deploy_mate 0.1 → 0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/CHANGELOG.md +19 -0
- data/Gemfile.lock +9 -7
- data/README.md +57 -29
- data/deploy-mate.gemspec +5 -8
- data/lib/capistrano/configs/application.pill.erb +59 -0
- data/lib/capistrano/configs/fail2ban-nginx-request-limit-filter.conf.erb +13 -0
- data/lib/capistrano/configs/fail2ban-nginx-request-limit-jail.conf.erb +494 -0
- data/lib/capistrano/configs/logrotate.erb +2 -2
- data/lib/capistrano/configs/nginx_app.conf.erb +9 -4
- data/lib/capistrano/configs/nginx_base.conf.erb +1 -1
- data/lib/capistrano/configs/puma.rb.erb +64 -0
- data/lib/capistrano/configs/upstart.conf.erb +1 -1
- data/lib/capistrano/deploy_mate_capfile.rb +2 -2
- data/lib/capistrano/deploy_mate_defaults.rb +5 -4
- data/lib/capistrano/helpers.rb +4 -2
- data/lib/capistrano/modules/shell.rb +7 -0
- data/lib/capistrano/modules/user_management.rb +11 -0
- data/lib/capistrano/scripts/create_ubuntu_user.sh +9 -0
- data/lib/capistrano/scripts/set_defaults.sh +2 -1
- data/lib/capistrano/tasks/bluepill.rake +29 -5
- data/lib/capistrano/tasks/elasticsearch.rake +18 -0
- data/lib/capistrano/tasks/fail2ban.rake +22 -0
- data/lib/capistrano/tasks/logrotate.rake +1 -0
- data/lib/capistrano/tasks/machine.rake +99 -17
- data/lib/capistrano/tasks/nginx.rake +7 -4
- data/lib/capistrano/tasks/puma.rake +18 -0
- data/lib/capistrano/tasks/unicorn.rake +1 -17
- data/lib/capistrano/tasks/upstart.rake +2 -0
- data/lib/deploy_mate/tasks.rake +52 -45
- data/lib/deploy_mate/templates/Capfile.erb +9 -2
- data/lib/deploy_mate/templates/deploy/stage.rb.erb +4 -4
- data/lib/deploy_mate/templates/deploy.rb.erb +22 -4
- data/lib/deploy_mate/templates/deploy_mate.yml.erb +79 -0
- data/lib/deploy_mate.rb +9 -0
- metadata +19 -5
- data/lib/capistrano/configs/unicorn.pill.erb +0 -28
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ec32c8e52b90f88a44633352ed01087acea7343f
|
4
|
+
data.tar.gz: 327d9df9c6fcb3de20af741a7415add88de714f4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 81d39a9da921f0b483e5e5f5a9684d1f9e8bea2d5b93d6701d7f584da05b77c4511a195552d39d2fccea132f9a27397a3d051d60f754211f102946130ea6f287
|
7
|
+
data.tar.gz: ff6de13126be717222170a8556ceb61d8e6b8fe5b9d53beb1455bfbc795d57d9442bdffbdd7c309815b26eddbc1d744ad68c2de90acd178794481858225761ca
|
data/.ruby-version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
|
1
|
+
2.2.3
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
* **0.2 (2016-05-18)**: Configuration moved to YAML-file. SSH-Keys optional. Config-templates overwritable locally.
|
2
|
+
* **0.18.4 (2016-03-22)**: Added mandatory task to install `ssh_key`s
|
3
|
+
* **0.18.2 (2016-03-08)**: Added basic DDoS and flooding-proof via nginx `req_limit` and `fail2ban`
|
4
|
+
* **0.18.1 (2016-03-01)**: Added support for memcached
|
5
|
+
* **0.18 (2016-02-25)**: Added support for capistrano 3.4, Ask before overwriting existing config-files
|
6
|
+
* **2016-02-19**: Made selection of a deployed branch possible
|
7
|
+
* **2016-02-17**: Added support for puma as application server
|
8
|
+
* **2015-10-12**: Support additional linked-directories
|
9
|
+
* **2015-08-27**: Small fix for `nginx`-config regarding gzipping of svgs
|
10
|
+
* **2015-08-14**: Important small fix for `nginx`-config regarding ssl
|
11
|
+
* **2015-08-07**: Small fix for `rvm`-install
|
12
|
+
* **2015-08-06**: Support for optional `sidekiq`
|
13
|
+
* **2015-06-23**: Support for optional `elasticsearch`
|
14
|
+
* **2015-06-23**: Support for optional `whenever`
|
15
|
+
* **2015-06-23**: Support for optional `imagemagick`
|
16
|
+
* **2015-06-23**: Support creation of working `ubuntu` user. Error out if another user than `ubuntu` is used.
|
17
|
+
* **2015-06-22**: Support for choosing your Ruby-version when creating the `Capfile`. Suggestions come from `.ruby-version` and `Gemfile`.
|
18
|
+
* **2015-04-29**: Load custom rake tasks from lib/capistrano/tasks directory.
|
19
|
+
You need to run the generator ```rake deploy_mate:install``` again or add ```Dir.glob('lib/capistrano/tasks/*.rake').each { |r| import r }``` to your Capfile.
|
data/Gemfile.lock
CHANGED
@@ -1,10 +1,11 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
deploy_mate (0.
|
4
|
+
deploy_mate (0.18.4)
|
5
5
|
capistrano (~> 3.0)
|
6
6
|
capistrano-bundler
|
7
7
|
capistrano-rails
|
8
|
+
rake
|
8
9
|
|
9
10
|
GEM
|
10
11
|
remote: https://rubygems.org/
|
@@ -16,17 +17,15 @@ GEM
|
|
16
17
|
capistrano-bundler (1.1.4)
|
17
18
|
capistrano (~> 3.1)
|
18
19
|
sshkit (~> 1.2)
|
19
|
-
capistrano-rails (1.1.
|
20
|
+
capistrano-rails (1.1.6)
|
20
21
|
capistrano (~> 3.1)
|
21
22
|
capistrano-bundler (~> 1.1)
|
22
|
-
colorize (0.7.5)
|
23
23
|
i18n (0.7.0)
|
24
24
|
net-scp (1.2.1)
|
25
25
|
net-ssh (>= 2.6.5)
|
26
|
-
net-ssh (
|
27
|
-
rake (10.
|
28
|
-
sshkit (1.
|
29
|
-
colorize (>= 0.7.0)
|
26
|
+
net-ssh (3.0.2)
|
27
|
+
rake (10.5.0)
|
28
|
+
sshkit (1.8.1)
|
30
29
|
net-scp (>= 1.1.2)
|
31
30
|
net-ssh (>= 2.8.0)
|
32
31
|
|
@@ -35,3 +34,6 @@ PLATFORMS
|
|
35
34
|
|
36
35
|
DEPENDENCIES
|
37
36
|
deploy_mate!
|
37
|
+
|
38
|
+
BUNDLED WITH
|
39
|
+
1.11.2
|
data/README.md
CHANGED
@@ -1,49 +1,77 @@
|
|
1
1
|
# The sturdy d'ploy-mate
|
2
|
-
<img src="http://hanseventures.s3.amazonaws.com/github/
|
2
|
+
<img src="http://hanseventures.s3.amazonaws.com/github/pirate-redbeard_1024.png" width="300" />
|
3
3
|
> T'arrust me, bucko. I can do it.
|
4
4
|
|
5
|
-
This little gem can be added to your ruby-projects in order to **set up a working ruby-server** and **deploy** to it
|
5
|
+
This little gem can be added to your ruby-projects in order to **set up a working ruby-server** and **deploy** to it.
|
6
|
+
|
7
|
+
The resulting server will work with this setup:
|
8
|
+
- [NGINX](http://nginx.org/) Webserver
|
9
|
+
- [Unicorn](http://unicorn.bogomips.org/) Rack App Server / [Puma](http://puma.io/) Rack App Server
|
10
|
+
- [Bluepill](https://github.com/bluepill-rb/bluepill) Process Monitoring
|
11
|
+
- [RVM](http://rvm.io) as user-install
|
12
|
+
- [Optional] [ImageMagick](http://www.imagemagick.org)
|
13
|
+
|
14
|
+
Other stuff taken care of:
|
15
|
+
- Logration
|
16
|
+
- Automatic updates
|
17
|
+
- NTP
|
18
|
+
|
19
|
+
You can choose a Database-Engine:
|
20
|
+
- MySQL
|
21
|
+
- Postgres
|
22
|
+
|
23
|
+
**If you are not using Amazon AWS as a host:** The GEM needs a working Amazon AWS-style `ubuntu`-user on the system in order to work properly. It will create one, if needed.
|
24
|
+
|
25
|
+
It uses the following Capistrano-roles to divide the installed components:
|
26
|
+
- **web**: Machines with this role run NGINX as proxy
|
27
|
+
- **app**: Machines with this role run the Ruby-webapp
|
28
|
+
- **search**: [OPTIONAL] Machines with this role run ElasticSearch
|
29
|
+
- **cronjobs**: [OPTIONAL] For environments where `whenever` should manage/run cronjobs
|
6
30
|
|
7
31
|
## Installation
|
8
|
-
Add
|
32
|
+
* Add the gem to your Gemfile (`gem 'deploy_mate'`) and run `bundle install`.
|
33
|
+
* Spawn yourself a basic **Ubuntu 14** at the provider of your choice.
|
34
|
+
* Create a working SSH-configuration for that server and try it out using `ssh <your-server-name>`.
|
35
|
+
|
36
|
+
## Generate the Capistrano files
|
37
|
+
* Generate the configuration file: `bundle exec rake deploy_mate:default_config`
|
38
|
+
* Edit the configuration file: `open config/deploy_mate.yml`
|
39
|
+
* Generate the Capistrano files out of the config: `bundle exec rake deploy_mate:install`
|
9
40
|
|
41
|
+
**NOTE** for non-rails applications:
|
42
|
+
Since rails supports auto-loading rake tasks, any non-rails application must load the deploy mate rake tasks manually.
|
43
|
+
At **the end** of the your project's `Rakefile`:
|
10
44
|
```
|
11
|
-
|
45
|
+
load 'deploy_mate/tasks.rake'
|
12
46
|
```
|
13
|
-
|
47
|
+
When done: **Remove** `load 'deploy_mate/tasks.rake'` from your `Rakefile`. It is not needed anymore and will otherwise only cause problems.
|
14
48
|
|
15
|
-
|
49
|
+
## Using deploy mate
|
16
50
|
|
17
|
-
|
51
|
+
### Initialize needed server packages
|
18
52
|
```
|
19
|
-
|
20
|
-
```
|
21
|
-
then run
|
53
|
+
bundle exec cap <your-stage> machine:init
|
22
54
|
```
|
23
|
-
rake deploy_mate:install
|
24
|
-
````
|
25
55
|
|
26
|
-
|
27
|
-
|
28
|
-
|
56
|
+
### Copy needed templates
|
57
|
+
```
|
58
|
+
bundle exec cap <your-stage> machine:setup
|
59
|
+
```
|
29
60
|
|
61
|
+
### Deploy the application
|
30
62
|
```
|
31
|
-
|
32
|
-
config/deploy.rb
|
33
|
-
config/deploy/<your-stage>.rb
|
63
|
+
bundle exec cap <your-stage> deploy
|
34
64
|
```
|
35
|
-
When done: **Remove** `load 'deploy_mate/tasks.rake'` from your `Rakefile`. It is not needed anymore and will otherwise only cause problems.
|
36
65
|
|
37
|
-
|
38
|
-
|
66
|
+
### Reinstalling SSH-Keys
|
67
|
+
If you need to redeploy SSH Keys to your server (e.g. somebody leaves your team),you can
|
68
|
+
always come back to your configuration file at `config/deploy_mate.yml`, change the
|
69
|
+
values and generate the Capistrano files again with `bundle exec rake deploy_mate:install`.
|
70
|
+
To setup just the ssh keys run:
|
71
|
+
|
39
72
|
```
|
40
|
-
bundle
|
73
|
+
bundle exec cap <your-stage> machine:install:ssh_keys
|
41
74
|
```
|
42
|
-
This will bump you up to the latest repo-version.
|
43
75
|
|
44
|
-
|
45
|
-
|
46
|
-
2. Create a working SSH-configuration for that server and try it our using `ssh <your-server-name>`
|
47
|
-
3. Run `cap <your-stage> machine:init` to install the needed packages.
|
48
|
-
4. Run `cap <your-stage> machine:setup` the setup all needed configuration-files on the server
|
49
|
-
5. Run `cap <your-stage> deploy` and be done.
|
76
|
+
### Overwriting Templates
|
77
|
+
You can overwrite the templates used to setup the server. Just place the desired template in your project under `lib/capistrano/configs` and rerun the setup task. All existing templates can be found in this repo under [lib/capistrano/configs](https://github.com/hanseventures/deploy-mate/tree/master/lib/capistrano/configs).
|
data/deploy-mate.gemspec
CHANGED
@@ -1,12 +1,12 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
s.name = "deploy_mate"
|
3
|
-
s.version = "0.
|
3
|
+
s.version = "0.2"
|
4
4
|
|
5
|
-
s.authors = ["Tim Adler"]
|
6
|
-
s.date = %q{
|
5
|
+
s.authors = ["Tim Adler", "Marcus Geißler", "Johannes Strampe"]
|
6
|
+
s.date = %q{2016-03-22}
|
7
7
|
s.description = %q{This is how we deploy around here.}
|
8
8
|
s.summary = s.description
|
9
|
-
s.email = %q{
|
9
|
+
s.email = %q{development (at) hanseventures (dot) com}
|
10
10
|
s.license = "MIT"
|
11
11
|
|
12
12
|
s.files = `git ls-files`.split("\n")
|
@@ -19,7 +19,4 @@ Gem::Specification.new do |s|
|
|
19
19
|
s.add_dependency 'capistrano-bundler'
|
20
20
|
s.add_dependency 'capistrano-rails'
|
21
21
|
s.add_dependency 'rake'
|
22
|
-
|
23
|
-
# s.add_development_dependency 'rake', '~> 10.1.0'
|
24
|
-
|
25
|
-
end
|
22
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
shared_path = "<%= shared_path %>"
|
2
|
+
current_path = "<%= current_path %>"
|
3
|
+
|
4
|
+
Bluepill.application("<%= fetch(:application) %>", :log_file => "#{shared_path}/log/bluepill.log") do |app|
|
5
|
+
|
6
|
+
app.working_dir = current_path
|
7
|
+
app.uid = 'ubuntu'
|
8
|
+
app.gid = 'www-data'
|
9
|
+
|
10
|
+
<% if fetch(:app_server) == "puma" %>
|
11
|
+
app.process("puma") do |process|
|
12
|
+
process.pid_file = "#{shared_path}/system/pids/puma.pid"
|
13
|
+
process.environment = { 'BUNDLE_GEMFILE' => "#{current_path}/Gemfile" }
|
14
|
+
|
15
|
+
process.start_command = "/home/ubuntu/.rvm/wrappers/default/bundle exec puma -C #{shared_path}/config/puma.rb #{current_path}/config.ru"
|
16
|
+
process.stop_command = "kill -QUIT {{PID}}"
|
17
|
+
process.restart_command = "kill -USR2 {{PID}}"
|
18
|
+
|
19
|
+
process.start_grace_time = 10.seconds
|
20
|
+
process.stop_grace_time = 10.seconds
|
21
|
+
process.restart_grace_time = 10.seconds
|
22
|
+
|
23
|
+
process.monitor_children do |child_process|
|
24
|
+
child_process.stop_command = "kill -9 {{PID}}"
|
25
|
+
child_process.checks :mem_usage, :every => 30.seconds, :below => 500.megabytes, :times => [3,4], :fires => :stop
|
26
|
+
end
|
27
|
+
end
|
28
|
+
<% else %>
|
29
|
+
app.process("unicorn") do |process|
|
30
|
+
process.pid_file = "#{shared_path}/system/pids/unicorn.pid"
|
31
|
+
process.environment = { 'BUNDLE_GEMFILE' => "#{current_path}/Gemfile" }
|
32
|
+
|
33
|
+
process.start_command = "/home/ubuntu/.rvm/wrappers/default/bundle exec unicorn -c #{shared_path}/config/unicorn.rb -E <%= fetch(:environment) %> -D"
|
34
|
+
process.stop_command = "kill -QUIT {{PID}}"
|
35
|
+
process.restart_command = "kill -USR2 {{PID}}"
|
36
|
+
|
37
|
+
process.start_grace_time = 10.seconds
|
38
|
+
process.stop_grace_time = 10.seconds
|
39
|
+
process.restart_grace_time = 10.seconds
|
40
|
+
|
41
|
+
process.monitor_children do |child_process|
|
42
|
+
child_process.stop_command = "kill -9 {{PID}}"
|
43
|
+
child_process.checks :mem_usage, :every => 30.seconds, :below => 500.megabytes, :times => [3,4], :fires => :stop
|
44
|
+
end
|
45
|
+
end
|
46
|
+
<% end %>
|
47
|
+
|
48
|
+
<% if fetch(:sidekiq) %>
|
49
|
+
app.process("sidekiq") do |process|
|
50
|
+
process.pid_file = "#{shared_path}/system/pids/sidekiq.pid"
|
51
|
+
process.start_command = "/home/ubuntu/.rvm/wrappers/default/bundle exec sidekiq -e <%= fetch(:environment) %> -P #{process.pid_file} -d -i 0 -L #{shared_path}/log/sidekiq.log -C #{current_path}/config/sidekiq.yml"
|
52
|
+
process.start_grace_time = 30.seconds
|
53
|
+
process.stop_command = "/home/ubuntu/.rvm/wrappers/default/bundle exec sidekiqctl stop #{process.pid_file}"
|
54
|
+
process.stop_grace_time = 15.seconds
|
55
|
+
process.restart_grace_time = 45.seconds
|
56
|
+
end
|
57
|
+
<% end %>
|
58
|
+
|
59
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
# Fail2Ban configuration file
|
2
|
+
#
|
3
|
+
# supports: ngx_http_limit_req_module module
|
4
|
+
|
5
|
+
[Definition]
|
6
|
+
|
7
|
+
failregex = limiting requests, excess:.* by zone.*client: <HOST>
|
8
|
+
|
9
|
+
# Option: ignoreregex
|
10
|
+
# Notes.: regex to ignore. If this regex matches, the line is ignored.
|
11
|
+
# Values: TEXT
|
12
|
+
#
|
13
|
+
ignoreregex =
|