capistrano-pumaio 3.0.3 → 3.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +10 -10
- data/Gemfile.lock +34 -33
- data/README.md +3 -42
- data/Rakefile +5 -5
- data/VERSION +1 -1
- data/capistrano-pumaio.gemspec +16 -21
- data/lib/capistrano/puma.rb +0 -8
- metadata +13 -19
- data/lib/capistrano/helpers/puma/nginx.rb +0 -18
- data/lib/capistrano/tasks/nginx.rake +0 -119
- data/lib/capistrano/tasks/nginx_config.rake +0 -63
- data/templates/nginx/application.conf.erb +0 -184
- data/templates/nginx/htpasswd.erb +0 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a76626d7c63be2c1cc1c3ed05768b81db37fedb9
|
4
|
+
data.tar.gz: 6900bdcdf0015d351c7490aa442deebc3bfeb8c2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 504c3b284df8023af5a8c2b3aa57ff7730773b18d76a59d1e3b2407fd575b5c6fd114c7dd8e43664039775830f582505f552fca85112568608a39c66b63970e8
|
7
|
+
data.tar.gz: c5c1756365e7f38b02fc1f54a5dce6591ada8a38c5a709cbf9708899cedb4cf496ea9f769fcd05d5334f3afb240132e635bf7532298a3bed6387152fa67d4822
|
data/Gemfile
CHANGED
@@ -1,10 +1,10 @@
|
|
1
|
-
source 'http://rubygems.org'
|
2
|
-
|
3
|
-
gem 'capistrano', '~> 3.4'
|
4
|
-
gem 'activesupport', '>=
|
5
|
-
gem 'capistrano-monit_runit', '~> 3.0
|
6
|
-
|
7
|
-
group :development do
|
8
|
-
gem 'bundler', '~> 1.7'
|
9
|
-
gem '
|
10
|
-
end
|
1
|
+
source 'http://rubygems.org'
|
2
|
+
|
3
|
+
gem 'capistrano', '~> 3.4'
|
4
|
+
gem 'activesupport', '>= 4.0'
|
5
|
+
gem 'capistrano-monit_runit', '~> 3.1.0'
|
6
|
+
|
7
|
+
group :development do
|
8
|
+
gem 'bundler', '~> 1.7'
|
9
|
+
gem 'juwelier'
|
10
|
+
end
|
data/Gemfile.lock
CHANGED
@@ -1,39 +1,38 @@
|
|
1
1
|
GEM
|
2
2
|
remote: http://rubygems.org/
|
3
3
|
specs:
|
4
|
-
activesupport (4.2.
|
4
|
+
activesupport (4.2.6)
|
5
5
|
i18n (~> 0.7)
|
6
6
|
json (~> 1.7, >= 1.7.7)
|
7
7
|
minitest (~> 5.1)
|
8
8
|
thread_safe (~> 0.3, >= 0.3.4)
|
9
9
|
tzinfo (~> 1.1)
|
10
|
-
addressable (2.
|
10
|
+
addressable (2.4.0)
|
11
11
|
builder (3.2.2)
|
12
12
|
capistrano (3.4.0)
|
13
13
|
i18n
|
14
14
|
rake (>= 10.0.0)
|
15
15
|
sshkit (~> 1.3)
|
16
|
-
capistrano-monit_runit (3.0
|
17
|
-
activesupport (>=
|
16
|
+
capistrano-monit_runit (3.1.0)
|
17
|
+
activesupport (>= 4.0)
|
18
18
|
capistrano (~> 3.4)
|
19
|
-
colorize (0.7.5)
|
20
19
|
descendants_tracker (0.0.4)
|
21
20
|
thread_safe (~> 0.3, >= 0.3.1)
|
22
|
-
faraday (0.9.
|
21
|
+
faraday (0.9.2)
|
23
22
|
multipart-post (>= 1.2, < 3)
|
24
|
-
git (1.
|
25
|
-
github_api (0.
|
26
|
-
addressable (~> 2.
|
23
|
+
git (1.3.0)
|
24
|
+
github_api (0.13.1)
|
25
|
+
addressable (~> 2.4.0)
|
27
26
|
descendants_tracker (~> 0.0.4)
|
28
27
|
faraday (~> 0.8, < 0.10)
|
29
|
-
hashie (>= 3.
|
28
|
+
hashie (>= 3.4)
|
30
29
|
multi_json (>= 1.7.5, < 2.0)
|
31
|
-
nokogiri (~> 1.6.3)
|
32
30
|
oauth2
|
33
|
-
hashie (3.4.
|
34
|
-
highline (1.7.
|
31
|
+
hashie (3.4.3)
|
32
|
+
highline (1.7.8)
|
35
33
|
i18n (0.7.0)
|
36
|
-
|
34
|
+
json (1.8.3)
|
35
|
+
juwelier (2.1.0)
|
37
36
|
builder
|
38
37
|
bundler (>= 1.0)
|
39
38
|
git (>= 1.2.5)
|
@@ -42,29 +41,28 @@ GEM
|
|
42
41
|
nokogiri (>= 1.5.10)
|
43
42
|
rake
|
44
43
|
rdoc
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
multi_json (1.11.0)
|
44
|
+
jwt (1.5.1)
|
45
|
+
mini_portile2 (2.0.0)
|
46
|
+
minitest (5.8.4)
|
47
|
+
multi_json (1.11.2)
|
50
48
|
multi_xml (0.5.5)
|
51
49
|
multipart-post (2.0.0)
|
52
50
|
net-scp (1.2.1)
|
53
51
|
net-ssh (>= 2.6.5)
|
54
|
-
net-ssh (
|
55
|
-
nokogiri (1.6.
|
56
|
-
|
57
|
-
oauth2 (1.
|
52
|
+
net-ssh (3.0.2)
|
53
|
+
nokogiri (1.6.7.2)
|
54
|
+
mini_portile2 (~> 2.0.0.rc2)
|
55
|
+
oauth2 (1.1.0)
|
58
56
|
faraday (>= 0.8, < 0.10)
|
59
|
-
jwt (~> 1.0)
|
57
|
+
jwt (~> 1.0, < 1.5.2)
|
60
58
|
multi_json (~> 1.3)
|
61
59
|
multi_xml (~> 0.5)
|
62
|
-
rack (
|
63
|
-
rack (1.6.
|
64
|
-
rake (
|
65
|
-
rdoc (4.2.
|
66
|
-
|
67
|
-
|
60
|
+
rack (>= 1.2, < 3)
|
61
|
+
rack (1.6.4)
|
62
|
+
rake (11.1.1)
|
63
|
+
rdoc (4.2.2)
|
64
|
+
json (~> 1.4)
|
65
|
+
sshkit (1.9.0)
|
68
66
|
net-scp (>= 1.1.2)
|
69
67
|
net-ssh (>= 2.8.0)
|
70
68
|
thread_safe (0.3.5)
|
@@ -75,8 +73,11 @@ PLATFORMS
|
|
75
73
|
ruby
|
76
74
|
|
77
75
|
DEPENDENCIES
|
78
|
-
activesupport (>=
|
76
|
+
activesupport (>= 4.0)
|
79
77
|
bundler (~> 1.7)
|
80
78
|
capistrano (~> 3.4)
|
81
|
-
capistrano-monit_runit (~> 3.0
|
82
|
-
|
79
|
+
capistrano-monit_runit (~> 3.1.0)
|
80
|
+
juwelier
|
81
|
+
|
82
|
+
BUNDLED WITH
|
83
|
+
1.11.2
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Capistrano Recipes for Puma
|
2
2
|
|
3
|
-
This gem provides recipes for [Puma](http://puma.io) to setup [runit](http://smarden.org/runit/)
|
3
|
+
This gem provides recipes for [Puma](http://puma.io) to setup [runit](http://smarden.org/runit/) and [monit](http://mmonit.com/monit) for both running and monitoring puma
|
4
4
|
|
5
5
|
## Versioning
|
6
6
|
|
@@ -25,14 +25,6 @@ Add this to your Capfile:
|
|
25
25
|
require 'capistrano/puma'
|
26
26
|
```
|
27
27
|
|
28
|
-
Create a new file in in /etc/sudoers.d/ and add the output of the following commands:
|
29
|
-
|
30
|
-
```
|
31
|
-
cap production runit:sudoers
|
32
|
-
cap production monit:sudoers
|
33
|
-
cap production puma:nginx:sudoers
|
34
|
-
```
|
35
|
-
|
36
28
|
### Monit
|
37
29
|
|
38
30
|
```ruby
|
@@ -98,40 +90,9 @@ before "monit:monitor", "puma:runit:restart"
|
|
98
90
|
|
99
91
|
### nginx
|
100
92
|
|
101
|
-
|
102
|
-
|
103
|
-
```ruby
|
104
|
-
cap puma:nginx:disable # Disable nginx site for the application
|
105
|
-
cap puma:nginx:enable # Enable nginx site for the application
|
106
|
-
cap puma:nginx:purge # Purge nginx site config for the application
|
107
|
-
cap puma:nginx:setup # Parses and uploads nginx configuration for this app.
|
108
|
-
```
|
109
|
-
|
110
|
-
#### Global nginx commands
|
111
|
-
|
112
|
-
```ruby
|
113
|
-
cap nginx:restart # Restart nginx
|
114
|
-
cap nginx:start # Start nginx
|
115
|
-
cap nginx:status # Show nginx status
|
116
|
-
cap nginx:stop # Stop nginx
|
117
|
-
```
|
118
|
-
|
119
|
-
#### Configuration for nginx
|
120
|
-
|
121
|
-
See nginx.rb for configuration options.
|
122
|
-
|
123
|
-
#### Notes when using nginx
|
124
|
-
|
125
|
-
|
126
|
-
You have to run ``` cap production puma:nginx:setup ``` to automatically setup nginx.
|
127
|
-
|
128
|
-
If you do not enable the site during setup, be sure to run the following two commands when you want to enable your site:
|
129
|
-
|
130
|
-
```ruby
|
131
|
-
cap puma:nginx:enable
|
132
|
-
cap nginx:restart
|
133
|
-
```
|
93
|
+
This has been removed, because it is better practice to setup nginx should as part of your infrastructure.
|
134
94
|
|
95
|
+
Most likely you have one or more load balancer and several app servers.
|
135
96
|
|
136
97
|
## Configuration of Monit/Runit
|
137
98
|
|
data/Rakefile
CHANGED
@@ -11,14 +11,14 @@ rescue Bundler::BundlerError => e
|
|
11
11
|
end
|
12
12
|
require 'rake'
|
13
13
|
|
14
|
-
require '
|
15
|
-
|
14
|
+
require 'juwelier'
|
15
|
+
Juwelier::Tasks.new do |gem|
|
16
16
|
# gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
|
17
17
|
gem.name = 'capistrano-pumaio'
|
18
18
|
gem.homepage = 'https://github.com/leifcr/capistrano-puma'
|
19
19
|
gem.license = 'MIT'
|
20
20
|
gem.summary = 'Capistrano recipes for puma using runit and monit'
|
21
|
-
gem.description = 'Capistrano recipes for puma using runit and monit.
|
21
|
+
gem.description = 'Capistrano recipes for puma using runit and monit.'
|
22
22
|
gem.email = 'leifcr@gmail.com'
|
23
23
|
gem.authors = ['Leif Ringstad']
|
24
24
|
gem.files.exclude '.ruby-*'
|
@@ -26,7 +26,7 @@ Jeweler::Tasks.new do |gem|
|
|
26
26
|
gem.files.exclude '.rubocop.yml'
|
27
27
|
# dependencies defined in Gemfile
|
28
28
|
end
|
29
|
-
|
29
|
+
Juwelier::RubygemsDotOrgTasks.new
|
30
30
|
|
31
31
|
# require 'rdoc/task'
|
32
32
|
# Rake::RDocTask.new do |rdoc|
|
@@ -36,4 +36,4 @@ Jeweler::RubygemsDotOrgTasks.new
|
|
36
36
|
# rdoc.title = 'capistrano-empty #{version}'
|
37
37
|
# rdoc.rdoc_files.include('README*')
|
38
38
|
# rdoc.rdoc_files.include('lib/**/*.rb')
|
39
|
-
# end
|
39
|
+
# end
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.
|
1
|
+
3.1.1
|
data/capistrano-pumaio.gemspec
CHANGED
@@ -1,18 +1,18 @@
|
|
1
|
-
# Generated by
|
1
|
+
# Generated by juwelier
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
-
# Instead, edit
|
3
|
+
# Instead, edit Juwelier::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
|
-
# stub: capistrano-pumaio 3.
|
5
|
+
# stub: capistrano-pumaio 3.1.1 ruby lib
|
6
6
|
|
7
7
|
Gem::Specification.new do |s|
|
8
8
|
s.name = "capistrano-pumaio"
|
9
|
-
s.version = "3.
|
9
|
+
s.version = "3.1.1"
|
10
10
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
12
12
|
s.require_paths = ["lib"]
|
13
13
|
s.authors = ["Leif Ringstad"]
|
14
|
-
s.date = "
|
15
|
-
s.description = "Capistrano recipes for puma using runit and monit.
|
14
|
+
s.date = "2016-03-18"
|
15
|
+
s.description = "Capistrano recipes for puma using runit and monit."
|
16
16
|
s.email = "leifcr@gmail.com"
|
17
17
|
s.extra_rdoc_files = [
|
18
18
|
"LICENSE",
|
@@ -27,17 +27,12 @@ Gem::Specification.new do |s|
|
|
27
27
|
"VERSION",
|
28
28
|
"capistrano-pumaio.gemspec",
|
29
29
|
"lib/capistrano/helpers/puma/monit.rb",
|
30
|
-
"lib/capistrano/helpers/puma/nginx.rb",
|
31
30
|
"lib/capistrano/helpers/puma/template_paths.rb",
|
32
31
|
"lib/capistrano/puma.rb",
|
33
32
|
"lib/capistrano/tasks/config.rake",
|
34
33
|
"lib/capistrano/tasks/monit.rake",
|
35
|
-
"lib/capistrano/tasks/nginx.rake",
|
36
|
-
"lib/capistrano/tasks/nginx_config.rake",
|
37
34
|
"lib/capistrano/tasks/runit.rake",
|
38
35
|
"templates/monit/puma.conf.erb",
|
39
|
-
"templates/nginx/application.conf.erb",
|
40
|
-
"templates/nginx/htpasswd.erb",
|
41
36
|
"templates/puma-config.rb.erb",
|
42
37
|
"templates/runit/control/q.erb",
|
43
38
|
"templates/runit/finish.erb",
|
@@ -46,7 +41,7 @@ Gem::Specification.new do |s|
|
|
46
41
|
]
|
47
42
|
s.homepage = "https://github.com/leifcr/capistrano-puma"
|
48
43
|
s.licenses = ["MIT"]
|
49
|
-
s.rubygems_version = "2.
|
44
|
+
s.rubygems_version = "2.5.1"
|
50
45
|
s.summary = "Capistrano recipes for puma using runit and monit"
|
51
46
|
|
52
47
|
if s.respond_to? :specification_version then
|
@@ -54,23 +49,23 @@ Gem::Specification.new do |s|
|
|
54
49
|
|
55
50
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
56
51
|
s.add_runtime_dependency(%q<capistrano>, ["~> 3.4"])
|
57
|
-
s.add_runtime_dependency(%q<activesupport>, [">=
|
58
|
-
s.add_runtime_dependency(%q<capistrano-monit_runit>, ["~> 3.0
|
52
|
+
s.add_runtime_dependency(%q<activesupport>, [">= 4.0"])
|
53
|
+
s.add_runtime_dependency(%q<capistrano-monit_runit>, ["~> 3.1.0"])
|
59
54
|
s.add_development_dependency(%q<bundler>, ["~> 1.7"])
|
60
|
-
s.add_development_dependency(%q<
|
55
|
+
s.add_development_dependency(%q<juwelier>, [">= 0"])
|
61
56
|
else
|
62
57
|
s.add_dependency(%q<capistrano>, ["~> 3.4"])
|
63
|
-
s.add_dependency(%q<activesupport>, [">=
|
64
|
-
s.add_dependency(%q<capistrano-monit_runit>, ["~> 3.0
|
58
|
+
s.add_dependency(%q<activesupport>, [">= 4.0"])
|
59
|
+
s.add_dependency(%q<capistrano-monit_runit>, ["~> 3.1.0"])
|
65
60
|
s.add_dependency(%q<bundler>, ["~> 1.7"])
|
66
|
-
s.add_dependency(%q<
|
61
|
+
s.add_dependency(%q<juwelier>, [">= 0"])
|
67
62
|
end
|
68
63
|
else
|
69
64
|
s.add_dependency(%q<capistrano>, ["~> 3.4"])
|
70
|
-
s.add_dependency(%q<activesupport>, [">=
|
71
|
-
s.add_dependency(%q<capistrano-monit_runit>, ["~> 3.0
|
65
|
+
s.add_dependency(%q<activesupport>, [">= 4.0"])
|
66
|
+
s.add_dependency(%q<capistrano-monit_runit>, ["~> 3.1.0"])
|
72
67
|
s.add_dependency(%q<bundler>, ["~> 1.7"])
|
73
|
-
s.add_dependency(%q<
|
68
|
+
s.add_dependency(%q<juwelier>, [">= 0"])
|
74
69
|
end
|
75
70
|
end
|
76
71
|
|
data/lib/capistrano/puma.rb
CHANGED
@@ -6,16 +6,8 @@ def try_require(library)
|
|
6
6
|
end
|
7
7
|
end
|
8
8
|
|
9
|
-
# try_require 'tasks/config.rake'
|
10
|
-
# try_require 'tasks/monit.rake'
|
11
|
-
# try_require 'tasks/runit.rake'
|
12
|
-
# try_require 'tasks/nginx_config.rake'
|
13
|
-
# try_require 'tasks/nginx.rake'
|
14
|
-
# try_require 'tasks/.rake'
|
15
9
|
try_require 'capistrano/monit'
|
16
10
|
try_require 'capistrano/runit'
|
17
11
|
load File.expand_path('../tasks/config.rake', __FILE__)
|
18
12
|
load File.expand_path('../tasks/monit.rake', __FILE__)
|
19
13
|
load File.expand_path('../tasks/runit.rake', __FILE__)
|
20
|
-
load File.expand_path('../tasks/nginx_config.rake', __FILE__)
|
21
|
-
load File.expand_path('../tasks/nginx.rake', __FILE__)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: capistrano-pumaio
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Leif Ringstad
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2016-03-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: capistrano
|
@@ -30,28 +30,28 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - ">="
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: '
|
33
|
+
version: '4.0'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - ">="
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: '
|
40
|
+
version: '4.0'
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: capistrano-monit_runit
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 3.0
|
47
|
+
version: 3.1.0
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 3.0
|
54
|
+
version: 3.1.0
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: bundler
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -67,21 +67,20 @@ dependencies:
|
|
67
67
|
- !ruby/object:Gem::Version
|
68
68
|
version: '1.7'
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
|
-
name:
|
70
|
+
name: juwelier
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
72
72
|
requirements:
|
73
|
-
- - "
|
73
|
+
- - ">="
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version: '
|
75
|
+
version: '0'
|
76
76
|
type: :development
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
|
-
- - "
|
80
|
+
- - ">="
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version: '
|
83
|
-
description: Capistrano recipes for puma using runit and monit.
|
84
|
-
for the app server.
|
82
|
+
version: '0'
|
83
|
+
description: Capistrano recipes for puma using runit and monit.
|
85
84
|
email: leifcr@gmail.com
|
86
85
|
executables: []
|
87
86
|
extensions: []
|
@@ -97,17 +96,12 @@ files:
|
|
97
96
|
- VERSION
|
98
97
|
- capistrano-pumaio.gemspec
|
99
98
|
- lib/capistrano/helpers/puma/monit.rb
|
100
|
-
- lib/capistrano/helpers/puma/nginx.rb
|
101
99
|
- lib/capistrano/helpers/puma/template_paths.rb
|
102
100
|
- lib/capistrano/puma.rb
|
103
101
|
- lib/capistrano/tasks/config.rake
|
104
102
|
- lib/capistrano/tasks/monit.rake
|
105
|
-
- lib/capistrano/tasks/nginx.rake
|
106
|
-
- lib/capistrano/tasks/nginx_config.rake
|
107
103
|
- lib/capistrano/tasks/runit.rake
|
108
104
|
- templates/monit/puma.conf.erb
|
109
|
-
- templates/nginx/application.conf.erb
|
110
|
-
- templates/nginx/htpasswd.erb
|
111
105
|
- templates/puma-config.rb.erb
|
112
106
|
- templates/runit/control/q.erb
|
113
107
|
- templates/runit/finish.erb
|
@@ -133,7 +127,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
133
127
|
version: '0'
|
134
128
|
requirements: []
|
135
129
|
rubyforge_project:
|
136
|
-
rubygems_version: 2.
|
130
|
+
rubygems_version: 2.5.1
|
137
131
|
signing_key:
|
138
132
|
specification_version: 4
|
139
133
|
summary: Capistrano recipes for puma using runit and monit
|
@@ -1,18 +0,0 @@
|
|
1
|
-
module Capistrano
|
2
|
-
module Helpers
|
3
|
-
module Puma
|
4
|
-
##
|
5
|
-
# Module Nginx provides helper functions for nginx configuration
|
6
|
-
##
|
7
|
-
module Nginx
|
8
|
-
module_function
|
9
|
-
|
10
|
-
def default_pw_generator
|
11
|
-
pw = SecureRandom.random_number(36**10).to_s(36).rjust(10, '0')
|
12
|
-
info "Random password generated: #{pw}"
|
13
|
-
pw
|
14
|
-
end
|
15
|
-
end
|
16
|
-
end
|
17
|
-
end
|
18
|
-
end
|
@@ -1,119 +0,0 @@
|
|
1
|
-
require 'capistrano/dsl/base_paths'
|
2
|
-
require 'capistrano/helpers/base'
|
3
|
-
require 'capistrano/helpers/puma/nginx'
|
4
|
-
include Capistrano::DSL::BasePaths
|
5
|
-
include Capistrano::Helpers::Base
|
6
|
-
include Capistrano::Helpers::Puma::Nginx
|
7
|
-
|
8
|
-
namespace :puma do
|
9
|
-
namespace :nginx do
|
10
|
-
desc 'Get the config needed to add to sudoers for nginx commands'
|
11
|
-
task :sudoers do
|
12
|
-
run_locally do
|
13
|
-
puts '#---------------ENTRIES FOR SUDOERS (Nginx)---------------------'
|
14
|
-
puts "#{fetch(:user)} ALL=NOPASSWD: /bin/mkdir -p #{fetch(:nginx_log_path)}"
|
15
|
-
puts "#{fetch(:user)} ALL=NOPASSWD: /bin/chown -R #{fetch(:user)}\\:root #{fetch(:nginx_log_path)}"
|
16
|
-
puts "#{fetch(:user)} ALL=NOPASSWD: /bin/chmod 6775 #{fetch(:nginx_log_path)}"
|
17
|
-
puts "#{fetch(:user)} ALL=NOPASSWD: /bin/chown #{fetch(:user)}\\:root #{fetch(:nginx_sites_enabled_path)}"
|
18
|
-
puts "#{fetch(:user)} ALL=NOPASSWD: /usr/sbin/service nginx *"
|
19
|
-
puts '#---------------------------------------------------------------'
|
20
|
-
end
|
21
|
-
# info "#{fetch(:user)} ALL=NOPASSWD: /bin/chown deploy:root #{monit_monitrc_file}"
|
22
|
-
end
|
23
|
-
|
24
|
-
desc 'Generates and uploads nginx configuration for this app to the App server(s)'
|
25
|
-
# task :setup, :roles => :app , :except => { :no_release => true } do
|
26
|
-
task :setup do
|
27
|
-
# Will setup nginx on the application server, as single-host app/web server is used behind load balancer
|
28
|
-
# Nginx is used for talking over socket to puma instead of opening puma to the 'world'
|
29
|
-
on roles(:app) do |host|
|
30
|
-
info "NGINX: Setting up for puma for #{fetch(:application)} on #{host}"
|
31
|
-
upload! template_to_s_io(fetch(:nginx_config_template)), fetch(:nginx_remote_config)
|
32
|
-
if (fetch(:nginx_use_simple_auth)) || fetch(:nginx_ssl_use_simple_auth)
|
33
|
-
set :pw, ask('', '')
|
34
|
-
set :create_httpwd, ask('Create .httpasswd configuration file [Yn]', 'Y')
|
35
|
-
# if auth is enabled, upload htpasswd file
|
36
|
-
# Since passwords are stored in plaintext in the deployment file, you should use simple auth with care.
|
37
|
-
# It is generally better to implement a full authorization stack like oauth, use devise on rails,
|
38
|
-
# or other login/auth system
|
39
|
-
if fetch(:create_httpwd)
|
40
|
-
set :nginx_simple_auth_password, default_pw_generator if fetch(:nginx_simple_auth_password).nil?
|
41
|
-
upload! template_to_s_io(fetch(:nginx_htpasswd_template)), fetch(:nginx_remote_htpasswd)
|
42
|
-
else
|
43
|
-
set :nginx_use_simple_auth, false
|
44
|
-
set :nginx_ssl_use_simple_auth, false
|
45
|
-
end
|
46
|
-
end
|
47
|
-
# create log path
|
48
|
-
# /var/log/nginx must be writable by 'deploy' user, usually this can be acomplished by adding the deploy user to
|
49
|
-
# the www-data group
|
50
|
-
execute :sudo, :mkdir, "-p #{fetch(:nginx_log_path)}"
|
51
|
-
execute :sudo, :chown, "-R #{fetch(:user)}:root #{fetch(:nginx_log_path)}"
|
52
|
-
execute :sudo, :chmod, "6775 #{fetch(:nginx_log_path)}"
|
53
|
-
execute :mkdir, "-p #{fetch(:nginx_app_log_path)}"
|
54
|
-
end
|
55
|
-
end
|
56
|
-
|
57
|
-
desc 'Enable nginx site for the application'
|
58
|
-
task :enable do
|
59
|
-
on roles(:app) do |host|
|
60
|
-
if test("[ ! -h #{fetch(:nginx_sites_enabled_symlink)} ]")
|
61
|
-
info "NGINX: Enabling application #{fetch(:application)} on #{host}"
|
62
|
-
# Make sure deploy user can symlink site
|
63
|
-
execute :sudo, :chown, "#{fetch(:user)}:root #{fetch(:nginx_sites_enabled_path)}"
|
64
|
-
execute :ln, "-sf #{fetch(:nginx_remote_config)} #{fetch(:nginx_sites_enabled_symlink)}"
|
65
|
-
else
|
66
|
-
info "NGINX: Already enabled application #{fetch(:application)} on #{host}"
|
67
|
-
end
|
68
|
-
end
|
69
|
-
end
|
70
|
-
|
71
|
-
desc 'Disable nginx site for the application'
|
72
|
-
task :disable do
|
73
|
-
on roles(:app) do |host|
|
74
|
-
if test("[ -h #{fetch(:nginx_sites_enabled_symlink)} ]")
|
75
|
-
info "NGINX: Disabling application #{fetch(:application)} on #{host}"
|
76
|
-
# Make sure deploy user can unsymlink site
|
77
|
-
execute :sudo, :chown, "#{fetch(:user)}:root #{fetch(:nginx_sites_enabled_path)}"
|
78
|
-
execute :rm, "-f #{fetch(:nginx_sites_enabled_symlink)}"
|
79
|
-
else
|
80
|
-
info "NGINX: Already disabled application #{fetch(:application)} on #{host}"
|
81
|
-
end
|
82
|
-
end
|
83
|
-
end
|
84
|
-
|
85
|
-
desc 'Purge nginx site config for the application'
|
86
|
-
task :purge do
|
87
|
-
on roles(:app) do |host|
|
88
|
-
info "NGINX: Purging configuration for #{fetch(:application)} on #{host}"
|
89
|
-
execute :rm, "-f #{fetch(:nginx_sites_enabled_symlink)}" if test("[ -h #{fetch(:nginx_sites_enabled_symlink)} ]")
|
90
|
-
execute :rm, "-f #{fetch(:nginx_remote_htpasswd)}"
|
91
|
-
execute :rm, "-f #{fetch(:nginx_remote_config)}"
|
92
|
-
# must restart nginx to make sure site is disabled when config is purge
|
93
|
-
execute :sudo, :service, 'nginx restart'
|
94
|
-
end
|
95
|
-
end
|
96
|
-
end
|
97
|
-
end
|
98
|
-
|
99
|
-
namespace :nginx do
|
100
|
-
%w(start stop restart status).each do |nginx_cmd|
|
101
|
-
desc "Nginx/Puma: #{nginx_cmd.capitalize}"
|
102
|
-
task nginx_cmd.to_sym do
|
103
|
-
on roles(:app) do |host|
|
104
|
-
info "NGINX: Performing #{nginx_cmd} for #{fetch(:application)} on #{host}"
|
105
|
-
execute :sudo, :service, "nginx #{nginx_cmd}"
|
106
|
-
end
|
107
|
-
end
|
108
|
-
end
|
109
|
-
end
|
110
|
-
|
111
|
-
# after 'deploy:setup' do
|
112
|
-
# puma.nginx.setup if Capistrano::CLI.ui.agree("Create nginx configuration file? [Yn]")
|
113
|
-
# if Capistrano::CLI.ui.agree("Enable site in nginx? [Yn]")
|
114
|
-
# puma.nginx.enable
|
115
|
-
# nginx.restart # must restart after enable for nginx to pickup new site
|
116
|
-
# end
|
117
|
-
# end
|
118
|
-
|
119
|
-
after 'sudoers', 'puma:nginx:sudoers'
|
@@ -1,63 +0,0 @@
|
|
1
|
-
require 'active_support'
|
2
|
-
require 'active_support/core_ext/string/filters'
|
3
|
-
require 'capistrano/helpers/puma/template_paths'
|
4
|
-
require 'capistrano/helpers/base'
|
5
|
-
include Capistrano::Helpers::Base
|
6
|
-
|
7
|
-
namespace :load do
|
8
|
-
task :defaults do
|
9
|
-
# Where your nginx lives. Usually /opt/nginx or /usr/local/nginx for source compiled.
|
10
|
-
set :nginx_sites_enabled_path, '/etc/nginx/sites-enabled'
|
11
|
-
|
12
|
-
# simple authorization in nginx recipe
|
13
|
-
# Remember NOT to share your deployment file in case you have sensitive passwords stored in it...
|
14
|
-
# This is added to make it easier to deploy staging sites with a simple htpasswd.
|
15
|
-
|
16
|
-
set :nginx_use_simple_auth, false
|
17
|
-
set :nginx_simple_auth_message, 'Restricted site'
|
18
|
-
set :nginx_simple_auth_user, 'user'
|
19
|
-
set :nginx_simple_auth_password, nil # if set to nil, it will automatically be generated
|
20
|
-
set :nginx_simple_auth_salt, (0...8).map { ('a'..'z').to_a[rand(26)] }.join
|
21
|
-
|
22
|
-
# Server names. Defaults to application name.
|
23
|
-
set :server_names, proc { app_env_underscore }
|
24
|
-
|
25
|
-
# Path to the nginx erb template to be parsed before uploading to remote
|
26
|
-
set :nginx_config_template, File.join(Capistrano::Helpers::Puma::TemplatePaths.template_base_path, 'nginx', 'application.conf.erb') # rubocop:disable Metrics/LineLength
|
27
|
-
|
28
|
-
# Path to where your remote config will reside (I use a directory sites inside conf)
|
29
|
-
set :nginx_remote_config, proc { shared_path.join('config', "nginx_#{app_env_underscore}.conf") }
|
30
|
-
|
31
|
-
# Path to local htpasswd template file
|
32
|
-
set :nginx_htpasswd_template, File.join(Capistrano::Helpers::Puma::TemplatePaths.template_base_path, 'nginx', 'htpasswd.erb')
|
33
|
-
|
34
|
-
# Path to remote htpasswd file
|
35
|
-
set :nginx_remote_htpasswd, proc { shared_path.join('config', '.htpasswd') }
|
36
|
-
|
37
|
-
set :nginx_sites_enabled_symlink, proc { File.join(fetch(:nginx_sites_enabled_path), app_env_underscore) }
|
38
|
-
|
39
|
-
set :nginx_uses_http, true
|
40
|
-
set :nginx_uses_ssl, false
|
41
|
-
set :nginx_port, 80
|
42
|
-
|
43
|
-
set :nginx_log_path, proc { File.join('/var', 'log', 'nginx') }
|
44
|
-
|
45
|
-
set :nginx_app_log_path, proc { File.join(fetch(:nginx_log_path), fetch(:application).squish.downcase.gsub(/[\s|-]/, '_')) }
|
46
|
-
|
47
|
-
set :nginx_client_max_body_size, '10M'
|
48
|
-
|
49
|
-
set :nginx_ssl_port, 443
