rinaldifonseca · October 10, 2011 23:50
diff --git a/gistfile1.txt b/gistfile1.txt
 gzip on;
 gzip_types text/plain text/xml text/css application/javascript application/x-javascript;

 charset utf-8;

 location ~* \.(ico|css|js|gif|jp?g|png|swf)(\?[0-9]+)?$ {
    expires max;
 }

 location ~* \.(eot|ttf|woff)$ {
    add_header Access-Control-Allow-Origin *;
 }
diff --git a/mysql b/mysql
 CREATE USER 'rails'@'xxx' IDENTIFIED BY 'xxx';
 GRANT ALTER,DELETE,INSERT,SELECT,UPDATE,DROP,INDEX,CREATE ON xxx_production.* TO 'rails'@'xxx';
 FLUSH PRIVILEGES;
 exit
 cat /dev/null > ~/.mysql_history
 chmod 600 ~/.mysql_history
diff --git a/nginx b/nginx
 #! /bin/sh

 ### BEGIN INIT INFO
 # Provides:          nginx
 # Required-Start:    $all
 # Required-Stop:     $all
 # Default-Start:     2 3 4 5
 # Default-Stop:      0 1 6
 # Short-Description: starts the nginx web server
 # Description:       starts nginx using start-stop-daemon
 ### END INIT INFO

 PATH=/opt/nginx/sbin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 DAEMON=/opt/nginx/sbin/nginx
 NAME=nginx
 DESC=nginx

 test -x $DAEMON || exit 0

 # Include nginx defaults if available
 if [ -f /etc/default/nginx ] ; then
    . /etc/default/nginx
 fi

 set -e

 . /lib/lsb/init-functions

 case "$1" in
  start)
    echo -n "Starting $DESC: "
    start-stop-daemon --start --quiet --pidfile /opt/nginx/logs/$NAME.pid \
        --exec $DAEMON -- $DAEMON_OPTS || true
    echo "$NAME."
    ;;
  stop)
    echo -n "Stopping $DESC: "
    start-stop-daemon --stop --quiet --pidfile /opt/nginx/logs/$NAME.pid \
        --exec $DAEMON || true
    echo "$NAME."
    ;;
  restart|force-reload)
    echo -n "Restarting $DESC: "
    start-stop-daemon --stop --quiet --pidfile \
        /opt/nginx/logs/$NAME.pid --exec $DAEMON || true
    sleep 1
    start-stop-daemon --start --quiet --pidfile \
        /opt/nginx/logs/$NAME.pid --exec $DAEMON -- $DAEMON_OPTS || true
    echo "$NAME."
    ;;
  reload)
      echo -n "Reloading $DESC configuration: "
      start-stop-daemon --stop --signal HUP --quiet --pidfile /opt/nginx/logs/$NAME.pid \
          --exec $DAEMON || true
      echo "$NAME."
      ;;
  status)
      status_of_proc -p /opt/nginx/logs/$NAME.pid "$DAEMON" nginx && exit 0 || exit $?
      ;;
  *)
    N=/etc/init.d/$NAME
    echo "Usage: $N {start|stop|restart|reload|force-reload|status}" >&2
    exit 1
    ;;
 esac

 exit 0
diff --git a/nginx.conf b/nginx.conf
 # This is example contains the bare mininum to get nginx going with
 # Unicorn or Rainbows! servers.  Generally these configuration settings
 # are applicable to other HTTP application servers (and not just Ruby
 # ones), so if you have one working well for proxying another app
 # server, feel free to continue using it.
 #
 # The only setting we feel strongly about is the fail_timeout=0
 # directive in the "upstream" block.  max_fails=0 also has the same
 # effect as fail_timeout=0 for current versions of nginx and may be
 # used in its place.
 #
 # Users are strongly encouraged to refer to nginx documentation for more
 # details and search for other example configs.

 # you generally only need one nginx worker unless you're serving
 # large amounts of static files which require blocking disk reads
 worker_processes 1;

 # # drop privileges, root is needed on most systems for binding to port 80
 # # (or anything < 1024).  Capability-based security may be available for
 # # your system and worth checking out so you won't need to be root to
 # # start nginx to bind on 80
 user nobody nogroup; # for systems with a "nogroup"

 # Feel free to change all paths to suite your needs here, of course
 pid /tmp/nginx.pid;
 error_log /tmp/nginx.error.log;

 events {
  worker_connections 1024; # increase if you have lots of clients
  accept_mutex off; # "on" if nginx worker_processes > 1
  use epoll; # enable for Linux 2.6+
 }

 http {
  # nginx will find this file in the config directory set at nginx build time
  include mime.types;

  # fallback in case we can't determine a type
  default_type application/octet-stream;

  # click tracking!
  access_log /tmp/nginx.access.log combined;

  # you generally want to serve static files with nginx since neither
  # Unicorn nor Rainbows! is optimized for it at the moment
  sendfile on;

  tcp_nopush on; # off may be better for *some* Comet/long-poll stuff
  tcp_nodelay off; # on may be better for some Comet/long-poll stuff

  # we haven't checked to see if Rack::Deflate on the app server is
  # faster or not than doing compression via nginx.  It's easier
  # to configure it all in one place here for static files and also
  # to disable gzip for clients who don't get gzip/deflate right.
  # There are other other gzip settings that may be needed used to deal with
  # bad clients out there, see http://wiki.nginx.org/NginxHttpGzipModule
  gzip on;
  gzip_http_version 1.0;
  gzip_proxied any;
  gzip_min_length 500;
  gzip_disable "MSIE [1-6]\.";
  gzip_types text/plain text/html text/xml text/css
             text/comma-separated-values
             text/javascript application/x-javascript
             application/atom+xml;

  # this can be any application server, not just Unicorn/Rainbows!
  upstream app_server {
    # fail_timeout=0 means we always retry an upstream even if it failed
    # to return a good HTTP response (in case the Unicorn master nukes a
    # single worker for timing out).

    # for UNIX domain socket setups:
    server unix:/tmp/.sock fail_timeout=0;

    # for TCP setups, point these to your backend servers
    # server 192.168.0.7:8080 fail_timeout=0;
    # server 192.168.0.8:8080 fail_timeout=0;
    # server 192.168.0.9:8080 fail_timeout=0;
  }

  server {
    # enable one of the following if you're on Linux or FreeBSD
    listen 80 default deferred; # for Linux

    # If you have IPv6, you'll likely want to have two separate listeners.
    # One on IPv4 only (the default), and another on IPv6 only instead
    # of a single dual-stack listener.  A dual-stack listener will make
    # for ugly IPv4 addresses in $remote_addr (e.g ":ffff:10.0.0.1"
    # instead of just "10.0.0.1") and potentially trigger bugs in
    # some software.
    # listen [::]:80 ipv6only=on; # deferred or accept_filter recommended

    client_max_body_size 4G;
    server_name _;

    # ~2 seconds is often enough for most folks to parse HTML/CSS and
    # retrieve needed images/icons/frames, connections are cheap in
    # nginx so increasing this is generally safe...
    keepalive_timeout 5;

    # path for static files
    root /varl/local/apps/#{APP_NAME}/public;

    # Prefer to serve static files directly from nginx to avoid unnecessary
    # data copies from the application server.
    #
    # try_files directive appeared in in nginx 0.7.27 and has stabilized
    # over time.  Older versions of nginx (e.g. 0.6.x) requires
    # "if (!-f $request_filename)" which was less efficient:
    # http://bogomips.org/unicorn.git/tree/examples/nginx.conf?id=v3.3.1#n127
    try_files $uri/index.html $uri.html $uri @app;

    location @app {
      # an HTTP header important enough to have its own Wikipedia entry:
      #   http://en.wikipedia.org/wiki/X-Forwarded-For
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

      # enable this if and only if you use HTTPS, this helps Rack
      # set the proper protocol for doing redirects:
      # proxy_set_header X-Forwarded-Proto https;

      # pass the Host: header from the client right along so redirects
      # can be set properly within the Rack application
      proxy_set_header Host $http_host;

      # we don't want nginx trying to do something clever with
      # redirects, we set the Host: header above already.
      proxy_redirect off;

      # set "proxy_buffering off" *only* for Rainbows! when doing
      # Comet/long-poll/streaming.  It's also safe to set if you're using
      # only serving fast clients with Unicorn + nginx, but not slow
      # clients.  You normally want nginx to buffer responses to slow
      # clients, even with Rails 3.1 streaming because otherwise a slow
      # client can become a bottleneck of Unicorn.
      #
      # The Rack application may also set "X-Accel-Buffering (yes|no)"
      # in the response headers do disable/enable buffering on a
      # per-response basis.
      # proxy_buffering off;

      proxy_pass http://app_server;
    }

    # Rails error pages
    error_page 500 502 503 504 /500.html;
    location = /500.html {
      root /var/local/apps/#{APP_NAME}/public;
    }
  }
 }
diff --git a/ubuntu_ruby_192_unicorn_nginx.sh b/ubuntu_ruby_192_unicorn_nginx.sh
 adduser deploy

 mkdir /var/local/apps

 chown deploy /var/local/apps

 apt-get update

 apt-get install rubygems1.8 ruby-dev build-essential libopenssl-ruby libssl-dev zlib1g-dev libreadline5-dev libmysql-ruby1.8 libmysqlclient-dev libpgsql-ruby postgresql-client libsqlite3-dev libpq-dev git-core libxml2-dev libxslt-dev libcurl4-openssl-dev strace htop zip curl duplicity imagemagick nginx libmagick9-dev ufw -y

 ufw default deny
 ufw allow 80
 ufw allow 443
 ufw allow ssh
 ufw logging on
 ufw enable

 cd /tmp/ && wget ftp://ftp.ruby-lang.org//pub/ruby/1.9/ruby-1.9.2-p0.tar.gz
 tar -xvzf ruby-1.9.2-p0.tar.gz
 cd ruby-1.9.2-p0/
 ./configure --prefix=/usr/local/ruby
 make && sudo make install





 gem update --system
 gem install bundler inploy unicorn --no-ri --no-rdoc

 cd /tmp/ && wget http://nodejs.org/dist/node-v0.4.5.tar.gz && tar xvzf node-v0.4.5.tar.gz && cd node-v0.4.5 && ./configure && make && make install
 curl http://npmjs.org/install.sh | sh
 npm install coffee-script

 wget --no-check-certificate https://gist.github.com/raw/367607/985fbfaf2c0b496bd4ad28896c41008fa334e979/nginx -O /etc/init.d/nginx
 chmod +x /etc/init.d/nginx
 /usr/sbin/update-rc.d -f nginx defaults

 su deploy

 ssh-keygen
diff --git a/ubuntu_rubyee_187_passenger_nginx.sh b/ubuntu_rubyee_187_passenger_nginx.sh
 adduser deploy

 mkdir /var/local/apps

 chown deploy /var/local/apps

 apt-get update

 apt-get install rubygems1.8 ruby-dev build-essential libopenssl-ruby libssl-dev zlib1g-dev libreadline5-dev libmysql-ruby1.8 libmysqlclient-dev libpgsql-ruby postgresql-client libsqlite3-dev libpq-dev git-core libxml2-dev libxslt-dev libcurl4-openssl-dev strace htop zip curl duplicity imagemagick ufw -y

 ufw default deny
 ufw allow 80
 ufw allow 443
 ufw allow ssh
 ufw loggin on
 ufw enable

 cd /tmp/ && wget http://rubyenterpriseedition.googlecode.com/files/ruby-enterprise_1.8.7-2011.03_amd64_ubuntu10.04.deb && dpkg -i ruby-enterprise_1.8.7-2011.03_amd64_ubuntu10.04.deb

 gem update --system
 gem install bundler inploy passenger --no-ri --no-rdoc

 passenger-install-nginx-module

 cd /tmp/ && wget http://nodejs.org/dist/node-v0.4.5.tar.gz && tar xvzf node-v0.4.5.tar.gz && cd node-v0.4.5 && ./configure && make && make install
 curl http://npmjs.org/install.sh | sh
 npm install coffee-script

 wget --no-check-certificate https://gist.github.com/raw/367607/985fbfaf2c0b496bd4ad28896c41008fa334e979/nginx -O /etc/init.d/nginx
 chmod +x /etc/init.d/nginx
 /usr/sbin/update-rc.d -f nginx defaults

 su deploy

 ssh-keygen
	gzip on;
	gzip_types text/plain text/xml text/css application/javascript application/x-javascript;

	charset utf-8;

	location ~* \.(ico\|css\|js\|gif\|jp?g\|png\|swf)(\?[0-9]+)?$ {
	expires max;
	}

	location ~* \.(eot\|ttf\|woff)$ {
	add_header Access-Control-Allow-Origin *;
	}
	CREATE USER 'rails'@'xxx' IDENTIFIED BY 'xxx';
	GRANT ALTER,DELETE,INSERT,SELECT,UPDATE,DROP,INDEX,CREATE ON xxx_production.* TO 'rails'@'xxx';
	FLUSH PRIVILEGES;
	exit
	cat /dev/null > ~/.mysql_history
	chmod 600 ~/.mysql_history
	#! /bin/sh

	### BEGIN INIT INFO
	# Provides: nginx
	# Required-Start: $all
	# Required-Stop: $all
	# Default-Start: 2 3 4 5
	# Default-Stop: 0 1 6
	# Short-Description: starts the nginx web server
	# Description: starts nginx using start-stop-daemon
	### END INIT INFO

	PATH=/opt/nginx/sbin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
	DAEMON=/opt/nginx/sbin/nginx
	NAME=nginx
	DESC=nginx

	test -x $DAEMON \|\| exit 0

	# Include nginx defaults if available
	if [ -f /etc/default/nginx ] ; then
	. /etc/default/nginx
	fi

	set -e

	. /lib/lsb/init-functions

	case "$1" in
	start)
	echo -n "Starting $DESC: "
	start-stop-daemon --start --quiet --pidfile /opt/nginx/logs/$NAME.pid \
	--exec $DAEMON -- $DAEMON_OPTS \|\| true
	echo "$NAME."
	;;
	stop)
	echo -n "Stopping $DESC: "
	start-stop-daemon --stop --quiet --pidfile /opt/nginx/logs/$NAME.pid \
	--exec $DAEMON \|\| true
	echo "$NAME."
	;;
	restart\|force-reload)
	echo -n "Restarting $DESC: "
	start-stop-daemon --stop --quiet --pidfile \
	/opt/nginx/logs/$NAME.pid --exec $DAEMON \|\| true
	sleep 1
	start-stop-daemon --start --quiet --pidfile \
	/opt/nginx/logs/$NAME.pid --exec $DAEMON -- $DAEMON_OPTS \|\| true
	echo "$NAME."
	;;
	reload)
	echo -n "Reloading $DESC configuration: "
	start-stop-daemon --stop --signal HUP --quiet --pidfile /opt/nginx/logs/$NAME.pid \
	--exec $DAEMON \|\| true
	echo "$NAME."
	;;
	status)
	status_of_proc -p /opt/nginx/logs/$NAME.pid "$DAEMON" nginx && exit 0 \|\| exit $?
	;;
	*)
	N=/etc/init.d/$NAME
	echo "Usage: $N {start\|stop\|restart\|reload\|force-reload\|status}" >&2
	exit 1
	;;
	esac

	exit 0
	# This is example contains the bare mininum to get nginx going with
	# Unicorn or Rainbows! servers. Generally these configuration settings
	# are applicable to other HTTP application servers (and not just Ruby
	# ones), so if you have one working well for proxying another app
	# server, feel free to continue using it.
	#
	# The only setting we feel strongly about is the fail_timeout=0
	# directive in the "upstream" block. max_fails=0 also has the same
	# effect as fail_timeout=0 for current versions of nginx and may be
	# used in its place.
	#
	# Users are strongly encouraged to refer to nginx documentation for more
	# details and search for other example configs.

	# you generally only need one nginx worker unless you're serving
	# large amounts of static files which require blocking disk reads
	worker_processes 1;

	# # drop privileges, root is needed on most systems for binding to port 80
	# # (or anything < 1024). Capability-based security may be available for
	# # your system and worth checking out so you won't need to be root to
	# # start nginx to bind on 80
	user nobody nogroup; # for systems with a "nogroup"

	# Feel free to change all paths to suite your needs here, of course
	pid /tmp/nginx.pid;
	error_log /tmp/nginx.error.log;

	events {
	worker_connections 1024; # increase if you have lots of clients
	accept_mutex off; # "on" if nginx worker_processes > 1
	use epoll; # enable for Linux 2.6+
	}

	http {
	# nginx will find this file in the config directory set at nginx build time
	include mime.types;

	# fallback in case we can't determine a type
	default_type application/octet-stream;

	# click tracking!
	access_log /tmp/nginx.access.log combined;

	# you generally want to serve static files with nginx since neither
	# Unicorn nor Rainbows! is optimized for it at the moment
	sendfile on;

	tcp_nopush on; # off may be better for some Comet/long-poll stuff
	tcp_nodelay off; # on may be better for some Comet/long-poll stuff

	# we haven't checked to see if Rack::Deflate on the app server is
	# faster or not than doing compression via nginx. It's easier
	# to configure it all in one place here for static files and also
	# to disable gzip for clients who don't get gzip/deflate right.
	# There are other other gzip settings that may be needed used to deal with
	# bad clients out there, see http://wiki.nginx.org/NginxHttpGzipModule
	gzip on;
	gzip_http_version 1.0;
	gzip_proxied any;
	gzip_min_length 500;
	gzip_disable "MSIE [1-6]\.";
	gzip_types text/plain text/html text/xml text/css
	text/comma-separated-values
	text/javascript application/x-javascript
	application/atom+xml;

	# this can be any application server, not just Unicorn/Rainbows!
	upstream app_server {
	# fail_timeout=0 means we always retry an upstream even if it failed
	# to return a good HTTP response (in case the Unicorn master nukes a
	# single worker for timing out).

	# for UNIX domain socket setups:
	server unix:/tmp/.sock fail_timeout=0;

	# for TCP setups, point these to your backend servers
	# server 192.168.0.7:8080 fail_timeout=0;
	# server 192.168.0.8:8080 fail_timeout=0;
	# server 192.168.0.9:8080 fail_timeout=0;
	}

	server {
	# enable one of the following if you're on Linux or FreeBSD
	listen 80 default deferred; # for Linux

	# If you have IPv6, you'll likely want to have two separate listeners.
	# One on IPv4 only (the default), and another on IPv6 only instead
	# of a single dual-stack listener. A dual-stack listener will make
	# for ugly IPv4 addresses in $remote_addr (e.g ":ffff:10.0.0.1"
	# instead of just "10.0.0.1") and potentially trigger bugs in
	# some software.
	# listen [::]:80 ipv6only=on; # deferred or accept_filter recommended

	client_max_body_size 4G;
	server_name _;

	# ~2 seconds is often enough for most folks to parse HTML/CSS and
	# retrieve needed images/icons/frames, connections are cheap in
	# nginx so increasing this is generally safe...
	keepalive_timeout 5;

	# path for static files
	root /varl/local/apps/#{APP_NAME}/public;

	# Prefer to serve static files directly from nginx to avoid unnecessary
	# data copies from the application server.
	#
	# try_files directive appeared in in nginx 0.7.27 and has stabilized
	# over time. Older versions of nginx (e.g. 0.6.x) requires
	# "if (!-f $request_filename)" which was less efficient:
	# http://bogomips.org/unicorn.git/tree/examples/nginx.conf?id=v3.3.1#n127
	try_files $uri/index.html $uri.html $uri @app;

	location @app {
	# an HTTP header important enough to have its own Wikipedia entry:
	# http://en.wikipedia.org/wiki/X-Forwarded-For
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

	# enable this if and only if you use HTTPS, this helps Rack
	# set the proper protocol for doing redirects:
	# proxy_set_header X-Forwarded-Proto https;

	# pass the Host: header from the client right along so redirects
	# can be set properly within the Rack application
	proxy_set_header Host $http_host;

	# we don't want nginx trying to do something clever with
	# redirects, we set the Host: header above already.
	proxy_redirect off;

	# set "proxy_buffering off" only for Rainbows! when doing
	# Comet/long-poll/streaming. It's also safe to set if you're using
	# only serving fast clients with Unicorn + nginx, but not slow
	# clients. You normally want nginx to buffer responses to slow
	# clients, even with Rails 3.1 streaming because otherwise a slow
	# client can become a bottleneck of Unicorn.
	#
	# The Rack application may also set "X-Accel-Buffering (yes\|no)"
	# in the response headers do disable/enable buffering on a
	# per-response basis.
	# proxy_buffering off;

	proxy_pass http://app_server;
	}

	# Rails error pages
	error_page 500 502 503 504 /500.html;
	location = /500.html {
	root /var/local/apps/#{APP_NAME}/public;
	}
	}
	}
	adduser deploy

	mkdir /var/local/apps

	chown deploy /var/local/apps

	apt-get update

	apt-get install rubygems1.8 ruby-dev build-essential libopenssl-ruby libssl-dev zlib1g-dev libreadline5-dev libmysql-ruby1.8 libmysqlclient-dev libpgsql-ruby postgresql-client libsqlite3-dev libpq-dev git-core libxml2-dev libxslt-dev libcurl4-openssl-dev strace htop zip curl duplicity imagemagick nginx libmagick9-dev ufw -y

	ufw default deny
	ufw allow 80
	ufw allow 443
	ufw allow ssh
	ufw logging on
	ufw enable

	cd /tmp/ && wget ftp://ftp.ruby-lang.org//pub/ruby/1.9/ruby-1.9.2-p0.tar.gz
	tar -xvzf ruby-1.9.2-p0.tar.gz
	cd ruby-1.9.2-p0/
	./configure --prefix=/usr/local/ruby
	make && sudo make install





	gem update --system
	gem install bundler inploy unicorn --no-ri --no-rdoc

	cd /tmp/ && wget http://nodejs.org/dist/node-v0.4.5.tar.gz && tar xvzf node-v0.4.5.tar.gz && cd node-v0.4.5 && ./configure && make && make install
	curl http://npmjs.org/install.sh \| sh
	npm install coffee-script

	wget --no-check-certificate https://gist.github.com/raw/367607/985fbfaf2c0b496bd4ad28896c41008fa334e979/nginx -O /etc/init.d/nginx
	chmod +x /etc/init.d/nginx
	/usr/sbin/update-rc.d -f nginx defaults

	su deploy

	ssh-keygen