Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added support for http/2 and more configurable variables, FreeBSD. #91

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Added support for http/2 and more configurable variables, FreeBSD. #91

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,3 +17,4 @@ test/version_tmp
tmp
/vendor/ruby
.idea
/.c9
4 changes: 2 additions & 2 deletions lib/capistrano/dsl/unicorn_paths.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ module DSL
module UnicornPaths

def unicorn_initd_file
"/etc/init.d/#{fetch(:unicorn_service)}"
"#{fetch(:unicorn_init_path)}/#{fetch(:unicorn_service)}"
end

def unicorn_default_config_file
Expand Down Expand Up @@ -31,4 +31,4 @@ def unicorn_default_logrotate_config_file
end
end
end
end
end
11 changes: 8 additions & 3 deletions lib/capistrano/tasks/nginx.rake
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ include Capistrano::DSL::NginxPaths

namespace :load do
task :defaults do
set :root_name, 'root'
set :root_group, 'wheel'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this work in all OSes?

set :templates_path, 'config/deploy/templates'
set :nginx_config_name, -> { "#{fetch(:application)}_#{fetch(:stage)}" }
set :nginx_pid, nginx_default_pid_file
Expand All @@ -15,6 +17,8 @@ namespace :load do
set :nginx_location, '/etc/nginx'
set :nginx_use_ssl, false
set :nginx_use_spdy, false
# http v2 protocol
set :nginx_use_http_v2, false
# if true, passes the SSL client certificate to the application server for consumption in Ruby code
set :nginx_pass_ssl_client_cert, false
set :nginx_ssl_cert, -> { nginx_default_ssl_cert_file_name }
Expand All @@ -26,7 +30,8 @@ namespace :load do
set :nginx_ssl_cert_key_local_path, -> { ask(:nginx_ssl_cert_key_local_path, 'Local path to ssl certificate key: ') }
set :nginx_fail_timeout, 0 # see http://nginx.org/en/docs/http/ngx_http_upstream_module.html#fail_timeout
set :nginx_read_timeout, nil

set :nginx_dhparam, '/etc/nginx/ssl/dhparam.pem'

set :linked_dirs, fetch(:linked_dirs, []).push('log')
end
end
Expand Down Expand Up @@ -56,9 +61,9 @@ namespace :nginx do
if fetch(:nginx_upload_local_cert)
sudo_upload! fetch(:nginx_ssl_cert_local_path), nginx_ssl_cert_file
sudo_upload! fetch(:nginx_ssl_cert_key_local_path), nginx_ssl_cert_key_file
sudo :chown, "#{fetch(:root_name)}:#{fetch(:root_group)}", nginx_ssl_cert_file
sudo :chown, "#{fetch(:root_name)}:#{fetch(:root_group)}", nginx_ssl_cert_key_file
end
sudo :chown, 'root:root', nginx_ssl_cert_file
sudo :chown, 'root:root', nginx_ssl_cert_key_file
end
end

Expand Down
14 changes: 11 additions & 3 deletions lib/capistrano/tasks/unicorn.rake
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ include Capistrano::DSL::UnicornPaths

namespace :load do
task :defaults do
set :unicorn_init_path, '/etc/init.d'
set :unicorn_service, -> { "unicorn_#{fetch(:application)}_#{fetch(:stage)}" }
set :templates_path, 'config/deploy/templates'
set :unicorn_pid, -> { unicorn_default_pid_file }
Expand All @@ -18,6 +19,9 @@ namespace :load do
set :unicorn_use_tcp, -> { roles(:app, :web).count > 1 } # use tcp if web and app nodes are on different servers
set :unicorn_app_env, -> { fetch(:rails_env) || fetch(:stage) }
# set :unicorn_user # default set in `unicorn:defaults` task

set :unicorn_use_update_rc_d, true
set :unicorn_use_init_script, false

set :unicorn_logrotate_enabled, false # by default, don't use logrotate to rotate unicorn logs

Expand All @@ -38,7 +42,7 @@ namespace :unicorn do
on roles :app do
sudo_upload! template('unicorn_init.erb'), unicorn_initd_file
execute :chmod, '+x', unicorn_initd_file
sudo 'update-rc.d', '-f', fetch(:unicorn_service), 'defaults'
sudo('update-rc.d', '-f', fetch(:unicorn_service), 'defaults') if fetch(:unicorn_use_update_rc_d)
end
end

Expand All @@ -55,15 +59,19 @@ namespace :unicorn do
on roles :app do
sudo :mkdir, '-pv', File.dirname(fetch(:unicorn_logrotate_config))
sudo_upload! template('unicorn-logrotate.rb.erb'), fetch(:unicorn_logrotate_config)
sudo 'chown', 'root:root', fetch(:unicorn_logrotate_config)
sudo 'chown', "#{fetch(:root_name)}:#{fetch(:root_group)}", fetch(:unicorn_logrotate_config)
end
end

%w[start stop restart reload].each do |command|
desc "#{command} unicorn"
task command do
on roles :app do
sudo 'service', fetch(:unicorn_service), command
if fetch(:unicorn_use_init_script)
sudo unicorn_initd_file, command
else
sudo 'service', fetch(:unicorn_service), command
end
end
end
end
Expand Down
10 changes: 9 additions & 1 deletion lib/generators/capistrano/unicorn_nginx/templates/_default_server_directive.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,20 @@ server {
<% if fetch(:nginx_use_ssl) -%>
<% if fetch(:nginx_use_spdy) -%>
listen <%= ssl_port %> spdy;
<% elsif fetch(:nginx_use_http_v2) -%>
listen <%= ssl_port %> http2;
<% else -%>
listen <%= ssl_port %>;
<% end -%>
ssl on;
<% if fetch(:nginx_ssl_cert) and not fetch(:nginx_upload_local_cert) -%>
ssl_certificate <%= fetch(:nginx_ssl_cert) %>;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is this for?

ssl_certificate_key <%= fetch(:nginx_ssl_cert_key) %>;
<% else -%>
ssl_certificate <%= nginx_ssl_cert_file %>;
ssl_certificate_key <%= nginx_ssl_cert_key_file %>;
<% end-%>


ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
Expand All @@ -24,7 +32,7 @@ server {

ssl_stapling on;
ssl_stapling_verify on;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_dhparam <%= fetch(:nginx_dhparam) %>;
<% else -%>
listen <%= fetch(:nginx_server_port) %>;
<% end -%>
Expand Down
12 changes: 6 additions & 6 deletions lib/generators/capistrano/unicorn_nginx/templates/nginx_conf.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,18 @@
upstream unicorn_<%= fetch(:nginx_config_name) %> {
<% if fetch(:unicorn_use_tcp) -%>
<% roles(:app).each do |role| -%>
<% if fetch(:unicorn_use_tcp) -%>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please undo changes to indentation in this file, unless you have a good reason for these

<% roles(:app).each do |role| -%>
server <%= role.hostname %>:<%= fetch(:unicorn_tcp_listen_port)%> fail_timeout=<%= fetch(:nginx_fail_timeout) %>;
<% end -%>
<% else -%>
server unix:/tmp/unicorn.<%= fetch(:nginx_config_name) %>.sock fail_timeout=<%= fetch(:nginx_fail_timeout) %>;
server unix:/tmp/unicorn.<%= fetch(:nginx_config_name) %>.sock fail_timeout=<%= fetch(:nginx_fail_timeout) %>;
<% end -%>
}

<% if fetch(:nginx_use_ssl) -%>
server {
listen <%= fetch(:nginx_server_port) %>;
server_name <%= fetch(:nginx_server_name) %>;
rewrite ^(.*) https://$host$1 permanent;
listen <%= fetch(:nginx_server_port) %>;
server_name <%= fetch(:nginx_server_name) %>;
rewrite ^(.*) https://$host$1 permanent;
}
<% end -%>

Expand Down