**Open-source PHP 5.3 Development Server via automated installation tools.**
Short task list:
1. Virtualization +
2. Puppet/Chef +
3. Web +
4. Php +debug +cache +profiler +
5. Memcached +
6. SVN +
7. Jira (track, bamboo) +
8. LDAP, AD, instructions for Win7, Mac, Linux +
9. mysql (chroot) +
10. Samba +
11. Monitoring/Graphing +
12. UPS +
13. Backup +
14. Mail + mail protector +
15. FTP +
16. rabbitMQ +
18. Second server (chroot PHP/memcache) +
It the reply you should make you suggestions to questions left open in detailed summary. Also, you should provide a plan of the work split into two day milestones.
All items marked "SCRIPT" must have source code; must have complete usage instructions and examples when invoked without parameters. It should be run only once to complete it's task. Verboseness and interactivity is encouraged.
All items marked "PROCEDURE" must be separately clearly documented in step-by-step fashion, with screen shots on non-obvious steps.
****Hardware and OS Setup****
Hardware: <[url removed, login to view]>
Only difference - it has 8Gb ram now. RAID5 should be build on top of the 4 drives.
It must have virtualization installed. Any mayor open-source solution will do, open to suggestions/discussion. I will install it for you, given all PROCEDURE and give you access to it by IP. Then you will continue on your own.
Inside should be 2 virtualized servers - main development ([url removed, login to view]) and minor testing ([url removed, login to view]). All CPU/RAM resources should be available to [url removed, login to view] except the rare cases [url removed, login to view] is waken from sleep.
OS selection is open to suggestions, any mayor 64-bit Linux will do.
#### Automated installation
OS installation process should include bare minimum of components. All post-install configuration must be done by Puppet. Installation package should include as few custom components as possible. Fetching from repositories and tweaking afterwards is strongly encouraged to simplify further upgrades.
All options different from host to host (like IP addresses, master passwords, host, domain names, Apache, PHP versions) should be set from one single puppet include file. A PROCEDURE of changing them should be provided.
Also, a PROCEDURE of creating another server (i.e. [url removed, login to view]) should be available.
In general, result of this job should look like as archive of "/etc/puppet" directory and installation PROCEDURE.
WARNING! Before accepting this job as finished I will definitely drop current installation and will attempt to recreate them with received procedure. Any non-working parts will be subject to arbitration.
All important services on which PHP development depend should run under daemon manager (runit, daemontools, any). These services include but not limited to apache, mysql, memcached, SVN, Samba.
****Apache, PHP modules****
Apache should be able to spawn processes with developer's credentials (see Developer's Area).
PHP should be version 5.3+ with following modules:
mysql | mysqli
standard | timezonedb
A PROCEDURE of adding/removing them (via Puppet) should be provided.
Xdebug should be installed. A PROCEDURE of configuring Remote Debugging in PhpStorm should be provided. A PROCEDURE of using Xdebug profiler should be provided.
PHP accelerator should be installed with the option to disable it on some directories. It should not conflict with Xdebug.
Memcached should be installed too.
Samba domain should be installed ([url removed, login to view]).
A PROCEDURE of joining/removing Windows XP, Windows 7, MacOS and Linux machines to domain should be provided.
A PROCEDURE of managing Windows Group Policies should be provided.
Domain users should be able to manage local folder access permissions via standard OS means.
Central file repository should be created with following hierarchy:
//[url removed, login to view]<username> - private storage (Developer's home folder).
//[url removed, login to view] - all users' public access
//[url removed, login to view](IT/Finance/...) - folders representing OU, shared to respective OU
There should be a Directory/LDAP management front-end and PROCEDURE how to add/remove users.
FTP, Samba, SSH, SVN, Jira software and others supporting LDAP should use kerberos/ldap SSO for login without asking for credentials. If needed, PROCEDURE must be provided to configure local tools to use SSO.
AD/LDAP should be managed from OS native tools too.
Percona Mysql server latest 5.5+ version should be installed in complete chroot mode.
SVN in ssh+svn mode should be available. If needed, PROCEDURE must be provided to configure PhpStorm with SVN (using LDAP credentials).
RabbitMQ should be installed using default settings.
Atlassian tools - JIRA, Confluence, Bonfire, Bamboo, Grasshopper also need to be installed.
Backup of configuration, vital data, developer's directories and databases should be made using any appropriate tool. It should make 1 monthly full backup and daily incrementals (only changed files).
Backup's should go to offsite location provided by us. Offsite location will be configured according to provided PROCEDURE, describing installation of storage agent.
Postfix should configured in such way so when someone from the server tried to send an e-mail to the domain different from '[url removed, login to view]', it should forward them to 'tech at [url removed, login to view]'.
When somebody sends e-mail to 'username@<anything>.[url removed, login to view]', it should forward it to <username>@wwc.lv.
SCRIPT After registering new user in Developers group there should be a script which builds a complete working environment for developer.
SCRIPT Also there should be a user removal script, which will archive all developer's files and databases to some non-backuped location and then delete files, mysql tables, permissions, accounts etc.
**Working environment** includes:
1. Home directory - the root of all other directories.
2. Web directory - root of http://<username>.[url removed, login to view] and https://<username>.[url removed, login to view]
3. Log directory - Webserver, PHP, FTP and all other logs (not accessible by web)
4. SSL directory, where certificates are stored
5. PHP scripts from web directory should be run as <username>. Remote debugging and profiling should be configurable to connect to specific developer's IP.
6. Samba share of Home directory, accessible to <username>, with ability to manage sharing and access to other LDAP users.
7. SSH/SFTP access as <username>
8. FTPS access to Home directory (chrooted)
9. Mysql access with <username> to databases, created by <username>. Frontend should be provided for developers to create, access (phpMyAdmin), drop his databases and to grant/remoke ALL PRIVILEGES to other developers.
UPS model "Orvaldi" will be connected to the server. It must be configured to clearly shut down the whole system when battery reaches critical limit.
**Monitoring & Graphing**
Please install Nagios (also using puppet templates). It should check [url removed, login to view] and [url removed, login to view] via remote NRPE agent. Nagios should alert on system vitals (CPU, load, processes, disk) and daemon statuses (alert if not running / uptime less than 2 minutes).
Also install Cacti with graphs of system vitals and Mysql (via mysql-cacti-templates).
**Second server [url removed, login to view]**
It should include:
* SVN binaries
* 2 chrooted nginx installations, serving static files from DocumentRoot1 and DocumentRoot2, and serving from the same documents PHP files via chrooted php-fpm
* 2 chrooted memcached installations, available for respective php-fpm
* 2 different chrooted installations of MySQL, configured as Master and Slave, available for respective php-fpm
* PHP configuration and modules should be synchronized (via puppet) from [url removed, login to view]