prun-ops 0.3.0 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +25 -3
- data/lib/capistrano/config/app.rake +0 -12
- data/lib/capistrano/config/nginx.rake +3 -6
- data/lib/capistrano/config/postgres.rake +4 -2
- data/lib/capistrano/config/templates/vhost.conf.erb +6 -0
- data/lib/capistrano/config/templates/vhost_ssl.conf.erb +7 -0
- data/lib/capistrano/config/ubuntu.rake +1 -1
- data/lib/capistrano/prun-ops.rb +1 -1
- data/lib/prun-ops/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 611578094a2a464881d040c4198a388ea290a325cd12226addc6821bc99b75e9
|
|
4
|
+
data.tar.gz: f7a716870e424f577ad27df87b86588a13a1fabbc45158066dfa944fe5cc3c99
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 284f0a9aea2ae885ac64871bdbf98ea121d8184623df22c3e58cba73c66690881bb6fe769d6fe771db0871375ff7103836bdfaf849782279e8a32879c1d0453a
|
|
7
|
+
data.tar.gz: 6ceac8d461ad1896e53a3557363f857bf2ac46c5d7e3b763f42f4193858eadb2af0b6c7e2169fb8fb7787b98b4b65d58ef468d5d78d61a8e99f040791238fb02
|
data/README.md
CHANGED
|
@@ -49,6 +49,28 @@ Dir.glob('lib/capistrano/tasks/*.rake').each { |r| import r }
|
|
|
49
49
|
Dir.glob('lib/capistrano/tasks/*.cap').each { |r| import r }
|
|
50
50
|
```
|
|
51
51
|
|
|
52
|
+
In order to configure RVM and PUMA you have here the params:
|
|
53
|
+
|
|
54
|
+
```ruby
|
|
55
|
+
set :rvm_ruby_version, "ruby-3.2.2"
|
|
56
|
+
set :rvm_custom_path, "/usr/share/rvm"
|
|
57
|
+
|
|
58
|
+
|
|
59
|
+
#PUMA:
|
|
60
|
+
# Run 'cap production puma:systemd:config' to setup teh linux service
|
|
61
|
+
|
|
62
|
+
# set :puma_threads, [4, 16]
|
|
63
|
+
# set :puma_workers, 0
|
|
64
|
+
set :puma_service_unit_type, "notify"
|
|
65
|
+
set :puma_access_log, "#{release_path}/log/puma.access.log"
|
|
66
|
+
set :puma_error_log, "#{release_path}/log/puma.error.log"
|
|
67
|
+
set :puma_bind, "tcp://0.0.0.0:3000"
|
|
68
|
+
# set :puma_conf, "#{shared_path}/puma.rb"
|
|
69
|
+
# set :puma_state, "#{shared_path}/tmp/pids/puma.state"
|
|
70
|
+
# set :puma_pid, "#{shared_path}/tmp/pids/puma.pid"
|
|
71
|
+
# set :puma_preload_app, true
|
|
72
|
+
```
|
|
73
|
+
|
|
52
74
|
Notice that you are adding all prun-ops tasks with the line `require 'capistrano/prun-ops'`
|
|
53
75
|
|
|
54
76
|
Your config/deploy/production.rb:
|
|
@@ -82,10 +104,10 @@ Secondary tasks:
|
|
|
82
104
|
- `cap [stg] nginx:[start|stop|restart]` start/stop nginx
|
|
83
105
|
- `cap [stg] nodejs:install` install node
|
|
84
106
|
- `cap [stg] redis:install` install redis server
|
|
85
|
-
- `cap [stg]
|
|
107
|
+
- `cap [stg] puma:install` install puma server
|
|
86
108
|
- `cap [stg] app:db_prepare`(DEPRECATED) database first load
|
|
87
|
-
- `cap [stg] nginx:cert` create SSL certificates with [Let's Encrypt](https://letsencrypt.org/)
|
|
88
|
-
- `cap [stg] nginx:ssl` configure nginx with SSL certificates
|
|
109
|
+
- `cap [stg] nginx:cert` create SSL certificates with [Let's Encrypt](https://letsencrypt.org/) and confiture nginx
|
|
110
|
+
- `cap [stg] nginx:ssl`(DEPRECATED) configure nginx with SSL certificates
|
|
89
111
|
|
|
90
112
|
Considerations:
|
|
91
113
|
-
|
|
@@ -1,17 +1,5 @@
|
|
|
1
1
|
namespace :app do
|
|
2
2
|
|
|
3
|
-
task :prepare do
|
|
4
|
-
on roles(:app) do
|
|
5
|
-
template 'app_init.sh', "/etc/init.d/#{fetch :application}"
|
|
6
|
-
execute <<-EOBLOCK
|
|
7
|
-
sudo thin config -C /etc/thin/#{fetch :application}.yml -c /var/www/#{fetch :application}/current -l log/thin.log -e #{fetch :stage} --servers 1 --port 3000
|
|
8
|
-
sudo chmod a+x /etc/init.d/#{fetch :application}
|
|
9
|
-
sudo update-rc.d #{fetch :application} defaults
|
|
10
|
-
sudo systemctl daemon-reload
|
|
11
|
-
EOBLOCK
|
|
12
|
-
end
|
|
13
|
-
end
|
|
14
|
-
|
|
15
3
|
task :db_prepare do
|
|
16
4
|
on roles(:app) do
|
|
17
5
|
invoke 'deploy:starting'
|
|
@@ -13,12 +13,9 @@ namespace :nginx do
|
|
|
13
13
|
on roles(:web, :api) do |host|
|
|
14
14
|
run_locally do
|
|
15
15
|
run_in host, <<-EOBLOCK
|
|
16
|
-
sudo
|
|
17
|
-
sudo
|
|
18
|
-
sudo
|
|
19
|
-
sudo mkdir /var/www/#{fetch :application}/current/public/.well-known
|
|
20
|
-
sudo certbot-auto certonly -a webroot --webroot-path=/var/www/#{fetch :application}/current/public -d #{host.hostname}
|
|
21
|
-
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
|
|
16
|
+
sudo snap install --classic certbot
|
|
17
|
+
sudo ln -s /snap/bin/certbot /usr/bin/certbot
|
|
18
|
+
sudo certbot --nginx -m admin@#{host.hostname} --non-interactive --agree-tos --domains #{host.hostname}
|
|
22
19
|
EOBLOCK
|
|
23
20
|
end
|
|
24
21
|
end
|
|
@@ -25,8 +25,8 @@ namespace :postgres do
|
|
|
25
25
|
execute <<-EOBLOCK
|
|
26
26
|
sudo sed -i "s/#listen_addresses = 'localhost'/listen_addresses = '*'/" /etc/postgresql/#{version}/main/postgresql.conf
|
|
27
27
|
sudo sed -i "s/local all all peer/local all all md5/" /etc/postgresql/#{version}/main/pg_hba.conf
|
|
28
|
-
sudo sed -i "s/host all all 127.0.0.1/32
|
|
29
|
-
sudo sed -i "s/ssl =
|
|
28
|
+
sudo sed -i "s/host all all 127.0.0.1/32 scram-sha-256/host all all all scram-sha-256/" /etc/postgresql/#{version}/main/pg_hba.conf
|
|
29
|
+
sudo sed -i "s/ssl = on/ssl = off/" /etc/postgresql/#{version}/main/postgresql.conf
|
|
30
30
|
sudo service postgresql restart
|
|
31
31
|
EOBLOCK
|
|
32
32
|
|
|
@@ -36,6 +36,8 @@ namespace :postgres do
|
|
|
36
36
|
EOBLOCK
|
|
37
37
|
execute <<-EOBLOCK
|
|
38
38
|
sudo -u postgres psql -c "create database #{database};"
|
|
39
|
+
sudo -u postgres psql -c "grant all privileges on database #{database} to #{username};"
|
|
40
|
+
sudo -u postgres psql -c "alter user #{username} with superuser;"
|
|
39
41
|
EOBLOCK
|
|
40
42
|
|
|
41
43
|
invoke 'postgres:restart'
|
|
@@ -35,6 +35,13 @@ server {
|
|
|
35
35
|
stub_status on;
|
|
36
36
|
allow all;
|
|
37
37
|
}
|
|
38
|
+
location /cable {
|
|
39
|
+
proxy_pass http://0.0.0.0:3000;
|
|
40
|
+
proxy_http_version 1.1;
|
|
41
|
+
proxy_set_header Upgrade $http_upgrade;
|
|
42
|
+
proxy_set_header Connection "Upgrade";
|
|
43
|
+
}
|
|
44
|
+
|
|
38
45
|
location ~ /.well-known {
|
|
39
46
|
allow all;
|
|
40
47
|
}
|
|
@@ -8,7 +8,7 @@ namespace :ubuntu do
|
|
|
8
8
|
#{apt_nointeractive} libssl-dev libreadline-dev libgdbm-dev openssl
|
|
9
9
|
#{apt_nointeractive} libreadline6-dev libyaml-dev sqlite3 autoconf libgdbm-dev
|
|
10
10
|
#{apt_nointeractive} libcurl4 libcurl3-gnutls libcurl4-openssl-dev
|
|
11
|
-
#{apt_nointeractive} libncurses5-dev automake libtool bison pkg-config libffi-dev
|
|
11
|
+
#{apt_nointeractive} libncurses5-dev automake libtool bison pkg-config libffi-dev libvips
|
|
12
12
|
#{apt_nointeractive} software-properties-common gnupg2
|
|
13
13
|
EOBLOCK
|
|
14
14
|
end
|
data/lib/capistrano/prun-ops.rb
CHANGED
|
@@ -9,7 +9,7 @@ def template(template_name, target_path)
|
|
|
9
9
|
file = File.read("lib/capistrano/config/templates/#{template_name}.erb")
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
-
template = ERB.new file, nil, "%"
|
|
12
|
+
template = ERB.new file, nil, trim_mode: "%"
|
|
13
13
|
rendered = template.result(binding)
|
|
14
14
|
tmp_file = "/tmp/#{SecureRandom.hex}.#{template_name}"
|
|
15
15
|
upload! StringIO.new(rendered), tmp_file
|
data/lib/prun-ops/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: prun-ops
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Juan Lebrijo
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-07-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|