procsd 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a029c6f4d0953cc9b21f3508a14e9057a4386fd53c786167737a9097c4175f13
-  data.tar.gz: 2f3fa1f897cb3bbf65aa6e00c1b8fbc0c3f1bde13d5dc559514633404ef691ce
+  metadata.gz: 862f5699d79e6ac90e5c946ba08d13b190bde81c1c2f015bd9aea7ca2b797d2e
+  data.tar.gz: 4713b4d70b167bb999727bb20869568a6e15e3c91d9197f4c062eb4e384b9c9b
 SHA512:
-  metadata.gz: 6f5a266a604bdbc1cbd9519b510a1eabf801d753d8497729a7ed64c2acedcfd6d1873f16da89896fedb5e49467f7c987c09e53ddef6d2d1ff947cbd07501173e
-  data.tar.gz: 8724b65f9e834e5654690148a0c21444608add28c60df412dd76d47ad18f2c2edbef20ae8029de39b2431a2c6585531656e7b4a629d0427f71e717c4bd314d8b
+  metadata.gz: 222767562ebc5727f52d5c26b95dbfaf2de2dca0f0901e49f5ac8b35513a50052ab848fcc23f7bb69c2740789c101c5a6258de73d5651ec6a0a75e4f9c81f0f9
+  data.tar.gz: 93000122413fc6d307a7436a5f614c0188c6172e6d8f6330fe2a57c7bd472d1bb6e414cd9076e1d9f3a8cad3c0e1411c1a7103fcffd894f510d9aff67dad2602

data/CHANGELOG.md

@@ -1,4 +1,26 @@
 # CHANGELOG
+## 0.4.0
+* **Breaking change:** commands in extended processes syntax were renamed from start/restart/stop to ExecStart/ExecReload/ExecStop:
+
+Was:
+```yml
+processes:
+  web:
+    start: bundle exec rails server -p $PORT
+    restart: bundle exec pumactl phased-restart
+```
+
+Now:
+```yml
+processes:
+  web:
+    ExecStart: bundle exec rails server -p $PORT
+    ExecReload: bundle exec pumactl phased-restart
+```
+
+* Added new command `exec` to run one of the defined processes (for development purposes). Example: `$ procsd exec web`.
+* Added Nginx support with auto-ssl (using Certbot)
+
 ## 0.3.0
 * **Breaking change:** `.procsd.yml` renamed to `procsd.yml` (without dot)
 * **Breaking change:** `environment` option in the procsd.yml now has hash format, not array:

data/README.md

@@ -2,15 +2,17 @@
 
 I do like the way how simple is managing of application processes in production on Heroku with [Procfile](https://devcenter.heroku.com/articles/procfile). How easily can be accessed application logs with [heroku logs](https://devcenter.heroku.com/articles/logging) command. Just type `heroku create` and you're good to go.
 
-Can we have something similar on the cheap Ubuntu VPS from DigitalOcean? Yes we can, all we need is a Systemd wrapper which allows to export application processes from Procfile to system services, and control them/check status/access logs using simple commands.
+Can we have something similar on the cheap Ubuntu VPS from DigitalOcean? Yes we can, all we need is a **systemd wrapper** which allows to export application processes from Procfile to system services, and control them/check status/access logs using simple commands.
 
-> These days most of Linux distributions (including Ubuntu) has Systemd as a default system processes manager. That's why it is a good idea to use Systemd for managing application processes in production (for simple cases).
+> These days most of Linux distributions (including Ubuntu) has systemd as a default system processes manager. That's why it is a good idea to use systemd for managing application processes in production (for simple cases).
 
 ## Getting started
 
-**Note:** latest version of Procsd is `0.3.0`. Since version `0.2.0` there are some breaking changes. Check the [CHANGELOG.md](CHANGELOG.md). Run `$ gem update procsd` or `$ bundle update procsd` (if you have already installed procsd) to update to the latest version.
+> **Note:** latest version of Procsd is `0.4.0`. Since version `0.3.0` there are some breaking changes. Check the [CHANGELOG.md](CHANGELOG.md). To update to the latest version, run `$ gem update procsd` or `$ bundle update procsd` (if you have already installed procsd).
 
-> Install `procsd` first: `$ gem install procsd`. Required Ruby version is `>= 2.3.0`.
+> **Note:** Procsd works best with Capistrano integration: [vifreefly/capistrano-procsd](https://github.com/vifreefly/capistrano-procsd)
+
+Install `procsd` first: `$ gem install procsd`. Required Ruby version is `>= 2.3.0`.
 
 Let's say you have following application's Procfile:
 
@@ -36,23 +38,21 @@ Configuration is done.
 ### Create an application (export to Systemd)
 > To disable and remove application from Systemd there is command `$ procsd destroy`.
 
-> Note: `create` command needs to provide a few arguments: _--user_ (name of the current user), _--dir_ (application's working directory) and `--path` (user's $PATH). Usually it's fine to provide them like on example below:
-
 ```
 deploy@server:~/sample_app$ procsd create
 
 Value of the --user option: deploy
 Value of the --dir option: /home/deploy/sample_app
 Value of the --path option: /home/deploy/.rbenv/shims:/home/deploy/.rbenv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
-Systemd directory: /etc/systemd/system
 
-      create  sample_app-web.1.service
-      create  sample_app-worker.1.service
-      create  sample_app-worker.2.service
-      create  sample_app.target
+Creating app units files in the systemd directory (/etc/systemd/system)...
+Create: /etc/systemd/system/sample_app-web.1.service
+Create: /etc/systemd/system/sample_app-worker.1.service
+Create: /etc/systemd/system/sample_app-worker.2.service
+Create: /etc/systemd/system/sample_app.target
+Reloaded configuraion (daemon-reload)
 Created symlink /etc/systemd/system/multi-user.target.wants/sample_app.target → /etc/systemd/system/sample_app.target.
 Enabled app target sample_app.target
-Reloaded configuraion (daemon-reload)
 App services were created and enabled. Run `start` to start them
 
 Note: add following line to the sudoers file (`$ sudo visudo`) if you don't want to type password each time for start/stop/restart commands:
@@ -63,8 +63,8 @@ You can provide additional options for `create` command:
 * `--user` - name of the user, default is current _$USER_ env variable
 * `--dir` - application's working directory, default is current _$PWD_ env variable
 * `--path` - $PATH to include to the each service. Default is current _$PATH_ env variable
-* `--add-to-sudoers` - if option present, procsd will create sudoers rule `/etc/sudoers.d/app_name` allowing to start/stop/restart app services without password prompt.
-* `--or-restart` - if option present and servides already created, procsd will skip creation and instead call `restart` command
+* `--add-to-sudoers` - if option present, procsd will create sudoers rule file `/etc/sudoers.d/app_name` which allow to start/stop/restart app services without a password prompt (passwordless sudo).
+* `--or-restart` - if option provided and services already created, procsd will skip creation and call instead `restart` command. Otherwise (if services are not present), they will be created and (in additional) started.
 
 
 ### Start application
@@ -187,6 +187,195 @@ Systemd provides [a lot of possibilities](https://www.digitalocean.com/community
 * `--priority` - Filter messages by a [particular log level.](https://www.digitalocean.com/community/tutorials/how-to-use-journalctl-to-view-and-manipulate-systemd-logs#by-priority) For example show only error messages: `procsd logs --priority err`
 * `--grep` - [Filter output](https://www.freedesktop.org/software/systemd/man/journalctl.html#-g) to messages where message matches the provided query (may not work for [some](https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1751006) Linux distributions)
 
+### Execute processes defined in Procfile
+
+Currently, procsd can not run all processes in development like `foreman start` does. But you can run one single process using `procsd exec` command:
+
+```
+deploy@server:~/sample_app$ PORT=3000 procsd exec web
+
+=> Booting Puma
+=> Rails 5.2.1 application starting in development
+=> Run `rails server -h` for more startup options
+Puma starting in single mode...
+* Version 3.12.0 (ruby 2.3.0-p0), codename: Llamas in Pajamas
+* Min threads: 5, max threads: 5
+* Environment: development
+* Listening on tcp://localhost:3000
+Use Ctrl-C to stop
+```
+
+By default `procsd exec` skip environment variables defined in `procsd.yml`. To run process with production environment, provide `--env` option as well: `procsd exec web --env`.
+
+### Nginx
+> Before make sure that you have Nginx installed `sudo apt install nginx` and running `sudo systemctl status nginx`.
+
+If one of your application processes is a web process, you can automatically setup Nginx config for it. Why? For example to serve static files (assets, images, etc) directly using fast Nginx, rather than application server. Or to enable SSL support (see below).
+
+Add to your procsd.yml `nginx` section with `server_name` option defined:
+
+> If you don't have domain defined (or don't need it), you can add server IP instead: `server_name: 159.159.159.159`.
+
+> If your application use multiple domains/subdomains, add all of them separated with space: `server_name: my-domain.com us.my-domain.com uk.my-domain.com`
+
+> It's required to provide `PORT` number environment variable in `procsd.yml`. Provided port number will be used to proxy requests from Nginx to application server.
+
+```yml
+app: sample_app
+formation: web=1,worker=2
+environment:
+  PORT: 2501
+  RAILS_ENV: production
+  RAILS_LOG_TO_STDOUT: true
+nginx:
+  server_name: my-domain.com
+```
+
+Configuration is done! Run [procsd create](#create-an-application-export-to-systemd) to create app services with Nginx config:
+
+```
+deploy@server:~/sample_app$ procsd create
+
+Creating app units files in the systemd directory (/etc/systemd/system)...
+Create: /etc/systemd/system/sample_app-web.1.service
+Create: /etc/systemd/system/sample_app-worker.1.service
+Create: /etc/systemd/system/sample_app-worker.2.service
+Create: /etc/systemd/system/sample_app.target
+Reloaded configuraion (daemon-reload)
+Created symlink /etc/systemd/system/multi-user.target.wants/sample_app.target → /etc/systemd/system/sample_app.target.
+Enabled app target sample_app.target
+App services were created and enabled. Run `start` to start them
+Creating Nginx config (/etc/nginx/sites-available/sample_app)...
+Create: /etc/nginx/sites-available/sample_app
+Link Nginx config file to the sites-enabled folder...
+Nginx config created and daemon reloaded
+```
+
+<details/>
+  <summary><code>/etc/nginx/sites-available/sample_app</code>:</summary>
+
+```
+upstream app {
+  server 127.0.0.1:2501;
+}
+
+server {
+  listen 80;
+  listen [::]:80;
+
+  server_name my-domain.com;
+  root /home/deploy/sample_app/public;
+
+  location ^~ /assets/ {
+    gzip_static on;
+    expires max;
+    add_header Cache-Control public;
+  }
+
+  try_files $uri/index.html $uri @app;
+  location @app {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_redirect off;
+    proxy_pass http://app;
+  }
+
+  client_max_body_size 256M;
+  keepalive_timeout 60;
+  error_page 500 502 503 504 /500.html;
+  error_page 404 /404.html;
+  error_page 422 /422.html;
+}
+```
+</details>
+
+#### Auto SSL using Certbot
+
+To generate Nginx config with free SSL certificate (from [Let’s Encrypt](https://letsencrypt.org/)) included, you need to install [Certbot](https://certbot.eff.org/) on the remote server first:
+
+```
+sudo add-apt-repository ppa:certbot/certbot
+sudo apt update
+sudo apt-get install python-certbot-nginx
+```
+
+Then update procsd.yml:
+
+> It's required to provide contact email to obtain free certificate from Let’s Encrypt
+
+```yml
+nginx:
+  server_name: my-domain.com
+  certbot:
+    email: my-contact-email@gmail.com
+```
+
+Configuration is done. **Make sure that all domains defined in procsd (nginx.server_name) are pointed to server IP** where the application is hosted. Now run `procsd create` as usual:
+
+<details/>
+  <summary>Output</summary>
+
+```
+deploy@server:~/sample_app$ procsd create
+
+Creating app units files in the systemd directory (/etc/systemd/system)...
+Create: /etc/systemd/system/sample_app-web.1.service
+Create: /etc/systemd/system/sample_app-worker.1.service
+Create: /etc/systemd/system/sample_app-worker.2.service
+Create: /etc/systemd/system/sample_app.target
+Reloaded configuraion (daemon-reload)
+Created symlink /etc/systemd/system/multi-user.target.wants/sample_app.target → /etc/systemd/system/sample_app.target.
+Enabled app target sample_app.target
+App services were created and enabled. Run `start` to start them
+Creating Nginx config (/etc/nginx/sites-available/sample_app)...
+Create: /etc/nginx/sites-available/sample_app
+Link Nginx config file to the sites-enabled folder...
+Nginx config created and daemon reloaded
+
+Execute: sudo certbot --agree-tos --no-eff-email --non-interactive --nginx -d my-domain.com -m my-contact-email@gmail.com
+Saving debug log to /var/log/letsencrypt/letsencrypt.log
+Plugins selected: Authenticator nginx, Installer nginx
+Obtaining a new certificate
+Performing the following challenges:
+http-01 challenge for my-domain.com
+Waiting for verification...
+Cleaning up challenges
+Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/sample_app
+Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/sample_app
+
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+Congratulations! You have successfully enabled https://my-domain.com
+
+You should test your configuration at:
+https://www.ssllabs.com/ssltest/analyze.html?d=my-domain.com
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+IMPORTANT NOTES:
+ - Congratulations! Your certificate and chain have been saved at:
+   /etc/letsencrypt/live/my-domain.com/fullchain.pem
+   Your key file has been saved at:
+   /etc/letsencrypt/live/my-domain.com/privkey.pem
+   Your cert will expire on 2019-02-17. To obtain a new or tweaked
+   version of this certificate in the future, simply run certbot again
+   with the "certonly" option. To non-interactively renew *all* of
+   your certificates, run "certbot renew"
+ - Your account credentials have been saved in your Certbot
+   configuration directory at /etc/letsencrypt. You should make a
+   secure backup of this folder now. This configuration directory will
+   also contain certificates and private keys obtained by Certbot so
+   making regular backups of this folder is ideal.
+ - If you like Certbot, please consider supporting our work by:
+
+   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
+   Donating to EFF:                    https://eff.org/donate-le
+
+Successfully installed SSL cert using certbot
+```
+</details>
+
+
 ## All available commands
 
 ```
@@ -194,11 +383,12 @@ $ procsd --help
 
 Commands:
   procsd --version, -v   # Print the version
-  procsd config          # Show configuration. Available types: sudoers
+  procsd config          # Print config files based on current settings. Available types: sudoers
   procsd create          # Create and enable app services
   procsd destroy         # Stop, disable and remove app services
   procsd disable         # Disable app target
   procsd enable          # Enable app target
+  procsd exec            # Run app process
   procsd help [COMMAND]  # Describe available commands or one specific command
   procsd list            # List all app services
   procsd logs            # Show app services logs
@@ -213,11 +403,13 @@ Commands:
 
 [Foreman](http://ddollar.github.io/foreman/) itself designed for _development_ (not production) usage only and doing it great. Yes, Foreman allows to [export](http://ddollar.github.io/foreman/#EXPORTING) Procfile to the Systemd, but that's all. After export you have to manually use `systemctl` and `journalctl` to manage/check exported services. Procsd not only exports application, but provides [simple commands](#all-available-commands) to manage exported target.
 
-There is another difference in the export logic. Foreman systemd export uses [dymamic](https://fedoramagazine.org/systemd-template-unit-files/) services templates and as a result generates a lot of files/folders in the systemd directory even for a simple application.
+* Foreman systemd export uses [dymamic](https://fedoramagazine.org/systemd-template-unit-files/) services templates and as a result generates quite a lot of files/folders in the systemd directory even for a simple application.
 
-Services names contains [$PORT variable](http://ddollar.github.io/foreman/#PROCFILE) at the end. If Procfile has multiple processes, each exported service will have following naming format: `<app_name>-<process_name>@<port_varible_number += 100>.service` (and it's [undocumented](http://ddollar.github.io/foreman/#SYSTEMD-EXPORT) logic). For example for Procfile and formation (_web=1, worker=2_) above, exported services with Foreman will be: `sample_app-web@2500.service`, `sample_app-worker@2600.service` and `sample_app-worker@2601.service`. My opinion about this approach: it's complicated. Why is there PORT variable, which is also incremented for each service? How I'm supposed to remember all these services names to manage or check services status/logs (it's required to provide full names of services for systemctl/journalctl)?
+* Services generated using Foreman contain [$PORT variable](http://ddollar.github.io/foreman/#PROCFILE) in their names (and it's [undocumented](http://ddollar.github.io/foreman/#SYSTEMD-EXPORT) logic). For example for Procfile and formation `web=1,worker=2` (from example above), exported services with Foreman will be: `sample_app-web@2500.service`, `sample_app-worker@2600.service` and `sample_app-worker@2601.service`. My opinion about this approach: it's complicated. Why is there required PORT variable in the services names? Procsd following one rule: simplicity. For export it uses static service files (that means for each process will be generated it's own service file) and services names have predictable, Heroku-like names.
 
-Procsd following one rule: simplicity. For export it uses static service files (that means for each process will be generated it's own service file) and services names have predictable, Heroku-like names.
+* Procsd export can provide additional stop/restart commands for each service (see _Notes_ below).
+
+* To delete existing app services from Systemd, there is `procsd destroy` command. It is doing the following: stop services if they are running, delete all required systemd files from systemd directory, and restart systemd (`daemon-reload`). This command especially useful while testing, when you need frequently create/update configuration.
 
 
 ## Notes
@@ -228,32 +420,36 @@ Procsd following one rule: simplicity. For export it uses static service files (
 ```
 deploy@server:~/sample_app$ VERBOSE=true procsd logs -n 3
 
-> Executing command: `journalctl --no-pager --no-hostname --all --output short-iso -n 3 --unit sample_app-*`
+Execute: journalctl --no-pager --no-hostname --all --output short-iso -n 3 --unit sample_app-*
 
 -- Logs begin at Sun 2018-10-21 00:38:42 +04, end at Sun 2018-11-04 19:17:01 +04. --
 2018-11-04T19:11:59+0400 sample_app-worker.2[29907]: 2018-11-04T15:11:59.597Z 29907 TID-gne5aeyuz INFO: Upgrade to Sidekiq Pro for more features and support: http://sidekiq.org
 2018-11-04T19:11:59+0400 sample_app-worker.2[29907]: 2018-11-04T15:11:59.597Z 29907 TID-gne5aeyuz INFO: Booting Sidekiq 5.2.2 with redis options {:id=>"Sidekiq-server-PID-29907", :url=>nil}
 2018-11-04T19:11:59+0400 sample_app-worker.2[29907]: 2018-11-04T15:11:59.601Z 29907 TID-gne5aeyuz INFO: Starting processing, hit Ctrl-C to stop
 ```
-* You can use extended format of processes commands inside `procsd.yml` to provide additional restart/stop commands for processes:
+* You can use extended format of processes commands inside `procsd.yml` to provide additional restart/stop commands for each process:
+
+> All possible options: `ExecStart`, `ExecReload` and `ExecStop`
 
-> All possible options: `start`, `restart` and `stop`
 > If procsd.yml has `processes:` option defined, then content of Procfile will be ignored
 
 ```yml
+app: sample_app
 processes:
   web:
-    start: bundle exec rails server -p $PORT
-    restart: bundle exec pumactl phased-restart
+    ExecStart: bundle exec rails server -p $PORT
+    ExecReload: bundle exec pumactl phased-restart
   worker: bundle exec sidekiq -e production
-app: sample_app
 ```
 
-Why? For example default Ruby on Rails application server [Puma](http://puma.io/) supports [Phased or Rolling restart](https://github.com/puma/puma/blob/master/docs/restart.md#normal-vs-hot-vs-phased-restart) feature. If you provide separate `restart`command for a process, then this command will be called (`$ procsd restart`) by Systemd instead of just killing and starting process again.
+Why? For example default Ruby on Rails application server [Puma](http://puma.io/) supports [Phased or Rolling restart](https://github.com/puma/puma/blob/master/docs/restart.md#normal-vs-hot-vs-phased-restart) feature. If you provide separate `ExecReload`command for a process, then this command will be called while executing `$ procsd restart` by systemd instead of just killing and starting process again.
+
+## Capistrano integration
+
+https://github.com/vifreefly/capistrano-procsd
 
 
 ## ToDo
-* Optional possibility to generate Ngnix config (with out-of-box SSL using [Certbot](https://certbot.eff.org/lets-encrypt/ubuntubionic-nginx)) for an application to use Ngnix as a proxy and serve static files
 * Add integration with [Inspeqtor](https://github.com/mperham/inspeqtor) to monitor application services and get alert notifications if something happened
 
 

data/lib/procsd/cli.rb

@@ -1,71 +1,45 @@
 require 'yaml'
-require 'erb'
 require_relative 'generator'
 
 module Procsd
   class CLI < Thor
     class ConfigurationError < StandardError; end
     class ArgumentError < StandardError; end
-    map %w[--version -v] => :__print_version
 
     desc "create", "Create and enable app services"
-    option :user, aliases: :u, type: :string, banner: "$USER"
-    option :dir,  aliases: :d, type: :string, banner: "$PWD"
-    option :path, aliases: :p, type: :string, banner: "$PATH"
+    option :user, aliases: :u, type: :string, banner: "$USER", default: ENV["USER"]
+    option :dir,  aliases: :d, type: :string, banner: "$PWD", default: ENV["PWD"]
+    option :path, aliases: :p, type: :string, banner: "$PATH", default: `/bin/bash -ilc 'echo $PATH'`.strip
     option :'or-restart', type: :boolean, banner: "Create and start app services if not created yet, otherwise restart"
     option :'add-to-sudoers', type: :boolean, banner: "Create sudoers rule at /etc/sudoers.d/app_name to allow manage app target without password prompt"
     def create
-      preload!
-
-      if !target_exist?
-        opts = {
-          user: options["user"] || ENV["USER"],
-          dir: options["dir"] || ENV["PWD"],
-          path: options["path"] || fetch_path_env
-        }
-
-        opts.each do |key, value|
-          if value.nil? || value.empty?
-            say("Can't fetch value for --#{key}, please provide it as an argument", :red) and return
-          else
-            say "Value of the --#{key} option: #{value}"
-          end
+      raise ConfigurationError, "Can't find systemctl executable available" unless in_path?("systemctl")
+      options.each do |key, value|
+        next unless %w(user dir path).include? key
+        if value.nil? || value.empty?
+          say("Can't fetch value for --#{key}, please provide it's as an argument", :red) and return
+        else
+          say("Value of the --#{key} option: #{value}", :yellow)
         end
+      end
 
-        gen = Generator.new
-        gen.export!(services, config: @config, options: options.merge(opts))
-
-        enable
-        if execute %w(sudo systemctl daemon-reload)
-          say("Reloaded configuraion (daemon-reload)", :green)
+      preload!
+      if @config[:nginx]
+        raise ConfigurationError, "Can't find nginx executable available" unless in_path?("nginx")
+        unless Dir.exist?(File.join options["dir"], "public")
+          raise ConfigurationError, "Missing public/ folder to use with Nginx"
         end
-
-        if options["or-restart"]
-          start
-          say("App services were created, enabled and started", :green)
-        else
-          say("App services were created and enabled. Run `start` to start them", :green)
+        unless @config.dig(:environment, "PORT")
+          raise ConfigurationError, "Please provide PORT environment variable in procsd.yml to use with Nginx"
         end
-
-        sudoers_rule_content = generate_sudoers_rule(opts[:user])
-        if options["add-to-sudoers"]
-          sudoers_file_temp_path = "/tmp/#{app_name}"
-          sudoers_file_dest_path = "#{SUDOERS_DIR}/#{app_name}"
-          if Dir.exist?(SUDOERS_DIR)
-            File.open(sudoers_file_temp_path, "w") { |f| f.puts sudoers_rule_content }
-            execute %W(sudo chown root:root #{sudoers_file_temp_path})
-            execute %W(sudo chmod 0440 #{sudoers_file_temp_path})
-            if execute %W(sudo mv #{sudoers_file_temp_path} #{sudoers_file_dest_path})
-              say("Sudoers file #{sudoers_file_dest_path} was created", :green)
-            end
-          else
-            say "Directory #{SUDOERS_DIR} does not exist, sudoers file wan't created"
-          end
-        else
-          say "Note: add following line to the sudoers file (`$ sudo visudo`) if you don't " \
-            "want to type password each time for start/stop/restart commands:"
-          puts sudoers_rule_content
+        if certbot = @config[:nginx]["certbot"]
+          raise ConfigurationError, "Can't find certbot executable available" unless in_path?("certbot")
+          raise ConfigurationError, "Provide email to generate cert using certbot" unless certbot["email"]
         end
+      end
+
+      if !target_exist?
+        perform_create
       else
         if options["or-restart"]
           restart
@@ -83,9 +57,9 @@ module Procsd
         stop
         disable
 
-        services.keys.push(target_name).each do |filename|
+        units.each do |filename|
           path = File.join(systemd_dir, filename)
-          execute %W(sudo rm #{path}) and say "Deleted #{path}" if File.exist? path
+          execute %W(sudo rm #{path}) and say "Deleted: #{path}" if File.exist?(path)
         end
 
         if execute %w(sudo systemctl daemon-reload)
@@ -94,10 +68,19 @@ module Procsd
         say("App services were stopped, disabled and removed", :green)
 
         sudoers_file_path = "#{SUDOERS_DIR}/#{app_name}"
-        if File.exist?(sudoers_file_path)
-          if yes?("Remove sudoers rule #{sudoers_file_path} ? (yes/no)")
-            say("Sudoers file removed", :green) if execute %W(sudo rm #{sudoers_file_path})
+        if system "sudo", "test", "-e", sudoers_file_path
+          say("Sudoers file removed", :green) if execute %W(sudo rm #{sudoers_file_path})
+        end
+
+        if @config[:nginx]
+          enabled_path = File.join(NGINX_DIR, "sites-enabled", app_name)
+          available_path = File.join(NGINX_DIR, "sites-available", app_name)
+          [enabled_path, available_path].each do |path|
+            execute %W(sudo rm #{path}) and say "Deleted: #{path}" if File.exist?(path)
           end
+
+          execute %w(sudo systemctl restart nginx)
+          say("Nginx config removed and daemon reloaded", :green)
         end
       else
         say_target_not_exists
@@ -182,7 +165,7 @@ module Procsd
       end
 
       command << (options["target"] ? target_name : "#{app_name}-#{service_name}*")
-      execute command
+      execute command, type: :exec
     end
 
     desc "logs", "Show app services logs"
@@ -202,7 +185,7 @@ module Procsd
       command.push("--grep", "'" + options["grep"] + "'") if options["grep"]
 
       command.push("--unit", "#{app_name}-#{service_name}*")
-      execute command
+      execute command, type: :exec
     end
 
     desc "list", "List all app services"
@@ -210,15 +193,11 @@ module Procsd
       preload!
       say_target_not_exists and return unless target_exist?
 
-      execute %W(systemctl list-dependencies #{target_name})
+      command = %W(systemctl list-dependencies #{target_name})
+      execute command, type: :exec
     end
 
-    desc "--version, -v", "Print the version"
-    def __print_version
-      puts VERSION
-    end
-
-    desc "config", "Show configuration. Available types: sudoers"
+    desc "config", "Print config files based on current settings. Available types: sudoers"
     def config(name)
       preload!
 
@@ -230,32 +209,109 @@ module Procsd
       end
     end
 
+    map exec: :__exec
+    desc "exec", "Run app process"
+    option :env, type: :boolean, banner: "Require environment defined in procsd.yml"
+    def __exec(process_name)
+      preload!
+
+      start_cmd = @config[:processes].dig(process_name, "commands", "ExecStart")
+      raise ArgumentError, "Process is not defined: #{process_name}" unless start_cmd
+
+      if options["env"]
+        @config[:environment].each { |k, v| @config[:environment][k] = v.to_s }
+        exec @config[:environment], start_cmd
+      else
+        exec start_cmd
+      end
+    end
+
+    map %w[--version -v] => :__print_version
+    desc "--version, -v", "Print the version"
+    def __print_version
+      puts VERSION
+    end
+
     private
 
-    def generate_sudoers_rule(user)
-      commands = []
-      systemctl_path = `which systemctl`.strip
+    def perform_create
+      generator = Generator.new(@config, options)
+      generator.generate_units(save: true)
+
+      if execute %w(sudo systemctl daemon-reload)
+        say("Reloaded configuraion (daemon-reload)", :green)
+      end
+
+      enable
+
+      if options["or-restart"]
+        start
+        say("App services were created, enabled and started", :green)
+      else
+        say("App services were created and enabled. Run `start` to start them", :green)
+      end
+
+      if options["add-to-sudoers"]
+        if Dir.exist?(SUDOERS_DIR)
+          if generator.generate_sudoers(options["user"], has_reload: has_reload?, save: true)
+            say("Sudoers file #{SUDOERS_DIR}/#{app_name} was created", :green)
+          end
+        else
+          say("Directory #{SUDOERS_DIR} does not exists, sudoers file wasn't created", :red)
+        end
+      else
+        say "Note: add following line to the sudoers file (`$ sudo visudo`) if you don't " \
+          "want to type password each time for start/stop/restart commands:"
+        puts generator.generate_sudoers(options["user"], has_reload: has_reload?)
+      end
+
+      if nginx = @config[:nginx]
+        generator.generate_nginx_conf(save: true)
+        execute %w(sudo systemctl restart nginx)
+        say("Nginx config created and daemon reloaded", :green)
+
+        # Reference: https://certbot.eff.org/docs/using.html#certbot-command-line-options
+        if certbot = nginx["certbot"]
+          command = %w(sudo certbot --agree-tos --no-eff-email --redirect --non-interactive --nginx)
+          nginx["server_name"].split(" ").map(&:strip).each do |domain|
+            command.push("-d", domain)
+          end
 
-      %w(start stop restart).each { |cmd| commands << "#{systemctl_path} #{cmd} #{target_name}" }
-      commands << "#{systemctl_path} reload-or-restart #{app_name}-\\* --all" if has_reload?
+          command.push("-m", certbot["email"])
+          if execute command
+            say("Successfully installed SSL cert using certbot", :green)
+          else
+            say("Failed to install SSL cert using certbot", :red)
+          end
+        end
+      end
+    end
 
-      "#{user} ALL=NOPASSWD: #{commands.join(', ')}"
+    def in_path?(name)
+      system("which", name, [:out, :err] => "/dev/null")
     end
 
     def has_reload?
-      services.any? { |_, opts| opts["restart"] }
+      @config[:processes].any? { |name, values| values.dig("commands", "ExecReload") }
     end
 
-    def fetch_path_env
-      # get value of the $PATH env variable including ~/.bashrc as well (-i flag)
-      `/bin/bash -ilc 'echo $PATH'`.strip
-    end
+    def units
+      all = [target_name]
+      @config[:processes].each do |name, values|
+        values["size"].times { |i| all << "#{app_name}-#{name}.#{i + 1}.service" }
+      end
 
-    def execute(command)
-      trap("INT") { puts "\nInterrupted" ; exit 130 }
+      all
+    end
 
-      say("> Executing command: `#{command.join(' ')}`", :yellow) if ENV["VERBOSE"] == "true"
-      system *command
+    def execute(command, type: :system)
+      say("Execute: #{command.join(' ')}", :yellow) if ENV["VERBOSE"] == "true"
+      case type
+      when :system
+        system *command
+      when :exec
+        exec *command
+      end
     end
 
     def say_target_not_exists
@@ -286,24 +342,9 @@ module Procsd
       @config[:app]
     end
 
-    def services
-      all = {}
-      @config[:processes].each do |process_name, opts|
-        opts["count"].times do |i|
-          commands = { "start" => opts["start"], "stop" => opts["stop"], "restart" => opts["restart"] }
-          all["#{app_name}-#{process_name}.#{i + 1}.service"] = commands
-        end
-      end
-
-      all
-    end
-
     def preload!
-      @config = {}
+      @config = { processes: {}}
 
-      unless system("which", "systemctl", [:out, :err]=>"/dev/null")
-        raise ConfigurationError, "Your OS doesn't has systemctl executable available"
-      end
       raise ConfigurationError, "Config file procsd.yml doesn't exists" unless File.exist? "procsd.yml"
       begin
         procsd = YAML.load(ERB.new(File.read "procsd.yml").result)
@@ -335,19 +376,18 @@ module Procsd
       processes = procsd["processes"] || procfile
       processes.each do |process_name, opts|
         if opts.kind_of?(Hash)
-          raise ConfigurationError, "Missing start command for `#{process_name}` process" unless opts["start"]
+          raise ConfigurationError, "Missing ExecStart command for `#{process_name}` process" unless opts["ExecStart"]
+          @config[:processes][process_name] = { "commands" => opts }
         else
-          processes[process_name] = { "start" => opts }
+          @config[:processes][process_name] = { "commands" => { "ExecStart" => opts }}
         end
 
-        unless processes[process_name]["count"]
-          processes[process_name]["count"] = formation[process_name] || 1
-        end
+        @config[:processes][process_name]["size"] = formation[process_name] || 1
       end
 
-      @config[:processes] = processes
       @config[:environment] = procsd["environment"] || {}
       @config[:systemd_dir] = procsd["systemd_dir"] || DEFAULT_SYSTEMD_DIR
+      @config[:nginx] = procsd["nginx"]
     end
   end
 end

data/lib/procsd/generator.rb

@@ -1,47 +1,110 @@
 module Procsd
-  class Generator < Thor::Group
-    include Thor::Actions
+  class Generator
+    attr_reader :app_name, :target_name
 
-    def self.source_root
-      File.dirname(__FILE__)
-    end
-
-    def export!(services, config:, options:)
-      self.destination_root = "/tmp"
+    def initialize(config, options)
       @config = config
-      say "Systemd directory: #{@config[:systemd_dir]}"
-
-      app_name = @config[:app]
-      target_name = "#{app_name}.target"
+      @options = options
+      @app_name = @config[:app]
+      @target_name = "#{app_name}.target"
+    end
 
-      services.each do |service_name, service_command|
-        service_config = options.merge(
+    def generate_units(save: false)
+      services = {}
+      @config[:processes].each do |name, values|
+        commands = values["commands"]
+        size = values["size"]
+        content = generate_template("service", @options.merge(
           "target_name" => target_name,
-          "id" => service_name.sub(".service", ""),
-          "command" => service_command,
+          "commands" => commands,
           "environment" => @config[:environment]
-        )
+        ))
 
-        generate(service_name, service_config, type: :service)
+        services[name] = { content: content, size: size }
       end
 
-      target_config = {
-        "app" => app_name,
-        "services" => services.keys
-      }
-      generate(target_name, target_config, type: :target)
+      if save
+        puts "Creating app units files in the systemd directory (#{DEFAULT_SYSTEMD_DIR})..."
+        wants = []
+        services.each do |service_name, values|
+          values[:size].times do |i|
+            unit_name = "#{app_name}-#{service_name}.#{i + 1}.service"
+            wants << unit_name
+            write_file!(File.join(@config[:systemd_dir], unit_name), values[:content])
+          end
+        end
+
+        target_content = generate_template("target", {
+          "app" => app_name,
+          "wants" => wants.join(" ")
+        })
+        write_file!(File.join(@config[:systemd_dir], target_name), target_content)
+      else
+        services
+      end
+    end
+
+    def generate_sudoers(user, has_reload:, save: false)
+      systemctl_path = `which systemctl`.strip
+      commands = []
+      %w(start stop restart).each { |cmd| commands << "#{systemctl_path} #{cmd} #{target_name}" }
+      commands << "#{systemctl_path} reload-or-restart #{app_name}-\\* --all" if has_reload
+      content = "#{user} ALL=NOPASSWD: #{commands.join(', ')}"
+
+      if save
+        puts "Creating sudoers rule file in the sudoers.d directory (#{SUDOERS_DIR})..."
+        temp_path = "/tmp/#{app_name}"
+        dest_path = "#{SUDOERS_DIR}/#{app_name}"
+
+        File.open(temp_path, "w") { |f| f.puts content }
+        system "sudo", "chown", "root:root", temp_path
+        system "sudo", "chmod", "0440", temp_path
+        system "sudo", "mv", temp_path, dest_path
+      else
+        content
+      end
+    end
+
+    def generate_nginx_conf(save: false)
+      root_path = File.join(@options["dir"], "public")
+      content = generate_template("nginx", {
+        port: @config[:environment]["PORT"],
+        server_name: @config[:nginx]["server_name"],
+        root: root_path,
+        error_500: File.exist?(File.join root_path, "500.html"),
+        error_404: File.exist?(File.join root_path, "404.html"),
+        error_422: File.exist?(File.join root_path, "422.html")
+      })
+
+      if save
+        config_path = File.join(NGINX_DIR, "sites-available", app_name)
+        puts "Creating Nginx config (#{config_path})..."
+        write_file!(config_path, content)
+        puts "Link Nginx config file to the sites-enabled folder..."
+        system "sudo", "ln", "-nfs", config_path, File.join(NGINX_DIR, "sites-enabled")
+      else
+        content
+      end
     end
 
     private
 
-    def generate(filename, conf, type:)
-      template("templates/#{type}.erb", filename, conf)
+    def generate_template(template_name, conf)
+      b = binding
+      b.local_variable_set(:config, conf)
+      template_path = File.join(File.dirname(__FILE__), "templates/#{template_name}.erb")
+      content = File.read(template_path)
+      ERB.new(content, nil, "-").result(b)
+    end
 
-      source_path = File.join(destination_root, filename)
-      dest_path = File.join(@config[:systemd_dir], filename)
-      system "sudo", "mv", source_path, dest_path
+    def write_file!(dest_path, content)
+      temp_path = File.join("/tmp", Pathname.new(dest_path).basename.to_s)
+      File.write(temp_path, content)
+      if system "sudo", "mv", temp_path, dest_path
+        puts "Create: #{dest_path}"
+      end
     ensure
-      File.delete(source_path) if File.exist? source_path
+      File.delete(temp_path) if File.exist? temp_path
     end
   end
 end

data/lib/procsd/templates/nginx.erb

@@ -0,0 +1,39 @@
+upstream app {
+  server 127.0.0.1:<%= config[:port] %>;
+}
+
+server {
+  listen 80;
+  listen [::]:80;
+
+  server_name <%= config[:server_name] %>;
+  root <%= config[:root] %>;
+
+  location ^~ /assets/ {
+    gzip_static on;
+    expires max;
+    add_header Cache-Control public;
+  }
+
+  try_files $uri/index.html $uri @app;
+  location @app {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_redirect off;
+    proxy_pass http://app;
+  }
+
+  client_max_body_size 256M;
+  keepalive_timeout 60;
+<% if config[:error_500] -%>
+  error_page 500 502 503 504 /500.html;
+<% end -%>
+<% if config[:error_404] -%>
+  error_page 404 /404.html;
+<% end -%>
+<% if config[:error_422] -%>
+  error_page 422 /422.html;
+<% end -%>
+}

data/lib/procsd/templates/service.erb

@@ -1,7 +1,7 @@
 [Unit]
 Requires=network.target
 PartOf=<%= config["target_name"] %>
-<% if config["command"]["restart"] -%>
+<% if config["commands"]["ExecReload"] -%>
 ReloadPropagatedFrom=<%= config["target_name"] %>
 <% end -%>
 
@@ -10,20 +10,20 @@ Type=simple
 User=<%= config["user"] %>
 WorkingDirectory=<%= config["dir"] %>
 
-ExecStart=/bin/bash -lc '<%= config["command"]["start"] %>'
-<% if stop = config["command"]["stop"] -%>
+ExecStart=/bin/bash -lc '<%= config["commands"]["ExecStart"] %>'
+<% if stop = config["commands"]["ExecStop"] -%>
 ExecStop=/bin/bash -lc '<%= stop %>'
 <% end -%>
-<% if config["command"]["restart"] -%>
-ExecReload=/bin/bash -lc '<%= config["command"]["restart"] %>'
+<% if reload = config["commands"]["ExecReload"] -%>
+ExecReload=/bin/bash -lc '<%= reload %>'
 <% end -%>
 
 Restart=always
 RestartSec=1
-TimeoutStopSec=15
+TimeoutStopSec=30
 KillMode=mixed
 StandardInput=null
-SyslogIdentifier=<%= config["id"] %>
+SyslogIdentifier=%n
 
 Environment="PATH=<%= config["path"] %>"
 <% config["environment"].each do |key, value| -%>

data/lib/procsd/templates/target.erb

@@ -1,5 +1,5 @@
 [Unit]
-Wants=<%= config["services"].join(" ") %>
+Wants=<%= config["wants"] %>
 
 [Install]
 WantedBy=multi-user.target

data/lib/procsd/version.rb

@@ -1,3 +1,3 @@
 module Procsd
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

data/lib/procsd.rb

@@ -1,8 +1,10 @@
 require 'dotenv/load'
 require 'thor'
+require 'erb'
 require 'procsd/version'
 
 module Procsd
   DEFAULT_SYSTEMD_DIR = "/etc/systemd/system".freeze
   SUDOERS_DIR = "/etc/sudoers.d".freeze
+  NGINX_DIR = "/etc/nginx".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: procsd
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Victor Afanasev
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-11-08 00:00:00.000000000 Z
+date: 2018-11-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -100,6 +100,7 @@ files:
 - lib/procsd.rb
 - lib/procsd/cli.rb
 - lib/procsd/generator.rb
+- lib/procsd/templates/nginx.erb
 - lib/procsd/templates/service.erb
 - lib/procsd/templates/target.erb
 - lib/procsd/version.rb