Skip to content

Instantly share code, notes, and snippets.

@nicholasshirley

nicholasshirley/DO_cap_no_AR.md

Last active December 30, 2018 02:28
Show Gist options
  • Save nicholasshirley/518ecdda7e8a153d7b49f0ad1e3a4668 to your computer and use it in GitHub Desktop.
Save nicholasshirley/518ecdda7e8a153d7b49f0ad1e3a4668 to your computer and use it in GitHub Desktop.
Download ZIP
Set up DO Rails + nginx + Puma + Capistrano (No ActiveRecord)
Raw
DO_cap_no_AR.md

Steps to get droplet up and running with just Ubuntu 16.04

  1. Create non-root user
adduser production
usermod -aG sudo production
ssh-keygen
cat ~/.ssh/id_rsa.pub

su - production
mkdir ~/.ssh
chmod 700 ~/.ssh
vi ~/.ssh/authorized_keys
# copy in dev machine key while you're here
ssh-add -K ~/.ssh/id_rsa
chmod 600 ~/.ssh/authorized_keys
exit
ssh production@ip_address
  1. Install Node
cd ~
curl -sL https://deb.nodesource.com/setup_8.x -o nodesource_setup.sh
sudo bash nodesource_setup.sh
sudo apt-get install nodejs
nodejs -v
# Needs to be 8+
  1. Install nginx
sudo apt-get update
sudo apt-get install curl git-core nginx -y
# sudo apt-get install libpq-dev
gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
curl -sSL https://get.rvm.io | bash -s stable
source ~/.rvm/scripts/rvm
rvm requirements
rvm install 2.5.0
rvm use 2.5.0 --default
  1. Install Rails and Bundler
gem install rails -V --no-ri --no-rdoc
gem install bundler -V --no-ri --no-rdoc
  1. Set up Github key
ssh -T [email protected]
ssh-keygen -t rsa
# put into deploy key field on GH
git clone [email protected]:username/appname.git
# remove directory if successful
  1. Capistrano

Gemfile

gem 'capistrano',         require: false
 gem 'capistrano-rvm',     require: false
 gem 'capistrano-rails',   require: false
 gem 'capistrano-bundler', require: false
 gem 'capistrano3-puma',   require: false
bundle
cap install

Capfile

# Load DSL and Setup Up Stages
require 'capistrano/setup'
require 'capistrano/deploy'

# require 'capistrano/rails' if using ActiveRecord
require 'capistrano/bundler'
require 'capistrano/rails/assets'
require 'capistrano/rvm'
require 'capistrano/puma'
install_plugin Capistrano::Puma

# Loads custom tasks from `lib/capistrano/tasks' if you have any defined.
Dir.glob('lib/capistrano/tasks/*.rake').each { |r| import r }

config/deploy.rb

server '##SERVER IP###', port: ###PORT###, roles: [:web, :app, :db], primary: true

set :repo_url,        '[email protected]:###user/app.git###'
set :application,     '###app###'
set :user,            'production'
set :puma_threads,    [4, 16]
set :puma_workers,    0

# Don't change these unless you know what you're doing
set :pty,             true
set :use_sudo,        false
set :stage,           :production
set :deploy_via,      :remote_cache
set :deploy_to,       "/home/#{fetch(:user)}/apps/#{fetch(:application)}"
set :puma_bind,       "unix://#{shared_path}/tmp/sockets/#{fetch(:application)}-puma.sock"
set :puma_state,      "#{shared_path}/tmp/pids/puma.state"
set :puma_pid,        "#{shared_path}/tmp/pids/puma.pid"
set :puma_access_log, "#{release_path}/log/puma.error.log"
set :puma_error_log,  "#{release_path}/log/puma.access.log"
set :ssh_options,     { forward_agent: true, user: fetch(:user), keys: %w(~/.ssh/id_rsa.pub) }
set :puma_preload_app, true
set :puma_worker_timeout, nil
set :puma_init_active_record, true  # Change to false when not using ActiveRecord

## Defaults:
# set :scm,           :git
# set :branch,        :master
# set :format,        :pretty
# set :log_level,     :debug
# set :keep_releases, 5

## Linked Files & Directories (Default None):
# set :linked_files, %w{config/database.yml}
set :linked_dirs,  %w{bin log tmp/pids tmp/cache tmp/sockets vendor/bundle public/system}

namespace :puma do
  desc 'Create Directories for Puma Pids and Socket'
  task :make_dirs do
    on roles(:app) do
      execute "mkdir #{shared_path}/tmp/sockets -p"
      execute "mkdir #{shared_path}/tmp/pids -p"
    end
  end

  before :start, :make_dirs
end

namespace :deploy do
  desc "Make sure local git is in sync with remote."
  task :check_revision do
    on roles(:app) do
      unless `git rev-parse HEAD` == `git rev-parse origin/master`
        puts "WARNING: HEAD is not the same as origin/master"
        puts "Run `git push` to sync changes."
        exit
      end
    end
  end

  desc 'Initial Deploy'
  task :initial do
    on roles(:app) do
      before 'deploy:restart', 'puma:start'
      invoke 'deploy'
    end
  end

  desc 'Restart application'
  task :restart do
    on roles(:app), in: :sequence, wait: 5 do
      invoke 'puma:restart'
    end
  end

  before :starting,     :check_revision
  after  :finishing,    :compile_assets
  after  :finishing,    :cleanup
  after  :finishing,    :restart
end

# ps aux | grep puma    # Get puma pid
# kill -s SIGUSR2 pid   # Restart puma
# kill -s SIGTERM pid   # Stop puma
vi config/nginx.conf

upstream puma {
  server unix:///home/###USER NAME###/apps/###appname###/shared/tmp/sockets/###appname###-puma.sock;
}

server {
  listen 80 default_server deferred;
  # server_name example.com;

  root /home/###USER NAME###/apps/###appname###/current/public;
  access_log /home/###USER NAME/apps/###appname###/current/log/nginx.access.log;
  error_log /home/###USER NAME###/apps/###appname###/current/log/nginx.error.log info;

  location ^~ /assets/ {
    gzip_static on;
    expires max;
    add_header Cache-Control public;

    sendfile on;
    sendfile_max_chunk 1m;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
  }

  try_files $uri/index.html $uri @puma;
  location @puma {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;

    proxy_pass http://puma;
  }

  error_page 500 502 503 504 /500.html;
  client_max_body_size 10M;
  keepalive_timeout 10;
}

  1. Set up A records Create 2 A records for naked domain and www pointed at the DO server IP

  2. Let's Encrypt + Certbot

sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
sudo vi /etc/nginx/sites-available/default

# Add server name
server_name example.com www.example.com;

sudo nginx -t
sudo systemctl reload nginx
sudo ufw status

# should look something like this:
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
Nginx Full                 ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)
Nginx Full (v6)            ALLOW       Anywhere (v6)

# if not run:
sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'

sudo certbot --nginx -d example.com -d www.example.com

# if successful you will get a dialog asking what to do about redirects. Otherwise it's probably because it can't find the server block

sudo certbot renew --dry-run
  1. First deploy

./gitignore

# No you shoudn't do this, but it was the only way I could get it to work
# delete last lines to check in master key
git add -A
git commit -m "Set up Puma, Nginx & Capistrano"
git push origin master

cap production deploy:initial

# Assuming that goes smoothly

sudo rm /etc/nginx/sites-enabled/default
sudo ln -nfs "/home/###USER NAME###/apps/###appname###/current/config/nginx.conf" "/etc/nginx/sites-enabled/###appname###"

sudo service nginx restart
  1. Subsequent deploys
git push origin master
cap production deploy
  1. Make Rails minify css

config/environments/production.rb

# uncomment
config.assets.css_compressor = :sass

Get rid of all the sprockets langauge in app/assets/stylesheets/application.css and use @import 'stylsheet-name'; syntax.

Then rename to app/asserts/stylesheets/application.css.scss

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment