Merge pull request #22 from cesc1989/master

Refurbished repo

Author: cesc1989

LICENSE.md

@@ -1,3 +1,3 @@
 # License
 
-<a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-sa/4.0/88x31.png" /></a><br /><span xmlns:dct="http://purl.org/dc/terms/" property="dct:title">Backend Stuff</span> by <span xmlns:cc="http://creativecommons.org/ns#" property="cc:attributionName">Francisco Quintero</span> is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International License</a>.
+<a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-sa/4.0/88x31.png" /></a><br /><span xmlns:dct="http://purl.org/dc/terms/" property="dct:title">Backend Stuff</span> by <span xmlns:cc="http://creativecommons.org/ns#" property="cc:attributionName">Francisco Quintero</span> is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International License</a>.

README.md

@@ -1,14 +1,22 @@
-# Ideaware Backend Team's Stuff
+# Stuff for Backends
 
-This repo collects configuration scripts, server hacks, links, etc.
+A collection of configuration scripts for Ruby on Rails applications(mainly) hosted in Ubuntu servers. Most of the work present here should work for Ubuntu 12.04+ machines.
 
-These scrips located in [dependencies](dependencies/) folder work only on [debian-based](https://en.wikipedia.org/wiki/List_of_Linux_distributions#Debian-based) distros:
+Scrips located in [dependencies](dependencies/) folder are meant to work with [debian-based Linux distros](https://en.wikipedia.org/wiki/List_of_Linux_distributions#Debian-based).
 
-- Ubuntu
-- Linux Mint
-- ElementaryOS
-- Kubuntu
-- Lubuntu
+**Notice**
+
+All scripts asume you're setting up an AWS Ubuntu EC2 instance. This means that the system user in all scripts is always _ubuntu_. Bear it in mind when applying these scripts to a different system user.
+
+## Usage
+
+Run scripts with _sudo bash_ command:
+
+```bash
+$ sudo bash ./dependencies/install_nginx.sh
+```
+
+Except `dependencies/install_rvm.sh` which SHOULD be run only with _bash_ command. Doing as super user, would install RVM under `/root` folder.
 
 ## Folders
 
@@ -21,11 +29,10 @@ AWS utilities installation and/or configuration
 
 ### Configurators
 
-For:
-
-- Let's Encrypt certificates auto renewal
+- [Let's Encrypt SSL certificates auto renewal](configurators/letsencrypt)
 - Unattended upgrades
 - Jenkins Nginx proxy
+- [Capistrano configuration for Rails apps deployments](configurators/capistrano)
 
 ### Dependencies
 
@@ -64,4 +71,4 @@ Dependencies that can be installed in macOS via shell scripts or using homebrew.
 
 ## License
 
-<a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-sa/4.0/88x31.png" /></a><br /><span xmlns:dct="http://purl.org/dc/terms/" property="dct:title">Backend Stuff</span> by <span xmlns:cc="http://creativecommons.org/ns#" property="cc:attributionName">Francisco Quintero</span> is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International License</a>.
+<a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-sa/4.0/88x31.png" /></a><br /><span xmlns:dct="http://purl.org/dc/terms/" property="dct:title">Backend Stuff</span> by <span xmlns:cc="http://creativecommons.org/ns#" property="cc:attributionName">Francisco Quintero</span> is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International License</a>.

configurators/capistrano/README.md

@@ -0,0 +1,201 @@
+# Capistrano Configuration
+
+[Capistrano](https://capistranorb.com/) is a tool for configuring and deploying web apps.
+
+Widely used in the Ruby on Rails world, Capistrano provides utilities to deploy RoR apps with a Ruby DSL but getting it right the first time might be a headacher for many.
+
+This section is a noble quest to make configuring Capistrano easier.
+
+## Version and Useful plugins
+
+If possible, always try to use latest Capistrano version. Old version configurations were very hard to complete and needed a lot of coding in the Capistrano DSL.
+
+Newer versions simplify this a lot. Current version as of today is 3.11.0.
+
+### Plugins
+
+Capistrano by itself is very useful but complemented with plugins can make your deployments very simple.
+
+When you install Capistrano, in the `Capfile` there's a list of suggested plugins:
+
+- [Capistrano RVM](https://github.com/capistrano/rvm)
+- [Capistrano rbenv](https://github.com/capistrano/rbenv)
+- [Capistrano ChRuby](https://github.com/capistrano/chruby)
+- [Capistrano Bundler](https://github.com/capistrano/bundler)
+- [Capistrano Rails](https://github.com/capistrano/rails)
+- [Capistrano Passenger](https://github.com/capistrano/passenger)
+
+I also suggest the following ones:
+
+- [Capistrano Nginx](https://github.com/ivalkeen/capistrano-nginx)
+- [Capistrano Sidekiq](https://github.com/seuros/capistrano-sidekiq)
+- [Capistrano Puma](https://github.com/seuros/capistrano-puma)
+
+Every plugin provides a set of commands to be run when configuring, before deployment, during deployment, and after deployment.
+
+All the commands you'd normally would execute in the server can be automated with these extensions.
+
+For Rails apps, you normally should have these installed and enabled in your project's `Capfile`.
+
+- [Capistrano RVM](https://github.com/capistrano/rvm)
+- [Capistrano Bundler](https://github.com/capistrano/bundler)
+- [Capistrano Rails](https://github.com/capistrano/rails)
+- [Capistrano Nginx](https://github.com/ivalkeen/capistrano-nginx)
+
+Those are the basic ones. If your app uses Sidekiq, well, use the Capistrano Sidekiq plugin as well.
+
+> Note: you could skip using Capistrano RVM and installing RVM on your server but I highly suggest using a Ruby version manager because using the default in the machine can lead to trouble because it belongs to `root` user.
+>
+> With Capistrano, you'd want to avoid anything that has to be with user `root`.
+
+## Checklist
+
+In order for Capistrano to work, you need the following configured/installed:
+
+- RVM
+- Ruby
+- Bundler
+- Environment Variables
+- Not-root system user(example, ubuntu in AWS)
+- Access to private repo(if code is in private repository)
+
+The first three ones are real simple. In this project you can find commands to install them. However, the last point, is the tricky one.
+
+## Why Does Capistrano need access to my private repo?
+
+You'd see, the process of Capistrano is quite simple. As you should've already noticed, Capistrano is a tool for automation. Automation is taking a set of scripts and running them without you having to intervine.
+
+> An example of a script can be any of the ones you'd find in this repo.
+
+As such, Capistrano runs a set of commands, in a given order, to setup and deploy your Rails app to the server.
+
+So, How do you normally keep your app in the server up to date? You have to pull changes from your repo. If it's a private one, you'd need access to it.
+
+The easiest way is by setting an SSH-key [1][ssh-bitbucket] [2][ssh-github] [3][multi-git].
+
+> The other option is letting the password prompt appear but that one is not automatable.
+
+## Letting Capistrano pull changes from private repo
+
+After generating a new SSH-key [1][ssh-bitbucket] [2][ssh-github] [3][multi-git] and setting it up in your repo, do the following.
+
+> Ideally, you should have all your ssh keys under folder
+>
+> `/home/ubuntu/.ssh` or `~/.ssh`
+>
+> to easily reference the keys everywhere
+
+In `~/.ssh` create a file called `config` and opening with a text editor, this case, nano.
+
+```bash
+$ touch ~/.ssh/config
+$ nano ~/.ssh/config
+```
+
+In order to connect to the repository without specifying the key, one of the steps in the [Multi git][multi-git] setup is what we need:
+
+### For GitHub
+
+```bash
+Host github.com
+  Hostname github.com
+  IdentityFile /home/ubuntu/.ssh/[THE-KEY-YOU-GENERATED]
+  User git
+```
+
+Test it with `ssh -t [email protected]`
+
+### For Bitbucket
+
+```bash
+Host bitbucket.org
+  Hostname bitbucket.org
+  IdentityFile /home/ubuntu/.ssh/[THE-KEY-YOU-GENERATED]
+  User git
+```
+
+Test it with `ssh -t [email protected]`
+
+The test result is a greeting message indicating that you cannot log in in the service(github or bitbucket) via command line.
+
+When you get this step right, you're closer to have Capistrano working for you.
+
+In fact, these crucial step is the one that would bug you more if you don't get it right at the beginning.
+
+## Configuration in Capistrano Files
+
+You also need to indicate certaing things to Capistrano in your local repo.
+
+We need to add things to `deploy.rb` and `[ENVIRONTMENT].rb`
+
+```
+├── Capfile
+├── config
+│   ├── deploy
+│   │   ├── production.rb
+│   │   └── staging.rb
+│   └── deploy.rb
+└── lib
+    └── capistrano
+            └── tasks
+```
+
+In this case, we're going to touch `production.rb`.
+
+You have to make sure that the setting `repo_url` is using the git version of the URL to your repo.
+
+Every repo can have to ways of being cloned. One is via HTTP and the other one is with the Git protocol:
+
+- `[email protected]:otroespacioweb/letom-api.git`
+- `https://[email protected]/devaspros/letom-api.git`
+
+For Capistrano purposes, we need to use the git version to connect via SSH.
+
+You also need to make sure that `use_sudo` is set to `false`.
+
+Finally, the option `ssh_options` should be configured to connect to the server via SSH.
+
+So, in `deploy.rb` file somewhere you should have:
+
+```ruby
+# ...
+
+set :repo_url, "[email protected]:otroespacioweb/letom-api.git"
+
+# ...
+```
+
+and in your environment specific file:
+
+```ruby
+# ...
+
+set :ssh_options, {
+  user: 'ubuntu',
+  keys: %w[~/.ssh/letom-us-east-1.pem],
+  forward_agent: false
+}
+
+# ...
+```
+
+The `keys` key in the hash is a path to the folder where the SSH key to connect to the server is.
+
+With this option is that Capistrano can login to your server and run everything needed to the app to be deployed:
+
+- Check folders are created
+- Pull repo
+- Run bundle install
+- Run migrations
+- Precompile assets
+- Symlink folders
+- Restart application(s)
+- etc
+
+## Conclusion
+
+Hopefully, this guide will server the purpose of making easier to configure deployment of Rails apps with Capistrano.
+
+[ssh-bitbucket]: https://confluence.atlassian.com/bitbucket/set-up-an-ssh-key-728138079.html
+[ssh-github]: https://help.github.com/en/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent
+[multi-git]: https://gist.github.com/cesc1989/ce791228177867271147770629fe754b

configurators/letsencrypt/README.md

@@ -0,0 +1,16 @@
+# Let's Encrypt Certificates Auto Renewal
+
+Normally, Let's Encrypt generated certificates last a month. It's the job of the server admin to make sure those certificates are renewed in a monthly bases. This can be done manually, by running in the terminal:
+
+```bash
+/opt/certbot-auto renew \
+   --noninteractive \
+   --post-hook "service nginx restart"
+```
+
+or by placing a script containing code above in `/etc/cron.monthly/` folder.
+
+## Contents
+
+- **letsencrypt_cert_renewal**: contains the shell comand to execute renewal non interactively (without needing you to do something else)
+- **certbo_renew.sh**: Script that symlinks **letsencrypt_cert_renewal** in `/etc/cron.monthly/` folder

configurators/letsencrypt/letsencrypt_cert_renewal

@@ -1,5 +1,7 @@
 #!/usr/bin/env bash
 
+# Assuming nginx is the default web server
+
 /opt/certbot-auto renew \
    --noninteractive \
    --post-hook "service nginx restart"

dependencies/install_image_magick.sh

@@ -1,14 +1,28 @@
-echo "--> Installing Image magick in the machine..."
+#!/bin/bash
+
+echo "Installing Image magick from source"
+
 apt-get update
-apt-get -y install libpng12-dev libglib2.0-dev zlib1g-dev libbz2-dev libtiff4-dev libjpeg8-dev
+apt-get -y install \
+  libpng12-dev \
+  libglib2.0-dev \
+  zlib1g-dev \
+  libbz2-dev \
+  libtiff4-dev \
+  libjpeg8-dev
+
 mkdir -p ~/image_magick_download
+
 cd ~/image_magick_download
 wget http://www.imagemagick.org/download/ImageMagick.tar.gz
 tar -xzf ImageMagick.tar.gz
+
 cd ImageMagick-*
 echo "Proceding to compile ImageMagick"
+
 sudo ./configure
 sudo make
 sudo make install
 sudo ldconfig /usr/local/lib
-echo "Image magick installation is now completed... Hopefully"
+
+echo "Image magick installation is now completed... Hopefully"

dependencies/install_java8.sh

@@ -7,4 +7,4 @@
 
 add-apt-repository -y ppa:webupd8team/java
 apt-get update
-apt-get -y install oracle-java8-installer
+apt-get -y install oracle-java8-installer

dependencies/install_jenkins.sh

@@ -3,4 +3,4 @@
 wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
 sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
 sudo apt-get update
-sudo apt-get -y install jenkins
+sudo apt-get -y install jenkins

dependencies/install_letsencrypt.sh

@@ -3,11 +3,7 @@
 # Taken from https://certbot.eff.org/#ubuntutrusty-nginx
 
 apt-get update
-
 apt-get install -y software-properties-common
-
 add-apt-repository -y ppa:certbot/certbot
-
 apt-get update
-
 apt-get install -y python-certbot-nginx

dependencies/install_lib_essentials.sh

@@ -1,5 +1,21 @@
 #!/bin/bash
 
 apt-get update
-apt-get -y install build-essential curl git-core python-software-properties htop vim libfontconfig1 libgmp-dev software-properties-common
-apt-get -y install zlib1g-dev libssl-dev libreadline6-dev libyaml-dev libncurses5-dev libxml2-dev libxslt-dev libsqlite3-dev unzip tree
+apt-get -y install \
+  build-essential \
+  curl \
+  htop \
+  vim \
+  libfontconfig1 \
+  libgmp-dev \
+  zlib1g-dev \
+  libssl-dev \
+  libreadline6-dev \
+  libyaml-dev \
+  libncurses5-dev \
+  libxml2-dev \
+  libxslt-dev \
+  libsqlite3-dev \
+  unzip \
+  tree \
+  libpq-dev

dependencies/install_locale.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 
 apt-get update
-apt-get -y install libmysqlclient-dev
-apt-get -y install mysql-server-5.5
-apt-get -f install mysql-server
+apt-get -y install libmysqlclient-dev mysql-server-5.5
+apt-get -f install mysql-server

dependencies/install_mysql.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+echo "Installing NVM"
+curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | bash
+
+echo "Source to make NVM available"
+. ~/.profile
+
+echo "Install latest NodeJS"
+nvm install --lts