dockerfile-rails 1.2.5 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6f8b3176721310f5c043a7c2642f12b59fa7bc2952fb73f6e6164d199d24bc5a
-  data.tar.gz: 995b15167890754208baef9bc6ff48613e8cef121083f8d70c1be77593b5beb4
+  metadata.gz: 5d1b0d5e237b0a8c33a3b1263d34590db8912967420863332ad0b2c8f5661e5f
+  data.tar.gz: 000fd8db20304bc2ba8623aaa1a4bd19870ec4143cacc3cb6ea31b8690510782
 SHA512:
-  metadata.gz: 7f05f65f85a29fcfc242682ab6464adb88f9e0725fffe1c65c192c342e12444c3dbaff9f855ff28ccb94ea13fa706918b71609af06a87673007407083e77dd2c
-  data.tar.gz: 5bcca34771c67bf29e28be9a0342fbd9dac8a13694f3416d0b27a2070cabf0e38017ed195ecf2b1a80a03150698cb62502e73d63ec603500bb927fa627cd73aa
+  metadata.gz: 64b8702f00462a318af21238617528682be3831da82471bff0172ef9ef98d7e4a6a10346ffe297e87e76cc5d4b2699bf56b79d9257f1eee3c8cc24bc56012037
+  data.tar.gz: 9a9dc774d388e4276b08bbcdcce9ffd676800df7bb86b4cac34e6795fd0ee6f24ba2a57df393f7948f738a9bdafe8a1ed8073c0b91d9e6a2f9f94349a7d14fe4

data/DEMO.md

@@ -132,7 +132,7 @@ docker compose up
 # Demo 4 - API only
 
 This demo deploys a [Create React App](https://create-react-app.dev/) client and a Rails API-only server.  Ruby and Rails version information is retrieved from the server and displayed below a spinning React logo.  Note that the build process installs the
-node moddules and ruby gems in parallel.
+node modules and ruby gems in parallel.
 
 ```bash
 rails new demo --api

data/README.md

@@ -40,6 +40,7 @@ bin/rails generate dockerfile
 
 * `--ci` - include test gems in deployed image
 * `--compose` - generate a `docker-compose.yml` file
+* `--max-idle=n` - exit afer *n* seconds of inactivity.  Supports [iso 8601](https://en.wikipedia.org/wiki/ISO_8601#Durations) and [sleep](https://man7.org/linux/man-pages/man1/sleep.1.html#DESCRIPTION) syntaxes.  Uses passenger for now, awaiting [puma](https://github.com/puma/puma/issues/2580) support.
 * `--nginx` - serve static files via [nginx](https://www.nginx.com/).  May require `--root` on some targets to access `/dev/stdout`
 * `--no-link` - don't add [--link](https://docs.docker.com/engine/reference/builder/#copy---link) to COPY statements.  Some tools (like at the moment, [buildah](https://www.redhat.com/en/topics/containers/what-is-buildah)) don't yet support this feature.
 * `--no-lock` - don't add linux platforms, set `BUNDLE_DEPLOY`, or `--frozen-lockfile`.  May be needed at times to work around a [rubygems bug](https://github.com/rubygems/rubygems/issues/6082#issuecomment-1329756343).
@@ -51,6 +52,7 @@ Generally the dockerfile generator will be able to determine what dependencies y
 are actually using.  But should you be using DATABASE_URL, for example, at runtime
 additional support may be needed:
 
+* `--litefs` - use [LiteFS](https://fly.io/docs/litefs/)
 * `--mysql` - add mysql libraries
 * `--postgresql` - add postgresql libraries
 * `--redis` - add redis libraries
@@ -65,16 +67,18 @@ Not all of your needs can be determined by scanning your application.  For examp
  * `--env=name:value` - add an environment variable
  * `--remove package...` - remove package from "to be added" list
 
- Each of these can be tailored to a specific build phase by adding `-base`, `-build`, or `-deploy` after the flag name (e.g `--env-build:`).  If no such suffix is found, the default for arg is `-base`, and the default for the rest is `-deploy`.  Removal of an arg or environment variable is done by leaving the value blank.
+ Each of these can be tailored to a specific build phase by adding `-base`, `-build`, or `-deploy` after the flag name (e.g `--add-build freetds-dev --add-deploy freetds-bin`).  If no such suffix is found, the default for arg is `-base`, and the default for the rest is `-deploy`.  Removal of an arg or environment variable is done by leaving the value blank (e.g `--env-build=PORT:`).
 
 ### Configuration:
 
 * `--bin-cd` - adjust binstubs to set current working directory
+[autocrlf](https://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration#_core_autocrlf) enabled or may not be able to set bin stubs as executable.
 * `--label=name:value` - specify docker label.  Can be used multiple times.  See [LABEL](https://docs.docker.com/engine/reference/builder/#label) for detail
 * `--no-prepare` - omit `db:prepare`.  Useful for cloud platforms with [release](https://devcenter.heroku.com/articles/release-phase) phases
 * `--platform=s` - specify target platform.  See [FROM](https://docs.docker.com/engine/reference/builder/#from) for details
 * `--precompile=defer` - may be needed when your configuration requires access to secrets that are not available at build time.  Results in larger images and slower deployments.
 * `--root` - run application as root
+* `--windows` - make Dockerfile work for Windows users that may have set `git config --global core.autocrlf true`
 
 Options are saved between runs into `config/dockerfile.yml`.  To invert a boolean options, add or remove a `no-` prefix from the option name.
 
@@ -107,9 +111,9 @@ If you are running a single test, the following environment variables settings m
  * `TEST_CAPTURE=1` will capture test results.
  * `TEST_KEEP=1` will leave the test app behind for inspection after the test completes.
 
-## Links
+## Historical Links
 
-The following links relate to the current development status with respect to Rails 7.1 and will be removed once that is resolved.
+The following links relate to the coordination between this package and Rails 7.1.
 
 * [Preparations for Rails 7.1](https://community.fly.io/t/preparations-for-rails-7-1/9512) - [Fly.io](https://fly.io/)'s plans and initial discussions with DHH
 * [Rails Dockerfile futures](https://discuss.rubyonrails.org/t/rails-dockerfile-futures/82091/1) - rationale for a generator
@@ -118,3 +122,7 @@ The following links relate to the current development status with respect to Rai
 * Fly.io [Cut over to Rails Dockerfile Generator on Sunday 29 Jan 2023](https://community.fly.io/t/cut-over-to-rails-dockerfile-generator-on-sunday-29-jan-2023/10350)
 * Fly.io [FAQ](https://fly.io/docs/rails/getting-started/dockerfiles/)
 * DDH's [target](https://github.com/rails/rails/pull/47372#issuecomment-1438971730)
+
+Parallel efforts for Hanami:
+
+* [Proposal](https://discourse.hanamirb.org/t/dockerfile-hanami/816)

data/Rakefile

@@ -39,7 +39,7 @@ namespace :test do
       sh "docker run -p 3000:3000 -e RAILS_MASTER_KEY=#{key} --rm system:test"
     end
   ensure
-    rm_rf "test/tmp/system_test"
+    rm_rf "test/tmp/system_test" unless ENV["TEST_KEEP"]
   end
 
   task all: %w(test:rubocop test test:system)

data/lib/generators/dockerfile_generator.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "erb"
+require "json"
 require_relative "../dockerfile-rails/scanner.rb"
 
 class DockerfileGenerator < Rails::Generators::Base
@@ -15,10 +16,13 @@ class DockerfileGenerator < Rails::Generators::Base
     "jemalloc" => false,
     "label" => {},
     "link" => true,
+    "litefs" => false,
     "lock" => true,
+    "max-idle" => nil,
     "mysql" => false,
     "nginx" => false,
     "parallel" => false,
+    "passenger" => false,
     "platform" => nil,
     "postgresql" => false,
     "precompile" => nil,
@@ -28,6 +32,7 @@ class DockerfileGenerator < Rails::Generators::Base
     "sqlite3" => false,
     "sudo" => false,
     "swap" => nil,
+    "windows" => false,
     "yjit" => false,
   }.then { |hash| Struct.new(*hash.keys.map(&:to_sym)).new(*hash.values) }
 
@@ -84,6 +89,9 @@ class DockerfileGenerator < Rails::Generators::Base
   class_option "bin-cd", type: :boolean, default: OPTION_DEFAULTS["bin-cd"],
     desc: "modify binstubs to set working directory"
 
+  class_option "windows", type: :boolean, default: OPTION_DEFAULTS["windows"],
+    desc: "fixup CRLF in binstubs and make each executable"
+
   class_option :cache, type: :boolean, default: OPTION_DEFAULTS.cache,
     desc: "use build cache to speed up installs"
 
@@ -105,6 +113,9 @@ class DockerfileGenerator < Rails::Generators::Base
   class_option :sqlite3, aliases: "--sqlite", type: :boolean, default: OPTION_DEFAULTS.sqlite3,
     desc: "include sqlite3 libraries"
 
+  class_option :litefs, type: :boolean, default: OPTION_DEFAULTS.litefs,
+    desc: "replicate sqlite3 databases using litefs"
+
   class_option :postgresql, aliases: "--postgres", type: :boolean, default: OPTION_DEFAULTS.postgresql,
     desc: "include postgresql libraries"
 
@@ -129,6 +140,12 @@ class DockerfileGenerator < Rails::Generators::Base
   class_option :nginx, type: :boolean, default: OPTION_DEFAULTS.nginx,
     desc: "Serve static files with nginx"
 
+  class_option :passenger, type: :boolean, default: OPTION_DEFAULTS.passenger,
+    desc: "Serve Rails application with Phusion Passsenger"
+
+  class_option "max-idle", type: :string, default: OPTION_DEFAULTS["max-idle"],
+    desc: "Exit server after application has been idle for n seconds."
+
   class_option :root, type: :boolean, default: OPTION_DEFAULTS.root,
     desc: "Run application as root user"
 
@@ -221,6 +238,12 @@ class DockerfileGenerator < Rails::Generators::Base
 
     template "docker-compose.yml.erb", "docker-compose.yml" if options.compose
 
+    if using_litefs?
+      template "litefs.yml.erb", "config/litefs.yml"
+
+      fly_attach_consul
+    end
+
     if @gemfile.include?("vite_ruby")
       package = JSON.load_file("package.json")
       unless package.dig("scripts", "build")
@@ -284,12 +307,27 @@ private
     options.root?
   end
 
+  def using_litefs?
+    options.litefs?
+  end
+
   def using_node?
     return @using_node if @using_node != nil
     @using_node = File.exist? "package.json"
   end
 
   def using_redis?
+    # Note: If you have redis installed on your computer, 'rails new` will
+    # automatically add redis to your Gemfile, so having it in your Gemfile is
+    # not a reliable indicator of whether or not your application actually uses
+    # redis.
+
+    # using_redis? is currently used for two things: actually adding the redis
+    # gem if it is going to be needed in production, and adding a redis
+    # container to docker-compose.yml. Neither of these actions should be done
+    # unless there is an indication that redis is actually being used and not
+    # merely included in the Gemfile.
+
     options.redis? or @redis or @gemfile.include?("sidekiq")
   end
 
@@ -301,6 +339,10 @@ private
     @gemfile.include?("grover") or @gemfile.include?("puppeteer-ruby")
   end
 
+  def using_passenger?
+    options.passenger? or options["max-idle"]
+  end
+
   def using_sidekiq?
     @gemfile.include?("sidekiq")
   end
@@ -369,7 +411,9 @@ private
     gems = ["bundler"]
 
     if options.ci? && options.lock? && @gemfile.include?("debug")
-      gems += %w(irb reline) - @gemfile
+      # https://github.com/rails/rails/pull/47515
+      # https://github.com/rubygems/rubygems/issues/6082#issuecomment-1329756343
+      gems += %w(irb reline) - @gemfile unless Gem.ruby_version >= "3.2.2"
     end
 
     gems.sort
@@ -391,7 +435,6 @@ private
     # libicu63 in buster, libicu67 in bullseye, libiclu72 in bookworm...
     packages << "libicu-dev" if @gemfile.include? "charlock_holmes"
 
-
     if @gemfile.include? "webp-ffi"
       # https://github.com/le0pard/webp-ffi#requirements
       packages += %w(libjpeg-dev libpng-dev libtiff-dev libwebp-dev)
@@ -464,7 +507,11 @@ private
     # start with databases: sqlite3, postgres, mysql
     packages << "libsqlite3-0" if options.sqlite3? || @sqlite3
     packages << "postgresql-client" if options.postgresql? || @postgresql
-    packages << "default-mysql-client" if options.mysql || @mysql
+    packages << "default-mysql-client" if options.mysql? || @mysql
+    packages << "libjemalloc2" if options.jemalloc? && !options.fullstaq?
