From fe264366612f9651964667b773159818c9022c27 Mon Sep 17 00:00:00 2001 From: Kevin Lamontagne Date: Wed, 3 Jul 2013 14:15:04 -0400 Subject: [PATCH 01/41] Set mongodb as recommendation only --- README.md | 5 +++-- metadata.json | 4 ++-- metadata.rb | 3 ++- recipes/setup.rb | 2 -- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 52953a1..75250ec 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # Description This cookbook is designed to be able to run [Errbit](http://github.com/errbit/errbit). -Its github is at [chef-errbit](https://github.com/millisami/chef-errbit) +Its github is at [chef-errbit](https://github.com/klamontagne/chef-errbit) # Requirements @@ -9,12 +9,13 @@ Developed using chef 10.14.0 and it should work with higher versions. But not te The following Opscode cookbooks are dependencies: -* mongodb * git * unicorn * apt * nginx +You also need a MongoDB installation, such as with the [mongodb cookbook](https://github.com/edelight/chef-mongodb). + # Usage Just to install the Errbit app, include the following in your wrapper cookbook's recipe diff --git a/metadata.json b/metadata.json index 36c927d..771187c 100644 --- a/metadata.json +++ b/metadata.json @@ -9,7 +9,6 @@ "ubuntu": ">= 0.0.0" }, "dependencies": { - "mongodb": ">= 0.0.0", "git": ">= 0.0.0", "unicorn": ">= 0.0.0", "apt": ">= 0.0.0", @@ -17,6 +16,7 @@ "build-essential": ">= 0.0.0" }, "recommendations": { + "mongodb": ">= 0.0.0" }, "suggestions": { }, @@ -33,4 +33,4 @@ "recipes": { }, "version": "0.4.0" -} \ No newline at end of file +} diff --git a/metadata.rb b/metadata.rb index e5b65b8..7ac3e93 100644 --- a/metadata.rb +++ b/metadata.rb @@ -6,11 +6,12 @@ long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) version "0.4.0" -depends "mongodb" depends "git" depends "unicorn" depends "apt" depends "nginx" depends "build-essential" +recommends "mongodb" + supports "ubuntu" diff --git a/recipes/setup.rb b/recipes/setup.rb index 86d74fb..4de917e 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -18,8 +18,6 @@ # limitations under the License. # -include_recipe "mongodb::10gen_repo" - node.set['build_essential']['compiletime'] = true include_recipe "build-essential" From 90a0c3c339d76310b76760ffc411f0cecd3b9934 Mon Sep 17 00:00:00 2001 From: Kevin Lamontagne Date: Fri, 5 Jul 2013 11:37:16 -0400 Subject: [PATCH 02/41] create new defaults for the unicorn.rb template --- attributes/default.rb | 8 ++++++++ recipes/unicorn.rb | 9 --------- templates/default/unicorn.conf.erb | 8 ++++---- 3 files changed, 12 insertions(+), 13 deletions(-) diff --git a/attributes/default.rb b/attributes/default.rb index ec1a4b0..d0f3ad5 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -43,6 +43,14 @@ # app server (Optional: More info in README) default['errbit']['server'] = "unicorn" # or use others like puma +default[:errbit][:unicorn][:worker_timeout] = 60 +default[:errbit][:unicorn][:worker_processes] = 2 #[node[:cpu][:total].to_i * 4, 8].min +default[:errbit][:unicorn][:preload_app] = false +default[:errbit][:unicorn][:tcp_nodelay] = true +default[:errbit][:unicorn][:backlog] = 100 +default[:errbit][:unicorn][:tcp_nopush] = true +default[:errbit][:unicorn][:tries] = 3 + default['errbit']['secret_token'] = 'b9e131c733a2672c79af5699f26e0bc5fba23a40ec51d76c9271c00097f35aa4c0993e1150f08048f0b66bd141cbcb58ab28814e35eb281c3cb2374aac160203' diff --git a/recipes/unicorn.rb b/recipes/unicorn.rb index 0e0562e..ea353b4 100644 --- a/recipes/unicorn.rb +++ b/recipes/unicorn.rb @@ -20,15 +20,6 @@ include_recipe 'unicorn' -node.default[:unicorn][:worker_timeout] = 60 -node.default[:unicorn][:worker_processes] = 2 #[node[:cpu][:total].to_i * 4, 8].min -node.default[:unicorn][:preload_app] = false -node.default[:unicorn][:tcp_nodelay] = true -node.default[:unicorn][:backlog] = 100 -node.default[:unicorn][:tcp_nopush] = true -node.default[:unicorn][:tries] = 3 -# node.default[:unicorn][:delay] = 100 - Chef::Log.info "-" * 70 Chef::Log.info "Unicorn Config" diff --git a/templates/default/unicorn.conf.erb b/templates/default/unicorn.conf.erb index 8c13964..70e9cff 100644 --- a/templates/default/unicorn.conf.erb +++ b/templates/default/unicorn.conf.erb @@ -1,4 +1,4 @@ -worker_processes <%= node[:unicorn][:worker_processes] %> +worker_processes <%= node[:errbit][:unicorn][:worker_processes] %> user "<%= node['errbit']['user'] %>" @@ -7,10 +7,10 @@ working_directory "<%= node['errbit']['deploy_to']%>/current" # listen on both a Unix domain socket and a TCP port, # use a shorter backlog for quicker failover when busy -listen "<%= node['errbit']['deploy_to']%>/shared/sockets/unicorn.sock", :backlog => <%= node[:unicorn][:backlog] %> +listen "<%= node['errbit']['deploy_to']%>/shared/sockets/unicorn.sock", :backlog => <%= node[:errbit][:unicorn][:backlog] %> listen 8080, :tcp_nopush => true -timeout <%= node[:unicorn][:worker_timeout] %> +timeout <%= node[:errbit][:unicorn][:worker_timeout] %> pid "<%= node['errbit']['deploy_to']%>/shared/pids/unicorn.pid" @@ -19,7 +19,7 @@ stdout_path "<%= node['errbit']['deploy_to']%>/shared/log/unicorn.stdout.log" # combine REE with "preload_app true" for memory savings # http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow -preload_app <%= node[:unicorn][:preload_app] %> +preload_app <%= node[:errbit][:unicorn][:preload_app] %> GC.copy_on_write_friendly = true if GC.respond_to?(:copy_on_write_friendly=) # ensure Unicorn doesn't use a stale Gemfile when restarting From 7d86b9d808a4baf630681e82263e33f7a0b4b1b1 Mon Sep 17 00:00:00 2001 From: Kevin Lamontagne Date: Fri, 5 Jul 2013 11:41:09 -0400 Subject: [PATCH 03/41] Remove unicorn & system ruby dependency, replace with rbenv --- README.md | 3 ++- attributes/default.rb | 10 ++++++++-- metadata.json | 3 ++- metadata.rb | 3 ++- recipes/install_ruby.rb | 21 --------------------- recipes/setup.rb | 36 +++++++++++++++++++++++------------- recipes/unicorn.rb | 2 -- 7 files changed, 37 insertions(+), 41 deletions(-) delete mode 100644 recipes/install_ruby.rb diff --git a/README.md b/README.md index 75250ec..710cbff 100644 --- a/README.md +++ b/README.md @@ -10,12 +10,13 @@ Developed using chef 10.14.0 and it should work with higher versions. But not te The following Opscode cookbooks are dependencies: * git -* unicorn * apt * nginx You also need a MongoDB installation, such as with the [mongodb cookbook](https://github.com/edelight/chef-mongodb). +If you have other installations of rbenv on the node, you need to edit the node's user_installs as described in [chef-rbenv's documentation](https://github.com/fnichol/chef-rbenv#-rbenv-installed-for-a-specific-user-with-rubies). + # Usage Just to install the Errbit app, include the following in your wrapper cookbook's recipe diff --git a/attributes/default.rb b/attributes/default.rb index d0f3ad5..1516a0d 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -7,15 +7,21 @@ # All rights reserved - Do Not Redistribute # + + default['errbit']['name'] = "errbit" -default['errbit']['user'] = "deployer" -default['errbit']['password'] = "$1$qqO27xay$dtmwY9NMmJiSa47xhUZm0." #errbit +default['errbit']['user'] = "errbit" default['errbit']['group'] = node['errbit']['user'] default['errbit']['deploy_to'] = "/home/#{default['errbit']['user']}/#{node['errbit']['name']}" default['errbit']['repo_url'] = "git://github.com/errbit/errbit.git" default['errbit']['revision'] = "master" default['errbit']['environment'] = "production" +# Local ruby to install via rbenv +default['errbit']['install_ruby'] = "1.9.3-p429" +default['rbenv']['user_installs'] = [{ 'user' => default['errbit']['user'] }] + + # errbit config.yml default['errbit']['config']['host'] = "errbit.example.com" default['errbit']['config']['enforce_ssl'] = false diff --git a/metadata.json b/metadata.json index 771187c..317f44f 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,8 @@ }, "dependencies": { "git": ">= 0.0.0", - "unicorn": ">= 0.0.0", + "ruby_build": ">= 0.0.0", + "rbenv": ">= 0.0.0", "apt": ">= 0.0.0", "nginx": ">= 0.0.0", "build-essential": ">= 0.0.0" diff --git a/metadata.rb b/metadata.rb index 7ac3e93..74e712e 100644 --- a/metadata.rb +++ b/metadata.rb @@ -7,7 +7,8 @@ version "0.4.0" depends "git" -depends "unicorn" +depends "ruby_build" +depends "rbenv" depends "apt" depends "nginx" depends "build-essential" diff --git a/recipes/install_ruby.rb b/recipes/install_ruby.rb deleted file mode 100644 index cfb7575..0000000 --- a/recipes/install_ruby.rb +++ /dev/null @@ -1,21 +0,0 @@ -# Helper recipe to install ruby while cooking -# This is added in the run_list in the Vagrantfile while cooking this cookbook - -package "python-software-properties" - -execute "apt-add-repository -y ppa:brightbox/ruby-ng" do - not_if "test -t /etc/apt/sources.list.d/brightbox-ruby-ng-#{node['lsb']['codename']}.list" -end - -execute "remove tmp list" do - command "cd /etc/apt/sources.list.d && rm ruby-packaged-source.list && rm ruby-packaged-source.list.save" - only_if "test -t /etc/apt/sources.list.d/ruby-packaged-source.list" -end - -execute "apt-get -y update" do - not_if "test -f /usr/bin/ruby" -end - -execute "apt-get -y install ruby1.9.3" do - not_if "test -f /usr/bin/ruby" -end diff --git a/recipes/setup.rb b/recipes/setup.rb index 4de917e..19c787f 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -22,18 +22,18 @@ include_recipe "build-essential" include_recipe "git" -gem_package "bundler" +include_recipe "nginx" group node['errbit']['group'] + user node['errbit']['user'] do action :create - comment "Deployer user" + comment "Errbit user" gid node['errbit']['group'] shell "/bin/bash" home "/home/#{node['errbit']['user']}" - password node['errbit']['password'] supports :manage_home => true - system true + system false end # Exporting the SECRET_TOKEN env var @@ -46,17 +46,28 @@ mode "0644" action :create_if_missing content "export SECRET_TOKEN=#{secret_token}\nexport RAILS_ENV=production\nexport RACK_ENV=production\n" +# setup rbenv (after git user setup) +%w{ ruby_build rbenv::user_install }.each do |requirement| + include_recipe requirement end -# execute "set RAILS_ENV var" do -# command "echo 'export RAILS_ENV=production' >> ~/.bash_profile" -# not_if "grep RAILS_ENV ~/.bash_profile" -# end +# Install appropriate Ruby with rbenv +rbenv_ruby node['errbit']['install_ruby'] do + action :install + user node['errbit']['user'] +end -# execute "set RACK_ENV var" do -# command "echo 'export RACK_ENV=production' >> ~/.bash_profile" -# not_if "grep RACK_ENV ~/.bash_profile" -# end +# Set as the rbenv default ruby +rbenv_global node['errbit']['install_ruby'] do + user node['errbit']['user'] +end + +# Install required Ruby Gems(via rbenv) +rbenv_gem "bundler" do + action :install + user node['errbit']['user'] + rbenv_version node['errbit']['install_ruby'] +end execute "update sources list" do command "apt-get update" @@ -73,7 +84,6 @@ directory node['errbit']['deploy_to'] do owner node['errbit']['user'] group node['errbit']['group'] - mode 00755 action :create recursive true end diff --git a/recipes/unicorn.rb b/recipes/unicorn.rb index ea353b4..3882e10 100644 --- a/recipes/unicorn.rb +++ b/recipes/unicorn.rb @@ -18,8 +18,6 @@ # limitations under the License. # -include_recipe 'unicorn' - Chef::Log.info "-" * 70 Chef::Log.info "Unicorn Config" From decb34d4c4d6a6073435e4b7c1caeaa173b1a5fc Mon Sep 17 00:00:00 2001 From: Kevin Lamontagne Date: Fri, 5 Jul 2013 11:47:18 -0400 Subject: [PATCH 04/41] Replace init script for su-ing into rbenv user Shamelessly stolen from GitLab https://github.com/gitlabhq/gitlabhq/blob/master/lib/support/init.d/gitlab --- recipes/unicorn.rb | 7 +- templates/default/unicorn.init.erb | 126 ++++++++++++++++++++++++++ templates/default/unicorn.service.erb | 100 -------------------- 3 files changed, 132 insertions(+), 101 deletions(-) create mode 100644 templates/default/unicorn.init.erb delete mode 100644 templates/default/unicorn.service.erb diff --git a/recipes/unicorn.rb b/recipes/unicorn.rb index 3882e10..07466a0 100644 --- a/recipes/unicorn.rb +++ b/recipes/unicorn.rb @@ -29,10 +29,15 @@ end template "/etc/init.d/unicorn_#{node['errbit']['name']}" do - source "unicorn.service.erb" + source "unicorn.init.erb" owner "root" group "root" mode 00755 + variables( + :user => node['errbit']['user'], + :deploy_to => node['errbit']['deploy_to'], + :env => node['errbit']['environment'] + ) end service "unicorn_#{node['errbit']['name']}" do diff --git a/templates/default/unicorn.init.erb b/templates/default/unicorn.init.erb new file mode 100644 index 0000000..1b62eb1 --- /dev/null +++ b/templates/default/unicorn.init.erb @@ -0,0 +1,126 @@ +#! /bin/bash + +### BEGIN INIT INFO +# Provides: errbit +# Required-Start: $local_fs $remote_fs $network $syslog +# Required-Stop: $local_fs $remote_fs $network $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Errbit +# Description: Errbit open source error catcher +### END INIT INFO + + +APP_ROOT="<%= @deploy_to %>" +APP_USER="<%= @user %>" +DAEMON_OPTS="-D -c $APP_ROOT/shared/config/unicorn.rb" +PID_PATH="$APP_ROOT/shared/tmp/pids" +SOCKET_PATH="$APP_ROOT/shared/tmp/sockets" +WEB_SERVER_PID="$APP_ROOT/shared/pids/unicorn.pid" + +NAME="errbit" +DESC="Errbit service" + +check_pid(){ + if [ -f $WEB_SERVER_PID ]; then + PID=`cat $WEB_SERVER_PID` + STATUS=`ps aux | grep $PID | grep -v grep | wc -l` + else + STATUS=0 + PID=0 + fi +} + +execute() { + sudo -u $APP_USER -H bash -l -c "cd \"$APP_ROOT/current\" ; $1" +} + +start() { + cd $APP_ROOT + check_pid + if [ "$PID" -ne 0 -a "$STATUS" -ne 0 ]; then + # Program is running, exit with error code 1. + echo "Error! $DESC $NAME is currently running!" + exit 1 + else + if [ `whoami` = root ]; then + execute "rm -f $SOCKET_PATH/errbit.socket" + execute "RAILS_ENV=<%= @env %> bundle exec unicorn $DAEMON_OPTS" + echo "$DESC started" + fi + fi +} + +stop() { + cd $APP_ROOT + check_pid + if [ "$PID" -ne 0 -a "$STATUS" -ne 0 ]; then + ## Program is running, stop it. + kill -QUIT `cat $WEB_SERVER_PID` + rm "$WEB_SERVER_PID" >> /dev/null + echo "$DESC stopped" + else + ## Program is not running, exit with error. + echo "Error! $DESC not started!" + exit 1 + fi +} + +restart() { + cd $APP_ROOT + check_pid + if [ "$PID" -ne 0 -a "$STATUS" -ne 0 ]; then + echo "Restarting $DESC..." + stop + sleep 2 + start + echo "$DESC restarted." + else + echo "$NAME not running" + start + fi +} + +status() { + cd $APP_ROOT + check_pid + if [ "$PID" -ne 0 -a "$STATUS" -ne 0 ]; then + echo "$DESC / Unicorn with PID $PID is running." + else + echo "$DESC is not running." + exit 1 + fi +} + +## Check to see if we are running as root first. +## Found at http://www.cyberciti.biz/tips/shell-root-user-check-script.html +if [ "$(id -u)" != "0" ]; then + echo "This script must be run as root" + exit 1 +fi + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + restart + ;; + reload|force-reload) + echo -n "Reloading $NAME configuration: " + kill -HUP `cat $PID` + echo "done." + ;; + status) + status + ;; + *) + echo "Usage: sudo service $NAME {start|stop|restart|reload}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/templates/default/unicorn.service.erb b/templates/default/unicorn.service.erb deleted file mode 100644 index eaad0d0..0000000 --- a/templates/default/unicorn.service.erb +++ /dev/null @@ -1,100 +0,0 @@ -#!/usr/bin/env ruby - -require 'digest/md5' - -ROOT_PATH="<%= node['errbit']['deploy_to'] %>" -APP_NAME="<%= node['errbit']['name'] %>" -PID_PATH="<%= node['errbit']['deploy_to'] %>/shared/pids/unicorn.pid" - -def run_and_print_command(command) - puts command - system(command) || exit(1) -end - -def run_and_ignore_exitcode_and_print_command(command) - puts command - system(command) -end - -def unicorn_running? - if File.exists?(PID_PATH) && (pid = File.read(PID_PATH).chomp) && system("ps aux | grep #{pid} | grep -v grep > /dev/null") - pid - else - false - end -end - -def different_gemfile? - if File.exists?("#{ROOT_PATH}/current/Gemfile") - dir = Dir["#{ROOT_PATH}/releases/*"] - previous_release_path = dir.sort[dir.size-2] - if !previous_release_path.nil? && File.exists?("#{previous_release_path}/Gemfile") - return Digest::MD5.hexdigest(File.read(ROOT_PATH + "/current/Gemfile")) != Digest::MD5.hexdigest(File.read("#{previous_release_path}/Gemfile")) - end - end - false -end - -def start_unicorn - puts "Gemfile detected - running Unicorn with bundle exec" - run_and_ignore_exitcode_and_print_command "cd #{ROOT_PATH}/current && bundle exec unicorn -E production -c #{ROOT_PATH}/shared/config/unicorn.conf -D" -end - -def stop_unicorn - if unicorn_running? - if run_and_ignore_exitcode_and_print_command "kill -QUIT `cat #{PID_PATH}`" - `rm #{PID_PATH}` - end - else - puts "You can't stop unicorn, because it's not running" - end -end - -def restart_unicorn - if unicorn_running? - run_and_ignore_exitcode_and_print_command "kill -USR2 `cat #{PID_PATH}`" - else - start_unicorn - end -end - -def clean_restart - if different_gemfile? - puts "Found a previous version with a different Gemfile: Doing a stop & start" - stop_unicorn if unicorn_running? - start_unicorn - else - puts "No previous version with a different Gemfile found. Assuming a quick restart without re-loading gems is save" - restart_unicorn - end -end - -def status_unicorn - if pid = unicorn_running? - puts "Unicorn #{APP_NAME} running with PID #{pid}" - return true - else - puts "Unicorn #{APP_NAME} not running" - return false - end -end - -case ARGV[0] -when "start" - puts "Starting Unicorn #{APP_NAME}" - start_unicorn -when "stop" - puts "Stopping Unicorn #{APP_NAME}" - stop_unicorn -when "status" - status_unicorn -when "restart" - restart_unicorn -when "clean-restart" - clean_restart -else - puts "Usage: {start|stop|status|restart|clean-restart}" - exit 1 -end - -exit 0 From 8ee3449637eff82b0db2d936d3cb8f7f7c472daa Mon Sep 17 00:00:00 2001 From: Kevin Lamontagne Date: Fri, 5 Jul 2013 11:47:38 -0400 Subject: [PATCH 05/41] Rename unicorn.conf -> unicorn.rb --- recipes/unicorn.rb | 4 ++-- templates/default/{unicorn.conf.erb => unicorn.rb.erb} | 0 2 files changed, 2 insertions(+), 2 deletions(-) rename templates/default/{unicorn.conf.erb => unicorn.rb.erb} (100%) diff --git a/recipes/unicorn.rb b/recipes/unicorn.rb index 07466a0..4fd0857 100644 --- a/recipes/unicorn.rb +++ b/recipes/unicorn.rb @@ -21,8 +21,8 @@ Chef::Log.info "-" * 70 Chef::Log.info "Unicorn Config" -template "#{node['errbit']['deploy_to']}/shared/config/unicorn.conf" do - source "unicorn.conf.erb" +template "#{node['errbit']['deploy_to']}/shared/config/unicorn.rb" do + source "unicorn.rb.erb" owner node['errbit']['user'] group node['errbit']['group'] mode 00644 diff --git a/templates/default/unicorn.conf.erb b/templates/default/unicorn.rb.erb similarity index 100% rename from templates/default/unicorn.conf.erb rename to templates/default/unicorn.rb.erb From 98965f14379a63d7a4430af2c19013727c74bff5 Mon Sep 17 00:00:00 2001 From: Kevin Lamontagne Date: Fri, 5 Jul 2013 11:49:06 -0400 Subject: [PATCH 06/41] Set environment in rbenv user's .bash_profile instead of global profile Setting in the global profile is not necessary anymore --- recipes/setup.rb | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/recipes/setup.rb b/recipes/setup.rb index 19c787f..cadc358 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -38,14 +38,12 @@ # Exporting the SECRET_TOKEN env var secret_token = rand(8**256).to_s(36).ljust(8,'a')[0..150] -# execute "set SECRET_TOKEN var" do -# command "echo 'export SECRET_TOKEN=#{secret_token}' >> ~/.bash_profile" -# not_if "grep SECRET_TOKEN ~/.bash_profile" -# end -file "/etc/profile.d/errbit_env.sh" do - mode "0644" - action :create_if_missing - content "export SECRET_TOKEN=#{secret_token}\nexport RAILS_ENV=production\nexport RACK_ENV=production\n" +execute "set SECRET_TOKEN var" do + user node['errbit']['user'] + command "echo 'export SECRET_TOKEN=#{secret_token}' >> /home/#{node['errbit']['user']}/.bash_profile" + not_if "grep SECRET_TOKEN /home/#{node['errbit']['user']}/.bash_profile" +end + # setup rbenv (after git user setup) %w{ ruby_build rbenv::user_install }.each do |requirement| include_recipe requirement From d1910717929155eb4d62b3cdfb6a1dbe2246bfab Mon Sep 17 00:00:00 2001 From: Kevin Lamontagne Date: Fri, 5 Jul 2013 11:50:09 -0400 Subject: [PATCH 07/41] Don't restart errbit_unicorn unless config changed --- recipes/unicorn.rb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/recipes/unicorn.rb b/recipes/unicorn.rb index 4fd0857..55a60dc 100644 --- a/recipes/unicorn.rb +++ b/recipes/unicorn.rb @@ -53,5 +53,11 @@ # Restarting the unicorn service "unicorn_#{node['errbit']['name']}" do - action :restart + action :nothing + subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/config.yml]" + subscribes :restart, "template[/etc/init.d/unicorn_#{node['errbit']['name']}]" + subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/unicorn.rb]" + subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/config.yml]" + subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/mongoid.yml]" + subscribes :restart, "deploy_revision[#{node['errbit']['deploy_to']}]" end From 5bd1ded5dd4ca6e9bfd393e9975d551e61439c73 Mon Sep 17 00:00:00 2001 From: Kevin Lamontagne Date: Fri, 5 Jul 2013 13:14:08 -0400 Subject: [PATCH 08/41] Remove system ruby from Vagrantfile --- Vagrantfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Vagrantfile b/Vagrantfile index 9fc76ed..670740a 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -46,7 +46,6 @@ Vagrant.configure("2") do |config| } chef.run_list = [ - 'recipe[errbit::install_ruby]', 'recipe[nginx]', 'recipe[errbit::default]', 'recipe[errbit::bootstrap]' From c328c6985ebe6789e3bd6d6de7d7307b779a28c9 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Mon, 4 May 2015 16:01:41 +0100 Subject: [PATCH 09/41] Fix licenses --- attributes/default.rb | 14 +++++++++++--- metadata.json | 15 ++++++++++++--- metadata.rb | 2 +- recipes/puma.rb | 15 +++++++++++++-- 4 files changed, 37 insertions(+), 9 deletions(-) diff --git a/attributes/default.rb b/attributes/default.rb index 1516a0d..341fdab 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -4,10 +4,18 @@ # # Copyright (C) 2013 Millisami # -# All rights reserved - Do Not Redistribute +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # - - default['errbit']['name'] = "errbit" default['errbit']['user'] = "errbit" diff --git a/metadata.json b/metadata.json index 317f44f..473be53 100644 --- a/metadata.json +++ b/metadata.json @@ -1,10 +1,10 @@ { "name": "errbit", "description": "Installs/Configures errbit", - "long_description": "# Description\n\nThis cookbook is designed to be able to run [Errbit](http://github.com/errbit/errbit).\nIts github is at [chef-errbit](https://github.com/millisami/chef-errbit)\n\n# Requirements\n\nDeveloped using chef 10.14.0 and it should work with higher versions. But not tested against chef 11 family.\n\nThe following Opscode cookbooks are dependencies:\n\n* mongodb\n* git\n* unicorn\n* apt\n* nginx\n\n# Usage\n\nJust to install the Errbit app, include the following in your wrapper cookbook's recipe\n\n include_recipe \"errbit\"\n\nOr include it in your run_list\n\n 'recpie[errbit]'\n\n\nLicense and Author\n==================\n\nAuthor:: [Sachin Sagar Rai](http://nepalonrails.com) millisami@gmail.com\n\nCopyright 2013\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n", + "long_description": "# Description\n\nThis cookbook is designed to be able to run [Errbit](http://github.com/errbit/errbit).\nIts github is at [chef-errbit](https://github.com/klamontagne/chef-errbit)\n\n# Requirements\n\nDeveloped using chef 10.14.0 and it should work with higher versions. But not tested against chef 11 family.\n\nThe following Opscode cookbooks are dependencies:\n\n* git\n* apt\n* nginx\n\nYou also need a MongoDB installation, such as with the [mongodb cookbook](https://github.com/edelight/chef-mongodb).\n\nIf you have other installations of rbenv on the node, you need to edit the node's user_installs as described in [chef-rbenv's documentation](https://github.com/fnichol/chef-rbenv#-rbenv-installed-for-a-specific-user-with-rubies).\n\n# Usage\n\nJust to install the Errbit app, include the following in your wrapper cookbook's recipe\n\n include_recipe \"errbit\"\n\nOr include it in your run_list\n\n 'recpie[errbit]'\n\n\nLicense and Author\n==================\n\nAuthor:: [Sachin Sagar Rai](http://nepalonrails.com) millisami@gmail.com\n\nCopyright 2013\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n\n[![Bitdeli Badge](https://d2weczhvl823v0.cloudfront.net/millisami/chef-errbit/trend.png)](https://bitdeli.com/free \"Bitdeli Badge\")\n\n", "maintainer": "Sachin Sagar Rai", "maintainer_email": "millisami@gmail.com", - "license": "All rights reserved", + "license": "Apache 2.0", "platforms": { "ubuntu": ">= 0.0.0" }, @@ -20,18 +20,27 @@ "mongodb": ">= 0.0.0" }, "suggestions": { + }, "conflicting": { + }, "providing": { + }, "replacing": { + }, "attributes": { + }, "groupings": { + }, "recipes": { + }, - "version": "0.4.0" + "version": "0.4.1", + "source_url": "", + "issues_url": "" } diff --git a/metadata.rb b/metadata.rb index 74e712e..e35f776 100644 --- a/metadata.rb +++ b/metadata.rb @@ -1,7 +1,7 @@ name "errbit" maintainer "Sachin Sagar Rai" maintainer_email "millisami@gmail.com" -license "All rights reserved" +license "Apache 2.0" description "Installs/Configures errbit" long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) version "0.4.0" diff --git a/recipes/puma.rb b/recipes/puma.rb index f128c55..e264940 100644 --- a/recipes/puma.rb +++ b/recipes/puma.rb @@ -1,10 +1,21 @@ # +# Author:: Sachin Sagar Rai # Cookbook Name:: errbit -# Recipe:: default +# Recipe:: puma # # Copyright (C) 2013 Millisami # -# All rights reserved - Do Not Redistribute +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # execute "puma app server" do From ef3d547ea07ce8a0ecc271ce6399278e3ec293ca Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Mon, 4 May 2015 16:13:42 +0100 Subject: [PATCH 10/41] Kitchen --- .gitignore | 1 + .kitchen.yml | 21 +++++++++++++++++++++ chefignore | 5 +++++ 3 files changed, 27 insertions(+) create mode 100644 .kitchen.yml diff --git a/.gitignore b/.gitignore index 7c417c2..c7df4af 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ Gemfile.lock *.un~ /cookbooks .chef +/.kitchen diff --git a/.kitchen.yml b/.kitchen.yml new file mode 100644 index 0000000..e5f0bfc --- /dev/null +++ b/.kitchen.yml @@ -0,0 +1,21 @@ +--- +driver: + name: vagrant + customize: + memory: 768 + network: + - ['forwarded_port', {guest: 80, host: 8080, auto_correct: true}] + +provisioner: + name: chef_zero + +platforms: + - name: ubuntu-12.04 + +suites: + - name: default + run_list: + - recipe[mongodb] + - recipe[nginx] + - recipe[errbit::default] + - recipe[errbit::bootstrap] diff --git a/chefignore b/chefignore index a6de142..07d2d20 100644 --- a/chefignore +++ b/chefignore @@ -94,3 +94,8 @@ Vagrantfile # Travis # ########## .travis.yml + +# Kitchen # +########### +.kitchen/* +.kitchen.yml From d1a950be892bea5fd10d52d45e6c8ec399a4cee3 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 5 May 2015 10:56:02 +0100 Subject: [PATCH 11/41] Current errbit needs Ruby 2.2 --- attributes/default.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/attributes/default.rb b/attributes/default.rb index 341fdab..063369f 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -26,7 +26,7 @@ default['errbit']['environment'] = "production" # Local ruby to install via rbenv -default['errbit']['install_ruby'] = "1.9.3-p429" +default['errbit']['install_ruby'] = "2.2.2" default['rbenv']['user_installs'] = [{ 'user' => default['errbit']['user'] }] From e5b699bbccf8a6108356a3d703acd95c3fef1a57 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 5 May 2015 11:18:36 +0100 Subject: [PATCH 12/41] Use rbenv_script instead of execute --- Berksfile | 5 +++-- recipes/bootstrap.rb | 7 ++++--- recipes/setup.rb | 15 +++++++-------- 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/Berksfile b/Berksfile index c4bb297..c480ebc 100644 --- a/Berksfile +++ b/Berksfile @@ -1,3 +1,4 @@ -site :opscode - +source 'https://api.berkshelf.com' metadata + +cookbook 'rbenv', :github => 'he9lin/chef-rbenv' diff --git a/recipes/bootstrap.rb b/recipes/bootstrap.rb index 55de2bc..288382b 100644 --- a/recipes/bootstrap.rb +++ b/recipes/bootstrap.rb @@ -2,10 +2,11 @@ Chef::Log.info "-" * 70 Chef::Log.info "Checking to bootstrap the admin user" -execute "check whether to bootstrap admin user" do - command "bundle exec rake db:seed -t" + +rbenv_script 'rake db:seed' do + code 'bundle exec rake db:seed RAILS_ENV=' + node['errbit']['environment'] cwd "#{node['errbit']['deploy_to']}/current" - environment ({'RAILS_ENV' => 'production'}) + user node['errbit']['user'] # not_if "bundle exec rails runner 'p User.where(admin: true).first'" notifies :create, "ruby_block[remove_bootstrap]", :immediately # notifies :restart, "service[unicorn_#{app['id']}]" diff --git a/recipes/setup.rb b/recipes/setup.rb index cadc358..140b5e5 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -64,7 +64,6 @@ rbenv_gem "bundler" do action :install user node['errbit']['user'] - rbenv_version node['errbit']['install_ruby'] end execute "update sources list" do @@ -147,14 +146,16 @@ group node['errbit']['group'] enable_submodules false migrate false + before_migrate do link "#{release_path}/vendor/bundle" do to "#{node['errbit']['deploy_to']}/shared/vendor_bundle" end - common_groups = %w{development test cucumber staging production} - execute "bundle install --deployment --without #{(common_groups - ([node['errbit']['environment']])).join(' ')}" do - ignore_failure true + common_groups = %w{development test cucumber staging production} - [node['errbit']['environment']] + rbenv_script 'bundle install' do + code "bundle install --deployment --without '#{common_groups.join ' '}'" cwd release_path + user node['errbit']['user'] end end @@ -170,12 +171,10 @@ before_restart do Chef::Log.info "*" * 20 + "COMPILING ASSETS" + "*" * 20 - execute "asset_precompile" do + rbenv_script 'rake assets:precompile' do + code 'bundle exec rake assets:precompile RAILS_ENV=' + node['errbit']['environment'] cwd release_path user node['errbit']['user'] - group node['errbit']['group'] - command "bundle exec rake assets:precompile --trace" - environment ({'RAILS_ENV' => node['errbit']['environment']}) end end # git_ssh_wrapper "wrap-ssh4git.sh" From 33b70b753987247bb019464a88679d64e1ac50c2 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 5 May 2015 11:25:43 +0100 Subject: [PATCH 13/41] Install a JavaScript interpreter errbit now requires one but doesn't include it in the Gemfile because which one you need depends on which Ruby implementation you are using. --- attributes/default.rb | 6 +++--- recipes/setup.rb | 7 +++++++ 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/attributes/default.rb b/attributes/default.rb index 063369f..d29bb1a 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -26,9 +26,9 @@ default['errbit']['environment'] = "production" # Local ruby to install via rbenv -default['errbit']['install_ruby'] = "2.2.2" -default['rbenv']['user_installs'] = [{ 'user' => default['errbit']['user'] }] - +default['errbit']['install_ruby'] = "2.2.2" +default['errbit']['javascript_gem'] = 'therubyracer' +default['rbenv']['user_installs'] = [{ 'user' => default['errbit']['user'] }] # errbit config.yml default['errbit']['config']['host'] = "errbit.example.com" diff --git a/recipes/setup.rb b/recipes/setup.rb index 140b5e5..57945ae 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -151,6 +151,13 @@ link "#{release_path}/vendor/bundle" do to "#{node['errbit']['deploy_to']}/shared/vendor_bundle" end + file "#{release_path}/UserGemfile" do + content "gem '#{node['errbit']['javascript_gem']}'" + owner node['errbit']['user'] + group node['errbit']['group'] + mode 0644 + end + common_groups = %w{development test cucumber staging production} - [node['errbit']['environment']] rbenv_script 'bundle install' do code "bundle install --deployment --without '#{common_groups.join ' '}'" From c60d004700f0ad80081080215a9cb6e62d64ca9e Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 5 May 2015 11:29:40 +0100 Subject: [PATCH 14/41] Install gems to ~/.rbenv instead of vendor/bundle This negates the need for a symlink to shared. Using deployment mode probably won't work anyway because Gemfile.lock won't be up to date after adding a JavaScript interpreter. --- recipes/setup.rb | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/recipes/setup.rb b/recipes/setup.rb index 57945ae..1aef1ef 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -91,7 +91,7 @@ mode 00755 end -%w{ log pids system tmp vendor_bundle scripts config sockets }.each do |dir| +%w{ log pids system tmp scripts config sockets }.each do |dir| directory "#{node['errbit']['deploy_to']}/shared/#{dir}" do owner node['errbit']['user'] group node['errbit']['group'] @@ -148,9 +148,6 @@ migrate false before_migrate do - link "#{release_path}/vendor/bundle" do - to "#{node['errbit']['deploy_to']}/shared/vendor_bundle" - end file "#{release_path}/UserGemfile" do content "gem '#{node['errbit']['javascript_gem']}'" owner node['errbit']['user'] @@ -160,7 +157,7 @@ common_groups = %w{development test cucumber staging production} - [node['errbit']['environment']] rbenv_script 'bundle install' do - code "bundle install --deployment --without '#{common_groups.join ' '}'" + code "bundle install --system --without '#{common_groups.join ' '}'" cwd release_path user node['errbit']['user'] end @@ -199,4 +196,3 @@ nginx_site node['errbit']['name'] do enable true end - From 16d5f384aa1dc30a4c345bf8aedbfbb99007f8b2 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 5 May 2015 14:33:18 +0100 Subject: [PATCH 15/41] Configure errbit with a dotenv file This seems to be the preferred method now and it is simpler. Change defaults to be more or less in line with upstream. Properly generate a random secret token. These changes are not really backwards compatible but that wasn't likely to be an option anyway. --- attributes/default.rb | 73 ++++++++++++++++----------- recipes/bootstrap.rb | 2 +- recipes/setup.rb | 82 +++++++++--------------------- recipes/unicorn.rb | 6 +-- templates/default/config.yml.erb | 83 ------------------------------- templates/default/mongoid.yml.erb | 3 -- templates/default/nginx.conf.erb | 8 +-- 7 files changed, 73 insertions(+), 184 deletions(-) delete mode 100644 templates/default/config.yml.erb delete mode 100644 templates/default/mongoid.yml.erb diff --git a/attributes/default.rb b/attributes/default.rb index d29bb1a..60812e0 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -23,37 +23,56 @@ default['errbit']['deploy_to'] = "/home/#{default['errbit']['user']}/#{node['errbit']['name']}" default['errbit']['repo_url'] = "git://github.com/errbit/errbit.git" default['errbit']['revision'] = "master" -default['errbit']['environment'] = "production" # Local ruby to install via rbenv default['errbit']['install_ruby'] = "2.2.2" default['errbit']['javascript_gem'] = 'therubyracer' default['rbenv']['user_installs'] = [{ 'user' => default['errbit']['user'] }] -# errbit config.yml -default['errbit']['config']['host'] = "errbit.example.com" -default['errbit']['config']['enforce_ssl'] = false -default['errbit']['config']['email_from'] = "errbit@example.com" -default['errbit']['config']['per_app_email_at_notices'] = false -default['errbit']['config']['email_at_notices'] = [1, 10, 100] -default['errbit']['config']['confirm_resolve_err'] = true -default['errbit']['config']['user_has_username'] = false -default['errbit']['config']['allow_comments_with_issue_tracker'] = true -default['errbit']['config']['use_gravatar'] = true -default['errbit']['config']['gravatar_default'] = "identicon" - -# errbit github integration -default['errbit']['config']['github_authentication'] = false -default['errbit']['config']['github_client_id'] = "github_client_id" -default['errbit']['config']['github_secret'] = "github_secret" -default['errbit']['config']['github_access_scope'] = ['repo'] - -# mongodb creds -default['errbit']['db']['host'] = "localhost" -default['errbit']['db']['port'] = "27017" -default['errbit']['db']['database'] = "errbit" -default['errbit']['db']['username'] = "" -default['errbit']['db']['password'] = "" +# dotenv file variables +# +## Errbit +default['errbit']['config']['errbit_host'] = 'errbit.example.com' # Don't default to FQDN, it might fail e-mail validation. +default['errbit']['config']['errbit_protocol'] = 'http' +default['errbit']['config']['errbit_port'] = 80 +default['errbit']['config']['errbit_enforce_ssl'] = false +default['errbit']['config']['errbit_confirm_err_actions'] = true +default['errbit']['config']['errbit_user_has_username'] = true +default['errbit']['config']['errbit_use_gravatar'] = true +default['errbit']['config']['errbit_gravatar_default'] = 'identicon' +default['errbit']['config']['errbit_email_from'] = 'errbit@example.com' +default['errbit']['config']['errbit_email_at_notices'] = [1, 10, 100] +default['errbit']['config']['errbit_per_app_email_at_notices'] = false +default['errbit']['config']['errbit_notify_at_notices'] = [0] +default['errbit']['config']['errbit_per_app_notify_at_notices'] = false +# +## GitHub +default['errbit']['config']['github_url'] = 'https://github.com' +default['errbit']['config']['github_authentication'] = false +default['errbit']['config']['github_client_id'] = nil +default['errbit']['config']['github_secret'] = nil +default['errbit']['config']['github_org_id'] = nil +default['errbit']['config']['github_access_scope'] = ['repo'] +# +## SMTP +default['errbit']['config']['smtp_server'] = nil +default['errbit']['config']['smtp_port'] = nil +default['errbit']['config']['smtp_authentication'] = nil +default['errbit']['config']['smtp_username'] = nil +default['errbit']['config']['smtp_password'] = nil +default['errbit']['config']['smtp_domain'] = nil +# +## Sendmail +default['errbit']['config']['sendmail_location'] = nil +default['errbit']['config']['sendmail_arguments'] = nil +# +## Misc +default['errbit']['config']['devise_modules'] = %w( database_authenticatable recoverable rememberable trackable validatable omniauthable ) +default['errbit']['config']['email_delivery_method'] = 'smtp' +default['errbit']['config']['mongo_url'] = 'mongodb://localhost/errbit' +default['errbit']['config']['rails_env'] = 'production' +default['errbit']['config']['secret_key_base'] = nil +default['errbit']['config']['serve_static_assets'] = true # app server (Optional: More info in README) default['errbit']['server'] = "unicorn" # or use others like puma @@ -64,7 +83,3 @@ default[:errbit][:unicorn][:backlog] = 100 default[:errbit][:unicorn][:tcp_nopush] = true default[:errbit][:unicorn][:tries] = 3 - - -default['errbit']['secret_token'] = 'b9e131c733a2672c79af5699f26e0bc5fba23a40ec51d76c9271c00097f35aa4c0993e1150f08048f0b66bd141cbcb58ab28814e35eb281c3cb2374aac160203' - diff --git a/recipes/bootstrap.rb b/recipes/bootstrap.rb index 288382b..4c1f2af 100644 --- a/recipes/bootstrap.rb +++ b/recipes/bootstrap.rb @@ -4,7 +4,7 @@ Chef::Log.info "Checking to bootstrap the admin user" rbenv_script 'rake db:seed' do - code 'bundle exec rake db:seed RAILS_ENV=' + node['errbit']['environment'] + code 'bundle exec rake db:seed RAILS_ENV=' + node['errbit']['config']['rails_env'] cwd "#{node['errbit']['deploy_to']}/current" user node['errbit']['user'] # not_if "bundle exec rails runner 'p User.where(admin: true).first'" diff --git a/recipes/setup.rb b/recipes/setup.rb index 1aef1ef..ab6c5d4 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -36,14 +36,6 @@ system false end -# Exporting the SECRET_TOKEN env var -secret_token = rand(8**256).to_s(36).ljust(8,'a')[0..150] -execute "set SECRET_TOKEN var" do - user node['errbit']['user'] - command "echo 'export SECRET_TOKEN=#{secret_token}' >> /home/#{node['errbit']['user']}/.bash_profile" - not_if "grep SECRET_TOKEN /home/#{node['errbit']['user']}/.bash_profile" -end - # setup rbenv (after git user setup) %w{ ruby_build rbenv::user_install }.each do |requirement| include_recipe requirement @@ -91,7 +83,7 @@ mode 00755 end -%w{ log pids system tmp scripts config sockets }.each do |dir| +%w( config log pids sockets ).each do |dir| directory "#{node['errbit']['deploy_to']}/shared/#{dir}" do owner node['errbit']['user'] group node['errbit']['group'] @@ -100,53 +92,38 @@ end end -# errbit config.yml -template "#{node['errbit']['deploy_to']}/shared/config/config.yml" do - source "config.yml.erb" - owner node['errbit']['user'] - group node['errbit']['group'] - mode 00644 - variables(params: { - host: node['errbit']['config']['host'], - enforce_ssl: node['errbit']['config']['enforce_ssl'], - email_from: node['errbit']['config']['email_from'], - per_app_email_at_notices: node['errbit']['config']['per_app_email_at_notices'], - email_at_notices: node['errbit']['config']['email_at_notices'], - confirm_resolve_err: node['errbit']['config']['confirm_resolve_err'], - user_has_username: node['errbit']['config']['user_has_username'], - allow_comments_with_issue_tracker: node['errbit']['config']['allow_comments_with_issue_tracker'], - use_gravatar: node['errbit']['config']['use_gravatar'], - gravatar_default: node['errbit']['config']['gravatar_default'], - github_authentication: node['errbit']['config']['github_authentication'], - github_client_id: node['errbit']['config']['github_client_id'], - github_secret: node['errbit']['config']['github_secret'], - github_access_scope: node['errbit']['config']['github_access_scope'] - }) -end +require 'securerandom' +node.normal_unless['errbit']['config']['secret_key_base'] = SecureRandom.urlsafe_base64(96) + +file "#{node['errbit']['deploy_to']}/shared/config/env" do + content node['errbit']['config'].map { |key, value| + case value + when nil + when Array + "export #{key.upcase}=\"[#{value.join ','}]\"" + else + "export #{key.upcase}=#{value.inspect}" + end + }.compact.join("\n") + "\n" -template "#{node['errbit']['deploy_to']}/shared/config/mongoid.yml" do - source "mongoid.yml.erb" owner node['errbit']['user'] group node['errbit']['group'] - mode 00644 - variables( params: { - environment: node['errbit']['environment'], - host: node['errbit']['db']['host'], - port: node['errbit']['db']['port'], - database: node['errbit']['db']['database'] - # username: node['errbit']['db']['username'], - # password: node['errbit']['db']['password'] - }) + mode 0644 end deploy_revision node['errbit']['deploy_to'] do repo node['errbit']['repo_url'] revision node['errbit']['revision'] + user node['errbit']['user'] group node['errbit']['group'] - enable_submodules false + + shallow_clone true migrate false + symlink_before_migrate('config/env' => '.env') + symlinks('log' => 'log', 'pids' => 'tmp/pids', 'sockets' => 'tmp/sockets') + before_migrate do file "#{release_path}/UserGemfile" do content "gem '#{node['errbit']['javascript_gem']}'" @@ -155,7 +132,8 @@ mode 0644 end - common_groups = %w{development test cucumber staging production} - [node['errbit']['environment']] + common_groups = %w{development test production heroku} - [node['errbit']['config']['rails_env']] + rbenv_script 'bundle install' do code "bundle install --system --without '#{common_groups.join ' '}'" cwd release_path @@ -163,26 +141,14 @@ end end - symlink_before_migrate nil - symlinks( - "config/config.yml" => "config/config.yml", - "config/mongoid.yml" => "config/mongoid.yml" - ) - environment 'RAILS_ENV' => node['errbit']['environment'], 'SECRET_TOKEN' => node['errbit']['secret_token'] - shallow_clone true - action :deploy #:deploy or :rollback or :force_deploy - before_restart do - Chef::Log.info "*" * 20 + "COMPILING ASSETS" + "*" * 20 rbenv_script 'rake assets:precompile' do - code 'bundle exec rake assets:precompile RAILS_ENV=' + node['errbit']['environment'] + code 'bundle exec rake assets:precompile RAILS_ENV=' + node['errbit']['config']['rails_env'] cwd release_path user node['errbit']['user'] end end - # git_ssh_wrapper "wrap-ssh4git.sh" - scm_provider Chef::Provider::Git end template "#{node['nginx']['dir']}/sites-available/#{node['errbit']['name']}" do diff --git a/recipes/unicorn.rb b/recipes/unicorn.rb index 55a60dc..6592a84 100644 --- a/recipes/unicorn.rb +++ b/recipes/unicorn.rb @@ -36,7 +36,7 @@ variables( :user => node['errbit']['user'], :deploy_to => node['errbit']['deploy_to'], - :env => node['errbit']['environment'] + :env => node['errbit']['config']['rails_env'] ) end @@ -54,10 +54,8 @@ # Restarting the unicorn service "unicorn_#{node['errbit']['name']}" do action :nothing - subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/config.yml]" subscribes :restart, "template[/etc/init.d/unicorn_#{node['errbit']['name']}]" + subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/env]" subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/unicorn.rb]" - subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/config.yml]" - subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/mongoid.yml]" subscribes :restart, "deploy_revision[#{node['errbit']['deploy_to']}]" end diff --git a/templates/default/config.yml.erb b/templates/default/config.yml.erb deleted file mode 100644 index dddb947..0000000 --- a/templates/default/config.yml.erb +++ /dev/null @@ -1,83 +0,0 @@ -# Generated by chef: <%= node['fqdn'] %> -# Errbit Config -# ============= -# - -# The host of your errbit server -host: <%= @params[:host] %> - -# Enforce SSL connections -enforce_ssl: <%= @params[:enforce_ssl] %> - -# The email address which email notifications -# will be sent from. -email_from: <%= @params[:email_from] %> - -# If you turn on this option, email_at_notices can be -# configured on a per app basis, at the App edit page -per_app_email_at_notices: <%= @params[:per_app_email_at_notices] %> - -# Configure when emails are sent for an error. -# [1,3,7] = 1st, 3rd, and 7th occurence triggers -# an email notification. -email_at_notices: <%= @params[:email_at_notices] %> - -# Configure whether or not the user should be prompted before resolving an error. -confirm_resolve_err: <%= @params[:confirm_resolve_err] %> - -# Add an optional 'username' field to Users. -# Helpful when you need to plug in a custom authentication strategy, such as LDAP. -user_has_username: <%= @params[:user_has_username] %> - -# Allow comments while an issue tracker is configured. -# This is useful if the err is not critical enough to create a ticket, -# but you want to leave a short comment. -allow_comments_with_issue_tracker: <%= @params[:allow_comments_with_issue_tracker] %> - -# Enable Gravatar. -use_gravatar: <%= @params[:use_gravatar] %> -# Default Gravatar image, can be: mm, identicon, monsterid, wavatar, retro. -gravatar_default: <%= @params[:gravatar_default] %> - -# Setup your deploy options for capistrano. -deployment: - hosts: - web: errbit.example.com - app: errbit.example.com - db: errbit.example.com - repository: http://github.com/errbit/errbit.git - user: deploy - deploy_to: /var/www/apps/errbit - # setup path to unicorn pids folder (or deploy_to/shared/pids will be used) - # pids: /var/www/apps/errbit/shared/pids - -# GitHub OAuth configuration -# If you want to allow authentication via GitHub, you will need to register -# your app at: https://github.com/settings/applications -# If you hosted Errbit at errbit.example.com, you would fill in: -# -# URL: http://errbit.example.com/ -# Callback URL: http://errbit.example.com/users/auth/github -# -# After you have registered your app, copy your Client ID and Secret key below. -github_authentication: <%= @params[:github_authentication] %> -github_client_id: <%= @params[:github_client_id] %> -github_secret: <%= @params[:github_secret] %> -# GitHub Permissions to request from user -# ['repo'] - Allow creating issues for public and private repos. -# ['public_repo'] - Only allow creating issues for public repos. -# [] - No permission to create issues on any repos. -github_access_scope: <%= @params[:github_access_scope] %> - -# Configure SMTP settings. If you are running Errbit on Heroku, -# sendgrid will be configured by default. -# ------------------------------------------------------------------------ -#smtp_settings: -# :address: ADDRESS -# :domain: DOMAIN -# :port: "25" -# :authentication: :plain, :login, :cram_md5 -# :enable_starttls_auto: true -# :user_name: USERNAME -# :password: PASSWORD - diff --git a/templates/default/mongoid.yml.erb b/templates/default/mongoid.yml.erb deleted file mode 100644 index 28b661d..0000000 --- a/templates/default/mongoid.yml.erb +++ /dev/null @@ -1,3 +0,0 @@ -<%= @params[:environment] %>: - host: localhost - database: <%= @params[:database] %> diff --git a/templates/default/nginx.conf.erb b/templates/default/nginx.conf.erb index 65c6196..ca78ebc 100644 --- a/templates/default/nginx.conf.erb +++ b/templates/default/nginx.conf.erb @@ -10,12 +10,8 @@ upstream <%= node['errbit']['name'] %> { # } server { - listen 80 deferred; - <% if @server_names %> - server_name <%= @server_names.join(" ") %>; - <% else %> - server_name <%= node['ipaddress'] %> - <% end %> + listen <%= node['errbit']['config']['errbit_port'] %> deferred; + server_name <%= node['errbit']['config']['errbit_host'] %>; client_max_body_size 4G; keepalive_timeout 5; From b20ab22ec519607cc2496a6a536c28a1228148a6 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 5 May 2015 15:17:55 +0100 Subject: [PATCH 16/41] Fix deploy_to and rbenv attributes --- attributes/default.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/attributes/default.rb b/attributes/default.rb index 60812e0..42b5d9d 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -20,14 +20,14 @@ default['errbit']['name'] = "errbit" default['errbit']['user'] = "errbit" default['errbit']['group'] = node['errbit']['user'] -default['errbit']['deploy_to'] = "/home/#{default['errbit']['user']}/#{node['errbit']['name']}" +default['errbit']['deploy_to'] = "/home/#{node['errbit']['user']}/#{node['errbit']['name']}" default['errbit']['repo_url'] = "git://github.com/errbit/errbit.git" default['errbit']['revision'] = "master" # Local ruby to install via rbenv default['errbit']['install_ruby'] = "2.2.2" default['errbit']['javascript_gem'] = 'therubyracer' -default['rbenv']['user_installs'] = [{ 'user' => default['errbit']['user'] }] +default['rbenv']['user_installs'] = [{ 'user' => node['errbit']['user'] }] # dotenv file variables # From c76c2d12672c8337ccf136959c90c328a2606614 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 5 May 2015 15:58:17 +0100 Subject: [PATCH 17/41] Keep build-essentials stuff in converge phase We don't require any additional gems during the compile phase so these additional hacks are not necessary. --- recipes/setup.rb | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/recipes/setup.rb b/recipes/setup.rb index ab6c5d4..e2fca59 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -18,9 +18,7 @@ # limitations under the License. # -node.set['build_essential']['compiletime'] = true include_recipe "build-essential" - include_recipe "git" include_recipe "nginx" @@ -60,14 +58,10 @@ execute "update sources list" do command "apt-get update" - action :nothing -end.run_action(:run) +end %w(libxml2-dev libxslt1-dev libcurl4-gnutls-dev).each do |pkg| - r = package pkg do - action :nothing - end - r.run_action(:install) + package pkg end directory node['errbit']['deploy_to'] do From 4627306efa51d8334b1df3e74a55f62d5b6d1eae Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Wed, 6 May 2015 15:10:02 +0100 Subject: [PATCH 18/41] Tidy up unicorn service No need to manually specify the commands and subscriptions can be defined in the same single block. --- recipes/unicorn.rb | 9 --------- 1 file changed, 9 deletions(-) diff --git a/recipes/unicorn.rb b/recipes/unicorn.rb index 6592a84..9279e4c 100644 --- a/recipes/unicorn.rb +++ b/recipes/unicorn.rb @@ -42,18 +42,9 @@ service "unicorn_#{node['errbit']['name']}" do provider Chef::Provider::Service::Init::Debian - start_command "/etc/init.d/unicorn_#{node['errbit']['name']} start" - stop_command "/etc/init.d/unicorn_#{node['errbit']['name']} stop" - restart_command "/etc/init.d/unicorn_#{node['errbit']['name']} restart" - status_command "/etc/init.d/unicorn_#{node['errbit']['name']} status" supports :start => true, :stop => true, :restart => true, :status => true action :nothing -end - -# Restarting the unicorn -service "unicorn_#{node['errbit']['name']}" do - action :nothing subscribes :restart, "template[/etc/init.d/unicorn_#{node['errbit']['name']}]" subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/env]" subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/unicorn.rb]" From 8f0d203a522572a409d5d4a46454a893fc5034f0 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Wed, 6 May 2015 16:12:25 +0100 Subject: [PATCH 19/41] Don't explicitly install packages libxml2-dev and libxslt1-dev are installed by rbenv. libcurl4-gnutls-dev doesn't seem to be required by anything. I also think it's a little rude for every cookbook to call apt-get update. ;) --- recipes/setup.rb | 8 -------- 1 file changed, 8 deletions(-) diff --git a/recipes/setup.rb b/recipes/setup.rb index e2fca59..a34f13a 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -56,14 +56,6 @@ user node['errbit']['user'] end -execute "update sources list" do - command "apt-get update" -end - -%w(libxml2-dev libxslt1-dev libcurl4-gnutls-dev).each do |pkg| - package pkg -end - directory node['errbit']['deploy_to'] do owner node['errbit']['user'] group node['errbit']['group'] From 9ba36208bcdeb7b1705e00a8b032c9052b054463 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Thu, 7 May 2015 15:21:50 +0100 Subject: [PATCH 20/41] Clean up nginx template --- templates/default/nginx.conf.erb | 23 +---------------------- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/templates/default/nginx.conf.erb b/templates/default/nginx.conf.erb index ca78ebc..210d452 100644 --- a/templates/default/nginx.conf.erb +++ b/templates/default/nginx.conf.erb @@ -1,14 +1,7 @@ - upstream <%= node['errbit']['name'] %> { server unix:<%= node['errbit']['deploy_to'] %>/shared/sockets/unicorn.sock fail_timeout=0; } -# Rewrite www to non-www -# server{ -# server_name www.railsapp1.com; -# return 301 $scheme://domain.com$request_uri; -# } - server { listen <%= node['errbit']['config']['errbit_port'] %> deferred; server_name <%= node['errbit']['config']['errbit_host'] %>; @@ -26,22 +19,8 @@ server { add_header Cache-Control public; } -# location / { -# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -# proxy_set_header Host $http_host; -# proxy_redirect off; -# -# if (-f $request_filename) { -# break; -# } -# -# if (!-f $request_filename) { -# proxy_pass http://<%= node['errbit']['name'] %>; -# break; -# } -# } - try_files $uri/index.html $uri @unicorn; + location @unicorn { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; From 6fdd618c7d347793dea52d1f7abaaabc6eecb903 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Thu, 7 May 2015 18:05:27 +0100 Subject: [PATCH 21/41] Support for Puma via systemd The old Puma recipe didn't look like it was finished. I needed systemd support and Puma plays nicer with systemd (socket activation!) than Unicorn does so I used the former. Non-systemd support for Puma and systemd support for Unicorn would be nice but I don't have time. :( --- attributes/default.rb | 18 ++++++++-------- recipes/default.rb | 4 +--- recipes/puma.rb | 34 +++++++++++++++++++++++++----- recipes/setup.rb | 9 ++++++-- templates/default/UserGemfile.erb | 2 ++ templates/default/nginx.conf.erb | 10 ++++++--- templates/default/puma.rb.erb | 20 ++++++++++++++++++ templates/default/puma.service.erb | 14 ++++++++++++ templates/default/puma.socket.erb | 12 +++++++++++ templates/default/unicorn.rb.erb | 9 ++++---- 10 files changed, 105 insertions(+), 27 deletions(-) create mode 100644 templates/default/UserGemfile.erb create mode 100644 templates/default/puma.rb.erb create mode 100644 templates/default/puma.service.erb create mode 100644 templates/default/puma.socket.erb diff --git a/attributes/default.rb b/attributes/default.rb index 42b5d9d..0c82c38 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -74,12 +74,12 @@ default['errbit']['config']['secret_key_base'] = nil default['errbit']['config']['serve_static_assets'] = true -# app server (Optional: More info in README) -default['errbit']['server'] = "unicorn" # or use others like puma -default[:errbit][:unicorn][:worker_timeout] = 60 -default[:errbit][:unicorn][:worker_processes] = 2 #[node[:cpu][:total].to_i * 4, 8].min -default[:errbit][:unicorn][:preload_app] = false -default[:errbit][:unicorn][:tcp_nodelay] = true -default[:errbit][:unicorn][:backlog] = 100 -default[:errbit][:unicorn][:tcp_nopush] = true -default[:errbit][:unicorn][:tries] = 3 +# The cookbook currently only supports Puma on systemd and Unicorn on SysVinit. +default['errbit']['server']['name'] = node['init_package'] == 'systemd' ? 'puma' : 'unicorn' + +default['errbit']['server']['backlog'] = 100 +default['errbit']['server']['preload_app'] = false +default['errbit']['server']['tcp_nodelay'] = true +default['errbit']['server']['tcp_nopush'] = true +default['errbit']['server']['timeout'] = 60 +default['errbit']['server']['workers'] = 2 diff --git a/recipes/default.rb b/recipes/default.rb index 53a8fd5..50bd9d8 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -19,6 +19,4 @@ # include_recipe 'errbit::setup' -server = node['errbit']['server'] - -include_recipe "errbit::#{server}" +include_recipe 'errbit::' + node['errbit']['server']['name'] diff --git a/recipes/puma.rb b/recipes/puma.rb index e264940..c2ac7a7 100644 --- a/recipes/puma.rb +++ b/recipes/puma.rb @@ -18,9 +18,33 @@ # limitations under the License. # -execute "puma app server" do - cwd "#{node['errbit']['deploy_to']}/current" - command "bundle exec puma -D" - # creates "/tmp/something" - action :run +template "#{node['errbit']['deploy_to']}/shared/config/puma.rb" do + source 'puma.rb.erb' + owner node['errbit']['user'] + group node['errbit']['group'] + mode 0644 +end + +['socket', 'service'].each do |unit| + template "/lib/systemd/system/puma-#{node['errbit']['name']}.#{unit}" do + source "puma.#{unit}.erb" + owner 'root' + group 'root' + mode 0644 + end +end + +service "puma-#{node['errbit']['name']}" do + supports [:reload, :restart, :status] + action :nothing + + subscribes :reload, "template[/lib/systemd/system/puma-#{node['errbit']['name']}.service]" + subscribes :reload, "template[#{node['errbit']['deploy_to']}/shared/config/puma.rb]" + subscribes :reload, "file[#{node['errbit']['deploy_to']}/shared/config/env]" + subscribes :reload, "deploy_revision[#{node['errbit']['deploy_to']}]" +end + +service "puma-#{node['errbit']['name']}.socket" do + supports [:restart, :status] + action [:enable, :start] end diff --git a/recipes/setup.rb b/recipes/setup.rb index a34f13a..a6b2506 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -34,6 +34,11 @@ system false end +# Ensure nginx can read within this directory +directory '/home/' + node['errbit']['user'] do + mode 0701 +end + # setup rbenv (after git user setup) %w{ ruby_build rbenv::user_install }.each do |requirement| include_recipe requirement @@ -111,8 +116,8 @@ symlinks('log' => 'log', 'pids' => 'tmp/pids', 'sockets' => 'tmp/sockets') before_migrate do - file "#{release_path}/UserGemfile" do - content "gem '#{node['errbit']['javascript_gem']}'" + template "#{release_path}/UserGemfile" do + source "UserGemfile.erb" owner node['errbit']['user'] group node['errbit']['group'] mode 0644 diff --git a/templates/default/UserGemfile.erb b/templates/default/UserGemfile.erb new file mode 100644 index 0000000..558c50c --- /dev/null +++ b/templates/default/UserGemfile.erb @@ -0,0 +1,2 @@ +gem "<%= node['errbit']['javascript_gem'] %>" +gem "<%= node['errbit']['server']['name'] %>" diff --git a/templates/default/nginx.conf.erb b/templates/default/nginx.conf.erb index 210d452..8100e5b 100644 --- a/templates/default/nginx.conf.erb +++ b/templates/default/nginx.conf.erb @@ -1,13 +1,17 @@ upstream <%= node['errbit']['name'] %> { - server unix:<%= node['errbit']['deploy_to'] %>/shared/sockets/unicorn.sock fail_timeout=0; + server unix:<%= node['errbit']['deploy_to'] %>/shared/sockets/<%= node['errbit']['server']['name'] %>.sock fail_timeout=0; } server { listen <%= node['errbit']['config']['errbit_port'] %> deferred; server_name <%= node['errbit']['config']['errbit_host'] %>; + client_max_body_size 4G; keepalive_timeout 5; + tcp_nodelay <%= node['errbit']['server']['tcp_nodelay'] ? 'on' : 'off' %>; + tcp_nopush <%= node['errbit']['server']['tcp_nopush'] ? 'on' : 'off' %>; + root <%= node['errbit']['deploy_to'] %>/current/public; access_log <%= node['errbit']['deploy_to'] %>/shared/log/access.log combined; @@ -19,9 +23,9 @@ server { add_header Cache-Control public; } - try_files $uri/index.html $uri @unicorn; + try_files $uri/index.html $uri @<%= node['errbit']['name'] %>; - location @unicorn { + location @<%= node['errbit']['name'] %> { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; diff --git a/templates/default/puma.rb.erb b/templates/default/puma.rb.erb new file mode 100644 index 0000000..79ecd49 --- /dev/null +++ b/templates/default/puma.rb.erb @@ -0,0 +1,20 @@ +tag "<%= node['errbit']['name'] %>" + +# Is Errbit thread-safe? Probably but we default to MRI so threading +# is of little benefit. This should be made configurable later. +workers <%= node['errbit']['server']['workers'] %> +threads 1, 1 + +# Ensure we're always in the "current" directory. +directory "<%= node['errbit']['deploy_to']%>/current" + +# Socket might be created by systemd. +bind "unix://<%= node['errbit']['deploy_to']%>/shared/sockets/puma.sock<%= '?backlog=' + node['errbit']['server']['backlog'] unless node['init_package'] == 'systemd' %>" + +state_path "<%= node['errbit']['deploy_to']%>/shared/pids/puma.state" +stdout_redirect "<%= node['errbit']['deploy_to']%>/shared/log/server.stdout.log", "<%= node['errbit']['deploy_to']%>/shared/log/server.stderr.log", true + +environment "<%= node['errbit']['config']['rails_env'] %>" +<%=- "preload_app!" if node['errbit']['server']['preload_app'] -%> +prune_bundler +worker_timeout <%= node['errbit']['server']['timeout'] %> diff --git a/templates/default/puma.service.erb b/templates/default/puma.service.erb new file mode 100644 index 0000000..5a53cae --- /dev/null +++ b/templates/default/puma.service.erb @@ -0,0 +1,14 @@ +[Unit] +Description=<%= node['errbit']['name'] %> Puma daemon +Requires=puma-errbit.socket + +[Service] +User=<%= node['errbit']['user'] %> +Group=<%= node['errbit']['group'] %> +SyslogIdentifier=puma-<%= node['errbit']['name'] %> +WorkingDirectory=<%= node['errbit']['deploy_to'] %>/current +ExecStart=/home/<%= node['errbit']['user'] %>/.rbenv/bin/rbenv exec puma --config <%= node['errbit']['deploy_to'] %>/shared/config/puma.rb +ExecReload=/bin/kill -USR2 $MAINPID + +[Install] +WantedBy=multi-user.target diff --git a/templates/default/puma.socket.erb b/templates/default/puma.socket.erb new file mode 100644 index 0000000..fb0122a --- /dev/null +++ b/templates/default/puma.socket.erb @@ -0,0 +1,12 @@ +[Unit] +Description=<%= node['errbit']['name'] %> Puma socket + +[Socket] +SocketUser=<%= node['errbit']['user'] %> +SocketGroup=<%= node['nginx']['group'] %> +SocketMode=0660 +Backlog=<%= node['errbit']['server']['backlog'] %> +ListenStream=<%= node['errbit']['deploy_to'] %>/shared/sockets/puma.sock + +[Install] +WantedBy=sockets.target diff --git a/templates/default/unicorn.rb.erb b/templates/default/unicorn.rb.erb index 70e9cff..1750b87 100644 --- a/templates/default/unicorn.rb.erb +++ b/templates/default/unicorn.rb.erb @@ -1,4 +1,4 @@ -worker_processes <%= node[:errbit][:unicorn][:worker_processes] %> +worker_processes <%= node['errbit']['server']['workers'] %> user "<%= node['errbit']['user'] %>" @@ -7,10 +7,9 @@ working_directory "<%= node['errbit']['deploy_to']%>/current" # listen on both a Unix domain socket and a TCP port, # use a shorter backlog for quicker failover when busy -listen "<%= node['errbit']['deploy_to']%>/shared/sockets/unicorn.sock", :backlog => <%= node[:errbit][:unicorn][:backlog] %> -listen 8080, :tcp_nopush => true +listen "<%= node['errbit']['deploy_to']%>/shared/sockets/unicorn.sock", :backlog => <%= node['errbit']['server']['backlog'] %> -timeout <%= node[:errbit][:unicorn][:worker_timeout] %> +timeout <%= node['errbit']['server']['timeout'] %> pid "<%= node['errbit']['deploy_to']%>/shared/pids/unicorn.pid" @@ -19,7 +18,7 @@ stdout_path "<%= node['errbit']['deploy_to']%>/shared/log/unicorn.stdout.log" # combine REE with "preload_app true" for memory savings # http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow -preload_app <%= node[:errbit][:unicorn][:preload_app] %> +preload_app <%= node['errbit']['server']['preload_app'] %> GC.copy_on_write_friendly = true if GC.respond_to?(:copy_on_write_friendly=) # ensure Unicorn doesn't use a stale Gemfile when restarting From 6f98fa1f26e451b0a5157c11aaa35edd2744a9a9 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 8 May 2015 13:32:09 +0100 Subject: [PATCH 22/41] Start the Unicorn service on boot --- recipes/unicorn.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/recipes/unicorn.rb b/recipes/unicorn.rb index 9279e4c..638db5e 100644 --- a/recipes/unicorn.rb +++ b/recipes/unicorn.rb @@ -42,8 +42,8 @@ service "unicorn_#{node['errbit']['name']}" do provider Chef::Provider::Service::Init::Debian - supports :start => true, :stop => true, :restart => true, :status => true - action :nothing + supports [:restart, :status] + action :enable subscribes :restart, "template[/etc/init.d/unicorn_#{node['errbit']['name']}]" subscribes :restart, "template[#{node['errbit']['deploy_to']}/shared/config/env]" From 36bf0663cfed91c0debb9c468cb58d109e24a72b Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 8 May 2015 13:32:55 +0100 Subject: [PATCH 23/41] CentOS 7.1 works! --- .kitchen.yml | 1 + metadata.rb | 1 + 2 files changed, 2 insertions(+) diff --git a/.kitchen.yml b/.kitchen.yml index e5f0bfc..6936e25 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -10,6 +10,7 @@ provisioner: name: chef_zero platforms: + - name: opscode-centos-7.1 - name: ubuntu-12.04 suites: diff --git a/metadata.rb b/metadata.rb index e35f776..4d853c8 100644 --- a/metadata.rb +++ b/metadata.rb @@ -15,4 +15,5 @@ recommends "mongodb" +supports "centos" supports "ubuntu" From cac60068c785d8afbf763bfeb82c6c1d5e4dc7de Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 8 May 2015 15:24:29 +0100 Subject: [PATCH 24/41] Run rake db:migrate on each deployment Annoyingly we can't use rbenv_script for this, which means we have to set HOME in the environment. --- recipes/setup.rb | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/recipes/setup.rb b/recipes/setup.rb index a6b2506..d5ca5d5 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -22,6 +22,9 @@ include_recipe "git" include_recipe "nginx" +home_dir = "/home/#{node['errbit']['user']}" +rails_env = node['errbit']['config']['rails_env'] + group node['errbit']['group'] user node['errbit']['user'] do @@ -29,13 +32,13 @@ comment "Errbit user" gid node['errbit']['group'] shell "/bin/bash" - home "/home/#{node['errbit']['user']}" + home home_dir supports :manage_home => true system false end # Ensure nginx can read within this directory -directory '/home/' + node['errbit']['user'] do +directory home_dir do mode 0701 end @@ -105,12 +108,18 @@ deploy_revision node['errbit']['deploy_to'] do repo node['errbit']['repo_url'] revision node['errbit']['revision'] + shallow_clone true user node['errbit']['user'] group node['errbit']['group'] - shallow_clone true - migrate false + environment( + 'HOME' => home_dir, + 'RAILS_ENV' => rails_env + ) + + migration_command "#{home_dir}/.rbenv/bin/rbenv exec bundle exec rake db:migrate" + migrate true symlink_before_migrate('config/env' => '.env') symlinks('log' => 'log', 'pids' => 'tmp/pids', 'sockets' => 'tmp/sockets') @@ -123,7 +132,7 @@ mode 0644 end - common_groups = %w{development test production heroku} - [node['errbit']['config']['rails_env']] + common_groups = %w{development test production heroku} - [rails_env] rbenv_script 'bundle install' do code "bundle install --system --without '#{common_groups.join ' '}'" @@ -135,7 +144,7 @@ before_restart do Chef::Log.info "*" * 20 + "COMPILING ASSETS" + "*" * 20 rbenv_script 'rake assets:precompile' do - code 'bundle exec rake assets:precompile RAILS_ENV=' + node['errbit']['config']['rails_env'] + code 'bundle exec rake assets:precompile RAILS_ENV=' + rails_env cwd release_path user node['errbit']['user'] end From b3ebbfc611cfe418845412b1ff428575235b1e3f Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 8 May 2015 16:24:49 +0100 Subject: [PATCH 25/41] Implement not_if in bootstrap recipe Like rake db:migrate, we cannot use rbenv_script here. Unfortunately there appears to be no way of outputting the generated password, short of running chef-client with :info log level. --- recipes/bootstrap.rb | 38 +++++++++++++++++++++++++++++++------- 1 file changed, 31 insertions(+), 7 deletions(-) diff --git a/recipes/bootstrap.rb b/recipes/bootstrap.rb index 4c1f2af..f881b34 100644 --- a/recipes/bootstrap.rb +++ b/recipes/bootstrap.rb @@ -1,15 +1,39 @@ +# +# Author:: Sachin Sagar Rai +# Cookbook Name:: errbit +# Recipe:: setup +# +# Copyright (C) 2013 Millisami +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# - -Chef::Log.info "-" * 70 -Chef::Log.info "Checking to bootstrap the admin user" +home_dir = "/home/#{node['errbit']['user']}" +current_dir = "#{node['errbit']['deploy_to']}/current" rbenv_script 'rake db:seed' do code 'bundle exec rake db:seed RAILS_ENV=' + node['errbit']['config']['rails_env'] - cwd "#{node['errbit']['deploy_to']}/current" + cwd current_dir user node['errbit']['user'] - # not_if "bundle exec rails runner 'p User.where(admin: true).first'" - notifies :create, "ruby_block[remove_bootstrap]", :immediately - # notifies :restart, "service[unicorn_#{app['id']}]" + + not_if "#{home_dir}/.rbenv/bin/rbenv exec bundle exec rails runner 'exit User.where(:admin => true).exists?'", { + :cwd => current_dir, + :user => node['errbit']['user'], + :group => node['errbit']['group'], + :environment => { 'HOME' => home_dir } + } + + notifies :run, "ruby_block[remove_bootstrap]", :immediately end ruby_block "remove_bootstrap" do From b5d7f0e86c959445f9d01e3997612d7db2f0ab6c Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Wed, 13 May 2015 17:40:00 +0100 Subject: [PATCH 26/41] Don't store nginx logs under shared directory SELinux prevents this. We could change the context of the log directory but it's easier to just move the logs. I think they should go here anyway. --- templates/default/nginx.conf.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/default/nginx.conf.erb b/templates/default/nginx.conf.erb index 8100e5b..4d2c3a6 100644 --- a/templates/default/nginx.conf.erb +++ b/templates/default/nginx.conf.erb @@ -14,8 +14,8 @@ server { root <%= node['errbit']['deploy_to'] %>/current/public; - access_log <%= node['errbit']['deploy_to'] %>/shared/log/access.log combined; - error_log <%= node['errbit']['deploy_to'] %>/shared/log/error.log; + access_log <%= node['nginx']['log_dir'] %>/<%= node['errbit']['name'] %>.access.log combined; + error_log <%= node['nginx']['log_dir'] %>/<%= node['errbit']['name'] %>.error.log; location ^~ /assets/ { gzip_static on; From 21676fbca25258964f50637a143d5012227803d3 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Thu, 14 May 2015 10:12:31 +0100 Subject: [PATCH 27/41] Remove metadata.json Other cookbooks don't include it and it interferes with Berkshelf. --- metadata.json | 46 ---------------------------------------------- 1 file changed, 46 deletions(-) delete mode 100644 metadata.json diff --git a/metadata.json b/metadata.json deleted file mode 100644 index 473be53..0000000 --- a/metadata.json +++ /dev/null @@ -1,46 +0,0 @@ -{ - "name": "errbit", - "description": "Installs/Configures errbit", - "long_description": "# Description\n\nThis cookbook is designed to be able to run [Errbit](http://github.com/errbit/errbit).\nIts github is at [chef-errbit](https://github.com/klamontagne/chef-errbit)\n\n# Requirements\n\nDeveloped using chef 10.14.0 and it should work with higher versions. But not tested against chef 11 family.\n\nThe following Opscode cookbooks are dependencies:\n\n* git\n* apt\n* nginx\n\nYou also need a MongoDB installation, such as with the [mongodb cookbook](https://github.com/edelight/chef-mongodb).\n\nIf you have other installations of rbenv on the node, you need to edit the node's user_installs as described in [chef-rbenv's documentation](https://github.com/fnichol/chef-rbenv#-rbenv-installed-for-a-specific-user-with-rubies).\n\n# Usage\n\nJust to install the Errbit app, include the following in your wrapper cookbook's recipe\n\n include_recipe \"errbit\"\n\nOr include it in your run_list\n\n 'recpie[errbit]'\n\n\nLicense and Author\n==================\n\nAuthor:: [Sachin Sagar Rai](http://nepalonrails.com) millisami@gmail.com\n\nCopyright 2013\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n\n[![Bitdeli Badge](https://d2weczhvl823v0.cloudfront.net/millisami/chef-errbit/trend.png)](https://bitdeli.com/free \"Bitdeli Badge\")\n\n", - "maintainer": "Sachin Sagar Rai", - "maintainer_email": "millisami@gmail.com", - "license": "Apache 2.0", - "platforms": { - "ubuntu": ">= 0.0.0" - }, - "dependencies": { - "git": ">= 0.0.0", - "ruby_build": ">= 0.0.0", - "rbenv": ">= 0.0.0", - "apt": ">= 0.0.0", - "nginx": ">= 0.0.0", - "build-essential": ">= 0.0.0" - }, - "recommendations": { - "mongodb": ">= 0.0.0" - }, - "suggestions": { - - }, - "conflicting": { - - }, - "providing": { - - }, - "replacing": { - - }, - "attributes": { - - }, - "groupings": { - - }, - "recipes": { - - }, - "version": "0.4.1", - "source_url": "", - "issues_url": "" -} From 862869c4a8406695b8b944f7f7e2fc369a961f36 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Thu, 14 May 2015 10:18:47 +0100 Subject: [PATCH 28/41] Precompile assets before migrating The time between migrating and restarting should always be as short as possible. Precompiling assets can take a while. This is how Capistrano does it. --- recipes/setup.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/recipes/setup.rb b/recipes/setup.rb index d5ca5d5..4c6d185 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -139,10 +139,9 @@ cwd release_path user node['errbit']['user'] end - end - before_restart do Chef::Log.info "*" * 20 + "COMPILING ASSETS" + "*" * 20 + rbenv_script 'rake assets:precompile' do code 'bundle exec rake assets:precompile RAILS_ENV=' + rails_env cwd release_path From 7d2d4ab5e33825e138c39ee6cc98c075adc7eee3 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Thu, 14 May 2015 16:46:10 +0100 Subject: [PATCH 29/41] Make things work with SELinux enabled I didn't realise that the opscode-centos box has SELinux effectively disabled. --- metadata.rb | 1 + recipes/default.rb | 6 ++++++ recipes/setup.rb | 29 +++++++++++++++++++++++++++++ 3 files changed, 36 insertions(+) diff --git a/metadata.rb b/metadata.rb index 4d853c8..92f0db6 100644 --- a/metadata.rb +++ b/metadata.rb @@ -12,6 +12,7 @@ depends "apt" depends "nginx" depends "build-essential" +depends "selinux_policy" recommends "mongodb" diff --git a/recipes/default.rb b/recipes/default.rb index 50bd9d8..4afd112 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -20,3 +20,9 @@ include_recipe 'errbit::setup' include_recipe 'errbit::' + node['errbit']['server']['name'] + +# Hack to work around systemd creating the socket with the wrong +# context and selinux_policy cookbook only running restorecon once. +execute "restorecon -R #{node['errbit']['deploy_to']}" do + only_if 'which restorecon' +end diff --git a/recipes/setup.rb b/recipes/setup.rb index 4c6d185..ac5081b 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -22,6 +22,9 @@ include_recipe "git" include_recipe "nginx" +extend SELinuxPolicy::Helpers +include_recipe 'selinux_policy::install' if use_selinux + home_dir = "/home/#{node['errbit']['user']}" rails_env = node['errbit']['config']['rails_env'] @@ -140,6 +143,10 @@ user node['errbit']['user'] end + selinux_policy_fcontext "#{release_path}/(app/assets|public)(/.*)?" do + secontext 'httpd_sys_content_t' + end + Chef::Log.info "*" * 20 + "COMPILING ASSETS" + "*" * 20 rbenv_script 'rake assets:precompile' do @@ -150,6 +157,28 @@ end end +selinux_policy_fcontext "#{node['errbit']['deploy_to']}/current" do + secontext 'httpd_sys_content_t' +end + +selinux_policy_fcontext "#{node['errbit']['deploy_to']}/shared/sockets/[^/]*\.sock" do + secontext 'httpd_var_run_t' +end + +selinux_policy_module 'nginx-errbit-socket' do + content <<-EOF + module nginx-errbit-socket 0.1; + + require { + type httpd_t; + type init_t; + class unix_stream_socket connectto; + } + + allow httpd_t init_t:unix_stream_socket connectto; + EOF +end + template "#{node['nginx']['dir']}/sites-available/#{node['errbit']['name']}" do source "nginx.conf.erb" owner "root" From 70c307fc6e1b2b59a24867de5b420f188fd8653a Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 15 May 2015 11:03:11 +0100 Subject: [PATCH 30/41] Separate the nginx port from the Errbit port If you're proxying to nginx rather than connecting to it directly then the port that nginx listens on may well be different to the port that Errbit should advertise. In our case, we have Apache accepting SSL connections that proxy to nginx without SSL. It would be nice if the cookbook could configure nginx for SSL but I'll leave that to someone else. :) --- attributes/default.rb | 1 + templates/default/nginx.conf.erb | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/attributes/default.rb b/attributes/default.rb index 0c82c38..2f82642 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -78,6 +78,7 @@ default['errbit']['server']['name'] = node['init_package'] == 'systemd' ? 'puma' : 'unicorn' default['errbit']['server']['backlog'] = 100 +default['errbit']['server']['port'] = node['errbit']['config']['errbit_port'] default['errbit']['server']['preload_app'] = false default['errbit']['server']['tcp_nodelay'] = true default['errbit']['server']['tcp_nopush'] = true diff --git a/templates/default/nginx.conf.erb b/templates/default/nginx.conf.erb index 4d2c3a6..6820fc9 100644 --- a/templates/default/nginx.conf.erb +++ b/templates/default/nginx.conf.erb @@ -3,7 +3,7 @@ upstream <%= node['errbit']['name'] %> { } server { - listen <%= node['errbit']['config']['errbit_port'] %> deferred; + listen <%= node['errbit']['server']['port'] %> deferred; server_name <%= node['errbit']['config']['errbit_host'] %>; client_max_body_size 4G; From e0b866f54d92373350acb02e103c04874c412fa6 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Mon, 27 Jul 2015 10:31:28 +0100 Subject: [PATCH 31/41] The rbenv cookbook is now fixed upstream --- Berksfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Berksfile b/Berksfile index c480ebc..279869b 100644 --- a/Berksfile +++ b/Berksfile @@ -1,4 +1,4 @@ source 'https://api.berkshelf.com' metadata -cookbook 'rbenv', :github => 'he9lin/chef-rbenv' +cookbook 'rbenv', :github => 'chef-rbenv/chef-rbenv' From 27d0c570ab22e0dee242cbf616298b447e774676 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 20 Nov 2015 17:26:40 +0000 Subject: [PATCH 32/41] rbenv cookbook has renamed to ruby_rbenv --- Berksfile | 2 -- metadata.rb | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/Berksfile b/Berksfile index 279869b..03bfe35 100644 --- a/Berksfile +++ b/Berksfile @@ -1,4 +1,2 @@ source 'https://api.berkshelf.com' metadata - -cookbook 'rbenv', :github => 'chef-rbenv/chef-rbenv' diff --git a/metadata.rb b/metadata.rb index 92f0db6..22a4b9d 100644 --- a/metadata.rb +++ b/metadata.rb @@ -8,7 +8,7 @@ depends "git" depends "ruby_build" -depends "rbenv" +depends "ruby_rbenv" depends "apt" depends "nginx" depends "build-essential" From 3bd8e2cf7e054efdafdc10013daf9057a019e342 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 29 Mar 2016 11:12:38 +0100 Subject: [PATCH 33/41] Bento bump --- .kitchen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.kitchen.yml b/.kitchen.yml index 6936e25..83ad7e6 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -10,7 +10,7 @@ provisioner: name: chef_zero platforms: - - name: opscode-centos-7.1 + - name: centos-7.2 - name: ubuntu-12.04 suites: From 9ea076c06e3d1802c3393f6775391cf3d7509226 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 29 Mar 2016 11:14:52 +0100 Subject: [PATCH 34/41] Ruby bump to 2.2.4 Upstream says 2.3.0 is crashy. I've not seen that in other projects but let's play it safe. --- attributes/default.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/attributes/default.rb b/attributes/default.rb index 2f82642..2e0d484 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -25,7 +25,7 @@ default['errbit']['revision'] = "master" # Local ruby to install via rbenv -default['errbit']['install_ruby'] = "2.2.2" +default['errbit']['install_ruby'] = '2.2.4' default['errbit']['javascript_gem'] = 'therubyracer' default['rbenv']['user_installs'] = [{ 'user' => node['errbit']['user'] }] From 98bcbca2804f5c6f3a7fc26a2e0a706750fe10da Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 29 Mar 2016 11:28:35 +0100 Subject: [PATCH 35/41] Upstream now includes therubyracer in the Gemfile I wanted to force Node.js instead but this is trickier than you'd think. Upstream also includes puma now but we'll continue to put that in the UserGemfile in case unicorn is requested instead. --- attributes/default.rb | 5 ++--- templates/default/UserGemfile.erb | 1 - 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/attributes/default.rb b/attributes/default.rb index 2e0d484..c47a351 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -25,9 +25,8 @@ default['errbit']['revision'] = "master" # Local ruby to install via rbenv -default['errbit']['install_ruby'] = '2.2.4' -default['errbit']['javascript_gem'] = 'therubyracer' -default['rbenv']['user_installs'] = [{ 'user' => node['errbit']['user'] }] +default['errbit']['install_ruby'] = '2.2.4' +default['rbenv']['user_installs'] = [{ 'user' => node['errbit']['user'] }] # dotenv file variables # diff --git a/templates/default/UserGemfile.erb b/templates/default/UserGemfile.erb index 558c50c..1feefaf 100644 --- a/templates/default/UserGemfile.erb +++ b/templates/default/UserGemfile.erb @@ -1,2 +1 @@ -gem "<%= node['errbit']['javascript_gem'] %>" gem "<%= node['errbit']['server']['name'] %>" From aed5288b51c96bd5f809ee53a96856fb189eaf1e Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 29 Mar 2016 11:41:48 +0100 Subject: [PATCH 36/41] Pin nginx cookbook to ~> 2.7 It's undergoing a rewrite for v3 that will probably break things. Berkshelf otherwise selects 1.8.0 for some strange reason. --- metadata.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.rb b/metadata.rb index 22a4b9d..8bd5d1d 100644 --- a/metadata.rb +++ b/metadata.rb @@ -10,7 +10,7 @@ depends "ruby_build" depends "ruby_rbenv" depends "apt" -depends "nginx" +depends "nginx", '~> 2.7' depends "build-essential" depends "selinux_policy" From 79bad0bc30ce90e690f1a60bdf50d5aed6acb59a Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Tue, 29 Mar 2016 11:48:41 +0100 Subject: [PATCH 37/41] I must have forgotten to update this for rbenv --- recipes/setup.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes/setup.rb b/recipes/setup.rb index ac5081b..95f6e1b 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -46,7 +46,7 @@ end # setup rbenv (after git user setup) -%w{ ruby_build rbenv::user_install }.each do |requirement| +%w{ ruby_build ruby_rbenv::user_install }.each do |requirement| include_recipe requirement end From 00a674c75410d4e8e1af10e43b5f2b77beca4a5f Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 25 Aug 2017 17:36:08 +0100 Subject: [PATCH 38/41] Bento bump --- .kitchen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.kitchen.yml b/.kitchen.yml index 83ad7e6..562eb52 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -10,7 +10,7 @@ provisioner: name: chef_zero platforms: - - name: centos-7.2 + - name: centos-7.3 - name: ubuntu-12.04 suites: From f423d4108140fd898d20f7d29c87a24bd88e9aa6 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 25 Aug 2017 17:36:58 +0100 Subject: [PATCH 39/41] Use the new ruby_rbenv v2 cookbook --- attributes/default.rb | 1 - metadata.rb | 3 +-- recipes/bootstrap.rb | 1 + recipes/setup.rb | 11 ++++++++--- 4 files changed, 10 insertions(+), 6 deletions(-) diff --git a/attributes/default.rb b/attributes/default.rb index c47a351..30a7b3c 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -26,7 +26,6 @@ # Local ruby to install via rbenv default['errbit']['install_ruby'] = '2.2.4' -default['rbenv']['user_installs'] = [{ 'user' => node['errbit']['user'] }] # dotenv file variables # diff --git a/metadata.rb b/metadata.rb index 8bd5d1d..3edfc2b 100644 --- a/metadata.rb +++ b/metadata.rb @@ -7,8 +7,7 @@ version "0.4.0" depends "git" -depends "ruby_build" -depends "ruby_rbenv" +depends "ruby_rbenv", ">=2" depends "apt" depends "nginx", '~> 2.7' depends "build-essential" diff --git a/recipes/bootstrap.rb b/recipes/bootstrap.rb index f881b34..9625806 100644 --- a/recipes/bootstrap.rb +++ b/recipes/bootstrap.rb @@ -25,6 +25,7 @@ code 'bundle exec rake db:seed RAILS_ENV=' + node['errbit']['config']['rails_env'] cwd current_dir user node['errbit']['user'] + rbenv_version node['errbit']['install_ruby'] not_if "#{home_dir}/.rbenv/bin/rbenv exec bundle exec rails runner 'exit User.where(:admin => true).exists?'", { :cwd => current_dir, diff --git a/recipes/setup.rb b/recipes/setup.rb index 95f6e1b..6fd555e 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -45,9 +45,11 @@ mode 0701 end -# setup rbenv (after git user setup) -%w{ ruby_build ruby_rbenv::user_install }.each do |requirement| - include_recipe requirement +rbenv_user_install node['errbit']['user'] + +rbenv_plugin 'ruby-build' do + git_url 'https://github.com/rbenv/ruby-build.git' + user node['errbit']['user'] end # Install appropriate Ruby with rbenv @@ -65,6 +67,7 @@ rbenv_gem "bundler" do action :install user node['errbit']['user'] + rbenv_version node['errbit']['install_ruby'] end directory node['errbit']['deploy_to'] do @@ -141,6 +144,7 @@ code "bundle install --system --without '#{common_groups.join ' '}'" cwd release_path user node['errbit']['user'] + rbenv_version node['errbit']['install_ruby'] end selinux_policy_fcontext "#{release_path}/(app/assets|public)(/.*)?" do @@ -153,6 +157,7 @@ code 'bundle exec rake assets:precompile RAILS_ENV=' + rails_env cwd release_path user node['errbit']['user'] + rbenv_version node['errbit']['install_ruby'] end end end From 81c72813d5fa963a6b144ce7d9b8222297802e02 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 25 Aug 2017 17:37:42 +0100 Subject: [PATCH 40/41] Migrate from the nginx to chef_nginx cookbook --- .kitchen.yml | 2 +- Vagrantfile | 2 +- metadata.rb | 2 +- recipes/setup.rb | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.kitchen.yml b/.kitchen.yml index 562eb52..9385751 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -17,6 +17,6 @@ suites: - name: default run_list: - recipe[mongodb] - - recipe[nginx] + - recipe[chef_nginx] - recipe[errbit::default] - recipe[errbit::bootstrap] diff --git a/Vagrantfile b/Vagrantfile index 670740a..be824e8 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -46,7 +46,7 @@ Vagrant.configure("2") do |config| } chef.run_list = [ - 'recipe[nginx]', + 'recipe[chef_nginx]', 'recipe[errbit::default]', 'recipe[errbit::bootstrap]' ] diff --git a/metadata.rb b/metadata.rb index 3edfc2b..33e860b 100644 --- a/metadata.rb +++ b/metadata.rb @@ -9,7 +9,7 @@ depends "git" depends "ruby_rbenv", ">=2" depends "apt" -depends "nginx", '~> 2.7' +depends "chef_nginx" depends "build-essential" depends "selinux_policy" diff --git a/recipes/setup.rb b/recipes/setup.rb index 6fd555e..1ea4e56 100644 --- a/recipes/setup.rb +++ b/recipes/setup.rb @@ -20,7 +20,7 @@ include_recipe "build-essential" include_recipe "git" -include_recipe "nginx" +include_recipe "chef_nginx" extend SELinuxPolicy::Helpers include_recipe 'selinux_policy::install' if use_selinux From ca5c697ad9bdb63ab5fe95c090eb4acd61e1c201 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 31 Aug 2018 16:50:36 +0100 Subject: [PATCH 41/41] Fix bad version constraint in metadata --- metadata.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.rb b/metadata.rb index 33e860b..cba74ce 100644 --- a/metadata.rb +++ b/metadata.rb @@ -7,7 +7,7 @@ version "0.4.0" depends "git" -depends "ruby_rbenv", ">=2" +depends "ruby_rbenv", ">= 2.0" depends "apt" depends "chef_nginx" depends "build-essential"