o2webappizer 0.1.15 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/o2webappizer/version.rb +1 -1
- data/templates/app/controllers/application_controller.rb +1 -0
- data/templates/config/deploy.rb.tt +19 -11
- data/templates/config/initializers_tt/rails_admin_cms.rb +8 -0
- data/templates/config/nginx.app.conf.erb +41 -33
- data/templates/config/nginx.conf.erb +26 -7
- data/templates/config/routes.rb.tt +2 -0
- data/templates/config/sunzi/recipes/analysers.sh +7 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7b9cf61e152ef3e774129b44eba0d82842690c6c
|
4
|
+
data.tar.gz: 804860382c46612c968096df607c16d939a6af96
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0a62ceca76e579f3a94a6204bb59d41388cc2788eb075bbc4cb7efa4316ea923927903554b307f8a95d905749dd36ff00774e10b32f62224e94ded5a8528a3a3
|
7
|
+
data.tar.gz: 5a669bf4f64e85f30820fff78cb111a4b5b0360c6481267384e393f310b66fd7767cae55ffb7c8252789ad494fcb9f70caccbe784d95ff92399703be3fc6f78c
|
data/lib/o2webappizer/version.rb
CHANGED
@@ -17,21 +17,29 @@ set :rbenv_map_bins, %w{rake gem bundle ruby rails}
|
|
17
17
|
set :passenger_restart_with_sudo, false
|
18
18
|
set :passenger_restart_command, 'rbenv sudo passenger-config restart-app'
|
19
19
|
|
20
|
+
# default to ['system']
|
21
|
+
set :files_public_dirs, fetch(:files_public_dirs).push(*%W[
|
20
22
|
<% if options.solidus? -%>
|
21
|
-
set :files_public_dirs, fetch(:files_public_dirs, []).push(*%W[
|
22
23
|
spree
|
23
|
-
])
|
24
|
-
<% else -%>
|
25
|
-
# set :files_public_dirs, fetch(:files_public_dirs, []).push(*%W[
|
26
|
-
# ])
|
27
24
|
<% end -%>
|
28
|
-
|
29
|
-
# ]
|
25
|
+
])
|
26
|
+
# default to []
|
27
|
+
set :files_private_dirs, fetch(:files_private_dirs).push(*%W[
|
28
|
+
])
|
30
29
|
|
31
|
-
|
32
|
-
#
|
33
|
-
|
34
|
-
|
30
|
+
set :nginx_max_body_size, '10m'
|
31
|
+
# default to ['system', 'images']
|
32
|
+
set :nginx_public_dirs, fetch(:nginx_public_dirs).push(*%W[
|
33
|
+
<% if options.solidus? -%>
|
34
|
+
spree
|
35
|
+
<% end -%>
|
36
|
+
])
|
37
|
+
# default to ['404.html', '422.html', '500.html', 'favicon.ico']
|
38
|
+
set :nginx_public_files, fetch(:nginx_public_files).push(*%W[
|
39
|
+
])
|
40
|
+
# default to {}
|
41
|
+
set :nginx_redirects, fetch(:nginx_redirects).merge({
|
42
|
+
})
|
35
43
|
|
36
44
|
set :pty, true
|
37
45
|
set :port, 22
|
@@ -14,4 +14,12 @@ RailsAdminCMS.config do |config|
|
|
14
14
|
|
15
15
|
# Defines if Forms defined admin side need their body to be editable
|
16
16
|
# config.with_email_body = false
|
17
|
+
|
18
|
+
# Defines iframe permissions: same host, different host or all
|
19
|
+
# config.allow_iframe_from = 'SAMEORIGIN'
|
20
|
+
# config.allow_iframe_from = 'ALLOW-FROM https://www.google.com'
|
21
|
+
# config.allow_iframe_from = 'ALLOWALL'
|
22
|
+
|
23
|
+
# Defines the number of lines picked from exception backtrace in 'cms_logger'
|
24
|
+
# config.exception_backtrace_size = 10
|
17
25
|
end
|
@@ -14,19 +14,24 @@
|
|
14
14
|
# Default server configuration
|
15
15
|
#
|
16
16
|
server {
|
17
|
-
listen 80 default_server;
|
18
|
-
listen [::]:80 default_server ipv6only=on;
|
17
|
+
listen 80 default_server deferred;
|
18
|
+
listen [::]:80 default_server deferred ipv6only=on;
|
19
19
|
|
20
20
|
server_name <%= fetch(:server) %>;
|
21
|
+
|
21
22
|
passenger_enabled on;
|
22
23
|
rails_env <%= fetch(:stage) %>;
|
23
24
|
root <%= fetch(:deploy_to) %>/current/public;
|
24
25
|
|
26
|
+
error_page 404 /404.html;
|
27
|
+
error_page 422 /422.html;
|
28
|
+
error_page 500 502 503 504 /500.html;
|
29
|
+
|
25
30
|
<% if fetch(:stage) == :production %>
|
26
31
|
# SSL configuration
|
27
32
|
#
|
28
|
-
# listen 443 ssl default_server;
|
29
|
-
# listen [::]:443 ssl default_server;
|
33
|
+
# listen 443 ssl default_server deferred;
|
34
|
+
# listen [::]:443 ssl default_server deferred ipv6only=on;
|
30
35
|
#
|
31
36
|
# ssl_certificate /etc/ssl/certs/$server_name.chained.crt;
|
32
37
|
# ssl_certificate_key /etc/ssl/private/$server_name.key;
|
@@ -37,41 +42,44 @@ server {
|
|
37
42
|
# include snippets/snakeoil.conf;
|
38
43
|
<% end %>
|
39
44
|
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
+
location /assets/ {
|
46
|
+
gzip_static on;
|
47
|
+
expires 1M;
|
48
|
+
add_header Cache-Control public;
|
49
|
+
access_log off;
|
50
|
+
log_not_found off;
|
51
|
+
}
|
45
52
|
|
46
|
-
|
47
|
-
|
53
|
+
<% fetch(:nginx_public_dirs).each do |folder| %>
|
54
|
+
location /<%= folder %>/ {
|
55
|
+
expires 1M;
|
56
|
+
add_header Cache-Control public;
|
57
|
+
access_log off;
|
58
|
+
log_not_found off;
|
48
59
|
}
|
60
|
+
<% end %>
|
49
61
|
|
50
|
-
<% fetch(:
|
51
|
-
location /<%=
|
52
|
-
gzip_static on;
|
62
|
+
<% fetch(:nginx_public_files).each do |file| %>
|
63
|
+
location = /<%= file %> {
|
53
64
|
expires 1M;
|
54
65
|
add_header Cache-Control public;
|
55
|
-
access_log
|
66
|
+
access_log off;
|
67
|
+
log_not_found off;
|
56
68
|
}
|
57
69
|
<% end %>
|
58
70
|
}
|
59
71
|
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
# location / {
|
75
|
-
# try_files $uri $uri/ =404;
|
76
|
-
# }
|
77
|
-
#}
|
72
|
+
<% if fetch(:nginx_redirects).any? %>
|
73
|
+
server {
|
74
|
+
listen 80;
|
75
|
+
listen 443 ssl;
|
76
|
+
|
77
|
+
server_name <%= fetch(:server) %>;
|
78
|
+
|
79
|
+
<% fetch(:nginx_redirects).each do |src, dst| %>
|
80
|
+
location = /<%= src.sub(/^\//, '') %> {
|
81
|
+
return 301 $scheme://$server_name/<%= dst.sub(/^\//, '') %>;
|
82
|
+
}
|
83
|
+
<% end %>
|
84
|
+
}
|
85
|
+
<% end %>
|
@@ -1,13 +1,19 @@
|
|
1
1
|
user <%= fetch(:deployer_name) %>;
|
2
|
-
worker_processes
|
2
|
+
worker_processes auto;
|
3
|
+
worker_rlimit_nofile 4096;
|
3
4
|
pid /run/nginx.pid;
|
4
5
|
|
5
6
|
events {
|
6
|
-
worker_connections
|
7
|
-
|
7
|
+
worker_connections 1024;
|
8
|
+
multi_accept on;
|
9
|
+
use epoll;
|
8
10
|
}
|
9
11
|
|
10
12
|
http {
|
13
|
+
log_format custom_log '$remote_addr - $remote_user [$time_local] '
|
14
|
+
'"$request" $status $body_bytes_sent '
|
15
|
+
'"$http_referer" "$http_user_agent" '
|
16
|
+
'$upstream_response_time - $gzip_ratio';
|
11
17
|
|
12
18
|
##
|
13
19
|
# Basic Settings
|
@@ -16,9 +22,16 @@ http {
|
|
16
22
|
sendfile on;
|
17
23
|
tcp_nopush on;
|
18
24
|
tcp_nodelay on;
|
19
|
-
keepalive_timeout
|
25
|
+
keepalive_timeout 30;
|
20
26
|
types_hash_max_size 2048;
|
21
|
-
|
27
|
+
server_tokens off;
|
28
|
+
|
29
|
+
client_max_body_size <%= fetch(:nginx_max_body_size) %>;
|
30
|
+
|
31
|
+
open_file_cache max=8192 inactive=10m;
|
32
|
+
open_file_cache_valid 20m;
|
33
|
+
open_file_cache_min_uses 1;
|
34
|
+
open_file_cache_errors on;
|
22
35
|
|
23
36
|
# server_names_hash_bucket_size 64;
|
24
37
|
# server_name_in_redirect off;
|
@@ -32,12 +45,16 @@ http {
|
|
32
45
|
|
33
46
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
|
34
47
|
ssl_prefer_server_ciphers on;
|
48
|
+
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
|
49
|
+
|
50
|
+
ssl_session_cache shared:SSL:50m;
|
51
|
+
ssl_session_timeout 10m;
|
35
52
|
|
36
53
|
##
|
37
54
|
# Logging Settings
|
38
55
|
##
|
39
56
|
|
40
|
-
access_log /var/log/nginx/access.log;
|
57
|
+
access_log /var/log/nginx/access.log custom_log;
|
41
58
|
error_log /var/log/nginx/error.log;
|
42
59
|
|
43
60
|
##
|
@@ -45,11 +62,12 @@ http {
|
|
45
62
|
##
|
46
63
|
|
47
64
|
gzip on;
|
65
|
+
gzip_min_length 1024;
|
48
66
|
gzip_disable "msie6";
|
49
67
|
|
50
68
|
gzip_vary on;
|
51
69
|
gzip_proxied any;
|
52
|
-
gzip_comp_level
|
70
|
+
gzip_comp_level 5;
|
53
71
|
gzip_buffers 16 8k;
|
54
72
|
gzip_http_version 1.1;
|
55
73
|
gzip_types
|
@@ -72,6 +90,7 @@ http {
|
|
72
90
|
passenger_ruby /home/<%= fetch(:deployer_name) %>/.rbenv/shims/ruby;
|
73
91
|
passenger_pool_idle_time 0;
|
74
92
|
passenger_max_request_queue_size 1000;
|
93
|
+
passenger_show_version_in_header off;
|
75
94
|
|
76
95
|
##
|
77
96
|
# Virtual Host Configs
|
@@ -6,8 +6,15 @@ if sunzi.to_be_done "install analysers"; then
|
|
6
6
|
|
7
7
|
sunzi.install "goaccess"
|
8
8
|
sunzi.install "iotop"
|
9
|
+
sunzi.install "iftop"
|
10
|
+
sunzi.install "ifstat"
|
11
|
+
sunzi.install "nethogs"
|
9
12
|
sunzi.install "sysstat"
|
10
13
|
|
14
|
+
sed -i 's/#time-format %H:%M:%S/time-format %H:%M:%S/' /etc/goaccess.conf
|
15
|
+
sed -i 's|#date-format %d/%b/%Y|date-format %d/%b/%Y|' /etc/goaccess.conf
|
16
|
+
sed -i 's/#log-format %h %\^\[%d:%t %\^\] "%r" %s %b "%R" "%u"/log-format %h - %\^ \[%d:%t %\^\] "%r" %s %b "%R" "%u" %T %\^/' /etc/goaccess.conf
|
17
|
+
|
11
18
|
sed -i 's/ENABLED="false"/ENABLED="true"/' /etc/default/sysstat
|
12
19
|
/etc/init.d/sysstat restart
|
13
20
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: o2webappizer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Patrice Lebel
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-01
|
11
|
+
date: 2016-02-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|