+
+    # litefs
+    packages += ["ca-certificates", "fuse3", "sudo"] if options.litefs?
 
     # ActiveStorage preview support
     packages << "libvips" if @gemfile.include? "ruby-vips"
@@ -483,8 +530,11 @@ private
       end
     end
 
+    # Passenger
+    packages += %w(passenger libnginx-mod-http-passenger) if using_passenger?
+
     # nginx
-    packages << "nginx" if options.nginx?
+    packages << "nginx" if options.nginx? || using_passenger?
 
     # sudo
     packages << "sudo" if options.sudo?
@@ -494,18 +544,35 @@ private
 
   def deploy_repos
     repos = []
+    packages = []
 
     if using_puppeteer? && deploy_packages.include?("google-chrome-stable")
+      packages += %w(gnupg curl)
       repos += [
-       "curl https://dl-ssl.google.com/linux/linux_signing_key.pub |",
-       "gpg --dearmor > /etc/apt/trusted.gpg.d/google-archive.gpg &&",
+       "curl https://oss-binaries.phusionpassenger.com/auto-software-signing-gpg-key.txt |",
+       "  gpg --dearmor > /etc/apt/trusted.gpg.d/google-archive.gpg &&",
        'echo "deb http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list'
       ]
     end
 
+    if using_passenger?
+      packages += %w(gnupg curl)
+      repos += [
+       "curl https://oss-binaries.phusionpassenger.com/auto-software-signing-gpg-key.txt |",
+       "  gpg --dearmor > /etc/apt/trusted.gpg.d/phusion.gpg &&",
+       "bash -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger $(source /etc/os-release; echo $VERSION_CODENAME) main > /etc/apt/sources.list.d/passenger.list'"
+      ]
+    end
+
     if repos.empty?
       ""
     else
+      packages.sort!.uniq!
+      unless packages.empty?
+        repos.unshift "apt-get update -qq &&",
+          "apt-get install --no-install-recommends -y #{packages.join(" ")} &&"
+      end
+
       repos.join(" \\\n    ") + " && \\\n    "
     end
   end
@@ -552,18 +619,26 @@ private
   def deploy_env
     env = {}
 
-    env["PORT"] = "3001" if options.nginx?
+    env["PORT"] = "3001" if (options.nginx? && !using_passenger?) || using_litefs?
 
     if Rails::VERSION::MAJOR < 7 || Rails::VERSION::STRING.start_with?("7.0")
       env["RAILS_LOG_TO_STDOUT"] = "1"
       env["RAILS_SERVE_STATIC_FILES"] = "true" unless options.nginx?
     end
 
+    if deploy_database == "sqlite3"
+      if using_litefs?
+        env["DATABASE_URL"] = "sqlite3:///litefs/production.sqlite3"
+      else
+        env["DATABASE_URL"] = "sqlite3:///data/production.sqlite3"
+      end
+    end
+
     if options.yjit?
       env["RUBY_YJIT_ENABLE"] = "1"
     end
 
-    if options.jemalloc? && (not options.fullstaq?)
+    if options.jemalloc? && !options.fullstaq?
       if (options.platform || Gem::Platform.local.cpu).include? "arm"
         env["LD_PRELOAD"] = "/usr/lib/aarch64-linux-gnu/libjemalloc.so.2"
       else
@@ -590,7 +665,7 @@ private
 
     env.merge! @@vars["base"] if @@vars["base"]
 
-    env.map { |key, value| "#{key}=#{value.inspect}" }
+    env.map { |key, value| "#{key}=#{value.inspect}" }.sort
   end
 
   def base_args
@@ -648,13 +723,13 @@ private
     # none are required, but prepares for the need to do the
     # fix line endings if other fixups are required.
     has_cr = Dir["bin/*"].any? { |file| IO.read(file).include? "\r" }
-    if has_cr || (Gem.win_platform? && !binfixups.empty?)
+    if has_cr || (Gem.win_platform? && !binfixups.empty?) || options.windows?
       binfixups.unshift 'sed -i "s/\r$//g" bin/*'
     end
 
     # Windows file systems may not have the concept of executable.
     # In such cases, fix up during the build.
-    unless Dir["bin/*"].all? { |file| File.executable? file }
+    if Dir["bin/*"].any? { |file| !File.executable?(file) } || options.windows?
       binfixups.unshift "chmod +x bin/*"
     end
 
@@ -667,9 +742,11 @@ private
   end
 
   def deploy_database
-    if options.postgresql? || @postgresql
+    # note: as database can be overridden at runtime via DATABASE_URL,
+    # use presence of "pg" or "mysql2" in the bundle as evidence of intent.
+    if options.postgresql? || @postgresql || @gemfile.include?("pg")
       "postgresql"
-    elsif options.mysql || @mysql
+    elsif options.mysql? || @mysql || @gemfile.include?("mysql2")
       "mysql"
     else
       "sqlite3"
@@ -758,7 +835,11 @@ private
   end
 
   def procfile
-    if options.nginx?
+    if using_passenger?
+      {
+        nginx: "nginx"
+      }
+    elsif options.nginx?
       {
         nginx: '/usr/sbin/nginx -g "daemon off;"',
         rails: "./bin/rails server -p 3001"
@@ -782,4 +863,50 @@ private
 
     more
   end
+
+  def max_idle
+    option = options["max-idle"]
+
+    if option == nil || option.strip.downcase == "infinity"
+      nil
+    elsif /^\s*\d+(\.\d+)\s*/.match? option
+      option.to_f
+    elsif /^\s*P/.match? option
+      ActiveSupport::Duration.parse(option.strip).seconds
+    else
+      option.scan(/\d+\w/).map do |t|
+        ActiveSupport::Duration.parse("PT#{t.upcase}") rescue ActiveSupport::Duration.parse("P#{t.upcase}")
+      end.sum.seconds
+    end
+  rescue ArgumentError
+    nil
+  end
+
+  # if running on fly v2, make a best effort to attach consul
+  def fly_attach_consul
+    # certainly not fly unless there is a fly.toml
+    return unless File.exist? "fly.toml"
+
+    # Check fly.toml to guess if v1 or v2
+    toml = File.read("fly.toml")
+    return if toml.include?("enable_consul") # v1-ism
+    return unless toml.include?("primary_region") # v2
+
+    # see if flyctl is in the path
+    paths = ENV["PATH"].split(File::PATH_SEPARATOR)
+    cmds = %w(flyctl)
+    exts = ENV["PATHEXT"] ? ENV["PATHEXT"].split(";") : [""]
+    flyctl = Enumerator.product(paths, cmds, exts).
+      map { |path, cmd, ext| File.join(path, "#{cmd}#{ext}") }.
+      find { |path| File.executable? path }
+    return unless flyctl
+
+    # see if secret is already set?
+    secrets = JSON.parse(`#{flyctl} secrets list --json`)
+    return if secrets.any? { |secret| secret["Name"] == "FLY_CONSUL_URL" }
+
+    # attach consul
+    say_status "execute", "flyctl consul attach", :green
+    system "#{flyctl} consul attach"
+  end
 end

data/lib/generators/templates/Dockerfile.erb

@@ -134,6 +134,12 @@ RUN SECRET_KEY_BASE<%= Rails::VERSION::MAJOR<7 || Rails::VERSION::STRING.start_w
 # Final stage for app image
 FROM base
 
+<% end -%>
+<% if using_litefs? -%>
+# Install, configure litefs
+COPY --from=flyio/litefs:0.4.0 /usr/local/bin/litefs /usr/local/bin/litefs
+COPY<% if options.link? %> --link<% end %> config/litefs.yml /etc/litefs.yml
+
 <% end -%>
 <% unless deploy_args.empty? -%>
 # Deployment build arguments
@@ -145,38 +151,63 @@ ARG <%= deploy_args.map {|key, value| "#{key}=#{value.inspect}"}.join(" \\\n
 <%= render partial: 'apt_install', locals: {packages: deploy_packages, clean: true, repos: deploy_repos} %>
 <% end -%>
 
-<% if options.nginx? -%>
+<% if using_passenger? -%>
+<%= render partial: 'passenger' %>
+
+<% elsif options.nginx? -%>
 <%= render partial: 'nginx' %>
 
 <% elsif procfile.size > 1 -%>
 RUN gem install foreman
 
 <% end -%>
-<% unless run_as_root? -%>
-# Run and own the application files as a non-root user for security
+<% unless options.precompile == "defer" -%>
+# Copy built artifacts: gems, application
+COPY --from=build /usr/local/bundle /usr/local/bundle
+COPY --from=build /rails /rails
+<% if api_client_dir -%>
+
+# Copy built client
+COPY --from=client /rails/<%= api_client_dir %>/build /rails/public
+<% end -%>
+
+<% end -%>
+<% if run_as_root? -%>
+<% if deploy_database == 'sqlite3' -%>
+RUN mkdir /data
+<% end -%>
+<% else -%>
+# Run and own only the runtime files as a non-root user for security
 <% if options.compose? -%>
 ARG UID=1000 \
     GID=1000
 RUN groupadd -f -g $GID rails && \
-    useradd -u $UID -g $GID rails<% else -%>
-RUN useradd rails<% end -%> --home /rails --shell /bin/bash<% if options.nginx? %> && \
-    chown rails:rails /var/lib/nginx /var/log/nginx/*<% end %><% if deploy_packages.include?("sudo") && options.sudo? %> && \
+    useradd -u $UID -g $GID rails --create-home --shell /bin/bash && \
+<% else -%>
+RUN useradd rails --create-home --shell /bin/bash && \
+<% end -%>
+<% if options.nginx? -%>
+    chown rails:rails /var/lib/nginx /var/log/nginx/* && \
+<% end -%>
+<% if deploy_packages.include?("sudo") && options.sudo? -%>
     sed -i 's/env_reset/env_keep="*"/' /etc/sudoers && \
-    chown rails:rails .<% end %>
-<% unless options.swap -%>
-USER rails:rails
 <% end -%>
-
+<% if deploy_database == 'sqlite3' -%>
+    mkdir /data<% if using_litefs? %> /litefs<% end %> && \
+    chown -R rails:rails <%= Dir[*%w(db log storage tmp)].join(" ") %> /data<% if using_litefs? %> /litefs<% end %>
+<% else -%>
+    chown -R rails:rails <%= Dir[*%w(db log storage tmp)].join(" ") %>
+<% end -%>
+<% unless options.swap? or using_passenger? or using_litefs? -%>
+USER rails:rails
 <% end -%>
-<% unless options.precompile == "defer" -%>
-# Copy built artifacts: gems, application
-COPY --from=build /usr/local/bundle /usr/local/bundle
-COPY --from=build <% unless run_as_root? %>--chown=rails:rails <% end %>/rails /rails
-<% if api_client_dir -%>
 
-# Copy built client
-COPY --from=client <% unless run_as_root? %>--chown=rails:rails <% end %>/rails/<%= api_client_dir %>/build /rails/public
 <% end -%>
+<% if using_litefs? and !run_as_root? -%>
+# Authorize rails user to launch litefs
+COPY <<-"EOF" /etc/sudoers.d/rails
+rails ALL=(root) /usr/local/bin/litefs
+EOF
 
 <% end -%>
 <% unless deploy_env.empty? -%>
@@ -201,9 +232,15 @@ EOF
 
 # Start the server by default, this can be overwritten at runtime
 EXPOSE 3000
+<% if deploy_database == 'sqlite3' -%>
+VOLUME /data
+<% end -%>
 CMD ["foreman", "start", "--procfile=Procfile.prod"]
 <% else -%>
 # Start the server by default, this can be overwritten at runtime
 EXPOSE 3000
-CMD ["./bin/rails", "server"]
+<% if deploy_database == 'sqlite3' -%>
+VOLUME /data
+<% end -%>
+CMD <%= procfile.values.first.split(" ").inspect %>
 <% end -%>

data/lib/generators/templates/_passenger.erb

@@ -0,0 +1,28 @@
+# configure nginx and passenger
+COPY <<-'EOF' /etc/nginx/sites-enabled/default
+server {
+    listen 3000;
+    root /rails/public;
+    passenger_enabled on;
+<% if options['max-idle'] -%>
+    passenger_ctl hook_detached_process /etc/nginx/hook_detached_process;
+    passenger_min_instances 0;
+    passenger_pool_idle_time <%= max_idle %>;
+<% end -%>
+}
+<% if options['max-idle'] -%>
+COPY <<-'EOF' /etc/nginx/sites-enabled/hook_detached_process
+#!/usr/bin/env ruby
+status = `passenger-status`
+processes = status[/^Processes\s*:\s*(\d*)/, 1].to_i
+system 'nginx -s stop' if processes == 0
+EOF
+<% end -%>
+EOF
+RUN echo "daemon off;" >> /etc/nginx/nginx.conf && \
+    sed -i 's/access_log\s.*;/access_log \/dev\/stdout;/' /etc/nginx/nginx.conf && \
+    sed -i 's/error_log\s.*;/error_log \/dev\/stderr info;/' /etc/nginx/nginx.conf && \
+<% if options['max-idle'] -%>
+    chmod +sx /etc/nginx/sites-enabled/hook_detached_process && \
+<% end -%>
+    mkdir /var/run/passenger-instreg

data/lib/generators/templates/docker-entrypoint.erb

@@ -1,7 +1,7 @@
 #!/bin/bash -e
 
 <% if options.swap -%>
-<% if run_as_root? -%>
+<% if run_as_root? or using_passenger? -%>
 <% @space = "" -%>
 <% else -%>
 <% @space = "  " -%>
@@ -14,11 +14,21 @@ if [ $UID -eq 0 ]; then
 <%= @space %>echo 10 > /proc/sys/vm/swappiness
 <%= @space %>swapon /swapfile
 <%= @space %>echo 1 > /proc/sys/vm/overcommit_memory
-<% unless run_as_root? -%>
+<% if using_litefs? -%>
+
+<%= @space %># mount litefs
+<%= @space %>litefs mount &
+<% end -%>
+<% unless run_as_root? or using_passenger? -%>
+
   exec su rails $0 $@
 fi
 <% end -%>
 
+<% elsif using_litefs? -%>
+# mount litefs
+<% unless run_as_root? %>sudo -E <% end %>litefs mount &
+
 <% end -%>
 <% if options.prepare -%>
 <% if procfile.size > 1 -%>
@@ -26,7 +36,7 @@ fi
 if [ "${*}" == "foreman start --procfile=Procfile.prod" ]; then
 <% else -%>
 # If running the rails server then create or migrate existing database
-if [ "${*}" == "./bin/rails server" ]; then
+if [ "${*}" == <%= procfile.values.first.inspect %> <% if using_litefs? %>-a "$FLY_REGION" == "$PRIMARY_REGION" <%end%>]; then
 <% end -%>
 <% if options.precompile == "defer" -%>
   ./bin/rails assets:precompile

data/lib/generators/templates/litefs.yml.erb

@@ -0,0 +1,116 @@
+# based on: https://github.com/superfly/litefs/blob/main/cmd/litefs/etc/litefs.yml
+
+# The FUSE section handles settings on the FUSE file system. FUSE
+# provides a layer for intercepting SQLite transactions on the
+# primary node so they can be shipped to replica nodes transparently.
+fuse:
+  # Required. This is the mount directory that applications will
+  # use to access their SQLite databases.
+  dir: "/litefs"
+
+  # Set this flag to true to allow non-root users to access mount.
+  # You must set the "user_allow_other" option in /etc/fuse.conf first.
+  allow-other: false
+
+  # The debug flag enables debug logging of all FUSE API calls.
+  # This will produce a lot of logging. Not for general use.
+  debug: false
+
+# The data section specifies where internal LiteFS data is stored
+# and how long to retain the transaction files.
+# 
+# Transaction files are used to ship changes to replica nodes so
+# they should persist long enough for replicas to retrieve them,
+# even in the face of a short network interruption or a redeploy.
+# Under high load, these files can grow large so it's not advised
+# to extend retention too long.
+data:
+  # Path to internal data storage.
+  dir: "/data"
+
+  # Duration to keep LTX files. Latest LTX file is always kept.
+  retention: "10m"
+
+  # Frequency with which to check for LTX files to delete.
