Setting up Nginx, Puma and Capistrano on Ubuntu 16.04
SSH for the first time using .pem file in root user
$ ssh -i app.pem ubuntu@…amazonaws.comChange root password
$ passwdCreate a new deploy user
$ sudo adduser deployAdd a role sudo to deploy user
$ sudo adduser deploy sudoAdd sudo privileges in file /etc/sudoers.
It will give all privileges to deploy user
deploy ALL=(ALL:ALL) ALLWill not ask password for deploy user
deploy ALL=NOPASSWD: ALLYou can check syntax errors by
$ sudo visudoLogin to deploy
$ su deployAdd your public ssh key to authorized_keys. Check for existing file ~/.ssh/authorized_keys else create a new one
Create .ssh directory
$ mkdir ~/.sshSet the right permissions
$ chmod 700 ~/.sshCreate authorized_keys file
$ touch ~/.ssh/authorized_keysSet the right permissions
$ chmod 600 ~/.ssh/authorized_keysThe permissions are important! It won’t work without the right permissions!
Add your public key to the authorized file and exit SSH
For better security, it’s recommended that you disable root and change the ssh port (anything between 1025..65536). By editing file /etc/ssh/ssh_config
Port 22 # change this to whatever port you wish to use
Protocol 2
PermitRootLogin noReload SSH
$ reload sshSSH in deploy user (xx.xx.xx.xx represents your elastic IP address)
$ ssh deploy@xx.xx.xx.xxCreating SSH keys for deploy user
$ ssh-keygen -t rsa Copying SSH to clipboard
$ cat ~/.ssh/id_rsa.pubCopy the file to the Github or Bitbucket repo access keys.
Set LC_TYPE by adding following lines in the file /etc/default/locale
LC_CTYPE="en_US.UTF-8"
LC_ALL="en_US.UTF-8"
LANG="en_US.UTF-8"Install Curl
$ sudo apt-get update
$ sudo apt-get install curlInstall RVM (change the version which your gem file specifies)
$ curl -L get.rvm.io | bash -s stable
$ source ~/.rvm/scripts/rvm
$ rvm requirements
$ rvm install 2.3.3
$ rvm use 2.3.3 --default
$ rvm rubygems currentInstall PostgreSQL
$ sudo apt-get install postgresql
$ sudo apt-get install python-psycopg2
$ sudo apt-get install libpq-devYou need to install PostgresSQL Server for building server side extension
Install GIT
$ sudo apt-get install git-coreInstall Bundler
$ gem install bundlerInstall some libraries ImageMagick, Node, etc (If required)
$ sudo apt-get install zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libcurl4-openssl-dev python-software-properties libffi-dev nodejs imagemagick libmagickwand-devInstall Monit
Install Nginx
$ sudo apt-get install nginxRemove default site symlink
$ sudo rm /etc/nginx/sites-enabled/defaultCreate /etc/nginx/sites-available/app_name
upstream my_app {server unix:///var/www/app_name/shared/tmp/sockets/puma.sock;}server {listen 80;server_name app.com; # change to your live domainroot /var/www/app_name/current/public;location / {proxy_pass http://my_app; # this should match the name of upstream directiveproxy_set_header Host $host;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;access_log /var/www/app_name/current/log/nginx.access.log;
error_log /var/www/app_name/current/log/nginx.error.log;}location ~* ^/assets/ {# Per RFC2616 - 1 year maximum expiryexpires 1y;add_header Cache-Control public;# Some browsers still send conditional GET requests if there's a# Last-Modified header or an ETag header even if they haven't# reached the expiry date sent in the Expires header.add_header Last-Modified "";add_header ETag "";break;}}
Linking sites-enabled and sites-available
$ sudo ln -sf /etc/nginx/sites-available/app_name /etc/nginx/sites-enabled/app_nameRestart nginx server
$ sudo service nginx restartSet permissions of directory to deploy
$ sudo chown deploy:deploy -c -R /var/wwwAdd your database and secrets file.
Deploy
$ cap environemnt_name deployRestart puma if not in deployment script. If required reboot your aws instance.
$ cap -T puma:restartAdd Swap space to Ubuntu 16.04
