procsd 0.5.3 → 0.5.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cdf2c20fbe8f6aada5790a37464fa13eceb7db3ec671a821c32a8ea6471e579d
4
- data.tar.gz: 4bdca0fd4c9b095a678988cde054031363ed80d5f48332ecc445803e16f402b0
3
+ metadata.gz: '09e6c1faceca84dc0337311001b11397aa338b25bc285960175e4537d3a38f71'
4
+ data.tar.gz: e1fc39db9a119b15d2042558b093ec222aed03baa67d75f824c3da8b99464e72
5
5
  SHA512:
6
- metadata.gz: ef4ac450a0847a268685a5c15f22772896d41de580b359d4a212432c31daed795b47d5e5d774e3307a20a3686f10372293ccc8047954b9b905321555de92ba79
7
- data.tar.gz: 1392ebe266e97c45a77fd72a0f55d0aa261720bdb0950369838403c4412e005eb16b3fefa33ff20211bc46e8435baf4a27ecf048407d89db1b0c9f0b9f549a7d
6
+ metadata.gz: d321a3cb39f9a5c442a6c088682b020fafa6fc59e6f03b892bd438df4a10b0fcc3490e5651e20eb060e920de22b7364425da07368f73305b089d63a791f4246c
7
+ data.tar.gz: ce218eae99a2bd36cbc771e3ba199e0ac9b68cb8736202f0ec171c74f36cef22bca84d89f7704d356c2ee29fb9cb2d7ac935e98cf76079500bd8ed6799067033
@@ -1,4 +1,8 @@
1
1
  # CHANGELOG
2
+ ## 0.5.4
3
+ * Add: information how to use SSL integration with Cloudflare CDN enabled
4
+ * Add: procsd config certbot_command command
5
+
2
6
  ## 0.5.3
3
7
  * Fix: procsd config sudoers command
4
8
  * Add: procsd config services command
data/README.md CHANGED
@@ -8,7 +8,7 @@ Can we have something similar on the cheap Ubuntu VPS from DigitalOcean? Yes we
8
8
 
9
9
  ## Getting started
10
10
 
11
- > **Note:** latest version of Procsd is `0.5.2`. Since version `0.4.0` there are some breaking changes. Check the [CHANGELOG.md](CHANGELOG.md). To update to the latest version, run `$ gem update procsd` or `$ bundle update procsd` (if you have already installed procsd).
11
+ > **Note:** latest version of Procsd is `0.5.3`. Since version `0.4.0` there are some breaking changes. Check the [CHANGELOG.md](CHANGELOG.md). To update to the latest version, run `$ gem update procsd` or `$ bundle update procsd` (if you have already installed procsd).
12
12
 
13
13
  > **Note:** Procsd works best with Capistrano integration: [vifreefly/capistrano-procsd](https://github.com/vifreefly/capistrano-procsd)
14
14
 
@@ -195,17 +195,19 @@ Currently, procsd can not run all processes in development like `foreman start`
195
195
  deploy@server:~/sample_app$ procsd exec web
196
196
 
197
197
  => Booting Puma
198
- => Rails 5.2.1 application starting in development
198
+ => Rails 5.2.1 application starting in production
199
199
  => Run `rails server -h` for more startup options
200
200
  Puma starting in single mode...
201
201
  * Version 3.12.0 (ruby 2.3.0-p0), codename: Llamas in Pajamas
202
202
  * Min threads: 5, max threads: 5
203
- * Environment: development
204
- * Listening on tcp://localhost:3000
203
+ * Environment: production
204
+ * Listening on tcp://localhost:2501
205
205
  Use Ctrl-C to stop
206
206
  ```
207
207
 
208
- `procsd exec` requres all the environment variables defined in `environment` section of `procsd.yml` config file. Sometimes in development mode you need different environment configuration. For that you can add additional environment section `dev_environment` and require it as well using `--dev` flag, example:
208
+ `procsd exec` requres all the environment variables defined in `environment` section of `procsd.yml` config file.
209
+
210
+ Sometimes in development mode you need different environment configuration. For that you can add additional environment section `dev_environment` and require it as well using `--dev` flag, example:
209
211
 
210
212
  ```yaml
211
213
  app: sample_app
@@ -215,14 +217,16 @@ environment:
215
217
  RAILS_LOG_TO_STDOUT: true
216
218
  dev_environment:
217
219
  RAILS_ENV: development
218
- SOME_OTHER_DEV_ENV_VARIABLE=value
220
+ SOME_OTHER_DEV_ENV_VARIABLE: value
219
221
  ```
220
222
 
221
223
  ```
222
- deploy@server:~/sample_app$ PORT=3000 procsd exec web --dev
224
+ # Run web process with all environment & dev_environment variables included:
225
+
226
+ deploy@server:~/sample_app$ procsd exec web --dev
223
227
  ```
224
228
 
225
- > The web process runs with all environment & dev_environment variables required.
229
+ > In case if `dev_environment` has env variable with the same name like in `environment`, this variable will be rewritten with value from `dev_environment`.
226
230
 
227
231
 
228
232
  ### Nginx integration (with automatic HTTPS)
@@ -318,11 +322,11 @@ Everything is done. Start app services (`procsd start`) and go to `http://my-dom
318
322
 
319
323
  To generate Nginx config with free SSL certificate (from [Let’s Encrypt](https://letsencrypt.org/)) included, you need to install [Certbot](https://certbot.eff.org/) on the remote server first:
320
324
 
321
- ```
322
- sudo apt install software-properties-common
323
- sudo add-apt-repository ppa:certbot/certbot
324
- sudo apt update
325
- sudo apt-get install python-certbot-nginx
325
+ ```bash
326
+ $ sudo apt install software-properties-common
327
+ $ sudo add-apt-repository ppa:certbot/certbot
328
+ $ sudo apt update
329
+ $ sudo apt install certbot python-certbot-nginx
326
330
  ```
327
331
 
328
332
  > When you install certbot, it automatically setup a cron job (twice per day) to renew expiring certificates ([Automated Renewals](https://certbot.eff.org/docs/using.html#automated-renewals)), so you don't have to worry about renewing certificates manually.
@@ -336,7 +340,7 @@ nginx:
336
340
  ssl: true # added
337
341
  ```
338
342
 
339
- Configuration is done. **Make sure that all domains defined in procsd (nginx.server_name) are pointing to the server IP** where application is hosted. Then run `procsd create` as usual:
343
+ Configuration is done. **Make sure that all domains defined in procsd (nginx.server_name) are pointing to the server IP** where application is hosted. Then run `procsd create` _(you will probably need first run `procsd destroy` if app services already exists)_ as usual:
340
344
 
341
345
  > By default Certbot obtaining certificate from _Let's Encrypt_ without a contact email. If you want to provide contact email, define env variable `CERTBOT_EMAIL` with your email in the `.env` file.
342
346
 
@@ -404,26 +408,82 @@ Successfully installed SSL cert using certbot
404
408
  That's it. Start app services (`procsd start`) and go to `https://my-domain.com` where you'll see your application proxying with Nginx and SSL enabled.
405
409
 
406
410
 
411
+ <details/>
412
+ <summary>Note about using Cloudflare CDN</summary><br>
413
+
414
+ If you use Cloudflare CDN, that means the process of obtaining Let's Encrypt SSL Certificate will fail. To fix it, install `python-certbot-dns-cloudflare` package:
415
+
416
+ ```bash
417
+ $ sudo apt install certbot python-certbot-dns-cloudflare
418
+ ```
419
+
420
+ Read instructions [here how to get Cloudflare API Token and obtain certificates](https://certbot-dns-cloudflare.readthedocs.io/en/stable/). In short,
421
+
422
+ **1)** Go to https://dash.cloudflare.com/profile/api-tokens and [get your API Token](https://support.cloudflare.com/hc/en-us/articles/200167836-Where-do-I-find-my-Cloudflare-API-key-).
423
+
424
+ **2)** Create on the server `~/.secrets/certbot/` directory with `cloudflare.ini` file inside:
425
+
426
+ ```bash
427
+ $ mkdir -p ~/.secrets/certbot/
428
+ $ chmod 0700 ~/.secrets/
429
+ $ touch ~/.secrets/certbot/cloudflare.ini
430
+ $ chmod 0400 ~/.secrets/certbot/cloudflare.ini
431
+ ```
432
+
433
+ **3)** Put inside `cloudflare.ini` file your Cloudflare token:
434
+
435
+ ```bash
436
+ $ sudo nano ~/.secrets/certbot/cloudflare.ini
437
+ ```
438
+
439
+ ```bash
440
+ # ~/.secrets/certbot/cloudflare.ini
441
+
442
+ # Cloudflare API token (example) used by Certbot:
443
+ dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567
444
+ ```
445
+
446
+ **4)** Obtain certificates for all your domains declared in `procsd.yml` using _certbot-dns-cloudflare_ plugin:
447
+
448
+ ```bash
449
+ # Example command for my-domain.com domain:
450
+
451
+ $ sudo certbot certonly --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini -d my-domain.com
452
+ ```
453
+
454
+ **5)** If all went fine, update Nginx application config with new certificates (using certbot command). To get required certbot command type `$ procsd config certbot_command`, then execute it:
455
+
456
+ ```bash
457
+ # Example command for my-domain.com domain:
458
+
459
+ $ sudo certbot --agree-tos --no-eff-email --redirect --non-interactive --nginx -d my-domain.com --register-unsafely-without-email
460
+ ```
461
+
462
+ All is done!
463
+
464
+ </details><br>
465
+
466
+
407
467
  ## All available commands
408
468
 
409
469
  ```
410
470
  $ procsd --help
411
471
 
412
472
  Commands:
413
- procsd --version, -v # Print the version
414
- procsd config # Print config files based on current settings. Available types: sudoers
415
473
  procsd create # Create and enable app services
416
474
  procsd destroy # Stop, disable and remove app services
417
- procsd disable # Disable app target
475
+ procsd start # Start app services
476
+ procsd stop # Stop app services
477
+ procsd restart # Restart app services
418
478
  procsd enable # Enable app target
419
- procsd exec # Run app process
420
- procsd help [COMMAND] # Describe available commands or one specific command
421
- procsd list # List all app services
479
+ procsd disable # Disable app target
422
480
  procsd logs # Show app services logs
423
- procsd restart # Restart app services
424
- procsd start # Start app services
425
481
  procsd status # Show app services status
426
- procsd stop # Stop app services
482
+ procsd list # List all app services
483
+ procsd exec # Run single app process with environment
484
+ procsd config # Print config files based on current settings. Available types: sudoers, services, certbot_command
485
+ procsd help [COMMAND] # Describe available commands or one specific command
486
+ procsd --version, -v # Print the version
427
487
  ```
428
488
 
429
489
 
@@ -443,6 +503,7 @@ Commands:
443
503
  ## Notes
444
504
 
445
505
  * If you want to set environment variables per process, [use format](https://github.com/ddollar/foreman/wiki/Per-Process-Environment-Variables) like Foreman recommends.
506
+
446
507
  * To print commands before execution, provide env variable `VERBOSE=true` before procsd command. Example:
447
508
 
448
509
  ```
@@ -455,6 +516,7 @@ Execute: journalctl --no-pager --no-hostname --all --output short-iso -n 3 --uni
455
516
  2018-11-04T19:11:59+0400 sample_app-worker.2[29907]: 2018-11-04T15:11:59.597Z 29907 TID-gne5aeyuz INFO: Booting Sidekiq 5.2.2 with redis options {:id=>"Sidekiq-server-PID-29907", :url=>nil}
456
517
  2018-11-04T19:11:59+0400 sample_app-worker.2[29907]: 2018-11-04T15:11:59.601Z 29907 TID-gne5aeyuz INFO: Starting processing, hit Ctrl-C to stop
457
518
  ```
519
+
458
520
  * You can use extended format of processes commands inside `procsd.yml` to provide additional restart/stop commands for each process:
459
521
 
460
522
  > All possible options: `ExecStart`, `ExecReload` and `ExecStop`
@@ -472,6 +534,9 @@ processes:
472
534
 
473
535
  Why? For example default Ruby on Rails application server [Puma](http://puma.io/) supports [Phased or Rolling restart](https://github.com/puma/puma/blob/master/docs/restart.md#normal-vs-hot-vs-phased-restart) feature. If you provide separate `ExecReload`command for a process, then this command will be called while executing `$ procsd restart` by systemd instead of just killing and starting process again.
474
536
 
537
+ * If you use Nginx integration but default Nginx requests timeout (60s) is too small for you, [you can set a custom timeout](https://serverfault.com/a/777753) in the global Nginx config.
538
+
539
+
475
540
  ## Capistrano integration
476
541
 
477
542
  https://github.com/vifreefly/capistrano-procsd
@@ -192,7 +192,7 @@ module Procsd
192
192
  execute command, type: :exec
193
193
  end
194
194
 
195
- desc "config", "Print config files based on current settings. Available types: sudoers, services"
195
+ desc "config", "Print config files based on current settings. Available types: sudoers, services, certbot_command"
196
196
  def config(name)
197
197
  preload!
198
198
 
@@ -201,7 +201,7 @@ module Procsd
201
201
 
202
202
  case name
203
203
  when "sudoers"
204
- say generator.generate_sudoers(options["user"], has_reload: has_reload?)
204
+ puts generator.generate_sudoers(options["user"], has_reload: has_reload?)
205
205
  when "services"
206
206
  return unless valid_create_options?(options)
207
207
 
@@ -212,13 +212,15 @@ module Procsd
212
212
  puts service_data[:content]
213
213
  puts "---\n\n"
214
214
  end
215
+ when "certbot_command"
216
+ puts get_certbot_command.join(' ')
215
217
  else
216
218
  raise ArgumentError, "Wrong type of argument: #{name}"
217
219
  end
218
220
  end
219
221
 
220
222
  map exec: :__exec
221
- desc "exec", "Run app process"
223
+ desc "exec", "Run single app process with environment"
222
224
  option :dev, type: :boolean, banner: "Require dev_environment (in additional to base env) defined in procsd.yml"
223
225
  def __exec(process_name)
224
226
  preload!
@@ -297,19 +299,9 @@ module Procsd
297
299
  # Reference: https://certbot.eff.org/docs/using.html#certbot-command-line-options
298
300
  # How it works in Caddy https://caddyserver.com/docs/automatic-https
299
301
  if nginx["ssl"]
300
- command = %w(sudo certbot --agree-tos --no-eff-email --redirect --non-interactive --nginx)
301
- nginx["server_name"].split(" ").map(&:strip).each do |domain|
302
- command.push("-d", domain)
303
- end
304
-
305
- if email = ENV["CERTBOT_EMAIL"]
306
- command.push("--email", email)
307
- else
308
- command << "--register-unsafely-without-email"
309
- end
310
-
302
+ certbot_command = get_certbot_command
311
303
  say "Trying to obtain SSL certificate for Nginx config using Certbot..."
312
- if execute command
304
+ if execute certbot_command
313
305
  say("Successfully installed SSL cert using Certbot", :green)
314
306
  else
315
307
  msg = "Failed to install SSL cert using Certbot. Make sure that all provided domains are pointing to this server IP."
@@ -323,6 +315,20 @@ module Procsd
323
315
  end
324
316
  end
325
317
 
318
+ def get_certbot_command
319
+ command = %w(sudo certbot --agree-tos --no-eff-email --redirect --non-interactive --nginx)
320
+
321
+ @config[:nginx]["server_name"].split(" ").map(&:strip).each do |domain|
322
+ command.push("-d", domain)
323
+ end
324
+
325
+ if email = ENV["CERTBOT_EMAIL"]
326
+ command.push("--email", email)
327
+ else
328
+ command << "--register-unsafely-without-email"
329
+ end
330
+ end
331
+
326
332
  def in_path?(name)
327
333
  system("which", name, [:out, :err] => "/dev/null")
328
334
  end
@@ -1,3 +1,3 @@
1
1
  module Procsd
2
- VERSION = "0.5.3"
2
+ VERSION = "0.5.4"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: procsd
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.3
4
+ version: 0.5.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Victor Afanasev
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-03-19 00:00:00.000000000 Z
11
+ date: 2020-05-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thor
@@ -124,7 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
124
124
  - !ruby/object:Gem::Version
125
125
  version: '0'
126
126
  requirements: []
127
- rubygems_version: 3.1.2
127
+ rubygems_version: 3.0.3
128
128
  signing_key:
129
129
  specification_version: 4
130
130
  summary: Manage your application processes in production hassle-free like Heroku CLI