── startup.yml │ │ ├── customization │ │ └── tasks │ │ │ ├── main.yml │ │ │ └── synchronize.yml │ │ ├── desktop │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── configuration.yml │ │ │ ├── install │ │ │ │ ├── common.yml │ │ │ │ ├── gnome.yml │ │ │ │ ├── kde.yml │ │ │ │ └── unity.yml │ │ │ └── main.yml │ │ └── templates │ │ │ └── vagrant.conf.j2 │ │ ├── disk │ │ └── tasks │ │ │ ├── disk-create.yml │ │ │ ├── disk-mounting.yml │ │ │ ├── main.yml │ │ │ └── maintenance.yml │ │ ├── dnsmasq │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── configuration.yml │ │ │ ├── install.yml │ │ │ └── main.yml │ │ └── templates │ │ │ ├── consul.j2 │ │ │ └── docker.j2 │ │ ├── docker-dory │ │ ├── tasks │ │ │ ├── configuration.yml │ │ │ ├── install.yml │ │ │ ├── main.yml │ │ │ └── startup.yml │ │ └── templates │ │ │ └── dory.yml.j2 │ │ ├── docker │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── configuration.yml │ │ │ ├── image-loader.yml │ │ │ ├── install.yml │ │ │ ├── main.yml │ │ │ └── maintenance.yml │ │ └── templates │ │ │ └── docker.service.j2 │ │ ├── finalize │ │ └── tasks │ │ │ ├── cleanup.yml │ │ │ ├── fix-permissions.yml │ │ │ ├── main.yml │ │ │ ├── udev.yml │ │ │ └── vmtools.yml │ │ ├── firewall │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── configuration.yml │ │ │ ├── install.yml │ │ │ └── main.yml │ │ └── templates │ │ │ └── firewall-vm │ │ ├── mail │ │ ├── files │ │ │ ├── dovecot │ │ │ │ └── local.conf │ │ │ └── postfix │ │ │ │ ├── additional_headers │ │ │ │ └── recipient_canonical_maps │ │ ├── handlers │ │ │ └── main.yml │ │ └── tasks │ │ │ ├── dovecot │ │ │ ├── configuration.yml │ │ │ └── install.yml │ │ │ ├── main.yml │ │ │ └── postfix │ │ │ ├── configuration.yml │ │ │ ├── init.yml │ │ │ └── install.yml │ │ ├── manpages │ │ ├── files │ │ │ └── reinstall-manpages.sh │ │ └── tasks │ │ │ └── main.yml │ │ ├── monit │ │ ├── files │ │ │ └── monit.d │ │ │ │ ├── chronyd.conf │ │ │ │ ├── cron.conf │ │ │ │ ├── docker.conf │ │ │ │ ├── dovecot.conf │ │ │ │ ├── haveged.conf │ │ │ │ ├── incrond.conf │ │ │ │ └── postfix.conf │ │ ├── handlers │ │ │ └── main.yml │ │ └── tasks │ │ │ ├── configuration.yml │ │ │ ├── install.yml │ │ │ └── main.yml │ │ ├── ntp │ │ └── tasks │ │ │ ├── install.yml │ │ │ └── main.yml │ │ ├── php │ │ ├── files │ │ │ └── mods-available │ │ │ │ ├── local-dev.ini │ │ │ │ └── local-prod.ini │ │ └── tasks │ │ │ ├── configuration.yml │ │ │ ├── install.yml │ │ │ ├── main.yml │ │ │ ├── phar.yml │ │ │ └── phar │ │ │ ├── box.yml │ │ │ ├── composer.yml │ │ │ ├── phpdoc.yml │ │ │ └── phpunit.yml │ │ ├── repositories │ │ └── tasks │ │ │ ├── main.yml │ │ │ └── repository.yml │ │ ├── samba │ │ ├── files │ │ │ └── smb.conf │ │ └── tasks │ │ │ ├── configuration.yml │ │ │ ├── install.yml │ │ │ └── main.yml │ │ ├── ssh │ │ ├── handlers │ │ │ └── main.yml │ │ └── tasks │ │ │ ├── configuration.yml │ │ │ └── main.yml │ │ ├── update │ │ └── tasks │ │ │ ├── main.yml │ │ │ ├── update.yml │ │ │ └── upgrade.yml │ │ ├── user │ │ ├── tasks │ │ │ ├── github-ssh-key.yml │ │ │ ├── main.yml │ │ │ ├── profile.yml │ │ │ ├── rupa-z.yml │ │ │ ├── shell.yml │ │ │ ├── shell │ │ │ │ ├── zsh-grml.yml │ │ │ │ ├── zsh-ohmyzsh.yml │ │ │ │ └── zsh-prezto.yml │ │ │ ├── ssh-key.yml │ │ │ └── vcs.yml │ │ └── templates │ │ │ └── vagrant_aliases.sh.j2 │ │ └── vm-vmware │ │ └── tasks │ │ ├── guest-tools.yml │ │ └── main.yml ├── bootstrap.sh ├── docker-init.sh └── maintenance.sh └── vm_defaults.yml /.editorconfig: -------------------------------------------------------------------------------- 1 | # EditorConfig is awesome: http://EditorConfig.org 2 | 3 | # top-most EditorConfig file 4 | root = true 5 | charset = utf-8 6 | trim_trailing_whitespace = true 7 | 8 | [*] 9 | end_of_line = lf 10 | insert_final_newline = true 11 | indent_style = space 12 | indent_size = 4 13 | 14 | [*.yml] 15 | indent_size = 2 16 | 17 | [*.conf] 18 | indent_size = 2 19 | 20 | [Makefile] 21 | indent_size = 4 22 | indent_style = tabs 23 | 24 | [*.rst] 25 | indent_style = space 26 | indent_size = 3 27 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /.vagrant/ 2 | /.idea/ 3 | /disks/** 4 | /customization/etc/* 5 | /customization/home/* 6 | vm.yml* 7 | !.gitkeep 8 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "disks"] 2 | path = disks 3 | url = https://github.com/mblaschke/vagrant-vm-disk.git 4 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | Vagrant Development VM Changelog 2 | ================================ 3 | 4 | 2.0.0 - UPCOMING 5 | ------------------ 6 | * Added prebuilt vagrant image from WebDevOps 7 | * Modular provisioning in `vm.yml` 8 | * Increased data disk size to 160 GB 9 | * Improved provisioning feedback (splitted big ansible tasks into smaller ones) 10 | * Improved general provisoning 11 | * Switched to official docker installation command (removed docker ppa) 12 | * Added distribution update switch in `vm.yml` 13 | * Added auto installation custom kernel in `vm.yml` 14 | * Added ext4, ext3, xfs and btrfs support for data image in `vm.yml` 15 | * Added oh-my-zsh and prezto as zsh profiles 16 | * Modular and more customizable `Vagrantfile` 17 | * Automatic detection of CPUs and Memory (will use 1/4 of host) for MacOS and Linux 18 | * Secured default vhost for reverse proxy (docker proxy) 19 | * Auto rebuild VMware guest tools 20 | * Secured SSL configuration (disabled RC4) 21 | * Added basic and easy `customization/` folder (will deployed on server) 22 | * Added firewall for bridged networks 23 | * Many other smaller improvements and bugfixes 24 | 25 | 1.0.0 - 2015-06-17 26 | ------------------ 27 | * Initial Version 28 | * Added Docker 29 | * Added Docker reverse proxy (apache2) 30 | * Added mail sandbox (postfix, dovecot) 31 | * Added dnsmasq (with lookup of Docker containers) 32 | * Added Samba 33 | * Added ntp (chrony) 34 | * Added [CliTools](https://github.com/mblaschke/clitools) 35 | * Host support: Windows, Linux and MacOSX hosts 36 | * Virtualization support: VMware, Parallels, VirtualBox 37 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2016 webdevops.io 4 | Copyright (c) 2015 Markus Blaschke 5 | 6 | Permission is hereby granted, free of charge, to any person obtaining a copy 7 | of this software and associated documentation files (the "Software"), to deal 8 | in the Software without restriction, including without limitation the rights 9 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 | copies of the Software, and to permit persons to whom the Software is 11 | furnished to do so, subject to the following conditions: 12 | 13 | The above copyright notice and this permission notice shall be included in all 14 | copies or substantial portions of the Software. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 | SOFTWARE. 23 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | ARGS = $(filter-out $@,$(MAKECMDGOALS)) 2 | MAKEFLAGS += --silent 3 | .PHONY: list documentation 4 | 5 | list: 6 | sh -c "echo; $(MAKE) -p no_targets__ | awk -F':' '/^[a-zA-Z0-9][^\$$#\/\\t=]*:([^=]|$$)/ {split(\$$1,A,/ /);for(i in A)print A[i]}' | grep -v '__\$$' | grep -v 'Makefile'| sort" 7 | 8 | documentation: 9 | docker run -t -i --rm -p 8080:8000 -v "$$(pwd)/documentation/docs/:/opt/docs" -e "VIRTUAL_HOST=documentation.docker" -e "VIRTUAL_PORT=8000" webdevops/sphinx sphinx-autobuild --poll -H 0.0.0.0 /opt/docs html 10 | 11 | parallels-shrink: 12 | vagrant up --provider="parallels" 13 | echo " * Cleanup docker images" 14 | vagrant ssh -- 'docker system prune -f &> /dev/null' 15 | echo " * Cleanup root partition" 16 | vagrant ssh -- 'sudo touch /zero; sudo chmod 666 /zero; cat /dev/zero > /zero 2> /dev/null; sync; sleep 1; sudo rm /zero' 17 | echo " * Cleanup data partition" 18 | vagrant ssh -- 'sudo touch /mnt/data/zero; sudo chmod 666 /mnt/data/zero; cat /dev/zero > /mnt/data/zero 2> /dev/null; sync; sleep 1; sudo rm /mnt/data/zero' 19 | vagrant halt 20 | echo " * Shrink discs" 21 | prl_disk_tool compact --buildmap --hdd disks/parallels-disk 22 | 23 | vmware-shrink: 24 | vagrant up 25 | echo " * Cleanup docker images" 26 | vagrant ssh -- 'docker system prune -f &> /dev/null' 27 | echo " * Cleanup root partition" 28 | vagrant ssh -- 'sudo touch /zero; sudo chmod 666 /zero; cat /dev/zero > /zero 2> /dev/null; sync; sleep 1; sudo rm /zero' 29 | echo " * Cleanup data partition" 30 | vagrant ssh -- 'sudo touch /mnt/data/zero; sudo chmod 666 /mnt/data/zero; cat /dev/zero > /mnt/data/zero 2> /dev/null; sync; sleep 1; sudo rm /mnt/data/zero' 31 | vagrant halt 32 | echo " * Shrink discs" 33 | /Applications/VMware\ Fusion.app/Contents/Library/vmware-vdiskmanager -d disks/data 34 | /Applications/VMware\ Fusion.app/Contents/Library/vmware-vdiskmanager -k disks/data 35 | 36 | vbox-shrink: 37 | vagrant up 38 | echo " * Cleanup docker images" 39 | vagrant ssh -- 'docker system prune -f &> /dev/null' 40 | echo " * Cleanup root partition" 41 | vagrant ssh -- 'sudo touch /zero; sudo chmod 666 /zero; cat /dev/zero > /zero 2> /dev/null; sync; sleep 1; sudo rm /zero' 42 | echo " * Cleanup data partition" 43 | vagrant ssh -- 'sudo touch /mnt/data/zero; sudo chmod 666 /mnt/data/zero; cat /dev/zero > /mnt/data/zero 2> /dev/null; sync; sleep 1; sudo rm /mnt/data/zero' 44 | vagrant halt 45 | echo " * Shrink discs" 46 | VBoxManage modifyhd --compact disks/vm-data.vdi 47 | 48 | 49 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Vagrant Docker Development-VM 2 | 3 | [![latest ubuntu-16.04](https://img.shields.io/badge/latest-ubuntu_16.04-green.svg?style=flat)](https://github.com/webdevops/vagrant-docker-vm/tree/ubuntu-16.04) 4 | [![License MIT](https://img.shields.io/badge/license-MIT-blue.svg?style=flat)](/LICENSE) 5 | 6 | ![Vagrant Development VM login](/documentation/VagrantVM.png) 7 | 8 | 9 | > # *Important Note:* This project isn't actively maintained anymore. You can use `codekitchen/dinghy` as a kind of drop-in-replacement if You don't want to use tools like Docker Desktop for Mac and DDEV nowadays! 10 | 11 | Support for: 12 | 13 | - VirtualBox 14 | - VMware (preferred) 15 | - Parallels (preferred) 16 | 17 | ## What is Vagrant? 18 | 19 | Vagrant is a tool for automatic creation, configuration, management and provisioning of VMs inside VirtualBox, VMware and Parallels (and others). 20 | It will create and manage all VM network interfaces, shares and settings (eg. number of cpus, memory...). 21 | 22 | Hint: Vagrant doesn't provides GUI tools, it's just a CLI tool. 23 | 24 | ## Features 25 | 26 | - Ubuntu 16.04 LTS 27 | - Docker daemon 28 | - HTTP Reverse Proxy (dinghy reverse proxy) 29 | - Consul with registrator 30 | - Mail sandbox (catches all local and outgoing SMTP connections, with IMAP service) 31 | - Samba shares (eg. for Windows) 32 | - Local development environment 33 | 34 | ## Documentation 35 | 36 | - [Vagrant Docker VM Documentation](http://webdevops-documentation.readthedocs.io/projects/vagrant-docker-vm/en/ubuntu-16.04/). 37 | 38 | ## Credits 39 | 40 | Thanks for your support, ideas and issues 41 | - [Ingo Pfennigstorf](https://github.com/ipf) 42 | - [Florian Tatzel](https://github.com/PanadeEdu) 43 | - [Achim Fritz](https://twitter.com/achimfritz73) 44 | - [Rainer Zeh](https://twitter.com/rzeh) 45 | - [Philipp Kitzberger](https://github.com/Kitzberger) 46 | - [Josef Glatz](https://github.com/jousch) 47 | - [Elmar Hinz](https://github.com/elmar-hinz) 48 | - [Alexander Grein](https://github.com/rabe69) 49 | 50 | Did I forget anyone? Send me a tweet or create pull request! 51 | -------------------------------------------------------------------------------- /TODO.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/webdevops/vagrant-docker-vm/676b8036eab153ba44aefd8bfcd0ca71586d11cc/TODO.md -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | VAGRANTFILE_API_VERSION = 2 5 | 6 | ######################## 7 | ## Customization 8 | ######################## 9 | 10 | VAGRANT_CUSTOMIZATION = Proc.new {|config| 11 | ## Port forwardings 12 | 13 | # Public HTTP server 14 | # config.vm.network "forwarded_port", guest: 80, host: 80, auto_correct: true 15 | # config.vm.network "forwarded_port", guest: 443, host: 443, auto_correct: true 16 | 17 | # MySQL (local only) 18 | # config.vm.network "forwarded_port", guest: 13306, host: 3306, host_ip: '127.0.0.1', auto_correct: true 19 | 20 | # Docker port (local only) 21 | # config.vm.network "forwarded_port", guest: 2375, host: 2375, host_ip: '127.0.0.1', auto_correct: true 22 | 23 | ## Networks 24 | 25 | # Public network 26 | # |WARNING| This can be a big security issue and an attacker could 27 | # |WARNING| gain access also to host (because of shares or services)! 28 | # |WARNING| Only use if you're sure about the risks! 29 | # |WARNING| If you need access to services use the port forwarding features! 30 | # config.vm.network "public_network" 31 | } 32 | 33 | ############################################################################### 34 | ## YAML configuration loader 35 | ############################################################################### 36 | 37 | require 'yaml' 38 | 39 | path = "#{File.dirname(__FILE__)}" 40 | 41 | # Get machine configuration 42 | configuration = {} 43 | # Load main configuration file, whichever exists first 44 | for cfg_target in [ 'vm.yml', 'vm_defaults.yml' ] do 45 | config_file = path + '/' + cfg_target 46 | if File.exist?(config_file) 47 | configuration = YAML::load(File.read(config_file)) || {} 48 | break 49 | end 50 | end 51 | 52 | ## Defaults 53 | 54 | if !configuration['VM'].has_key?('sharedFolder') or !configuration['VM']['sharedFolder'] 55 | configuration['VM']['sharedFolder'] = {} 56 | end 57 | 58 | if !configuration['VM'].has_key?('portForwarding') or !configuration['VM']['portForwarding'] 59 | configuration['VM']['portForwarding'] = {} 60 | end 61 | 62 | if !configuration['VM']['network'].has_key?('bridged') or !configuration['VM']['network']['bridged'] 63 | configuration['VM']['network']['bridged'] = {} 64 | end 65 | 66 | 67 | ############################################################################### 68 | ## --- Do not edit below --- 69 | ############################################################################### 70 | 71 | ############################################################################### 72 | ## --- OS detection --- 73 | ############################################################################### 74 | 75 | os = OpenStruct.new() 76 | os.windows = false 77 | os.osx = false 78 | os.linux = false 79 | 80 | if Vagrant::Util::Platform.windows? then 81 | os.windows = true 82 | else 83 | if (/darwin/ =~ Vagrant::Util::Platform.platform) != nil 84 | os.osx = true 85 | else 86 | os.linux = true 87 | end 88 | end 89 | 90 | ############################################################################### 91 | ## --- Ressource detection --- 92 | ############################################################################### 93 | 94 | if configuration['VM']['cpu'] =~ /auto/ 95 | if os.osx 96 | configuration['VM']['cpu'] = `sysctl -n hw.ncpu`.to_i 97 | elsif os.linux 98 | configuration['VM']['cpu'] = `nproc`.to_i 99 | else 100 | configuration['VM']['cpu'] = 2 101 | end 102 | end 103 | 104 | if configuration['VM']['memory'] =~ /auto/ 105 | if os.osx 106 | configuration['VM']['memory'] = `sysctl -n hw.memsize`.to_i / 1024 / 1024 / 4 107 | elsif os.linux 108 | configuration['VM']['memory'] = `grep 'MemTotal' /proc/meminfo | sed -e 's/MemTotal://' -e 's/ kB//'`.to_i / 1024 / 4 109 | else 110 | configuration['VM']['memory'] = 2048 111 | end 112 | 113 | # at least 1 GB 114 | if configuration['VM']['memory'].to_i < 1024 115 | configuration['VM']['memory'] = 1024 116 | end 117 | end 118 | 119 | ############################################################################### 120 | ## --- Disc setup --- 121 | ############################################################################### 122 | 123 | require 'shellwords' 124 | VAGRANT_ROOT = File.dirname(File.expand_path(__FILE__)) 125 | DiskVmData = File.join(VAGRANT_ROOT, '/disks/vm-data.vdi') 126 | 127 | ############################################################################### 128 | ## --- Vagrant setup --- 129 | ############################################################################### 130 | 131 | Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| 132 | config.vm.box = configuration['VM']['image'] 133 | config.vm.box_check_update = true 134 | 135 | ################# 136 | # Provider: Parallels 137 | ################# 138 | 139 | # Parallels 140 | config.vm.provider :parallels do |v| 141 | v.name = configuration['VM']['name'] 142 | v.memory = configuration['VM']['memory'] 143 | v.cpus = configuration['VM']['cpu'] 144 | v.update_guest_tools = true 145 | 146 | # Used linked base images, save disk space (Parallels >= 11) 147 | # see https://parallels.github.io/vagrant-parallels/docs/configuration.html 148 | v.linked_clone = true 149 | 150 | if configuration['VM']['gui'] 151 | v.customize ["set", :id, "--startup-view", "window"] 152 | v.customize ["set", :id, "--on-window-close", "suspend"] 153 | else 154 | v.customize ["set", :id, "--startup-view", "headless"] 155 | end 156 | 157 | v.customize( 158 | "post-import", [ 159 | "set", :id, 160 | "--device-add", "hdd", 161 | "--image", "#{VAGRANT_ROOT}/disks/parallels-disk", 162 | "--type", "expand", 163 | "--size", configuration['VM']['data']['size'] * 1024, 164 | ] 165 | ) 166 | 167 | v.customize "pre-boot", [ 168 | "set", :id, 169 | "--device-bootorder", "hdd0 hdd1" 170 | ] 171 | end 172 | 173 | ################# 174 | # Provider: VMware 175 | ################# 176 | 177 | # VMware Fusion and Workstation 178 | [:vmware_fusion, :vmware_workstation].each do |provider| 179 | config.vm.provider provider do |v| 180 | v.gui = configuration['VM']['gui'] 181 | v.vmx["memsize"] = configuration['VM']['memory'] 182 | v.vmx["numvcpus"] = configuration['VM']['cpu'] 183 | 184 | v.vmx['scsi0:1.filename'] = "#{VAGRANT_ROOT}/disks/data" 185 | v.vmx['scsi0:1.present'] = 'TRUE' 186 | v.vmx['scsi0:1.redo'] = '' 187 | end 188 | end 189 | 190 | ################# 191 | # Provider: VirtualBox 192 | ################# 193 | 194 | # VirtualBox 195 | config.vm.provider :virtualbox do |v| 196 | v.gui = configuration['VM']['gui'] 197 | v.customize ["modifyvm", :id, "--name", configuration['VM']['name']] 198 | v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] 199 | v.customize ["modifyvm", :id, "--memory", configuration['VM']['memory']] 200 | v.customize ["modifyvm", :id, "--cpus", configuration['VM']['cpu']] 201 | v.customize ["modifyvm", :id, "--chipset", "ich9"] 202 | v.customize ["modifyvm", :id, "--ioapic", "on"] 203 | v.customize ["modifyvm", :id, "--rtcuseutc", "on"] 204 | v.customize ["modifyvm", :id, "--pae", "on"] 205 | v.customize ["modifyvm", :id, "--hwvirtex", "on"] 206 | v.customize ["modifyvm", :id, "--nestedpaging", "on"] 207 | 208 | v.customize ["modifyvm", :id, "--natdnsproxy1", "on"] 209 | v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] 210 | 211 | # GFX settings 212 | v.customize ["modifyvm", :id, "--vram", configuration['VM']['vram']] 213 | v.customize ["modifyvm", :id, "--graphicscontroller", "vboxvga"] 214 | v.customize ["modifyvm", :id, "--accelerate2dvideo", "on"] 215 | v.customize ["modifyvm", :id, "--accelerate3d", "on"] 216 | 217 | # second disk 218 | unless File.exist?(DiskVmData) 219 | v.customize ['createhd', '--filename', DiskVmData, '--size', configuration['VM']['data']['size'] * 1024] 220 | # v.customize ['modifyhd', DiskVmData, '--type', 'multiattach'] 221 | end 222 | v.customize ['storageattach', :id, '--storagectl', configuration['VM']['virtualbox']['diskController'], '--port', 1, '--device', 0, '--type', 'hdd', '--medium', DiskVmData] 223 | 224 | # network 225 | v.customize ["modifyvm", :id, "--nictype1", "virtio"] 226 | v.customize ["modifyvm", :id, "--nictype2", "virtio"] 227 | end 228 | 229 | ################# 230 | # Networking :: private 231 | ################# 232 | config.vm.network "private_network", 233 | ip: configuration['VM']['network']['private']['address'] 234 | 235 | 236 | ################# 237 | # Networking :: public 238 | ################# 239 | 240 | if configuration['VM']['network']['bridged'] && configuration['VM']['network']['bridged']['address'] != "false" 241 | if configuration['VM']['network']['bridged']['address'] == "auto" 242 | ################# 243 | # auto bridged (dhcp) 244 | ################# 245 | if configuration['VM']['network']['bridged']['bridge'] && configuration['VM']['network']['bridged']['bridge'] != "" 246 | config.vm.network "public_network", 247 | bridge: configuration['VM']['network']['bridged']['bridge'] 248 | else 249 | config.vm.network "public_network" 250 | end 251 | elsif configuration['VM']['network']['bridged']['address'] && configuration['VM']['network']['bridged']['address'] != "" 252 | ################# 253 | # auto bridged (dhcp) 254 | ################# 255 | config.vm.network "public_network", 256 | ip: "#{configuration['VM']['network']['bridged']['address']}", 257 | bridge: configuration['VM']['network']['bridged']['bridge'] 258 | end 259 | end 260 | 261 | ################# 262 | # Port forwarding 263 | ################# 264 | 265 | configuration['VM']['portForwarding'].each do |port| 266 | if !port.has_key?('guestIP') 267 | port['guestIp'] = '' 268 | end 269 | 270 | if !port.has_key?('hostIp') 271 | port['guestIp'] = '' 272 | end 273 | 274 | if !port.has_key?('protocol') 275 | port['protocol'] = 'tcp' 276 | end 277 | 278 | config.vm.network :forwarded_port, 279 | guest: "#{port['guest']}", 280 | guest_ip: "#{port['guestIP']}", 281 | host: "#{port['host']}", 282 | host_ip: "#{port['hostIp']}", 283 | protocol: "#{port['protocol']}" 284 | end 285 | 286 | ################# 287 | # Shared folders 288 | ################# 289 | 290 | # Ensure proper permissions for nfs mounts 291 | config.nfs.map_uid = Process.uid 292 | config.nfs.map_gid = Process.gid 293 | 294 | configuration['VM']['sharedFolder'].each do |mount| 295 | if !mount.has_key?('type') 296 | mount['type'] = 'vm' 297 | end 298 | 299 | if mount['type'] =~ /home/ 300 | ################# 301 | # Home (only unix) 302 | ################# 303 | if (os.osx || os.linux) 304 | config.vm.synced_folder "#{ENV['HOME']}", 305 | "#{ENV['HOME']}", 306 | :nfs => { :mount_options => [ "dmode=775", "fmode=774" ] } 307 | end 308 | 309 | elsif mount['type'] =~ /nfs/ 310 | ################# 311 | # NFS 312 | ################# 313 | config.vm.synced_folder "#{mount['src']}", 314 | "#{mount['target']}", 315 | :nfs => { :mount_options => [ "dmode=775", "fmode=774" ] } 316 | 317 | elsif mount['type'] =~ /smb/ 318 | ################# 319 | # CIFS/SMB 320 | ################# 321 | config.vm.synced_folder "#{mount['src']}", 322 | "#{mount['target']}", 323 | type: "smb" 324 | 325 | else 326 | ################# 327 | # VM (built-in) 328 | ################# 329 | config.vm.synced_folder "#{mount['src']}", 330 | "#{mount['target']}" 331 | end 332 | end 333 | 334 | ################# 335 | # Workarounds 336 | ################# 337 | #config.ssh.host = configuration['VM']['network']['private']['address'] 338 | if configuration['VM']['workaround']['useSshPasswordAuth'] 339 | # Fallback ssh connection (https://github.com/mitchellh/vagrant/issues/5186) 340 | # -> Authentication issues? Workaround: 341 | config.ssh.username = 'vagrant' 342 | config.ssh.password = 'vagrant' 343 | end 344 | 345 | 346 | ################# 347 | # Provisioning 348 | ################# 349 | 350 | # Workaround: shell is not a tty 351 | config.ssh.shell = "bash -c 'BASH_ENV=/etc/profile exec bash'" 352 | 353 | # Bootstrap (only first time) 354 | config.vm.provision "bootstrap", type: "shell" do |s| 355 | s.inline = "sudo bash /vagrant/provision/bootstrap.sh" 356 | end 357 | 358 | # Maintenance (run always) 359 | config.vm.provision "maintenance", run: "always", type: "shell" do |s| 360 | s.inline = "sudo bash /vagrant/provision/maintenance.sh" 361 | end 362 | 363 | ################# 364 | # Customization 365 | ################# 366 | 367 | VAGRANT_CUSTOMIZATION.call(config) 368 | 369 | end 370 | -------------------------------------------------------------------------------- /customization/etc/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/webdevops/vagrant-docker-vm/676b8036eab153ba44aefd8bfcd0ca71586d11cc/customization/etc/.gitkeep -------------------------------------------------------------------------------- /customization/home/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/webdevops/vagrant-docker-vm/676b8036eab153ba44aefd8bfcd0ca71586d11cc/customization/home/.gitkeep -------------------------------------------------------------------------------- /documentation/VagrantVM.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/webdevops/vagrant-docker-vm/676b8036eab153ba44aefd8bfcd0ca71586d11cc/documentation/VagrantVM.png -------------------------------------------------------------------------------- /documentation/docs/Makefile: -------------------------------------------------------------------------------- 1 | # Makefile for Sphinx documentation 2 | # 3 | 4 | # You can set these variables from the command line. 5 | SPHINXOPTS = 6 | SPHINXBUILD = sphinx-build 7 | PAPER = 8 | BUILDDIR = _build 9 | 10 | # User-friendly check for sphinx-build 11 | ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1) 12 | $(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/) 13 | endif 14 | 15 | # Internal variables. 16 | PAPEROPT_a4 = -D latex_paper_size=a4 17 | PAPEROPT_letter = -D latex_paper_size=letter 18 | ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . 19 | # the i18n builder cannot share the environment and doctrees with the others 20 | I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . 21 | 22 | .PHONY: help 23 | help: 24 | @echo "Please use \`make ' where is one of" 25 | @echo " html to make standalone HTML files" 26 | @echo " dirhtml to make HTML files named index.html in directories" 27 | @echo " singlehtml to make a single large HTML file" 28 | @echo " pickle to make pickle files" 29 | @echo " json to make JSON files" 30 | @echo " htmlhelp to make HTML files and a HTML help project" 31 | @echo " qthelp to make HTML files and a qthelp project" 32 | @echo " applehelp to make an Apple Help Book" 33 | @echo " devhelp to make HTML files and a Devhelp project" 34 | @echo " epub to make an epub" 35 | @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" 36 | @echo " latexpdf to make LaTeX files and run them through pdflatex" 37 | @echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx" 38 | @echo " text to make text files" 39 | @echo " man to make manual pages" 40 | @echo " texinfo to make Texinfo files" 41 | @echo " info to make Texinfo files and run them through makeinfo" 42 | @echo " gettext to make PO message catalogs" 43 | @echo " changes to make an overview of all changed/added/deprecated items" 44 | @echo " xml to make Docutils-native XML files" 45 | @echo " pseudoxml to make pseudoxml-XML files for display purposes" 46 | @echo " linkcheck to check all external links for integrity" 47 | @echo " doctest to run all doctests embedded in the documentation (if enabled)" 48 | @echo " coverage to run coverage check of the documentation (if enabled)" 49 | 50 | .PHONY: clean 51 | clean: 52 | rm -rf $(BUILDDIR)/* 53 | 54 | .PHONY: html 55 | html: 56 | $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html 57 | @echo 58 | @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." 59 | 60 | .PHONY: dirhtml 61 | dirhtml: 62 | $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml 63 | @echo 64 | @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." 65 | 66 | .PHONY: singlehtml 67 | singlehtml: 68 | $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml 69 | @echo 70 | @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." 71 | 72 | .PHONY: pickle 73 | pickle: 74 | $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle 75 | @echo 76 | @echo "Build finished; now you can process the pickle files." 77 | 78 | .PHONY: json 79 | json: 80 | $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json 81 | @echo 82 | @echo "Build finished; now you can process the JSON files." 83 | 84 | .PHONY: htmlhelp 85 | htmlhelp: 86 | $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp 87 | @echo 88 | @echo "Build finished; now you can run HTML Help Workshop with the" \ 89 | ".hhp project file in $(BUILDDIR)/htmlhelp." 90 | 91 | .PHONY: qthelp 92 | qthelp: 93 | $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp 94 | @echo 95 | @echo "Build finished; now you can run "qcollectiongenerator" with the" \ 96 | ".qhcp project file in $(BUILDDIR)/qthelp, like this:" 97 | @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/WebDevOpsDocumentation.qhcp" 98 | @echo "To view the help file:" 99 | @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/WebDevOpsDocumentation.qhc" 100 | 101 | .PHONY: applehelp 102 | applehelp: 103 | $(SPHINXBUILD) -b applehelp $(ALLSPHINXOPTS) $(BUILDDIR)/applehelp 104 | @echo 105 | @echo "Build finished. The help book is in $(BUILDDIR)/applehelp." 106 | @echo "N.B. You won't be able to view it unless you put it in" \ 107 | "~/Library/Documentation/Help or install it in your application" \ 108 | "bundle." 109 | 110 | .PHONY: devhelp 111 | devhelp: 112 | $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp 113 | @echo 114 | @echo "Build finished." 115 | @echo "To view the help file:" 116 | @echo "# mkdir -p $$HOME/.local/share/devhelp/WebDevOpsDocumentation" 117 | @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/WebDevOpsDocumentation" 118 | @echo "# devhelp" 119 | 120 | .PHONY: epub 121 | epub: 122 | $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub 123 | @echo 124 | @echo "Build finished. The epub file is in $(BUILDDIR)/epub." 125 | 126 | .PHONY: latex 127 | latex: 128 | $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex 129 | @echo 130 | @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." 131 | @echo "Run \`make' in that directory to run these through (pdf)latex" \ 132 | "(use \`make latexpdf' here to do that automatically)." 133 | 134 | .PHONY: latexpdf 135 | latexpdf: 136 | $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex 137 | @echo "Running LaTeX files through pdflatex..." 138 | $(MAKE) -C $(BUILDDIR)/latex all-pdf 139 | @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." 140 | 141 | .PHONY: latexpdfja 142 | latexpdfja: 143 | $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex 144 | @echo "Running LaTeX files through platex and dvipdfmx..." 145 | $(MAKE) -C $(BUILDDIR)/latex all-pdf-ja 146 | @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." 147 | 148 | .PHONY: text 149 | text: 150 | $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text 151 | @echo 152 | @echo "Build finished. The text files are in $(BUILDDIR)/text." 153 | 154 | .PHONY: man 155 | man: 156 | $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man 157 | @echo 158 | @echo "Build finished. The manual pages are in $(BUILDDIR)/man." 159 | 160 | .PHONY: texinfo 161 | texinfo: 162 | $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo 163 | @echo 164 | @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." 165 | @echo "Run \`make' in that directory to run these through makeinfo" \ 166 | "(use \`make info' here to do that automatically)." 167 | 168 | .PHONY: info 169 | info: 170 | $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo 171 | @echo "Running Texinfo files through makeinfo..." 172 | make -C $(BUILDDIR)/texinfo info 173 | @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." 174 | 175 | .PHONY: gettext 176 | gettext: 177 | $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale 178 | @echo 179 | @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." 180 | 181 | .PHONY: changes 182 | changes: 183 | $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes 184 | @echo 185 | @echo "The overview file is in $(BUILDDIR)/changes." 186 | 187 | .PHONY: linkcheck 188 | linkcheck: 189 | $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck 190 | @echo 191 | @echo "Link check complete; look for any errors in the above output " \ 192 | "or in $(BUILDDIR)/linkcheck/output.txt." 193 | 194 | .PHONY: doctest 195 | doctest: 196 | $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest 197 | @echo "Testing of doctests in the sources finished, look at the " \ 198 | "results in $(BUILDDIR)/doctest/output.txt." 199 | 200 | .PHONY: coverage 201 | coverage: 202 | $(SPHINXBUILD) -b coverage $(ALLSPHINXOPTS) $(BUILDDIR)/coverage 203 | @echo "Testing of coverage in the sources finished, look at the " \ 204 | "results in $(BUILDDIR)/coverage/python.txt." 205 | 206 | .PHONY: xml 207 | xml: 208 | $(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml 209 | @echo 210 | @echo "Build finished. The XML files are in $(BUILDDIR)/xml." 211 | 212 | .PHONY: pseudoxml 213 | pseudoxml: 214 | $(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml 215 | @echo 216 | @echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml." 217 | -------------------------------------------------------------------------------- /documentation/docs/conf.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # 3 | # WebDevOps Documentation documentation build configuration file, created by 4 | # sphinx-quickstart on Sat Mar 19 12:21:05 2016. 5 | # 6 | # This file is execfile()d with the current directory set to its 7 | # containing dir. 8 | # 9 | # Note that not all possible configuration values are present in this 10 | # autogenerated file. 11 | # 12 | # All configuration values have a default; values that are commented out 13 | # serve to show the default. 14 | 15 | import sys 16 | import os 17 | from recommonmark.parser import CommonMarkParser 18 | 19 | on_rtd = os.environ.get('READTHEDOCS', None) == 'True' 20 | 21 | if not on_rtd: # only import and set the theme if we're building docs locally 22 | import sphinx_rtd_theme 23 | html_theme = 'sphinx_rtd_theme' 24 | html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] 25 | 26 | html_sidebars = { 27 | '**': ['globaltoc.html'], 28 | } 29 | # otherwise, readthedocs.org uses their theme by default, so no need to specify it 30 | 31 | # If extensions (or modules to document with autodoc) are in another directory, 32 | # add these directories to sys.path here. If the directory is relative to the 33 | # documentation root, use os.path.abspath to make it absolute, like shown here. 34 | #sys.path.insert(0, os.path.abspath('.')) 35 | 36 | # -- General configuration ------------------------------------------------ 37 | 38 | # If your documentation needs a minimal Sphinx version, state it here. 39 | #needs_sphinx = '1.0' 40 | 41 | # Add any Sphinx extension module names here, as strings. They can be 42 | # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom 43 | # ones. 44 | extensions = [] 45 | 46 | # Add any paths that contain templates here, relative to this directory. 47 | templates_path = ['_templates'] 48 | 49 | # The suffix(es) of source filenames. 50 | # You can specify multiple suffix as a list of string: 51 | source_suffix = ['.rst', '.md'] 52 | # source_suffix = '.rst' 53 | 54 | source_parsers = { 55 | '.md': CommonMarkParser, 56 | } 57 | 58 | # The encoding of source files. 59 | #source_encoding = 'utf-8-sig' 60 | 61 | # The master toctree document. 62 | master_doc = 'index' 63 | 64 | # General information about the project. 65 | project = u'Vagrant Docker VM' 66 | copyright = u'2016, Team WebDevOps' 67 | author = u'Team WebDevOps' 68 | 69 | # The version info for the project you're documenting, acts as replacement for 70 | # |version| and |release|, also used in various other places throughout the 71 | # built documents. 72 | # 73 | # The short X.Y version. 74 | #version = u'0.0.2' 75 | # The full version, including alpha/beta/rc tags. 76 | #release = u'0.0.2' 77 | 78 | # The language for content autogenerated by Sphinx. Refer to documentation 79 | # for a list of supported languages. 80 | # 81 | # This is also used if you do content translation via gettext catalogs. 82 | # Usually you set "language" from the command line for these cases. 83 | language = None 84 | 85 | # There are two options for replacing |today|: either, you set today to some 86 | # non-false value, then it is used: 87 | #today = '' 88 | # Else, today_fmt is used as the format for a strftime call. 89 | #today_fmt = '%B %d, %Y' 90 | 91 | # List of patterns, relative to source directory, that match files and 92 | # directories to ignore when looking for source files. 93 | exclude_patterns = ['_build'] 94 | 95 | # The reST default role (used for this markup: `text`) to use for all 96 | # documents. 97 | #default_role = None 98 | 99 | # If true, '()' will be appended to :func: etc. cross-reference text. 100 | #add_function_parentheses = True 101 | 102 | # If true, the current module name will be prepended to all description 103 | # unit titles (such as .. function::). 104 | #add_module_names = True 105 | 106 | # If true, sectionauthor and moduleauthor directives will be shown in the 107 | # output. They are ignored by default. 108 | #show_authors = False 109 | 110 | # The name of the Pygments (syntax highlighting) style to use. 111 | pygments_style = 'sphinx' 112 | 113 | # A list of ignored prefixes for module index sorting. 114 | #modindex_common_prefix = [] 115 | 116 | # If true, keep warnings as "system message" paragraphs in the built documents. 117 | #keep_warnings = False 118 | 119 | # If true, `todo` and `todoList` produce output, else they produce nothing. 120 | todo_include_todos = False 121 | 122 | 123 | # -- Options for HTML output ---------------------------------------------- 124 | 125 | # The theme to use for HTML and HTML Help pages. See the documentation for 126 | # a list of builtin themes. 127 | #html_theme = 'alabaster' 128 | 129 | # Theme options are theme-specific and customize the look and feel of a theme 130 | # further. For a list of options available for each theme, see the 131 | # documentation. 132 | #html_theme_options = {} 133 | 134 | # Add any paths that contain custom themes here, relative to this directory. 135 | #html_theme_path = [] 136 | 137 | # The name for this set of Sphinx documents. If None, it defaults to 138 | # " v documentation". 139 | #html_title = None 140 | 141 | # A shorter title for the navigation bar. Default is the same as html_title. 142 | #html_short_title = None 143 | 144 | # The name of an image file (relative to this directory) to place at the top 145 | # of the sidebar. 146 | #html_logo = None 147 | 148 | # The name of an image file (relative to this directory) to use as a favicon of 149 | # the docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 150 | # pixels large. 151 | #html_favicon = None 152 | 153 | # Add any paths that contain custom static files (such as style sheets) here, 154 | # relative to this directory. They are copied after the builtin static files, 155 | # so a file named "default.css" will overwrite the builtin "default.css". 156 | html_static_path = ['_static'] 157 | 158 | # Add any extra paths that contain custom files (such as robots.txt or 159 | # .htaccess) here, relative to this directory. These files are copied 160 | # directly to the root of the documentation. 161 | #html_extra_path = [] 162 | 163 | # If not '', a 'Last updated on:' timestamp is inserted at every page bottom, 164 | # using the given strftime format. 165 | #html_last_updated_fmt = '%b %d, %Y' 166 | 167 | # If true, SmartyPants will be used to convert quotes and dashes to 168 | # typographically correct entities. 169 | #html_use_smartypants = True 170 | 171 | # Custom sidebar templates, maps document names to template names. 172 | #html_sidebars = {} 173 | 174 | # Additional templates that should be rendered to pages, maps page names to 175 | # template names. 176 | #html_additional_pages = {} 177 | 178 | # If false, no module index is generated. 179 | #html_domain_indices = True 180 | 181 | # If false, no index is generated. 182 | #html_use_index = True 183 | 184 | # If true, the index is split into individual pages for each letter. 185 | #html_split_index = False 186 | 187 | # If true, links to the reST sources are added to the pages. 188 | #html_show_sourcelink = True 189 | 190 | # If true, "Created using Sphinx" is shown in the HTML footer. Default is True. 191 | #html_show_sphinx = True 192 | 193 | # If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. 194 | #html_show_copyright = True 195 | 196 | # If true, an OpenSearch description file will be output, and all pages will 197 | # contain a tag referring to it. The value of this option must be the 198 | # base URL from which the finished HTML is served. 199 | #html_use_opensearch = '' 200 | 201 | # This is the file name suffix for HTML files (e.g. ".xhtml"). 202 | #html_file_suffix = None 203 | 204 | # Language to be used for generating the HTML full-text search index. 205 | # Sphinx supports the following languages: 206 | # 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' 207 | # 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' 208 | #html_search_language = 'en' 209 | 210 | # A dictionary with options for the search language support, empty by default. 211 | # Now only 'ja' uses this config value 212 | #html_search_options = {'type': 'default'} 213 | 214 | # The name of a javascript file (relative to the configuration directory) that 215 | # implements a search results scorer. If empty, the default will be used. 216 | #html_search_scorer = 'scorer.js' 217 | 218 | # Output file base name for HTML help builder. 219 | htmlhelp_basename = 'WebDevOpsDocumentationdoc' 220 | 221 | # -- Options for LaTeX output --------------------------------------------- 222 | 223 | latex_elements = { 224 | # The paper size ('letterpaper' or 'a4paper'). 225 | #'papersize': 'letterpaper', 226 | 227 | # The font size ('10pt', '11pt' or '12pt'). 228 | #'pointsize': '10pt', 229 | 230 | # Additional stuff for the LaTeX preamble. 231 | #'preamble': '', 232 | 233 | # Latex figure (float) alignment 234 | #'figure_align': 'htbp', 235 | } 236 | 237 | # Grouping the document tree into LaTeX files. List of tuples 238 | # (source start file, target name, title, 239 | # author, documentclass [howto, manual, or own class]). 240 | latex_documents = [ 241 | (master_doc, 'WebDevOpsDocumentation.tex', u'WebDevOps Documentation Documentation', 242 | u'Florian Tatzel', 'manual'), 243 | ] 244 | 245 | # The name of an image file (relative to this directory) to place at the top of 246 | # the title page. 247 | #latex_logo = None 248 | 249 | # For "manual" documents, if this is true, then toplevel headings are parts, 250 | # not chapters. 251 | #latex_use_parts = False 252 | 253 | # If true, show page references after internal links. 254 | #latex_show_pagerefs = False 255 | 256 | # If true, show URL addresses after external links. 257 | #latex_show_urls = False 258 | 259 | # Documents to append as an appendix to all manuals. 260 | #latex_appendices = [] 261 | 262 | # If false, no module index is generated. 263 | #latex_domain_indices = True 264 | 265 | 266 | # -- Options for manual page output --------------------------------------- 267 | 268 | # One entry per manual page. List of tuples 269 | # (source start file, name, description, authors, manual section). 270 | man_pages = [ 271 | (master_doc, 'webdevopsdocumentation', u'WebDevOps Documentation Documentation', 272 | [author], 1) 273 | ] 274 | 275 | # If true, show URL addresses after external links. 276 | #man_show_urls = False 277 | 278 | 279 | # -- Options for Texinfo output ------------------------------------------- 280 | 281 | # Grouping the document tree into Texinfo files. List of tuples 282 | # (source start file, target name, title, author, 283 | # dir menu entry, description, category) 284 | texinfo_documents = [ 285 | (master_doc, 'WebDevOpsDocumentation', u'WebDevOps Documentation Documentation', 286 | author, 'WebDevOpsDocumentation', 'One line description of project.', 287 | 'Miscellaneous'), 288 | ] 289 | 290 | # Documents to append as an appendix to all manuals. 291 | #texinfo_appendices = [] 292 | 293 | # If false, no module index is generated. 294 | #texinfo_domain_indices = True 295 | 296 | # How to display URL addresses: 'footnote', 'no', or 'inline'. 297 | #texinfo_show_urls = 'footnote' 298 | 299 | # If true, do not generate a @detailmenu in the "Top" node's menu. 300 | #texinfo_no_detailmenu = False 301 | -------------------------------------------------------------------------------- /documentation/docs/content/components/index.rst: -------------------------------------------------------------------------------- 1 | ================= 2 | Project Structure 3 | ================= 4 | 5 | This section is not done yet! 6 | 7 | 8 | .. toctree:: 9 | :maxdepth: 1 10 | 11 | vagrantfile 12 | provisioning 13 | -------------------------------------------------------------------------------- /documentation/docs/content/components/provisioning.rst: -------------------------------------------------------------------------------- 1 | ============ 2 | Provisioning 3 | ============ 4 | 5 | The main provisioning of the VM directly after creation is done by Ansible. With Ansible complex tasks are configured 6 | in simple yml files so the provisioing is not too complex even for new users. 7 | 8 | ============================== ========================================================================================= 9 | Script Description 10 | ============================== ========================================================================================= 11 | provision/bootstrap.sh Run for new VMs or when `vagrant provision` or `vagrant up --provison` is called 12 | provision/maintenance.sh Run every time the VM is started (startup tasks) 13 | ============================== ========================================================================================= 14 | -------------------------------------------------------------------------------- /documentation/docs/content/components/vagrantfile.rst: -------------------------------------------------------------------------------- 1 | ============================= 2 | The Vagrantfile Configuration 3 | ============================= 4 | 5 | Vagrantfile 6 | ----------- 7 | 8 | The ``Vagrantfile`` is the entrypoint for Vagrant and setup to use most configuration values from ``vm.yml``. 9 | 10 | There is a CUSTOMIZATION section in the top which get called after the main VM configuration if you need further 11 | configuration. 12 | 13 | vm.yml 14 | ------ 15 | 16 | Most values are documentation in the ``vm.yml``. 17 | -------------------------------------------------------------------------------- /documentation/docs/content/gettingStarted/index.rst: -------------------------------------------------------------------------------- 1 | =============== 2 | Getting Started 3 | =============== 4 | 5 | ------------ 6 | Requirements 7 | ------------ 8 | 9 | - Vagrant_ 10 | - VagrantManager_ (optional) 11 | - Virtualization Software (VirtualBox, VMware or Parallels) 12 | 13 | ======================= ========================== ========================================================== 14 | Type Minimum (just working) Recommendation (eg. for developers) 15 | ======================= ========================== ========================================================== 16 | Host CPU 2 (eg. Intel Core i5) 4 physical Cores (or more, eg. Intel Core i7) 17 | Host RAM 8 GB 16 GB (or more) 18 | Host Disk 60 GB free 80 GB free 19 | VM RAM 1.5 GB 1/4 System RAM 20 | ======================= ========================== ========================================================== 21 | 22 | If you want to develop in a fast way make sure to get at least the recommended values. 23 | 24 | This VM doesn't need 16 GB RAM, but you still need your browser, IDE, mail client and other tools. 25 | 26 | ------------ 27 | Installation 28 | ------------ 29 | 30 | Install Vagrant 31 | --------------- 32 | Download Vagrant_ install it. 33 | 34 | When using VMware you also need the Vagrant VMware plugin (license needed!), for Parallels the Vagrant Parallels plugin is needed. 35 | 36 | ===================================== ========================================================== ============================================== 37 | Virtualization Software Command Notes 38 | ===================================== ========================================================== ============================================== 39 | VirtualBox (all) *included* Slow to medium performance 40 | VMware Workstation (Linux/Windows) ``vagrant plugin install vagrant-vmware-workstation`` License for VMware and plugin needed 41 | VMware Fusion (MacOS) ``vagrant plugin install vagrant-vmware-fusion`` License for VMware and plugin needed 42 | Parallels Desktop (MacOS) ``vagrant plugin install vagrant-parallels`` License for Parallels Desktop needed 43 | ===================================== ========================================================== ============================================== 44 | 45 | 46 | Clone and create Vagrant Docker VM 47 | ---------------------------------- 48 | 49 | Just clone the Vagrant Docker VM (or download as zip), customize the `vm.yml` and create the VM by using Vagrant: 50 | 51 | .. code-block:: bash 52 | 53 | # Clone git repository 54 | git clone --recursive --config core.autocrlf=false https://github.com/webdevops/vagrant-development.git devvm 55 | cd devvm 56 | 57 | # Customize the vm.yml with your favorite editor 58 | vim vm.yml 59 | 60 | # Customize the Vagrantfile with your favorite editor 61 | vim Vagrantfile 62 | 63 | # Setup Docker environment (only linux and mac, only once) 64 | source provision/docker-init.sh 65 | 66 | # Start vm 67 | vagrant up 68 | 69 | # Enter VM 70 | vagrant ssh 71 | 72 | **Setup .ssh/config:** 73 | 74 | .. code-block:: config 75 | 76 | Host vm vagrant 192.168.56.2 77 | Hostname 192.168.56.2 78 | User vagrant 79 | ForwardAgent yes 80 | Compression no 81 | StrictHostKeyChecking no 82 | UserKnownHostsFile=/dev/null 83 | 84 | -> now you can jump direclty into the VM with ``ssh vm`` 85 | 86 | Under Linux and MacOS you will be asked for root rights (sudo). 87 | If you don't want to enter your password every time take a look at the vagrant manual for NFS usage: https://docs.vagrantup.com/v2/synced-folders/nfs.html 88 | 89 | ------ 90 | Update 91 | ------ 92 | 93 | If there are any updates in this repository just run ``vagrant up --provision`` or ``vagrant provision`` to 94 | update your box with the new ansible changes. 95 | 96 | 97 | ------------------ 98 | Vagrant cheatsheet 99 | ------------------ 100 | 101 | ===================================== ========================================================================================================= 102 | Command Description 103 | ===================================== ========================================================================================================= 104 | ``vagrant up`` Create VM or startup previous created VM 105 | ``vagrant halt`` Shutdown VM 106 | ``vagrant reload`` Restart VM 107 | ``vagrant destroy`` Kill and destroy the VM 108 | ``vagrant suspend`` Suspend VM 109 | ``vagrant resume`` Resume suspended VM 110 | ===================================== ========================================================================================================= 111 | 112 | If you want a GUI tool for managing Vagrant VMs you can use VagrantManager_. With it you can controll your VMs from a system tray icon. 113 | 114 | .. _Vagrant: https://www.vagrantup.com 115 | .. _VagrantManager: http://vagrantmanager.com/ 116 | -------------------------------------------------------------------------------- /documentation/docs/content/introduction.rst: -------------------------------------------------------------------------------- 1 | ============ 2 | Introduction 3 | ============ 4 | 5 | ---------------------------------- 6 | What is the Vagrant Docker VM for? 7 | ---------------------------------- 8 | 9 | The Vagrant Docker VM is an automated environment for Docker and development with a Ubuntu 16.04 base image, 10 | development tools and an optional gui. 11 | 12 | Also it will provide a running Reverse proxy for HTTP development and a Consul service for container management. 13 | -------------------------------------------------------------------------------- /documentation/docs/content/services/daemons/consul.rst: -------------------------------------------------------------------------------- 1 | ========================== 2 | Consul (service discovery) 3 | ========================== 4 | 5 | 6 | Every container (with a port) is registred inside Consul with the Registrator service. This allows lookup of the 7 | IP adresses from containers by using following scheme: 8 | 9 | ``containername-port.service.consul`` 10 | 11 | With Consul you can eg. connect to a MySQL database with a GUI Tool using an SSH tunnel and this address syntax without 12 | exposing ports to the VM. 13 | 14 | 15 | DNS lookup examples 16 | ------------------- 17 | 18 | ================================== ====== ========================================= 19 | Container name Port DNS name 20 | ================================== ====== ========================================= 21 | consul 8500 consul-8500.service.consul 22 | consul 8600 consul-8600.service.consul 23 | dory-http-proxy 443 dory-http-proxy-443.service.consul 24 | typo3dockerboilerplate_app_1 80 *no supported* (underscores not allowed in domain names) 25 | typo3dockerboilerplate_mysql_1 3306 *no supported* (underscores not allowed in domain names) 26 | ================================== ====== ========================================= 27 | 28 | Note: docker-compose containers are currently not supported, see https://github.com/docker/compose/issues/229 29 | -------------------------------------------------------------------------------- /documentation/docs/content/services/daemons/docker.rst: -------------------------------------------------------------------------------- 1 | ====== 2 | Docker 3 | ====== 4 | 5 | Docker is running on default port ``2376`` and is accessable from outside without SSL/TLS. 6 | 7 | Storage is configured to use AUFS but it's also possible to use BTRFS (see ``vm.yml``) 8 | 9 | Environment variables 10 | --------------------- 11 | 12 | .. code-block:: bash 13 | 14 | export DOCKER_HOST=tcp://192.168.56.2:2375 15 | export DOCKER_TLS_VERIFY= 16 | 17 | -------------------------------------------------------------------------------- /documentation/docs/content/services/daemons/http-reverse-proxy.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | HTTP reverse proxy (dinghy) 3 | =========================== 4 | 5 | The default reverse proxy registers automatically any Docker container with ``VIRTUAL_HOST`` and ``VIRUTAL_PORT`` to 6 | it's configuration so multiple containers are accessable from outside without using other ports. 7 | 8 | Also containers from docker-compose are registerd by this reverse proxy: ``project_app_1`` -> ``app.project.docker`` 9 | 10 | For more informations visit: https://github.com/codekitchen/dinghy-http-proxy 11 | 12 | =============== ======================= 13 | Setting Value 14 | =============== ======================= 15 | Hostname \*.docker 16 | Port 80 and 443 17 | =============== ======================= 18 | -------------------------------------------------------------------------------- /documentation/docs/content/services/daemons/mail-sandbox.rst: -------------------------------------------------------------------------------- 1 | ============ 2 | Mail sandbox 3 | ============ 4 | 5 | =============== ======================= 6 | Setting Value 7 | =============== ======================= 8 | IMAP Server IP or Hostname of VM (192.168.56.2) 9 | IMAP Port 143 (without SSL/TLS) 10 | SMTP Server IP or Hostname of VM (192.168.56.2) 11 | SMTP Port 25 (without SSL/TLS) 12 | Username vagrant 13 | Password vagrant 14 | =============== ======================= 15 | 16 | Any outgoing email is catched by postfix and send to mailbox of vagrant user. 17 | -------------------------------------------------------------------------------- /documentation/docs/content/services/daemons/samba.rst: -------------------------------------------------------------------------------- 1 | ================ 2 | Samba (SMB/CIFS) 3 | ================ 4 | 5 | =============== ======================= 6 | Setting Value 7 | =============== ======================= 8 | Server IP or Hostname of VM (192.168.56.2) 9 | Username vagrant 10 | Password vagrant 11 | 12 | Share /vagrant /home/vagrant 13 | Share /projects /mnt/data/projects/ 14 | Share /tmp /tmp 15 | 16 | Explorer URL \\\\192.168.56.2\code 17 | =============== ======================= 18 | 19 | MacOS and Linux don't need Samba, Vagrant will use shared folders. 20 | 21 | For MacOS the /Users directory will be mounted under /Users in Vagrant VM to enable 22 | transparent external docker access. 23 | -------------------------------------------------------------------------------- /documentation/docs/content/services/daemons/ssh.rst: -------------------------------------------------------------------------------- 1 | === 2 | SSH 3 | === 4 | 5 | =============== ======================= 6 | Setting Value 7 | =============== ======================= 8 | Server IP or Hostname of VM (192.168.56.2) 9 | Port 22 10 | Username vagrant 11 | Password vagrant 12 | SSH Key Automatically deployed from github, if account name is set (see vm.yml) 13 | =============== ======================= 14 | 15 | .. code-block:: bash 16 | 17 | 18 | # connect via vagrant 19 | vagrant ssh 20 | 21 | # normal way 22 | ssh vagrant@192.168.56.2 23 | -------------------------------------------------------------------------------- /documentation/docs/content/services/fileSharing.rst: -------------------------------------------------------------------------------- 1 | ============ 2 | File Sharing 3 | ============ 4 | 5 | Sharing types 6 | ------------- 7 | 8 | ============ ======== ============ ========================= 9 | Share type Windows Linux/macOS Notes 10 | ============ ======== ============ ========================= 11 | NFS *no* **yes** Fastest and reliable 12 | CIFS **yes** **yes** Fast and reliable 13 | SMB **yes** **yes** old Protocol, use CIFS 14 | **none** **yes** **yes** Slow on VirtualBox 15 | ============ ======== ============ ========================= 16 | 17 | Linux/MacOS 18 | ----------- 19 | 20 | By default your home directory is mounted into the VM so files from outside are available inside the Vagrant Docker VM. 21 | You can customize mounting inside the ``vm.yml``. 22 | 23 | For sharing NFS is used and is a stable and fast solution for sharing data between the VM and your host system. 24 | When encounting slowdown in VirtualBox you should try to switch to VMware or Parallels. 25 | 26 | Windows 27 | ------- 28 | 29 | On windows no directory is shared by default and sharing needs to be defined in ``vm.yml``. 30 | 31 | As alternative there is a ``/home/vagrant/projects`` directory which can be access by using SMB/CIFS (windows shares) 32 | from your explorer: ``\\192.168.56.2`` 33 | 34 | -------------------------------------------------------------------------------- /documentation/docs/content/services/index.rst: -------------------------------------------------------------------------------- 1 | ======== 2 | Services 3 | ======== 4 | 5 | This section is not done yet! 6 | 7 | .. toctree:: 8 | :maxdepth: 1 9 | 10 | daemons/docker 11 | daemons/http-reverse-proxy 12 | daemons/consul 13 | daemons/ssh 14 | daemons/samba 15 | daemons/mail-sandbox 16 | fileSharing 17 | -------------------------------------------------------------------------------- /documentation/docs/content/troubleshooting/index.rst: -------------------------------------------------------------------------------- 1 | =============== 2 | Troubleshooting 3 | =============== 4 | 5 | Startup or update errors 6 | ------------------------ 7 | 8 | Reprovision the VM 9 | ~~~~~~~~~~~~~~~~~~ 10 | 11 | You can safely reprovision your VM without losing data: 12 | 13 | .. code-block:: bash 14 | 15 | # if box is NOT started 16 | vagrant up --provision 17 | 18 | # if box is already started 19 | vagrant provision 20 | 21 | 22 | Windows 10 (Tech Preview) and VMWare 23 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 24 | 25 | It can happen that the **Virtual Network Adapters** (in this case host only adapter) 26 | break **on every shutdown** or **disconnect** from Network. 27 | 28 | Windows 10 has **currently issues with Virtual Networks** on different VM Softwares. 29 | With VMWare a Workaround can be resetting the Network Adapters right before 30 | starting the VM. 31 | 32 | 1. Shut Down the VM (if not down already) 33 | 2. Open VMWare 34 | 3. Open in Menu: **Edit > Virtual Network Editor...** 35 | 4. Request Admin Rights in this window (if not already started with them) 36 | 5. Click: **Restore Defaults** 37 | 38 | This will reset all virtual Network Adapters. 39 | If you now start Vagrant with **vagrant up**, the required Adapters will be 40 | recreated. 41 | 42 | 43 | General errors 44 | -------------- 45 | 46 | Disk usage is high or disk is full 47 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 48 | 49 | You can safely run ``docker-clean`` to remove old and unused images. 50 | 51 | Networking issues 52 | ----------------- 53 | 54 | No IP address or no network 55 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 56 | 57 | Remove the udev rule for network interfaces: 58 | 59 | `sudo rm /etc/udev/rules.d/70-persistent-net.rules` 60 | 61 | Docker errors 62 | ------------- 63 | 64 | Error response from daemon: client and server don't have same version (client : 1.19, server: 1.18) 65 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 66 | 67 | Your docker client has been updated, just rerun provisioning to update the Docker server. 68 | 69 | -------------------------------------------------------------------------------- /documentation/docs/content/usage/index.rst: -------------------------------------------------------------------------------- 1 | ===== 2 | Usage 3 | ===== 4 | 5 | Customization 6 | ------------- 7 | 8 | Put your custom files for your home directory `/home/vagrant` into `./home`. 9 | Files for `/etc` customization must be in `customization/etc`. 10 | 11 | After provisioning all files will be synchronized to their destination folders. 12 | 13 | Access to VM 14 | ------------ 15 | 16 | You can get access to this VM with SSH or SMB/CIFS, see SERVICE section for more details. 17 | 18 | Projects storage 19 | ---------------- 20 | 21 | This VM has two disks, the main OS disk and a bigger storage disk. 22 | The ``/home/vagrant/projects/`` directory is stored on the bigger storage disk. Here you should put your project files 23 | if you don't want to use the automatic NFS mounts (eg. for Windows users). 24 | 25 | You can get access to ``/home/vagrant/projects/`` though the Samba share ``projects``. 26 | 27 | 28 | Mounts 29 | ------ 30 | 31 | The directory of the Vagrantfile is mounted under /vagrant (vagrant default). 32 | 33 | Under Linux and MacOS your home directory is mounted under the same path as your host system. 34 | eg. 35 | 36 | Host System: /Users/foo/ 37 | VM: /Users/foo/ 38 | 39 | Hint: This handling is needed if you want to use docker-compose from your host system. 40 | 41 | Windows specific 42 | ~~~~~~~~~~~~~~~~ 43 | 44 | If you're working under Windows you can put your files under ``/home/vagrant/projects/`` 45 | 46 | You can access these Files via Samba. 47 | 48 | #. Map a new Network Drive 49 | #. Select Drive Letter 50 | #. Enter: \\\\192.168.56.2 (Username: ``vagrant`` / Password: ``vagrant``) 51 | #. Browse and select the directory **projects** 52 | 53 | 54 | Destroy & Recreate 55 | ------------------ 56 | 57 | VirtualBox 58 | ~~~~~~~~~~ 59 | 60 | With ``vagrant destroy`` you will destroy the VM and also the data disk so you can immediately 61 | recreate the box with ``vagrant up``. 62 | 63 | VMware & Parallels 64 | ~~~~~~~~~~~~~~~~~~ 65 | 66 | If you're using VMware or Parallels your disk will be stored inside the ``disk/`` directory. 67 | 68 | After ``vagrant destroy`` you need to destroy these disk if you want a clean reinstallation: 69 | 70 | VMware: Change to ``disks/`` directory and reset the VMware disk data files with git: ``git checkout data*`` 71 | 72 | Parallels: Just remove the directory ``disks/parallels-disk/``. 73 | 74 | -------------------------------------------------------------------------------- /documentation/docs/content/vagrantDockerVm.rst: -------------------------------------------------------------------------------- 1 | ===================== 2 | The Vagrant Docker VM 3 | ===================== 4 | 5 | Our Vagrant Docker VM is designed to give you a convenient way to develop your web-app 6 | and comes with everything you need to get started with our Docker Boilerplates. 7 | 8 | In this documentation you can learn how to get started with the Vagrant Docker VM, 9 | as well as learn about each internal part so you can customize it as you wish. 10 | 11 | .. toctree:: 12 | :maxdepth: 1 13 | 14 | gettingStarted/index 15 | usage/index 16 | services/index 17 | troubleshooting/index 18 | components/index 19 | 20 | -------------------------------------------------------------------------------- /documentation/docs/index.rst: -------------------------------------------------------------------------------- 1 | .. WebDevOps Documentation documentation master file, created by 2 | sphinx-quickstart on Sat Mar 19 12:21:05 2016. 3 | You can adapt this file completely to your liking, but it should at least 4 | contain the root `toctree` directive. 5 | 6 | :orphan: true 7 | 8 | ======== 9 | Overview 10 | ======== 11 | 12 | | This are the Documentation pages for the WebDevOps Vagrant Docker VM. 13 | | This Vagrant VM will provide you an easy solution for virtualized development with Docker. 14 | | Please keep in mind that this documentation is still work in progress. 15 | | 16 | | 17 | 18 | .. toctree:: 19 | :maxdepth: 5 20 | :caption: General 21 | 22 | Back to Project Overview 23 | content/introduction 24 | 25 | .. toctree:: 26 | :caption: Documentation 27 | 28 | content/gettingStarted/index 29 | content/usage/index 30 | content/services/index 31 | content/troubleshooting/index 32 | content/components/index 33 | 34 | -------------------------------------------------------------------------------- /documentation/docs/make.bat: -------------------------------------------------------------------------------- 1 | @ECHO OFF 2 | 3 | REM Command file for Sphinx documentation 4 | 5 | if "%SPHINXBUILD%" == "" ( 6 | set SPHINXBUILD=sphinx-build 7 | ) 8 | set BUILDDIR=_build 9 | set ALLSPHINXOPTS=-d %BUILDDIR%/doctrees %SPHINXOPTS% . 10 | set I18NSPHINXOPTS=%SPHINXOPTS% . 11 | if NOT "%PAPER%" == "" ( 12 | set ALLSPHINXOPTS=-D latex_paper_size=%PAPER% %ALLSPHINXOPTS% 13 | set I18NSPHINXOPTS=-D latex_paper_size=%PAPER% %I18NSPHINXOPTS% 14 | ) 15 | 16 | if "%1" == "" goto help 17 | 18 | if "%1" == "help" ( 19 | :help 20 | echo.Please use `make ^` where ^ is one of 21 | echo. html to make standalone HTML files 22 | echo. dirhtml to make HTML files named index.html in directories 23 | echo. singlehtml to make a single large HTML file 24 | echo. pickle to make pickle files 25 | echo. json to make JSON files 26 | echo. htmlhelp to make HTML files and a HTML help project 27 | echo. qthelp to make HTML files and a qthelp project 28 | echo. devhelp to make HTML files and a Devhelp project 29 | echo. epub to make an epub 30 | echo. latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter 31 | echo. text to make text files 32 | echo. man to make manual pages 33 | echo. texinfo to make Texinfo files 34 | echo. gettext to make PO message catalogs 35 | echo. changes to make an overview over all changed/added/deprecated items 36 | echo. xml to make Docutils-native XML files 37 | echo. pseudoxml to make pseudoxml-XML files for display purposes 38 | echo. linkcheck to check all external links for integrity 39 | echo. doctest to run all doctests embedded in the documentation if enabled 40 | echo. coverage to run coverage check of the documentation if enabled 41 | goto end 42 | ) 43 | 44 | if "%1" == "clean" ( 45 | for /d %%i in (%BUILDDIR%\*) do rmdir /q /s %%i 46 | del /q /s %BUILDDIR%\* 47 | goto end 48 | ) 49 | 50 | 51 | REM Check if sphinx-build is available and fallback to Python version if any 52 | %SPHINXBUILD% 1>NUL 2>NUL 53 | if errorlevel 9009 goto sphinx_python 54 | goto sphinx_ok 55 | 56 | :sphinx_python 57 | 58 | set SPHINXBUILD=python -m sphinx.__init__ 59 | %SPHINXBUILD% 2> nul 60 | if errorlevel 9009 ( 61 | echo. 62 | echo.The 'sphinx-build' command was not found. Make sure you have Sphinx 63 | echo.installed, then set the SPHINXBUILD environment variable to point 64 | echo.to the full path of the 'sphinx-build' executable. Alternatively you 65 | echo.may add the Sphinx directory to PATH. 66 | echo. 67 | echo.If you don't have Sphinx installed, grab it from 68 | echo.http://sphinx-doc.org/ 69 | exit /b 1 70 | ) 71 | 72 | :sphinx_ok 73 | 74 | 75 | if "%1" == "html" ( 76 | %SPHINXBUILD% -b html %ALLSPHINXOPTS% %BUILDDIR%/html 77 | if errorlevel 1 exit /b 1 78 | echo. 79 | echo.Build finished. The HTML pages are in %BUILDDIR%/html. 80 | goto end 81 | ) 82 | 83 | if "%1" == "dirhtml" ( 84 | %SPHINXBUILD% -b dirhtml %ALLSPHINXOPTS% %BUILDDIR%/dirhtml 85 | if errorlevel 1 exit /b 1 86 | echo. 87 | echo.Build finished. The HTML pages are in %BUILDDIR%/dirhtml. 88 | goto end 89 | ) 90 | 91 | if "%1" == "singlehtml" ( 92 | %SPHINXBUILD% -b singlehtml %ALLSPHINXOPTS% %BUILDDIR%/singlehtml 93 | if errorlevel 1 exit /b 1 94 | echo. 95 | echo.Build finished. The HTML pages are in %BUILDDIR%/singlehtml. 96 | goto end 97 | ) 98 | 99 | if "%1" == "pickle" ( 100 | %SPHINXBUILD% -b pickle %ALLSPHINXOPTS% %BUILDDIR%/pickle 101 | if errorlevel 1 exit /b 1 102 | echo. 103 | echo.Build finished; now you can process the pickle files. 104 | goto end 105 | ) 106 | 107 | if "%1" == "json" ( 108 | %SPHINXBUILD% -b json %ALLSPHINXOPTS% %BUILDDIR%/json 109 | if errorlevel 1 exit /b 1 110 | echo. 111 | echo.Build finished; now you can process the JSON files. 112 | goto end 113 | ) 114 | 115 | if "%1" == "htmlhelp" ( 116 | %SPHINXBUILD% -b htmlhelp %ALLSPHINXOPTS% %BUILDDIR%/htmlhelp 117 | if errorlevel 1 exit /b 1 118 | echo. 119 | echo.Build finished; now you can run HTML Help Workshop with the ^ 120 | .hhp project file in %BUILDDIR%/htmlhelp. 121 | goto end 122 | ) 123 | 124 | if "%1" == "qthelp" ( 125 | %SPHINXBUILD% -b qthelp %ALLSPHINXOPTS% %BUILDDIR%/qthelp 126 | if errorlevel 1 exit /b 1 127 | echo. 128 | echo.Build finished; now you can run "qcollectiongenerator" with the ^ 129 | .qhcp project file in %BUILDDIR%/qthelp, like this: 130 | echo.^> qcollectiongenerator %BUILDDIR%\qthelp\WebDevOpsDocumentation.qhcp 131 | echo.To view the help file: 132 | echo.^> assistant -collectionFile %BUILDDIR%\qthelp\WebDevOpsDocumentation.ghc 133 | goto end 134 | ) 135 | 136 | if "%1" == "devhelp" ( 137 | %SPHINXBUILD% -b devhelp %ALLSPHINXOPTS% %BUILDDIR%/devhelp 138 | if errorlevel 1 exit /b 1 139 | echo. 140 | echo.Build finished. 141 | goto end 142 | ) 143 | 144 | if "%1" == "epub" ( 145 | %SPHINXBUILD% -b epub %ALLSPHINXOPTS% %BUILDDIR%/epub 146 | if errorlevel 1 exit /b 1 147 | echo. 148 | echo.Build finished. The epub file is in %BUILDDIR%/epub. 149 | goto end 150 | ) 151 | 152 | if "%1" == "latex" ( 153 | %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex 154 | if errorlevel 1 exit /b 1 155 | echo. 156 | echo.Build finished; the LaTeX files are in %BUILDDIR%/latex. 