diff --git a/Vagrantfile b/Vagrantfile index ff43b26..df974fe 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -72,6 +72,18 @@ Vagrant.configure("2") do |config| config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat" config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + # Vulnerability - Rails Server + config.vm.provision :shell, path: "scripts/installs/install_ruby.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/install_devkit.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/install_rails_server.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/install_rails_service.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + # Configure Firewall to open up vulnerable services config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat" config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 @@ -79,4 +91,4 @@ Vagrant.configure("2") do |config| # Configure flags config.vm.provision :shell, path: "scripts/installs/install_flags.bat" config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a -end \ No newline at end of file +end diff --git a/resources/rails_server/Gemfile b/resources/rails_server/Gemfile new file mode 100644 index 0000000..58bca23 --- /dev/null +++ b/resources/rails_server/Gemfile @@ -0,0 +1,41 @@ +source 'http://rubygems.org' + + +# Bundle edge Rails instead: gem 'rails', github: 'rails/rails' +gem 'rails', '4.1.1' +# Use sqlite3 as the database for Active Record +gem 'sqlite3' +# Use SCSS for stylesheets +gem 'sass-rails', '~> 4.0.3' +# Use Uglifier as compressor for JavaScript assets +gem 'uglifier', '>= 1.3.0' +# Use CoffeeScript for .js.coffee assets and views +gem 'coffee-rails', '~> 4.0.0' +# See https://github.com/sstephenson/execjs#readme for more supported runtimes +# gem 'therubyracer', platforms: :ruby + +# Use jquery as the JavaScript library +gem 'jquery-rails' +# Turbolinks makes following links in your web application faster. Read more: https://github.com/rails/turbolinks +gem 'turbolinks' +# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder +gem 'jbuilder', '~> 2.0' +# bundle exec rake doc:rails generates the API under doc/api. +gem 'sdoc', '~> 0.4.0', group: :doc + +# Use ActiveModel has_secure_password +# gem 'bcrypt', '~> 3.1.7' + +# Use unicorn as the app server +# gem 'unicorn' + +# Use Capistrano for deployment +# gem 'capistrano-rails', group: :development + +# Use debugger +# gem 'debugger', group: [:development, :test] + +# Windows does not include zoneinfo files, so bundle the tzinfo-data gem +gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw] + +gem 'web-console', '~> 2.0', '<2.1.3' diff --git a/resources/rails_server/devkit/dk.rb b/resources/rails_server/devkit/dk.rb new file mode 100644 index 0000000..298502c --- /dev/null +++ b/resources/rails_server/devkit/dk.rb @@ -0,0 +1,331 @@ +require 'win32/registry' +require 'yaml' +require 'fileutils' + +module DevKitInstaller + + DEVKIT_ROOT = File.expand_path(File.dirname(__FILE__)) + DEVKIT_START = ':DK-BEG:' + DEVKIT_END = ':DK-END:' + + # TODO add JRuby installer registry key + REG_KEYS = [ + 'Software\RubyInstaller\MRI', + 'Software\RubyInstaller\Rubinius', + 'Software\Wow6432Node\RubyInstaller\MRI' + ] + + CONFIG_FILE = 'config.yml' + + def self.usage +<<-EOT + +Configures an MSYS/MinGW based Development Kit (DevKit) for +each of the Ruby installations on your Windows system. The +DevKit enables you to build many of the available native +RubyGems that don't yet have a binary gem. + +Usage: ruby dk.rb COMMAND [options] + +where COMMAND is one of: + + init prepare DevKit for installation + review review DevKit install plan + install install required DevKit executables + +and 'install' [options] are: + + -f, --force overwrite existing helper scripts +EOT + end + + def self.timestamp + Time.now.strftime('%Y%m%d%H%M%S') + end + private_class_method :timestamp + + def self.gem_override(dk_root=DEVKIT_ROOT) + d = dk_root.gsub('/', '\\\\\\') +<<-EOT +# #{DEVKIT_START} override 'gem install' to enable RubyInstaller DevKit usage +Gem.pre_install do |gem_installer| + load 'devkit.rb' unless gem_installer.spec.extensions.empty? +end +# #{DEVKIT_END} +EOT + end + private_class_method :gem_override + + def self.devkit_lib(dk_root=DEVKIT_ROOT) + d = dk_root.gsub('/', '\\\\\\') +<<-EOT +# enable RubyInstaller DevKit usage as a vendorable helper library +unless ENV['PATH'].include?('#{d}\\\\mingw\\\\bin') then + phrase = 'Temporarily enhancing PATH to include DevKit...' + if defined?(Gem) + Gem.ui.say(phrase) if Gem.configuration.verbose + else + puts phrase + end + puts "Prepending ENV['PATH'] to include DevKit..." if $DEBUG + ENV['PATH'] = '#{d}\\\\bin;#{d}\\\\mingw\\\\bin;' + ENV['PATH'] +end +ENV['RI_DEVKIT'] = '#{d}' +ENV['CC'] = 'gcc' +ENV['CXX'] = 'g++' +ENV['CPP'] = 'cpp' +EOT + end + private_class_method :devkit_lib + + def self.update_gem_override(target) + in_devkit = false + bkup = "#{target}.#{timestamp}" + File.rename(target, bkup) + + # copy existing gem override except for old DevKit content + begin + File.open(bkup, 'r') do |src| + File.open(target, 'w') do |tgt| + src.each_line do |src_line| + case src_line + when /^# #{DEVKIT_START}/ + in_devkit = true + when /^# #{DEVKIT_END}/ + in_devkit = false + next + end + tgt.puts(src_line) unless in_devkit + end + + # append new DevKit content + tgt.write(gem_override) + end + end + rescue + # restore backup if anything went wrong + FileUtils.cp(bkup, target) + end + end + private_class_method :update_gem_override + + def self.scan_for(key) + ris = [] + [Win32::Registry::HKEY_LOCAL_MACHINE, Win32::Registry::HKEY_CURRENT_USER].each do |hive| + begin + hive.open(key) do |ri_key| + ri_key.each_key do |skey, wtime| + # read the install location if a version subkey + if skey =~ /\d\.\d\.\d/ + ri_key.open(skey) do |ver_key| + ri_root = ver_key['InstallLocation'].gsub('\\', '/') + puts '[INFO] found RubyInstaller v%s at %s' % [ skey, ri_root ] + ris << ri_root + end + end + end + end + rescue Win32::Registry::Error + end + end + ris + end + private_class_method :scan_for + + def self.installed_rubies + rubies = REG_KEYS.collect { |key| scan_for(key) } + rubies.flatten.uniq + end + private_class_method :installed_rubies + + def self.init + # get all known installed Ruby root dirs and write the root dirs + # to 'config.yml', overwriting any existing config file. + ir = installed_rubies + puts <<-EOT + +Initialization complete! Please review and modify the auto-generated +'config.yml' file to ensure it contains the root directories to all +of the installed Rubies you want enhanced by the DevKit. +EOT + + File.open(CONFIG_FILE, 'w') do |f| + f.write <<-EOT +# This configuration file contains the absolute path locations of all +# installed Rubies to be enhanced to work with the DevKit. This config +# file is generated by the 'ruby dk.rb init' step and may be modified +# before running the 'ruby dk.rb install' step. To include any installed +# Rubies that were not automagically discovered, simply add a line below +# the triple hyphens with the absolute path to the Ruby root directory. +# +# Example: +# +# --- +# - C:/ruby19trunk +# - C:/ruby192dev +# +EOT + unless ir.empty? then f.write(ir.to_yaml) else f.write("---\n") end + end + end + private_class_method :init + + def self.review + if File.exists?(File.expand_path(CONFIG_FILE)) + File.open(CONFIG_FILE, 'r') do |f| + puts <<-EOT +Based upon the settings in the '#{CONFIG_FILE}' file generated +from running 'ruby dk.rb init' and any of your customizations, +DevKit functionality will be injected into the following Rubies +when you run 'ruby dk.rb install'. + +EOT + rubies = YAML.load(f.read) + if rubies.is_a?(Array) + rubies.each { |i| puts File.expand_path(i) } + else + puts "Invalid configuration. Please fix '#{CONFIG_FILE}.'" + exit(-2) + end + end + else + puts <<-EOT +Unable to find '#{CONFIG_FILE}'. Have you run 'ruby dk.rb init' yet? +EOT + exit(-2) + end + end + + def self.install + begin + rubies = YAML.load_file(CONFIG_FILE) + rescue + puts <<-EOT +Error loading '#{CONFIG_FILE}'. Have you run 'ruby dk.rb init' yet? +EOT + exit(-2) + end + + unless rubies.is_a?(Array) && !rubies.empty? + puts <<-EOT +Invalid configuration or no Rubies listed. Please fix '#{CONFIG_FILE}' +and rerun 'ruby dk.rb install' +EOT + exit(-2) + end + + rubies.each do |path| + path = File.expand_path(path) + + unless File.directory?(path) + puts "[ERROR] Skipping invalid directory '#{path}'" + next + end + + site_ruby = Dir.glob("#{path}/lib/ruby/site_ruby") + site_rubygems = Dir.glob("#{path}/lib/ruby/site_ruby/[1-9].*/rubygems") + core_rubygems = Dir.glob("#{path}/lib/ruby/[1-9].*/rubygems") + + # Warn and exit if unable to find a RubyGems installation + if site_rubygems.empty? && core_rubygems.empty? + puts <<-EOT +[ERROR] Unable to find RubyGems in site_ruby or core Ruby. Please +install RubyGems and rerun 'ruby dk.rb install'. +EOT + exit(-2) + else + # either (or both) site_rubygems or core_rubygems contains RubyGems; + # favor injecting override into site_rubygems over core_rubygems + target_ruby = site_rubygems.empty? ? core_rubygems : site_rubygems + + # inject RubyGems override file into proper site_ruby location + # appending an existing override file if it doesn't already contain + # DevKit specific code. + target_ruby.each do |folder| + target = File.join(folder, 'defaults', 'operating_system.rb') + FileUtils.mkdir_p File.dirname(target) + + if File.exist?(target) + content = File.read(target) + case + when content !~ /^#.*DevKit/o + # handle original and new token-based comments + puts "[INFO] Updating existing gem override for '#{path}'" + File.open(target, 'a') { |f| f.write(gem_override) } + when content =~ /^# #{DEVKIT_START} missing DevKit/o + # replace missing DevKit/build tool convenience notice + puts "[INFO] Updating convenience notice gem override for '#{path}'" + update_gem_override(target) + else + puts "[INFO] Skipping existing gem override for '#{path}'" unless $options[:force] + + if $options[:force] + puts "[WARN] Updating (with backup) existing gem override for '#{path}'" + update_gem_override(target) + end + end + + else + puts "[INFO] Installing '#{target}'" + File.open(target, 'w') { |f| f.write(gem_override) } + end + end + end + + # inject DevKit PATH helper into site_ruby (allows for overriding) + # for the 'ruby -rdevkit extconf.rb' use case. + # TODO more robust JRuby check since can't assume JRuby is running + # this script? + jruby_site_shared = File.join(site_ruby, 'shared') + if File.directory?(jruby_site_shared) && File.exist?(File.join(path, 'bin', 'jruby.bat')) + site_ruby = jruby_site_shared + end + + target = File.join(site_ruby, 'devkit.rb') + if File.exist?(target) + # Be paranoid about our 'site_ruby/devkit.rb' namespace. Either + # someone else has collided with it, or we've already written the + # helper lib. Warn the developer and skip rather than overwriting + # or appending. + puts "[WARN] Skipping existing DevKit helper library for '#{path}'" unless $options[:force] + + if $options[:force] + puts "[WARN] Updating (with backup) DevKit helper library for '#{path}'" + File.rename(target, "#{target}.#{timestamp}") + File.open(target, 'w') { |f| f.write(devkit_lib) } + end + else + puts "[INFO] Installing '#{target}'" + File.open(target, 'w') { |f| f.write(devkit_lib) } + end + end + end + private_class_method :install + + def self.usage_and_exit + $stderr.puts usage + exit(-1) + end + + def self.run(*args) + send(args.first) + end + +end + +if __FILE__ == $0 + if ARGV.empty? || ARGV.delete('--help') || ARGV.delete('-h') + DevKitInstaller.usage_and_exit + end + + cmd = ARGV.delete('init') || + ARGV.delete('review') || + ARGV.delete('install') + + $options ||= {} + $options[:force] = ARGV.delete('--force') || ARGV.delete('-f') + + DevKitInstaller.usage_and_exit unless ARGV.empty? + + DevKitInstaller.run(cmd) +end diff --git a/resources/rails_server/gemrc b/resources/rails_server/gemrc new file mode 100644 index 0000000..834c9db --- /dev/null +++ b/resources/rails_server/gemrc @@ -0,0 +1,7 @@ +--- +:backtrace: false +:bulk_threshold: 1000 +:sources: +- http://rubygems.org/ +:update_sources: true +:verbose: true diff --git a/resources/rails_server/sqlite3-1.3.11-x64-mingw32.gemspec b/resources/rails_server/sqlite3-1.3.11-x64-mingw32.gemspec new file mode 100644 index 0000000..043d9a8 --- /dev/null +++ b/resources/rails_server/sqlite3-1.3.11-x64-mingw32.gemspec @@ -0,0 +1,55 @@ +# -*- encoding: utf-8 -*- +# stub: sqlite3 1.3.11 x64-mingw32 lib + +Gem::Specification.new do |s| + s.name = "sqlite3" + s.version = "1.3.11" + s.platform = "x64-mingw32" + + s.required_rubygems_version = Gem::Requirement.new(">= 1.3.5") if s.respond_to? :required_rubygems_version= + s.require_paths = ["lib/sqlite3_native"] + s.authors = ["Jamis Buck", "Luis Lavena", "Aaron Patterson"] + s.date = "2015-10-10" + s.description = "This module allows Ruby programs to interface with the SQLite3\ndatabase engine (http://www.sqlite.org). You must have the\nSQLite engine installed in order to build this module.\n\nNote that this module is only compatible with SQLite 3.6.16 or newer." + s.email = ["jamis@37signals.com", "luislavena@gmail.com", "aaron@tenderlovemaking.com"] + s.extra_rdoc_files = ["API_CHANGES.rdoc", "CHANGELOG.rdoc", "Manifest.txt", "README.rdoc", "ext/sqlite3/backup.c", "ext/sqlite3/database.c", "ext/sqlite3/exception.c", "ext/sqlite3/sqlite3.c", "ext/sqlite3/statement.c"] + s.files = ["API_CHANGES.rdoc", "CHANGELOG.rdoc", "Manifest.txt", "README.rdoc", "ext/sqlite3/backup.c", "ext/sqlite3/database.c", "ext/sqlite3/exception.c", "ext/sqlite3/sqlite3.c", "ext/sqlite3/statement.c"] + s.homepage = "https://github.com/sparklemotion/sqlite3-ruby" + s.licenses = ["BSD-3"] + s.rdoc_options = ["--main", "README.rdoc"] + s.required_ruby_version = Gem::Requirement.new(">= 1.8.7") + s.rubygems_version = "2.5.1" + s.summary = "This module allows Ruby programs to interface with the SQLite3 database engine (http://www.sqlite.org)" + + s.installed_by_version = "2.5.1" if s.respond_to? :installed_by_version + + if s.respond_to? :specification_version then + s.specification_version = 4 + + if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then + s.add_development_dependency(%q, ["~> 5.8"]) + s.add_development_dependency(%q, ["~> 4.0"]) + s.add_development_dependency(%q, ["~> 0.9.3"]) + s.add_development_dependency(%q, ["~> 0.4.3"]) + s.add_development_dependency(%q, ["~> 0.6.2"]) + s.add_development_dependency(%q, ["~> 1.0"]) + s.add_development_dependency(%q, ["~> 3.14"]) + else + s.add_dependency(%q, ["~> 5.8"]) + s.add_dependency(%q, ["~> 4.0"]) + s.add_dependency(%q, ["~> 0.9.3"]) + s.add_dependency(%q, ["~> 0.4.3"]) + s.add_dependency(%q, ["~> 0.6.2"]) + s.add_dependency(%q, ["~> 1.0"]) + s.add_dependency(%q, ["~> 3.14"]) + end + else + s.add_dependency(%q, ["~> 5.8"]) + s.add_dependency(%q, ["~> 4.0"]) + s.add_dependency(%q, ["~> 0.9.3"]) + s.add_dependency(%q, ["~> 0.4.3"]) + s.add_dependency(%q, ["~> 0.6.2"]) + s.add_dependency(%q, ["~> 1.0"]) + s.add_dependency(%q, ["~> 3.14"]) + end +end diff --git a/resources/rails_server/start_rails_server.bat b/resources/rails_server/start_rails_server.bat new file mode 100644 index 0000000..9524142 --- /dev/null +++ b/resources/rails_server/start_rails_server.bat @@ -0,0 +1,2 @@ +cd "C:\Program Files\Rails_Server" +C:\tools\ruby23\bin\rails.bat server diff --git a/scripts/configs/configure_firewall.bat b/scripts/configs/configure_firewall.bat index 70e77e5..46b7e02 100644 --- a/scripts/configs/configure_firewall.bat +++ b/scripts/configs/configure_firewall.bat @@ -7,3 +7,4 @@ netsh advfirewall firewall add rule name="Open Port 8080 for GlassFish" dir=in a netsh advfirewall firewall add rule name="Open Port 3389 for Remote Desktop" dir=in action=allow protocol=TCP localport=3389 netsh advfirewall firewall add rule name="Open Port 8585 for Wordpress and phpMyAdmin" dir=in action=allow protocol=TCP localport=8585 netsh advfirewall firewall add rule name="Java 1.6 java.exe" dir=in action=allow program="C:\openjdk6\openjdk-1.6.0-unofficial-b27-windows-amd64\jre\bin\java.exe" enable=yes +netsh advfirewall firewall add rule name="Open Port 3000 for Rails Server" dir=in action=allow protocol=TCP localport=3000 diff --git a/scripts/installs/install_devkit.bat b/scripts/installs/install_devkit.bat new file mode 100644 index 0000000..0153e52 --- /dev/null +++ b/scripts/installs/install_devkit.bat @@ -0,0 +1,8 @@ +mkdir "C:\Program Files\Rails_Server" +mkdir "C:\Program Files\Rails_Server\devkit" +powershell -Command "(New-Object System.Net.WebClient).DownloadFile('http://dl.bintray.com/oneclick/rubyinstaller/DevKit-mingw64-64-4.7.2-20130224-1432-sfx.exe', 'C:\Program Files\Rails_Server\devkit\devkit.exe')"