From b216bbf7d01090b153f5e39d30884cda610416fd Mon Sep 17 00:00:00 2001
From: samuel <samuel.hailu@ungleich.ch>
Date: Thu, 7 May 2020 12:01:02 +0200
Subject: [PATCH] new

---
 sami/my-cdist/.cdist/sample                   |  1 +
 .../__sample_bottle_hosting/gencode-remote    |  1 +
 .../type/__sample_bottle_hosting/manifest     | 43 +++++++++++++++++++
 .../parameter/required                        |  4 ++
 .../gencode-remote                            |  0
 .../.cdist/type/__sample_nginx/manifest       | 13 ++++++
 .../gencode-remote                            |  1 +
 .../manifest                                  | 25 +++++++++++
 .../parameter/required                        |  1 +
 .../type/_sample_bottle_hosting/manifest      |  0
 .../_sample_bottle_hosting/parameter/required |  2 -
 11 files changed, 89 insertions(+), 2 deletions(-)
 create mode 100644 sami/my-cdist/.cdist/sample
 create mode 100644 sami/my-cdist/.cdist/type/__sample_bottle_hosting/gencode-remote
 create mode 100644 sami/my-cdist/.cdist/type/__sample_bottle_hosting/manifest
 create mode 100644 sami/my-cdist/.cdist/type/__sample_bottle_hosting/parameter/required
 rename sami/my-cdist/.cdist/type/{_sample_bottle_hosting => __sample_nginx}/gencode-remote (100%)
 create mode 100644 sami/my-cdist/.cdist/type/__sample_nginx/manifest
 create mode 100644 sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/gencode-remote
 create mode 100644 sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/manifest
 create mode 100644 sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/parameter/required
 delete mode 100644 sami/my-cdist/.cdist/type/_sample_bottle_hosting/manifest
 delete mode 100644 sami/my-cdist/.cdist/type/_sample_bottle_hosting/parameter/required

diff --git a/sami/my-cdist/.cdist/sample b/sami/my-cdist/.cdist/sample
new file mode 100644
index 0000000..c28e3ac
--- /dev/null
+++ b/sami/my-cdist/.cdist/sample
@@ -0,0 +1 @@
+__sample_bottle_hosting --projectname sample --user app --domain $__target_host sample
diff --git a/sami/my-cdist/.cdist/type/__sample_bottle_hosting/gencode-remote b/sami/my-cdist/.cdist/type/__sample_bottle_hosting/gencode-remote
new file mode 100644
index 0000000..a4cceb5
--- /dev/null
+++ b/sami/my-cdist/.cdist/type/__sample_bottle_hosting/gencode-remote
@@ -0,0 +1 @@
+echo "service nginx restart"
diff --git a/sami/my-cdist/.cdist/type/__sample_bottle_hosting/manifest b/sami/my-cdist/.cdist/type/__sample_bottle_hosting/manifest
new file mode 100644
index 0000000..d0b9ecd
--- /dev/null
+++ b/sami/my-cdist/.cdist/type/__sample_bottle_hosting/manifest
@@ -0,0 +1,43 @@
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+    ubuntu)
+        :
+    ;;
+    *)
+        echo "OS $os currently not supported" >&2
+        exit 1
+    ;;
+esac
+
+
+user="$(cat "$__object/parameter/user")"
+home="/home/$user"
+apphome="$home/app"
+
+# create user
+__user "$user" --home "$home" --shell /bin/bash
+# create user home dir
+require="__user/$user" __directory "$home" \
+    --owner "$user" --group "$user" --mode 0755
+# create app home dir
+require="__user/$user __directory/$home" __directory "$apphome" \
+    --state present --owner "$user" --group "$user" --mode 0755
+
+
+# define packages that need to be installed
+packages_to_install="nginx uwsgi-plugin-python3 python3-dev python3-pip postgresql postgresql-contrib libpq-dev python3-venv uwsgi python3-psycopg2"
+
+# update package index
+__apt_update_index
+# install packages
+for package in $packages_to_install
+    do require="__apt_update_index" __package $package --state=present
+done
+
+# install pip3 packages
+for package in bottle bottle-pgsql; do
+    __package_pip --pip pip3 $package
+done
+
+
diff --git a/sami/my-cdist/.cdist/type/__sample_bottle_hosting/parameter/required b/sami/my-cdist/.cdist/type/__sample_bottle_hosting/parameter/required
new file mode 100644
index 0000000..719e766
--- /dev/null
+++ b/sami/my-cdist/.cdist/type/__sample_bottle_hosting/parameter/required
@@ -0,0 +1,4 @@
+# required parameter
+projectname
+user
+domain
diff --git a/sami/my-cdist/.cdist/type/_sample_bottle_hosting/gencode-remote b/sami/my-cdist/.cdist/type/__sample_nginx/gencode-remote
similarity index 100%
rename from sami/my-cdist/.cdist/type/_sample_bottle_hosting/gencode-remote
rename to sami/my-cdist/.cdist/type/__sample_nginx/gencode-remote
diff --git a/sami/my-cdist/.cdist/type/__sample_nginx/manifest b/sami/my-cdist/.cdist/type/__sample_nginx/manifest
new file mode 100644
index 0000000..14a9ac9
--- /dev/null
+++ b/sami/my-cdist/.cdist/type/__sample_nginx/manifest
@@ -0,0 +1,13 @@
+domain="$(cat "$__object/parameter/domain")"
+webroot="/var/www/html"
+__sample_nginx_http_letsencrypt_and_ssl_redirect "$domain" --webroot "$webroot"
+
+
+# create SSL cert
+require="__package/nginx __sample_nginx_http_letsencrypt_and_ssl_redirect/$domain" \
+    __letsencrypt_cert --admin-email samuel.hailu@ungleich.ch \
+        --webroot "$webroot" \
+        --automatic-renewal \
+        --renew-hook "service nginx reload" \
+        --domain "$domain" \
+        "$domain"
diff --git a/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/gencode-remote b/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/gencode-remote
new file mode 100644
index 0000000..9adb30b
--- /dev/null
+++ b/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/gencode-remote
@@ -0,0 +1 @@
+echo "service nginx reload"
diff --git a/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/manifest b/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/manifest
new file mode 100644
index 0000000..38ca444
--- /dev/null
+++ b/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/manifest
@@ -0,0 +1,25 @@
+domain="$__object_id"
+webroot="$(cat "$__object/parameter/webroot")"
+# make sure we have nginx package
+__package nginx
+# setup Let's Encrypt HTTP acme challenge, redirect HTTP to HTTPS
+require="__package/nginx" __file "/etc/nginx/sites-enabled/http-$domain" \
+    --source - --mode 0644 << EOF
+server {
+    listen *:80;
+    listen [::]:80;
+
+    server_name $domain;
+
+    # Let's Encrypt
+    location /.well-known/acme-challenge/ {
+        root $webroot;
+    }
+
+    # Everything else -> SSL
+    location / {
+        return 301 https://\$host\$request_uri;
+    }
+}
+
+EOF
diff --git a/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/parameter/required b/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/parameter/required
new file mode 100644
index 0000000..fc7c3e9
--- /dev/null
+++ b/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/parameter/required
@@ -0,0 +1 @@
+webroot
diff --git a/sami/my-cdist/.cdist/type/_sample_bottle_hosting/manifest b/sami/my-cdist/.cdist/type/_sample_bottle_hosting/manifest
deleted file mode 100644
index e69de29..0000000
diff --git a/sami/my-cdist/.cdist/type/_sample_bottle_hosting/parameter/required b/sami/my-cdist/.cdist/type/_sample_bottle_hosting/parameter/required
deleted file mode 100644
index f57f16e..0000000
--- a/sami/my-cdist/.cdist/type/_sample_bottle_hosting/parameter/required
+++ /dev/null
@@ -1,2 +0,0 @@
-# required parameter
-servername="$(cat "$__object/parameter/servername")"