157 | goto end 158 | ) 159 | 160 | if "%1" == "latexpdf" ( 161 | %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex 162 | cd %BUILDDIR%/latex 163 | make all-pdf 164 | cd %~dp0 165 | echo. 166 | echo.Build finished; the PDF files are in %BUILDDIR%/latex. 167 | goto end 168 | ) 169 | 170 | if "%1" == "latexpdfja" ( 171 | %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex 172 | cd %BUILDDIR%/latex 173 | make all-pdf-ja 174 | cd %~dp0 175 | echo. 176 | echo.Build finished; the PDF files are in %BUILDDIR%/latex. 177 | goto end 178 | ) 179 | 180 | if "%1" == "text" ( 181 | %SPHINXBUILD% -b text %ALLSPHINXOPTS% %BUILDDIR%/text 182 | if errorlevel 1 exit /b 1 183 | echo. 184 | echo.Build finished. The text files are in %BUILDDIR%/text. 185 | goto end 186 | ) 187 | 188 | if "%1" == "man" ( 189 | %SPHINXBUILD% -b man %ALLSPHINXOPTS% %BUILDDIR%/man 190 | if errorlevel 1 exit /b 1 191 | echo. 192 | echo.Build finished. The manual pages are in %BUILDDIR%/man. 193 | goto end 194 | ) 195 | 196 | if "%1" == "texinfo" ( 197 | %SPHINXBUILD% -b texinfo %ALLSPHINXOPTS% %BUILDDIR%/texinfo 198 | if errorlevel 1 exit /b 1 199 | echo. 200 | echo.Build finished. The Texinfo files are in %BUILDDIR%/texinfo. 201 | goto end 202 | ) 203 | 204 | if "%1" == "gettext" ( 205 | %SPHINXBUILD% -b gettext %I18NSPHINXOPTS% %BUILDDIR%/locale 206 | if errorlevel 1 exit /b 1 207 | echo. 208 | echo.Build finished. The message catalogs are in %BUILDDIR%/locale. 209 | goto end 210 | ) 211 | 212 | if "%1" == "changes" ( 213 | %SPHINXBUILD% -b changes %ALLSPHINXOPTS% %BUILDDIR%/changes 214 | if errorlevel 1 exit /b 1 215 | echo. 216 | echo.The overview file is in %BUILDDIR%/changes. 217 | goto end 218 | ) 219 | 220 | if "%1" == "linkcheck" ( 221 | %SPHINXBUILD% -b linkcheck %ALLSPHINXOPTS% %BUILDDIR%/linkcheck 222 | if errorlevel 1 exit /b 1 223 | echo. 224 | echo.Link check complete; look for any errors in the above output ^ 225 | or in %BUILDDIR%/linkcheck/output.txt. 226 | goto end 227 | ) 228 | 229 | if "%1" == "doctest" ( 230 | %SPHINXBUILD% -b doctest %ALLSPHINXOPTS% %BUILDDIR%/doctest 231 | if errorlevel 1 exit /b 1 232 | echo. 233 | echo.Testing of doctests in the sources finished, look at the ^ 234 | results in %BUILDDIR%/doctest/output.txt. 235 | goto end 236 | ) 237 | 238 | if "%1" == "coverage" ( 239 | %SPHINXBUILD% -b coverage %ALLSPHINXOPTS% %BUILDDIR%/coverage 240 | if errorlevel 1 exit /b 1 241 | echo. 242 | echo.Testing of coverage in the sources finished, look at the ^ 243 | results in %BUILDDIR%/coverage/python.txt. 244 | goto end 245 | ) 246 | 247 | if "%1" == "xml" ( 248 | %SPHINXBUILD% -b xml %ALLSPHINXOPTS% %BUILDDIR%/xml 249 | if errorlevel 1 exit /b 1 250 | echo. 251 | echo.Build finished. The XML files are in %BUILDDIR%/xml. 252 | goto end 253 | ) 254 | 255 | if "%1" == "pseudoxml" ( 256 | %SPHINXBUILD% -b pseudoxml %ALLSPHINXOPTS% %BUILDDIR%/pseudoxml 257 | if errorlevel 1 exit /b 1 258 | echo. 259 | echo.Build finished. The pseudo-XML files are in %BUILDDIR%/pseudoxml. 260 | goto end 261 | ) 262 | 263 | :end 264 | -------------------------------------------------------------------------------- /home/.bowerrc: -------------------------------------------------------------------------------- 1 | { 2 | "interactive": false 3 | } -------------------------------------------------------------------------------- /home/.gitconfig: -------------------------------------------------------------------------------- 1 | [user] 2 | #email = USERNAME 3 | #name = REALNAME 4 | [mergetool] 5 | keepBackup = true 6 | [branch] 7 | autosetuprebase = remote 8 | autosetupmerge = true 9 | [advice] 10 | pushNonFastForward = false 11 | [alias] 12 | # add aliases 13 | a = add 14 | ap = add -p 15 | 16 | # commit aliases 17 | c = commit --verbose 18 | ca = commit -a --verbose 19 | cm = commit -m 20 | cam = commit -a -m 21 | oops = commit --amend --no-edit 22 | ci = commit 23 | cia = commit --amend 24 | 25 | # diff aliases 26 | d = diff 27 | ds = diff --stat 28 | dc = diff --cached 29 | 30 | # Branch 31 | br = branch -avv 32 | 33 | # Get Code 34 | co = checkout 35 | cp = cherry-pick 36 | f = fetch -p 37 | 38 | # Status 39 | st = status 40 | 41 | # Delete all deleted files 42 | rma = !git ls-files --deleted -z | xargs -0 --no-run-if-empty git rm 43 | 44 | # Pull with submodule update 45 | p = !git fetch --tags && git pull --prune && git submodule update --init --recursive 46 | # Update to server status and push all local commits 47 | pp = !git p && git push 48 | 49 | # git pull with changed files fails. This alias saves all changes in stash, does a pull and applies the stash again 50 | sp = !git stash && git p && git stash pop 51 | # git pull with changed files fails. This alias saves all changes in stash, does a pull and applies the stash again and also push changes to server 52 | spp = !git stash && git p && git stash pop && git push 53 | 54 | # Delete all deleted files 55 | rma = !git ls-files --deleted -z | xargs -0 --no-run-if-empty git rm 56 | 57 | # security check 58 | secck = fsck --no-reflog --full --strict 59 | 60 | # Status 61 | st = status 62 | changelog = "!f() { r=${1:-`git describe --tags --abbrev=0`..HEAD}; echo Changelog for $r; git log --reverse --no-merges --format='* %s' $r; }; f" 63 | 64 | # One line log tree 65 | lg = log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cd) %C(bold blue)<%an>%Creset' --abbrev-commit --all 66 | # List changed files of als commit 67 | showme = show --pretty="format:" --name-only 68 | # List all files in git index 69 | ls = ls-files 70 | # Stash with date 71 | save = !git stash save $(date "+%F_%T") 72 | # Show branches with authors 73 | b-ls = for-each-ref --sort=-committerdate --format='%(committerdate) %(authorname) %(refname)' refs/remotes/origin/ 74 | # Show files ignored by git 75 | ign = ls-files -o -i --exclude-standard 76 | #log refs 77 | lr = log --all --graph --decorate --oneline --simplify-by-decoration --no-merges 78 | # Show last tag 79 | lt = describe --tags --abbrev=0 80 | # Delete already merged branches 81 | delete-merged-branches = "!git checkout master && git branch --merged | grep -v '\\*' | xargs -n 1 git branch -d" 82 | # List all defined aliases 83 | aliases = "!git config -l | grep alias | cut -c 7-" 84 | # Grep just indexed files 85 | grep = "!git ls-files | ack-grep -i" 86 | # Remove all local commits (not pushed to server) in master branch 87 | rs = reset --hard origin/master 88 | [merge] 89 | # Always show a diffstat at the end of a merge 90 | stat = true 91 | tool = vimdiff 92 | [color] 93 | branch = auto 94 | diff = auto 95 | status = auto 96 | interactive = auto 97 | ui = true 98 | pager = true 99 | [color "branch"] 100 | current = yellow reverse 101 | local = yellow 102 | remote = green 103 | [color "diff"] 104 | meta = yellow bold 105 | frag = magenta bold 106 | old = red bold 107 | new = green bold 108 | whitespace = red reverse 109 | [color "status"] 110 | added = yellow 111 | changed = green 112 | untracked = cyan 113 | [core] 114 | pager = less -FRSX 115 | whitespace=fix,-indent-with-non-tab,trailing-space,cr-at-eol 116 | editor = vim 117 | filemode = true 118 | ignorecase = false 119 | excludesfile = /home/vagrant/.gitignore_global 120 | [apply] 121 | whitespace = fix 122 | [http] 123 | proxy = 124 | [push] 125 | default = current 126 | -------------------------------------------------------------------------------- /home/.gitignore_global: -------------------------------------------------------------------------------- 1 | nbproject 2 | .DS_Store 3 | .idea 4 | -------------------------------------------------------------------------------- /home/.my.cnf: -------------------------------------------------------------------------------- 1 | [client] 2 | host=127.0.0.1 3 | port=13306 4 | user=root 5 | password=dev 6 | 7 | [mysql] 8 | host=127.0.0.1 9 | port=13306 10 | user=root 11 | password=dev 12 | default-character-set=utf8 13 | local-infile=1 14 | show-warnings 15 | auto-rehash 16 | sigint-ignore 17 | reconnect 18 | 19 | [mysqldump] 20 | host=127.0.0.1 21 | port=13306 22 | user=root 23 | password=dev 24 | -------------------------------------------------------------------------------- /home/.profile.local: -------------------------------------------------------------------------------- 1 | # Start ssh-agent if none is available 2 | if [ -z "$SSH_AUTH_SOCK" ] ; then 3 | eval `ssh-agent -s` 4 | ssh-add 5 | fi 6 | 7 | # SSH auto root (via sudo) 8 | function sshroot() { 9 | ssh "$@" -t "sudo -E su" 10 | } 11 | 12 | -------------------------------------------------------------------------------- /home/.ssh/config.example: -------------------------------------------------------------------------------- 1 | Host * 2 | Compression yes 3 | CompressionLevel 6 4 | TCPKeepAlive yes 5 | KeepAlive yes 6 | ServerAliveInterval 60 7 | ForwardAgent yes 8 | IdentityFile ~/.ssh/id_rsa 9 | -------------------------------------------------------------------------------- /home/.ssh/known_hosts.example: -------------------------------------------------------------------------------- 1 | |1|DDQ/r3UGjFktmzCNxhAiQMMAyCg=|UdYSp48mJ7nufueN1CL4L5zJaC0= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAs6roryGNvt6/TGGh46+8oOQbOiMKc+tIocNweOPQ90BvRe6qj6Nn0RJFco8MKoD3BiKng0VdyyPSg8Wn3mNcuKxxcoStp0XktiucfZTDuYXOx41nOeatyYBq0rInJdS5wGjGMIELf5CKA5BufUuLSlcPAr7NIuAXZ62Z3JFU93qA1ODygPq2QTDFKflOqtbfQwHov7uguJgdXYFZumLw9k6fzYznhg1mLKjzlu5pBKQccsoJ4NtvRXwf6WsND6o3AQ0oWpFC+bWdT4f3nPJMKy+9Yj3JHoIK8h1oAyL7urjYjHCCrQoNS9Mds1H9oVuKZI1Ve+jTGkawrBNW2VT4Uw== 2 | |1|hOnP/TcVaWMVfdWhvkm+gL/KIpE=|TokXkOQqDXxcYCepwcTRLsglqcI= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAs6roryGNvt6/TGGh46+8oOQbOiMKc+tIocNweOPQ90BvRe6qj6Nn0RJFco8MKoD3BiKng0VdyyPSg8Wn3mNcuKxxcoStp0XktiucfZTDuYXOx41nOeatyYBq0rInJdS5wGjGMIELf5CKA5BufUuLSlcPAr7NIuAXZ62Z3JFU93qA1ODygPq2QTDFKflOqtbfQwHov7uguJgdXYFZumLw9k6fzYznhg1mLKjzlu5pBKQccsoJ4NtvRXwf6WsND6o3AQ0oWpFC+bWdT4f3nPJMKy+9Yj3JHoIK8h1oAyL7urjYjHCCrQoNS9Mds1H9oVuKZI1Ve+jTGkawrBNW2VT4Uw== 3 | |1|m2i/7bDuS1gDddjUFyiD2WWvhSw=|7UCcHIuqVyPOy7oQfeX2Yu2xS48= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKcegryZWtFFn+f6WFBZT/Wojtcz5tXAq0vE8JMq20tPBfZTJtai2gzzUJ2yk9bhIxCyi+00+cLjMDCI+0vTmGU= 4 | |1|k1ISZIB08EGEDEcaKSt8Mi6zspA=|P67iZ0iL36/vZ8HsTycIGageMig= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKcegryZWtFFn+f6WFBZT/Wojtcz5tXAq0vE8JMq20tPBfZTJtai2gzzUJ2yk9bhIxCyi+00+cLjMDCI+0vTmGU= 5 | |1|/RcOZiLp8SVXCn1JAvgH+QWbdsA=|c2xBLK05y7+qBSSSM1DOu+LyKPc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== 6 | |1|Z9IFv3K7TsuYqtorSIl5xzySqaE=|HP0DjEsE7/XdolnsQXJGYDUXe34= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== 7 | |1|USMCurYcNaFr1rurb2aaHIOVAbU=|9lPrdbXOrNXEqJLoY7EC/G/hyq4= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCa6bLz65t4nh6sMJRiHZ4W6IWYuS6mtwr+c6rqV62GDKc+x9wRlfnGpxBa6j5mE+RODf5JkTzxXUrNJLw65cTI= 8 | |1|7PKY4D60FYV/021z2rm5mZcgNb4=|NOVGF1q9h2k2iBBhc30My76WQ3Y= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCa6bLz65t4nh6sMJRiHZ4W6IWYuS6mtwr+c6rqV62GDKc+x9wRlfnGpxBa6j5mE+RODf5JkTzxXUrNJLw65cTI= 9 | |1|TjERWlvYH15uYKo4ChDWLKCjUls=|RMB+dqprOHImgTS+uFSiaqlXfgk= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCEfMWkNS6Mu+db32LayXPvPTr8KZGBCAiVUE7a4RAt7GW3u6QdWVL5GG8LI1J2dfuQPX/2IswONx2DU+gMq2hk= 10 | |1|l7oBgquGRX6LBXE4IhWCJI3zd7Q=|FixNXIwz9pEyzq3fnCoWL+xtXX4= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCEfMWkNS6Mu+db32LayXPvPTr8KZGBCAiVUE7a4RAt7GW3u6QdWVL5GG8LI1J2dfuQPX/2IswONx2DU+gMq2hk=|1|KmM7S9hZ7jKYK1MHkJAnkO/DUAU=|I5JB5dhqWKOpAcj+Vmao43/lJNc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== 11 | |1|x9bwle0xSt593FN+6mLbo7sVh/E=|fYTuPQCYbGlOvi0rcdDrUZ3PcJo= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== 12 | |1|MzgR7GN2D1RvKEggVaULilikqbI=|CFj0ofjmGLdQHqwI0Qsyd48hU+Y= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== 13 | |1|x5FLfe4sB8cYLmBx5BoJI1PBIJk=|TmQS2Z+xaS/+MMoevRsOiIsln1Y= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== 14 | |1|jnmeuYPFYFAy0aRoS4nbvA22eB8=|gEmqDzjsHsp8RW4ypynRlIEsh0M= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== 15 | |1|FnyKdbFc76A+imWFksj5YNNRkSc=|z9odMF//e6duxQafaf4tQJxzWbI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCEfMWkNS6Mu+db32LayXPvPTr8KZGBCAiVUE7a4RAt7GW3u6QdWVL5GG8LI1J2dfuQPX/2IswONx2DU+gMq2hk= 16 | |1|NIqKnK3JQ8ruqx5PXnwfen0ml9U=|ogZYw7FeFg/QKWlRm35rkHRVX/E= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCEfMWkNS6Mu+db32LayXPvPTr8KZGBCAiVUE7a4RAt7GW3u6QdWVL5GG8LI1J2dfuQPX/2IswONx2DU+gMq2hk= 17 | |1|nQ1PvPJVjy/DugRhFNqz2PHYyZU=|nBiokj/Tbjd9ER1ynl5gp/wppw4= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCx32ojcBw/JxRtea1TESzUi9JPpG6NU4ISb4J7GJc5ww/y4wmwNZtpmxM9tIzHfPtWSfaKG2WCZc9M6+TgcxewiV20m2rZC4WP1UUkO+R624jxI8F4LcAzz0mbE4QW/kSMGrXFQxu8/S7F56lJpL+DgTH5sU5mpnGEQU0QcpCSM+aZO47IPk8qpgn+v+T+lWqE/Jvg3SX1ofeyUcWA2zE3D2M/E+t97amZd/tgiyETtirGVG4wc98y48ngmrp4lehyFvM3GQv3oReKDCxJEDNEBs4uN2ip2fg2jBbmOOIvTdOWq3iiVCpKK9YmBRQuxG5wU1rrwq6HbhROOGQWCQnX 18 | |1|PVNn5A7+VhT7TZh9Kyey5eSDcrg=|IpOLS0gadlDbyStC+tql8dglaew= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCx32ojcBw/JxRtea1TESzUi9JPpG6NU4ISb4J7GJc5ww/y4wmwNZtpmxM9tIzHfPtWSfaKG2WCZc9M6+TgcxewiV20m2rZC4WP1UUkO+R624jxI8F4LcAzz0mbE4QW/kSMGrXFQxu8/S7F56lJpL+DgTH5sU5mpnGEQU0QcpCSM+aZO47IPk8qpgn+v+T+lWqE/Jvg3SX1ofeyUcWA2zE3D2M/E+t97amZd/tgiyETtirGVG4wc98y48ngmrp4lehyFvM3GQv3oReKDCxJEDNEBs4uN2ip2fg2jBbmOOIvTdOWq3iiVCpKK9YmBRQuxG5wU1rrwq6HbhROOGQWCQnX 19 | |1|dczWh//pE1JV80Q16fWgIj584S8=|/hJfEiZJ+MZQRGNtsnnuz+xxfag= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAoMesJ60dow5VqNsIqIQMBNmSYz6txSC5YSUXzPNWV4VIWTWdqbQoQuIu+oYGhBMoeaSWWCiVIDTwFDzQXrq8CwmyxWp+2TTuscKiOw830N2ycIVmm3ha0x6VpRGm37yo+z+bkQS3m/sE7bkfTU72GbeKufFHSv1VLnVy9nmJKFOraeKSHP/kjmatj9aC7Q2n8QzFWWjzMxVGg79TUs7sjm5KrtytbxfbLbKtrkn8OXsRy1ib9hKgOwg+8cRjwKbSXVrNw/HM+MJJWp9fHv2yzWmL8B6fKoskslA0EjNxa6d76gvIxwti89/8Y6xlhR0u65u1AiHTX9Q4BVsXcBZUDw== 20 | |1|NwX3hy8R9F/XKiYkWHzfoIqbwFI=|T6G8ndPlsuamod5f1QleTUe/h7Y= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAoMesJ60dow5VqNsIqIQMBNmSYz6txSC5YSUXzPNWV4VIWTWdqbQoQuIu+oYGhBMoeaSWWCiVIDTwFDzQXrq8CwmyxWp+2TTuscKiOw830N2ycIVmm3ha0x6VpRGm37yo+z+bkQS3m/sE7bkfTU72GbeKufFHSv1VLnVy9nmJKFOraeKSHP/kjmatj9aC7Q2n8QzFWWjzMxVGg79TUs7sjm5KrtytbxfbLbKtrkn8OXsRy1ib9hKgOwg+8cRjwKbSXVrNw/HM+MJJWp9fHv2yzWmL8B6fKoskslA0EjNxa6d76gvIxwti89/8Y6xlhR0u65u1AiHTX9Q4BVsXcBZUDw== 21 | |1|EvllRSpBcQ2OlPBUkeEzQ+Kt9p4=|iFLKEDp7gFDe353gi/fAoJSJS0Y= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIHbK1Eh8W4t8WxYeXANdNv/Dna5peZwEM1E+tX8lhZatJ7d0u0OmG+y9QPJGW4txUrBvy68IUnTg2EV5O8R75A= -------------------------------------------------------------------------------- /home/.subversion/config: -------------------------------------------------------------------------------- 1 | ### This file configures various client-side behaviors. 2 | ### 3 | ### The commented-out examples below are intended to demonstrate 4 | ### how to use this file. 5 | 6 | ### Section for authentication and authorization customizations. 7 | [auth] 8 | ### Set password stores used by Subversion. They should be 9 | ### delimited by spaces or commas. The order of values determines 10 | ### the order in which password stores are used. 11 | ### Valid password stores: 12 | ### gnome-keyring (Unix-like systems) 13 | ### kwallet (Unix-like systems) 14 | ### gpg-agent (Unix-like systems) 15 | ### keychain (Mac OS X) 16 | ### windows-cryptoapi (Windows) 17 | # password-stores = gpg-agent,gnome-keyring,kwallet 18 | ### To disable all password stores, use an empty list: 19 | # password-stores = 20 | ### 21 | ### Set KWallet wallet used by Subversion. If empty or unset, 22 | ### then the default network wallet will be used. 23 | # kwallet-wallet = 24 | ### 25 | ### Include PID (Process ID) in Subversion application name when 26 | ### using KWallet. It defaults to 'no'. 27 | # kwallet-svn-application-name-with-pid = yes 28 | ### 29 | ### Set ssl-client-cert-file-prompt to 'yes' to cause the client 30 | ### to prompt for a path to a client cert file when the server 31 | ### requests a client cert but no client cert file is found in the 32 | ### expected place (see the 'ssl-client-cert-file' option in the 33 | ### 'servers' configuration file). Defaults to 'no'. 34 | # ssl-client-cert-file-prompt = no 35 | ### 36 | ### The rest of the [auth] section in this file has been deprecated. 37 | ### Both 'store-passwords' and 'store-auth-creds' can now be 38 | ### specified in the 'servers' file in your config directory 39 | ### and are documented there. Anything specified in this section 40 | ### is overridden by settings specified in the 'servers' file. 41 | store-passwords = no 42 | store-auth-creds = yes 43 | 44 | ### Section for configuring external helper applications. 45 | [helpers] 46 | ### Set editor-cmd to the command used to invoke your text editor. 47 | ### This will override the environment variables that Subversion 48 | ### examines by default to find this information ($EDITOR, 49 | ### et al). 50 | # editor-cmd = editor (vi, emacs, notepad, etc.) 51 | ### Set diff-cmd to the absolute path of your 'diff' program. 52 | ### This will override the compile-time default, which is to use 53 | ### Subversion's internal diff implementation. 54 | # diff-cmd = diff_program (diff, gdiff, etc.) 55 | ### Diff-extensions are arguments passed to an external diff 56 | ### program or to Subversion's internal diff implementation. 57 | ### Set diff-extensions to override the default arguments ('-u'). 58 | # diff-extensions = -u -p 59 | ### Set diff3-cmd to the absolute path of your 'diff3' program. 60 | ### This will override the compile-time default, which is to use 61 | ### Subversion's internal diff3 implementation. 62 | # diff3-cmd = diff3_program (diff3, gdiff3, etc.) 63 | ### Set diff3-has-program-arg to 'yes' if your 'diff3' program 64 | ### accepts the '--diff-program' option. 65 | # diff3-has-program-arg = [yes | no] 66 | ### Set merge-tool-cmd to the command used to invoke your external 67 | ### merging tool of choice. Subversion will pass 5 arguments to 68 | ### the specified command: base theirs mine merged wcfile 69 | # merge-tool-cmd = merge_command 70 | 71 | ### Section for configuring tunnel agents. 72 | [tunnels] 73 | ### Configure svn protocol tunnel schemes here. By default, only 74 | ### the 'ssh' scheme is defined. You can define other schemes to 75 | ### be used with 'svn+scheme://hostname/path' URLs. A scheme 76 | ### definition is simply a command, optionally prefixed by an 77 | ### environment variable name which can override the command if it 78 | ### is defined. The command (or environment variable) may contain 79 | ### arguments, using standard shell quoting for arguments with 80 | ### spaces. The command will be invoked as: 81 | ### svnserve -t 82 | ### (If the URL includes a username, then the hostname will be 83 | ### passed to the tunnel agent as @.) If the 84 | ### built-in ssh scheme were not predefined, it could be defined 85 | ### as: 86 | # ssh = $SVN_SSH ssh -q -o ControlMaster=no 87 | ### If you wanted to define a new 'rsh' scheme, to be used with 88 | ### 'svn+rsh:' URLs, you could do so as follows: 89 | # rsh = rsh 90 | ### Or, if you wanted to specify a full path and arguments: 91 | # rsh = /path/to/rsh -l myusername 92 | ### On Windows, if you are specifying a full path to a command, 93 | ### use a forward slash (/) or a paired backslash (\\) as the 94 | ### path separator. A single backslash will be treated as an 95 | ### escape for the following character. 96 | 97 | ### Section for configuring miscellaneous Subversion options. 98 | [miscellany] 99 | ### Set global-ignores to a set of whitespace-delimited globs 100 | ### which Subversion will ignore in its 'status' output, and 101 | ### while importing or adding files and directories. 102 | ### '*' matches leading dots, e.g. '*.rej' matches '.foo.rej'. 103 | # global-ignores = *.o *.lo *.la *.al .libs *.so *.so.[0-9]* *.a *.pyc *.pyo __pycache__ 104 | # *.rej *~ #*# .#* .*.swp .DS_Store 105 | ### Set log-encoding to the default encoding for log messages 106 | # log-encoding = latin1 107 | ### Set use-commit-times to make checkout/update/switch/revert 108 | ### put last-committed timestamps on every file touched. 109 | # use-commit-times = yes 110 | ### Set no-unlock to prevent 'svn commit' from automatically 111 | ### releasing locks on files. 112 | # no-unlock = yes 113 | ### Set mime-types-file to a MIME type registry file, used to 114 | ### provide hints to Subversion's MIME type auto-detection 115 | ### algorithm. 116 | # mime-types-file = /path/to/mime.types 117 | ### Set preserved-conflict-file-exts to a whitespace-delimited 118 | ### list of patterns matching file extensions which should be 119 | ### preserved in generated conflict file names. By default, 120 | ### conflict files use custom extensions. 121 | # preserved-conflict-file-exts = doc ppt xls od? 122 | ### Set enable-auto-props to 'yes' to enable automatic properties 123 | ### for 'svn add' and 'svn import', it defaults to 'no'. 124 | ### Automatic properties are defined in the section 'auto-props'. 125 | # enable-auto-props = yes 126 | ### Set interactive-conflicts to 'no' to disable interactive 127 | ### conflict resolution prompting. It defaults to 'yes'. 128 | # interactive-conflicts = no 129 | ### Set memory-cache-size to define the size of the memory cache 130 | ### used by the client when accessing a FSFS repository via 131 | ### ra_local (the file:// scheme). The value represents the number 132 | ### of MB used by the cache. 133 | # memory-cache-size = 16 134 | 135 | ### Section for configuring automatic properties. 136 | [auto-props] 137 | ### The format of the entries is: 138 | ### file-name-pattern = propname[=value][;propname[=value]...] 139 | ### The file-name-pattern can contain wildcards (such as '*' and 140 | ### '?'). All entries which match (case-insensitively) will be 141 | ### applied to the file. Note that auto-props functionality 142 | ### must be enabled, which is typically done by setting the 143 | ### 'enable-auto-props' option. 144 | # *.c = svn:eol-style=native 145 | # *.cpp = svn:eol-style=native 146 | # *.h = svn:keywords=Author Date Id Rev URL;svn:eol-style=native 147 | # *.dsp = svn:eol-style=CRLF 148 | # *.dsw = svn:eol-style=CRLF 149 | # *.sh = svn:eol-style=native;svn:executable 150 | # *.txt = svn:eol-style=native;svn:keywords=Author Date Id Rev URL; 151 | # *.png = svn:mime-type=image/png 152 | # *.jpg = svn:mime-type=image/jpeg 153 | # Makefile = svn:eol-style=native 154 | 155 | ### Section for configuring working copies. 156 | [working-copy] 157 | ### Set to a list of the names of specific clients that should use 158 | ### exclusive SQLite locking of working copies. This increases the 159 | ### performance of the client but prevents concurrent access by 160 | ### other clients. Third-party clients may also support this 161 | ### option. 162 | ### Possible values: 163 | ### svn (the command line client) 164 | # exclusive-locking-clients = 165 | ### Set to true to enable exclusive SQLite locking of working 166 | ### copies by all clients using the 1.8 APIs. Enabling this may 167 | ### cause some clients to fail to work properly. This does not have 168 | ### to be set for exclusive-locking-clients to work. 169 | # exclusive-locking = false 170 | -------------------------------------------------------------------------------- /provision/ansible/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | ask_sudo_pass = false 3 | ask_pass = false 4 | 5 | # dont show command "better use xxx module" warning 6 | command_warnings = False 7 | 8 | # uncomment this to disable SSH key host checking 9 | #host_key_checking = False 10 | 11 | force_color = 1 12 | nocolor = 0 13 | nocows = 1 14 | 15 | # disable retry file, we don't need it here 16 | retry_files_enabled = False 17 | 18 | 19 | [ssh_connection] 20 | control_path = %(directory)s/%%C 21 | -------------------------------------------------------------------------------- /provision/ansible/inventory: -------------------------------------------------------------------------------- 1 | localhost ansible_connection=local -------------------------------------------------------------------------------- /provision/ansible/playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - hosts: all 4 | remote_user: vagrant 5 | become: yes 6 | become_user: root 7 | vars_files: 8 | - [ '/vagrant/vm.yml', '/vagrant/vm_defaults.yml' ] 9 | roles: 10 | - { role: repositories } 11 | - { role: common } 12 | - { role: update, when: PROVISION.update == 1 } 13 | - { role: manpages, when: PROVISION.manpages == 1 } 14 | - { role: disk } 15 | - { role: docker, when: PROVISION.docker == 1 } 16 | - { role: ssh } 17 | - { role: samba, when: PROVISION.samba == 1 } 18 | - { role: php, when: PROVISION.php == 1 } 19 | - { role: ntp, when: PROVISION.ntp == 1 } 20 | - { role: mail, when: PROVISION.mail == 1 } 21 | - { role: firewall } 22 | - { role: dnsmasq, when: PROVISION.dnsmasq == 1 } 23 | - { role: clitools, when: PROVISION.clitools == 1 } 24 | - { role: monit } 25 | - { role: desktop, when: PROVISION.desktop != 0 } 26 | - { role: user } 27 | - { role: docker-dory, when: PROVISION.dockerDory == 1 } 28 | - { role: consul, when: PROVISION.consul == 1 } 29 | - { role: customization } 30 | - { role: finalize } 31 | -------------------------------------------------------------------------------- /provision/ansible/roles/clitools/files/bash.clitools.completition: -------------------------------------------------------------------------------- 1 | ## add me to /etc/bash_completion.d/ 2 | ## cp FILE /etc/bash_completion.d/ 3 | ## reload completion 4 | ## exec bash 5 | 6 | _available_commands() 7 | { 8 | ct list --raw | awk '{print $1}' 9 | } 10 | 11 | 12 | 13 | _clitools() 14 | { 15 | local cur 16 | cur="${COMP_WORDS[COMP_CWORD]}" 17 | prev=${COMP_WORDS[COMP_CWORD-1]} 18 | 19 | 20 | if [ $COMP_CWORD -eq 1 ] 21 | then 22 | COMPREPLY=( $( compgen -W '$(_available_commands)' -- $cur) ) 23 | fi 24 | } 25 | 26 | 27 | complete -F _clitools ct -------------------------------------------------------------------------------- /provision/ansible/roles/clitools/files/crontab: -------------------------------------------------------------------------------- 1 | 01 * * * * root [ -x /usr/local/bin/ct ] && /usr/local/bin/ct system:crontask &> /dev/null 2 | #eof 3 | 4 | -------------------------------------------------------------------------------- /provision/ansible/roles/clitools/files/zsh.clitools.completition: -------------------------------------------------------------------------------- 1 | #compdef ct 2 | _ct() { 3 | local -a commands 4 | IFS=$'\n' 5 | commands=(${(f)"$(ct list --raw | sed 's/:/\\:/g' | awk -F" " '{print $1}')"}) 6 | 7 | if (( CURRENT == 2 )); then 8 | _describe -t commands 'commands' commands 9 | fi 10 | 11 | return 0 12 | } 13 | 14 | _ct -------------------------------------------------------------------------------- /provision/ansible/roles/clitools/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run clitools system startup 4 | command: '/usr/local/bin/ct system:startup > /dev/null' 5 | ignore_errors: True 6 | -------------------------------------------------------------------------------- /provision/ansible/roles/clitools/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Setup automatic startup maintenance (clitools) 4 | lineinfile: 5 | destfile: /etc/rc.local 6 | insertbefore: '^exit 0' 7 | line: '/usr/local/bin/ct system:startup > /dev/null &' 8 | state: present 9 | 10 | - name: Deploy local configuration 11 | template: 12 | src: roles/clitools/templates/clitools.ini.j2 13 | dest: /etc/clitools.ini 14 | owner: vagrant 15 | group: root 16 | mode: 0644 17 | 18 | - name: Copy cron configuration 19 | copy: 20 | src: roles/clitools/files/crontab 21 | dest: /etc/cron.d/clitools 22 | owner: root 23 | group: root 24 | mode: 0644 25 | 26 | - name: Create /tmp/debug/ directory 27 | file: 28 | dest: '{{ item }}' 29 | owner: root 30 | group: root 31 | mode: 0777 32 | state: directory 33 | with_items: 34 | - /etc/bash_completion.d/ 35 | - /etc/zsh_completion.d/ 36 | 37 | - name: Copy bash.completition 38 | copy: 39 | src: roles/clitools/files/bash.clitools.completition 40 | dest: /etc/bash_completion.d/clitools 41 | owner: root 42 | group: root 43 | mode: 0644 44 | 45 | - name: Copy zsh.completition 46 | copy: 47 | src: roles/clitools/files/zsh.clitools.completition 48 | dest: /etc/zsh_completion.d/clitools 49 | owner: root 50 | group: root 51 | mode: 0644 52 | 53 | - name: Run clitools system startup 54 | raw: '/usr/local/bin/ct system:startup > /dev/null' 55 | ignore_errors: True 56 | notify: 57 | - Run clitools system startup 58 | -------------------------------------------------------------------------------- /provision/ansible/roles/clitools/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # FIXME: wait for upstream SNI support 4 | #- name: Fetch clitools (latest) 5 | # get_url: 6 | # url: 'https://dl.webdevops.io/clicommand/clitools.phar' 7 | # dest: /usr/local/bin/ct 8 | # owner: 'root' 9 | # group: 'root' 10 | # mode: 0755 11 | 12 | - name: Fetch clitools (latest) 13 | command: 'wget -O/usr/local/bin/ct https://dl.webdevops.io/clicommand/clitools.phar' 14 | 15 | - name: Set /usr/local/bin/ct rights 16 | file: 17 | dest: /usr/local/bin/ct 18 | owner: vagrant 19 | group: vagrant 20 | mode: 0777 21 | state: file 22 | 23 | - name: Run self update for clitools 24 | command: '/usr/local/bin/ct self-update' 25 | ignore_errors: True 26 | 27 | - name: Install clitools additional packages 28 | action: apt pkg='{{ item }}' state=latest 29 | with_items: 30 | # Tools 31 | - git 32 | - wget 33 | - multitail 34 | - sudo 35 | - moreutils 36 | # Network 37 | - tshark 38 | - tcpflow 39 | - tcpdump 40 | - ngrep 41 | # Debug 42 | - strace 43 | - lsof 44 | -------------------------------------------------------------------------------- /provision/ansible/roles/clitools/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install cli tools 4 | include: install.yml 5 | tags: 6 | - bootstrap 7 | 8 | - name: Configure cli tools 9 | include: configuration.yml 10 | tags: 11 | - bootstrap 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/clitools/templates/clitools.ini.j2: -------------------------------------------------------------------------------- 1 | ;++++++++++++++++++++++++++++++++++++++ 2 | ; CliTools configuration 3 | ;++++++++++++++++++++++++++++++++++++++ 4 | ; Defaults: 5 | ; https://github.com/mblaschke/clitools/blob/develop/src/config.ini 6 | ; 7 | ;++++++++++++++++++++++++++++++++++++++ 8 | 9 | [config] 10 | domain_dev = "{{ PROVISION.developmentDomain }}" 11 | 12 | [db] 13 | dsn = "{{ CLITOOLS.db.dsn }}" 14 | username = "{{ CLITOOLS.db.username }}" 15 | password = "{{ CLITOOLS.db.password }}" 16 | debug_log_dir = "/tmp/debug/" 17 | 18 | [syscheck] 19 | enabled = 1 20 | {% if CLITOOLS.growlPassword %} 21 | wall = 0 22 | growl = 1 23 | {% else %} 24 | wall = 1 25 | growl = 0 26 | {% endif %} 27 | diskusage = 90 28 | 29 | [growl] 30 | server = 192.168.56.1 31 | password = "{{ CLITOOLS.growlPassword }}" 32 | 33 | [docker] 34 | interface = docker0 35 | boilerplate = "{{ CLITOOLS.docker.boilerplate }}" 36 | 37 | climethod = docker-exec 38 | ; climethod = dockercompose-run 39 | 40 | [dockerBoilerplate] 41 | default = "{{ CLITOOLS.docker.boilerplate }}" 42 | typo3 = https://github.com/webdevops/TYPO3-docker-boilerplate.git 43 | 44 | [banner] 45 | mailbox = imap-insecure://vagrant:vagrant@127.0.0.1/INBOX 46 | 47 | [commands] 48 | ; not used commands here 49 | ignore[] = "CliTools\Console\Command\Log\ApacheCommand" 50 | ignore[] = "CliTools\Console\Command\Log\PhpCommand" 51 | ignore[] = "CliTools\Console\Command\Log\DebugCommand" 52 | ignore[] = "CliTools\Console\Command\Apache\RestartCommand" 53 | ignore[] = "CliTools\Console\Command\Mysql\RestartCommand" 54 | ignore[] = "CliTools\Console\Command\Php\RestartCommand" 55 | ignore[] = "CliTools\Console\Command\Samba\RestartCommand" 56 | ignore[] = "CliTools\Console\Command\System\UpdateCommand" 57 | ignore[] = "CliTools\Console\Command\System\RebootCommand" 58 | ignore[] = "CliTools\Console\Command\Vagrant\*Command" 59 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Apply sysctl settings 4 | command: 'sysctl -p --ignore' 5 | 6 | - name: Update grub 7 | command: 'update-grub' 8 | 9 | - name: Restart services for timezone 10 | command: 'service {{ item }} restart' 11 | with_items: 12 | - cron 13 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/debug.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Create /tmp/debug/ directory 4 | file: 5 | dest: /tmp/debug/ 6 | owner: root 7 | group: root 8 | mode: 0777 9 | state: directory 10 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/locale.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Setup default locale settings configuration 4 | lineinfile: 5 | dest: /etc/default/locale 6 | regexp: '{{ item.regexp }}' 7 | line: '{{ item.line }}' 8 | with_items: 9 | - { regexp: '^LANG=', line: 'LANG="en_US.UTF-8"' } 10 | - { regexp: '^LANGUAGE=', line: 'LANGUAGE="en_US:"' } 11 | - { regexp: '^LC_ALL=', line: 'LC_ALL="en_US.UTF-8"' } 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install packages 4 | include: packages.yml 5 | tags: 6 | - bootstrap 7 | 8 | - name: Configure system 9 | include: system.yml 10 | tags: 11 | - bootstrap 12 | 13 | - name: Debug stuff 14 | include: debug.yml 15 | tags: 16 | - bootstrap 17 | - maintenance 18 | 19 | - name: Configure sysctl settings 20 | include: sysctl.yml 21 | tags: 22 | - bootstrap 23 | 24 | - name: Configure locale settings 25 | include: locale.yml 26 | tags: 27 | - bootstrap 28 | 29 | - name: Setup timezone settings 30 | include: timezone.yml 31 | when: VM.timezone is defined 32 | tags: 33 | - bootstrap 34 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install ansible packages 4 | include: packages/ansible.yml 5 | 6 | - name: Install system packages 7 | include: packages/system.yml 8 | 9 | - name: Install default packages 10 | include: packages/default.yml 11 | 12 | - name: Install build-essentials packages 13 | include: packages/build-essentials.yml 14 | when: PROVISION.buildEssentials is defined and PROVISION.buildEssentials == 1 15 | 16 | - name: Install developer packages 17 | include: packages/developer.yml 18 | 19 | - name: Install npm packages 20 | include: packages/apt.yml 21 | when: PROVISION.apt is defined and PROVISION.apt 22 | 23 | - name: Install npm packages 24 | include: packages/npm.yml 25 | when: PROVISION.npm is defined and PROVISION.npm 26 | 27 | - name: Install gem packages 28 | include: packages/gem.yml 29 | when: PROVISION.gem is defined and PROVISION.gem 30 | 31 | - name: Install pip packages 32 | include: packages/pip.yml 33 | when: PROVISION.pip is defined and PROVISION.pip 34 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages/ansible.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install ansible libraries 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - ansible 9 | - ca-certificates 10 | # Libraries (ansible) 11 | - python-pycurl 12 | - python-mysqldb 13 | - python-passlib 14 | - python-netaddr 15 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages/apt.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install custom apt packages 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: "{{ PROVISION.apt }}" 8 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages/build-essentials.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install developer compiling packages 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - build-essential 9 | - closure-compiler 10 | - g++ 11 | 12 | - name: Install dev packages 13 | apt: 14 | pkg: '{{ item }}' 15 | state: present 16 | with_items: 17 | - libsqlite3-dev 18 | - php7.0-dev 19 | - libcurl3-gnutls-dev 20 | - libxml2-dev 21 | - libxml2-utils 22 | - libcairo2-dev 23 | - libjpeg8-dev 24 | - libpango1.0-dev 25 | - libgif-dev 26 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages/default.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install default provisioning packages 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - parted 9 | - curl 10 | 11 | - name: Install python pip 12 | apt: 13 | pkg: 'python-pip' 14 | state: present 15 | 16 | - name: Install ruby 17 | apt: 18 | pkg: '{{ item }}' 19 | state: present 20 | with_items: 21 | - ruby 22 | - ruby-dev 23 | 24 | - name: Install default tool packages 25 | apt: 26 | pkg: '{{ item }}' 27 | state: present 28 | with_items: 29 | - zsh 30 | - moreutils 31 | - byobu 32 | - multitail 33 | - dnsutils 34 | - telnet 35 | - vim 36 | - tmux 37 | 38 | - name: Install default compression packages 39 | apt: 40 | pkg: '{{ item }}' 41 | state: present 42 | with_items: 43 | - zip 44 | - unzip 45 | - bzip2 46 | - p7zip-full 47 | - unrar 48 | - unace 49 | 50 | - name: Install default development packages 51 | apt: 52 | pkg: '{{ item }}' 53 | state: present 54 | with_items: 55 | - git 56 | - sudo 57 | - cstream 58 | 59 | - name: Install default filesystem packages 60 | apt: 61 | pkg: '{{ item }}' 62 | state: present 63 | with_items: 64 | - e2fsprogs 65 | - xfsprogs 66 | - btrfs-tools 67 | 68 | - name: Install default other packages 69 | apt: 70 | pkg: '{{ item }}' 71 | state: present 72 | with_items: 73 | - incron 74 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages/developer.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install developer tool packages 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - jq 9 | - sloccount 10 | - ack-grep 11 | - tig 12 | - strace 13 | 14 | - name: Install developer status packages 15 | apt: 16 | pkg: '{{ item }}' 17 | state: present 18 | with_items: 19 | - htop 20 | - atop 21 | - iftop 22 | - mytop 23 | - iotop 24 | 25 | - name: Install developer system packages 26 | apt: 27 | pkg: '{{ item }}' 28 | state: present 29 | with_items: 30 | - fuse 31 | - sshfs 32 | - xvfb 33 | 34 | - name: Install developer network packages 35 | apt: 36 | pkg: '{{ item }}' 37 | state: present 38 | with_items: 39 | - tshark 40 | - tcpflow 41 | - tcpdump 42 | - ngrep 43 | - swaks 44 | - ethtool 45 | - netcat-openbsd 46 | - mailutils 47 | - mysql-client 48 | 49 | - name: Install developer vcs packages 50 | apt: 51 | pkg: '{{ item }}' 52 | state: present 53 | with_items: 54 | - subversion 55 | - git 56 | - git-flow 57 | 58 | - name: Install developer other packages 59 | apt: 60 | pkg: '{{ item }}' 61 | state: present 62 | with_items: 63 | - dos2unix 64 | - lynx 65 | - links 66 | 67 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages/gem.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install custom gem packages 4 | gem: 5 | name: '{{ item }}' 6 | state: present 7 | user_install: no 8 | with_items: "{{ PROVISION.gem }}" 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages/npm.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install nodejs 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - nodejs 9 | - nodejs-legacy 10 | 11 | - name: Install npm 12 | apt: 13 | pkg: '{{ item }}' 14 | state: present 15 | with_items: 16 | - npm 17 | 18 | - name: Install custom npm packages 19 | npm: 20 | name: '{{ item }}' 21 | global: yes 22 | state: latest 23 | production: yes 24 | with_items: "{{ PROVISION.npm }}" 25 | ignore_errors: True 26 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages/pip.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install custom pip packages 4 | pip: 5 | name: '{{ item }}' 6 | with_items: "{{ PROVISION.pip }}" 7 | ignore_errors: True 8 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/packages/system.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install zram (compressed swap in memory) 4 | apt: 5 | pkg: zram-config 6 | state: present 7 | 8 | - name: Install haveged (random number generator daemon) 9 | apt: 10 | pkg: haveged 11 | state: present 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/sysctl.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Sysctl settings 4 | lineinfile: 5 | dest: /etc/sysctl.conf 6 | regexp: '{{ item.regexp }}' 7 | line: '{{ item.line }}' 8 | with_items: 9 | # Send buffer sizes 10 | - { regexp: '^net.core.rmem_max', line: 'net.core.rmem_max = 104857600' } 11 | - { regexp: '^net.core.rmem_default', line: 'net.core.rmem_default = 8388608' } 12 | - { regexp: '^net.core.wmem_max', line: 'net.core.wmem_max = 104857600' } 13 | - { regexp: '^net.core.wmem_default', line: 'net.core.wmem_default = 8388608' } 14 | - { regexp: '^net.core.optmem_max', line: 'net.core.optmem_max = 40960' } 15 | - { regexp: '^net.core.netdev_max_backlog', line: 'net.core.netdev_max_backlog = 5000' } 16 | - { regexp: '^net.ipv4.tcp_rmem', line: 'net.ipv4.tcp_rmem = 10240 524288 16777216' } 17 | - { regexp: '^net.ipv4.tcp_wmem', line: 'net.ipv4.tcp_wmem = 10240 524288 16777216' } 18 | - { regexp: '^net.ipv4.tcp_wmem', line: 'net.ipv4.tcp_wmem = 10240 524288 16777216' } 19 | # Connection tuning 20 | - { regexp: '^net.ipv4.tcp_timestamps', line: 'net.ipv4.tcp_timestamps = 0' } 21 | - { regexp: '^net.ipv4.tcp_sack', line: 'net.ipv4.tcp_sack = 1' } 22 | - { regexp: '^net.ipv4.tcp_fack', line: 'net.ipv4.tcp_fack = 1' } 23 | - { regexp: '^net.ipv4.tcp_window_scaling', line: 'net.ipv4.tcp_window_scaling = 1' } 24 | - { regexp: '^net.core.somaxconn', line: 'net.core.somaxconn = 2048' } 25 | - { regexp: '^net.ipv4.tcp_max_syn_backlog', line: 'net.ipv4.tcp_max_syn_backlog = 4096' } 26 | - { regexp: '^net.netfilter.nf_conntrack_max', line: 'net.netfilter.nf_conntrack_max = 100000' } 27 | - { regexp: '^net.nf_conntrack_max', line: 'net.nf_conntrack_max = 100000' } 28 | - { regexp: '^net.ipv4.tcp_max_tw_buckets', line: 'net.ipv4.tcp_max_tw_buckets = 180000' } 29 | - { regexp: '^net.ipv4.tcp_tw_recycle', line: 'net.ipv4.tcp_tw_recycle = 0' } 30 | - { regexp: '^net.ipv4.tcp_tw_reuse', line: 'net.ipv4.tcp_tw_reuse = 0' } 31 | - { regexp: '^net.ipv4.tcp_fin_timeout', line: 'net.ipv4.tcp_fin_timeout = 10' } 32 | notify: 33 | - Apply sysctl settings 34 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/system.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Add tmp cleanup at reboot 4 | lineinfile: 5 | dest: '/etc/default/rcS' 6 | regexp: '^#?TMPTIME=0' 7 | line: 'TMPTIME=0' 8 | 9 | - name: Disable blank console screensaver 10 | lineinfile: 11 | dest: '/etc/default/grub' 12 | regexp: '{{ item.regexp }}' 13 | line: '{{ item.line }}' 14 | with_items: 15 | - { regexp: '^GRUB_CMDLINE_LINUX_DEFAULT=', line: 'GRUB_CMDLINE_LINUX_DEFAULT="quiet consoleblank=0"' } 16 | - { regexp: '^GRUB_TIMEOUT=', line: 'GRUB_TIMEOUT=0' } 17 | - { regexp: '^GRUB_HIDDEN_TIMEOUT=', line: 'GRUB_TIMEOUT=0' } 18 | notify: 19 | - Update grub 20 | 21 | - name: Setup System Hostname 22 | hostname: 23 | name: DEV-VM 24 | 25 | - name: Setup hosts 26 | lineinfile: 27 | dest: '/etc/hosts' 28 | regexp: 'DEVELOPMENT-VM' 29 | line: '127.0.0.1 DEVELOPMENT-VM DEV-VM' 30 | owner: root 31 | group: root 32 | mode: 0644 33 | -------------------------------------------------------------------------------- /provision/ansible/roles/common/tasks/timezone.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Change timezone 4 | copy: 5 | content: '{{ VM.timezone }}' 6 | dest: '/etc/timezone' 7 | owner: root 8 | group: root 9 | mode: 0644 10 | backup: yes 11 | 12 | - name: Update timezone 13 | command: '{{ item }}' 14 | with_items: 15 | # https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/1554806 16 | - rm -f /etc/localtime 17 | - dpkg-reconfigure --frontend noninteractive tzdata 18 | notify: 19 | - Restart services for timezone 20 | -------------------------------------------------------------------------------- /provision/ansible/roles/consul/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Docker pull consul and gliderlabs/registrator 4 | shell: "docker pull {{ item }}" 5 | with_items: 6 | - consul 7 | - gliderlabs/registrator 8 | -------------------------------------------------------------------------------- /provision/ansible/roles/consul/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include: install.yml 4 | tags: 5 | - bootstrap 6 | 7 | - include: startup.yml 8 | tags: 9 | - maintenance 10 | -------------------------------------------------------------------------------- /provision/ansible/roles/consul/tasks/startup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Kill running consul and gliderlabs/registrator Docker container 4 | shell: "docker kill {{ item }} &> /dev/null || exit 0" 5 | with_items: 6 | - consul 7 | - consul-registrator 8 | ignore_errors: True 9 | 10 | - name: Remove consul and gliderlabs/registrator Docker container 11 | shell: "docker rm -f {{ item }} &> /dev/null || exit 0" 12 | with_items: 13 | - consul 14 | - consul-registrator 15 | ignore_errors: True 16 | 17 | - name: Start consul Docker container 18 | shell: docker run -d --name=consul -e 'VIRTUAL_HOST=consul.{{ PROVISION.developmentDomain }}' -e 'VIRTUAL_PORT=8500' -p 127.0.0.53:8500:8500 -p 127.0.0.53:8600:8600/tcp -p 127.0.0.53:8600:8600/udp -p 127.0.0.53:1053:8600/tcp -p 127.0.0.53:1053:8600/udp consul 19 | 20 | - name: Start gliderlabs/registrator Docker container 21 | shell: docker run -d --name=consul-registrator --net=host --volume=/var/run/docker.sock:/tmp/docker.sock gliderlabs/registrator -internal -resync=600 -ttl=120 -ttl-refresh=30 -retry-attempts -1 consul://127.0.0.53:8500 22 | -------------------------------------------------------------------------------- /provision/ansible/roles/customization/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include: synchronize.yml 4 | tags: 5 | - bootstrap 6 | -------------------------------------------------------------------------------- /provision/ansible/roles/customization/tasks/synchronize.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy home customization 4 | synchronize: 5 | rsync_path: "sudo rsync" 6 | src: /vagrant/customization/home/ 7 | dest: /home/vagrant/ 8 | delete: no 9 | rsync_opts: '--exclude=.gitkeep,--chown=vagrant:vagrant' 10 | 11 | - name: Deploy etc customization 12 | synchronize: 13 | rsync_path: "sudo rsync" 14 | src: /vagrant/customization/etc/ 15 | dest: /etc/ 16 | delete: no 17 | rsync_opts: '--exclude=.gitkeep,--chown=vagrant:vagrant' 18 | 19 | - name: Create files from examples 20 | shell: cp -a "{{ item.source }}" "{{ item.destination }}" 21 | args: 22 | creates: "{{ item.destination }}" 23 | with_items: 24 | - { source: "/home/vagrant/.ssh/known_hosts.example", destination: "/home/vagrant/.ssh/known_hosts" } 25 | - { source: "/home/vagrant/.ssh/config.example", destination: "/home/vagrant/.ssh/config" } 26 | ignore_errors: Yes 27 | -------------------------------------------------------------------------------- /provision/ansible/roles/desktop/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Restart LightDM 4 | command: 'systemctl restart lightdm' 5 | -------------------------------------------------------------------------------- /provision/ansible/roles/desktop/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy lightdm configuration (autologin) 4 | template: 5 | src: templates/vagrant.conf.j2 6 | dest: /etc/lightdm/lightdm.conf.d/vagrant.conf 7 | owner: vagrant 8 | group: root 9 | mode: 0775 10 | notify: 11 | - Restart LightDM 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/desktop/tasks/install/common.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install common desktop 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - ubuntu-desktop 9 | - xserver-xorg-video-vmware 10 | - xserver-xorg-video-vesa 11 | - xserver-xorg-video-fbdev 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/desktop/tasks/install/gnome.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install gnome 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - ubuntu-gnome-desktop 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/desktop/tasks/install/kde.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install KDE plasma 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - plasma-desktop 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/desktop/tasks/install/unity.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Unity 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - ubuntu-desktop 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/desktop/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include: install/common.yml 4 | tags: 5 | - bootstrap 6 | 7 | - include: install/{{ PROVISION.desktop }}.yml 8 | tags: 9 | - bootstrap 10 | 11 | - include: configuration.yml 12 | tags: 13 | - bootstrap 14 | -------------------------------------------------------------------------------- /provision/ansible/roles/desktop/templates/vagrant.conf.j2: -------------------------------------------------------------------------------- 1 | [SeatDefaults] 2 | autologin-user=vagrant 3 | autologin-user-timeout=0 4 | 5 | [VNCServer] 6 | enabled=true 7 | -------------------------------------------------------------------------------- /provision/ansible/roles/disk/tasks/disk-create.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Unmount SDB1 4 | mount: 5 | name: /mnt/data 6 | src: /dev/sdb1 7 | fstype: '{{ VM.data.filesystem }}' 8 | state: unmounted 9 | 10 | - name: Remove mount SDB1 11 | mount: 12 | name: /mnt/data 13 | src: /dev/sdb1 14 | fstype: '{{ VM.data.filesystem }}' 15 | state: absent 16 | 17 | - name: Generate disk label (SDB) 18 | command: 'parted /dev/sdb mklabel gpt' 19 | 20 | - name: Create partition (SDB) 21 | command: 'parted -- /dev/sdb mkpart primary 1M -1' 22 | 23 | - name: Create filesystem (SDB) 24 | command: 'mkfs --type={{ VM.data.filesystem }} /dev/sdb1' 25 | -------------------------------------------------------------------------------- /provision/ansible/roles/disk/tasks/disk-mounting.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Stop services 4 | command: 'service {{ item }} stop' 5 | with_items: 6 | - 'docker' 7 | ignore_errors: yes 8 | 9 | - name: Create mountpoint (/mnt/data) 10 | file: 11 | path: /mnt/data 12 | state: directory 13 | owner: root 14 | group: root 15 | mode: 0755 16 | 17 | - name: Setup mounting for SDB1 18 | mount: 19 | name: /mnt/data 20 | src: /dev/sdb1 21 | fstype: '{{ VM.data.filesystem }}' 22 | opts: 'defaults,nodev,nosuid,noatime,nodiratime,data=writeback,barrier=0,nobh' 23 | state: present 24 | 25 | - name: Mount SDB1 26 | mount: name=/mnt/data src=/dev/sdb1 fstype='{{ VM.data.filesystem }}' state=mounted 27 | 28 | ############################# 29 | # Docker 30 | ############################# 31 | 32 | - stat: path=/mnt/data/docker/ 33 | register: dockerdir 34 | 35 | - name: Create docker storage 36 | shell: 'mkdir /mnt/data/docker && cp -a /var/lib/docker/* /mnt/data/docker' 37 | args: 38 | creates: '/mnt/data/docker/' 39 | ignore_errors: True 40 | 41 | - name: Setup rights for docker 42 | file: 43 | path: /mnt/data/docker 44 | state: directory 45 | owner: root 46 | group: root 47 | mode: 0700 48 | 49 | - name: Setup mounting for docker 50 | mount: 51 | name: /var/lib/docker/ 52 | src: /mnt/data/docker 53 | fstype: none 54 | opts: 'bind' 55 | state: present 56 | 57 | - name: Mount docker 58 | mount: 59 | name: /var/lib/docker/ 60 | src: /mnt/data/docker 61 | fstype: none 62 | opts: 'bind' 63 | state: mounted 64 | 65 | - name: Start services 66 | command: 'service docker restart' 67 | ignore_errors: True 68 | -------------------------------------------------------------------------------- /provision/ansible/roles/disk/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Create data disk 4 | include: disk-create.yml 5 | when: ansible_devices.sdb.partitions.sdb1 is not defined 6 | tags: 7 | - bootstrap 8 | 9 | - name: Init disk mounting 10 | include: disk-mounting.yml 11 | tags: 12 | - bootstrap 13 | 14 | - name: Disk maintenance 15 | include: maintenance.yml 16 | tags: 17 | - bootstrap 18 | - maintenance 19 | -------------------------------------------------------------------------------- /provision/ansible/roles/disk/tasks/maintenance.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ############################# 4 | # Code (migration) 5 | ############################# 6 | 7 | - name: Unmount code 8 | mount: 9 | name: /home/vagrant/code/ 10 | src: /mnt/data/code 11 | fstype: none 12 | opts: 'bind' 13 | state: unmounted 14 | 15 | - name: Remove mount for code 16 | mount: 17 | name: /home/vagrant/code/ 18 | src: /mnt/data/code 19 | fstype: none 20 | opts: 'bind' 21 | state: absent 22 | 23 | - name: stat /mnt/data/code 24 | stat: 25 | path: /mnt/data/code 26 | register: old_code_stat 27 | 28 | - name: Move /mnt/data/code to /mnt/data/projects 29 | command: mv /mnt/data/code /mnt/data/projects 30 | when: old_code_stat.stat.exists 31 | 32 | ############################# 33 | # Projects 34 | ############################# 35 | 36 | - stat: 37 | path: /mnt/data/projects/ 38 | register: codedir 39 | 40 | - name: Create code storage 41 | shell: 'mkdir /mnt/data/projects' 42 | args: 43 | creates: '/mnt/data/projects/' 44 | 45 | - name: Setup rights for /mnt/data 46 | file: 47 | path: /mnt/data 48 | state: directory 49 | owner: vagrant 50 | group: vagrant 51 | mode: 0777 52 | 53 | - name: Setup rights for /mnt/data/projects 54 | file: 55 | path: /mnt/data/projects 56 | state: directory 57 | owner: vagrant 58 | group: vagrant 59 | mode: 0777 60 | 61 | - name: Setup mounting for docker 62 | mount: 63 | name: /home/vagrant/projects/ 64 | src: /mnt/data/projects 65 | fstype: none 66 | opts: 'bind' 67 | state: present 68 | 69 | - name: Mount code 70 | mount: 71 | name: /home/vagrant/projects/ 72 | src: /mnt/data/projects 73 | fstype: none 74 | opts: 'bind' 75 | state: mounted 76 | -------------------------------------------------------------------------------- /provision/ansible/roles/dnsmasq/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: Restart dnsmasq 2 | command: service dnsmasq restart 3 | -------------------------------------------------------------------------------- /provision/ansible/roles/dnsmasq/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy dnsmasq configuration (docker) 4 | template: 5 | src: roles/dnsmasq/templates/docker.j2 6 | dest: /etc/dnsmasq.d/docker 7 | owner: vagrant 8 | group: root 9 | mode: 0644 10 | notify: 11 | - Restart dnsmasq 12 | 13 | - name: Deploy dnsmasq configuration (consul) 14 | template: 15 | src: roles/dnsmasq/templates/consul.j2 16 | dest: /etc/dnsmasq.d/consul 17 | owner: vagrant 18 | group: root 19 | mode: 0644 20 | notify: 21 | - Restart dnsmasq 22 | -------------------------------------------------------------------------------- /provision/ansible/roles/dnsmasq/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install dnsmasq 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - dnsmasq 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/dnsmasq/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install dnsmasq 4 | include: install.yml 5 | tags: 6 | - bootstrap 7 | 8 | - name: Configure dnsmasq 9 | include: configuration.yml 10 | tags: 11 | - bootstrap 12 | - maintenance 13 | -------------------------------------------------------------------------------- /provision/ansible/roles/dnsmasq/templates/consul.j2: -------------------------------------------------------------------------------- 1 | server=/consul/127.0.0.53#1053 2 | -------------------------------------------------------------------------------- /provision/ansible/roles/dnsmasq/templates/docker.j2: -------------------------------------------------------------------------------- 1 | address=/{{ PROVISION.developmentDomain }}/{{ VM.network.private.address }} 2 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker-dory/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy docker.service (template) 4 | template: 5 | src: templates/dory.yml.j2 6 | dest: /etc/dory.yml 7 | owner: vagrant 8 | group: root 9 | mode: 0775 10 | 11 | - name: Symlink dory.yml into home directories 12 | file: 13 | src: /etc/dory.yml 14 | dest: '{{ item }}' 15 | owner: vagrant 16 | group: vagrant 17 | state: link 18 | with_items: 19 | - /root/.dory.yml 20 | - /home/vagrant/.dory.yml 21 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker-dory/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install dory 4 | gem: 5 | name: '{{ item }}' 6 | state: latest 7 | user_install: no 8 | with_items: 9 | - dory 10 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker-dory/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include: install.yml 4 | tags: 5 | - bootstrap 6 | 7 | - include: configuration.yml 8 | tags: 9 | - bootstrap 10 | 11 | - include: startup.yml 12 | tags: 13 | - maintenance 14 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker-dory/tasks/startup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Start dory 4 | command: 'dory up' 5 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker-dory/templates/dory.yml.j2: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | dory: 4 | # Be careful if you change the settings of some of 5 | # these services. They may not talk to each other 6 | # if you change IP Addresses. 7 | # For example, resolv expects a nameserver listening at 8 | # the specified address. dnsmasq normally does this, 9 | # but if you disable dnsmasq, it 10 | # will make your system look for a name server that 11 | # doesn't exist. 12 | dnsmasq: 13 | enabled: false 14 | domains: # array of domains that will be resolved to the specified address 15 | - domain: docker # you can set '#' for a wilcard 16 | address: {{ VM.network.private.address }} # return for queries against the domain 17 | - domain: dev 18 | address: {{ VM.network.private.address }} 19 | - domain: vm 20 | address: {{ VM.network.private.address }} 21 | container_name: dory_dnsmasq 22 | port: 53 # port to listen for dns requests on. must be 53 on linux. can be anything that's open on macos 23 | nginx_proxy: 24 | enabled: true 25 | container_name: dory_dinghy_http_proxy 26 | https_enabled: true 27 | ssl_certs_dir: '' # leave as empty string to use default certs 28 | resolv: 29 | enabled: true 30 | nameserver: 127.0.0.1 31 | port: 53 # port where the nameserver listens. On linux it must be 53 32 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Reload AppArmor 4 | command: 'service apparmor reload' 5 | 6 | - name: Restart Docker 7 | command: '{{ item }}' 8 | with_items: 9 | - systemctl daemon-reload 10 | - systemctl enable docker 11 | - systemctl restart docker 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy docker.service (template) 4 | template: 5 | src: templates/docker.service.j2 6 | dest: /etc/systemd/system/docker.service 7 | owner: vagrant 8 | group: root 9 | mode: 0775 10 | notify: 11 | - Restart Docker 12 | 13 | - name: Install docker-compose 14 | pip: 15 | name: docker-compose 16 | state: latest 17 | 18 | ############################# 19 | # Apparmor profile 20 | ############################# 21 | 22 | - name: Fix AppArmor profile 23 | lineinfile: 24 | dest: '/etc/apparmor.d/docker' 25 | insertafter: '[\s]*capability' 26 | line: ' ptrace peer=docker-default,' 27 | state: present 28 | ignore_errors: True 29 | notify: 30 | - Reload AppArmor 31 | 32 | ############################# 33 | # User 34 | ############################# 35 | 36 | - name: Add vagrant to docker group 37 | user: 38 | name: 'vagrant' 39 | groups: 'docker' 40 | append: yes 41 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker/tasks/image-loader.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Download and update docker images 4 | command: "docker pull {{ item }}" 5 | with_items: "{{ DOCKER.images }}" 6 | ignore_errors: yes 7 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install docker requirements 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - curl 9 | - aufs-tools 10 | - apt-transport-https 11 | 12 | - name: Uninstall old Docker versions 13 | apt: 14 | name: "{{ item }}" 15 | state: absent 16 | with_items: 17 | - docker 18 | - docker-engine 19 | - docker.io 20 | 21 | - name: Add Docker repository key 22 | apt_key: 23 | id: "9DC858229FC7DD38854AE2D88D81803C0EBFCD88" 24 | keyserver: "https://download.docker.com/linux/ubuntu/gpg" 25 | state: present 26 | register: add_repository_key 27 | ignore_errors: true 28 | 29 | - name: Alternative | Add Docker repository key 30 | shell: "curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -" 31 | when: add_repository_key|failed 32 | 33 | - name: Add Docker repository 34 | apt_repository: 35 | repo: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_lsb.id|lower }} {{ ansible_lsb.codename|lower }} stable" 36 | update_cache: yes 37 | state: present 38 | 39 | - name: Install Docker CE 40 | apt: 41 | pkg: '{{ item }}' 42 | state: latest 43 | with_items: 44 | - docker-ce 45 | 46 | - name: Deploy docker.service (template) 47 | template: 48 | src: templates/docker.service.j2 49 | dest: /etc/systemd/system/docker.service 50 | owner: vagrant 51 | group: root 52 | mode: 0775 53 | 54 | - name: Restart Docker 55 | command: '{{ item }}' 56 | with_items: 57 | - systemctl daemon-reload 58 | - systemctl enable docker 59 | - systemctl restart docker 60 | 61 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include: install.yml 4 | tags: 5 | - bootstrap 6 | 7 | - include: configuration.yml 8 | tags: 9 | - bootstrap 10 | 11 | - include: maintenance.yml 12 | tags: 13 | - bootstrap 14 | 15 | - include: image-loader.yml 16 | tags: 17 | - bootstrap 18 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker/tasks/maintenance.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Cleanup old orphaned docker images 4 | shell: 'docker system prune -f' 5 | when: DOCKER.cleanup.system is defined and DOCKER.cleanup.system 6 | ignore_errors: yes 7 | 8 | - name: Cleanup old temp builds 9 | file: 10 | path: "{{ item }}" 11 | state: absent 12 | with_fileglob: 13 | - /var/lib/docker/tmp/* 14 | when: DOCKER.cleanup.tmp is defined and DOCKER.cleanup.tmp 15 | ignore_errors: yes 16 | -------------------------------------------------------------------------------- /provision/ansible/roles/docker/templates/docker.service.j2: -------------------------------------------------------------------------------- 1 | [Service] 2 | ExecStart= 3 | ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://{{ VM.network.private.address }}:2375 {{ DOCKER.opts }} 4 | -------------------------------------------------------------------------------- /provision/ansible/roles/finalize/tasks/cleanup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Cleanup apt 4 | command: apt-get clean -y 5 | 6 | - name: Cleanup apt 7 | command: apt-get autoclean -y 8 | -------------------------------------------------------------------------------- /provision/ansible/roles/finalize/tasks/fix-permissions.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Fix filesystem rights 4 | file: 5 | path: '{{ item.path }}' 6 | state: directory 7 | mode: '{{ item.mode }}' 8 | owner: 'vagrant' 9 | group: 'vagrant' 10 | recurse: '{{ item.recurse }}' 11 | with_items: 12 | - { path: '/home/vagrant', recurse: 'no', mode: '0755' } 13 | - { path: '/home/vagrant/.config/', recurse: 'yes', mode: '0775' } 14 | - { path: '/home/vagrant/.ssh/', recurse: 'no', mode: '0700' } 15 | - { path: '/home/vagrant/.ssh/.ssh/authorized_keys', recurse: 'no', mode: '0600' } 16 | - { path: '/home/vagrant/.ssh/.ssh/known_hosts', recurse: 'no', mode: '0644' } 17 | - { path: '/home/vagrant/.ssh/.ssh/id_rsa', recurse: 'no', mode: '0600' } 18 | - { path: '/home/vagrant/.ssh/.ssh/id_rsa.pub', recurse: 'no', mode: '0644' } 19 | - { path: '/home/vagrant/tmp/', recurse: 'no', mode: '0775' } 20 | - { path: '/usr/local/bin/', recurse: 'yes', mode: '0775' } 21 | 22 | -------------------------------------------------------------------------------- /provision/ansible/roles/finalize/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Fix permissions 4 | include: fix-permissions.yml 5 | tags: 6 | - bootstrap 7 | - maintenance 8 | 9 | - name: Cleanup 10 | include: cleanup.yml 11 | tags: 12 | - bootstrap 13 | 14 | - name: Udev cleanup 15 | include: udev.yml 16 | tags: 17 | - bootstrap 18 | - maintenance 19 | 20 | #- name: Maintain vmtools 21 | # include: vmtools.yml 22 | # tags: 23 | # - bootstrap 24 | # - maintenance 25 | 26 | -------------------------------------------------------------------------------- /provision/ansible/roles/finalize/tasks/udev.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Remove 70-persistent-net.rules 4 | file: 5 | path: /etc/udev/rules.d/70-persistent-net.rules 6 | state: absent 7 | 8 | - name: Autoremove persistent net rules 9 | lineinfile: 10 | destfile: /etc/rc.local 11 | insertbefore: '^exit 0' 12 | line: 'rm -f /etc/udev/rules.d/70-persistent-net.rules > /dev/null' 13 | state: present 14 | -------------------------------------------------------------------------------- /provision/ansible/roles/finalize/tasks/vmtools.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Enable automatic vmware module update 4 | command: 'echo "answer AUTO_KMODS_ENABLED yes" | sudo tee -a /etc/vmware-tools/locations' 5 | ignore_errors: True 6 | 7 | - name: Stop vmware tools 8 | command: 'service vmware-tools stop' 9 | ignore_errors: True 10 | 11 | - name: Update vmware module 12 | command: '/usr/bin/vmware-config-tools.pl -d' 13 | ignore_errors: True 14 | 15 | - name: Restart vmware tools 16 | command: 'service vmware-tools restart' 17 | ignore_errors: True 18 | -------------------------------------------------------------------------------- /provision/ansible/roles/firewall/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Restart Docker 4 | command: 'service docker restart' 5 | -------------------------------------------------------------------------------- /provision/ansible/roles/firewall/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy firewall (template) 4 | template: 5 | src: roles/firewall/templates/firewall-vm 6 | dest: /etc/init.d/firewall-vm 7 | owner: vagrant 8 | group: root 9 | mode: 0775 10 | notify: 11 | - Restart Docker 12 | 13 | - name: Start firewall 14 | command: 'service firewall-vm restart' 15 | -------------------------------------------------------------------------------- /provision/ansible/roles/firewall/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy firewall (template) 4 | template: 5 | src: roles/firewall/templates/firewall-vm 6 | dest: /etc/init.d/firewall-vm 7 | owner: vagrant 8 | group: root 9 | mode: 0775 10 | 11 | - name: Enable firewall in runlevels 12 | command: 'update-rc.d firewall-vm defaults' 13 | 14 | - name: Start firewall 15 | command: 'service firewall-vm restart' 16 | -------------------------------------------------------------------------------- /provision/ansible/roles/firewall/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install firewall 4 | include: install.yml 5 | tags: 6 | - bootstrap 7 | 8 | - name: Configure firewall 9 | include: configuration.yml 10 | tags: 11 | - maintenance 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/firewall/templates/firewall-vm: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ### BEGIN INIT INFO 3 | # Provides: firewall 4 | # Required-Start: $local_fs 5 | # Required-Stop: $local_fs 6 | # Default-Start: 2 3 4 5 7 | # Default-Stop: 0 1 6 8 | # X-Interactive: true 9 | # Short-Description: Start/stop firewall-vm 10 | ### END INIT INFO 11 | 12 | IPTABLES='/sbin/iptables' 13 | FIREWALL_INFOMSG=1 14 | 15 | DEFAULT_GW_IP="$(/sbin/ip route | awk '/default/ { print $3 }')" 16 | 17 | ################################################# 18 | ### Function firewall_ruleset_standard 19 | function firewall_ruleset_standard() { 20 | # reset bridge-rules 21 | $IPTABLES -F bridge-rules 22 | $IPTABLES -X bridge-rules 23 | $IPTABLES -N bridge-rules 24 | 25 | # reset reject-rules 26 | $IPTABLES -F reject-rules 27 | $IPTABLES -X reject-rules 28 | $IPTABLES -N reject-rules 29 | 30 | 31 | ## default policy rules 32 | firewall_infomsg "[CHAIN:DEFAULT] reject-rules" 33 | $IPTABLES -A reject-rules -p tcp -j REJECT --reject-with tcp-reset 34 | $IPTABLES -A reject-rules -p udp -j REJECT --reject-with icmp-port-unreachable 35 | $IPTABLES -A reject-rules -j REJECT --reject-with icmp-port-unreachable 36 | 37 | {% if PROVISION.mail %} 38 | 39 | ######################### 40 | # Mail sandbox 41 | ######################### 42 | 43 | ## redirect all smtp traffic to internal server 44 | firewall_infomsg "[CHAIN:ROUTING] main sandbox" 45 | $IPTABLES -t nat -A OUTPUT -p tcp --dport 25 -j DNAT --to-destination 127.0.0.1:25 46 | $IPTABLES -t nat -A OUTPUT -p tcp --dport 587 -j DNAT --to-destination 127.0.0.1:25 47 | 48 | $IPTABLES -t nat -I PREROUTING 1 -p tcp --dport 25 -j DNAT --to-destination "127.0.0.1" 49 | $IPTABLES -t nat -I POSTROUTING 1 -p tcp -d "127.0.0.1" --dport 25 -j MASQUERADE 50 | 51 | $IPTABLES -t nat -I PREROUTING 1 -p tcp --dport 587 -j DNAT --to-destination "127.0.0.1:25" 52 | $IPTABLES -t nat -I POSTROUTING 1 -p tcp -d "127.0.0.1" --dport 587 -j MASQUERADE 53 | 54 | {% endif %} 55 | 56 | 57 | {% if FIREWALL is defined and FIREWALL.rules is defined %} 58 | firewall_infomsg "[CHAIN:FIREWALL.rules] Firewall rules" 59 | $IPTABLES -N "FIREWALL.rules" || true 60 | $IPTABLES -F "FIREWALL.rules" 61 | 62 | ## allow local connections 63 | $IPTABLES -A "FIREWALL.rules" --source "127.0.0.1/8" -j ACCEPT 64 | $IPTABLES -A "FIREWALL.rules" --destination "127.0.0.1/8" -j ACCEPT 65 | 66 | ## allow vagrant connection 67 | $IPTABLES -A "FIREWALL.rules" --source "${DEFAULT_GW_IP}/24" -j ACCEPT 68 | 69 | ## allow private network 70 | $IPTABLES -A "FIREWALL.rules" --source "{{VM.network.private.netmask}}" -j ACCEPT 71 | 72 | ## allow ssh 73 | $IPTABLES -A "FIREWALL.rules" --protocol tcp --dport 22 --source 10.0.0.0/8 -j ACCEPT 74 | $IPTABLES -A "FIREWALL.rules" --protocol tcp --dport 22 --source 172.16.0.0/12 -j ACCEPT 75 | $IPTABLES -A "FIREWALL.rules" --protocol tcp --dport 22 --source 192.168.56.0/16 -j ACCEPT 76 | 77 | ## allow related (active) connections 78 | $IPTABLES -A "FIREWALL.rules" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT 79 | 80 | ## custom rules 81 | {% for rule in FIREWALL.rules %} 82 | {% if rule.port is defined and rule.port %} 83 | $IPTABLES -A "FIREWALL.rules" \ 84 | --protocol "{{ rule.protocol }}" \ 85 | --dport "{{ rule.port }}" \ 86 | {% if rule.source is defined %}--source "{{ rule.source }}" {% endif %} -j ACCEPT 87 | {% endif %} 88 | {% endfor %} 89 | # reject all other traffic 90 | $IPTABLES -A "FIREWALL.rules" -j reject-rules 91 | 92 | $IPTABLES -A INPUT -j "FIREWALL.rules" 93 | {% endif %} 94 | 95 | } 96 | 97 | ################################################# 98 | ### Function firewall_ruleset_clear 99 | function firewall_ruleset_clear() { 100 | ################################### 101 | ## Clearing chains 102 | ################################### 103 | $IPTABLES -F INPUT 104 | $IPTABLES -F OUTPUT 105 | 106 | #$IPTABLES -t nat -F 107 | #$IPTABLES -X 108 | 109 | ################################### 110 | ## Policy 111 | ################################### 112 | $IPTABLES -P FORWARD ACCEPT 113 | $IPTABLES -P INPUT ACCEPT 114 | $IPTABLES -P OUTPUT ACCEPT 115 | } 116 | 117 | function noop() { 118 | return 119 | } 120 | 121 | ################################################# 122 | ### Function firewall_infomsg 123 | function firewall_infomsg() { 124 | if [ "$FIREWALL_INFOMSG" -eq "1" ]; then 125 | echo " * $*" 126 | fi; 127 | } 128 | 129 | ############################################################################### 130 | start() { 131 | echo "Starting firewall: setting ruleset" 132 | firewall_ruleset_clear 133 | firewall_ruleset_standard 134 | } 135 | 136 | ############################################################################### 137 | # ACTION: STOP 138 | stop() { 139 | echo "Stopping firewall: flushing ruleset" 140 | firewall_ruleset_clear 141 | } 142 | 143 | ############################################################################### 144 | # ACTION: SHOWSTATUS 145 | showstatus() { 146 | echo "Status" 147 | $IPTABLES -L -n -v --line-numbers 148 | echo "" 149 | echo "" 150 | echo "" 151 | echo "NAT status" 152 | $IPTABLES -L -n -v --line-numbers -t nat 153 | } 154 | 155 | ############################################################################### 156 | # ACTION: RESTART 157 | restart() { 158 | stop 159 | start 160 | } 161 | 162 | 163 | ############################################################################### 164 | # ACTION: SHOWOPTIONS 165 | showoptions() { 166 | echo "Usage: $0 {start|stop|restart|showstatus}" 167 | echo "start) will restore setting if exists else force rules" 168 | echo "stop) delete all rules and set all to accept" 169 | echo "rules) force settings of new rules" 170 | echo "showstatus) Shows the status" 171 | } 172 | 173 | case $1 in 174 | start) 175 | start 176 | ;; 177 | stop) 178 | stop 179 | ;; 180 | restart) 181 | restart 182 | ;; 183 | status) 184 | showstatus 185 | ;; 186 | esac 187 | ## EOF ## EOF ## EOF ## EOF ## EOF ## EOF ## EOF ## EOF ## EOF ## EOF ## EOF ## 188 | -------------------------------------------------------------------------------- /provision/ansible/roles/mail/files/dovecot/local.conf: -------------------------------------------------------------------------------- 1 | disable_plaintext_auth = no 2 | auth_mechanisms = plain login 3 | 4 | mail_location = maildir:~/.mail 5 | -------------------------------------------------------------------------------- /provision/ansible/roles/mail/files/postfix/additional_headers: -------------------------------------------------------------------------------- 1 | /^Subject:/i PREPEND X-DEVELOPMENT: VM -------------------------------------------------------------------------------- /provision/ansible/roles/mail/files/postfix/recipient_canonical_maps: -------------------------------------------------------------------------------- 1 | /^.*$/ vagrant@localhost 2 | -------------------------------------------------------------------------------- /provision/ansible/roles/mail/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Restart dovecot 4 | raw: '{{ item }}' 5 | with_items: 6 | - service dovecot restart 7 | 8 | - name: Restart postfix 9 | command: '{{ item }}' 10 | with_items: 11 | - postmap /etc/postfix/recipient_canonical_maps 12 | - postmap /etc/postfix/additional_headers 13 | - service postfix restart 14 | -------------------------------------------------------------------------------- /provision/ansible/roles/mail/tasks/dovecot/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy dovecot configuration 4 | synchronize: 5 | rsync_path: "sudo rsync" 6 | src: roles/mail/files/dovecot/ 7 | dest: /etc/dovecot/ 8 | delete: no 9 | 10 | - name: Dovecot configuration 11 | lineinfile: 12 | dest: /etc/dovecot/local.conf 13 | regexp: '^[\s#]*{{ item.variable }}[\s]*=' 14 | line: '{{ item.variable }}={{ item.value }}' 15 | with_items: 16 | - { variable: 'listen', value: '127.0.0.1 {{ VM.network.private.address }}' } 17 | notify: 18 | - Restart dovecot 19 | -------------------------------------------------------------------------------- /provision/ansible/roles/mail/tasks/dovecot/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install dovecot 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - dovecot-core 9 | - dovecot-imapd 10 | -------------------------------------------------------------------------------- /provision/ansible/roles/mail/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install postfix 4 | include: postfix/install.yml 5 | tags: 6 | - bootstrap 7 | 8 | - name: Configure postfix 9 | include: postfix/configuration.yml 10 | tags: 11 | - bootstrap 12 | 13 | - name: Init postfix 14 | include: postfix/init.yml 15 | tags: 16 | - bootstrap 17 | 18 | - name: Install dovecot 19 | include: dovecot/install.yml 20 | tags: 21 | - bootstrap 22 | 23 | - name: Configure dovecot 24 | include: dovecot/configuration.yml 25 | tags: 26 | - bootstrap 27 | -------------------------------------------------------------------------------- /provision/ansible/roles/mail/tasks/postfix/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy postfix configuration 4 | synchronize: 5 | rsync_path: "sudo rsync" 6 | src: roles/mail/files/postfix/ 7 | dest: /etc/postfix/ 8 | delete: no 9 | notify: 10 | - Restart postfix 11 | 12 | - name: Postfix configuration 13 | lineinfile: 14 | dest: /etc/postfix/main.cf 15 | regexp: '^[\s#]*{{ item.variable }}[\s]*=' 16 | line: '{{ item.variable }}={{ item.value }}' 17 | with_items: 18 | - { variable: 'smtpd_banner', value: '$myhostname ESMTP DEV-VM (Mail Sandbox)' } 19 | - { variable: 'inet_interfaces', value: '127.0.0.1,{{ VM.network.private.address }}' } 20 | - { variable: 'header_checks', value: 'regexp:/etc/postfix/additional_headers' } 21 | - { variable: 'recipient_canonical_maps', value: 'regexp:/etc/postfix/recipient_canonical_maps' } 22 | - { variable: 'home_mailbox', value: '.mail/' } 23 | - { variable: 'mynetworks', value: '127.0.0.0/8 168.100.189.0/28 [::1]/128 [fe80::]/10 [2001:240:587::]/64 10.0.0.0/8 172.16.0.0/12 192.168.0.0/24 {{ VM.network.private.address }} {{ VM.network.private.netmask }}' } 24 | - { variable: 'message_size_limit', value: '102400000' } 25 | - { variable: 'header_checks', value: 'regexp:/etc/postfix/additional_headers' } 26 | notify: 27 | - Restart postfix 28 | 29 | - name: Create /etc/mailname 30 | raw: 'hostname > /etc/mailname' 31 | args: 32 | creates: '/etc/mailname' 33 | 34 | 35 | -------------------------------------------------------------------------------- /provision/ansible/roles/mail/tasks/postfix/init.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Restart postfix 4 | command: '{{ item }}' 5 | with_items: 6 | - postmap /etc/postfix/recipient_canonical_maps 7 | - postmap /etc/postfix/additional_headers 8 | - service postfix restart 9 | 10 | - local_action: mail 11 | host='127.0.0.1' 12 | port=25 13 | subject="Welcome to DEVELOPMENT-VM" 14 | body="This is just a testmail :-)" 15 | from="vagrant@localhost (DEVELOPMENT-VM)" 16 | to="vagrant@localhost" 17 | charset=utf8 18 | -------------------------------------------------------------------------------- /provision/ansible/roles/mail/tasks/postfix/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install postfix 4 | action: apt pkg='{{ item }}' state=latest 5 | with_items: 6 | - postfix 7 | - bsd-mailx 8 | -------------------------------------------------------------------------------- /provision/ansible/roles/manpages/files/reinstall-manpages.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | export DEBIAN_FRONTEND="noninteractive" 4 | 5 | PACKAGE_LIST="" 6 | 7 | # Build list of packages with missing manpages 8 | for p in $(dpkg-query -f '${Package} ' -W); do 9 | while read file; do 10 | if [[ "$file" == '/usr/share/man/'* ]] && [[ ! -e "$file" ]]; then 11 | #apt-get install --reinstall -- "$p" 12 | PACKAGE_LIST="$PACKAGE_LIST $p" 13 | break 14 | fi 15 | done <<< "$(dpkg -L "$p" | grep '^/')" 16 | done 17 | 18 | # Reinstall packages 19 | if [[ -n "$PACKAGE_LIST" ]]; then 20 | PACKAGE_LIST=$(echo "$PACKAGE_LIST" | sort | uniq) 21 | echo "$PACKAGE_LIST" | xargs apt-get -q -y install --reinstall -- 22 | apt-get clean 23 | fi 24 | -------------------------------------------------------------------------------- /provision/ansible/roles/manpages/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy reinstall manages script 4 | copy: 5 | src: files/reinstall-manpages.sh 6 | dest: /tmp/.reinstall-manpages.sh 7 | owner: root 8 | group: root 9 | mode: 0700 10 | tags: 11 | - bootstrap 12 | 13 | - name: Reinstall manpages 14 | shell: bash /tmp/.reinstall-manpages.sh 15 | tags: 16 | - bootstrap 17 | 18 | - name: Remove reinstall manages script 19 | file: 20 | path: "/tmp/.reinstall-manpages.sh" 21 | state: absent 22 | tags: 23 | - bootstrap 24 | 25 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/files/monit.d/chronyd.conf: -------------------------------------------------------------------------------- 1 | check process chronyd with pidfile /var/run/chronyd.pid 2 | start "/usr/sbin/service chrony start" 3 | stop "/usr/sbin/service chrony stop" 4 | depends on chronyd_bin 5 | 6 | check file chronyd_bin with path /usr/sbin/chronyd 7 | if failed permission 755 then unmonitor 8 | 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/files/monit.d/cron.conf: -------------------------------------------------------------------------------- 1 | check process cron with pidfile /var/run/crond.pid 2 | start "/usr/sbin/service cron start" 3 | stop "/usr/sbin/service cron stop" 4 | depends on cron_bin 5 | 6 | check file cron_bin with path /usr/sbin/cron 7 | if failed permission 755 then unmonitor 8 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/files/monit.d/docker.conf: -------------------------------------------------------------------------------- 1 | check process docker with pidfile /var/run/docker.pid 2 | start "/usr/sbin/service docker start" 3 | stop "/usr/sbin/service docker stop" 4 | if failed unixsocket /var/run/docker.sock then restart 5 | depends on docker_bin 6 | 7 | check file docker_bin with path /usr/bin/docker 8 | if failed permission 755 then unmonitor 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/files/monit.d/dovecot.conf: -------------------------------------------------------------------------------- 1 | check process dovecot with pidfile /var/run/dovecot/master.pid 2 | start program = "/usr/sbin/service dovecot start" 3 | stop program = "/usr/sbin/service dovecot stop" 4 | depends on dovecot_bin 5 | 6 | check file dovecot_bin with path /usr/sbin/dovecot 7 | if failed permission 755 then unmonitor 8 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/files/monit.d/haveged.conf: -------------------------------------------------------------------------------- 1 | check process haveged with pidfile /var/run/haveged.pid 2 | start "/usr/sbin/service haveged start" 3 | stop "/usr/sbin/service haveged stop" 4 | depends on haveged_bin 5 | 6 | check file haveged_bin with path /usr/sbin/haveged 7 | if failed permission 755 then unmonitor 8 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/files/monit.d/incrond.conf: -------------------------------------------------------------------------------- 1 | check process incrond with pidfile /var/run/incrond.pid 2 | start "/usr/sbin/service incron start" 3 | stop "/usr/sbin/service incron stop" 4 | depends on incrond_bin 5 | 6 | check file incrond_bin with path /usr/sbin/incrond 7 | if failed permission 755 then unmonitor 8 | 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/files/monit.d/postfix.conf: -------------------------------------------------------------------------------- 1 | check process postfix with pidfile /var/spool/postfix/pid/master.pid 2 | start program = "/usr/sbin/service postfix start" 3 | stop program = "/usr/sbin/service postfix stop" 4 | if failed host localhost port 25 type tcp protocol smtp then restart 5 | depends on postfix_bin 6 | 7 | check file postfix_bin with path /usr/sbin/postfix 8 | if failed permission 755 then unmonitor 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Restart monit 4 | raw: '{{ item }}' 5 | with_items: 6 | - service monit restart 7 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Setup monitrc 4 | lineinfile: 5 | dest: /etc/monit/monitrc 6 | regexp: '^[\s]*{{ item.regexp }}' 7 | line: '{{ item.line }}' 8 | with_items: 9 | - { regexp: 'set daemon 120', line: 'set daemon 60 with start delay 240' } 10 | - { regexp: 'set mailserver', line: 'set mailserver localhost' } 11 | - { regexp: 'set alert', line: 'set alert monit@vm but not on { instance, pid }' } 12 | - { regexp: 'set httpd', line: 'set httpd port 2812 and allow admin:monit' } 13 | notify: 14 | - Restart monit 15 | 16 | 17 | - name: Deploy monit conf.d 18 | synchronize: 19 | rsync_path: "sudo rsync" 20 | src: roles/monit/files/monit.d/ 21 | dest: /etc/monit/conf.d/ 22 | delete: no 23 | notify: 24 | - Restart monit -------------------------------------------------------------------------------- /provision/ansible/roles/monit/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install monit 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - monit 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/monit/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install monit 4 | include: install.yml 5 | tags: 6 | - bootstrap 7 | 8 | - name: Configure monit 9 | include: configuration.yml 10 | tags: 11 | - bootstrap 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/ntp/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Remove old ntp packages 4 | apt: 5 | pkg: '{{ item }}' 6 | state: absent 7 | purge: yes 8 | with_items: 9 | - ntp 10 | - openntpd 11 | 12 | ## WORKAROUND: restart apparmor because of openntpd (if apparmor is available) 13 | - command: "service apparmor restart" 14 | ignore_errors: yes 15 | 16 | - name: Install chrony 17 | apt: 18 | pkg: '{{ item }}' 19 | state: present 20 | with_items: 21 | - chrony 22 | -------------------------------------------------------------------------------- /provision/ansible/roles/ntp/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install ntp (chrony) 4 | include: install.yml 5 | tags: 6 | - bootstrap 7 | -------------------------------------------------------------------------------- /provision/ansible/roles/php/files/mods-available/local-dev.ini: -------------------------------------------------------------------------------- 1 | [PHP] 2 | ; session settings (development only) 3 | session.gc_maxlifetime = 220000 4 | 5 | ; Error reporting (should be visible in dev env) 6 | display_errors = On 7 | display_startup_errors = On 8 | log_errors = On 9 | 10 | ; Zend OPCache 11 | opcache.enable = 1 12 | opcache.memory_consumption = 128 13 | opcache.interned_strings_buffer = 8 14 | opcache.max_accelerated_files = 4000 15 | opcache.fast_shutdown = 1 16 | opcache.enable_cli = 1 17 | 18 | ; Phar 19 | phar.readonly = Off -------------------------------------------------------------------------------- /provision/ansible/roles/php/files/mods-available/local-prod.ini: -------------------------------------------------------------------------------- 1 | [PHP] 2 | ; Allow short open tags 3 | short_open_tag = On 4 | 5 | ; Do not expose PHP as HTTP header 6 | expose_php = Off 7 | 8 | ; Ignore if connction is closed 9 | ignore_user_abort = On 10 | 11 | ; Variable order 12 | variables_order = "GPCS" 13 | 14 | ; _REQUEST without COOKIE (security issue) 15 | request_order = "GP" 16 | 17 | auto_globals_jit = Off 18 | 19 | ; fcgi error heaader 20 | fastcgi.error_header = "HTTP/1.0 500 Internal Server Error" 21 | 22 | ; Resource limits 23 | memory_limit = 1500M 24 | post_max_size = 100M 25 | upload_max_filesize = 100M 26 | max_execution_time = 300 27 | 28 | ; Adv. security 29 | allow_url_fopen = On 30 | allow_url_include = Off 31 | default_mimetype = "text/html" 32 | default_charset = "UTF-8" 33 | ;disable_functions = 34 | disable_classes = 35 | 36 | ; Error reporting (should not be visible in prod env) 37 | error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT 38 | display_errors = Off 39 | display_startup_errors = Off 40 | log_errors = On 41 | 42 | ; Sessions 43 | session.gc_divisor = 1000 44 | session.use_trans_sid = 0 45 | 46 | ; Debugging 47 | xdebug.max_nesting_level=1000 48 | 49 | 50 | [Date] 51 | date.timezone = "Europe/Berlin" 52 | 53 | 54 | [MySQL] 55 | ; do not allow persistent connections, they are bad 56 | mysql.allow_persistent = Off 57 | mysql.max_persistent = 0 58 | mysql.connect_timeout = 5 59 | mysql.default_host = localhost 60 | 61 | 62 | [MySQLi] 63 | ; do not allow persistent connections, they are bad 64 | mysqli.max_persistent = 0 65 | mysqli.allow_persistent = Off 66 | mysqli.default_host = localhost -------------------------------------------------------------------------------- /provision/ansible/roles/php/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy php configuration 4 | synchronize: 5 | rsync_path: "sudo rsync" 6 | src: roles/php/files/ 7 | dest: /etc/php/7.0/ 8 | delete: no 9 | 10 | - name: Enable php modules/configurations 11 | command: 'phpenmod {{ item }}' 12 | with_items: 13 | - local-prod 14 | - local-dev 15 | -------------------------------------------------------------------------------- /provision/ansible/roles/php/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install php 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | # PHP 9 | - php7.0-cli 10 | - php7.0-curl 11 | - php7.0-mysqlnd 12 | - php7.0-mcrypt 13 | - php7.0-gd 14 | - php7.0-xmlrpc 15 | - php7.0-xsl 16 | - php7.0-ldap 17 | - php7.0-imap 18 | - php7.0-mbstring 19 | - php-pear 20 | -------------------------------------------------------------------------------- /provision/ansible/roles/php/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install php 4 | include: install.yml 5 | tags: 6 | - bootstrap 7 | 8 | - name: Configure php 9 | include: configuration.yml 10 | tags: 11 | - bootstrap 12 | 13 | - name: Install phars 14 | include: phar.yml 15 | tags: 16 | - bootstrap 17 | -------------------------------------------------------------------------------- /provision/ansible/roles/php/tasks/phar.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: phar box 4 | include: phar/box.yml 5 | 6 | - name: phar composer 7 | include: phar/composer.yml 8 | 9 | - name: phar phpunit 10 | include: phar/phpunit.yml 11 | 12 | - name: phar phpdoc 13 | include: phar/phpdoc.yml 14 | -------------------------------------------------------------------------------- /provision/ansible/roles/php/tasks/phar/box.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install box (phar) 4 | raw: 'cd /usr/local/bin/ && curl -LSs http://box-project.org/installer.php | php' 5 | ignore_errors: True 6 | -------------------------------------------------------------------------------- /provision/ansible/roles/php/tasks/phar/composer.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install composer (phar) 4 | raw: 'curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer' 5 | ignore_errors: True 6 | -------------------------------------------------------------------------------- /provision/ansible/roles/php/tasks/phar/phpdoc.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install phpdoc (phar) 4 | get_url: url=http://phpdoc.org/phpDocumentor.phar dest=/usr/local/bin/phpdoc mode=0755 5 | ignore_errors: True 6 | 7 | -------------------------------------------------------------------------------- /provision/ansible/roles/php/tasks/phar/phpunit.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install phpunit (phar) 4 | get_url: url=https://phar.phpunit.de/phpunit.phar dest=/usr/local/bin/phpunit mode=0755 5 | ignore_errors: True 6 | -------------------------------------------------------------------------------- /provision/ansible/roles/repositories/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include: repository.yml 4 | tags: 5 | - bootstrap 6 | -------------------------------------------------------------------------------- /provision/ansible/roles/repositories/tasks/repository.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Enable partner repositories 4 | lineinfile: 5 | dest: /etc/apt/sources.list 6 | regexp: '{{ item.regexp }}' 7 | line: '{{ item.line }}' 8 | with_items: 9 | - { regexp: '#?[\s]*deb http://archive.canonical.com/ubuntu xenial partner', line: 'deb http://archive.canonical.com/ubuntu xenial partner' } 10 | - { regexp: '#?[\s]*deb-src http://archive.canonical.com/ubuntu xenial partner', line: 'deb-src http://archive.canonical.com/ubuntu xenial partner' } 11 | 12 | - raw: 'apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 16126D3A3E5C1192' 13 | 14 | - name: Add docker repository key 15 | apt_key: 16 | keyserver: hkp://keyserver.ubuntu.com:80 17 | id: 58118E89F3A912897C070ADBF76221572C52609D 18 | 19 | - name: Add docker repository 20 | apt_repository: 21 | repo: 'deb https://apt.dockerproject.org/repo ubuntu-xenial main' 22 | state: present 23 | update_cache: yes 24 | 25 | - name: Update system 26 | apt: 27 | update_cache: yes 28 | -------------------------------------------------------------------------------- /provision/ansible/roles/samba/files/smb.conf: -------------------------------------------------------------------------------- 1 | # 2 | # SAMBA Configuration DEVELOPMENT-VM 3 | # 4 | 5 | #======================= Global Settings ======================= 6 | 7 | [global] 8 | workgroup = DEVELOPMENT-VM 9 | server string = Development VM 10 | dns proxy = no 11 | unix extensions = no 12 | 13 | #### Networking #### 14 | interfaces = 127.0.0.0/8 eth1 15 | bind interfaces only = no 16 | 17 | #### Performance #### 18 | socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072 19 | strict allocate = Yes 20 | read raw = Yes 21 | write raw = Yes 22 | strict locking = No 23 | min receivefile size = 16384 24 | write cache size = 52428800 25 | min receivefile size = 131072 26 | large readwrite = yes 27 | use sendfile = true 28 | aio read size = 16384 29 | aio write size = 16384 30 | aio write behind = /*recycle*/ 31 | 32 | #### MacOS #### 33 | veto files = /._*/.DS_Store/ 34 | delete veto files = yes 35 | 36 | #### Debugging/Accounting #### 37 | log file = /var/log/samba/log.%m 38 | max log size = 1000 39 | syslog = 0 40 | panic action = /usr/share/samba/panic-action %d 41 | debug level = 1 42 | 43 | ####### Authentication ####### 44 | server role = standalone server 45 | passdb backend = tdbsam 46 | obey pam restrictions = yes 47 | unix password sync = yes 48 | passwd program = /usr/bin/passwd %u 49 | passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . 50 | pam password change = yes 51 | map to guest = bad user 52 | 53 | ############ Misc ############ 54 | usershare allow guests = yes 55 | 56 | #======================= Share Definitions ======================= 57 | 58 | [vagrant] 59 | path = /home/vagrant/ 60 | valid users = vagrant 61 | force user = vagrant 62 | force group = vagrant 63 | read only = no 64 | guest ok = no 65 | create mask = 0666 66 | directory mask = 0777 67 | follow symlinks = yes 68 | wide links = yes 69 | 70 | [projects] 71 | path = /mnt/data/projects/ 72 | valid users = vagrant 73 | force user = vagrant 74 | force group = vagrant 75 | read only = no 76 | guest ok = no 77 | create mask = 0666 78 | directory mask = 0777 79 | follow symlinks = yes 80 | wide links = yes 81 | 82 | [tmp] 83 | path = /tmp/ 84 | valid users = vagrant 85 | force user = vagrant 86 | force group = vagrant 87 | read only = no 88 | guest ok = no 89 | create mask = 0666 90 | directory mask = 0777 91 | follow symlinks = yes 92 | wide links = yes 93 | -------------------------------------------------------------------------------- /provision/ansible/roles/samba/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy samba configuration 4 | synchronize: 5 | rsync_path: "sudo rsync" 6 | src: roles/samba/files/ 7 | dest: /etc/samba/ 8 | delete: no 9 | 10 | - name: Creates code directory 11 | file: 12 | path: /mnt/code 13 | state: directory 14 | owner: vagrant 15 | group: vagrant 16 | mode: 0775 17 | 18 | - name: Init samba 19 | command: 'service {{ item }} restart' 20 | with_items: 21 | - nmbd 22 | - smbd 23 | -------------------------------------------------------------------------------- /provision/ansible/roles/samba/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install samba 4 | apt: 5 | pkg: '{{ item }}' 6 | state: present 7 | with_items: 8 | - samba 9 | 10 | - name: Init samba 11 | raw: '{{ item }}' 12 | with_items: 13 | - (echo vagrant; echo vagrant) | smbpasswd -s -a vagrant 14 | 15 | -------------------------------------------------------------------------------- /provision/ansible/roles/samba/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install samba 4 | include: install.yml 5 | tags: 6 | - bootstrap 7 | 8 | - name: Configure samba 9 | include: configuration.yml 10 | tags: 11 | - bootstrap 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/ssh/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Restart ssh 4 | command: service ssh restart 5 | -------------------------------------------------------------------------------- /provision/ansible/roles/ssh/tasks/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Hardening SSH 4 | lineinfile: 5 | destfile: /etc/ssh/sshd_config 6 | regexp: '^PermitRootLogin' 7 | line: 'PermitRootLogin without-password' 8 | state: present 9 | notify: 10 | - Restart ssh 11 | 12 | -------------------------------------------------------------------------------- /provision/ansible/roles/ssh/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure ssh 4 | include: configuration.yml 5 | tags: 6 | - bootstrap 7 | -------------------------------------------------------------------------------- /provision/ansible/roles/update/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Update system 4 | include: upgrade.yml 5 | tags: 6 | - bootstrap 7 | -------------------------------------------------------------------------------- /provision/ansible/roles/update/tasks/update.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Update system (apt-get update) 4 | apt: 5 | update_cache: yes 6 | 7 | - name: Safe update packages (apt-get safe-upgrade) 8 | apt: 9 | upgrade: safe 10 | 11 | -------------------------------------------------------------------------------- /provision/ansible/roles/update/tasks/upgrade.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Update system (apt-get update) ... will take some time 4 | apt: 5 | update_cache: yes 6 | 7 | - name: Upgrade system (apt-get dist-upgrade) ... will take some time 8 | apt: 9 | upgrade: dist 10 | 11 | - name: Update ruby gems 12 | command: 'gem update' 13 | ignore_errors: True 14 | when: PROVISION.gem is defined and PROVISION.gem|length > 0​ 15 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/github-ssh-key.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Fetch ssh key from github api 4 | authorized_key: 5 | user: vagrant 6 | key: 'https://github.com/{{ PROFILE.githubUser }}.keys' 7 | ignore_errors: True 8 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Setup ssh key (from github, authorized keys) 4 | include: github-ssh-key.yml 5 | when: PROFILE.githubUser is defined and PROFILE.githubUser != '' 6 | tags: 7 | - bootstrap 8 | 9 | - name: Generate ssh key 10 | include: ssh-key.yml 11 | tags: 12 | - bootstrap 13 | 14 | - include: shell/zsh-grml.yml 15 | when: PROFILE.zshShell is defined and PROFILE.zshShell == 'grml' 16 | tags: 17 | - bootstrap 18 | 19 | - include: shell/zsh-prezto.yml 20 | when: PROFILE.zshShell is defined and PROFILE.zshShell == 'prezto' 21 | tags: 22 | - bootstrap 23 | 24 | - include: shell/zsh-ohmyzsh.yml 25 | when: PROFILE.zshShell is defined and PROFILE.zshShell == 'ohmyzsh' 26 | tags: 27 | - bootstrap 28 | 29 | - name: Setup shell 30 | include: shell.yml 31 | tags: 32 | - bootstrap 33 | 34 | - name: Setup profile 35 | include: profile.yml 36 | tags: 37 | - bootstrap 38 | 39 | - name: Setup vcs (git) 40 | include: vcs.yml 41 | tags: 42 | - bootstrap 43 | 44 | - name: Install and configure rupa/z 45 | include: rupa-z.yml 46 | tags: 47 | - bootstrap 48 | 49 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/profile.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Deploy user files 4 | synchronize: 5 | rsync_path: "sudo rsync" 6 | src: /vagrant/home/ 7 | dest: /home/vagrant/ 8 | delete: no 9 | 10 | - name: Deploy additional aliases 11 | template: 12 | src: roles/user/templates/vagrant_aliases.sh.j2 13 | dest: /home/vagrant/.vagrant_aliases.sh 14 | owner: vagrant 15 | group: vagrant 16 | mode: 0774 17 | 18 | - name: Fix permissions 19 | file: 20 | path: '{{ item.path }}' 21 | state: '{{ item.state }}' 22 | owner: vagrant 23 | group: vagrant 24 | mode: '{{ item.mode }}' 25 | with_items: 26 | - { path: '/home/vagrant/', state : 'directory', mode: '0755' } 27 | - { path: '/home/vagrant/.ssh/', state : 'directory', mode: '0700' } 28 | - { path: '/home/vagrant/.ssh/config', state : 'file', mode: '0600' } 29 | - { path: '/home/vagrant/.ssh/authorized_keys', state : 'file', mode: '0600' } 30 | - { path: '/home/vagrant/.ssh/known_hosts', state : 'file', mode: '0644' } 31 | - { path: '/home/vagrant/.subversion/', state : 'directory', mode: '0700' } 32 | - { path: '/home/vagrant/.subversion/config', state : 'file', mode: '0600' } 33 | - { path: '/home/vagrant/.my.cnf', state : 'file', mode: '0600' } 34 | - { path: '/home/vagrant/.gitconfig', state : 'file', mode: '0644' } 35 | - { path: '/home/vagrant/.profile.local', state : 'file', mode: '0644' } 36 | ignore_errors: Yes 37 | 38 | - name: Make sure .profile.local exists 39 | file: 40 | path: '/home/vagrant/.profile.local' 41 | state: touch 42 | owner: vagrant 43 | group: vagrant 44 | mode: 0644 45 | 46 | - name: Register .profile.local 47 | lineinfile: 48 | dest: '{{ item.file }}' 49 | regexp: 'source ~/.profile.local' 50 | line: 'source ~/.profile.local' 51 | state: present 52 | with_items: 53 | - { file: '/home/vagrant/.zshrc' } 54 | - { file: '/home/vagrant/.bashrc' } 55 | 56 | - name: Register aliases 57 | lineinfile: 58 | dest: '{{ item.file }}' 59 | regexp: 'source ~/.vagrant_aliases.sh' 60 | line: 'source ~/.vagrant_aliases.sh' 61 | state: present 62 | with_items: 63 | - { file: '/home/vagrant/.zshrc' } 64 | - { file: '/home/vagrant/.bashrc' } 65 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/rupa-z.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install rupa/z 4 | command: 'wget {{ item.remote }} -O {{ item.path }}' 5 | with_items: 6 | - { remote: 'https://raw.githubusercontent.com/rupa/z/master/z.sh', path: '/usr/local/bin/z.sh' } 7 | args: 8 | creates: '/usr/local/bin/z.sh' 9 | 10 | - name: Fix rights 11 | file: 12 | path: '/usr/local/bin/z.sh' 13 | state: 'file' 14 | owner: vagrant 15 | group: vagrant 16 | mode: '0777' 17 | 18 | - name: Register rupa/z 19 | lineinfile: 20 | dest: '{{ item.file }}' 21 | regexp: 'source /usr/local/bin/z.sh' 22 | line: 'source /usr/local/bin/z.sh' 23 | state: present 24 | with_items: 25 | - { file: '/home/vagrant/.zshrc' } 26 | - { file: '/home/vagrant/.bashrc' } 27 | 28 | - name: Create rupa/z initial file 29 | file: 30 | path: '/home/vagrant/.z' 31 | state: 'touch' 32 | owner: vagrant 33 | group: vagrant 34 | mode: '0644' 35 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/shell.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Set shell 4 | command: 'chsh -s "{{ PROFILE.shell }}" vagrant' 5 | when: PROFILE.shell is defined 6 | 7 | - name: Set bash/zsh file perms 8 | file: 9 | path: '{{ item.path }}' 10 | owner: vagrant 11 | group: vagrant 12 | mode: 0644 13 | with_items: 14 | - { path: '/home/vagrant/.zshrc' } 15 | - { path: '/home/vagrant/.zshrc.local' } 16 | - { path: '/home/vagrant/.bashrc' } 17 | ignore_errors: True 18 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/shell/zsh-grml.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Fetch zshrc 4 | command: 'wget {{ item.remote }} -O {{ item.path }}' 5 | with_items: 6 | - { remote: 'http://git.grml.org/f/grml-etc-core/etc/zsh/zshrc', path: '/home/vagrant/.zshrc' } 7 | args: 8 | creates: '/home/vagrant/.zshrc' 9 | 10 | - name: Fetch zshrc.local 11 | command: 'wget {{ item.remote }} -O {{ item.path }}' 12 | with_items: 13 | - { remote: 'http://git.grml.org/f/grml-etc-core/etc/skel/.zshrc', path: '/home/vagrant/.zshrc.local' } 14 | args: 15 | creates: '/home/vagrant/.zshrc.local' 16 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/shell/zsh-ohmyzsh.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: zsh - git repo for oh-my-zsh fork 4 | git: 5 | repo: https://github.com/robbyrussell/oh-my-zsh.git 6 | dest: /home/vagrant/.oh-my-zsh 7 | ignore_errors: True 8 | 9 | - name: Creating new /home/vagrant/.zshrc 10 | action: 'shell cp /home/vagrant/.oh-my-zsh/templates/zshrc.zsh-template /home/vagrant/.zshrc' 11 | args: 12 | creates: '/home/vagrant/.zshrc' 13 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/shell/zsh-prezto.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: zsh - git repo for prezto fork 4 | git: 5 | repo: https://github.com/sorin-ionescu/prezto.git 6 | dest: /home/vagrant/.zprezto 7 | ignore_errors: True 8 | 9 | - name: zsh - link in prezto files 10 | file: 11 | state: link 12 | src: /home/vagrant/.zprezto/runcoms/{{ item }} 13 | path: /home/vagrant/.{{ item }} 14 | force: yes 15 | with_items: 16 | - zlogin 17 | - zlogout 18 | - zprofile 19 | - zshenv 20 | - zshrc 21 | - zpreztorc 22 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/ssh-key.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Generate ssh key 4 | user: 5 | name: vagrant 6 | generate_ssh_key: yes 7 | ssh_key_bits: 4096 8 | ssh_key_file: .ssh/id_rsa 9 | ssh_key_comment: '{{ PROFILE.email }}' 10 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/tasks/vcs.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Setup gitconfig 4 | lineinfile: 5 | dest: '/home/vagrant/.gitconfig' 6 | regexp: '{{ item.regexp }}' 7 | line: '{{ item.line }}' 8 | with_items: 9 | - { regexp: '^[\s]*#?[\s]*name = REALNAME', line : ' name = {{ PROFILE.realname }}' } 10 | - { regexp: '^[\s]*#?[\s]*email = USERNAME', line : ' email = {{ PROFILE.email }}' } 11 | -------------------------------------------------------------------------------- /provision/ansible/roles/user/templates/vagrant_aliases.sh.j2: -------------------------------------------------------------------------------- 1 | {% if PROVISION.clitools %} 2 | ####################################### 3 | # CliTools aliases 4 | 5 | # Shortcut for docker-compose (autosearch docker-compose.yml in up-dir, you don't have to be in directory with docker-compose.yml) 6 | alias dcc='docker-compose' 7 | alias dc='docker-compose' 8 | 9 | # Startup docker-container 10 | alias dccup='ct docker:up' 11 | # Startup docker-container and shutdown previous one (> v2.1.5) 12 | alias dccswitch='ct docker:up --switch' 13 | # Stop docker-container 14 | alias dccstop='ct docker:compose stop' 15 | 16 | # Enter main docker container (as CLI_USER if available - if not specified then root is used) 17 | alias dcshell='ct docker:shell' 18 | alias dcsh='ct docker:shell' 19 | 20 | # Enter main docker container (as root) 21 | alias dcroot='ct docker:root' 22 | 23 | # Execute predefined cli in docker container 24 | alias dccrun='ct docker:cli' 25 | 26 | # Run command 27 | alias dcexec='ct docker:exec' 28 | 29 | # Execute mysql client in docker container 30 | alias dcsql='ct docker:mysql' 31 | alias dcmysql='ct docker:mysql' 32 | 33 | # General shortcuts (with up-dir tree searching) 34 | alias composer='ct php:composer' 35 | alias make='ct make' 36 | {% endif %} 37 | 38 | 39 | ####################################### 40 | # Docker aliases 41 | 42 | # Cleanup old unused images (safe remove) 43 | alias docker-clean='docker images | grep "" | awk "{print \$3}" | xargs --no-run-if-empty docker rmi -f' 44 | 45 | ####################################### 46 | # General aliases 47 | 48 | # ls 49 | alias l='ls -la' 50 | 51 | # show server headers 52 | alias wgets='wget --spider --server-response' 53 | 54 | # show my internet ip 55 | alias myip="curl http://ipecho.net/plain; echo" 56 | 57 | # less defaults 58 | alias less='less -FSRX' 59 | 60 | # workaround cd.. 61 | alias cd..='cd ..' 62 | 63 | # alias for ack 64 | alias ack='ack-grep' 65 | alias todos="ack-grep --nogroup '(TODO|FIX(ME)?):'" 66 | 67 | # find biggest files 68 | alias diskspace="du -S | sort -n -r |less" 69 | 70 | # color grep 71 | alias grep='grep --color=auto' 72 | alias egrep='egrep --color=auto' 73 | alias fgrep='fgrep --color=auto' 74 | 75 | # start bc with mathlib 76 | alias bc='bc -l' 77 | 78 | # generate sha1 digest 79 | alias sha1='openssl sha1' 80 | 81 | # pretty mount 82 | alias mount='mount |column -t' 83 | 84 | # get current unixtime 85 | alias unixtime='date +"%s"' 86 | 87 | # show all open ports 88 | alias ports='netstat -tulanp' 89 | 90 | # get web server headers # 91 | alias header='curl -I' 92 | 93 | # find out if remote server supports gzip / mod_deflate or not # 94 | alias headerc='curl -I --compress' 95 | 96 | # reboot / halt / poweroff 97 | alias reboot='echo [ERROR] Reboot this machine with vagrant!' 98 | alias poweroff='sudo -H /sbin/poweroff' 99 | alias halt='sudo -H /sbin/shutdown -h now' 100 | alias shutdown='sudo -H /sbin/shutdown' 101 | 102 | # auto sudo 103 | alias apt-get='sudo -H apt-get' 104 | alias apt-cache='sudo -H apt-cache' 105 | alias dpkg='sudo -H dpkg' 106 | alias htop='sudo -H htop' 107 | alias iotop='sudo -H iotop' 108 | alias iftop='sudo -H iftop' 109 | alias service='sudo -H service' 110 | alias systemctl='sudo -H systemctl' 111 | alias strace='sudo -H strace' 112 | alias netstat='sudo -H netstat' 113 | alias monit='sudo -H monit' 114 | 115 | # Git related 116 | alias gs='git status' 117 | alias gc='git commit' 118 | alias ga='git add' 119 | alias gd='git diff' 120 | 121 | 122 | -------------------------------------------------------------------------------- /provision/ansible/roles/vm-vmware/tasks/guest-tools.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Setup automatic startup maintenance (clitools) 4 | lineinfile: 5 | destfile: /etc/rc.local 6 | insertbefore: '^exit 0' 7 | line: 'vmware-config-tools.pl -d > /dev/null' 8 | state: present 9 | -------------------------------------------------------------------------------- /provision/ansible/roles/vm-vmware/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Setup auto rebuild vmware guest tools 4 | include: guest-tools.yml 5 | tags: 6 | - bootstrap 7 | -------------------------------------------------------------------------------- /provision/bootstrap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -o pipefail # trace ERR through pipes 4 | set -o errtrace # trace ERR through 'time command' and other functions 5 | set -o nounset ## set -u : exit the script if you try to use an uninitialised variable 6 | set -o errexit ## set -e : exit the script if any statement returns a non-true return value 7 | 8 | export DEBIAN_FRONTEND="noninteractive" 9 | export PYTHONUNBUFFERED=1 10 | 11 | SCRIPT_DIR="$(dirname "$(readlink -f "$0")")" 12 | 13 | export ANSIBLE_CONFIG="${SCRIPT_DIR}/ansible/ansible.cfg" 14 | 15 | ######################## 16 | # Pre provision provisioning 17 | ######################## 18 | 19 | # install ansible if needed 20 | if [ -z "`which ansible-playbook`" ]; then 21 | echo " ***************************************************************************** " 22 | echo " *** Starting installation of ansible " 23 | echo " ***************************************************************************** " 24 | apt-get update 25 | apt-get -q -y install software-properties-common 26 | apt-add-repository ppa:ansible/ansible 27 | apt-get -q -y update 28 | apt-get -q -y install ansible python-pycurl python-mysqldb python-passlib 29 | fi 30 | 31 | ######################## 32 | # Provion with ansible 33 | ######################## 34 | 35 | echo " ***************************************************************************** " 36 | echo " *** Starting provision with ansible (will take some time...)" 37 | echo " ***************************************************************************** " 38 | 39 | ANSIBLE_EXTRA_VARS="" 40 | 41 | # fix windows compatiblity 42 | cp -a "$SCRIPT_DIR/ansible/inventory" "/tmp/$$.inventory" 43 | chmod -x -- "/tmp/$$.inventory" 44 | 45 | # run ansible 46 | ansible-playbook "$SCRIPT_DIR/ansible/playbook.yml" --inventory="/tmp/$$.inventory" --extra-vars="$ANSIBLE_EXTRA_VARS" --tags="bootstrap" 47 | 48 | # remove inventory file 49 | rm -f -- "/tmp/$$.inventory" 50 | -------------------------------------------------------------------------------- /provision/docker-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | export DOCKER_HOST=tcp://192.168.56.2:2375 4 | #export DOCKER_TLS_VERIFY= 5 | 6 | echo " 7 | # Docker settings 8 | export DOCKER_HOST=tcp://192.168.56.2:2375 9 | #export DOCKER_TLS_VERIFY= 10 | " >> ~/.bashrc >> ~/.zshrc 11 | -------------------------------------------------------------------------------- /provision/maintenance.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -o pipefail # trace ERR through pipes 4 | set -o errtrace # trace ERR through 'time command' and other functions 5 | set -o nounset ## set -u : exit the script if you try to use an uninitialised variable 6 | set -o errexit ## set -e : exit the script if any statement returns a non-true return value 7 | 8 | export DEBIAN_FRONTEND="noninteractive" 9 | export PYTHONUNBUFFERED=1 10 | 11 | SCRIPT_DIR="$(dirname "$(readlink -f "$0")")" 12 | 13 | export ANSIBLE_CONFIG="${SCRIPT_DIR}/ansible/ansible.cfg" 14 | 15 | ######################## 16 | # Maintenance with ansible 17 | ######################## 18 | 19 | echo " ***************************************************************************** " 20 | echo " *** Starting maintenance with ansible " 21 | echo " ***************************************************************************** " 22 | 23 | ANSIBLE_EXTRA_VARS="" 24 | 25 | # fix windows compatiblity 26 | cp -a "$SCRIPT_DIR/ansible/inventory" "/tmp/$$.inventory" 27 | chmod -x -- "/tmp/$$.inventory" 28 | 29 | # run ansible 30 | ansible-playbook "$SCRIPT_DIR/ansible/playbook.yml" --inventory="/tmp/$$.inventory" --extra-vars="$ANSIBLE_EXTRA_VARS" --tags="maintenance" 31 | 32 | # remove inventory file 33 | rm -f -- "/tmp/$$.inventory" 34 | 35 | ######################## 36 | # Custom 37 | ######################## 38 | -------------------------------------------------------------------------------- /vm_defaults.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # +++++++++++++++++++++++++++++++++++++++++++++++ # 3 | # Vagrant VM Configuration # 4 | # +++++++++++++++++++++++++++++++++++++++++++++++ # 5 | 6 | ################### 7 | # User/Profile info 8 | ################### 9 | PROFILE: 10 | ## git informations 11 | email: 'user@example.com' 12 | realname: 'FULL NAME' 13 | 14 | ## default shell 15 | shell: '/bin/zsh' 16 | 17 | ## zsh shell layout [grml,prezto,ohmyzsh] 18 | zshShell: 'grml' 19 | 20 | ## Github username, eg. for automatic ssh pub-key fetching 21 | githubUser: '' 22 | 23 | ################### 24 | # VM (vagrant) settings 25 | ################### 26 | VM: 27 | # Name of VM 28 | name: 'DEV-VM' 29 | 30 | # Base image 31 | # You can use nearly any Ubuntu 16.04 vagrant base image. 32 | # This VM is tested with box-cutter image 33 | # 34 | # Images: 35 | # -> box-cutter/ubuntu1604 36 | # 37 | image: 'bento/ubuntu-16.04' 38 | 39 | # Enable GUI mode (show screen of VM) 40 | gui: false 41 | 42 | # --------------------------------------------- 43 | # Resource settings 44 | # 45 | 46 | # cpu: 47 | # auto -> max number of CPU cores 48 | # 2 -> 2 CPU cores 49 | cpu: 'auto' 50 | 51 | # memory (in MB): 52 | # auto -> 1/4 of system RAM 53 | # 1500 -> 1.5 GB RAM 54 | memory: 'auto' 55 | 56 | # vram (in MB): 57 | # video memory (currently vbox only) 58 | vram: 100 59 | 60 | # TimeZone (check tselect(1) for possible values) 61 | #timezone: 'Etc/UTC' 62 | 63 | # --------------------------------------------- 64 | # Data image (additonal partition) settings 65 | # 66 | data: 67 | # Image size in GB 68 | size: 160 69 | 70 | # Filesystem of image 71 | # -> ext4, btrfs or xfs 72 | filesystem: 'ext4' 73 | 74 | # --------------------------------------------- 75 | # Network settings 76 | # 77 | network: 78 | # Private/Host-only network 79 | private: 80 | address: 192.168.56.2 81 | netmask: 192.168.56.0/24 82 | 83 | # Public bridged network 84 | # |WARNING| This can be a big security issue and an attacker could 85 | # |WARNING| gain access also to host (because of shares or services)! 86 | # |WARNING| Only use if you're sure about the risks! 87 | # |WARNING| If you need access to services use the port forwarding features! 88 | bridged: 89 | # Address 90 | # false -> disabled 91 | # auto -> auto configuration (dhcp) 92 | address: 'false' 93 | bridge: 'en0' 94 | 95 | # --------------------------------------------- 96 | # Shared folders 97 | # 98 | sharedFolder: 99 | - { type: 'home' } 100 | #- { type: 'nfs', src: '~/Projects', target: '/var/www' } 101 | 102 | # --------------------------------------------- 103 | # Port forwarding 104 | # 105 | portForwarding: 106 | #- { guest: 80, host: 80, hostIp: '0.0.0.0', protocol: 'tcp' } 107 | #- { guest: 80, host: 8000, hostIp: '0.0.0.0', protocol: 'tcp' } 108 | #- { guest: 13306, host: 3306, hostIp: '0.0.0.0', protocol: 'tcp' } 109 | 110 | # --------------------------------------------- 111 | # Workarounds 112 | # 113 | workaround: 114 | # Fallback ssh connection (https://github.com/mitchellh/vagrant/issues/5186) 115 | # -> Authentication issues? Workaround: 116 | useSshPasswordAuth: false 117 | 118 | # --------------------------------------------- 119 | # VirtualBox settings 120 | # 121 | virtualbox: 122 | # Disk image controller, may change between images, eg. 123 | # You sometimes have to switch controller if the image is using another one. 124 | # See VM settings in VirtualBox for the correct naming. 125 | # 126 | # -> 'IDE Controller' 127 | # -> 'SATA Controller' 128 | diskController: 'SATA Controller' 129 | 130 | ################### 131 | # Provisioning features 132 | ################### 133 | PROVISION: 134 | update: 1 # do full system update for each full provisoning 135 | samba: 1 # Samba server 136 | ntp: 1 # Time synchronization 137 | mail: 1 # Mail sandbox 138 | php: 1 # Local PHP 139 | dnsmasq: 1 # dnsmasq service (needed for docker consul registration) 140 | consul: 1 # Docker consul service 141 | docker: 1 # Docker server 142 | dockerDory: 1 # Docker docker service --> https://github.com/FreedomBen/dory 143 | clitools: 1 # CliTools 144 | desktop: 0 # GUI desktop [0, kde, unity, gnome] 145 | manpages: 1 # Manpages are not available in baseimage, so reinstall them 146 | buildEssentials: 0 # build essentials (gcc, compilers...) 147 | 148 | ## Development domain (automatic redirect of *.docker for internal use) 149 | developmentDomain: 'docker' 150 | 151 | # apt packages 152 | apt: [] 153 | 154 | # npm packages 155 | npm: [] 156 | 157 | # Ruby gems 158 | gem: [] 159 | 160 | # python pip packages 161 | pip: [] 162 | 163 | ################### 164 | # Docker features 165 | ################### 166 | DOCKER: 167 | ## Additional docker opts 168 | ## -> if you use btrfs you can set: -s btrfs 169 | opts: '' 170 | 171 | # Cleanup tasks on provisioning 172 | cleanup: 173 | # Clean orphaned images and volumes 174 | system: 1 175 | 176 | # Cleanup /var/lib/docker/tmp/ 177 | tmp: 1 178 | 179 | ## Automatic docker image pulling 180 | images: [] 181 | 182 | ################### 183 | # Clitools settings 184 | ################### 185 | CLITOOLS: 186 | ## Password for growl server 187 | growlPassword: '' 188 | db: 189 | dsn: 'mysql:host=127.0.0.1;port=13306' 190 | username: 'root' 191 | password: 'dev' 192 | docker: 193 | boilerplate: 'https://github.com/mblaschke/php-docker-boilerplate.git' 194 | 195 | ################### 196 | # Firewall settings 197 | ################### 198 | FIREWALL: 199 | rules: 200 | #- { port: 22, protocol: tcp, source: '10.0.0.0/8' } # SSH 201 | #- { port: 143, protocol: tcp } # IMAP 202 | - { port: 80, protocol: tcp } # HTTP 203 | - { port: 443, protocol: tcp } # HTTPS 204 | --------------------------------------------------------------------------------