procsd 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 862f5699d79e6ac90e5c946ba08d13b190bde81c1c2f015bd9aea7ca2b797d2e
-  data.tar.gz: 4713b4d70b167bb999727bb20869568a6e15e3c91d9197f4c062eb4e384b9c9b
+  metadata.gz: da11e4c031739d5f93c9b4b4135da9f8589fbe04348ae9dad0a87b212e3de7ec
+  data.tar.gz: cea50b63954f02b21f713e6658feec63017b5718024b0447be5975b628d1ada9
 SHA512:
-  metadata.gz: 222767562ebc5727f52d5c26b95dbfaf2de2dca0f0901e49f5ac8b35513a50052ab848fcc23f7bb69c2740789c101c5a6258de73d5651ec6a0a75e4f9c81f0f9
-  data.tar.gz: 93000122413fc6d307a7436a5f614c0188c6172e6d8f6330fe2a57c7bd472d1bb6e414cd9076e1d9f3a8cad3c0e1411c1a7103fcffd894f510d9aff67dad2602
+  metadata.gz: b758ae08dbaa3682314f5e378e3b2db1396d73e47e7af096a3176dda7b00a59b040e028ef5af7712068dfcfb1e944367184f29606eb8d30d4af44a9198d49722
+  data.tar.gz: 95ca90f04d4f7a4c2e4569f526920cf91dd18b6fd7a431f17b69bb6509d6c6fc0d210c3e9c8ae96411c1429a9533ad80009fa4f413acef34a57acd0112bf2536

data/CHANGELOG.md

@@ -1,4 +1,26 @@
 # CHANGELOG
+## 0.5.0
+* **Breaking change:** Changed the way how to define SSL option for Ngnix configuration in procsd.yml (and by default contact email is not required anymore)
+
+Was:
+```yml
+nginx:
+  server_name: my-domain.com
+  certbot:
+    email: some@email.com
+```
+
+Now:
+```yml
+nginx:
+  server_name: my-domain.com
+  ssl: true
+```
+
+If you want to provide email for Let's Encrypt, make sure that you have env variable CERTBOT_EMAIL=my_email while executing `$ procsd create`. You can put CERTBOT_EMAIL variable to the application's `.env` file (procsd will read this file if it exists) or simply call create command this way: `CERTBOT_EMAIL=my_email procsd create`.
+
+* Change SyslogIdentifier for services from %n to %p
+
 ## 0.4.0
 * **Breaking change:** commands in extended processes syntax were renamed from start/restart/stop to ExecStart/ExecReload/ExecStop:
 

data/README.md

@@ -8,7 +8,7 @@ Can we have something similar on the cheap Ubuntu VPS from DigitalOcean? Yes we
 
 ## Getting started
 
-> **Note:** latest version of Procsd is `0.4.0`. Since version `0.3.0` there are some breaking changes. Check the [CHANGELOG.md](CHANGELOG.md). To update to the latest version, run `$ gem update procsd` or `$ bundle update procsd` (if you have already installed procsd).
+> **Note:** latest version of Procsd is `0.5.0`. Since version `0.4.0` there are some breaking changes. Check the [CHANGELOG.md](CHANGELOG.md). To update to the latest version, run `$ gem update procsd` or `$ bundle update procsd` (if you have already installed procsd).
 
 > **Note:** Procsd works best with Capistrano integration: [vifreefly/capistrano-procsd](https://github.com/vifreefly/capistrano-procsd)
 
@@ -207,14 +207,14 @@ Use Ctrl-C to stop
 
 By default `procsd exec` skip environment variables defined in `procsd.yml`. To run process with production environment, provide `--env` option as well: `procsd exec web --env`.
 
-### Nginx
+### Nginx integration (with automatic HTTPS)
 > Before make sure that you have Nginx installed `sudo apt install nginx` and running `sudo systemctl status nginx`.
 
-If one of your application processes is a web process, you can automatically setup Nginx config for it. Why? For example to serve static files (assets, images, etc) directly using fast Nginx, rather than application server. Or to enable SSL support (see below).
+If one of your application processes is a web process, you can automatically setup Nginx (reverse proxy) config for it. Why? For example to serve static files (assets, images, etc) directly using fast Nginx, rather than application server. Or to enable SSL support (see below).
 