|
50
|
-
set :nginx_ssl_use_simple_auth, false
|
51
|
-
set :nginx_ssl_client_max_body_size, '10M'
|
52
|
-
set :nginx_ssl_public_crt, File.join('/etc', 'certs', 'server.crt')
|
53
|
-
set :nginx_ssl_private_key, File.join('/etc', 'certs', 'server.key')
|
54
|
-
|
55
|
-
set :nginx_puma_server_url, proc { "unix:#{fetch(:puma_socket_file)}" }
|
56
|
-
set :nginx_puma_server_timeout, proc { 'fail_timeout=0' }
|
57
|
-
|
58
|
-
# Supply a block of text to add to the nginx config file before hitting puma server (rewrites etc)
|
59
|
-
set :nginx_extra_rules, nil
|
60
|
-
# Same as above but for ssl
|
61
|
-
set :nginx_extra_rules_ssl, nil
|
62
|
-
end
|
63
|
-
end
|
@@ -1,184 +0,0 @@
|
|
1
|
-
# Nginx configuration
|
2
|
-
# <%= "#{fetch(:application)} running as #{fetch(:user)} in environment #{environment}" %>
|
3
|
-
# <%
|
4
|
-
upstream_name = "#{fetch(:application)}_#{environment}_app_server"
|
5
|
-
upstream_name_ssl = "#{fetch(:application)}_#{environment}_app_server_ssl"
|
6
|
-
%>
|
7
|
-
#
|
8
|
-
|
9
|
-
upstream <%= upstream_name %> {
|
10
|
-
server <%= fetch(:nginx_puma_server_url) %> <%= fetch(:nginx_puma_server_timeout) %>;
|
11
|
-
}
|
12
|
-
|
13
|
-
<% if fetch(:nginx_uses_http) %>
|
14
|
-
#
|
15
|
-
# HTTP server configuration
|
16
|
-
#
|
17
|
-
server {
|
18
|
-
listen <%= fetch(:nginx_port) %>;
|
19
|
-
client_max_body_size <%= fetch(:nginx_client_max_body_size) %>;
|
20
|
-
server_name <%= fetch(:server_names) %>;
|
21
|
-
|
22
|
-
# ~2 seconds is often enough for most folks to parse HTML/CSS and
|
23
|
-
# retrieve needed images/icons/frames, connections are cheap in
|
24
|
-
# nginx so increasing this is generally safe...
|
25
|
-
# 8 seconds might be needed for some mobile devs
|
26
|
-
keepalive_timeout 8;
|
27
|
-
|
28
|
-
# path for static files
|
29
|
-
root <%= fetch(:deploy_to) %>/current/public;
|
30
|
-
access_log <%= fetch(:nginx_app_log_path) %>/<%= environment %>.access.log;
|
31
|
-
error_log <%= fetch(:nginx_app_log_path) %>/<%= environment %>.error.log info;
|
32
|
-
|
33
|
-
# this rewrites all the requests to the maintenance.html
|
34
|
-
# page if it exists in the doc root. This is for capistrano's
|
35
|
-
# disable web task
|
36
|
-
if (-f $document_root/system/maintenance.html) {
|
37
|
-
rewrite ^(.*)$ /system/maintenance.html last;
|
38
|
-
break;
|
39
|
-
}
|
40
|
-
|
41
|
-
location / {
|
42
|
-
<% if fetch(:nginx_use_simple_auth) %>
|
43
|
-
auth_basic "<%= fetch(:nginx_simple_auth_message) %>";
|
44
|
-
auth_basic_user_file <%= fetch(:nginx_remote_htpasswd) %>;
|
45
|
-
<% end %>
|
46
|
-
|
47
|
-
# needed to forward user's IP address to rails
|
48
|
-
proxy_set_header X-Real-IP $remote_addr;
|
49
|
-
|
50
|
-
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
51
|
-
proxy_set_header Host $http_host;
|
52
|
-
|
53
|
-
# if the request is for a static resource, nginx should serve it directly
|
54
|
-
# and add a far future expires header to it, making the browser
|
55
|
-
# cache the resource and navigate faster over the website.
|
56
|
-
location ~ ^/(assets)/.+-([0-9a-zA-Z])+\. {
|
57
|
-
gzip_static on;
|
58
|
-
expires max;
|
59
|
-
add_header Cache-Control public;
|
60
|
-
}
|
61
|
-
|
62
|
-
# Serve images outside the asset path
|
63
|
-
# Now this supposedly should work as it gets the filenames with querystrings that Rails provides.
|
64
|
-
# BUT there's a chance it could break the ajax calls.
|
65
|
-
location ~* \.(ico|css|gif|jpe?g|png)(\?[0-9]+)?$ {
|
66
|
-
expires max;
|
67
|
-
}
|
68
|
-
|
69
|
-
# Serve javascript outside the asset path
|
70
|
-
location ~ ^/javascripts/.*\.js(\?[0-9]+)?$ {
|
71
|
-
expires max;
|
72
|
-
}
|
73
|
-
|
74
|
-
# If the file exists as a static file serve it directly without
|
75
|
-
# running all the other rewrite tests on it
|
76
|
-
if (-f $request_filename) {
|
77
|
-
break;
|
78
|
-
}
|
79
|
-
|
80
|
-
<%= fetch(:nginx_extra_rules) unless fetch(:nginx_extra_rules).nil? %>
|
81
|
-
|
82
|
-
if (!-f $request_filename) {
|
83
|
-
proxy_pass http://<%= upstream_name %>;
|
84
|
-
break;
|
85
|
-
}
|
86
|
-
}
|
87
|
-
|
88
|
-
# Rails error pages
|
89
|
-
error_page 500 502 503 504 /500.html;
|
90
|
-
location = /500.html {
|
91
|
-
root <%= fetch(:deploy_to) %>/current/public;
|
92
|
-
}
|
93
|
-
}
|
94
|
-
<% end %>
|
95
|
-
|
96
|
-
<% if fetch(:nginx_uses_ssl) %>
|
97
|
-
#
|
98
|
-
# HTTPs server configuration
|
99
|
-
#
|
100
|
-
upstream <%= upstream_name_ssl %> {
|
101
|
-
server <%= fetch(:nginx_puma_server_url) %> <%= fetch(:nginx_puma_server_timeout) %>;
|
102
|
-
}
|
103
|
-
|
104
|
-
# This server is setup for ssl. Uncomment if
|
105
|
-
# you are using ssl as well as port 80.
|
106
|
-
server {
|
107
|
-
listen <%= fetch(:nginx_ssl_port) %>;
|
108
|
-
server_name <%= fetch(:server_names) %>;
|
109
|
-
ssl on;
|
110
|
-
ssl_certificate <%= fetch(:nginx_ssl_public_crt) %>;
|
111
|
-
ssl_certificate_key <%= fetch(:nginx_ssl_private_key) %>;
|
112
|
-
ssl_session_timeout 5m;
|
113
|
-
client_max_body_size <%= fetch(:nginx_ssl_client_max_body_size) %>;
|
114
|
-
|
115
|
-
root <%= fetch(:deploy_to) %>/current/public;
|
116
|
-
access_log <%= fetch(:nginx_app_log_path) %>/<%= environment %>_ssl.access.log;
|
117
|
-
error_log <%= fetch(:nginx_app_log_path) %>/<%= environment %>_ssl.error.log info;
|
118
|
-
|
119
|
-
# this rewrites all the requests to the maintenance.html
|
120
|
-
# page if it exists in the doc root. This is for capistrano's
|
121
|
-
# disable web task
|
122
|
-
if (-f $document_root/system/maintenance.html) {
|
123
|
-
rewrite ^(.*)$ /system/maintenance.html last;
|
124
|
-
break;
|
125
|
-
}
|
126
|
-
|
127
|
-
location / {
|
128
|
-
<% if fetch(:nginx_ssl_use_simple_auth) %>
|
129
|
-
auth_basic "<%= fetch(:nginx_simple_auth_message) %>";
|
130
|
-
auth_basic_user_file <%= fetch(:nginx_remote_htpasswd) %>;
|
131
|
-
<% end %>
|
132
|
-
|
133
|
-
# needed to forward user's IP address to rails
|
134
|
-
proxy_set_header X-Real-IP $remote_addr;
|
135
|
-
|
136
|
-
# needed for HTTPS
|
137
|
-
proxy_set_header X_FORWARDED_PROTO https;
|
138
|
-
|
139
|
-
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
140
|
-
proxy_set_header Host $http_host;
|
141
|
-
proxy_redirect off;
|
142
|
-
proxy_max_temp_file_size 0;
|
143
|
-
|
144
|
-
# if the request is for a static resource, nginx should serve it directly
|
145
|
-
# and add a far future expires header to it, making the browser
|
146
|
-
# cache the resource and navigate faster over the website.
|
147
|
-
location ~ ^/(assets)/.+-([0-9a-zA-Z])+\. {
|
148
|
-
gzip_static on;
|
149
|
-
expires max;
|
150
|
-
add_header Cache-Control public;
|
151
|
-
}
|
152
|
-
|
153
|
-
# Serve images outside the asset path
|
154
|
-
# Now this supposedly should work as it gets the filenames with querystrings that Rails provides.
|
155
|
-
# BUT there's a chance it could break the ajax calls.
|
156
|
-
location ~* \.(ico|css|gif|jpe?g|png)(\?[0-9]+)?$ {
|
157
|
-
expires max;
|
158
|
-
}
|
159
|
-
|
160
|
-
# Serve javascript outside the asset path
|
161
|
-
location ~ ^/javascripts/.*\.js(\?[0-9]+)?$ {
|
162
|
-
expires max;
|
163
|
-
}
|
164
|
-
|
165
|
-
# If the file exists as a static file serve it directly without
|
166
|
-
# running all the other rewite tests on it
|
167
|
-
if (-f $request_filename) {
|
168
|
-
break;
|
169
|
-
}
|
170
|
-
|
171
|
-
<%= fetch(:nginx_extra_rules_ssl) unless fetch(:nginx_extra_rules_ssl).nil? %>
|
172
|
-
|
173
|
-
if (!-f $request_filename) {
|
174
|
-
proxy_pass http://<%= upstream_name_ssl %>;
|
175
|
-
break;
|
176
|
-
}
|
177
|
-
}
|
178
|
-
|
179
|
-
error_page 500 502 503 504 /500.html;
|
180
|
-
location = /500.html {
|
181
|
-
root <%= fetch(:deploy_to) %>/current/public;
|
182
|
-
}
|
183
|
-
}
|
184
|
-
<% end %>
|
@@ -1,6 +0,0 @@
|
|
1
|
-
# Capistrano deployed htpasswd file
|
2
|
-
#
|
3
|
-
# Remember NOT to share your deployment file in case you have sensitive passwords stored in it.
|
4
|
-
# You probably shouldn't use this in production in case your deploy.rb is visible on public sites.
|
5
|
-
|
6
|
-
<%= fetch(:nginx_simple_auth_user) %>:<%= fetch(:nginx_simple_auth_password).crypt(fetch(:nginx_simple_auth_salt)) %>:Autogenerated user from capistrano deployment
|