Skip to content

Instantly share code, notes, and snippets.

@mjumbewu

mjumbewu/deploy.sh

Created May 20, 2016 15:31
Show Gist options
  • Save mjumbewu/5e9a53e07400eb7997fb9253bfa96517 to your computer and use it in GitHub Desktop.
Save mjumbewu/5e9a53e07400eb7997fb9253bfa96517 to your computer and use it in GitHub Desktop.
Download ZIP
Sample contents of a .travis folder for Phila deployments on AWS
Raw
deploy.sh
#!/usr/bin/env bash
set -e
SCRIPTS_DIR=$(dirname $0)
KEYFILE=deploy.pem
INSTANCE_USER=ubuntu
ENCRYPTION_KEY='encrypted_${ENCRYPTION_ID}_key'
ENCRYPTION_IV='encrypted_${ENCRYPTION_ID}_iv'
# Install the AWS CLI if it's not already
$SCRIPTS_DIR/init_awscli.sh
echo 'Retrieving machine IP from AWS'
PROJECT_NAME=$(python -c "print('$TRAVIS_REPO_SLUG'.split('/')[1])")
INSTANCE_IP=`aws ec2 describe-instances --filters \
"Name=instance-state-name,Values=running" \
"Name=tag:Branch,Values=$TRAVIS_BRANCH" \
"Name=tag:Project,Values=$PROJECT_NAME" | \
grep '^INSTANCES' | cut -f14`
if [ -z "$INSTANCE_IP" ]; then echo "No machine found for branch \"$TRAVIS_BRANCH\". Skipping deploy" && exit 0; fi
ssh-keyscan -H $INSTANCE_IP | sudo tee --append /etc/ssh/ssh_known_hosts > /dev/null
# Copy the SSH Key
echo 'Decrypting and installing the SSH private key'
aws s3 cp s3://phila-deploy/${PROJECT_NAME}/deploy.pem.enc.$TRAVIS_BRANCH deploy.pem.enc
openssl aes-256-cbc -K \$${ENCRYPTION_KEY} -iv \$${ENCRYPTION_IV} -in deploy.pem.enc -out ~/.ssh/${KEYFILE} -d
chmod 600 ~/.ssh/deploy.pem
eval $(ssh-agent -s)
ssh-add ~/.ssh/deploy.pem
# SSH onto the machine, install git if it's not already installed, and
# download the latest version of the code. Set up the environment file and run
# the install script on the server to complete the setup process.
ssh -i $KEYFILE ${INSTANCE_USER}@${INSTANCE_IP} "
cd $PROJECT_NAME
echo 'Ensuring that git is installed'
.travis/init_gitrepo.sh $PROJECT_NAME $TRAVIS_BRANCH
echo 'Setting up environment variables'
.travis/init_envfile.sh $PROJECT_NAME $TRAVIS_BRANCH $TRAVIS_REPO_SLUG
echo 'Starting the install script'
if [ "$(sudo dpkg -l | grep "ii python-pip")" = "" ] ; then
sudo apt-get update
sudo apt-get install python-pip -y
fi
sudo pip install honcho jinja2
honcho run .travis/install_app.sh
honcho run .travis/install_server.sh
"
Raw
init_awscli.sh
#!/usr/bin/env bash
if test ! -f ~/.aws/config ; then
pip install awscli
echo 'Configuring AWS CLI'
mkdir -p ~/.aws
cat > ~/.aws/config <<EOF
[default]
aws_access_key_id = $AWS_ID
aws_secret_access_key = $AWS_SECRET
output = text
region = us-east-1
EOF
fi
Raw
init_envfile.sh
#!/usr/bin/env bash
PROJECT_NAME=$1
TRAVIS_BRANCH=$2
aws s3 cp s3://phila-deploy/${PROJECT_NAME}/.env.${TRAVIS_BRANCH} .env
echo "" >> .env # Add a blank line, just in case
echo "PROJECT_NAME=$PROJECT_NAME" >> .env
Raw
init_gitrepo.sh
#!/usr/bin/env bash
PROJECT_NAME=$1
TRAVIS_BRANCH=$2
TRAVIS_REPO_SLUG=$3
# Install git
if [ "$(sudo dpkg -l | grep "ii git")" = "" ] ; then
sudo apt-get update
sudo apt-get install git -y
fi
# Clone or pull the latest code
if test -d $PROJECT_NAME ; then
cd $PROJECT_NAME
git fetch
git checkout $TRAVIS_BRANCH
git pull
else
git clone https://github.com/${TRAVIS_REPO_SLUG}.git
cd $PROJECT_NAME
git checkout $TRAVIS_BRANCH
fi
Raw
install_app.sh
#!/usr/bin/env bash
set -e
SCRIPT_DIR=$(dirname $0)
BASE_DIR=$(dirname $SCRIPT_DIR)
VENDOR_PATH=/srv/$PROJECT_NAME/vendor
# Load utilities
. $SCRIPT_DIR/utils.sh
# Install all the project dependencies.
echo 'Installing project dependencies'
sudo apt-get update
sudo apt-get install python-pip build-essential libaio1 alien -y
sudo apt-get install libpq-dev libgeos-dev -y
sudo apt-get install python3-dev python3-pip unzip nginx -y
# Download, install, and configure any vendored requirements that can't be
# retrieved from `apt-get` into $VENDOR.
# Install python requirements on python3 with library paths
echo 'Installing other application Python requirements'
sudo pip3 install --requirement requirements.txt
# Run any management commands for migration, static files, etc.
Raw
install_server.sh
#!/usr/bin/env bash
set -e
SCRIPT_DIR=$(dirname $0)
BASE_DIR=$(dirname $SCRIPT_DIR)
VENDOR_PATH=/srv/$PROJECT_NAME/vendor
# Load utilities
. $SCRIPT_DIR/utils.sh
# Set up the web server
echo 'Setting up the web server configuration'
sudo honcho export upstart /etc/init \
--app $PROJECT_NAME \
--user nobody \
--procfile $BASE_DIR/Procfile
# Set up nginx
# https://docs.getsentry.com/on-premise/server/installation/#proxying-with-nginx
echo 'Generating an nginx configuration'
echo "$(generate_nginx_config_nossl)" | sudo tee /etc/nginx/sites-available/$PROJECT_NAME
sudo rm -f /etc/nginx/sites-enabled/default
sudo ln -fs /etc/nginx/sites-available/$PROJECT_NAME /etc/nginx/sites-enabled/$PROJECT_NAME
# Re/start the web server
echo 'Restarting the web server'
sudo service $PROJECT_NAME restart
sudo service nginx reload
Raw
utils.sh
#!/usr/bin/env bash
function generate_nginx_config() {
cat <<EOF
server {
listen 80;
return 301 https://\$host\$request_uri;
}
server {
listen 443 ssl;
ssl_certificate $SSL_CERTIFICATE;
ssl_certificate_key $SSL_CERTIFICATE_KEY;
location / {
proxy_pass_header Server;
proxy_redirect off;
proxy_set_header Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_pass http://${INTERNAL_IP:-127.0.0.1}:${PORT:-5000};
}
location /static/ {
autoindex on;
alias $SRV_ROOT/static/;
}
}
EOF
} # generate_nginx_config
function generate_nginx_config_nossl() {
cat <<EOF
server {
listen 80;
location / {
proxy_pass_header Server;
proxy_redirect off;
proxy_set_header Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_pass http://${INTERNAL_IP:-127.0.0.1}:${PORT:-5000};
}
location /static/ {
autoindex on;
alias $SRV_ROOT/static/;
}
}
EOF
} # generate_nginx_config
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment