recap 0.1.0

data/doc/lib/recap/preflight.html

@@ -0,0 +1,158 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta http-equiv="content-type" content="text/html;charset=utf-8">
+  <title>preflight.rb</title>
+  <link rel="stylesheet" href="http://jashkenas.github.com/docco/resources/docco.css">
+</head>
+<body>
+<div id='container'>
+  <div id="background"></div>
+  <div id="jump_to">
+    Jump To &hellip;
+    <div id="jump_wrapper">
+      <div id="jump_page">
+          <a class="source" href="../../index.html">index.rb</a>
+          <a class="source" href="bundler.html">bundler.rb</a>
+          <a class="source" href="capistrano_extensions.html">capistrano_extensions.rb</a>
+          <a class="source" href="cli.html">cli.rb</a>
+          <a class="source" href="compatibility.html">compatibility.rb</a>
+          <a class="source" href="deploy.html">deploy.rb</a>
+          <a class="source" href="env.html">env.rb</a>
+          <a class="source" href="foreman.html">foreman.rb</a>
+          <a class="source" href="preflight.html">preflight.rb</a>
+          <a class="source" href="rails.html">rails.rb</a>
+          <a class="source" href="version.html">version.rb</a>
+      </div>
+    </div>
+  </div>
+  <table cellspacing=0 cellpadding=0>
+  <thead>
+    <tr>
+      <th class=docs><h1>preflight.rb</h1></th>
+      <th class=code></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr id='section-1'>
+      <td class=docs>
+        <div class="pilwrap">
+          <a class="pilcrow" href="#section-1">&#182;</a>
+        </div>
+        <p>Before <code>recap</code> will work correctly, a small amount of setup work needs to be performed on
+all target servers.</p>
+
+<p>First, each user who can deploy the app needs to have an account on each server, and must be able
+to ssh into the box.  They&rsquo;ll also each need to be sudoers.</p>
+
+<p>Secondly, each deploying user should set their git <code>user.name</code> and <code>user.email</code>.  This can easily
+be done by running:</p>
+
+<p><code>git config &mdash;global user.email &ldquo;you@example.com&rdquo;</code>
+<code>git config &mdash;global user.name &ldquo;Your Name&rdquo;</code></p>
+
+<p>Finally, a user and group representing the application (and usually with the same name) should be
+created.  Where possible, the application user will run application code, while the group will own
+application specific files.  Each deploying user should be added to the application group.</p>
+
+<p>This preflight recipe checks each of these things in turn, and attempts to give helpful advice
+should a check fail.</p>
+      </td>
+      <td class=code>
+        <div class='highlight'><pre><span class="no">Capistrano</span><span class="o">::</span><span class="no">Configuration</span><span class="o">.</span><span class="n">instance</span><span class="p">(</span><span class="ss">:must_exist</span><span class="p">)</span><span class="o">.</span><span class="n">load</span> <span class="k">do</span></pre></div>
+      </td>
+    </tr>
+    <tr id='section-2'>
+      <td class=docs>
+        <div class="pilwrap">
+          <a class="pilcrow" href="#section-2">&#182;</a>
+        </div>
+        <p>The preflight check is pretty quick, so run it before every <code>deploy:setup</code> and <code>deploy</code></p>
+      </td>
+      <td class=code>
+        <div class='highlight'><pre>  <span class="n">before</span> <span class="s1">&#39;deploy:setup&#39;</span><span class="p">,</span> <span class="s1">&#39;preflight:check&#39;</span>
+  <span class="n">before</span> <span class="s1">&#39;deploy&#39;</span><span class="p">,</span> <span class="s1">&#39;preflight:check&#39;</span>
+
+  <span class="n">set</span><span class="p">(</span><span class="ss">:remote_username</span><span class="p">)</span> <span class="p">{</span> <span class="n">capture</span><span class="p">(</span><span class="s1">&#39;whoami&#39;</span><span class="p">)</span><span class="o">.</span><span class="n">strip</span> <span class="p">}</span>
+
+  <span class="n">namespace</span> <span class="ss">:preflight</span> <span class="k">do</span>
+    <span class="n">task</span> <span class="ss">:check</span> <span class="k">do</span></pre></div>
+      </td>
+    </tr>
+    <tr id='section-3'>
+      <td class=docs>
+        <div class="pilwrap">
+          <a class="pilcrow" href="#section-3">&#182;</a>
+        </div>
+        <p>First check the <code>application_user</code> exists</p>
+      </td>
+      <td class=code>
+        <div class='highlight'><pre>      <span class="k">if</span> <span class="n">capture</span><span class="p">(</span><span class="s2">&quot;id </span><span class="si">#{</span><span class="n">application_user</span><span class="si">}</span><span class="s2"> &gt; /dev/null 2&gt;&amp;1; echo $?&quot;</span><span class="p">)</span><span class="o">.</span><span class="n">strip</span> <span class="o">!=</span> <span class="s2">&quot;0&quot;</span>
+        <span class="nb">abort</span> <span class="sx">%{</span>
+<span class="sx">The application user &#39;</span><span class="si">#{</span><span class="n">application_user</span><span class="si">}</span><span class="sx">&#39; doesn&#39;t exist.  You can create this user by logging into the server and running:</span>
+
+<span class="sx">    sudo useradd </span><span class="si">#{</span><span class="n">application_user</span><span class="si">}</span><span class="sx"></span>
+<span class="se">\n</span><span class="sx">}</span>
+      <span class="k">end</span></pre></div>
+      </td>
+    </tr>
+    <tr id='section-4'>
+      <td class=docs>
+        <div class="pilwrap">
+          <a class="pilcrow" href="#section-4">&#182;</a>
+        </div>
+        <p>Then the <code>application_group</code></p>
+      </td>
+      <td class=code>
+        <div class='highlight'><pre>      <span class="k">if</span> <span class="n">capture</span><span class="p">(</span><span class="s2">&quot;id -g </span><span class="si">#{</span><span class="n">application_group</span><span class="si">}</span><span class="s2"> &gt; /dev/null 2&gt;&amp;1; echo $?&quot;</span><span class="p">)</span><span class="o">.</span><span class="n">strip</span> <span class="o">!=</span> <span class="s2">&quot;0&quot;</span>
+        <span class="nb">abort</span> <span class="sx">%{</span>
+<span class="sx">The application group &#39;</span><span class="si">#{</span><span class="n">application_group</span><span class="si">}</span><span class="sx">&#39; doesn&#39;t exist.  You can create this group by logging into the server and running:</span>
+
+<span class="sx">    sudo groupadd </span><span class="si">#{</span><span class="n">application_group</span><span class="si">}</span><span class="sx"></span>
+<span class="sx">    sudo usermod --append -G </span><span class="si">#{</span><span class="n">application_group</span><span class="si">}</span><span class="sx"> </span><span class="si">#{</span><span class="n">application_user</span><span class="si">}</span><span class="sx"></span>
+<span class="se">\n</span><span class="sx">}</span>
+      <span class="k">end</span></pre></div>
+      </td>
+    </tr>
+    <tr id='section-5'>
+      <td class=docs>
+        <div class="pilwrap">
+          <a class="pilcrow" href="#section-5">&#182;</a>
+        </div>
+        <p>Check the git configuration exists</p>
+      </td>
+      <td class=code>
+        <div class='highlight'><pre>      <span class="k">if</span> <span class="n">capture</span><span class="p">(</span><span class="s1">&#39;git config user.name || true&#39;</span><span class="p">)</span><span class="o">.</span><span class="n">strip</span><span class="o">.</span><span class="n">empty?</span> <span class="o">||</span> <span class="n">capture</span><span class="p">(</span><span class="s1">&#39;git config user.email || true&#39;</span><span class="p">)</span><span class="o">.</span><span class="n">strip</span><span class="o">.</span><span class="n">empty?</span>
+        <span class="nb">abort</span> <span class="sx">%{</span>
+<span class="sx">Your remote user must have a git user.name and user.email set.  You can set these by logging into the server as </span><span class="si">#{</span><span class="n">remote_username</span><span class="si">}</span><span class="sx"> and running:</span>
+
+<span class="sx">    git config --global user.email &quot;you@example.com&quot;</span>
+<span class="sx">    git config --global user.name &quot;Your Name&quot;</span>
+<span class="se">\n</span><span class="sx">}</span>
+      <span class="k">end</span></pre></div>
+      </td>
+    </tr>
+    <tr id='section-6'>
+      <td class=docs>
+        <div class="pilwrap">
+          <a class="pilcrow" href="#section-6">&#182;</a>
+        </div>
+        <p>And finally check the remote user is a member of the <code>application_group</code></p>
+
+      </td>
+      <td class=code>
+        <div class='highlight'><pre>      <span class="k">unless</span> <span class="n">capture</span><span class="p">(</span><span class="s1">&#39;groups&#39;</span><span class="p">)</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s2">&quot; &quot;</span><span class="p">)</span><span class="o">.</span><span class="n">include?</span><span class="p">(</span><span class="n">application_group</span><span class="p">)</span>
+        <span class="nb">abort</span> <span class="sx">%{</span>
+<span class="sx">Your remote user must be a member of the &#39;</span><span class="si">#{</span><span class="n">application_group</span><span class="si">}</span><span class="sx">&#39; group in order to perform deployments.  You can add yourself to this group by logging into the server and running:</span>
+
+<span class="sx">    sudo usermod --append -G </span><span class="si">#{</span><span class="n">application_group</span><span class="si">}</span><span class="sx"> </span><span class="si">#{</span><span class="n">remote_username</span><span class="si">}</span><span class="sx"></span>
+<span class="se">\n</span><span class="sx">}</span>
+      <span class="k">end</span>
+    <span class="k">end</span>
+  <span class="k">end</span>
+<span class="k">end</span></pre></div>
+      </td>
+    </tr>
+  </table>
+</div>
+</body>

data/doc/lib/recap/rails.html

@@ -0,0 +1,39 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta http-equiv="content-type" content="text/html;charset=utf-8">
+  <title>rails.rb</title>
+  <link rel="stylesheet" href="http://jashkenas.github.com/docco/resources/docco.css">
+</head>
+<body>
+<div id='container'>
+  <div id="background"></div>
+  <div id="jump_to">
+    Jump To &hellip;
+    <div id="jump_wrapper">
+      <div id="jump_page">
+          <a class="source" href="../../index.html">index.rb</a>
+          <a class="source" href="bundler.html">bundler.rb</a>
+          <a class="source" href="capistrano_extensions.html">capistrano_extensions.rb</a>
+          <a class="source" href="cli.html">cli.rb</a>
+          <a class="source" href="compatibility.html">compatibility.rb</a>
+          <a class="source" href="deploy.html">deploy.rb</a>
+          <a class="source" href="env.html">env.rb</a>
+          <a class="source" href="foreman.html">foreman.rb</a>
+          <a class="source" href="preflight.html">preflight.rb</a>
+          <a class="source" href="rails.html">rails.rb</a>
+          <a class="source" href="version.html">version.rb</a>
+      </div>
+    </div>
+  </div>
+  <table cellspacing=0 cellpadding=0>
+  <thead>
+    <tr>
+      <th class=docs><h1>rails.rb</h1></th>
+      <th class=code></th>
+    </tr>
+  </thead>
+  <tbody>
+  </table>
+</div>
+</body>

data/doc/lib/recap/version.html

@@ -0,0 +1,39 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta http-equiv="content-type" content="text/html;charset=utf-8">
+  <title>version.rb</title>
+  <link rel="stylesheet" href="http://jashkenas.github.com/docco/resources/docco.css">
+</head>
+<body>
+<div id='container'>
+  <div id="background"></div>
+  <div id="jump_to">
+    Jump To &hellip;
+    <div id="jump_wrapper">
+      <div id="jump_page">
+          <a class="source" href="../../index.html">index.rb</a>
+          <a class="source" href="bundler.html">bundler.rb</a>
+          <a class="source" href="capistrano_extensions.html">capistrano_extensions.rb</a>
+          <a class="source" href="cli.html">cli.rb</a>
+          <a class="source" href="compatibility.html">compatibility.rb</a>
+          <a class="source" href="deploy.html">deploy.rb</a>
+          <a class="source" href="env.html">env.rb</a>
+          <a class="source" href="foreman.html">foreman.rb</a>
+          <a class="source" href="preflight.html">preflight.rb</a>
+          <a class="source" href="rails.html">rails.rb</a>
+          <a class="source" href="version.html">version.rb</a>
+      </div>
+    </div>
+  </div>
+  <table cellspacing=0 cellpadding=0>
+  <thead>
+    <tr>
+      <th class=docs><h1>version.rb</h1></th>
+      <th class=code></th>
+    </tr>
+  </thead>
+  <tbody>
+  </table>
+</div>
+</body>

data/index.rb

@@ -0,0 +1,53 @@
+# This is the annotated source code and documentation for
+# [recap](http://github.com/freerange/recap), a simple, opinionated set of capistrano
+# deployment recipes.  Inspired by
+# [this blog post](https://github.com/blog/470-deployment-script-spring-cleaning), these recipes use
+# git's strengths to deploy applications in a faster, simpler manner than a standard capistrano
+# deployment.  Using git to manage release versions means apps can be deployed to a single directory.
+# There's no need for `releases`, `shared` or `current` folders, and no symlinking.
+
+# ### Goals ###
+
+# These deployment recipes try to do the following:
+
+# Run all commands as the `application_user`, loading the full user environment.  The only
+# exceptions are `git` commands (which often rely on SSH agent forwarding for authentication), and anything
+# that requires `sudo`.
+#
+
+# Use `git` to avoid unecessary work.  If the `Gemfile.lock` hasn't changed, there's no need to run
+# `bundle install`.  Similarly if there are no new migrations, why do `rake db:migrate`.  Faster deploys
+# mean more frequent deploys, which in our experience leads to better applications.
+#
+
+# Avoid the use of `sudo` (other than to change to the `application_user`).  As much as possible, `sudo`
+# is only used to `su` to the `application_user` before running a command.  To avoid typing a password
+# to perform the majority of deployment tasks, this code can be added to
+# `/etc/sudoers.d/application` (change `application` to the name of your app).
+
+%application ALL=NOPASSWD: /sbin/start application*
+%application ALL=NOPASSWD: /sbin/stop application*
+%application ALL=NOPASSWD: /sbin/restart application*
+%application ALL=NOPASSWD: /bin/su - application*
+%application ALL=NOPASSWD: /bin/su application*
+
+# ### Code layout ###
+
+# The main deployment tasks are defined in [recap.rb](lib/recap.html).  Automatic
+# checks to ensure servers are correctly setup are in
+# [recap/preflight.rb](lib/recap/preflight.html).
+
+# In addition, there are extensions for [bundler](lib/recap/bundler.html) and
+# [foreman](lib/recap/foreman.html).
+
+# For (limited) compatability with other existing recipes, see
+# [compatibility](lib/recap/compatibility.html)
+
+# ### Deployment target ###
+
+# These recipes have been run successful against Ubuntu.
+
+# The application should be run as the application user; if using Apache and Passenger, you should set the `PassengerDefaultUser` directive to be the same as the `application_user`.
+
+# The code is available [on github](http://github.com/freerange/recap) and released under the
+# [MIT License](https://github.com/freerange/recap/blob/master/LICENSE)

data/lib/recap/bundler.rb

@@ -0,0 +1,45 @@
+# The bundler recipe ensures that the application bundle is installed whenever the code is updated.
+
+Capistrano::Configuration.instance(:must_exist).load do
+  # Each bundle is declared in a `Gemfile`, by default in the root of the application directory
+  set(:bundle_gemfile) { "#{deploy_to}/Gemfile" }
+
+  # As well as a `Gemfile`, application repositories should also contain a `Gemfile.lock`.
+  set(:bundle_gemfile_lock) { "#{bundle_gemfile}.lock" }
+
+  # An application's gems are installed within the application directory.  By default they are
+  # places under `.bundle/gems`.
+  set(:bundle_dir) { "#{deploy_to}/.bundle/gems" }
+
+  # Not all gems are needed for production environments, so by default the `development`, `test` and
+  # `assets` groups are skipped.
+  set(:bundle_without) { "development test assets" }
+
+  namespace :bundle do
+    namespace :install do
+      # After cloning or updating the code, we only install the bundle if the `Gemfile` has changed.
+      desc "Install the latest gem bundle only if Gemfile.lock has changed"
+      task :if_changed do
+        if deployed_file_changed?(bundle_gemfile_lock)
+          top.bundle.install.default
+        end
+      end
+
+      # Occassionally it's useful to force an install (such as if something has gone wrong in
+      # a previous deployment)
+      desc "Install the latest gem bundle"
+      task :default do
+        if deployed_file_exists?(bundle_gemfile)
+          bundler "install --gemfile #{bundle_gemfile} --path #{bundle_dir} --deployment --quiet --binstubs --without #{bundle_without}"
+        else
+          puts "Skipping bundle:install as no Gemfile found"
+        end
+      end
+    end
+  end
+
+  # To install the bundle automatically each time the code is updated or cloned, hooks are added to
+  # the `deploy:clone_code` and `deploy:update_code` tasks.
+  after 'deploy:clone_code', 'bundle:install:if_changed'
+  after 'deploy:update_code', 'bundle:install:if_changed'
+end

data/lib/recap/capistrano_extensions.rb

@@ -0,0 +1,72 @@
+require 'tempfile'
+
+module Recap
+  module CapistranoExtensions
+    # Run a command as the given user
+    def as_user(user, command, pwd = deploy_to)
+      sudo "su - #{user} -c 'cd #{pwd} && #{command}'"
+    end
+
+    # Run a command as root
+    def as_root(command, pwd = deploy_to)
+      as_user 'root', command, pwd
+    end
+
+    # Run a command as the application user
+    def as_app(command, pwd = deploy_to)
+      as_user application_user, command, pwd
+    end
+
+    # Put a string into a file as the application user
+    def put_as_app(string, path)
+      as_app "touch #{path} && chmod g+rw #{path}"
+      put string, path
+    end
+
+    def edit_file(path)
+      if editor = ENV['DEPLOY_EDITOR'] || ENV['EDITOR']
+        as_app "touch #{path} && chmod g+rw #{path}"
+        local_path = Tempfile.new('deploy-edit').path
+        get(path, local_path)
+        `#{editor} #{local_path}`
+        upload(local_path, path)
+      else
+        abort "To edit a remote file, either the EDITOR or DEPLOY_EDITOR environment variables must be set"
+      end
+    end
+
+    # Run a git command in the `deploy_to` directory
+    def git(command)
+      run "cd #{deploy_to} && git #{command}"
+    end
+
+    # Capture the result of a git command run within the `deploy_to` directory
+    def capture_git(command)
+      capture "cd #{deploy_to} && git #{command}"
+    end
+
+    # Run a bundle command in the `deploy_to` directory
+    def bundler(command)
+      as_app "bundle #{command}"
+    end
+
+    # Find the latest tag from the repository.  As `git tag` returns tags in order, and our release
+    # tags are timestamps, the latest tag will always be the last in the list.
+    def latest_tag_from_repository
+      result = capture_git("tag | tail -n1").strip
+      result.empty? ? nil : result
+    end
+
+    # Does the given file exist within the deployment directory?
+    def deployed_file_exists?(path)
+      capture("cd #{deploy_to} && [ -f #{path} ]; echo $?").strip == "0"
+    end
+
+    # Has the given path been created or changed since the previous deployment?  During the first
+    # successful deployment this will always return true.
+    def deployed_file_changed?(path)
+      return true unless latest_tag
+      capture_git("diff --exit-code #{latest_tag} origin/#{branch} #{path} > /dev/null; echo $?").strip == "1"
+    end
+  end
+end

data/lib/recap/cli.rb

@@ -0,0 +1,32 @@
+require 'thor'
+
+module Recap
+  class CLI < Thor
+    include Thor::Actions
+
+    attr_accessor :name, :repository
+
+    def self.source_root
+      File.expand_path("../templates", __FILE__)
+    end
+
+    desc 'setup', 'Setup basic capistrano recipes, e.g: recap setup'
+    method_option :name, :aliases => "-n"
+    method_option :repository, :aliases => "-r"
+    def setup
+      self.name = options["name"] || guess_name
+      self.repository = options["repo"] || guess_repository
+      template 'Capfile.erb', 'Capfile'
+    end
+
+    private
+
+    def guess_name
+      Dir.pwd.split(File::SEPARATOR).last
+    end
+
+    def guess_repository
+      `git remote -v`.split[1]
+    end
+  end
+end

data/lib/recap/compatibility.rb

@@ -0,0 +1,14 @@
+# `recap` isn't intended to be compatible with tasks (such as those within the `bundler`
+# or `whenever` projects) that are built on the original capistrano deployment recipes.  At times
+# though there are tasks that would work, but for some missing (and redundant) settings.  
+#
+# Including this recipe adds these legacy settings, but provides no guarantee that original tasks
+# will work.  Many are based on assumptions about the deployment layout that no longer hold true.
+
+Capistrano::Configuration.instance(:must_exist).load do
+  extend Recap::CapistranoExtensions
+
+  # As `git` to manages releases, all deployments are placed directly in the `deploy_to` folder.  The
+  # `current_path` is always this directory (no symlinking required).
+  set(:current_path) { deploy_to }
+end

data/lib/recap/deploy/templates/Capfile.erb

@@ -0,0 +1,6 @@
+require "recap/deploy"
+
+set :application, "<%= name %>"
+
+set :repository,  "<%= repository %>"
+set :branch, "master"

data/lib/recap/deploy.rb

@@ -0,0 +1,133 @@
+require 'recap/capistrano_extensions'
+require 'recap/bundler'
+require 'recap/preflight'
+
+Capistrano::Configuration.instance(:must_exist).load do
+  extend Recap::CapistranoExtensions
+
+  # To use this recipe, both the application's name and its git repository are required.
+  set(:application) { abort "You must set the name of your application in your Capfile, e.g.: set :application, 'tomafro.net'" }
+  set(:repository) { abort "You must set the git respository location in your Capfile, e.g.: set :respository, 'git@github.com/tomafro/tomafro.net'"}
+
+  # The recipe assumes that the application code will be run as a dedicated user.  Any any user who
+  # can deploy the application should be added as a member of the application's group.  By default,
+  # both the application user and group take the same name as the application.
+  set(:application_user) { application }
+  set(:application_group) { application_user }
+
+  # Deployments can be made from any branch. `master` is used by default.
+  set(:branch, 'master')
+
+  # Unlike a standard capistrano deployment, all releases are stored directly in the `deploy_to`
+  # directory.  The default is `/home/#{application_user}/apps/#{application}`.
+  set(:deploy_to)   { "/home/#{application_user}/apps/#{application}" }
+
+  # Each release is marked by a unique tag, generated with the current timestamp.  While this can be
+  # changed, it's not recommended, as the sort order of the tag names is important; later tags must
+  # be listed after earlier tags.
+  set(:release_tag) { "#{Time.now.utc.strftime("%Y%m%d%H%M%S")}"}
+
+  # On tagging a release, a message is also recorded alongside the tag.  This message can contain
+  # anything useful - its contents are not important for the recipe.
+  set(:release_message, "Deployed at #{Time.now}")
+
+  # Some tasks need to know the `latest_tag` - the most recent successful deployment.  If no
+  # deployments have been made, this will be `nil`.
+  set(:latest_tag) { latest_tag_from_repository }
+
+  # To authenticate with github or other git servers, it is easier (and cleaner) to forward the
+  # deploying user's ssh key than manage keys on deployment servers.
+  ssh_options[:forward_agent] = true
+
+  # If key forwarding isn't possible, git may show a password prompt which stalls capistrano unless
+  # `:pty` is set to `true`.
+  default_run_options[:pty] = true
+
+  namespace :deploy do
+    # The `deploy:setup` task prepares all the servers for the deployment.
+    desc "Prepare servers for deployment"
+    task :setup, :except => {:no_release => true} do
+      transaction do
+        clone_code
+      end
+    end
+
+    # Clone the repository into the deployment directory.
+    task :clone_code, :except => {:no_release => true} do
+      # This is a slightly complicated process, as git doesn't allow us to clone into an existing
+      # directory.  To get around this, using `sudo` we create the base deployment folder (if it
+      # doesn't already exist).
+      sudo "mkdir -p #{File.expand_path(deploy_to + "/..")}"
+      # Next, clone our code into a temporary location.  This is necessary as our user might not have
+      # permission to write in the base deployment folder.
+      run "git clone #{repository} $HOME/#{application}.tmp"
+      # Again using `sudo`, move the temporary clone to its final destination.
+      sudo "mv $HOME/#{application}.tmp #{deploy_to}"
+      # Finally ensure that members of the `application_group` can read and write all files.
+      top.deploy.change_ownership
+    end
+
+    # Any files that have been created or updated by our user need to have thier permissions changed to
+    # ensure they can be read and written by and member of the `application_group` (deploying users and
+    # the application itself).
+    task :change_ownership, :except => {:no_release => true} do
+      run "find #{deploy_to} -user `whoami` ! -group #{application_group} -exec chown :#{application_group} {} \\;"
+      run "find #{deploy_to} -user `whoami` -exec chmod g+rw {} \\;"
+    end
+
+    # The main deployment task (called with `cap deploy`) deploys the latest application code to all
+    # servers, tags the release and restarts the application.
+    desc "Deploy the latest application code"
+    task :default do
+      transaction do
+        update_code
+        tag
+      end
+      restart
+    end
+
+    # Fetch the latest changes, then update `HEAD` to the deployment branch.
+    task :update_code, :except => {:no_release => true} do
+      on_rollback { git "reset --hard #{latest_tag}" if latest_tag }
+      git "fetch"
+      git "reset --hard origin/#{branch}"
+      # Finally ensure that the members of the `application_group` can read and write all files.
+      top.deploy.change_ownership
+    end
+
+    # Tag `HEAD` with the release tag and message
+    task :tag, :except => {:no_release => true} do
+      on_rollback { git "tag -d #{release_tag}" }
+      git "tag #{release_tag} -m '#{release_message}'"
+      top.deploy.change_ownership
+    end
+
+    # After a successful deployment, the app is restarted.  In the most basic deployments this does
+    # nothing, but other recipes may override it, or attach tasks it's before or after hooks.
+    desc "Restart the application following a deploy"
+    task :restart do
+    end
+
+    # To rollback a release, the latest tag is deleted, and `HEAD` reset to the previous release
+    # (if one exists).  Finally the application is restarted again.
+    desc "Rollback to the previous release"
+    namespace :rollback do
+      task :default do
+        if latest_tag
+          git "tag -d #{latest_tag}"
+          if previous_tag = latest_tag_from_repository
+            git "reset --hard #{previous_tag}"
+          end
+        end
+        restart
+      end
+    end
+
+    # In case of emergency or when manually testing deployment, it can be useful to remove all
+    # previously deployed files before starting again.
+    desc "Remove all deployed files"
+    task :destroy do
+      sudo "rm -rf #{deploy_to}"
+    end
+  end
+end

data/lib/recap/env.rb

@@ -0,0 +1,54 @@
+# N.B. To get the environment loaded on every shell invocation add the following to .profile:
+#
+#     if [ -s "$HOME/.env" ]; then export $(cat $HOME/.env); fi
+#
+# This will eventually be done automatically
+
+Capistrano::Configuration.instance(:must_exist).load do
+  namespace :env do
+    set(:environment_file) { "/home/#{application_user}/.env" }
+
+    def extract_environment(declarations)
+      declarations.inject({}) do |env, line|
+        if line =~ /\A([A-Za-z_]+)=(.*)\z/
+          env[$1] = $2.strip
+        end
+        env
+      end
+    end
+
+    def current_environment
+      @current_environment ||= begin
+        if deployed_file_exists?(environment_file)
+          extract_environment(capture("cat #{environment_file}").split("\n"))
+        else
+          {}
+        end
+      end
+    end
+
+    def write_environment(env)
+      env.keys.sort.collect do |v|
+        "#{v}=#{env[v]}" unless env[v].nil? || env[v].empty?
+      end.compact.join("\n")
+    end
+
+    task :default do
+      puts write_environment(current_environment)
+    end
+
+    task :set do
+      additions = extract_environment(ARGV[1..-1])
+      env = write_environment(current_environment.merge(additions))
+      if env.empty?
+        as_app "rm -f #{environment_file}"
+      else
+        put_as_app env, environment_file
+      end
+    end
+
+    task :edit do
+      edit_file environment_file
+    end
+  end
+end