 Add to your procsd.yml `nginx` section with `server_name` option defined:
 
-> If you don't have domain defined (or don't need it), you can add server IP instead: `server_name: 159.159.159.159`.
+> If you don't have a domain for an application (or don't need it), you can add server IP instead: `server_name: 159.159.159.159`.
 
 > If your application use multiple domains/subdomains, add all of them separated with space: `server_name: my-domain.com us.my-domain.com uk.my-domain.com`
 
@@ -222,6 +222,9 @@ Add to your procsd.yml `nginx` section with `server_name` option defined:
 
 ```yml
 app: sample_app
+processes:
+  web: bundle exec rails server -p $PORT
+  worker: bundle exec sidekiq -e $RAILS_ENV
 formation: web=1,worker=2
 environment:
   PORT: 2501
@@ -231,7 +234,7 @@ nginx:
   server_name: my-domain.com
 ```
 
-Configuration is done! Run [procsd create](#create-an-application-export-to-systemd) to create app services with Nginx config:
+Configuration is done! Run [procsd create](#create-an-application-export-to-systemd) to create app services with Nginx reverse proxy config:
 
 ```
 deploy@server:~/sample_app$ procsd create
@@ -251,8 +254,8 @@ Link Nginx config file to the sites-enabled folder...
 Nginx config created and daemon reloaded
 ```
 
-<details/>
-  <summary><code>/etc/nginx/sites-available/sample_app</code>:</summary>
+<details>
+  <summary>/etc/nginx/sites-available/sample_app</summary>
 
 ```
 upstream app {
@@ -289,30 +292,35 @@ server {
   error_page 422 /422.html;
 }
 ```
-</details>
+</details><br>
+
+Everything is done. Start app services (`procsd start`) and go to `http://my-domain.com` where you'll see your application proxying with Nginx.
 
 #### Auto SSL using Certbot
 
 To generate Nginx config with free SSL certificate (from [Let’s Encrypt](https://letsencrypt.org/)) included, you need to install [Certbot](https://certbot.eff.org/) on the remote server first:
 
 ```
+sudo apt install software-properties-common
 sudo add-apt-repository ppa:certbot/certbot
 sudo apt update
 sudo apt-get install python-certbot-nginx
 ```
 
-Then update procsd.yml:
+> When you install certbot, it automatically setup a cron job (twice per day) to renew expiring certificates ([Automated Renewals](https://certbot.eff.org/docs/using.html#automated-renewals)), so you don't have to worry about renewing certificates manually.
 
-> It's required to provide contact email to obtain free certificate from Let’s Encrypt
+Then update procsd.yml by adding `ssl: true`:
 
 ```yml
+# ...
 nginx:
   server_name: my-domain.com
-  certbot:
-    email: my-contact-email@gmail.com
+  ssl: true # added
 ```
 
-Configuration is done. **Make sure that all domains defined in procsd (nginx.server_name) are pointed to server IP** where the application is hosted. Now run `procsd create` as usual:
+Configuration is done. **Make sure that all domains defined in procsd (nginx.server_name) are pointing to the server IP** where application is hosted. Then run `procsd create` as usual:
+
+> By default Certbot obtaining certificate from _Let's Encrypt_ without a contact email. If you want to provide contact email, define env variable `CERTBOT_EMAIL` with your email in the `.env` file.
 
 <details/>
   <summary>Output</summary>
@@ -334,7 +342,7 @@ Create: /etc/nginx/sites-available/sample_app
 Link Nginx config file to the sites-enabled folder...
 Nginx config created and daemon reloaded
 
-Execute: sudo certbot --agree-tos --no-eff-email --non-interactive --nginx -d my-domain.com -m my-contact-email@gmail.com
+Execute: sudo certbot --agree-tos --no-eff-email --non-interactive --nginx -d my-domain.com --register-unsafely-without-email
 Saving debug log to /var/log/letsencrypt/letsencrypt.log
 Plugins selected: Authenticator nginx, Installer nginx
 Obtaining a new certificate
@@ -373,7 +381,9 @@ IMPORTANT NOTES:
 
 Successfully installed SSL cert using certbot
 ```
-</details>
+</details><br>
+
+That's it. Start app services (`procsd start`) and go to `https://my-domain.com` where you'll see your application proxying with Nginx and SSL enabled.
 
 
 ## All available commands
@@ -450,6 +460,7 @@ https://github.com/vifreefly/capistrano-procsd
 
 
 ## ToDo
+* Add `procsd update` command to quickly update changed configuration (application units, nginx config, etc), instead of calling two separate commands (`procsd destroy` and `procsd create`)
 * Add integration with [Inspeqtor](https://github.com/mperham/inspeqtor) to monitor application services and get alert notifications if something happened
 
 

data/lib/procsd/cli.rb

@@ -14,14 +14,6 @@ module Procsd
     option :'add-to-sudoers', type: :boolean, banner: "Create sudoers rule at /etc/sudoers.d/app_name to allow manage app target without password prompt"
     def create
       raise ConfigurationError, "Can't find systemctl executable available" unless in_path?("systemctl")
-      options.each do |key, value|
-        next unless %w(user dir path).include? key
-        if value.nil? || value.empty?
-          say("Can't fetch value for --#{key}, please provide it's as an argument", :red) and return
-        else
-          say("Value of the --#{key} option: #{value}", :yellow)
-        end
-      end
 
       preload!
       if @config[:nginx]
@@ -32,9 +24,8 @@ module Procsd
         unless @config.dig(:environment, "PORT")
           raise ConfigurationError, "Please provide PORT environment variable in procsd.yml to use with Nginx"
         end
-        if certbot = @config[:nginx]["certbot"]
+        if @config[:nginx]["ssl"]
           raise ConfigurationError, "Can't find certbot executable available" unless in_path?("certbot")
-          raise ConfigurationError, "Provide email to generate cert using certbot" unless certbot["email"]
         end
       end
 
@@ -235,6 +226,15 @@ module Procsd
     private
 
     def perform_create
+      options.each do |key, value|
+        next unless %w(user dir path).include? key
+        if value.nil? || value.empty?
+          say("Can't fetch value for --#{key}, please provide it's as an argument", :red) and return
+        else
+          say("Value of the --#{key} option: #{value}", :yellow)
+        end
+      end
+
       generator = Generator.new(@config, options)
       generator.generate_units(save: true)
 
@@ -271,17 +271,25 @@ module Procsd
         say("Nginx config created and daemon reloaded", :green)
 
         # Reference: https://certbot.eff.org/docs/using.html#certbot-command-line-options
-        if certbot = nginx["certbot"]
+        # How it works in Caddy https://caddyserver.com/docs/automatic-https
+        if nginx["ssl"]
           command = %w(sudo certbot --agree-tos --no-eff-email --redirect --non-interactive --nginx)
           nginx["server_name"].split(" ").map(&:strip).each do |domain|
             command.push("-d", domain)
           end
 
-          command.push("-m", certbot["email"])
+          if email = ENV["CERTBOT_EMAIL"]
+            command.push("--email", email)
+          else
+            command << "--register-unsafely-without-email"
+          end
+
+          say "Trying to obtain SSL certificate for Nginx config using Certbot..."
           if execute command
-            say("Successfully installed SSL cert using certbot", :green)
+            say("Successfully installed SSL cert using Certbot", :green)
           else
-            say("Failed to install SSL cert using certbot", :red)
+            msg = "Failed to install SSL cert using Certbot. Make sure that all provided domains are pointing to this server IP."
+            say(msg, :red)
           end
         end
       end

data/lib/procsd/templates/service.erb

@@ -23,7 +23,7 @@ RestartSec=1
 TimeoutStopSec=30
 KillMode=mixed
 StandardInput=null
-SyslogIdentifier=%n
+SyslogIdentifier=%p
 
 Environment="PATH=<%= config["path"] %>"
 <% config["environment"].each do |key, value| -%>

data/lib/procsd/version.rb

@@ -1,3 +1,3 @@
 module Procsd
-  VERSION = "0.4.0"
+  VERSION = "0.5.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: procsd
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Victor Afanasev
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-11-19 00:00:00.000000000 Z
+date: 2018-11-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor