From 3d53d03461a99d0b4fbf36534cd2b21ab87e61ef Mon Sep 17 00:00:00 2001
From: AJ ONeal <awesome@coolaj86.com>
Date: Wed, 1 Apr 2015 16:46:11 +0000
Subject: [PATCH] add upstart script, setup instructions

---
 .gitignore     |  2 ++
 SETUP.md       | 22 ++++++++++++++++++++++
 upstart-walnut | 24 ++++++++++++++++++++++++
 walnut.js      | 13 +++++++++----
 4 files changed, 57 insertions(+), 4 deletions(-)
 create mode 100644 SETUP.md
 create mode 100644 upstart-walnut

diff --git a/.gitignore b/.gitignore
index 573fa1e..4ae44f0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,5 @@
+redirects.json
+vhosts
 .*.sw*
 
 # Logs
diff --git a/SETUP.md b/SETUP.md
new file mode 100644
index 0000000..256b29f
--- /dev/null
+++ b/SETUP.md
@@ -0,0 +1,22 @@
+# secure the server with https://coolaj86.com/articles/securing-your-vps-for-the-semi-paranoid.html
+
+# install walnut
+sudo mkdir /srv/walnut
+sudo chown walnut:walnut -R /srv/walnut
+pushd /srv/walnut
+git init
+git remote origin add git@github.com:daplie/walnut.git
+git pull
+npm install
+
+# copy uid and guid to ./walnut.js
+id
+vim walnut.js
+
+# configure redirects
+rsync -av redirects.sample.json redirects.json
+
+# create and start upstart service
+sudo rsync -av upstart-walnut /etc/init/walnut.conf
+# for init.d: sudo rsync -av init.d-walnut /etc/init.d/walnut
+sudo service walnut restart
diff --git a/upstart-walnut b/upstart-walnut
new file mode 100644
index 0000000..0f789a4
--- /dev/null
+++ b/upstart-walnut
@@ -0,0 +1,24 @@
+# sudo rsync -av upstart-walnut /etc/init/walnut.conf
+# sudo service walnut restart
+
+description "WALNUT application host"
+version "1.0"
+author "AJ ONeal"
+
+# Upstart has nothing in $PATH by default
+env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+# Keep the server running on crash or machine reboot
+respawn
+respawn limit 10 120
+start on runlevel [2345]
+
+# Start the server using spark and redirect output to log files
+script
+  DATE=`date '+%F_%H-%M-%S'`
+  cd /srv/walnut/
+  mkdir -p logs
+  exec node bin/walnut \
+    > "./logs/access.${DATE}.log" \
+    2> "./logs/error.${DATE}.log"
+end script
diff --git a/walnut.js b/walnut.js
index 0e286cd..e0da315 100644
--- a/walnut.js
+++ b/walnut.js
@@ -73,7 +73,12 @@ function phoneHome() {
     console.error("Couldn't phone home. Oh well");
   });
 }
-require('./lib/insecure-server').create(securePort, insecurePort, redirects);
-require('./lib/vhost-sni-server.js').create(securePort, certsPath, vhostsdir)
-  //.then(phoneHome)
-  ;
+
+PromiseA.all(
+  require('./lib/insecure-server').create(securePort, insecurePort, redirects)
+, require('./lib/vhost-sni-server.js').create(securePort, certsPath, vhostsdir)
+).then(function () {
+  // TODO use `id' to find user's uid / gid and set to file
+  process.setgid(1000);
+  process.setuid(1000);
+})//.then(phoneHome);