capistrano-mb 0.23.1 → 0.24.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 89cce0c20944d7bf15c5acb463f30771cbbedac8
-  data.tar.gz: c383f55d6b822f858552c295d3cb8cf32e00744d
+  metadata.gz: 63f7e5e2b8eb0f126c2ac90f753353dd425eb801
+  data.tar.gz: 69627248b8d4db581a8b4d2b74c2cba08bae5b88
 SHA512:
-  metadata.gz: 4fb4c33da818549e8cca4e49af3e8cadf37c910067fe0242a3ab326200b6aaae3767541b969e27ff5c1eb521715113dfa10711849b111bd6fa430a788cc961f5
-  data.tar.gz: 0e406ca4e7d33480eaeebc8ad669390e6a7f5e5c5c6a4819474f404e85432a8f470b39b59d051f04bd2715329931cfe0fa4711deb7bd7163720b1b4b7f91534f
+  metadata.gz: f5c706979093b9ab26c91659362647d13cdeff63aa2674e5bad8b543dffe5b17f5762a52348cb621f5dbcdd8adb5518d160d5f8f980c6cb9053e7beabfed0660
+  data.tar.gz: 2e8d185754f3d922e7abf7810ab3221a4489c82ccda59e46f2001e086201c42d84a4f931c355caf43d27ea848b962e60264333c0e42135415c54291b86fe8fa3

data/CHANGELOG.md

@@ -2,6 +2,11 @@
 
 * Your contribution here!
 
+## [0.24.0][] (2015-09-11)
+
+* Improve README with step-by-step installation instructions.
+* Expand the list of cipher suites used in the nginx SSL configuration. ([#7](https://github.com/mattbrictson/capistrano-mb/pull/7))
+
 ## [0.23.1][] (2015-08-08)
 
 * Ensure gzip is enable for all assets, not just fingerprinted ones.
@@ -137,7 +142,8 @@ Flush console output after each line is printed. This allows deployment progress
 
 Initial Rubygems release!
 
-[Unreleased]: https://github.com/mattbrictson/capistrano-mb/compare/v0.23.1...HEAD
+[Unreleased]: https://github.com/mattbrictson/capistrano-mb/compare/v0.24.0...HEAD
+[0.24.0]: https://github.com/mattbrictson/capistrano-mb/compare/v0.23.1...v0.24.0
 [0.23.1]: https://github.com/mattbrictson/capistrano-mb/compare/v0.23.0...v0.23.1
 [0.23.0]: https://github.com/mattbrictson/capistrano-mb/compare/v0.22.2...v0.23.0
 [0.22.2]: https://github.com/mattbrictson/capistrano-mb/compare/v0.22.1...v0.22.2

data/README.md

@@ -19,7 +19,7 @@ The capistrano-mb gem adds a `cap <stage> provision` task to Capistrano that tak
 
 The gem is named "capistrano-mb" because it is prescribes my ([@mattbrictson](https://github.com/mattbrictson)) personal preferences for automating deployments of Rails projects. I'm a freelance developer juggling lots of Rails codebases, so its important for me to have a good, consistent server configuration. You'll notice that capistrano-mb is opinionated and strictly uses the following stack:
 
-* Ubuntu 12.04 LTS or 14.04 LTS
+* Ubuntu 14.04 LTS
 * PostgreSQL
 * Unicorn
 * Nginx
@@ -31,124 +31,160 @@ In addition, capistrano-mb changes many of Capistrano's defaults, including the
 Not quite to your liking? Consider forking the project to meet your needs.
 
 
-## Installation
+## Quick start
 
-Please note that this project requires **Capistrano 3.x**, which is a complete
-rewrite of Capistrano 2.x. The two major versions are not compatible.
+Please note that this project requires **Capistrano 3.x**, which is a complete rewrite of Capistrano 2.x. The two major versions are not compatible.
 
-### 1. Gemfile
+### 1. Purchase an Ubuntu 14.04 VPS
 
-Add these gems to the development group of your Rails application's Gemfile:
+To use capistrano-mb, you'll need a clean Ubuntu server to deploy to. The only special requirement is that your public SSH key must be installed on the server for the `root` user.
 
-    group :development do
-      gem 'capistrano-bundler', :require => false
-      gem 'capistrano-rails', :require => false
-      gem 'capistrano', '~> 3.4.0', :require => false
-      gem 'capistrano-mb' :require => false
-    end
+Test that you can SSH to the server as `root` without being prompted for a password. If that works, capistrano-mb can take care of the rest. You're ready to proceed!
+
+### 2. .ruby-version
+
+capistrano-mb needs to know the version of Ruby that your app requires, so that it can install Ruby during the provisioning process. Place a `.ruby-version` file in the root of your project containing the desired version, like this:
+
+```
+2.2.3
+```
+
+*If you are using `rbenv`, just run `rbenv local 2.2.3` and it will create this file for you.*
+
+### 3. Gemfile
+
+capistrano-mb makes certain assumptions about your Rails app, namely that it uses [dotenv][] to manage Rails secrets via environment variables, and that it runs on top of PostgreSQL and [unicorn][]. Make sure they are specified in the Gemfile:
+
+```ruby
+gem "dotenv-rails", ">= 2.0.0"
+gem "pg", "~> 0.18"
+gem "unicorn"
+```
+
+Then for the capistrano-mb tools themselves, add these gems to the development group:
+
+```ruby
+group :development do
+  gem "capistrano-bundler", :require => false
+  gem "capistrano-rails", :require => false
+  gem "capistrano", "~> 3.4.0", :require => false
+  gem "capistrano-mb", :require => false
+end
+```
 
 And then execute:
 
-    $ bundle
+```
+$ bundle
+```
 
+### 4. cap install
 
-### 2. cap install
+If your project doesn't yet have a `Capfile`, run `cap install` with the list of desired stages (environments). For simplicity, this installation guide will assume a single production stage:
 
-If your project doesn't yet have a `Capfile`, run `cap install` with the list
-of desired stages (environments):
+```
+cap install STAGES=production
+```
 
-    cap install STAGES=staging,production
+### 5. Capfile
 
+Add these lines to the **bottom** of your app's `Capfile` (order is important!):
 
-### 3. Capfile
+```ruby
+require "capistrano/bundler"
+require "capistrano/rails"
+require "capistrano/mb"
+```
 
-Add these lines to the **bottom** of your app's `Capfile`
-(order is important!):
+### 6. deploy.rb
 
-    require 'capistrano/bundler'
-    require 'capistrano/rails'
-    require 'capistrano/mb'
+Modify `config/deploy.rb` to set the specifics of your Rails app. At the minimum, you'll need to set these two options:
 
+```ruby
+set :application, "my_app_name"
+set :repo_url, "git@github.com:username/repository.git"
+```
 
-### 4. Choose which recipes to auto-run
+### 7. production.rb
 
-Most of the capistrano-mb recipes are designed to run automatically as part of `cap <stage> provision`, for installing and setting up various bits of the Rails infrastructure, like nginx, unicorn, and postgres. Some recipes also contribute to the `cap <stage> deploy` process.
+Modify `config/deploy/production.rb` to specify the IP address of your production server. In this example, I have a single 1GB VPS (e.g. at DigitalOcean) that plays all the roles:
 
-*This auto-run behavior is fully under your control.*  In your `deploy.rb`,
-set `:mb_recipes` to an array of the desired recipes.
-If you don't want a recipe to execute as part of `deploy`/`provision`, simply omit it from
-the list.
+```ruby
+server "my.production.ip",
+       :user => "deployer",
+       :roles => %w(app backup cron db web)
+```
 
-The following list will suffice for most out-of-the-box Rails apps. The order of the list is not important.
+*Note that you must include the `backup` and `cron` roles if you want to make use of capistrano-mb's database backups and crontab features.*
 
-    set :mb_recipes, %w(
-      aptitude
-      crontab
-      dotenv
-      logrotate
-      migrate
-      nginx
-      postgresql
-      rbenv
-      seed
-      ssl
-      ufw
-      unicorn
-      user
-      version
-    )
-
-Even if you don't include a recipe in the auto-run list, you can still invoke
-the tasks of those recipes manually at your discretion.
-
-
-### 5. Configuration
+### 8. secrets.yml
 
-Many of the recipes have default settings that can be overridden. Use your
-`deploy.rb` file to specify these overrides. Or, you can override per stage.
-Here is an example override:
+By default, Rails 4.2 apps have a `config/secrets.yml` file that specifies the Rails secret key. capistrano-mb configures dotenv to provide this secret in a `RAILS_SECRET_KEY_BASE` environment variable. You'll therefore need to modify `secrets.yml` as follows:
 
-    set :mb_unicorn_workers, 8
+```ruby
+production:
+  secret_key_base: <%= ENV["RAILS_SECRET_KEY_BASE"] %>
+```
 
-For the full list of settings and their default values, refer to
-[defaults.rake][].
+### 9. Provision and deploy!
 
+Run capistrano-mb's `provision:14_04` task (named for Ubuntu 14.04). This will ask you a few questions, install Ruby, PostgreSQL, Nginx, etc., and set everything up. The entire process takes about 10 minutes (mostly due to compiling Ruby from source).
 
-### A working example
+```
+bundle exec cap production provision:14_04
+```
 
-Check out our [rails-starter][] project for a sample Capfile and deploy.rb.
+Once that's done, your app is now ready to deploy!
 
-## Usage
+```
+bundle exec cap production deploy
+```
 
-The power of the capistrano-mb recipes is that they take care of the
-entire setup of a bare Ubuntu 12.04 or 14.04 server, all the way to a fully configured
-and running Rails app on top up Unicorn, Nginx, rbenv, and PostgreSQL.
+## Advanced usage
 
-### Deploying to a new server from scratch
+### Choosing which recipes to auto-run
 
-These steps assume you have loaded the full set of capistrano-mb
-recipes in your Capfile.
+Most of the capistrano-mb recipes are designed to run automatically as part of `cap <stage> provision`, for installing and setting up various bits of the Rails infrastructure, like nginx, unicorn, and postgres. Some recipes also contribute to the `cap <stage> deploy` process.
+
+*This auto-run behavior is fully under your control.*  In your `deploy.rb`, set `:mb_recipes` to an array of the desired recipes. If you don't want a recipe to execute as part of `deploy`/`provision`, simply omit it from the list.
 
-1. Provision an Ubuntu 12.04 or 14.04 VPS at your hosting provider of choice.
-2. Install your public SSH key for the root user. Some providers (e.g. DigitalOcean) can do this for you automatically when you provision a new VPS.
-3. Repeat steps 1-2 for all the servers in your cluster, if you are using
-   a multi-server setup (e.g. separate web, app, and database servers).
-4. Let capistrano-mb take it from here:
+The following list will suffice for most out-of-the-box Rails apps. The order of the list is not important.
 
-        cap staging provision       # for 12.04 LTS
-        cap staging provision:14_04 # for 14.04 LTS
-        cap staging deploy
+```ruby
+set :mb_recipes, %w(
+  aptitude
+  crontab
+  dotenv
+  logrotate
+  migrate
+  nginx
+  postgresql
+  rbenv
+  seed
+  ssl
+  ufw
+  unicorn
+  user
+  version
+)
+```
+
+Even if you don't include a recipe in the auto-run list, you can still invoke the tasks of those recipes manually at your discretion. Run `bundle exec cap -T` to see the full list of tasks.
+
+### Configuration
 
-### Running individual tasks
+Many of the recipes have default settings that can be overridden. Use your
+`deploy.rb` file to specify these overrides. Or, you can override per stage.
+Here is an example override:
+
+    set :mb_unicorn_workers, 8
 
-For a full description of all available tasks, run:
+For the full list of settings and their default values, refer to [defaults.rake][].
 
-    cap -T
 
-All tasks from capistrano-mb will be prefixed with `mb:`. You
-can run these tasks just like any other capistrano task, like so:
+## Further reading
 
-    cap staging mb:seed
+Check out my [rails-template][] project, which generates Rails applications with capistrano-mb pre-configured and ready to go.
 
 
 ## History
@@ -170,4 +206,6 @@ If you are upgrading from `capistrano-fiftyfive`, refer to the [CHANGELOG entry
 [cast337]:http://railscasts.com/episodes/337-capistrano-recipes
 [cast373]:http://railscasts.com/episodes/373-zero-downtime-deployment
 [defaults.rake]:lib/capistrano/tasks/defaults.rake
-[rails-starter]:https://github.com/mattbrictson/rails-starter/tree/master/config
+[rails-template]:https://github.com/mattbrictson/rails-template/
+[dotenv]:https://github.com/bkeepers/dotenv
+[unicorn]:http://unicorn.bogomips.org/

data/lib/capistrano/mb/templates/nginx_unicorn.erb

@@ -47,7 +47,7 @@ upstream unicorn_<%= application_basename %> {
 
       <% if port == 443 %>
         ssl on;
-        ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:RSA+3DES:!ADH:!AECDH:!MD5;
+        ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
         ssl_prefer_server_ciphers on;
         ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
         ssl_dhparam /etc/ssl/dhparams.pem;

data/lib/capistrano/mb/version.rb

@@ -1,5 +1,5 @@
 module Capistrano
   module MB
-    VERSION = "0.23.1"
+    VERSION = "0.24.0"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: capistrano-mb
 version: !ruby/object:Gem::Version
-  version: 0.23.1
+  version: 0.24.0
 platform: ruby
 authors:
 - Matt Brictson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-08-08 00:00:00.000000000 Z
+date: 2015-09-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capistrano