procsd 0.5.3 → 0.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cdf2c20fbe8f6aada5790a37464fa13eceb7db3ec671a821c32a8ea6471e579d
4
- data.tar.gz: 4bdca0fd4c9b095a678988cde054031363ed80d5f48332ecc445803e16f402b0
3
+ metadata.gz: '09e6c1faceca84dc0337311001b11397aa338b25bc285960175e4537d3a38f71'
4
+ data.tar.gz: e1fc39db9a119b15d2042558b093ec222aed03baa67d75f824c3da8b99464e72
5
5
  SHA512:
6
- metadata.gz: ef4ac450a0847a268685a5c15f22772896d41de580b359d4a212432c31daed795b47d5e5d774e3307a20a3686f10372293ccc8047954b9b905321555de92ba79
7
- data.tar.gz: 1392ebe266e97c45a77fd72a0f55d0aa261720bdb0950369838403c4412e005eb16b3fefa33ff20211bc46e8435baf4a27ecf048407d89db1b0c9f0b9f549a7d
6
+ metadata.gz: d321a3cb39f9a5c442a6c088682b020fafa6fc59e6f03b892bd438df4a10b0fcc3490e5651e20eb060e920de22b7364425da07368f73305b089d63a791f4246c
7
+ data.tar.gz: ce218eae99a2bd36cbc771e3ba199e0ac9b68cb8736202f0ec171c74f36cef22bca84d89f7704d356c2ee29fb9cb2d7ac935e98cf76079500bd8ed6799067033
@@ -1,4 +1,8 @@
1
1
  # CHANGELOG
2
+ ## 0.5.4
3
+ * Add: information how to use SSL integration with Cloudflare CDN enabled
4
+ * Add: procsd config certbot_command command
5
+
2
6
  ## 0.5.3
3
7
  * Fix: procsd config sudoers command
4
8
  * Add: procsd config services command
data/README.md CHANGED
@@ -8,7 +8,7 @@ Can we have something similar on the cheap Ubuntu VPS from DigitalOcean? Yes we
8
8
 
9
9
  ## Getting started
10
10
 
11
- > **Note:** latest version of Procsd is `0.5.2`. Since version `0.4.0` there are some breaking changes. Check the [CHANGELOG.md](CHANGELOG.md). To update to the latest version, run `$ gem update procsd` or `$ bundle update procsd` (if you have already installed procsd).
11
+ > **Note:** latest version of Procsd is `0.5.3`. Since version `0.4.0` there are some breaking changes. Check the [CHANGELOG.md](CHANGELOG.md). To update to the latest version, run `$ gem update procsd` or `$ bundle update procsd` (if you have already installed procsd).
12
12
 
13
13
  > **Note:** Procsd works best with Capistrano integration: [vifreefly/capistrano-procsd](https://github.com/vifreefly/capistrano-procsd)
14
14
 
@@ -195,17 +195,19 @@ Currently, procsd can not run all processes in development like `foreman start`
195
195
  deploy@server:~/sample_app$ procsd exec web
196
196
 
197
197
  => Booting Puma
198
- => Rails 5.2.1 application starting in development
198
+ => Rails 5.2.1 application starting in production
199
199
  => Run `rails server -h` for more startup options
200
200
  Puma starting in single mode...
201
201
  * Version 3.12.0 (ruby 2.3.0-p0), codename: Llamas in Pajamas
202
202
  * Min threads: 5, max threads: 5
203
- * Environment: development
204
- * Listening on tcp://localhost:3000
203
+ * Environment: production
204
+ * Listening on tcp://localhost:2501
205
205
  Use Ctrl-C to stop
206
206
  ```
207
207
 
208
- `procsd exec` requres all the environment variables defined in `environment` section of `procsd.yml` config file. Sometimes in development mode you need different environment configuration. For that you can add additional environment section `dev_environment` and require it as well using `--dev` flag, example:
208
+ `procsd exec` requres all the environment variables defined in `environment` section of `procsd.yml` config file.
209
+
210
+ Sometimes in development mode you need different environment configuration. For that you can add additional environment section `dev_environment` and require it as well using `--dev` flag, example:
209
211
 
210
212
  ```yaml
211
213
  app: sample_app
@@ -215,14 +217,16 @@ environment:
215
217
  RAILS_LOG_TO_STDOUT: true
216
218
  dev_environment:
217
219
  RAILS_ENV: development
218
- SOME_OTHER_DEV_ENV_VARIABLE=value
220
+ SOME_OTHER_DEV_ENV_VARIABLE: value
219
221
  ```
220
222
 
221
223
  ```
222
- deploy@server:~/sample_app$ PORT=3000 procsd exec web --dev
224
+ # Run web process with all environment & dev_environment variables included:
225
+
226
+ deploy@server:~/sample_app$ procsd exec web --dev
223
227
  ```
224
228
 
225
- > The web process runs with all environment & dev_environment variables required.
229
+ > In case if `dev_environment` has env variable with the same name like in `environment`, this variable will be rewritten with value from `dev_environment`.
226
230
 
227
231
 
228
232
  ### Nginx integration (with automatic HTTPS)
@@ -318,11 +322,11 @@ Everything is done. Start app services (`procsd start`) and go to `http://my-dom
318
322
 
319
323
  To generate Nginx config with free SSL certificate (from [Let’s Encrypt](https://letsencrypt.org/)) included, you need to install [Certbot](https://certbot.eff.org/) on the remote server first:
320
324
 
321
- ```
322
- sudo apt install software-properties-common
323
- sudo add-apt-repository ppa:certbot/certbot
324
- sudo apt update
325
- sudo apt-get install python-certbot-nginx
325
+ ```bash
326
+ $ sudo apt install software-properties-common
327
+ $ sudo add-apt-repository ppa:certbot/certbot
328
+ $ sudo apt update
329
+ $ sudo apt install certbot python-certbot-nginx
326
330
  ```
327
331
 
328
332
  > When you install certbot, it automatically setup a cron job (twice per day) to renew expiring certificates ([Automated Renewals](https://certbot.eff.org/docs/using.html#automated-renewals)), so you don't have to worry about renewing certificates manually.
@@ -336,7 +340,7 @@ nginx:
336
340
  ssl: true # added
337
341
  ```
338
342
 
339
- Configuration is done. **Make sure that all domains defined in procsd (nginx.server_name) are pointing to the server IP** where application is hosted. Then run `procsd create` as usual:
343
+ Configuration is done. **Make sure that all domains defined in procsd (nginx.server_name) are pointing to the server IP** where application is hosted. Then run `procsd create` _(you will probably need first run `procsd destroy` if app services already exists)_ as usual:
340
344
 
341
345
  > By default Certbot obtaining certificate from _Let's Encrypt_ without a contact email. If you want to provide contact email, define env variable `CERTBOT_EMAIL` with your email in the `.env` file.
342
346
 
@@ -404,26 +408,82 @@ Successfully installed SSL cert using certbot
404
408
  That's it. Start app services (`procsd start`) and go to `https://my-domain.com` where you'll see your application proxying with Nginx and SSL enabled.
405
409
 
406
410
 
411
+ <details/>
412
+ <summary>Note about using Cloudflare CDN</summary><br>
413
+
414
+ If you use Cloudflare CDN, that means the process of obtaining Let's Encrypt SSL Certificate will fail. To fix it, install `python-certbot-dns-cloudflare` package:
415
+
416
+ ```bash
417
+ $ sudo apt install certbot python-certbot-dns-cloudflare
418
+ ```
419
+
420
+ Read instructions [here how to get Cloudflare API Token and obtain certificates](https://certbot-dns-cloudflare.readthedocs.io/en/stable/). In short,
421
+
422
+ **1)** Go to https://dash.cloudflare.com/profile/api-tokens and [get your API Token](https://support.cloudflare.com/hc/en-us/articles/200167836-Where-do-I-find-my-Cloudflare-API-key-).
423
+
424
+ **2)** Create on the server `~/.secrets/certbot/` directory with `cloudflare.ini` file inside:
425
+
426
+ ```bash
427
+ $ mkdir -p ~/.secrets/certbot/
428
+ $ chmod 0700 ~/.secrets/
429
+ $ touch ~/.secrets/certbot/cloudflare.ini
430
+ $ chmod 0400 ~/.secrets/certbot/cloudflare.ini
431
+ ```
432
+
433
+ **3)** Put inside `cloudflare.ini` file your Cloudflare token:
434
+
435
+ ```bash
436
+ $ sudo nano ~/.secrets/certbot/cloudflare.ini
437
+ ```
438
+
439
+ ```bash
440
+ # ~/.secrets/certbot/cloudflare.ini
441
+
442
+ # Cloudflare API token (example) used by Certbot:
443
+ dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567
444
+ ```
445
+
446
+ **4)** Obtain certificates for all your domains declared in `procsd.yml` using _certbot-dns-cloudflare_ plugin:
447
+
448
+ ```bash
449
+ # Example command for my-domain.com domain:
450
+
451
+ $ sudo certbot certonly --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini -d my-domain.com
452
+ ```
453
+
454
+ **5)** If all went fine, update Nginx application config with new certificates (using certbot command). To get required certbot command type `$ procsd config certbot_command`, then execute it:
455
+
456
+ ```bash
457
+ # Example command for my-domain.com domain:
458
+
459
+ $ sudo certbot --agree-tos --no-eff-email --redirect --non-interactive --nginx -d my-domain.com --register-unsafely-without-email
460
+ ```
461
+
462
+ All is done!
463
+
464
+ </details><br>
465
+
466
+
407
467
  ## All available commands
408
468
 
409
469
  ```
410
470
  $ procsd --help
411
471
 
412
472
  Commands:
413
- procsd --version, -v # Print the version
414
- procsd config # Print config files based on current settings. Available types: sudoers
415
473
  procsd create # Create and enable app services
416
474
  procsd destroy # Stop, disable and remove app services
417
- procsd disable # Disable app target
475
+ procsd start # Start app services
476
+ procsd stop # Stop app services
477
+ procsd restart # Restart app services
418
478
  procsd enable # Enable app target
419
- procsd exec # Run app process
420
- procsd help [COMMAND] # Describe available commands or one specific command
421
- procsd list # List all app services
479
+ procsd disable # Disable app target
422
480
  procsd logs # Show app services logs
423
- procsd restart # Restart app services
424
- procsd start # Start app services
425
481
  procsd status # Show app services status
426
- procsd stop # Stop app services
482
+ procsd list # List all app services
483
+ procsd exec # Run single app process with environment
484
+ procsd config # Print config files based on current settings. Available types: sudoers, services, certbot_command
485
+ procsd help [COMMAND] # Describe available commands or one specific command
486
+ procsd --version, -v # Print the version
427
487
  ```
428
488
 
429
489
 
@@ -443,6 +503,7 @@ Commands:
443
503
  ## Notes
444
504
 
445
505
  * If you want to set environment variables per process, [use format](https://github.com/ddollar/foreman/wiki/Per-Process-Environment-Variables) like Foreman recommends.
506
+
446
507
  * To print commands before execution, provide env variable `VERBOSE=true` before procsd command. Example:
447
508
 
448
509
  ```
@@ -455,6 +516,7 @@ Execute: journalctl --no-pager --no-hostname --all --output short-iso -n 3 --uni
455
516
  2018-11-04T19:11:59+0400 sample_app-worker.2[29907]: 2018-11-04T15:11:59.597Z 29907 TID-gne5aeyuz INFO: Booting Sidekiq 5.2.2 with redis options {:id=>"Sidekiq-server-PID-29907", :url=>nil}
456
517
  2018-11-04T19:11:59+0400 sample_app-worker.2[29907]: 2018-11-04T15:11:59.601Z 29907 TID-gne5aeyuz INFO: Starting processing, hit Ctrl-C to stop
457
518
  ```
519
+
458
520
  * You can use extended format of processes commands inside `procsd.yml` to provide additional restart/stop commands for each process:
459
521
 
460
522
  > All possible options: `ExecStart`, `ExecReload` and `ExecStop`
@@ -472,6 +534,9 @@ processes:
472
534
 
473
535
  Why? For example default Ruby on Rails application server [Puma](http://puma.io/) supports [Phased or Rolling restart](https://github.com/puma/puma/blob/master/docs/restart.md#normal-vs-hot-vs-phased-restart) feature. If you provide separate `ExecReload`command for a process, then this command will be called while executing `$ procsd restart` by systemd instead of just killing and starting process again.
474
536
 
537
+ * If you use Nginx integration but default Nginx requests timeout (60s) is too small for you, [you can set a custom timeout](https://serverfault.com/a/777753) in the global Nginx config.
538
+
539
+
475
540
  ## Capistrano integration
476
541
 
477
542
  https://github.com/vifreefly/capistrano-procsd
@@ -192,7 +192,7 @@ module Procsd
192
192
  execute command, type: :exec
193
193
  end
194
194
 
195
- desc "config", "Print config files based on current settings. Available types: sudoers, services"
195
+ desc "config", "Print config files based on current settings. Available types: sudoers, services, certbot_command"
196
196
  def config(name)
197
197
  preload!
198
198
 
@@ -201,7 +201,7 @@ module Procsd
201
201
 
202
202
  case name
203
203
  when "sudoers"
204
- say generator.generate_sudoers(options["user"], has_reload: has_reload?)
204
+ puts generator.generate_sudoers(options["user"], has_reload: has_reload?)
205
205
  when "services"
206
206
  return unless valid_create_options?(options)
207
207
 
@@ -212,13 +212,15 @@ module Procsd
212
212
  puts service_data[:content]
213
213
  puts "---\n\n"
214
214
  end
215
+ when "certbot_command"
216
+ puts get_certbot_command.join(' ')
215
217
  else
216
218
  raise ArgumentError, "Wrong type of argument: #{name}"
217
219
  end
218
220
  end
219
221
 
220
222
  map exec: :__exec
221
- desc "exec", "Run app process"
223
+ desc "exec", "Run single app process with environment"
222
224
  option :dev, type: :boolean, banner: "Require dev_environment (in additional to base env) defined in procsd.yml"
223
225
  def __exec(process_name)
224
226
  preload!
@@ -297,19 +299,9 @@ module Procsd
297
299
  # Reference: https://certbot.eff.org/docs/using.html#certbot-command-line-options
298
300
  # How it works in Caddy https://caddyserver.com/docs/automatic-https
299
301
  if nginx["ssl"]
300
- command = %w(sudo certbot --agree-tos --no-eff-email --redirect --non-interactive --nginx)
301
- nginx["server_name"].split(" ").map(&:strip).each do |domain|
302
- command.push("-d", domain)
303
- end
304
-
305
- if email = ENV["CERTBOT_EMAIL"]
306
- command.push("--email", email)
307
- else
308
- command << "--register-unsafely-without-email"
309
- end
310
-
302
+ certbot_command = get_certbot_command
311
303
  say "Trying to obtain SSL certificate for Nginx config using Certbot..."
312
- if execute command
304
+ if execute certbot_command
313
305
  say("Successfully installed SSL cert using Certbot", :green)
314
306
  else
315
307
  msg = "Failed to install SSL cert using Certbot. Make sure that all provided domains are pointing to this server IP."
@@ -323,6 +315,20 @@ module Procsd
323
315
  end
324
316
  end
325
317
 
318
+ def get_certbot_command
319
+ command = %w(sudo certbot --agree-tos --no-eff-email --redirect --non-interactive --nginx)
320
+
321
+ @config[:nginx]["server_name"].split(" ").map(&:strip).each do |domain|
322
+ command.push("-d", domain)
323
+ end
324
+
325
+ if email = ENV["CERTBOT_EMAIL"]
326
+ command.push("--email", email)
327
+ else
328
+ command << "--register-unsafely-without-email"
329
+ end
330
+ end
331
+
326
332
  def in_path?(name)
327
333
  system("which", name, [:out, :err] => "/dev/null")
328
334
  end
@@ -1,3 +1,3 @@
1
1
  module Procsd
2
- VERSION = "0.5.3"
2
+ VERSION = "0.5.4"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: procsd
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.3
4
+ version: 0.5.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Victor Afanasev
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-03-19 00:00:00.000000000 Z
11
+ date: 2020-05-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thor
@@ -124,7 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
124
124
  - !ruby/object:Gem::Version
125
125
  version: '0'
126
126
  requirements: []
127
- rubygems_version: 3.1.2
127
+ rubygems_version: 3.0.3
128
128
  signing_key:
129
129
  specification_version: 4
130
130
  summary: Manage your application processes in production hassle-free like Heroku CLI