o2webappizer 0.1.15 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 212785d6361f29688f25bf75700f8b856c96f9fc
-  data.tar.gz: 5943ac3526e717d1a1397ecf899b510c1fbb0948
+  metadata.gz: 7b9cf61e152ef3e774129b44eba0d82842690c6c
+  data.tar.gz: 804860382c46612c968096df607c16d939a6af96
 SHA512:
-  metadata.gz: 4efe0ef92475b09c2d850b8f05e32a216523c30557f05dd2e0b537bbcd0a6543c154b738a95a3386a3667c4c23884a8600a7ae6c739f14cfbe52e80b6c7da790
-  data.tar.gz: 43449cae08db1a9fd2ebc875a6cc02f4b9974171c4aace2f19cb8809bc92ec22232f80971aa71aeda03eea420521c4257044ed2c90fd5f752688ea1a33f045ca
+  metadata.gz: 0a62ceca76e579f3a94a6204bb59d41388cc2788eb075bbc4cb7efa4316ea923927903554b307f8a95d905749dd36ff00774e10b32f62224e94ded5a8528a3a3
+  data.tar.gz: 5a669bf4f64e85f30820fff78cb111a4b5b0360c6481267384e393f310b66fd7767cae55ffb7c8252789ad494fcb9f70caccbe784d95ff92399703be3fc6f78c

data/lib/o2webappizer/version.rb

@@ -1,5 +1,5 @@
 module O2webappizer
-  VERSION = "0.1.15"
+  VERSION = "0.2.0"
   RUBY_VERSION = IO.read("#{File.dirname(__FILE__)}/../../.ruby-version").strip
   RAILS_VERSION = "4.2"
 end

data/templates/app/controllers/application_controller.rb

@@ -7,6 +7,7 @@ class ApplicationController < ActionController::Base
   include CMS::Editing
   include CMS::Authenticate
   include CMS::Logger
+  include CMS::Rescue
 
   def paper_trail_enabled_for_controller
     false

data/templates/config/deploy.rb.tt

@@ -17,21 +17,29 @@ set :rbenv_map_bins, %w{rake gem bundle ruby rails}
 set :passenger_restart_with_sudo, false
 set :passenger_restart_command, 'rbenv sudo passenger-config restart-app'
 
+# default to ['system']
+set :files_public_dirs, fetch(:files_public_dirs).push(*%W[
 <% if options.solidus? -%>
-set :files_public_dirs, fetch(:files_public_dirs, []).push(*%W[
   spree
-])
-<% else -%>
-# set :files_public_dirs, fetch(:files_public_dirs, []).push(*%W[
-# ])
 <% end -%>
-# set :files_private_dirs, fetch(:files_private_dirs, []).push(*%W[
-# ])
+])
+# default to []
+set :files_private_dirs, fetch(:files_private_dirs).push(*%W[
+])
 
-# set :nginx_workers, 1
-# set :nginx_assets_dirs, fetch(:nginx_assets_dirs, []).push(*%W[
-# ])
-# set :nginx_max_body_size, '10m'
+set :nginx_max_body_size, '10m'
+# default to ['system', 'images']
+set :nginx_public_dirs, fetch(:nginx_public_dirs).push(*%W[
+<% if options.solidus? -%>
+  spree
+<% end -%>
+])
+# default to ['404.html', '422.html', '500.html', 'favicon.ico']
+set :nginx_public_files, fetch(:nginx_public_files).push(*%W[
+])
+# default to {}
+set :nginx_redirects, fetch(:nginx_redirects).merge({
+})
 
 set :pty, true
 set :port, 22

data/templates/config/initializers_tt/rails_admin_cms.rb

@@ -14,4 +14,12 @@ RailsAdminCMS.config do |config|
 
   # Defines if Forms defined admin side need their body to be editable
   # config.with_email_body = false
+
+  # Defines iframe permissions: same host, different host or all
+  # config.allow_iframe_from = 'SAMEORIGIN'
+  # config.allow_iframe_from = 'ALLOW-FROM https://www.google.com'
+  # config.allow_iframe_from = 'ALLOWALL'
+
+  # Defines the number of lines picked from exception backtrace in 'cms_logger'
+  # config.exception_backtrace_size = 10
 end

data/templates/config/nginx.app.conf.erb

@@ -14,19 +14,24 @@
 # Default server configuration
 #
 server {
-  listen 80 default_server;
-  listen [::]:80 default_server ipv6only=on;
+  listen 80 default_server deferred;
+  listen [::]:80 default_server deferred ipv6only=on;
 
   server_name <%= fetch(:server) %>;
+
   passenger_enabled on;
   rails_env <%= fetch(:stage) %>;
   root <%= fetch(:deploy_to) %>/current/public;
 
+  error_page 404 /404.html;
+  error_page 422 /422.html;
+  error_page 500 502 503 504 /500.html;
+
 <% if fetch(:stage) == :production %>
   # SSL configuration
   #
-  # listen 443 ssl default_server;
-  # listen [::]:443 ssl default_server;
+  # listen 443 ssl default_server deferred;
+  # listen [::]:443 ssl default_server deferred ipv6only=on;
   #
   # ssl_certificate /etc/ssl/certs/$server_name.chained.crt;
   # ssl_certificate_key /etc/ssl/private/$server_name.key;
@@ -37,41 +42,44 @@ server {
   # include snippets/snakeoil.conf;
 <% end %>
 
-  client_max_body_size <%= fetch(:nginx_max_body_size) %>;
-
-  error_page 404 /404.html;
-  error_page 422 /422.html;
-  error_page 500 502 503 504 /500.html;
+  location /assets/ {
+    gzip_static on;
+    expires 1M;
+    add_header Cache-Control public;
+    access_log    off;
+    log_not_found off;
+  }
 
-  if ($host = www.$server_name) {
-    return 301 $scheme://$server_name$request_uri;
+<% fetch(:nginx_public_dirs).each do |folder| %>
+  location /<%= folder %>/ {
+    expires 1M;
+    add_header Cache-Control public;
+    access_log    off;
+    log_not_found off;
   }
+<% end %>
 
-<% fetch(:nginx_assets_dirs).each do |dir| %>
-  location /<%= dir %>/ {
-    gzip_static on;
+<% fetch(:nginx_public_files).each do |file| %>
+  location = /<%= file %> {
     expires 1M;
     add_header Cache-Control public;
-    access_log off;
+    access_log    off;
+    log_not_found off;
   }
 <% end %>
 }
 
-# Virtual Host configuration for example.com
-#
-# You can move that to a different file under sites-available/ and symlink that
-# to sites-enabled/ to enable it.
-#
-#server {
-#  listen 80;
-#  listen [::]:80;
-#
-#  server_name example.com;
-#
-#  root /var/www/example.com;
-#  index index.html;
-#
-#  location / {
-#    try_files $uri $uri/ =404;
-#  }
-#}
+<% if fetch(:nginx_redirects).any? %>
+server {
+  listen 80;
+  listen 443 ssl;
+
+  server_name <%= fetch(:server) %>;
+
+<% fetch(:nginx_redirects).each do |src, dst| %>
+  location = /<%= src.sub(/^\//, '') %> {
+    return 301 $scheme://$server_name/<%= dst.sub(/^\//, '') %>;
+  }
+<% end %>
+}
+<% end %>

data/templates/config/nginx.conf.erb

@@ -1,13 +1,19 @@
 user <%= fetch(:deployer_name) %>;
-worker_processes <%= fetch(:nginx_workers) %>;
+worker_processes auto;
+worker_rlimit_nofile 4096;
 pid /run/nginx.pid;
 
 events {
-  worker_connections 768;
-  # multi_accept on;
+  worker_connections 1024;
+  multi_accept on;
+  use epoll;
 }
 
 http {
+  log_format custom_log '$remote_addr - $remote_user [$time_local] '
+    '"$request" $status $body_bytes_sent '
+    '"$http_referer" "$http_user_agent" '
+    '$upstream_response_time - $gzip_ratio';
 
   ##
   # Basic Settings
@@ -16,9 +22,16 @@ http {
   sendfile on;
   tcp_nopush on;
   tcp_nodelay on;
-  keepalive_timeout 65;
+  keepalive_timeout 30;
   types_hash_max_size 2048;
-  # server_tokens off;
+  server_tokens off;
+
+  client_max_body_size <%= fetch(:nginx_max_body_size) %>;
+
+  open_file_cache max=8192 inactive=10m;
+  open_file_cache_valid 20m;
+  open_file_cache_min_uses 1;
+  open_file_cache_errors on;
 
   # server_names_hash_bucket_size 64;
   # server_name_in_redirect off;
@@ -32,12 +45,16 @@ http {
 
   ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
   ssl_prefer_server_ciphers on;
+  ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
+
+  ssl_session_cache shared:SSL:50m;
+  ssl_session_timeout 10m;
 
   ##
   # Logging Settings
   ##
 
-  access_log /var/log/nginx/access.log;
+  access_log /var/log/nginx/access.log custom_log;
   error_log /var/log/nginx/error.log;
 
   ##
@@ -45,11 +62,12 @@ http {
   ##
 
   gzip on;
+  gzip_min_length 1024;
   gzip_disable "msie6";
 
   gzip_vary on;
   gzip_proxied any;
-  gzip_comp_level 6;
+  gzip_comp_level 5;
   gzip_buffers 16 8k;
   gzip_http_version 1.1;
   gzip_types
@@ -72,6 +90,7 @@ http {
   passenger_ruby /home/<%= fetch(:deployer_name) %>/.rbenv/shims/ruby;
   passenger_pool_idle_time 0;
   passenger_max_request_queue_size 1000;
+  passenger_show_version_in_header off;
 
   ##
   # Virtual Host Configs

data/templates/config/routes.rb.tt

@@ -70,4 +70,6 @@ Rails.application.routes.draw do
   #     # (app/controllers/admin/products_controller.rb)
   #     resources :products
   #   end
+
+  match '*not_found', via: :all, to: 'application#render_404'
 end

data/templates/config/sunzi/recipes/analysers.sh

@@ -6,8 +6,15 @@ if sunzi.to_be_done "install analysers"; then
 
   sunzi.install "goaccess"
   sunzi.install "iotop"
+  sunzi.install "iftop"
+  sunzi.install "ifstat"
+  sunzi.install "nethogs"
   sunzi.install "sysstat"
 
+  sed -i 's/#time-format %H:%M:%S/time-format %H:%M:%S/' /etc/goaccess.conf
+  sed -i 's|#date-format %d/%b/%Y|date-format %d/%b/%Y|' /etc/goaccess.conf
+  sed -i 's/#log-format %h %\^\[%d:%t %\^\] "%r" %s %b "%R" "%u"/log-format %h - %\^ \[%d:%t %\^\] "%r" %s %b "%R" "%u" %T %\^/' /etc/goaccess.conf
+
   sed -i 's/ENABLED="false"/ENABLED="true"/' /etc/default/sysstat
   /etc/init.d/sysstat restart
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: o2webappizer
 version: !ruby/object:Gem::Version
-  version: 0.1.15
+  version: 0.2.0
 platform: ruby
 authors:
 - Patrice Lebel
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-30 00:00:00.000000000 Z
+date: 2016-02-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails