capistrano-unicorn-nginx 4.0.0 → 4.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a37970a3480eb781d0d40b6792d9627e50b24714
-  data.tar.gz: 0f5787d26ca17a85ac5c79b46b89d6520e8982a5
+  metadata.gz: 9fe00dbabd4665ed0ccb5d10829f8e717cc5c2d7
+  data.tar.gz: 34dc0d1bc6cb2b731e536389382693981f09d83b
 SHA512:
-  metadata.gz: 4652fe755d073511d294dadf8afd41c6064cbe96a1d5beb338a122c7dee89f61654e442b48cbb5663c20d7a6253369177096659b8dc83e42c7ce0685796577fc
-  data.tar.gz: 6400973df6b4490ad2968455106bf71a3cce73c9b28c68df5966c03f574f1ea87bb196410d0d3a1f16846354ec3196800abd296439bb6b66687228b2805619b9
+  metadata.gz: c8dfbf17556637f0cbc88c29a7a8d52d4524b9bb87a83028216e12aaa7e0972d104cafb7cb89629527d3b49c28e13724ebae74a91c1fae8d2b752d9b2f7ed208
+  data.tar.gz: 776ac431b05d7db9f967f7294371a60228dbd9ea5dece3faac483a520d80b4ec5a17ee118e0a86aebb5c0eba3489ea838cac366f60259cad97fdbdbca92d4954

data/CHANGELOG.md

@@ -2,6 +2,12 @@
 
 ### master
 
+
+### v4.1.0, 2017-06-21
+- Auto-generate dhparams.pem if missing
+- Add support for http2
+- Fix unicorn:restart
+
 ### v4.0.0, 2016-03-29
 - Improves SSL security and performance. Breaking changes with 3.4.0. Please
   read README.md

data/README.md

@@ -1,5 +1,8 @@
 # Capistrano::UnicornNginx
 
+> NOTE: The instructions below are no longer necessary from version 4.1.0. 
+> The dhparam file will be automatically generated if missing.
+>
 > IMPORTANT NOTE. When upgrading to 4.0.0, please ensure you have
 > generated a new 2048 bits Diffie-Hellman group. Run the following command 
 > on your server before installing this gem:
@@ -7,6 +10,7 @@
 > `openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048` 
 >
 > See <https://weakdh.org/sysadmin.html> for more details.
+>
 
 Capistrano tasks for automatic and sensible unicorn + nginx configuraion.
 
@@ -33,8 +37,8 @@ see below for all available tasks
 Add this to `Gemfile`:
 
     group :development do
-      gem 'capistrano', '~> 3.2.1'
-      gem 'capistrano-unicorn-nginx', '~> 3.2.0'
+      gem 'capistrano', '~> 3.6.1'
+      gem 'capistrano-unicorn-nginx', '~> 4.1.0'
     end
 
 And then:
@@ -50,6 +54,15 @@ Depending on your needs 2 general scenarios are covered:
   (unicorn) on the same node.
 - [multiple server setup](https://github.com/capistrano-plugins/capistrano-unicorn-nginx/wiki/Multiple-server-setup)<br/>
   Webserver (nginx) and application server (unicorn) run on different nodes.
+  
+### Ubuntu 16.04 ###
+In order for current version to work you need upstart installed instead of systemd.
+
+`sudo apt-get install upstart-sysv package` 
+
+This commando should remove `ubuntu-standard` and `systemd-sysv`.
+
+After that go ahead and run `sudo update-initramfs -u`.
 
 ### Default log file directories
 

data/lib/capistrano/dsl/nginx_paths.rb

@@ -6,12 +6,16 @@ module Capistrano
         "#{fetch(:nginx_location)}/sites-available/#{fetch(:nginx_config_name)}"
       end
 
+      def nginx_dh_params_file
+        "/etc/nginx/ssl/dhparam.pem"
+      end
+
       def nginx_sites_enabled_file
         "#{fetch(:nginx_location)}/sites-enabled/#{fetch(:nginx_config_name)}"
       end
 
       def nginx_service_path
-        '/etc/init.d/nginx'
+        "#{fetch(:nginx_service_path)}"
       end
 
       def nginx_default_pid_file

data/lib/capistrano/tasks/nginx.rake

@@ -9,11 +9,13 @@ namespace :load do
     set :templates_path, 'config/deploy/templates'
     set :nginx_config_name, -> { "#{fetch(:application)}_#{fetch(:stage)}" }
     set :nginx_pid, nginx_default_pid_file
+    set :nginx_service_path, '/etc/init.d/nginx'
     # set :nginx_server_name # default set in the `nginx:defaults` task
     # ssl options
     set :nginx_location, '/etc/nginx'
     set :nginx_use_ssl, false
     set :nginx_use_spdy, false
+    set :nginx_use_http2, false
     # if true, passes the SSL client certificate to the application server for consumption in Ruby code
     set :nginx_pass_ssl_client_cert, false
     set :nginx_ssl_cert, -> { nginx_default_ssl_cert_file_name }
@@ -47,6 +49,16 @@ namespace :nginx do
     end
   end
 
+  desc 'Setup nginx Diffie-Hellman parameters'
+  task :setup_dh_params do
+    next unless fetch(:nginx_use_ssl)
+    on roles :web do
+      next if file_exists?(nginx_dh_params_file) && file_exists?(nginx_dh_params_file)
+      sudo :mkdir, '-p', File.dirname(nginx_dh_params_file)
+      sudo :openssl, 'dhparam -out', nginx_dh_params_file, '2048'
+    end
+  end
+
   desc 'Setup nginx ssl certs'
   task :setup_ssl do
     next unless fetch(:nginx_use_ssl)
@@ -69,8 +81,8 @@ namespace :nginx do
   end
 
   before :setup, :defaults
+  before :setup_dh_params, :defaults
   before :setup_ssl, :defaults
-
 end
 
 namespace :deploy do
@@ -80,5 +92,6 @@ end
 desc 'Server setup tasks'
 task :setup do
   invoke 'nginx:setup'
+  invoke 'nginx:setup_dh_params'
   invoke 'nginx:setup_ssl'
 end

data/lib/capistrano/tasks/unicorn.rake

@@ -59,7 +59,7 @@ namespace :unicorn do
     end
   end
 
-  %w[start stop restart].each do |command|
+  %w[start stop reload upgrade].each do |command|
     desc "#{command} unicorn"
     task command do
       on roles :app do
@@ -68,6 +68,17 @@ namespace :unicorn do
     end
   end
 
+  desc 'restart unicorn'
+  task 'restart' do
+    on roles :app do
+      if test "[ -f #{fetch(:unicorn_pid)} ]"
+        sudo 'service', fetch(:unicorn_service), 'upgrade'
+      else
+        sudo 'service', fetch(:unicorn_service), 'start'
+      end
+    end
+  end
+
   before :setup_initializer, :defaults
   before :setup_logrotate, :defaults
 

data/lib/capistrano/unicorn_nginx/version.rb

@@ -1,5 +1,5 @@
 module Capistrano
   module UnicornNginx
-    VERSION = "4.0.0"
+    VERSION = "4.1.0"
   end
 end

data/lib/generators/capistrano/unicorn_nginx/templates/_default_server_directive.erb

@@ -7,7 +7,9 @@ map $ssl_client_raw_cert $a {
 
 server {
 <% if fetch(:nginx_use_ssl) -%>
-    <% if fetch(:nginx_use_spdy) -%>
+    <% if fetch(:nginx_use_http2) -%>
+    listen <%= ssl_port %> http2;
+    <% elsif fetch(:nginx_use_spdy) -%>
     listen <%= ssl_port %> spdy;
     <% else -%>
     listen <%= ssl_port %>;
@@ -24,7 +26,7 @@ server {
 
     ssl_stapling on;
     ssl_stapling_verify on;
-    ssl_dhparam /etc/nginx/ssl/dhparam.pem;
+    ssl_dhparam <%= nginx_dh_params_file %>;
 <% else -%>
     listen <%= fetch(:nginx_server_port) %>;
 <% end -%>

data/lib/generators/capistrano/unicorn_nginx/templates/unicorn.rb.erb

@@ -28,7 +28,8 @@ before_fork do |server, worker|
   old_pid = "#{server.config[:pid]}.oldbin"
   if File.exists?(old_pid) && server.pid != old_pid
     begin
-      Process.kill("QUIT", File.read(old_pid).to_i)
+      sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
+      Process.kill(sig, File.read(old_pid).to_i)
     rescue Errno::ENOENT, Errno::ESRCH
       # someone else did our job for us
     end

data/lib/generators/capistrano/unicorn_nginx/templates/unicorn_init.erb

@@ -53,7 +53,7 @@ force-stop)
   echo >&2 "Not running"
   ;;
 restart|reload)
-  sig USR2 && echo reloaded OK && exit 0
+  sig HUP && echo reloaded OK && exit 0
   echo >&2 "Couldn't reload, starting '$CMD' instead"
   run "$CMD"
   ;;

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: capistrano-unicorn-nginx
 version: !ruby/object:Gem::Version
-  version: 4.0.0
+  version: 4.1.0
 platform: ruby
 authors:
 - Ruben Stranders
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-03-29 00:00:00.000000000 Z
+date: 2017-06-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capistrano
@@ -107,8 +107,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.6.10
 signing_key: 
 specification_version: 4
 summary: Capistrano tasks for automatic and sensible unicorn + nginx configuraion.
 test_files: []
+has_rdoc: