SSH into Root
$ ssh [email protected]
The first thing we will do on our new server is create the user account we'll be using to run our applications and work from there.
$ sudo adduser deploy
sudo adduser deploy sudo
su deploy
Before we move forward is that we're going to setup SSH to authenticate via keys instead of having to use a password to login. It's more secure and will save you time in the long run.
We're going to use ssh-copy-id to do this. If you're on OSX you may need to run brew install ssh-copy-id but if you're following this tutorial on Linux desktop, you should already have it.
$$ Once you've got ssh-copy-id installed, run the following and replace IPADDRESS with the one for your server:
Make sure you run ssh-copy-id on your computer, and NOT the server.
$ ssh-copy-id deploy@IPADDRESS
Now when you run ssh deploy@IPADDRESS you will be logged in automatically. Go ahead and SSH again and verify that it doesn't ask for your password before moving onto the next step.
$ For the rest of this tutorial, make sure you are logged in as the deploy user on the server!
Install Curl
$ sudo apt-get update
$ sudo apt-get install curl
Install RVM
$ gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
$ \curl -sSL https://get.rvm.io | bash -s stable
$ source ~/.rvm/scripts/rvm
$ rvm requirements
$ rvm install 2.2.0
$ rvm use 2.2.0 --default
$ rvm rubygems current
Install PostgreSQL
$ sudo apt-get install postgresql postgresql-server-dev-9.5 postgresql-contrib libpq-dev
$ gem install pg -- --with-pg-config=/usr/bin/pg_config
Create Postgres User
$sudo su - postgres
createuser deploy --pwprompt
exit
Install GIT
$ sudo apt-get install git-core
Install Bundler
$ echo "gem: --no-ri --no-rdoc" > ~/.gemrc
$ gem install bundler
Setup Nginx
$ sudo apt-get install nginx
$ nginx -h
$ cat /etc/init.d/nginx
$ /etc/init.d/nginx -h
$ sudo service nginx start
$ sudo vim /etc/nginx/sites-enabled/default
upstream unicorn {
server unix:/tmp/unicorn.MYAPP.sock fail_timeout=0;
}
server {
listen 80 default deferred;
# server_name example.com;
root /home/deployer/apps/MYAPP/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location ~ ^/(robots.txt|sitemap.xml.gz)/ {
root /home/deployer/apps/MYAPP/current/public;
}
try_files $uri/index.html $uri @unicorn;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
Add Unicorn
$ vim Gemfile
gem 'unicorn'
Update Unicorn Config
$ vim config/unicorn/production.rb
root = "/home/deployer/apps/MYAPP/current"
working_directory root
pid "#{root}/tmp/pids/unicorn.pid"
stderr_path "#{root}/log/unicorn.log"
stdout_path "#{root}/log/unicorn.log"
worker_processes Integer(ENV['WEB_CONCURRENCY'])
timeout 30
preload_app true
listen '/tmp/unicorn.spui.sock', backlog: 64
before_fork do |server, worker|
Signal.trap 'TERM' do
puts 'Unicorn master intercepting TERM and sending myself QUIT instead'
Process.kill 'QUIT', Process.pid
end
defined?(ActiveRecord::Base) and
ActiveRecord::Base.connection.disconnect!
end
after_fork do |server, worker|
Signal.trap 'TERM' do
puts 'Unicorn worker intercepting TERM and doing nothing. Wait for master to send QUIT'
end
defined?(ActiveRecord::Base) and
ActiveRecord::Base.establish_connection
end
# Force the bundler gemfile environment variable to
# reference the capistrano "current" symlink
before_exec do |_|
ENV['BUNDLE_GEMFILE'] = File.join(root, 'Gemfile')
end
Add Capistrano
$ vim Gemfile
group :development do
gem 'capistrano-rails'
gem 'capistrano-rvm'
gem 'capistrano3-unicorn'
end
Install Capistrano
$ bundle exec cap install
Update Capistrano Capfile
$ vim Capfile
require 'capistrano/setup'
require 'capistrano/deploy'
require 'capistrano/rvm'
require 'capistrano/bundler'
require 'capistrano/rails/assets'
require 'capistrano/rails/migrations'
require 'capistrano3/unicorn'
# Load custom tasks from `lib/capistrano/tasks' if you have any defined
Dir.glob('lib/capistrano/tasks/*.rake').each { |r| import r }
Update Capistrano Deploy Config
$ vim config/deploy.rb
lock '3.3.5'
set :application, 'spui'
set :repo_url, '[email protected]:MYGITHUB/MYAPP.git'
ask :branch, proc { `git rev-parse --abbrev-ref HEAD`.chomp }.call
set :use_sudo, false
set :bundle_binstubs, nil
set :linked_files, fetch(:linked_files, []).push('config/database.yml')
set :linked_dirs, fetch(:linked_dirs, []).push('log', 'tmp/pids', 'tmp/cache', 'tmp/sockets', 'vendor/bundle', 'public/system')
after 'deploy:publishing', 'deploy:restart'
namespace :deploy do
task :restart do
invoke 'unicorn:reload'
end
end
Update Production Deploy Config
$ vim config/deploy/production.rb
set :port, 22
set :user, 'deployer'
set :deploy_via, :remote_cache
set :use_sudo, false
server '123.333.333.333',
roles: [:web, :app, :db],
port: fetch(:port),
user: fetch(:user),
primary: true
set :deploy_to, "/home/#{fetch(:user)}/apps/#{fetch(:application)}"
set :ssh_options, {
forward_agent: true,
auth_methods: %w(publickey),
user: 'deployer',
}
set :rails_env, :production
set :conditionally_migrate, true
Add SSH Key to DigitalOcean
$ cat ~/.ssh/id_rsa.pub | ssh -p 22 [email protected] 'cat >> ~/.ssh/authorized_keys'
Say Hi to Github
# follow the steps in this guide if receive permission denied(public key)
# https://help.github.com/articles/error-permission-denied-publickey
$ ssh [email protected]
Check Deployment (Commit and Push)
$ cap deploy:setup
$ cap production deploy:check
Deploy
$ cap production deploy
Thanks to James Dullaghan for his help.