hexlet.io: configuration management and deploy

apprunner.sh.j2

#!/usr/bin/env bash

. /etc/environment
export HEXLET_VERSION

${RUN_ARGS:=''}

COMMAND="/usr/bin/docker run --read-only --rm \
    $RUN_ARGS \
    -v /tmp:/tmp \
    -v /var/tmp:/var/tmp \
    -p {{ unicorn_port }}:{{ unicorn_port }} \
    -e AWS_REGION={{ aws_region }} \
    -e SECRET_KEY_BASE={{ secret_key_base }} \
    -e DATABASE_URL={{ database_url }} \
    -e RAILS_ENV={{ rails_env }} \
    -e SMTP_USER_NAME={{ smtp_user_name }} \
    -e SMTP_PASSWORD={{ smtp_password }} \
    -e SMTP_ADDRESS={{ smtp_address }} \
    -e SMTP_PORT={{ smtp_port }} \
    -e SMTP_AUTHENTICATION={{ smtp_authentication }} \
    -e DOCKER_IP={{ docker_ip }} \
    -e STATSD_PORT={{ statsd_port }} \
    -e DOCKER_HUB_USERNAME={{ docker_hub_username }} \
    -e DOCKER_HUB_PASSWORD={{ docker_hub_password }} \
    -e DOCKER_HUB_EMAIL={{ docker_hub_email }} \
    -e DOCKER_EXERCISE_PREFIX={{ docker_exercise_prefix }} \
    -e FACEBOOK_CLIENT_ID={{ facebook_client_id }} \
    -e FACEBOOK_CLIENT_SECRET={{ facebook_client_secret }} \
    -e HEXLET_IDE_VERSION={{ hexlet_ide_image_tag }} \
    -e CDN_HOST={{ cdn_host }} \
    -e REFILE_CACHE_DIR={{ refile_cache_dir }} \
    -e CONTAINER_SERVER={{ container_server }} \
    -e CONTAINER_PORT={{ container_port }} \
    -e DOCKER_API_VERSION={{ docker_api_version }} \
    hexlet/hexlet-{{ rails_env }}:$HEXLET_VERSION $@"

eval $COMMAND

build.yml

- hosts: bastions
  gather_facts: no

  vars:
    clone_dir: /var/tmp/hexlet

  tasks:
    - git:
        repo: [email protected]:Hexlet/hexlet.git
        dest: '{{ clone_dir }}'
        accept_hostkey: yes
        key_file: /home/{{ run_user }}/.ssh/deploy_rsa
      become: yes
      become_user: '{{ run_user }}'

    - shell: 'cd {{ clone_dir }} && docker build -t hexlet/hexlet-production:{{ hexlet_image_tag }} .'
      become: yes
      become_user: '{{ run_user }}'

    - shell: 'docker push hexlet/hexlet-production:{{ hexlet_image_tag }}'
      become: yes
      become_user: '{{ run_user }}'

deploy.yml

- hosts: localhost
  gather_facts: no
  tasks:
  - local_action:
      module: slack
      domain: hexlet.slack.com
      token: {{ slack_token }}
      msg: "deploy started: {{ rails_env }}:{{ hexlet_image_tag }}"
      channel: "#operation"
      username: "{{ ansible_ssh_user }}"

- hosts: appservers
  gather_facts: no
  tasks:
    - shell: docker pull hexlet/hexlet-{{ rails_env }}:{{ hexlet_image_tag }}
      become: yes
      become_user: '{{ run_user }}'

    - name: update hexlet version
      become: yes
      lineinfile:
        regexp: "HEXLET_VERSION"
        line: "HEXLET_VERSION={{ hexlet_image_tag }}"
        dest: /etc/environment
        backup: yes
        state: present

- hosts: jobservers
  gather_facts: no
  tasks:
    - become: yes
      become_user: '{{ run_user }}'
      run_once: yes
      delegate_to: '{{ migration_server }}'
      shell: >
        docker run --rm
        -e 'SECRET_KEY_BASE={{ secret_key_base }}'
        -e 'DATABASE_URL={{ database_url }}'
        -e 'RAILS_ENV={{ rails_env }}'
        hexlet/hexlet-{{ rails_env }}:{{ hexlet_image_tag }}
        rake db:migrate

- hosts: webservers
  gather_facts: no
  tasks:
    - service: name=nginx state=running
      become: yes
      tags: nginx

    - service: name=unicorn state=restarted
      become: yes
      tags: [unicorn, app]

- hosts: jobservers
  gather_facts: no
  tasks:
    - service: name=activejob state=restarted
      become: yes
      tags: [activejob, app]

- hosts: localhost
  gather_facts: no
  tasks:

  - name: "Send deploy hook to honeybadger"
    local_action: shell cd .. && bundle exec honeybadger deploy --environment={{ rails_env }}

  - local_action:
      module: slack
      domain: hexlet.slack.com
      token: {{ slack_token }}
      msg: "deploy completed ({{ rails_env }})"
      channel: "#operation"
      username: "{{ ansible_ssh_user }}"
      # link_names: 0
      # parse: 'none'

Dockerfile

FROM ruby:2.2.1

RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app

ENV RAILS_ENV production
ENV REFILE_CACHE_DIR /var/tmp/uploads

RUN curl -sL https://deb.nodesource.com/setup | bash -

RUN apt-get update -qq \
  && apt-get install -yqq apt-transport-https libxslt-dev libxml2-dev nodejs imagemagick

RUN echo deb https://get.docker.com/ubuntu docker main > /etc/apt/sources.list.d/docker.list \
  && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 \
  && apt-get update -qq \
  && apt-get install -qqy lxc-docker-1.5.0

# bundle config build.rugged --use-system-libraries
# bundle config build.nokogiri --use-system-libraries

COPY Gemfile /usr/src/app/
COPY Gemfile.lock /usr/src/app/
COPY package.json /usr/src/app/

# without development test
RUN npm install
RUN bundle install --without development test

COPY . /usr/src/app
RUN ./node_modules/gulp/bin/gulp.js webpack_production
RUN bin/rake assets:precompile

VOLUME /usr/src/app/tmp
VOLUME /var/folders

upstart.unicorn.conf.j2

description "Unicorn"

start on filesystem or runlevel [2345]
stop on runlevel [!2345]

env HOME=/home/{{ run_user }}
# change to match your deployment user
setuid {{ run_user }}
setgid team

respawn
respawn limit 3 30

pre-start script
    . /etc/environment
    export HEXLET_VERSION

    /usr/bin/docker pull hexlet/hexlet-{{ rails_env }}:$HEXLET_VERSION
    /usr/bin/docker rm -f unicorn || true
end script

pre-stop script
    /usr/bin/docker rm -f unicorn || true
end script

script
  . /etc/environment
  export HEXLET_VERSION

  RUN_ARGS='--name unicorn' ~/apprunner.sh bundle exec unicorn_rails -p {{ unicorn_port }}
end script