capistrano-o2web-recipes 0.0.7 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +13 -8
- data/lib/capistrano/o2web_recipes/version.rb +1 -1
- data/lib/capistrano/tasks/o2web_recipes.rake +3 -2
- data/lib/generators/capistrano/o2web_recipes/install/templates/config/nginx.app.conf.erb +49 -49
- data/lib/generators/capistrano/o2web_recipes/install/templates/config/nginx.conf.erb +28 -7
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4a34a87eb36bb96737e41cd873dc860a5138e7a4
|
4
|
+
data.tar.gz: f2bfc9af49e8f2fb539adb2afc1ba12997486574
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 621d085987cd5404bd55ad731dab560d741415cfd0286659412c090fef06b4576eb7a589b1d6ffff8e5667105360e300a4a92b0a56bb7fb97925d3a7be12a065
|
7
|
+
data.tar.gz: 4c8de6b1b5ca797b8c8b1111d96a89a97ea8a42c266a3a7e48517a33697ecfb71af33de1428fa34c6f9c2c7b301452a7b5d099462f2a0e51a83fc89a36135d88
|
data/README.md
CHANGED
@@ -42,26 +42,31 @@ cap [stage] db:local_to_server # Sync server DB with local DB
|
|
42
42
|
cap [stage] nginx:local_to_server # Export nginx configuration files
|
43
43
|
```
|
44
44
|
|
45
|
-
Also,
|
45
|
+
Also, `deploy:assets:precompile` task is done locally and a `cron.log` file is created/touched in `shared/log` after deploy.
|
46
46
|
|
47
47
|
Configurations can be customized in your deploy file with:
|
48
48
|
|
49
49
|
```ruby
|
50
50
|
set :server, 'example.com'
|
51
51
|
set :deployer_name, 'deployer'
|
52
|
-
# default to
|
53
|
-
set :files_public_dirs, fetch(:files_public_dirs
|
52
|
+
# default to ['system']
|
53
|
+
set :files_public_dirs, fetch(:files_public_dirs).push(*%W[
|
54
54
|
spree
|
55
55
|
])
|
56
56
|
# default to []
|
57
|
-
set :files_private_dirs, fetch(:files_private_dirs
|
57
|
+
set :files_private_dirs, fetch(:files_private_dirs).push(*%W[
|
58
58
|
])
|
59
|
-
set :
|
60
|
-
# default to
|
61
|
-
set :nginx_assets_dirs, fetch(:nginx_assets_dirs
|
59
|
+
set :nginx_max_body_size, '10m'
|
60
|
+
# default to ['system', 'images']
|
61
|
+
set :nginx_assets_dirs, fetch(:nginx_assets_dirs).push(*%W[
|
62
62
|
spree
|
63
63
|
])
|
64
|
-
|
64
|
+
# default to ['404.html', '422.html', '500.html', 'favicon.ico']
|
65
|
+
set :nginx_assets_files, fetch(:nginx_assets_files).push(*%W[
|
66
|
+
])
|
67
|
+
# default to {}
|
68
|
+
set :nginx_redirects, fetch(:nginx_redirects).merge({
|
69
|
+
})
|
65
70
|
```
|
66
71
|
|
67
72
|
### TODO
|
@@ -5,9 +5,10 @@ namespace :load do
|
|
5
5
|
set :files_public_dirs, ['system']
|
6
6
|
set :files_private_dirs, []
|
7
7
|
|
8
|
-
set :nginx_workers, 1
|
9
|
-
set :nginx_assets_dirs, %w[assets system]
|
10
8
|
set :nginx_max_body_size, '10m'
|
9
|
+
set :nginx_public_dirs, ['system', 'images']
|
10
|
+
set :nginx_public_files, ['404.html', '422.html', '500.html', 'favicon.ico']
|
11
|
+
set :nginx_redirects, {}
|
11
12
|
end
|
12
13
|
end
|
13
14
|
|
@@ -14,72 +14,72 @@
|
|
14
14
|
# Default server configuration
|
15
15
|
#
|
16
16
|
server {
|
17
|
-
listen 80 default_server;
|
18
|
-
listen [::]:80 default_server ipv6only=on;
|
17
|
+
listen 80 default_server deferred;
|
18
|
+
listen [::]:80 default_server deferred ipv6only=on;
|
19
19
|
|
20
|
+
server_name <%= fetch(:server) %>;
|
21
|
+
|
22
|
+
passenger_enabled on;
|
23
|
+
rails_env <%= fetch(:stage) %>;
|
24
|
+
root <%= fetch(:deploy_to) %>/current/public;
|
25
|
+
|
26
|
+
error_page 404 /404.html;
|
27
|
+
error_page 422 /422.html;
|
28
|
+
error_page 500 502 503 504 /500.html;
|
29
|
+
|
30
|
+
<% if fetch(:stage) == :production %>
|
20
31
|
# SSL configuration
|
21
32
|
#
|
22
|
-
# listen 443 ssl default_server;
|
23
|
-
# listen [::]:443 ssl default_server;
|
33
|
+
# listen 443 ssl default_server deferred;
|
34
|
+
# listen [::]:443 ssl default_server deferred ipv6only=on;
|
35
|
+
#
|
36
|
+
# ssl_certificate /etc/ssl/certs/$server_name.chained.crt;
|
37
|
+
# ssl_certificate_key /etc/ssl/private/$server_name.key;
|
24
38
|
#
|
25
39
|
# Self signed certs generated by the ssl-cert package
|
26
40
|
# Don't use them in a production server!
|
27
41
|
#
|
28
42
|
# include snippets/snakeoil.conf;
|
43
|
+
<% end %>
|
29
44
|
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
# ssl_certificate /etc/ssl/certs/<%= fetch(:server) %>.chained.crt;
|
38
|
-
# ssl_certificate_key /etc/ssl/private/<%= fetch(:server) %>.key;
|
39
|
-
|
40
|
-
# redirect https://www.server_name.com to https://server_name.com
|
41
|
-
#if ($host = www.$server_name) {
|
42
|
-
# rewrite ^(.*) https://$server_name$request_uri? permanent;
|
43
|
-
#}
|
44
|
-
<% end -%>
|
45
|
-
|
46
|
-
client_max_body_size <%= fetch(:nginx_max_body_size) %>;
|
45
|
+
location /assets/ {
|
46
|
+
gzip_static on;
|
47
|
+
expires 1M;
|
48
|
+
add_header Cache-Control public;
|
49
|
+
access_log off;
|
50
|
+
log_not_found off;
|
51
|
+
}
|
47
52
|
|
48
|
-
|
49
|
-
location
|
50
|
-
|
53
|
+
<% fetch(:nginx_public_dirs).each do |folder| %>
|
54
|
+
location /<%= folder %>/ {
|
55
|
+
expires 1M;
|
56
|
+
add_header Cache-Control public;
|
57
|
+
access_log off;
|
58
|
+
log_not_found off;
|
51
59
|
}
|
60
|
+
<% end %>
|
52
61
|
|
53
|
-
|
54
|
-
|
55
|
-
expires
|
62
|
+
<% fetch(:nginx_public_files).each do |file| %>
|
63
|
+
location = /<%= file %> {
|
64
|
+
expires 1M;
|
56
65
|
add_header Cache-Control public;
|
57
|
-
|
66
|
+
access_log off;
|
67
|
+
log_not_found off;
|
58
68
|
}
|
69
|
+
<% end %>
|
59
70
|
}
|
60
71
|
|
72
|
+
<% if fetch(:nginx_redirects).any? %>
|
61
73
|
server {
|
62
74
|
listen 80;
|
75
|
+
listen 443 ssl;
|
63
76
|
|
64
|
-
server_name
|
65
|
-
return 301 $scheme://<%= fetch(:server) %>$request_uri;
|
66
|
-
}
|
77
|
+
server_name <%= fetch(:server) %>;
|
67
78
|
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
# listen [::]:80;
|
76
|
-
#
|
77
|
-
# server_name example.com;
|
78
|
-
#
|
79
|
-
# root /var/www/example.com;
|
80
|
-
# index index.html;
|
81
|
-
#
|
82
|
-
# location / {
|
83
|
-
# try_files $uri $uri/ =404;
|
84
|
-
# }
|
85
|
-
#}
|
79
|
+
<% fetch(:nginx_redirects).each do |src, dst| %>
|
80
|
+
location = /<%= src.sub(/^\//, '') %> {
|
81
|
+
return 301 $scheme://$server_name/<%= dst.sub(/^\//, '') %>;
|
82
|
+
}
|
83
|
+
<% end %>
|
84
|
+
}
|
85
|
+
<% end %>
|
@@ -1,13 +1,19 @@
|
|
1
1
|
user <%= fetch(:deployer_name) %>;
|
2
|
-
worker_processes
|
2
|
+
worker_processes auto;
|
3
|
+
worker_rlimit_nofile 4096;
|
3
4
|
pid /run/nginx.pid;
|
4
5
|
|
5
6
|
events {
|
6
|
-
worker_connections
|
7
|
-
|
7
|
+
worker_connections 1024;
|
8
|
+
multi_accept on;
|
9
|
+
use epoll;
|
8
10
|
}
|
9
11
|
|
10
12
|
http {
|
13
|
+
log_format custom_log '$remote_addr - $remote_user [$time_local] '
|
14
|
+
'"$request" $status $body_bytes_sent '
|
15
|
+
'"$http_referer" "$http_user_agent" '
|
16
|
+
'$upstream_response_time - $gzip_ratio';
|
11
17
|
|
12
18
|
##
|
13
19
|
# Basic Settings
|
@@ -16,9 +22,16 @@ http {
|
|
16
22
|
sendfile on;
|
17
23
|
tcp_nopush on;
|
18
24
|
tcp_nodelay on;
|
19
|
-
keepalive_timeout
|
25
|
+
keepalive_timeout 30;
|
20
26
|
types_hash_max_size 2048;
|
21
|
-
|
27
|
+
server_tokens off;
|
28
|
+
|
29
|
+
client_max_body_size <%= fetch(:nginx_max_body_size) %>;
|
30
|
+
|
31
|
+
open_file_cache max=8192 inactive=10m;
|
32
|
+
open_file_cache_valid 20m;
|
33
|
+
open_file_cache_min_uses 1;
|
34
|
+
open_file_cache_errors on;
|
22
35
|
|
23
36
|
# server_names_hash_bucket_size 64;
|
24
37
|
# server_name_in_redirect off;
|
@@ -32,12 +45,16 @@ http {
|
|
32
45
|
|
33
46
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
|
34
47
|
ssl_prefer_server_ciphers on;
|
48
|
+
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
|
49
|
+
|
50
|
+
ssl_session_cache shared:SSL:50m;
|
51
|
+
ssl_session_timeout 10m;
|
35
52
|
|
36
53
|
##
|
37
54
|
# Logging Settings
|
38
55
|
##
|
39
56
|
|
40
|
-
access_log /var/log/nginx/access.log;
|
57
|
+
access_log /var/log/nginx/access.log custom_log;
|
41
58
|
error_log /var/log/nginx/error.log;
|
42
59
|
|
43
60
|
##
|
@@ -45,11 +62,12 @@ http {
|
|
45
62
|
##
|
46
63
|
|
47
64
|
gzip on;
|
65
|
+
gzip_min_length 1024;
|
48
66
|
gzip_disable "msie6";
|
49
67
|
|
50
68
|
gzip_vary on;
|
51
69
|
gzip_proxied any;
|
52
|
-
gzip_comp_level
|
70
|
+
gzip_comp_level 5;
|
53
71
|
gzip_buffers 16 8k;
|
54
72
|
gzip_http_version 1.1;
|
55
73
|
gzip_types
|
@@ -70,6 +88,9 @@ http {
|
|
70
88
|
|
71
89
|
passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
|
72
90
|
passenger_ruby /home/<%= fetch(:deployer_name) %>/.rbenv/shims/ruby;
|
91
|
+
passenger_pool_idle_time 0;
|
92
|
+
passenger_max_request_queue_size 1000;
|
93
|
+
passenger_show_version_in_header off;
|
73
94
|
|
74
95
|
##
|
75
96
|
# Virtual Host Configs
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: capistrano-o2web-recipes
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Patrice Lebel
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-01
|
11
|
+
date: 2016-02-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: capistrano
|