+  retention-monitor-interval: "1m"
+
+# If true, then LiteFS will not wait until the node becomes the
+# primary or connects to the primary before starting the subprocess.
+skip-sync: false
+
+# If true, then LiteFS will not exit if there is a validation
+# issue on startup. This can be useful for debugging issues as
+# it avoids constantly restarting the node on ephemeral hosting.
+exit-on-error: false
+
+# This section defines settings for the LiteFS HTTP API server.
+# This API server is how nodes communicate with each other.
+http:
+  # Specifies the bind address of the HTTP API server.
+  addr: ":20202"
+
+# This section defines settings for the option HTTP proxy.
+# This proxy can handle primary forwarding & replica consistency
+# for applications that use a single SQLite database.
+proxy:
+  # Specifies the bind address of the proxy server.
+  addr: ":3000"
+
+  # The hostport of the target application.
+  target: "localhost:3001"
+
+  # The name of the database used for TXID tracking.
+  db: "production.sqlite3"
+
+  # If true, enables verbose logging of requests by the proxy.
+  debug: false
+
+  # List of paths that are ignored by the proxy. The asterisk is
+  # the only available wildcard. These requests are passed
+  # through to the target as-is.
+  passthrough: []
+
+# The lease section defines how LiteFS creates a cluster and
+# implements leader election. For dynamic clusters, use the
+# "consul". This allows the primary to change automatically when
+# the current primary goes down. For a simpler setup, use
+# "static" which assigns a single node to be the primary and does
+# not failover.
+lease:
+  # Required. Must be either "consul" or "static".
+  type: "consul"
+
+  # Required. The URL for this node's LiteFS API.
+  # Should match HTTP port.
+  advertise-url: "http://${HOSTNAME}.vm.${FLY_APP_NAME}.internal:20202"
+
+  # Specifies whether the node can become the primary. If using
+  # "static" leasing, this should be set to true on the primary
+  # and false on the replicas.
+  candidate: ${FLY_REGION == PRIMARY_REGION}
+
+  # A Consul server provides leader election and ensures that the
+  # responsibility of the primary node can be moved in the event
+  # of a deployment or a failure.
+  consul:
+    # Required. The base URL of the Consul server.
+    url: "${FLY_CONSUL_URL}"
+
+    # Required. The key used for obtaining a lease by the primary.
+    # This must be unique for each cluster of LiteFS servers
+    key: "litefs/${FLY_APP_NAME}"
+
+    # Length of time before a lease expires. The primary will
+    # automatically renew the lease while it is alive, however,
+    # if it fails to renew in time then a new primary may be
+    # elected after the TTL. This only occurs for unexpected loss
+    # of the leader as normal operation will allow the leader to
+    # handoff the lease to another replica without downtime.
+    #
+    # Consul does not allow a TTL of less than 10 seconds.
+    ttl: "10s"
+
+    # Length of time after the lease expires before a candidate
+    # can become leader. This buffer is intended to prevent
+    # overlap in leadership due to clock skew or in-flight calls.
+    lock-delay: "1s"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dockerfile-rails
 version: !ruby/object:Gem::Version
-  version: 1.2.5
+  version: 1.4.0
 platform: ruby
 authors:
 - Sam Ruby
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-03-05 00:00:00.000000000 Z
+date: 2023-05-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -44,16 +44,18 @@ files:
 - lib/generators/templates/_nginx.erb
 - lib/generators/templates/_node_client.erb
 - lib/generators/templates/_npm_install.erb
+- lib/generators/templates/_passenger.erb
 - lib/generators/templates/docker-compose.yml.erb
 - lib/generators/templates/docker-entrypoint.erb
 - lib/generators/templates/dockerfile.yml.erb
 - lib/generators/templates/dockerignore.erb
+- lib/generators/templates/litefs.yml.erb
 - lib/generators/templates/node-version.erb
-homepage: https://github.com/rubys/dockerfile-rails
+homepage: https://github.com/fly-apps/dockerfile-rails
 licenses:
 - MIT
 metadata:
-  homepage_uri: https://github.com/rubys/dockerfile-rails
+  homepage_uri: https://github.com/fly-apps/dockerfile-rails
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -69,7 +71,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.6
+rubygems_version: 3.4.8
 signing_key:
 specification_version: 4
 summary: Dockerfile generator for Rails