capistrano-o2web-recipes 0.0.7 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 409018e429c809606655699c0f0fb34c09945e15
-  data.tar.gz: 0307eb033ccafa9f0463abbe18d71e344cd4e43d
+  metadata.gz: 4a34a87eb36bb96737e41cd873dc860a5138e7a4
+  data.tar.gz: f2bfc9af49e8f2fb539adb2afc1ba12997486574
 SHA512:
-  metadata.gz: d03bd541cd21b664560f255e0eb66f0f3014009593366122c62816ccf95814e9dbab049b802c0f792048e7b086cc96170b050e523a25f3fce81fd1eef1980382
-  data.tar.gz: 86be34715957f5842776bc933f6529d4efb200780ccb64f1c0e7ab6221996decb1d81297040b15e7d9379b5973a1da3eb5e504a5e4c3b461bd800dbdb87a6cc6
+  metadata.gz: 621d085987cd5404bd55ad731dab560d741415cfd0286659412c090fef06b4576eb7a589b1d6ffff8e5667105360e300a4a92b0a56bb7fb97925d3a7be12a065
+  data.tar.gz: 4c8de6b1b5ca797b8c8b1111d96a89a97ea8a42c266a3a7e48517a33697ecfb71af33de1428fa34c6f9c2c7b301452a7b5d099462f2a0e51a83fc89a36135d88

data/README.md

@@ -42,26 +42,31 @@ cap [stage] db:local_to_server            # Sync server DB with local DB
 cap [stage] nginx:local_to_server         # Export nginx configuration files
 ```
 
-Also, tasks from 'capistrano3-nginx' are available.
+Also, `deploy:assets:precompile` task is done locally and a `cron.log` file is created/touched in `shared/log` after deploy.
 
 Configurations can be customized in your deploy file with:
 
 ```ruby
 set :server, 'example.com'
 set :deployer_name, 'deployer'
-# default to %W[system]
-set :files_public_dirs, fetch(:files_public_dirs, []).push(*%W[
+# default to ['system']
+set :files_public_dirs, fetch(:files_public_dirs).push(*%W[
   spree
 ])
 # default to []
-set :files_private_dirs, fetch(:files_private_dirs, []).push(*%W[
+set :files_private_dirs, fetch(:files_private_dirs).push(*%W[
 ])
-set :nginx_workers, 1
-# default to %W[assets system]
-set :nginx_assets_dirs, fetch(:nginx_assets_dirs, []).push(*%W[
+set :nginx_max_body_size, '10m'
+# default to ['system', 'images']
+set :nginx_assets_dirs, fetch(:nginx_assets_dirs).push(*%W[
   spree
 ])
-set :nginx_max_body_size, '10m'
+# default to ['404.html', '422.html', '500.html', 'favicon.ico']
+set :nginx_assets_files, fetch(:nginx_assets_files).push(*%W[
+])
+# default to {}
+set :nginx_redirects, fetch(:nginx_redirects).merge({
+})
 ```
 
 ### TODO

data/lib/capistrano/o2web_recipes/version.rb

@@ -1,5 +1,5 @@
 module Capistrano
   module O2webRecipes
-    VERSION = "0.0.7"
+    VERSION = "0.1.0"
   end
 end

data/lib/capistrano/tasks/o2web_recipes.rake

@@ -5,9 +5,10 @@ namespace :load do
     set :files_public_dirs, ['system']
     set :files_private_dirs, []
 
-    set :nginx_workers, 1
-    set :nginx_assets_dirs, %w[assets system]
     set :nginx_max_body_size, '10m'
+    set :nginx_public_dirs, ['system', 'images']
+    set :nginx_public_files, ['404.html', '422.html', '500.html', 'favicon.ico']
+    set :nginx_redirects, {}
   end
 end
 

data/lib/generators/capistrano/o2web_recipes/install/templates/config/nginx.app.conf.erb

@@ -14,72 +14,72 @@
 # Default server configuration
 #
 server {
-  listen 80 default_server;
-  listen [::]:80 default_server ipv6only=on;
+  listen 80 default_server deferred;
+  listen [::]:80 default_server deferred ipv6only=on;
 
+  server_name <%= fetch(:server) %>;
+
+  passenger_enabled on;
+  rails_env <%= fetch(:stage) %>;
+  root <%= fetch(:deploy_to) %>/current/public;
+
+  error_page 404 /404.html;
+  error_page 422 /422.html;
+  error_page 500 502 503 504 /500.html;
+
+<% if fetch(:stage) == :production %>
   # SSL configuration
   #
-  # listen 443 ssl default_server;
-  # listen [::]:443 ssl default_server;
+  # listen 443 ssl default_server deferred;
+  # listen [::]:443 ssl default_server deferred ipv6only=on;
+  #
+  # ssl_certificate /etc/ssl/certs/$server_name.chained.crt;
+  # ssl_certificate_key /etc/ssl/private/$server_name.key;
   #
   # Self signed certs generated by the ssl-cert package
   # Don't use them in a production server!
   #
   # include snippets/snakeoil.conf;
+<% end %>
 
-  server_name <%= fetch(:server) %>;
-  passenger_enabled on;
-  rails_env <%= fetch(:stage) %>;
-  root <%= fetch(:deploy_to) %>/current/public;
-
-<% if fetch(:stage) == :production -%>
-  # listen 443 ssl;
-  # ssl_certificate /etc/ssl/certs/<%= fetch(:server) %>.chained.crt;
-  # ssl_certificate_key /etc/ssl/private/<%= fetch(:server) %>.key;
-  
-  # redirect https://www.server_name.com to https://server_name.com
-  #if ($host = www.$server_name) {
-  #  rewrite ^(.*) https://$server_name$request_uri? permanent;
-  #}
-<% end -%>
-
-  client_max_body_size <%= fetch(:nginx_max_body_size) %>;
+  location /assets/ {
+    gzip_static on;
+    expires 1M;
+    add_header Cache-Control public;
+    access_log    off;
+    log_not_found off;
+  }
 
-  error_page 500 502 503 504 /50x.html;
-  location = /50x.html {
-    root html;
+<% fetch(:nginx_public_dirs).each do |folder| %>
+  location /<%= folder %>/ {
+    expires 1M;
+    add_header Cache-Control public;
+    access_log    off;
+    log_not_found off;
   }
+<% end %>
 
-  location ~ ^/(<%= fetch(:nginx_assets_dirs).join('|') %>)/  {
-    gzip_static on;
-    expires max;
+<% fetch(:nginx_public_files).each do |file| %>
+  location = /<%= file %> {
+    expires 1M;
     add_header Cache-Control public;
-    break;
+    access_log    off;
+    log_not_found off;
   }
+<% end %>
 }
 
+<% if fetch(:nginx_redirects).any? %>
 server {
   listen 80;
+  listen 443 ssl;
 
-  server_name www.<%= fetch(:server) %>;
-  return 301 $scheme://<%= fetch(:server) %>$request_uri;
-}
+  server_name <%= fetch(:server) %>;
 
-# Virtual Host configuration for example.com
-#
-# You can move that to a different file under sites-available/ and symlink that
-# to sites-enabled/ to enable it.
-#
-#server {
-#  listen 80;
-#  listen [::]:80;
-#
-#  server_name example.com;
-#
-#  root /var/www/example.com;
-#  index index.html;
-#
-#  location / {
-#    try_files $uri $uri/ =404;
-#  }
-#}
+  <% fetch(:nginx_redirects).each do |src, dst| %>
+  location = /<%= src.sub(/^\//, '') %> {
+    return 301 $scheme://$server_name/<%= dst.sub(/^\//, '') %>;
+  }
+  <% end %>
+}
+<% end %>

data/lib/generators/capistrano/o2web_recipes/install/templates/config/nginx.conf.erb

@@ -1,13 +1,19 @@
 user <%= fetch(:deployer_name) %>;
-worker_processes <%= fetch(:nginx_workers) %>;
+worker_processes auto;
+worker_rlimit_nofile 4096;
 pid /run/nginx.pid;
 
 events {
-  worker_connections 768;
-  # multi_accept on;
+  worker_connections 1024;
+  multi_accept on;
+  use epoll;
 }
 
 http {
+  log_format custom_log '$remote_addr - $remote_user [$time_local] '
+    '"$request" $status $body_bytes_sent '
+    '"$http_referer" "$http_user_agent" '
+    '$upstream_response_time - $gzip_ratio';
 
   ##
   # Basic Settings
@@ -16,9 +22,16 @@ http {
   sendfile on;
   tcp_nopush on;
   tcp_nodelay on;
-  keepalive_timeout 65;
+  keepalive_timeout 30;
   types_hash_max_size 2048;
-  # server_tokens off;
+  server_tokens off;
+
+  client_max_body_size <%= fetch(:nginx_max_body_size) %>;
+
+  open_file_cache max=8192 inactive=10m;
+  open_file_cache_valid 20m;
+  open_file_cache_min_uses 1;
+  open_file_cache_errors on;
 
   # server_names_hash_bucket_size 64;
   # server_name_in_redirect off;
@@ -32,12 +45,16 @@ http {
 
   ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
   ssl_prefer_server_ciphers on;
+  ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
+
+  ssl_session_cache shared:SSL:50m;
+  ssl_session_timeout 10m;
 
   ##
   # Logging Settings
   ##
 
-  access_log /var/log/nginx/access.log;
+  access_log /var/log/nginx/access.log custom_log;
   error_log /var/log/nginx/error.log;
 
   ##
@@ -45,11 +62,12 @@ http {
   ##
 
   gzip on;
+  gzip_min_length 1024;
   gzip_disable "msie6";
 
   gzip_vary on;
   gzip_proxied any;
-  gzip_comp_level 6;
+  gzip_comp_level 5;
   gzip_buffers 16 8k;
   gzip_http_version 1.1;
   gzip_types
@@ -70,6 +88,9 @@ http {
 
   passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
   passenger_ruby /home/<%= fetch(:deployer_name) %>/.rbenv/shims/ruby;
+  passenger_pool_idle_time 0;
+  passenger_max_request_queue_size 1000;
+  passenger_show_version_in_header off;
 
   ##
   # Virtual Host Configs

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: capistrano-o2web-recipes
 version: !ruby/object:Gem::Version
-  version: 0.0.7
+  version: 0.1.0
 platform: ruby
 authors:
 - Patrice Lebel
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-25 00:00:00.000000000 Z
+date: 2016-02-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capistrano