Skip to content

Instantly share code, notes, and snippets.

@Epictetus

Epictetus/deploy-with-capistrano.md

Created July 29, 2011 09:55
Show Gist options
  • Save Epictetus/1113539 to your computer and use it in GitHub Desktop.
Save Epictetus/1113539 to your computer and use it in GitHub Desktop.
Download ZIP
Random, unorganized presentation notes / guide
Raw
deploy-with-capistrano.md

Presentation Notes

Setting Up the Server

(Slightly) Hardening OpenSSH Server

Copy your key to the server then SSH into it:

user@workstation ~$ scp .ssh/id_rsa.pub server:~/.ssh/authorized_keys
user@workstation ~$ ssh server

Edit the server's /etc/ssh/sshd_config:

user@server ~$ $EDITOR /etc/ssh/sshd_config
# Change to the following:
PermitRootLogin no
PasswordAuthentication no # require public key authentication

# Make sure these lines are in the config:
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

Restart the service:

user@server ~$ sudo service ssh restart

Setting Up RVM (system-wide)

Install some required packages:

$ sudo aptitude install curl git

Install RVM:

$ sudo bash < <(curl -s https://rvm.beginrescueend.com/install/rvm)

Add yourself to the RVM group so you can install rubies and gems:

$ sudo gpasswd -a user rvm

Edit /etc/bash.bashrc and change if [ -z "$PS1" ] && return to if [[ -n "$PS1" ]] ; then. After that, add RVM's source line:

[[ -s "/usr/local/rvm/scripts/rvm" ]] && source "/usr/local/rvm/scripts/rvm"

Reload the shell with RVM:

$ source /usr/local/rvm/scripts/rvm

Edit /etc/rvmrc:

umask g+w
export rvm_path="/usr/local/rvm"
rvm_make_flags="-j2"
rvm_pretty_print_flag=1

Ignore gem documentation by creating /etc/gemrc:

gem: --no-rdoc --no-ri

Install packages required to build MRI (look at rvm notes):

$ sudo aptitude install build-essential bison openssl libreadline6 \ 
libreadline6-dev curl git-core zlib1g zlib1g-dev libssl-dev libyaml-dev \
libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev libxslt-dev autoconf \
libc6-dev ncurses-dev

Log out then log back in so the group changes from earlier take effect. Install Ruby 1.9.2 and set it as the default:

$ rvm install 1.9.2 && rvm use 1.9.2 --default
$ ruby -v
ruby 1.9.2p180 (2011-02-18 revision 30909) [i686-linux]

Installing Services

We demand services!

  • MySQL
  • Nginx
  • Thin

Install Nginx, MySQL server, and libmysqlclient-dev (needed to build mysql2 gem)

$ sudo aptitude install mysql-server nginx libmysqlclient-dev

MySQL

Optimize it on your own time! Just make sure you have bind-address = 127.0.0.1 somewhere in /etc/mysql/my.cnf.

Nginx

server {
  listen 80;
  server_name example.com;
  root /path/to/application/public;
  index index.html index.htm;

  try_files $uri/index.html $uri.html $uri @myapp;

  location @myapp {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    proxy_pass http://myapp;
  }
}

upstream myapp {
  server unix:/path/to/application/tmp/sockets/thin.0.sock;
  server unix:/path/to/application/tmp/sockets/thin.1.sock;
  server unix:/path/to/application/tmp/sockets/thin.2.sock;
  fair;
}

Thin

$ cd /path/to/application
$ thin config -C config/thin.yml -s 3 -d -S tmp/sockets/thin.sock -e production
$ git commit -am "Add thin configuration"

What About Mail?

Email from EC2 and Cloud Servers are dropped by almost every server before they even reach the spam folder of an account. cough SendGrid cough

Deploying With Capistrano

Install Capistrano & Capify the Application

$ gem install capistrano
$ cd /path/to/application
$ capify .

Write Your Recipe

...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment