davidpgero/rails-deploy-ansible

Rails deploy with Ansible

Deploying Rails

I learnt a lot from

• The Efficient Rails DevOps book by Michael Trojanek.
• The Mastering Ansible book by Jesse Keating and James Freeman.

• Thank you!

Prepare

Instead of Vagrant with Virtualbox, we're going to use Multipass as our primary VM.

• Install Multipass

With Python

pip install ansible
pip install -r requirements.txt
ansible-galaxy install -r requirements.yml

Run

# launch multipass
multipass launch --cloud-init cloud-init.yml --name 'PICK_YOUR_NAME' 20.04
# run the provision
ansible-playbook site.yml --verbose

Generate password

Important: the hash can change from OS to OS. Use the VM to create a hash.

ssh ubuntu@192.168.64.6
python3 -c 'import crypt,getpass,sys;print(crypt.crypt(getpass.getpass(), crypt.mksalt(crypt.METHOD_SHA512)))'

Ansible Vault

ansible-vault create group_vars/all/vault
ansible-vault edit group_vars/all/vault

cat ~/.ssh/id_rsa.pub >> roles/user/files/ansible/authorized_keys
ansible-vault encrypt roles/user/files/ansible/*

# replace keys
ansible-vault rekey group_vars/*/vault roles/user/files/*/*
ansible-vault edit group_vars/all/vault

If you totally forget your password... We can't get them back, but we can recreate the files.

• Find the vault files grep '$ANSIBLE_VAULT' . -r -l
• Store the list somewhere so you can go one by one
• Remove the file and encrypt it again ansible-vault encrypt YOUR_FILE
• Whenever we use enrcyped variables, you can find the name of the value by vault_ prefix
  • Open a new vault file, add the variable and encrypt the file

Multipass

Multipass as a primary VM.

You can set your SSH public key in the cloud-init.yml file. After you set up your SSH key, you can ssh in ssh ubuntu@VM_IP_ADDRESS. Get your VM_IP_ADDRESS by multipass info --all

ssh_authorized_keys:
  - YOUR_SSH_PUBLIC_KEY

Useful for set up SSH key in your ~/.ssh/config.

Host VM_IP_ADDRESS
  IdentityFile ~/.ssh/YOUR_PRIVATE_KEY
  User ubuntu
  ForwardAgent yes

Useful commands are:

# Launch a new VM
multipass launch --cloud-init cloud-init.yml --name 'YOUR_VM_NAME' 20.04
# Get info about your VM
multipass info YOUR_VM_NAME

Services

ss -ltun
lsof -i :25
systemctl --type=service

ssh -o BatchMode=yes -o ConnectTimeout=3 ubuntu@192.168.64.11 exit
echo $?

How to use app user?

sudo su - app