kamal 2.0.0.rc2 → 2.0.0.rc4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 66274957731c4a6f74e80a8eac201e287f6cace259677ec8228dded3a4b2a31a
4
- data.tar.gz: 105026139c5e405befb49bd5452a7d340bb0f5a21189fbe2b9fca55520d29849
3
+ metadata.gz: 84140bdc487da680b06d12d90b50f7f5e31e55fefb5be7c029ab0883d31086b6
4
+ data.tar.gz: c88fb136bef3f989a13efaba8628080b10bb4cc3f7e5606aa24e0627e9764d58
5
5
  SHA512:
6
- metadata.gz: 1bd481c2dd613bb39375cd86ec089fed42bb860dd7e48b27c6f0fa6e1a5b4700ef10cce32abb31e3af36d3c35cb87927d49e2779d5164e605de684a344239eba
7
- data.tar.gz: 1b9aee5661c04f4fd8a4e40eab50610d4573a2dbbb3c2cc737f2d22cf962a1023f33f42b2de67b0f076cbfa117027681d1f3d16d4a0ebb9e7bcb0dbcdc1bcc1b
6
+ metadata.gz: a5a316c076f50f0052790589b7ecc43f62c671043dd806f57c0b7eac8d9c7f56fa6b5d2d1e651deb5c8ec1475aad453084637ffcf59aa8557267ca15e9798992
7
+ data.tar.gz: ca73bc0883121188cc94df733264ee41a8f3d778a443dfde6d472a7e609168725bbfbc6d613c891a095c1a81eb4f5e9368c07eaa5532ad8bf286464578ac03f0
@@ -21,6 +21,36 @@ class Kamal::Cli::Proxy < Kamal::Cli::Base
21
21
  end
22
22
  end
23
23
 
24
+ desc "boot_config <set|get|clear>", "Mange kamal-proxy boot configuration"
25
+ option :publish, type: :boolean, default: true, desc: "Publish the proxy ports on the host"
26
+ option :http_port, type: :numeric, default: Kamal::Configuration::PROXY_HTTP_PORT, desc: "HTTP port to publish on the host"
27
+ option :https_port, type: :numeric, default: Kamal::Configuration::PROXY_HTTPS_PORT, desc: "HTTPS port to publish on the host"
28
+ option :docker_options, type: :array, default: [], desc: "Docker options to pass to the proxy container", banner: "option=value option2=value2"
29
+ def boot_config(subcommand)
30
+ case subcommand
31
+ when "set"
32
+ boot_options = [
33
+ *(KAMAL.config.proxy_publish_args(options[:http_port], options[:https_port]) if options[:publish]),
34
+ *options[:docker_options].map { |option| "--#{option}" }
35
+ ]
36
+
37
+ on(KAMAL.proxy_hosts) do |host|
38
+ execute(*KAMAL.proxy.ensure_proxy_directory)
39
+ upload! StringIO.new(boot_options.join(" ")), KAMAL.config.proxy_options_file
40
+ end
41
+ when "get"
42
+ on(KAMAL.proxy_hosts) do |host|
43
+ puts "Host #{host}: #{capture_with_info(*KAMAL.proxy.get_boot_options)}"
44
+ end
45
+ when "reset"
46
+ on(KAMAL.proxy_hosts) do |host|
47
+ execute *KAMAL.proxy.reset_boot_options
48
+ end
49
+ else
50
+ raise ArgumentError, "Unknown boot_config subcommand #{subcommand}"
51
+ end
52
+ end
53
+
24
54
  desc "reboot", "Reboot proxy on servers (stop container, remove container, start new container)"
25
55
  option :rolling, type: :boolean, default: false, desc: "Reboot proxy on hosts in sequence, rather than in parallel"
26
56
  option :confirmed, aliases: "-y", type: :boolean, default: false, desc: "Proceed without confirmation question"
@@ -169,6 +199,7 @@ class Kamal::Cli::Proxy < Kamal::Cli::Base
169
199
  stop
170
200
  remove_container
171
201
  remove_image
202
+ remove_proxy_directory
172
203
  end
173
204
  end
174
205
  end
@@ -193,6 +224,15 @@ class Kamal::Cli::Proxy < Kamal::Cli::Base
193
224
  end
194
225
  end
195
226
 
227
+ desc "remove_proxy_directory", "Remove the proxy directory from servers", hide: true
228
+ def remove_proxy_directory
229
+ with_lock do
230
+ on(KAMAL.proxy_hosts) do
231
+ execute *KAMAL.proxy.remove_proxy_directory, raise_on_non_zero_exit: false
232
+ end
233
+ end
234
+ end
235
+
196
236
  private
197
237
  def removal_allowed?(force)
198
238
  on(KAMAL.proxy_hosts) do |host|
@@ -2,11 +2,22 @@
2
2
  service: my-app
3
3
 
4
4
  # Name of the container image.
5
- image: user/my-app
5
+ image: my-user/my-app
6
6
 
7
7
  # Deploy to these servers.
8
8
  servers:
9
- - 192.168.0.1
9
+ web:
10
+ - 192.168.0.1
11
+ # job:
12
+ # hosts:
13
+ # - 192.168.0.1
14
+ # cmd: bin/jobs
15
+
16
+ # Enable SSL auto certification via Let's Encrypt (and allow for multiple apps on one server).
17
+ # Set ssl: false if using something like Cloudflare to terminate SSL (but keep host!).
18
+ proxy:
19
+ ssl: true
20
+ host: app.example.com
10
21
 
11
22
  # Credentials for your image host.
12
23
  registry:
@@ -14,7 +25,7 @@ registry:
14
25
  # server: registry.digitalocean.com / ghcr.io / ...
15
26
  username: my-user
16
27
 
17
- # Always use an access token rather than real password when possible.
28
+ # Always use an access token rather than real password (pulled from .kamal/secrets).
18
29
  password:
19
30
  - KAMAL_REGISTRY_PASSWORD
20
31
 
@@ -22,19 +33,44 @@ registry:
22
33
  builder:
23
34
  arch: amd64
24
35
 
25
- # Inject ENV variables into containers (secrets come from .env).
26
- # Remember to run `kamal env push` after making changes!
36
+ # Inject ENV variables into containers (secrets come from .kamal/secrets).
37
+ #
27
38
  # env:
28
39
  # clear:
29
40
  # DB_HOST: 192.168.0.2
30
41
  # secret:
31
42
  # - RAILS_MASTER_KEY
32
43
 
44
+ # Aliases are triggered with "bin/kamal <alias>". You can overwrite arguments on invocation:
45
+ # "bin/kamal logs -r job" will tail logs from the first server in the job section.
46
+ #
47
+ # aliases:
48
+ # shell: app exec --interactive --reuse "bash"
49
+
33
50
  # Use a different ssh user than root
51
+ #
34
52
  # ssh:
35
53
  # user: app
36
54
 
37
- # Use accessory services (secrets come from .env).
55
+ # Use a persistent storage volume.
56
+ #
57
+ # volumes:
58
+ # - "app_storage:/app/storage"
59
+
60
+ # Bridge fingerprinted assets, like JS and CSS, between versions to avoid
61
+ # hitting 404 on in-flight requests. Combines all files from new and old
62
+ # version inside the asset_path.
63
+ #
64
+ # asset_path: /app/public/assets
65
+
66
+ # Configure rolling deploys by setting a wait time between batches of restarts.
67
+ #
68
+ # boot:
69
+ # limit: 10 # Can also specify as a percentage of total hosts, such as "25%"
70
+ # wait: 2
71
+
72
+ # Use accessory services (secrets come from .kamal/secrets).
73
+ #
38
74
  # accessories:
39
75
  # db:
40
76
  # image: mysql:8.0
@@ -56,29 +92,3 @@ builder:
56
92
  # port: 6379
57
93
  # directories:
58
94
  # - data:/data
59
-
60
- # Bridge fingerprinted assets, like JS and CSS, between versions to avoid
61
- # hitting 404 on in-flight requests. Combines all files from new and old
62
- # version inside the asset_path.
63
- #
64
- # If your app is using the Sprockets gem, ensure it sets `config.assets.manifest`.
65
- # See https://github.com/basecamp/kamal/issues/626 for details
66
- #
67
- # asset_path: /rails/public/assets
68
-
69
- # Configure rolling deploys by setting a wait time between batches of restarts.
70
- # boot:
71
- # limit: 10 # Can also specify as a percentage of total hosts, such as "25%"
72
- # wait: 2
73
-
74
- # Configure the role used to determine the primary_host. This host takes
75
- # deploy locks, runs health checks during the deploy, and follow logs, etc.
76
- #
77
- # Caution: there's no support for role renaming yet, so be careful to cleanup
78
- # the previous role on the deployed hosts.
79
- # primary_role: web
80
-
81
- # Controls if we abort when see a role with no hosts. Disabling this may be
82
- # useful for more complex deploy configurations.
83
- #
84
- # allow_empty_roles: false
@@ -1,3 +1,3 @@
1
1
  #!/bin/sh
2
2
 
3
- echo "Rebooting Traefik on $KAMAL_HOSTS..."
3
+ echo "Rebooting kamal-proxy on $KAMAL_HOSTS..."
@@ -1,5 +1,6 @@
1
- # WARNING: Avoid adding secrets directly to this file
2
- # If you must, then add `.kamal/secrets*` to your .gitignore file
1
+ # Secrets defined here are available for reference under registry/password, env/secret, builder/secrets,
2
+ # and accessories/*/env/secret in config/deploy.yml. All secrets should be pulled from either
3
+ # password manager, ENV, or a file. DO NOT ENTER RAW CREDENTIALS HERE! This file needs to be safe for git.
3
4
 
4
5
  # Option 1: Read secrets from the environment
5
6
  KAMAL_REGISTRY_PASSWORD=$KAMAL_REGISTRY_PASSWORD
@@ -7,9 +7,8 @@ class Kamal::Commands::Proxy < Kamal::Commands::Base
7
7
  "--network", "kamal",
8
8
  "--detach",
9
9
  "--restart", "unless-stopped",
10
- *config.proxy_publish_args,
11
10
  "--volume", "kamal-proxy-config:/home/kamal-proxy/.config/kamal-proxy",
12
- *config.logging_args,
11
+ "\$\(#{get_boot_options.join(" ")}\)",
13
12
  config.proxy_image
14
13
  end
15
14
 
@@ -65,6 +64,22 @@ class Kamal::Commands::Proxy < Kamal::Commands::Base
65
64
  )
66
65
  end
67
66
 
67
+ def ensure_proxy_directory
68
+ make_directory config.proxy_directory
69
+ end
70
+
71
+ def remove_proxy_directory
72
+ remove_directory config.proxy_directory
73
+ end
74
+
75
+ def get_boot_options
76
+ combine [ :cat, config.proxy_options_file ], [ :echo, "\"#{config.proxy_options_default.join(" ")}\"" ], by: "||"
77
+ end
78
+
79
+ def reset_boot_options
80
+ remove_file config.proxy_options_file
81
+ end
82
+
68
83
  private
69
84
  def container_name
70
85
  config.proxy_container_name
@@ -29,7 +29,7 @@ class Kamal::Configuration::Proxy
29
29
  def deploy_options
30
30
  {
31
31
  host: proxy_config["host"],
32
- tls: proxy_config["ssl"],
32
+ tls: proxy_config["ssl"] ? true : nil,
33
33
  "deploy-timeout": seconds_duration(config.deploy_timeout),
34
34
  "drain-timeout": seconds_duration(config.drain_timeout),
35
35
  "health-check-interval": seconds_duration(proxy_config.dig("healthcheck", "interval")),
@@ -14,7 +14,7 @@ class Kamal::Configuration
14
14
 
15
15
  include Validation
16
16
 
17
- PROXY_MINIMUM_VERSION = "v0.4.0"
17
+ PROXY_MINIMUM_VERSION = "v0.6.0"
18
18
  PROXY_HTTP_PORT = 80
19
19
  PROXY_HTTPS_PORT = 443
20
20
 
@@ -246,8 +246,12 @@ class Kamal::Configuration
246
246
  env_tags.detect { |t| t.name == name.to_s }
247
247
  end
248
248
 
249
- def proxy_publish_args
250
- argumentize "--publish", [ "#{PROXY_HTTP_PORT}:#{PROXY_HTTP_PORT}", "#{PROXY_HTTPS_PORT}:#{PROXY_HTTPS_PORT}" ]
249
+ def proxy_publish_args(http_port, https_port)
250
+ argumentize "--publish", [ "#{http_port}:#{PROXY_HTTP_PORT}", "#{https_port}:#{PROXY_HTTPS_PORT}" ]
251
+ end
252
+
253
+ def proxy_options_default
254
+ proxy_publish_args PROXY_HTTP_PORT, PROXY_HTTPS_PORT
251
255
  end
252
256
 
253
257
  def proxy_image
@@ -258,6 +262,14 @@ class Kamal::Configuration
258
262
  "kamal-proxy"
259
263
  end
260
264
 
265
+ def proxy_directory
266
+ File.join run_directory, "proxy"
267
+ end
268
+
269
+ def proxy_options_file
270
+ File.join proxy_directory, "options"
271
+ end
272
+
261
273
 
262
274
  def to_h
263
275
  {
@@ -3,7 +3,7 @@ class Kamal::Secrets::Adapters::LastPass < Kamal::Secrets::Adapters::Base
3
3
  def login(account)
4
4
  unless loggedin?(account)
5
5
  `lpass login #{account.shellescape}`
6
- raise RuntimeError, "Failed to login to 1Password" unless $?.success?
6
+ raise RuntimeError, "Failed to login to LastPass" unless $?.success?
7
7
  end
8
8
  end
9
9
 
@@ -13,7 +13,7 @@ class Kamal::Secrets::Adapters::LastPass < Kamal::Secrets::Adapters::Base
13
13
 
14
14
  def fetch_secrets(secrets, account:, session:)
15
15
  items = `lpass show #{secrets.map(&:shellescape).join(" ")} --json`
16
- raise RuntimeError, "Could not read #{secrets} from 1Password" unless $?.success?
16
+ raise RuntimeError, "Could not read #{secrets} from LastPass" unless $?.success?
17
17
 
18
18
  items = JSON.parse(items)
19
19
 
data/lib/kamal/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Kamal
2
- VERSION = "2.0.0.rc2"
2
+ VERSION = "2.0.0.rc4"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: kamal
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0.rc2
4
+ version: 2.0.0.rc4
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-09-20 00:00:00.000000000 Z
11
+ date: 2024-09-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -332,11 +332,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
332
332
  version: '0'
333
333
  required_rubygems_version: !ruby/object:Gem::Requirement
334
334
  requirements:
335
- - - ">="
335
+ - - ">"
336
336
  - !ruby/object:Gem::Version
337
- version: '0'
337
+ version: 1.3.1
338
338
  requirements: []
339
- rubygems_version: 3.5.16
339
+ rubygems_version: 3.3.22
340
340
  signing_key:
341
341
  specification_version: 4
342
342
  summary: Deploy web apps in containers to servers running Docker with zero downtime.