shared-infrastructure 0.0.16 → 0.0.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/shared_infrastructure/domain.rb +10 -3
- data/lib/shared_infrastructure/nginx/builder.rb +23 -20
- data/lib/shared_infrastructure/nginx/server_block.rb +0 -25
- data/lib/shared_infrastructure/runner/base.rb +4 -0
- data/lib/shared_infrastructure/runner/rails.rb +3 -1
- data/lib/shared_infrastructure/systemd/rails.rb +9 -6
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ef81857523282a713eba26de715419ab0edbd89e
|
|
4
|
+
data.tar.gz: 376a56118921b56b22886fcee1a127a664e97c31
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0f8bcea463528193ef8ce45bd4da49e7f4db031d44af740a6be1f333a388d444b3c07e5ddf122af03caff58835a6fa94fe751848ff36c4156e8549c536a91b5a
|
|
7
|
+
data.tar.gz: aa185934ddd22031432fc6e85546ab87032ea4457b30655488bbbc5dae915dcb265824570dd466a1116359b0de9894d9ae348adb9b56e6a55f491e21fe860ecf
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module SharedInfrastructure
|
|
2
4
|
class Domain
|
|
3
5
|
def available_site
|
|
@@ -20,16 +22,21 @@ module SharedInfrastructure
|
|
|
20
22
|
@domain_name = domain_name
|
|
21
23
|
end
|
|
22
24
|
|
|
23
|
-
def
|
|
24
|
-
"/var/www/#{domain_name}/log
|
|
25
|
+
def rails_env_log(rails_env = "production")
|
|
26
|
+
"/var/www/#{domain_name}/log/#{rails_env}.log"
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def root
|
|
30
|
+
"/var/www/#{domain_name}"
|
|
25
31
|
end
|
|
26
32
|
|
|
33
|
+
# TODO: Remove this if not needed.
|
|
27
34
|
def secrets
|
|
28
35
|
File.join(site_root, "secrets")
|
|
29
36
|
end
|
|
30
37
|
|
|
31
38
|
def site_root
|
|
32
|
-
"
|
|
39
|
+
File.join(root, "html")
|
|
33
40
|
end
|
|
34
41
|
|
|
35
42
|
attr_reader :domain_name
|
|
@@ -105,7 +105,7 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
def save
|
|
108
|
-
FileUtils.mkdir_p(
|
|
108
|
+
FileUtils.mkdir_p(SharedInfrastructure::Output.file_name(domain.root))
|
|
109
109
|
if Process.uid.zero?
|
|
110
110
|
FileUtils.chown(user,
|
|
111
111
|
"www-data",
|
|
@@ -120,7 +120,7 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
120
120
|
class SiteHttp < Site
|
|
121
121
|
def initialize(user, _certificate_domain = nil, domain: nil)
|
|
122
122
|
super(user,
|
|
123
|
-
Nginx::
|
|
123
|
+
Nginx::ServerBlock.new(
|
|
124
124
|
server: Nginx::StaticServer.new(domain: domain),
|
|
125
125
|
listen: Nginx::ListenHttp.new,
|
|
126
126
|
location: Nginx::Location.new
|
|
@@ -143,7 +143,7 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
143
143
|
@certificate_domain = certificate_domain || domain.domain_name
|
|
144
144
|
|
|
145
145
|
super(user,
|
|
146
|
-
Nginx::
|
|
146
|
+
Nginx::ServerBlock.new(
|
|
147
147
|
server: Nginx::StaticServer.new(domain: domain),
|
|
148
148
|
listen: Nginx::ListenHttps.new(domain.domain_name, certificate_domain),
|
|
149
149
|
location: Nginx::Location.new
|
|
@@ -157,24 +157,28 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
157
157
|
end
|
|
158
158
|
|
|
159
159
|
class Rails < Site
|
|
160
|
+
def initialize(user, *server_blocks, domain: nil, rails_env: "production")
|
|
161
|
+
@rails_env = rails_env
|
|
162
|
+
super user, *server_blocks, domain: domain
|
|
163
|
+
end
|
|
164
|
+
attr_reader :rails_env
|
|
165
|
+
|
|
160
166
|
def save
|
|
161
167
|
env = {}
|
|
162
168
|
%w[SECRET_KEY_BASE
|
|
163
169
|
DATABASE_USERNAME
|
|
164
170
|
DATABASE_PASSWORD
|
|
165
171
|
EMAIL_PASSWORD].each do |var|
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
ENV[var]
|
|
171
|
-
end
|
|
172
|
+
if ENV[var].nil?
|
|
173
|
+
puts "Enter #{var}: "
|
|
174
|
+
ENV[var] = $stdin.gets.strip
|
|
175
|
+
end
|
|
172
176
|
end
|
|
173
177
|
SharedInfrastructure::Output.open(File.join("/etc/logrotate.d", "#{domain.domain_name}.conf"), "w") do |io|
|
|
174
178
|
io << <<~LOGROTATE
|
|
175
179
|
compress
|
|
176
180
|
|
|
177
|
-
#{domain.
|
|
181
|
+
#{domain.rails_env_log(rails_env)} {
|
|
178
182
|
size 1M
|
|
179
183
|
rotate 4
|
|
180
184
|
copytruncate
|
|
@@ -183,19 +187,16 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
183
187
|
}
|
|
184
188
|
LOGROTATE
|
|
185
189
|
end &&
|
|
186
|
-
|
|
187
|
-
io << env.map { |pair| "#{pair[0]}=#{pair[1]}\n" }.join
|
|
188
|
-
end &&
|
|
189
|
-
Systemd::Rails.write_unit_file(domain.domain_name, domain) &&
|
|
190
|
+
Systemd::Rails.write_unit_file(domain.domain_name, domain, rails_env) &&
|
|
190
191
|
super
|
|
191
192
|
end
|
|
192
193
|
end
|
|
193
194
|
|
|
194
195
|
class RailsHttp < Rails
|
|
195
|
-
def initialize(user, _certificate_domain = nil, accel_location: nil, domain: nil)
|
|
196
|
+
def initialize(user, _certificate_domain = nil, accel_location: nil, domain: nil, rails_env: "production")
|
|
196
197
|
accel_location = Accel.new(accel_location, domain: domain) if accel_location
|
|
197
198
|
super(user,
|
|
198
|
-
Nginx::
|
|
199
|
+
Nginx::ServerBlock.new(
|
|
199
200
|
upstream: Nginx::Upstream.new(domain.domain_name),
|
|
200
201
|
server: Nginx::RailsServer.new(domain: domain),
|
|
201
202
|
listen: Nginx::ListenHttp.new,
|
|
@@ -207,7 +208,8 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
207
208
|
accel_location: accel_location,
|
|
208
209
|
domain: domain
|
|
209
210
|
),
|
|
210
|
-
domain: domain
|
|
211
|
+
domain: domain,
|
|
212
|
+
rails_env: rails_env
|
|
211
213
|
)
|
|
212
214
|
end
|
|
213
215
|
end
|
|
@@ -215,11 +217,11 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
215
217
|
class RailsHttps < Rails
|
|
216
218
|
include Https
|
|
217
219
|
|
|
218
|
-
def initialize(user, certificate_domain = nil, accel_location: nil, domain: nil)
|
|
220
|
+
def initialize(user, certificate_domain = nil, accel_location: nil, domain: nil, rails_env: "production")
|
|
219
221
|
@certificate_domain = certificate_domain || domain.domain_name
|
|
220
222
|
accel_location = Accel.new(accel_location, domain) if accel_location
|
|
221
223
|
super(user,
|
|
222
|
-
Nginx::
|
|
224
|
+
Nginx::ServerBlock.new(
|
|
223
225
|
upstream: Nginx::Upstream.new(domain.domain_name),
|
|
224
226
|
server: Nginx::RailsServer.new(domain: domain),
|
|
225
227
|
listen: Nginx::ListenHttps.new(domain.domain_name, certificate_domain),
|
|
@@ -232,7 +234,8 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
232
234
|
domain: domain
|
|
233
235
|
),
|
|
234
236
|
Nginx::TlsRedirectServerBlock.new(domain.domain_name),
|
|
235
|
-
domain: domain
|
|
237
|
+
domain: domain,
|
|
238
|
+
rails_env: rails_env
|
|
236
239
|
)
|
|
237
240
|
end
|
|
238
241
|
|
|
@@ -42,31 +42,6 @@ SERVER_BLOCK
|
|
|
42
42
|
attr_reader :accel_location, :domain, :listen, :location, :server, :upstream
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
-
class SiteServerBlock < ServerBlock
|
|
46
|
-
def make_root_directory(root_directory)
|
|
47
|
-
FileUtils.mkdir_p(server.root_directory)
|
|
48
|
-
if Process.uid.zero?
|
|
49
|
-
FileUtils.chown(server.user,
|
|
50
|
-
"www-data",
|
|
51
|
-
server.root_directory)
|
|
52
|
-
end
|
|
53
|
-
end
|
|
54
|
-
|
|
55
|
-
def save
|
|
56
|
-
make_root_directory(root_directory)
|
|
57
|
-
super
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
|
-
|
|
61
|
-
class RailsServerBlock < SiteServerBlock
|
|
62
|
-
def root_directory
|
|
63
|
-
File.join(domain.site_root, "/public")
|
|
64
|
-
end
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
class StaticServerBlock < SiteServerBlock
|
|
68
|
-
end
|
|
69
|
-
|
|
70
45
|
class TlsRedirectServerBlock < ServerBlock
|
|
71
46
|
def initialize(domain_name)
|
|
72
47
|
super(
|
|
@@ -56,6 +56,10 @@ module Runner
|
|
|
56
56
|
Runner.debug = true
|
|
57
57
|
end
|
|
58
58
|
|
|
59
|
+
opts.on("-d RAILS_ENV", "--rails-env RAILS_ENV", "Build files for the specified RAILS_ENV") do |rails_env|
|
|
60
|
+
options[:rails_env] = rails_env
|
|
61
|
+
end
|
|
62
|
+
|
|
59
63
|
opts.on("-P PROTOCOL",
|
|
60
64
|
"--protocol PROTOCOL",
|
|
61
65
|
"HTTP|HTTPS. Default: HTTPS if key files exist, else HTTP.") do |protocol|
|
|
@@ -25,8 +25,10 @@ module Runner
|
|
|
25
25
|
user = options.delete(:user)
|
|
26
26
|
certificate_domain = options.delete(:certificate_domain)
|
|
27
27
|
accel_location = options.delete(:accel_location)
|
|
28
|
+
# FIXME: This is the wrong way to do this.
|
|
29
|
+
rails_env = options.delete(:rails_env) { "production" }
|
|
28
30
|
domain = SharedInfrastructure::Domain.new(domain_name)
|
|
29
|
-
protocol_class.new(user, certificate_domain, accel_location: accel_location, domain: domain)
|
|
31
|
+
protocol_class.new(user, certificate_domain, accel_location: accel_location, domain: domain, rails_env: rails_env)
|
|
30
32
|
end
|
|
31
33
|
end
|
|
32
34
|
end
|
|
@@ -11,7 +11,7 @@ module Systemd
|
|
|
11
11
|
"redis." + domain_name
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
def write_unit_file(domain_name, domain)
|
|
14
|
+
def write_unit_file(domain_name, domain, rails_env = "production")
|
|
15
15
|
# if ENV["SECRET_KEY_BASE"].nil? ||
|
|
16
16
|
# ENV["DATABASE_USERNAME"].nil? ||
|
|
17
17
|
# ENV["DATABASE_PASSWORD"].nil? ||
|
|
@@ -42,17 +42,20 @@ module Systemd
|
|
|
42
42
|
|
|
43
43
|
# Helpful for debugging socket activation, etc.
|
|
44
44
|
# Environment=PUMA_DEBUG=1
|
|
45
|
-
Environment=RACK_ENV
|
|
46
|
-
Environment=RAILS_ENV
|
|
45
|
+
Environment=RACK_ENV=#{rails_env}
|
|
46
|
+
Environment=RAILS_ENV=#{rails_env}
|
|
47
47
|
# FIXME: The following is the wrong place
|
|
48
|
-
|
|
48
|
+
Environment=SECRET_KEY_BASE=#{ENV['SECRET_KEY_BASE']}
|
|
49
|
+
Environment=DATABASE_USERNAME=#{ENV['DATABASE_USERNAME']}
|
|
50
|
+
Environment=DATABASE_PASSWORD=#{ENV['DATABASE_PASSWORD']}
|
|
51
|
+
Environment=EMAIL_PASSWORD=#{ENV['EMAIL_PASSWORD']}
|
|
49
52
|
Environment=REDIS_URL=unix:///tmp/#{redis_location(domain_name)}.sock
|
|
50
53
|
|
|
51
54
|
# The command to start Puma
|
|
52
55
|
# NOTE: TLS would be handled by Nginx
|
|
53
56
|
ExecStart=#{Nginx.root_directory(domain_name)}/bin/puma -b #{puma_uri(domain_name)} \
|
|
54
|
-
--redirect-stdout=#{Nginx.root_directory(domain_name)}/log/puma
|
|
55
|
-
--redirect-stderr=#{Nginx.root_directory(domain_name)}/log/puma
|
|
57
|
+
--redirect-stdout=#{Nginx.root_directory(domain_name)}/log/puma-#{rails_env}.stdout.log \
|
|
58
|
+
--redirect-stderr=#{Nginx.root_directory(domain_name)}/log/puma-#{rails_env}.stderr.log
|
|
56
59
|
# ExecStart=/usr/local/bin/puma -b tcp://#{puma_uri(domain_name)}
|
|
57
60
|
|
|
58
61
|
Restart=always
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shared-infrastructure
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.17
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Larry Reid
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-04-
|
|
11
|
+
date: 2018-04-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: 'For static sites, Rails apps, and reverse proxies.
|
|
14
14
|
|