Capistrano | RVM | PUMA

RoR_deploy_to_AWS_EC2.txt

1) Connect to your server and create deployer user
_________________________
ssh -i ~/.ssh/id_rsa.pub ubuntu@Server_IP

sudo su
cd
adduser deployer
mkdir -p /home/deployer/.ssh

\\ Copy key from local machine -
cat ~/.ssh/id_rsa.pub

\\ add paste key
nano /home/deployer/.ssh/authorized_keys

chown -R deployer: ~deployer/.ssh
chmod 700 ~deployer/.ssh
sh -c "chmod 600 ~deployer/.ssh/*"

usermod -aG sudo deployer
nano /etc/sudoers
\\ add the following line at the bottom
deployer  ALL=(ALL) NOPASSWD: ALL

nano /etc/ssh/sshd_config

\\ edit lines:
PermitRootLogin no
PasswordAuthentication yes

service ssh restart

\\ exit from a server and login via deployer user

ssh deployer@IP_server


2) Update/Upgrade your system packages
__________________________________________________

sudo su
cd
apt-get update && apt-get upgrade


3) Install rvm
__________________________________________________

# https://github.com/rvm/ubuntu_rvm
 apt-get install software-properties-common
 apt-add-repository -y ppa:rael-gc/rvm
 apt-get update
 apt-get install rvm
 usermod -a -G rvm deployer
 echo 'source "/etc/profile.d/rvm.sh"' >> ~/.bashrc

\\ exit from a server if Command 'rvm' not found
\\ And connect again then change user on root (sudo su)

rvm install 3.1.1
rvm use --default ruby-3.1.1
gem install bundler


4) Node & Yarn
__________________________________________________

# see https://github.com/nodesource/distributions/blob/master/README.md

curl -fsSL https://deb.nodesource.com/setup_14.x | sudo -E bash -
apt-get install -y nodejs
node -v
npm install --global yarn
yarn -v


5) Postgresql
__________________________________________________

apt update
apt install postgresql postgresql-contrib libpq-dev

su - postgres
postgres$ createuser --pwprompt deployer
postgres$ createdb -O deployer <<APP_DB_NAME>>

\\ testing
postgres$ psql
postgres$ \list
postgres$ \q
postgres$ exit
exit

6) Nginx
__________________________________________________

echo -e 'LANG="en_US.UTF-8"\nLC_ALL="en_US.UTF-8"\nLANGUAGE="en_US:en"' > /etc/default/locale

apt update
apt install nginx 

nano /etc/nginx/nginx.conf
\\ change www-data on deployer
user deployer; 
 
systemctl start nginx
systemctl enable nginx


7) UFW 
__________________________________________________

// https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-20-04

ufw status
ufw enable
ufw app list
ufw allow 'OpenSSH'
ufw allow 'Nginx Full'
ufw allow 5432
ufw app list


8) Capistrano gems
__________________________________________________

Add to Gemfile:

group :development, :deploy do
  gem "capistrano"
  gem "capistrano-rvm"
  gem "capistrano-rails"
  gem "capistrano3-puma", github: "seuros/capistrano-puma"
  gem "capistrano-nginx", "~> 1.0"
  gem "capistrano-upload-config"
  gem "sshkit-sudo"
end


RUN:
your_app$ bundle
your_app$ cap install


9) Edit Capfile
__________________________________________________

require 'capistrano/setup'
require 'capistrano/deploy'
require 'capistrano/scm/git'
install_plugin Capistrano::SCM::Git
require 'capistrano/rvm'
require 'capistrano/rails'
require 'capistrano/puma'
install_plugin Capistrano::Puma
install_plugin Capistrano::Puma::Nginx
install_plugin Capistrano::Puma::Systemd
require 'capistrano/nginx'
require 'capistrano/upload-config'
require 'sshkit/sudo'

Dir.glob('lib/capistrano/tasks/*.rake').each { |r| import r }


10) Edit config/deploy.rb
__________________________________________________


\\ EDIT config/deploy.rb AS ATTACHED deploy.rb AND CHANGE VARIABLES IN IT

lock "~> 3.17.0"

set :repo_url,         "your repo"
set :user,             "deployer"
set :rvm_custom_path,  "/usr/share/rvm"
set :rvm_ruby_version, "3.1.1"
set :pty,              true

set :linked_files, fetch(:linked_files, []).push("config/database.yml", "config/secrets.yml", "config/master.key")
set :linked_dirs,  fetch(:linked_dirs,  []).push("log", "tmp/pids", "tmp/cache", "tmp/sockets", "vendor/bundle",
                                                "public/system", "public/uploads", "public/images", "storage")

set :config_files,     %w[config/database.yml config/secrets.yml]
set :nginx_use_ssl,    false
set :nginx_use_http2,  true

namespace :deploy do
  before 'check:linked_files', 'set:master_key'
  before 'check:linked_files', 'puma:nginx_config'
  before 'check:linked_files', 'puma:systemd:config'
  before 'check:linked_files', 'puma:systemd:enable'
  before 'check:linked_files', 'config:push'
end

after "deploy:log_revision", "nginx:restart"


11) Edit config/deploy/production.rb
__________________________________________________

server "server IP", user: "#{fetch(:user)}", roles: %w{app db web}, primary: true

set :application, "app_name"
set :deploy_to,   "/home/#{fetch(:user)}/apps/#{fetch(:application)}"
set :branch,      "main"
set :environment, "production"
set :rails_env,   "production"

set :nginx_server_name, "18.194.232.27"
set :puma_conf,         "#{shared_path}/config/puma.rb"


12) Create rake tasks
__________________________________________________

your_app$ cd lib/capistrano/tasks
\\ add file set_master_key.rake

namespace :set do
  task :master_key do
    on roles(:app), in: :sequence, wait: 10 do
      unless test("[ -f #{shared_path}/config/master.key ]")
        upload! 'config/master.key', "#{shared_path}/config/master.key"
      end
    end
  end
end


13) Add config files
__________________________________________________

\\ on local machine in dir app run: 

echo 'secret_key_base: <%= Rails.application.credentials.secret_key_base %>' >> config/secrets.yml

cap production config:init

echo '/config/database.yml' >> .gitignore
echo '/config/database.production.yml' >> .gitignore
echo '/config/secrets.yml' >> .gitignore
echo '/config/secrets.production.yml' >> .gitignore

\\ Edit with your parameters

/config/database.production.yml
/config/secrets.production.yml


14) Generate Nginx/puma config:
__________________________________________________

your_app$ rails g capistrano:nginx_puma:config

Edit or leave as is:

config/deploy/templates/nginx_conf.erb
config/deploy/templates/puma.rb.erb


15) GIT commit and push changes and Deploy
__________________________________________________
cap production deploy


16) Add full acceess
__________________________________________________
\\ go to server as deployer user and run
sudo chown -R deployer /home/deployer
\\ than start a server from local machine
cap production puma:start


16) Edit deploy.rb
__________________________________________________
\\ comment or remove lines:

# set :config_files,         %w[config/database.yml config/secrets.yml]
# set :nginx_use_ssl,        false
# set :nginx_use_http2,      true
#
# namespace :deploy do
#   before 'check:linked_files', 'set:master_key'
#   before 'check:linked_files', 'puma:nginx_config'
#   before 'check:linked_files', 'puma:systemd:config'
#   before 'check:linked_files', 'puma:systemd:enable'
#   before 'check:linked_files', 'config:push'
# end
#
# after "deploy:log_revision", "nginx:restart"


17) Install Certbot for https after adding domain
__________________________________________________

sudo apt-get install software-properties-common
sudo apt install certbot python3-certbot-nginx
sudo apt-get update
sudo apt-get install certbot
sudo nano /etc/letsencrypt/cli.ini
// ADD LINE
renew-hook = systemctl restart nginx