diff --git a/deploy/rails-prod-Dockerfile b/deploy/rails-prod-Dockerfile index f0a90e5..f866048 100644 --- a/deploy/rails-prod-Dockerfile +++ b/deploy/rails-prod-Dockerfile @@ -42,12 +42,6 @@ RUN apt-get -qq update \ && cd ruby-${RUBY_VERSION} \ && ./configure \ && make && make install \ - && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7 \ - && sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger $(lsb_release -c --short) main > /etc/apt/sources.list.d/passenger.list' \ - && apt-get -qq update \ - && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y \ - passenger \ - nginx-extras \ && apt-get -qq clean \ && apt-get autoremove -y \ && rm -rf \ @@ -87,12 +81,6 @@ RUN rm -rf /rails && mkdir /rails WORKDIR /rails/ ADD . /rails/ -# Nginx configurations (nginx does not pass envs which is why you need nginx-env.conf) -COPY ./deploy/nginx-wrestlingdev.conf /etc/nginx/sites-available/default -COPY ./deploy/nginx-env.conf /etc/nginx/main.d/nginx-env.conf -COPY ./deploy/nginx.conf /etc/nginx/nginx.conf -RUN echo "passenger_default_user root;" >> /etc/nginx/passenger.conf - #Need temp secret keys to precompile assets ENV WRESTLINGDEV_SECRET_KEY_BASE 077cdbef5c2ccf22543fb17a67339f234306b7fa2e1e4463d851c444c10a5611829a2290b253da78339427f131571fac9a42c83d960b2d25ecc10a4a0a7ce1a2 ENV WRESTLINGDEV_DEVISE_SECRET_KEY 2f29d49db6704377ba263f7cb9db085b386bcb301c0cd501126a674686ab1a109754071165b08cd72af03cec4642a4dd04361c994462254dd5d85e9594e8b9aa @@ -102,6 +90,5 @@ RUN RAILS_ENV=production bundle exec rake assets:precompile ENTRYPOINT ["/tini", "--"] WORKDIR /rails -#CMD bundle exec puma -t 3:3 -b 'ssl://0.0.0.0:443?key=/ssl/server.key&verify_mode=none&cert=/ssl/server.crt' -e production +CMD bundle exec puma -t 5:5 -b 'ssl://0.0.0.0:443?key=/ssl/server.key&verify_mode=none&cert=/ssl/server.crt' -e production #CMD bundle exec passenger start --max-pool-size 3 --environment production --ssl --ssl-certificate /ssl/server.crt --ssl-certificate-key /ssl/server.key -CMD ["nginx"] \ No newline at end of file diff --git a/deploy/rails-prod-nginx-Dockerfile b/deploy/rails-prod-nginx-Dockerfile new file mode 100644 index 0000000..f0a90e5 --- /dev/null +++ b/deploy/rails-prod-nginx-Dockerfile @@ -0,0 +1,107 @@ +FROM ubuntu:xenial + +HEALTHCHECK --start-period=30s CMD curl --insecure https://127.0.0.1/ + +ENV RUBY_VERSION=2.4.4 +ENV RUBY_MAJOR_VERSION=2.4 + +ENV TINI_VERSION v0.18.0 +ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini +RUN chmod +x /tini + +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -qq upgrade -y \ + && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y \ + build-essential \ + libssl-dev \ + libyaml-dev \ + libreadline-dev \ + openssl \ + curl \ + git-core \ + zlib1g-dev \ + bison \ + libxml2-dev \ + libxslt1-dev \ + libcurl4-openssl-dev \ + libsqlite3-dev \ + sqlite3 \ + wget \ + apt-transport-https \ + ca-certificates \ + mysql-client \ + libmysqlclient-dev \ + postfix \ + nodejs \ + nginx \ + lsb-release \ + dirmngr \ + gnupg \ + && wget http://cache.ruby-lang.org/pub/ruby/${RUBY_MAJOR_VERSION}/ruby-${RUBY_VERSION}.tar.gz \ + && tar -xzf ruby-${RUBY_VERSION}.tar.gz \ + && cd ruby-${RUBY_VERSION} \ + && ./configure \ + && make && make install \ + && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7 \ + && sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger $(lsb_release -c --short) main > /etc/apt/sources.list.d/passenger.list' \ + && apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y \ + passenger \ + nginx-extras \ + && apt-get -qq clean \ + && apt-get autoremove -y \ + && rm -rf \ + /var/lib/apt/lists/* \ + /tmp/* \ + /var/tmp/* + +# Set timezone inside the container +RUN echo "America/New_York" > /etc/timezone \ + && rm /etc/localtime \ + && ln -s /usr/share/zoneinfo/America/New_York /etc/localtime + +#New Relic +#RUN echo deb http://apt.newrelic.com/debian/ newrelic non-free >> /etc/apt/sources.list.d/newrelic.list \ +# && wget -O- https://download.newrelic.com/548C16BF.gpg | apt-key add - \ +# && apt-get update \ +# && apt-get install newrelic-sysmond -y \ +# && nrsysmond-config --set license_key=$NEW_RELIC_LICENSE_KEY + +#SSL +RUN mkdir /ssl \ + && openssl req -sha256 -subj '/CN=home/O=home LTD./C=US' \ + -x509 -nodes -days 365 -newkey rsa:4096 -keyout /ssl/server.key -out /ssl/server.crt + +EXPOSE 80 +EXPOSE 443 + +RUN gem install --no-rdoc --no-ri bundler +#Cache gems so they don't install on every code change +WORKDIR /tmp +COPY Gemfile Gemfile +COPY Gemfile.lock Gemfile.lock +RUN bundle install + +# Copy site into place. +RUN rm -rf /rails && mkdir /rails +WORKDIR /rails/ +ADD . /rails/ + +# Nginx configurations (nginx does not pass envs which is why you need nginx-env.conf) +COPY ./deploy/nginx-wrestlingdev.conf /etc/nginx/sites-available/default +COPY ./deploy/nginx-env.conf /etc/nginx/main.d/nginx-env.conf +COPY ./deploy/nginx.conf /etc/nginx/nginx.conf +RUN echo "passenger_default_user root;" >> /etc/nginx/passenger.conf + +#Need temp secret keys to precompile assets +ENV WRESTLINGDEV_SECRET_KEY_BASE 077cdbef5c2ccf22543fb17a67339f234306b7fa2e1e4463d851c444c10a5611829a2290b253da78339427f131571fac9a42c83d960b2d25ecc10a4a0a7ce1a2 +ENV WRESTLINGDEV_DEVISE_SECRET_KEY 2f29d49db6704377ba263f7cb9db085b386bcb301c0cd501126a674686ab1a109754071165b08cd72af03cec4642a4dd04361c994462254dd5d85e9594e8b9aa +RUN RAILS_ENV=production bundle exec rake assets:precompile + +# Tini solves the zombie PID problem +ENTRYPOINT ["/tini", "--"] + +WORKDIR /rails +#CMD bundle exec puma -t 3:3 -b 'ssl://0.0.0.0:443?key=/ssl/server.key&verify_mode=none&cert=/ssl/server.crt' -e production +#CMD bundle exec passenger start --max-pool-size 3 --environment production --ssl --ssl-certificate /ssl/server.crt --ssl-certificate-key /ssl/server.key +CMD ["nginx"] \ No newline at end of file