shared-infrastructure 0.0.16 → 0.0.17
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/shared_infrastructure/domain.rb +10 -3
- data/lib/shared_infrastructure/nginx/builder.rb +23 -20
- data/lib/shared_infrastructure/nginx/server_block.rb +0 -25
- data/lib/shared_infrastructure/runner/base.rb +4 -0
- data/lib/shared_infrastructure/runner/rails.rb +3 -1
- data/lib/shared_infrastructure/systemd/rails.rb +9 -6
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ef81857523282a713eba26de715419ab0edbd89e
|
|
4
|
+
data.tar.gz: 376a56118921b56b22886fcee1a127a664e97c31
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0f8bcea463528193ef8ce45bd4da49e7f4db031d44af740a6be1f333a388d444b3c07e5ddf122af03caff58835a6fa94fe751848ff36c4156e8549c536a91b5a
|
|
7
|
+
data.tar.gz: aa185934ddd22031432fc6e85546ab87032ea4457b30655488bbbc5dae915dcb265824570dd466a1116359b0de9894d9ae348adb9b56e6a55f491e21fe860ecf
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module SharedInfrastructure
|
|
2
4
|
class Domain
|
|
3
5
|
def available_site
|
|
@@ -20,16 +22,21 @@ module SharedInfrastructure
|
|
|
20
22
|
@domain_name = domain_name
|
|
21
23
|
end
|
|
22
24
|
|
|
23
|
-
def
|
|
24
|
-
"/var/www/#{domain_name}/log
|
|
25
|
+
def rails_env_log(rails_env = "production")
|
|
26
|
+
"/var/www/#{domain_name}/log/#{rails_env}.log"
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def root
|
|
30
|
+
"/var/www/#{domain_name}"
|
|
25
31
|
end
|
|
26
32
|
|
|
33
|
+
# TODO: Remove this if not needed.
|
|
27
34
|
def secrets
|
|
28
35
|
File.join(site_root, "secrets")
|
|
29
36
|
end
|
|
30
37
|
|
|
31
38
|
def site_root
|
|
32
|
-
"
|
|
39
|
+
File.join(root, "html")
|
|
33
40
|
end
|
|
34
41
|
|
|
35
42
|
attr_reader :domain_name
|
|
@@ -105,7 +105,7 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
def save
|
|
108
|
-
FileUtils.mkdir_p(
|
|
108
|
+
FileUtils.mkdir_p(SharedInfrastructure::Output.file_name(domain.root))
|
|
109
109
|
if Process.uid.zero?
|
|
110
110
|
FileUtils.chown(user,
|
|
111
111
|
"www-data",
|
|
@@ -120,7 +120,7 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
120
120
|
class SiteHttp < Site
|
|
121
121
|
def initialize(user, _certificate_domain = nil, domain: nil)
|
|
122
122
|
super(user,
|
|
123
|
-
Nginx::
|
|
123
|
+
Nginx::ServerBlock.new(
|
|
124
124
|
server: Nginx::StaticServer.new(domain: domain),
|
|
125
125
|
listen: Nginx::ListenHttp.new,
|
|
126
126
|
location: Nginx::Location.new
|
|
@@ -143,7 +143,7 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
143
143
|
@certificate_domain = certificate_domain || domain.domain_name
|
|
144
144
|
|
|
145
145
|
super(user,
|
|
146
|
-
Nginx::
|
|
146
|
+
Nginx::ServerBlock.new(
|
|
147
147
|
server: Nginx::StaticServer.new(domain: domain),
|
|
148
148
|
listen: Nginx::ListenHttps.new(domain.domain_name, certificate_domain),
|
|
149
149
|
location: Nginx::Location.new
|
|
@@ -157,24 +157,28 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
157
157
|
end
|
|
158
158
|
|
|
159
159
|
class Rails < Site
|
|
160
|
+
def initialize(user, *server_blocks, domain: nil, rails_env: "production")
|
|
161
|
+
@rails_env = rails_env
|
|
162
|
+
super user, *server_blocks, domain: domain
|
|
163
|
+
end
|
|
164
|
+
attr_reader :rails_env
|
|
165
|
+
|
|
160
166
|
def save
|
|
161
167
|
env = {}
|
|
162
168
|
%w[SECRET_KEY_BASE
|
|
163
169
|
DATABASE_USERNAME
|
|
164
170
|
DATABASE_PASSWORD
|
|
165
171
|
EMAIL_PASSWORD].each do |var|
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
ENV[var]
|
|
171
|
-
end
|
|
172
|
+
if ENV[var].nil?
|
|
173
|
+
puts "Enter #{var}: "
|
|
174
|
+
ENV[var] = $stdin.gets.strip
|
|
175
|
+
end
|
|
172
176
|
end
|
|
173
177
|
SharedInfrastructure::Output.open(File.join("/etc/logrotate.d", "#{domain.domain_name}.conf"), "w") do |io|
|
|
174
178
|
io << <<~LOGROTATE
|
|
175
179
|
compress
|
|
176
180
|
|
|
177
|
-
#{domain.
|
|
181
|
+
#{domain.rails_env_log(rails_env)} {
|
|
178
182
|
size 1M
|
|
179
183
|
rotate 4
|
|
180
184
|
copytruncate
|
|
@@ -183,19 +187,16 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
183
187
|
}
|
|
184
188
|
LOGROTATE
|
|
185
189
|
end &&
|
|
186
|
-
|
|
187
|
-
io << env.map { |pair| "#{pair[0]}=#{pair[1]}\n" }.join
|
|
188
|
-
end &&
|
|
189
|
-
Systemd::Rails.write_unit_file(domain.domain_name, domain) &&
|
|
190
|
+
Systemd::Rails.write_unit_file(domain.domain_name, domain, rails_env) &&
|
|
190
191
|
super
|
|
191
192
|
end
|
|
192
193
|
end
|
|
193
194
|
|
|
194
195
|
class RailsHttp < Rails
|
|
195
|
-
def initialize(user, _certificate_domain = nil, accel_location: nil, domain: nil)
|
|
196
|
+
def initialize(user, _certificate_domain = nil, accel_location: nil, domain: nil, rails_env: "production")
|
|
196
197
|
accel_location = Accel.new(accel_location, domain: domain) if accel_location
|
|
197
198
|
super(user,
|
|
198
|
-
Nginx::
|
|
199
|
+
Nginx::ServerBlock.new(
|
|
199
200
|
upstream: Nginx::Upstream.new(domain.domain_name),
|
|
200
201
|
server: Nginx::RailsServer.new(domain: domain),
|
|
201
202
|
listen: Nginx::ListenHttp.new,
|
|
@@ -207,7 +208,8 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
207
208
|
accel_location: accel_location,
|
|
208
209
|
domain: domain
|
|
209
210
|
),
|
|
210
|
-
domain: domain
|
|
211
|
+
domain: domain,
|
|
212
|
+
rails_env: rails_env
|
|
211
213
|
)
|
|
212
214
|
end
|
|
213
215
|
end
|
|
@@ -215,11 +217,11 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
215
217
|
class RailsHttps < Rails
|
|
216
218
|
include Https
|
|
217
219
|
|
|
218
|
-
def initialize(user, certificate_domain = nil, accel_location: nil, domain: nil)
|
|
220
|
+
def initialize(user, certificate_domain = nil, accel_location: nil, domain: nil, rails_env: "production")
|
|
219
221
|
@certificate_domain = certificate_domain || domain.domain_name
|
|
220
222
|
accel_location = Accel.new(accel_location, domain) if accel_location
|
|
221
223
|
super(user,
|
|
222
|
-
Nginx::
|
|
224
|
+
Nginx::ServerBlock.new(
|
|
223
225
|
upstream: Nginx::Upstream.new(domain.domain_name),
|
|
224
226
|
server: Nginx::RailsServer.new(domain: domain),
|
|
225
227
|
listen: Nginx::ListenHttps.new(domain.domain_name, certificate_domain),
|
|
@@ -232,7 +234,8 @@ Finally, re-run this script to configure nginx for TLS.
|
|
|
232
234
|
domain: domain
|
|
233
235
|
),
|
|
234
236
|
Nginx::TlsRedirectServerBlock.new(domain.domain_name),
|
|
235
|
-
domain: domain
|
|
237
|
+
domain: domain,
|
|
238
|
+
rails_env: rails_env
|
|
236
239
|
)
|
|
237
240
|
end
|
|
238
241
|
|
|
@@ -42,31 +42,6 @@ SERVER_BLOCK
|
|
|
42
42
|
attr_reader :accel_location, :domain, :listen, :location, :server, :upstream
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
-
class SiteServerBlock < ServerBlock
|
|
46
|
-
def make_root_directory(root_directory)
|
|
47
|
-
FileUtils.mkdir_p(server.root_directory)
|
|
48
|
-
if Process.uid.zero?
|
|
49
|
-
FileUtils.chown(server.user,
|
|
50
|
-
"www-data",
|
|
51
|
-
server.root_directory)
|
|
52
|
-
end
|
|
53
|
-
end
|
|
54
|
-
|
|
55
|
-
def save
|
|
56
|
-
make_root_directory(root_directory)
|
|
57
|
-
super
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
|
-
|
|
61
|
-
class RailsServerBlock < SiteServerBlock
|
|
62
|
-
def root_directory
|
|
63
|
-
File.join(domain.site_root, "/public")
|
|
64
|
-
end
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
class StaticServerBlock < SiteServerBlock
|
|
68
|
-
end
|
|
69
|
-
|
|
70
45
|
class TlsRedirectServerBlock < ServerBlock
|
|
71
46
|
def initialize(domain_name)
|
|
72
47
|
super(
|
|
@@ -56,6 +56,10 @@ module Runner
|
|
|
56
56
|
Runner.debug = true
|
|
57
57
|
end
|
|
58
58
|
|
|
59
|
+
opts.on("-d RAILS_ENV", "--rails-env RAILS_ENV", "Build files for the specified RAILS_ENV") do |rails_env|
|
|
60
|
+
options[:rails_env] = rails_env
|
|
61
|
+
end
|
|
62
|
+
|
|
59
63
|
opts.on("-P PROTOCOL",
|
|
60
64
|
"--protocol PROTOCOL",
|
|
61
65
|
"HTTP|HTTPS. Default: HTTPS if key files exist, else HTTP.") do |protocol|
|
|
@@ -25,8 +25,10 @@ module Runner
|
|
|
25
25
|
user = options.delete(:user)
|
|
26
26
|
certificate_domain = options.delete(:certificate_domain)
|
|
27
27
|
accel_location = options.delete(:accel_location)
|
|
28
|
+
# FIXME: This is the wrong way to do this.
|
|
29
|
+
rails_env = options.delete(:rails_env) { "production" }
|
|
28
30
|
domain = SharedInfrastructure::Domain.new(domain_name)
|
|
29
|
-
protocol_class.new(user, certificate_domain, accel_location: accel_location, domain: domain)
|
|
31
|
+
protocol_class.new(user, certificate_domain, accel_location: accel_location, domain: domain, rails_env: rails_env)
|
|
30
32
|
end
|
|
31
33
|
end
|
|
32
34
|
end
|
|
@@ -11,7 +11,7 @@ module Systemd
|
|
|
11
11
|
"redis." + domain_name
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
def write_unit_file(domain_name, domain)
|
|
14
|
+
def write_unit_file(domain_name, domain, rails_env = "production")
|
|
15
15
|
# if ENV["SECRET_KEY_BASE"].nil? ||
|
|
16
16
|
# ENV["DATABASE_USERNAME"].nil? ||
|
|
17
17
|
# ENV["DATABASE_PASSWORD"].nil? ||
|
|
@@ -42,17 +42,20 @@ module Systemd
|
|
|
42
42
|
|
|
43
43
|
# Helpful for debugging socket activation, etc.
|
|
44
44
|
# Environment=PUMA_DEBUG=1
|
|
45
|
-
Environment=RACK_ENV
|
|
46
|
-
Environment=RAILS_ENV
|
|
45
|
+
Environment=RACK_ENV=#{rails_env}
|
|
46
|
+
Environment=RAILS_ENV=#{rails_env}
|
|
47
47
|
# FIXME: The following is the wrong place
|
|
48
|
-
|
|
48
|
+
Environment=SECRET_KEY_BASE=#{ENV['SECRET_KEY_BASE']}
|
|
49
|
+
Environment=DATABASE_USERNAME=#{ENV['DATABASE_USERNAME']}
|
|
50
|
+
Environment=DATABASE_PASSWORD=#{ENV['DATABASE_PASSWORD']}
|
|
51
|
+
Environment=EMAIL_PASSWORD=#{ENV['EMAIL_PASSWORD']}
|
|
49
52
|
Environment=REDIS_URL=unix:///tmp/#{redis_location(domain_name)}.sock
|
|
50
53
|
|
|
51
54
|
# The command to start Puma
|
|
52
55
|
# NOTE: TLS would be handled by Nginx
|
|
53
56
|
ExecStart=#{Nginx.root_directory(domain_name)}/bin/puma -b #{puma_uri(domain_name)} \
|
|
54
|
-
--redirect-stdout=#{Nginx.root_directory(domain_name)}/log/puma
|
|
55
|
-
--redirect-stderr=#{Nginx.root_directory(domain_name)}/log/puma
|
|
57
|
+
--redirect-stdout=#{Nginx.root_directory(domain_name)}/log/puma-#{rails_env}.stdout.log \
|
|
58
|
+
--redirect-stderr=#{Nginx.root_directory(domain_name)}/log/puma-#{rails_env}.stderr.log
|
|
56
59
|
# ExecStart=/usr/local/bin/puma -b tcp://#{puma_uri(domain_name)}
|
|
57
60
|
|
|
58
61
|
Restart=always
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shared-infrastructure
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.17
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Larry Reid
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-04-
|
|
11
|
+
date: 2018-04-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: 'For static sites, Rails apps, and reverse proxies.
|
|
14
14
|
|