shared-infrastructure 0.0.13 → 0.0.15

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: acbb88aca695caae7288c8b87d27a922f32db19b
-  data.tar.gz: 4452c8a7ebaaef449cdefae36b70bd3369cef97f
+  metadata.gz: da04dfe750e140c1338ffdb29a780aec11cc5d67
+  data.tar.gz: f07c6a555130703d979dddec88f58c5eb02b7d51
 SHA512:
-  metadata.gz: 934e545b36a97a2e1d1385e2bc49edbf913486abb3f311b14c5328c10d205c4bc3015ad092ee39c3d456a4471825f81858080781401a370b5b624acbd708e7ff
-  data.tar.gz: de793ba382532a0f9d264416fcd465824b9d2f911071822129cce780ba6a4760667bc799accc1b23a62dcdff0cfa162e2ee65f4d095706265c5c5a4adcedccb0
+  metadata.gz: f82b761326514cc4ff6f9b3c65e0906546e2fe8f9adee2aa503e26a9069d45a311ffbe0e24ab2b62511345ad7e6031b61e4bca9a10ee429f2e19a3df177cd27a
+  data.tar.gz: 1818e9387a3037ae3ec2a26eeca27a1558fd44cfb0ccbf1d2fc14f276fbfbec51a2b33468cf1a80ab71ff5704288040e6ad8db2ec52f91ddc103673149550ef4

data/lib/shared_infrastructure.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "shared_infrastructure/output.rb"
+require "shared_infrastructure/domain.rb"
 require "shared_infrastructure/nginx/nginx.rb"
 require "shared_infrastructure/nginx/server_block.rb"
 require "shared_infrastructure/nginx/server.rb"
@@ -7,11 +9,12 @@ require "shared_infrastructure/nginx/lines.rb"
 require "shared_infrastructure/nginx/listen.rb"
 require "shared_infrastructure/nginx/location.rb"
 require "shared_infrastructure/nginx/upstream.rb"
-require "shared_infrastructure/nginx/site.rb"
 require "shared_infrastructure/nginx/builder.rb"
+require "shared_infrastructure/nginx/accel.rb"
 require "shared_infrastructure/runner/base.rb"
 require "shared_infrastructure/runner/reverse_proxy.rb"
 require "shared_infrastructure/runner/static_site.rb"
 require "shared_infrastructure/runner/rails.rb"
+require "shared_infrastructure/runner/deploy.rb"
 require "shared_infrastructure/systemd/systemd.rb"
 require "shared_infrastructure/systemd/rails.rb"

data/lib/shared_infrastructure/domain.rb

@@ -0,0 +1,33 @@
+module SharedInfrastructure
+  class Domain
+    def available_site
+      "/etc/nginx/sites-available/#{domain_name}"
+    end
+
+    def certbot_domain_names
+      "#{domain_name} www.#{domain_name}"
+    end
+
+    def certificate_directory
+      "/etc/letsencrypt/live/#{domain_name}"
+    end
+
+    def enabled_site
+      "/etc/nginx/sites-enabled/#{domain_name}"
+    end
+
+    def initialize(domain_name)
+      @domain_name = domain_name
+    end
+
+    def secrets
+      File.join(site_root, "secrets")
+    end
+
+    def site_root
+      "/var/www/#{domain_name}/html"
+    end
+
+    attr_reader :domain_name
+  end
+end

data/lib/shared_infrastructure/nginx/accel.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Nginx
+  class Accel
+    def initialize(location_directory, domain: nil)
+      @domain = domain
+      @location_directory = location_directory.chomp("/").reverse.chomp("/").reverse
+    end
+
+    attr_reader :domain, :location_directory
+
+    def alias_string(domain_name)
+      File.join(Nginx.configuration.root_directory(domain ? domain.domain_name : domain_name), location_directory).to_s
+    end
+
+    def location
+      "/#{location_directory}"
+    end
+
+    def proxy_set_header(domain_name)
+      [
+        "  proxy_set_header X-Sendfile-Type X-Accel-Redirect;",
+        "  proxy_set_header X-Accel-Mapping #{alias_string(domain_name)}/=#{location}/;"
+      ].join("\n")
+    end
+  end
+end

data/lib/shared_infrastructure/nginx/builder.rb

@@ -7,7 +7,9 @@ module Nginx
   module Builder
     module Https
       def save
-        `openssl dhparam #{Nginx.dhparam} -out #{Nginx.certificate_directory(certificate_domain)}/dhparam.pem`
+        pem_file = "#{Nginx.certificate_directory(certificate_domain)}/dhparam.pem"
+        FileUtils.mkdir_p File.dirname(pem_file)
+        `openssl dhparam #{Nginx.dhparam} -out #{pem_file}`
         super
       end
     end
@@ -21,7 +23,7 @@ sudo nginx -s reload
 
 Then run the following command:
 
-sudo certbot certonly --webroot -w #{Nginx.root_directory(domain_name)} #{Nginx.certbot_domain_names(domain_name)}
+sudo certbot certonly --webroot -w #{Nginx.root_directory(domain.domain_name)} #{Nginx.certbot_domain_names(domain.domain_name)}
 
 You can test renewal with:
 
@@ -31,42 +33,42 @@ Finally, re-run this script to configure nginx for TLS.
 )
       end
 
-      def initialize(domain_name, *server_blocks)
+      def initialize(*server_blocks, domain: nil)
         # puts "Base#initialize domain_name: #{domain_name}"
         # puts "Base#initialize server_blocks.inspect: #{server_blocks.inspect}"
         @server_blocks = server_blocks
-        @domain_name = domain_name
+        @domain = domain
       end
 
       def save
-        puts "writing server block: #{Nginx.server_block_location(domain_name)}" if Runner.debug
-        File.open(Nginx.server_block_location(domain_name), "w") do |f|
+        puts "writing server block: #{Nginx.server_block_location(domain.domain_name)}" if Runner.debug
+        File.open(Nginx.server_block_location(domain.domain_name), "w") do |f|
           f << to_s
         end
         puts "enabling site" if Runner.debug
-        `ln -fs ../sites-available/#{domain_name} #{Nginx.enabled_server_block_location(domain_name)}`
+        `ln -fs ../sites-available/#{domain.domain_name} #{Nginx.enabled_server_block_location(domain.domain_name)}`
       end
 
       def to_s
         server_blocks.map(&:to_s).join("\n")
       end
 
-      attr_reader :domain_name, :server_blocks
+      attr_reader :domain, :server_blocks
     end
 
     class ReverseProxyHttp < Base
-      def initialize(domain_name, proxy_url, certificate_domain = nil)
-        super(domain_name,
-          Nginx::ServerBlock.new(
-            server: Nginx::Server.new(domain_name),
-            listen: Nginx::ListenHttp.new,
-            location: [
-              # TODO: the following should really only happen when the domains
-              # are different.
-              Nginx::AcmeLocation.new(certificate_domain || domain_name),
-              Nginx::ReverseProxyLocation.new(proxy_url)
-            ]
-          )
+      def initialize(proxy_url, certificate_domain = nil, domain: nil)
+        super(Nginx::ServerBlock.new(
+          server: Nginx::Server.new(domain: domain),
+          listen: Nginx::ListenHttp.new,
+          location: [
+            # TODO: the following should really only happen when the domains
+            # are different.
+            Nginx::AcmeLocation.new(certificate_domain || domain.domain_name),
+            Nginx::ReverseProxyLocation.new(proxy_url)
+          ]
+        ),
+          domain: domain
         )
       end
 
@@ -80,16 +82,16 @@ Finally, re-run this script to configure nginx for TLS.
     class ReverseProxyHttps < Base
       include Https
 
-      def initialize(domain_name, proxy_url, certificate_domain = nil)
-        @certificate_domain = certificate_domain || domain_name
+      def initialize(proxy_url, certificate_domain = nil, domain: nil)
+        @certificate_domain = certificate_domain || domain.domain_name
 
-        super(domain_name,
-          Nginx::ServerBlock.new(
-            server: Nginx::Server.new(domain_name),
-            listen: Nginx::ListenHttps.new(domain_name, certificate_domain),
-            location: Nginx::ReverseProxyLocation.new(proxy_url)
-          ),
-          Nginx::TlsRedirectServerBlock.new(domain_name)
+        super(Nginx::ServerBlock.new(
+          server: Nginx::Server.new(domain: domain),
+          listen: Nginx::ListenHttps.new(domain.domain_name, certificate_domain),
+          location: Nginx::ReverseProxyLocation.new(proxy_url)
+        ),
+          Nginx::TlsRedirectServerBlock.new(domain.domain_name),
+          domain: domain
         )
       end
 
@@ -97,17 +99,17 @@ Finally, re-run this script to configure nginx for TLS.
     end
 
     class Site < Base
-      def initialize(domain_name, user, *server_blocks)
-        super(domain_name, *server_blocks)
+      def initialize(user, *server_blocks, domain: nil)
+        super(*server_blocks, domain: domain)
         @user = user
       end
 
       def save
-        FileUtils.mkdir_p(Nginx.root_directory(domain_name))
+        FileUtils.mkdir_p(Nginx.root_directory(domain.domain_name))
         if Process.uid.zero?
           FileUtils.chown(user,
             "www-data",
-            Nginx.root_directory(domain_name))
+            Nginx.root_directory(domain.domain_name))
         end
         super
       end
@@ -116,14 +118,14 @@ Finally, re-run this script to configure nginx for TLS.
     end
 
     class SiteHttp < Site
-      def initialize(domain_name, user, _certificate_domain = nil)
-        super(domain_name,
-          user,
+      def initialize(user, _certificate_domain = nil, domain: nil)
+        super(user,
           Nginx::StaticServerBlock.new(
-            server: Nginx::Site.new(domain_name, user),
+            server: Nginx::StaticServer.new(domain: domain),
             listen: Nginx::ListenHttp.new,
             location: Nginx::Location.new
-          )
+          ),
+          domain: domain
         )
       end
 
@@ -137,71 +139,90 @@ Finally, re-run this script to configure nginx for TLS.
     class SiteHttps < Site
       include Https
 
-      def initialize(domain_name, user, certificate_domain = nil)
-        @certificate_domain = certificate_domain || domain_name
+      def initialize(user, certificate_domain = nil, domain: nil)
+        @certificate_domain = certificate_domain || domain.domain_name
 
-        super(domain_name,
-          user,
+        super(user,
           Nginx::StaticServerBlock.new(
-            server: Nginx::Site.new(domain_name, user),
-            listen: Nginx::ListenHttps.new(domain_name, certificate_domain),
+            server: Nginx::StaticServer.new(domain: domain),
+            listen: Nginx::ListenHttps.new(domain.domain_name, certificate_domain),
             location: Nginx::Location.new
           ),
-          Nginx::TlsRedirectServerBlock.new(domain_name)
+          Nginx::TlsRedirectServerBlock.new(domain.domain_name),
+          domain: domain
         )
       end
 
       attr_reader :certificate_domain
     end
 
-    class RailsHttp < Site
-      def initialize(domain_name, user, _certificate_domain = nil, accel_location: nil)
-        super(domain_name,
-          user,
+    class Rails < Site
+      def save
+        env = {}
+        %w[SECRET_KEY_BASE
+           DATABASE_USERNAME
+           DATABASE_PASSWORD
+           EMAIL_PASSWORD].each do |var|
+          env[var.to_sym] = if ENV[var].nil?
+                              puts "Enter #{var}: "
+                              $stdin.gets.strip
+                            else
+                              ENV[var]
+                            end
+        end
+        File.open(SharedInfrastructure::Output.file_name(File.join(domain.site_root, "secrets")), "w", 0o600) do |io|
+          io << env.map { |pair| "#{pair[0]}=#{pair[1]}\n" }.join
+        end &&
+          Systemd::Rails.write_unit_file(domain.domain_name, domain) &&
+          super
+      end
+    end
+
+    class RailsHttp < Rails
+      def initialize(user, _certificate_domain = nil, accel_location: nil, domain: nil)
+        accel_location = Accel.new(accel_location, domain: domain) if accel_location
+        super(user,
             Nginx::RailsServerBlock.new(
-              upstream: Nginx::Upstream.new(domain_name),
-              server: Nginx::RailsServer.new(domain_name),
+              upstream: Nginx::Upstream.new(domain.domain_name),
+              server: Nginx::RailsServer.new(domain: domain),
               listen: Nginx::ListenHttp.new,
               location: [
-                Nginx::RailsLocation.new(domain_name),
-                accel_location ? Nginx::AccelLocation.new(accel_location) : nil,
-                Nginx::ActionCableLocation.new(domain_name)
-              ].compact
-            )
+                Nginx::RailsLocation.new(domain.domain_name),
+                accel_location ? Nginx::AccelLocation.new(domain.domain_name, accel_location) : nil,
+                Nginx::ActionCableLocation.new(domain.domain_name)
+              ].compact,
+              accel_location: accel_location,
+              domain: domain
+            ),
+            domain: domain
           )
       end
-
-      def save
-        Systemd::Rails.write_unit_file(domain_name) && super
-      end
     end
 
-    class RailsHttps < Site
+    class RailsHttps < Rails
       include Https
 
-      def initialize(domain_name, user, certificate_domain = nil, accel_location: nil)
-        @certificate_domain = certificate_domain || domain_name
-        super(domain_name,
-          user,
+      def initialize(user, certificate_domain = nil, accel_location: nil, domain: nil)
+        @certificate_domain = certificate_domain || domain.domain_name
+        accel_location = Accel.new(accel_location, domain) if accel_location
+        super(user,
           Nginx::RailsServerBlock.new(
-            upstream: Nginx::Upstream.new(domain_name),
-            server: Nginx::RailsServer.new(domain_name),
-            listen: Nginx::ListenHttps.new(domain_name, certificate_domain),
+            upstream: Nginx::Upstream.new(domain.domain_name),
+            server: Nginx::RailsServer.new(domain: domain),
+            listen: Nginx::ListenHttps.new(domain.domain_name, certificate_domain),
             location: [
-              Nginx::RailsLocation.new(domain_name),
-              accel_location ? Nginx::AccelLocation.new(accel_location) : nil,
-              Nginx::ActionCableLocation.new(domain_name)
-            ].compact
+              Nginx::RailsLocation.new(domain.domain_name),
+              accel_location ? Nginx::AccelLocation.new(domain.domain_name, accel_location) : nil,
+              Nginx::ActionCableLocation.new(domain.domain_name)
+            ].compact,
+            accel_location: accel_location,
+            domain: domain
           ),
-          Nginx::TlsRedirectServerBlock.new(domain_name)
+          Nginx::TlsRedirectServerBlock.new(domain.domain_name),
+          domain: domain
         )
       end
 
-      # FIXME: DRY this up with the HTTP class.
-      def save
-        Systemd::Rails.write_unit_file(domain_name) && super
-      end
-
       attr_reader :certificate_domain
     end
   end

data/lib/shared_infrastructure/nginx/location.rb

@@ -18,19 +18,21 @@ module Nginx
   end
 
   class AccelLocation < Location
-    def initialize(location, root = "/")
+    def initialize(domain_name, accel, domain: nil)
       super(location)
-      @root = root
+      @domain = domain
+      @domain_name = domain_name
+      @accel = accel
     end
 
     def to_s(level = 0)
-      Lines.new("location /#{location.chomp("/").reverse.chomp("/").reverse}/ {",
+      Lines.new("location #{accel.location} {",
         "  internal;",
-        "  root #{root};",
+        "  alias #{accel.alias_string(domain ? domain.name : domain_name)};",
         "}").format(level)
     end
 
-    attr_reader :location, :root
+    attr_reader :accel, :domain, :domain_name
   end
 
   class AcmeLocation < Location

data/lib/shared_infrastructure/nginx/server.rb

@@ -4,20 +4,21 @@ module Nginx
   ##
   # The server_name line of a server block.
   class Server
-    attr_reader :domain_name
+    def initialize(domain: nil)
+      @domain = domain
+    end
+
+    attr_reader :domain
 
-    def initialize(domain_name)
-      @domain_name = domain_name
+    def root_directory
+      domain.site_root
     end
 
     def to_s(level = 0)
-      Lines.new("server_name #{Nginx.certbot_domain_names(domain_name)};").format(level)
+      Lines.new("server_name #{domain.certbot_domain_names};").format(level)
     end
   end
 
-  ##
-  # Server name and site location for a static site.
-  # TODO: I don't like the way this gets twisted when subclassing.
   class StaticServer < Server
     def to_s(level = 0)
       [
@@ -32,7 +33,7 @@ module Nginx
 
   class RailsServer < Server
     def root_directory
-      File.join(Nginx.root_directory(domain_name), "public")
+      File.join(domain.site_root, "public")
     end
 
     def to_s(level = 0)
@@ -42,7 +43,7 @@ module Nginx
           "# http://stackoverflow.com/a/11313241/3109926 said the following",
           "# is what serves from public directly without hitting Puma",
           "root #{root_directory};",
-          "try_files $uri/index.html $uri @#{domain_name};",
+          "try_files $uri/index.html $uri @#{domain.domain_name};",
           "error_page 500 502 503 504 /500.html;",
           "client_max_body_size 4G;",
           "keepalive_timeout 10;"

data/lib/shared_infrastructure/nginx/server_block.rb

@@ -4,7 +4,9 @@
 # Write nginx configuration files.
 module Nginx
   class ServerBlock
-    def initialize(upstream: nil, server: nil, listen: nil, location: nil)
+    def initialize(upstream: nil, server: nil, listen: nil, location: nil, accel_location: nil, domain: nil)
+      @accel_location = accel_location
+      @domain = domain
       @listen = listen
       @location = Array(location)
       @server = server
@@ -26,6 +28,7 @@ module Nginx
         #{[
           @server&.to_s(1),
           @listen&.to_s(1),
+          @accel_location&.proxy_set_header(server.domain.domain_name),
           @location&.map { |l| l.to_s(1) }
         ].compact.join("\n\n")}
         }
@@ -36,7 +39,7 @@ SERVER_BLOCK
       upstream&.to_s
     end
 
-    attr_reader :listen, :location, :server, :upstream
+    attr_reader :accel_location, :domain, :listen, :location, :server, :upstream
   end
 
   class SiteServerBlock < ServerBlock
@@ -57,7 +60,7 @@ SERVER_BLOCK
 
   class RailsServerBlock < SiteServerBlock
     def root_directory
-      File.join(server.root_directory, "/public")
+      File.join(domain.site_root, "/public")
     end
   end
 
@@ -67,7 +70,7 @@ SERVER_BLOCK
   class TlsRedirectServerBlock < ServerBlock
     def initialize(domain_name)
       super(
-        server: Server.new(domain_name),
+        server: Server.new(domain: SharedInfrastructure::Domain.new(domain_name)),
         listen: ListenHttp.new,
         location: RedirectLocation.new
       )

data/lib/shared_infrastructure/output.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module SharedInfrastructure
+  module OutputHelpers
+    # @param indent_string The string to use for indenting. Defaults to the
+    # first character of `s`.
+    # @param amount The number of `indent_string` to put at the start of each
+    #   line. Default: 2.
+    # @param indent_empty_lines Don't indent empty lines unless this is true.
+    def indent(s, amount = 2, indent_string = nil, indent_empty_lines = false)
+      indent_string = indent_string || s[/^[ \t]/] || " "
+      re = indent_empty_lines ? /^/ : /^(?!$)/
+      s.gsub(re, indent_string * amount)
+    end
+  end
+
+  class Output < File
+    def initialize(file_name, *args)
+      super Output.file_name(file_name), *args
+    end
+
+    class << self
+      ##
+      # Fake root. If block is given, change the root only for the duration
+      # of the block. If no block is given, is the same as configure.
+      def fake_root(root = nil)
+        if block_given?
+          begin
+            save_root = Output.root
+            fake_root(root)
+            result = yield
+          ensure
+            fake_root(save_root)
+            result
+          end
+        else
+          self.root = root
+        end
+      end
+
+      def file_name(file_name)
+        return file_name unless Output.root
+        file_name = File.join(Output.root, file_name)
+        FileUtils.mkdir_p(File.dirname(file_name))
+        file_name
+      end
+
+      attr_accessor :root
+    end
+  end
+end

data/lib/shared_infrastructure/runner/base.rb

@@ -43,7 +43,6 @@ module Runner
           "--accel LOCATION",
           "Location to serve when app responds with 'X-Accel'") do |accel_location|
           options[:accel_location] = accel_location
-          puts "FOUND X-ACCEL"
         end
 
         opts.on("-c DOMAIN",

data/lib/shared_infrastructure/runner/deploy.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require "optparse"
+require "production"
+
+module Runner
+  class << self
+    attr_accessor :debug
+  end
+  self.debug = false
+
+  ##
+  # Runner for deployment
+  class Deploy
+    def main
+      process_options
+      raise MissingArgument, "repository required" unless ARGV.size == 1
+      Production.repository = ARGV[0]
+    end
+
+    def process_options
+      options = OptionParser.new do |opts|
+        opts.banner = "Usage: [options] REPOSITORY"
+
+        opts.on("-b BRANCH", "--branch BRANCH", "Branch in repository to deploy.") do |branch|
+          Production.branch = branch
+        end
+
+        opts.on("-d", "--debug", "Print debugging information.") do
+          Runner.debug = true
+        end
+
+        opts.on("-r DIRECTORY",
+          "--root DIRECTORY",
+          "DIRECTORY. Set a root for files. This options is for debugging.") do |directory|
+          Output.fake_root(directory)
+        end
+
+        opts.on("-u REPOSITORY_USER",
+          "--user REPOSITORY_USER",
+          "REPOSITORY_USER. User name for the respository.") do |user|
+          Production.user = user
+        end
+      end
+      options.parse!
+    end
+  end
+
+  class MissingArgument < RuntimeError
+    def initialize(msg)
+      super msg
+    end
+    attr_reader :msg
+  end
+end

data/lib/shared_infrastructure/runner/rails.rb

@@ -25,7 +25,8 @@ module Runner
       user = options.delete(:user) || "ubuntu"
       certificate_domain = options.delete(:certificate_domain)
       accel_location = options.delete(:accel_location)
-      protocol_class.new(domain_name, user, certificate_domain, accel_location: accel_location)
+      domain = SharedInfrastructure::Domain.new(domain_name)
+      protocol_class.new(user, certificate_domain, accel_location: accel_location, domain: domain)
     end
   end
 end

data/lib/shared_infrastructure/runner/reverse_proxy.rb

@@ -30,7 +30,8 @@ module Runner
       domain_name = options.delete(:domain_name)
       proxy_url = options.delete(:proxy_url)
       certificate_domain = options.delete(:certificate_domain)
-      protocol_class.new(domain_name, proxy_url, certificate_domain)
+      domain = SharedInfrastructure::Domain.new(domain_name)
+      protocol_class.new(proxy_url, certificate_domain, domain: domain)
     end
   end
 end

data/lib/shared_infrastructure/runner/static_site.rb

@@ -14,7 +14,8 @@ module Runner
       domain_name = options.delete(:domain_name)
       user = options.delete(:user) || "ubuntu"
       certificate_domain = options.delete(:certificate_domain)
-      protocol_class.new(domain_name, user, certificate_domain)
+      domain = SharedInfrastructure::Domain.new(domain_name)
+      protocol_class.new(user, certificate_domain, domain: domain)
     end
   end
 end

data/lib/shared_infrastructure/systemd/rails.rb

@@ -11,14 +11,14 @@ module Systemd
         "redis." + domain_name
       end
 
-      def write_unit_file(domain_name)
-        if ENV["SECRET_KEY_BASE"].nil? ||
-           ENV["DATABASE_USERNAME"].nil? ||
-           ENV["DATABASE_PASSWORD"].nil? ||
-           ENV["EMAIL_PASSWORD"].nil?
-          raise "Missing environment variable"
-        end
-
+      def write_unit_file(domain_name, domain)
+        # if ENV["SECRET_KEY_BASE"].nil? ||
+        #    ENV["DATABASE_USERNAME"].nil? ||
+        #    ENV["DATABASE_PASSWORD"].nil? ||
+        #    ENV["EMAIL_PASSWORD"].nil?
+        #   raise "Missing environment variable"
+        # end
+        #
         puts "writing unit file (domain_name): #{Systemd.unit_file(domain_name)} (#{domain_name})" if Runner.debug
 
         result = File.open(Systemd.unit_file(domain_name), "w") do |f|
@@ -44,6 +44,7 @@ module Systemd
             # Environment=PUMA_DEBUG=1
             Environment=RACK_ENV=production
             Environment=RAILS_ENV=production
+            EnvironmentFile=#{domain.secrets}
             Environment=SECRET_KEY_BASE=#{ENV['SECRET_KEY_BASE']}
             Environment=DATABASE_USERNAME=#{ENV['DATABASE_USERNAME']}
             Environment=DATABASE_PASSWORD=#{ENV['DATABASE_PASSWORD']}

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: shared-infrastructure
 version: !ruby/object:Gem::Version
-  version: 0.0.13
+  version: 0.0.15
 platform: ruby
 authors:
 - Larry Reid
@@ -25,6 +25,8 @@ files:
 - bin/create-reverse-proxy
 - bin/create-server-block
 - lib/shared_infrastructure.rb
+- lib/shared_infrastructure/domain.rb
+- lib/shared_infrastructure/nginx/accel.rb
 - lib/shared_infrastructure/nginx/builder.rb
 - lib/shared_infrastructure/nginx/lines.rb
 - lib/shared_infrastructure/nginx/listen.rb
@@ -32,9 +34,10 @@ files:
 - lib/shared_infrastructure/nginx/nginx.rb
 - lib/shared_infrastructure/nginx/server.rb
 - lib/shared_infrastructure/nginx/server_block.rb
-- lib/shared_infrastructure/nginx/site.rb
 - lib/shared_infrastructure/nginx/upstream.rb
+- lib/shared_infrastructure/output.rb
 - lib/shared_infrastructure/runner/base.rb
+- lib/shared_infrastructure/runner/deploy.rb
 - lib/shared_infrastructure/runner/rails.rb
 - lib/shared_infrastructure/runner/reverse_proxy.rb
 - lib/shared_infrastructure/runner/static_site.rb

data/lib/shared_infrastructure/nginx/site.rb

@@ -1,29 +0,0 @@
-# frozen_string_literal: true
-
-module Nginx
-  ##
-  # Server name and site location for a static site.
-  # TODO: I don't like the way this gets twisted when subclassing.
-  class Site < Server
-    attr_reader :user
-
-    def initialize(domain_name, user = "ubuntu")
-      super domain_name
-      @user = user
-    end
-
-    def root_directory
-      Nginx.root_directory(domain_name)
-    end
-
-    def to_s(level = 0)
-      [
-        super(level),
-        Lines.new(
-          "root #{Nginx.root_directory(domain_name)};",
-          "index index.html index.htm;"
-        ).format(level)
-      ].join("\n\n")
-    end
-  end
-end