capistrano-cookbook 5.0.1 → 5.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ccf86ecd4d2c04f71dd86f6aaf38877d57c1b7482e21435986b58dcbd768e18c
-  data.tar.gz: 1a9f6bc210c07faf2c998ad13f438b97ac4efbccdb3734993e173f94cf7953be
+  metadata.gz: 460d15f3368c78001b83e7796c72a59fa79aa94343c38f3da70c3b3ff96d9638
+  data.tar.gz: 8d0dcdb74815085641a8261ec3e70ad9c0f89479afdb5912f6384e2479320260
 SHA512:
-  metadata.gz: 936557739c95b9b6c4d2f7bc92fa300778437e0c335b84670c7b4d9e67dce28daa65196f0713cf2e9babdb3fe913777c181bf5587f9378880b4567f091453893
-  data.tar.gz: e55cb0581cfdde734cdea13b675ccb89aea40f1fab79c1280b1eda86590b37fb0cb3c22af6565d56e94d7fb4466b80d6823cb398ccb39d5b16e4277bd85066a2
+  metadata.gz: 9ca03266e0bbf51396d2c5d761c6150ff12a2693f2d107e5f6b8b82efd37aa82d54e44011c14f501d20d929e0538c9a6818d579e6881f0aa0f012a340beaf6a0
+  data.tar.gz: db4ec41d34d1686705b6bd2e2dd7eb19bca928339106d76c6ab63336f7ece0461868ac7ba3c539b96c756170b366bbb6b00839158c761f0ef43a4f11b985253b

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+## 5.0.2 (April 2021)
+
+- Adds support for automatically adding SSL certificates via Certbot
+
 ## 5.0.1 (March 2021)
 
 - Adds full support for deploy (but not config creation) without sudo access

data/lib/capistrano/cookbook.rb

@@ -2,14 +2,15 @@ require "capistrano/cookbook/version"
 
 module Capistrano
   module Cookbook
+    require 'capistrano/cookbook/certbot'
     require 'capistrano/cookbook/check_revision'
+    require 'capistrano/cookbook/create_database'
     require 'capistrano/cookbook/logs'
     require 'capistrano/cookbook/monit'
     require 'capistrano/cookbook/nginx'
+    require 'capistrano/cookbook/puma_systemd'
     require 'capistrano/cookbook/run_tests'
     require 'capistrano/cookbook/setup_config'
-    require 'capistrano/cookbook/create_database'
-    require 'capistrano/cookbook/puma_systemd'
     require 'capistrano/cookbook/sidekiq_systemd'
   end
 end

data/lib/capistrano/cookbook/certbot.rb

@@ -0,0 +1 @@
+load File.expand_path("tasks/certbot.cap", File.dirname(__FILE__))

data/lib/capistrano/cookbook/tasks/certbot.cap

@@ -0,0 +1,9 @@
+namespace :certbot do
+  desc "Setup certbot certificate for the domain defined in `nginx_server_name` in the stage file"
+  task :install do
+    on roles(:app) do
+      return unless fetch(:certbot_enable_ssl)
+      sudo "certbot --nginx -d #{fetch(:nginx_server_name)} --non-interactive --agree-tos --email #{fetch(:certbot_email)} #{fetch(:certbot_redirect_to_https) ? '--redirect' : ''} #{fetch(:certbot_use_acme_staging) ? '--dry-run' : ''}"
+    end
+  end
+end

data/lib/capistrano/cookbook/tasks/setup_config.cap

@@ -57,6 +57,7 @@ after 'deploy:setup_config', 'puma:nginx_config'
 after 'deploy:setup_config', 'puma:monit:config'
 after 'deploy:setup_config', 'puma:systemd:config'
 after 'deploy:setup_config', 'puma:systemd:enable'
+after 'deploy:setup_config', 'certbot:install'
 
 # Enable the sidekiq systemd service so that it's started automatically on (re)boot
 after 'deploy:setup_config', 'sidekiq:systemd:enable' if (defined?(Capistrano::Sidekiq) == 'constant' && Capistrano::Sidekiq.class == Class)

data/lib/capistrano/cookbook/version.rb

@@ -1,5 +1,5 @@
 module Capistrano
   module Cookbook
-    VERSION = "5.0.1"
+    VERSION = "5.0.2"
   end
 end

data/lib/generators/capistrano/reliably_deploying_rails/bootstrap_generator.rb

@@ -9,11 +9,19 @@ module Capistrano
         class_option :sidekiq, type: :boolean, default: false
         class_option :production_hostname, type: :string, default: nil
         class_option :production_server_address, type: :string, default: nil
+        class_option :certbot_enable, type: :boolean, default: false
+        class_option :certbot_email, type: :string
 
         def setup
           @production_hostname = options[:production_hostname] || 'YOUR_PRODUCTION_HOSTNAME'
           @production_server_address = options[:production_server_address] || 'YOUR_PRODUCTION_SERVER_ADDRESS'
           @generate_sidekiq = options[:sidekiq]
+          @certbot_enable = options[:certbot_enable]
+          @certbot_email = options[:certbot_email]
+        end
+
+        def check_domain
+          raise 'The `_` chatacter is not valid in domain names' if @production_hostname.include?('_')
         end
 
         def create_capfile

data/lib/generators/capistrano/reliably_deploying_rails/templates/deploy.rb.erb

@@ -13,6 +13,12 @@ set :rbenv_ruby, '3.0.0'
 set :rbenv_prefix, "RBENV_ROOT=#{fetch(:rbenv_path)} RBENV_VERSION=#{fetch(:rbenv_ruby)} #{fetch(:rbenv_path)}/bin/rbenv exec"
 set :rbenv_map_bins, %w{rake gem bundle ruby rails}
 
+# setup certbot for SSL via letsencrypt
+set :certbot_enable_ssl, <%= @certbot_enable %>
+set :certbot_redirect_to_https, true
+set :certbot_email, "<%= @certbot_email %>"
+set :certbot_use_acme_staging, false
+
 # setup puma to operate in clustered mode, required for zero downtime deploys
 set :puma_preload_app, false
 set :puma_init_active_record, true

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: capistrano-cookbook
 version: !ruby/object:Gem::Version
-  version: 5.0.1
+  version: 5.0.2
 platform: ruby
 authors:
 - Ben Dixon
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-03-25 00:00:00.000000000 Z
+date: 2021-03-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capistrano
@@ -97,6 +97,7 @@ files:
 - lib/capistrano/.DS_Store
 - lib/capistrano/cookbook.rb
 - lib/capistrano/cookbook/.DS_Store
+- lib/capistrano/cookbook/certbot.rb
 - lib/capistrano/cookbook/check_revision.rb
 - lib/capistrano/cookbook/compile_assets_locally.rb
 - lib/capistrano/cookbook/create_database.rb
@@ -110,6 +111,7 @@ files:
 - lib/capistrano/cookbook/run_tests.rb
 - lib/capistrano/cookbook/setup_config.rb
 - lib/capistrano/cookbook/sidekiq_systemd.rb
+- lib/capistrano/cookbook/tasks/certbot.cap
 - lib/capistrano/cookbook/tasks/check_revision.cap
 - lib/capistrano/cookbook/tasks/compile_assets_locally.cap
 - lib/capistrano/cookbook/tasks/create_database.cap