Skip to content

Digital Ocean Setup

Jump to bottom Edit New page
Adam Michel edited this page Aug 11, 2014 · 2 revisions

Digital Ocean Lemyr Setup

This guide will cover setting up a 1GB droplet through DigitalOcean for the purpose of running Lemyr. This guide assumes you are starting with a freshly created droplet that has not been modified yet and is running Ubuntu 14.04. Certain packages may not be available in earlier or later versions of Ubuntu.

Droplet Setup

Each of these commands should be run as root until you reach the Rbenv setup steps where you substitute for the deploy user we create in the first step.

  • Create a deploy user for Capistrano and copy your SSH key to the deploy user's authorized_keys file.
useradd -m -s /bin/bash -G sudo deploy
passwd deploy
sudo -u deploy mkdir -m 700 .ssh`
cat .ssh/authorized_keys | sudo -u deploy tee -a ~/.ssh/authorized_keys
  • Install the required packages through apt.
apt-get install build-essential software-properties-common curl git-core \
libgraphviz-dev libgvc6 libmagickcore-dev libmagickwand-dev imagemagick \
libxml2-dev libxslt1-dev libreadline-dev libssl-dev postgresql-9.3 nginx \
postgresql-server-dev-9.3
  • Configure Nginx
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.orig
cat > /etc/nginx/nginx.conf <<\EOF
user deploy deploy;

# Change this depending on your hardware
worker_processes 4;
pid /var/run/nginx.pid;

events {
  worker_connections 1024;
  multi_accept on;
}

http {
  sendfile on;
  tcp_nopush on;
  tcp_nodelay off;
  types_hash_max_size 2048;
  # server_tokens off;

  # server_names_hash_bucket_size 64;
  # server_name_in_redirect off;

  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  access_log /var/log/nginx/access.log;
  error_log /var/log/nginx/error.log;

  gzip on;
  gzip_disable "msie6";

  # gzip_vary on;
  gzip_proxied any;
  gzip_min_length 500;
  # gzip_comp_level 6;
  # gzip_buffers 16 8k;
  # gzip_http_version 1.1;
  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

  ##
  # Virtual Host Configs
  ##

  include /etc/nginx/conf.d/*.conf;
  include /etc/nginx/sites-enabled/*;
}
EOF
  • Download and Setup Rbenv
su deploy
git clone https://github.com/sstephenson/rbenv.git ~/.rbenv
git clone https://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build
git clone https://github.com/sstephenson/rbenv-gem-rehash.git ~/.rbenv/plugins/rbenv-gem-rehash
cat > ~/.profile <<\EOF
export PATH="$HOME/.rbenv/bin:$PATH"
eval "$(rbenv init -)"
EOF
cat > /etc/nginx/sites-available/lemyr <<\EOF
upstream lemyr {
  server unix:/home/deploy/apps/lemyr/shared/tmp/sockets/unicorn.socket fail_timeout=0;
}

server {
    listen 80;
    server_name cowork.startup.sc;
    server_tokens off;
    client_max_body_size 10M;
    rewrite ^ https://$host$request_uri? permanent;
}

server {
    listen 443 ssl spdy;
    server_name cowork.startup.sc;
    server_tokens off;

    client_max_body_size 200M;
    root /home/deploy/apps/lemyr/current/public;
    access_log /var/log/nginx/lemyr_access.log;
    rewrite_log on;

    # SSL
    ssl on;
    ssl_session_cache shared:SSL:10m;
    ssl_certificate /etc/ssl/certs/cowork.startup.sc.crt;
    ssl_certificate_key /etc/ssl/private/cowork.startup.sc.key;
    ssl_ecdh_curve secp521r1; # obscure: http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html
    ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers RC4:HIGH:MEDIUM:!aNULL:!ADH:!kEDH:!MD5;
    ssl_prefer_server_ciphers on;
    add_header Strict-Transport-Security max-age=31536000;
    add_header X-Frame-Options DENY;

    try_files $uri/index.html $uri @unicorn;

    location @unicorn {
        #all requests are sent to the UNIX socket
        proxy_pass  http://lemyr;
        proxy_redirect     off;

        proxy_set_header   Host              $host;
        proxy_set_header   X-Real-IP         $remote_addr;
        proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;

        client_max_body_size       10m;
        client_body_buffer_size    128k;

        proxy_connect_timeout      90;
        proxy_send_timeout         90;
        proxy_read_timeout         90;

        proxy_buffer_size          4k;
        proxy_buffers              4 32k;
        proxy_busy_buffers_size    64k;
        proxy_temp_file_write_size 64k;
    }

    location /assets/ {
      gzip_static on;
      expires max;
      add_header Cache-Control public;
    }
}
EOF
ln -s /etc/nginx/sites-available/lemyr /etc/nginx/sites-enabled/lemyr

  • Edit /etc/nginx/sites-available/lemyr and replace all instances of cowork.startup.sc with your own domain name. You will also need to purchase and create an SSL certificate.

  • Reload your shell and install Ruby 2.1.2

exec $SHELL -l
rbenv install 2.1.2
rbenv global 2.1.2
gem install bundler

Lemyr is a product of Startup.SC and was created in Myrtle Beach, SC.

Add a custom sidebar

Clone this wiki locally