$ gem install kontena-cli
$ kontena login {ip}
$ kontena grid use staging
$ kontena vpn config > kontena.ovpn
$ sudo openvpn --config kontena.ovpn --script-security 2 --daemon
$ kontena app build
$ kontena app deploy
lb: | |
image: kontena/lb:latest | |
environment: | |
- LOG_CONFIG=1 | |
deploy: | |
strategy: daemon | |
ports: | |
- 80:80 | |
front: | |
image: registry.kontena.local/blabla_nginx:latest | |
build: 'config/docker/production/nginx' | |
volumes_from: | |
- 'blabla-app-%%s' | |
environment: | |
- KONTENA_LB_INTERNAL_PORT=80 | |
secrets: | |
- secret: FRONT_LB_HOSTS | |
name: KONTENA_LB_VIRTUAL_HOSTS | |
type: env | |
links: | |
- lb | |
app: | |
image: registry.kontena.local/blabla_rails:latest | |
build: '.' | |
dockerfile: config/docker/production/rails/Dockerfile | |
command: ./config/docker/production/rails/unicorn.sh | |
environment: | |
- KONTENA_LB_INTERNAL_PORT=3000 | |
secrets: | |
- secret: APP_LB_HOSTS | |
name: KONTENA_LB_VIRTUAL_HOSTS | |
type: env | |
- secret: BLABLA_HOST | |
name: BLABLA_HOST | |
type: env | |
- secret: BLABLA_ASSETS_HOST | |
name: BLABLA_ASSETS_HOST | |
type: env | |
- secret: GITHUB_SECRET_TOKEN | |
name: GITHUB_SECRET_TOKEN | |
type: env | |
- secret: BLABLA_DB_HOST | |
name: BLABLA_DB_HOST | |
type: env | |
- secret: BLABLA_DB_USER | |
name: BLABLA_DB_USER | |
type: env | |
- secret: BLABLA_DB_PASSWORD | |
name: BLABLA_DB_PASSWORD | |
type: env | |
- secret: BLABLA_GITHUB_CLIENT_ID | |
name: BLABLA_GITHUB_CLIENT_ID | |
type: env | |
- secret: BLABLA_GITHUB_CLIENT_SECRET | |
name: BLABLA_GITHUB_CLIENT_SECRET | |
type: env | |
- secret: BLABLA_REDIS_HOST | |
name: BLABLA_REDIS_HOST | |
type: env | |
- secret: BLABLA_SECRET_KEY_BASE | |
name: BLABLA_SECRET_KEY_BASE | |
type: env | |
- secret: SKYLIGHT_AUTHENTICATION | |
name: SKYLIGHT_AUTHENTICATION | |
type: env | |
links: | |
- lb | |
worker: | |
image: registry.kontena.local/blabla_rails:latest | |
command: 'bundle exec rake resque:work --trace' | |
secrets: | |
- secret: BLABLA_HOST | |
name: BLABLA_HOST | |
type: env | |
- secret: GITHUB_SECRET_TOKEN | |
name: GITHUB_SECRET_TOKEN | |
type: env | |
- secret: BLABLA_DB_HOST | |
name: BLABLA_DB_HOST | |
type: env | |
- secret: BLABLA_DB_USER | |
name: BLABLA_DB_USER | |
type: env | |
- secret: BLABLA_DB_PASSWORD | |
name: BLABLA_DB_PASSWORD | |
type: env | |
- secret: BLABLA_GITHUB_CLIENT_ID | |
name: BLABLA_GITHUB_CLIENT_ID | |
type: env | |
- secret: BLABLA_GITHUB_CLIENT_SECRET | |
name: BLABLA_GITHUB_CLIENT_SECRET | |
type: env | |
- secret: BLABLA_REDIS_HOST | |
name: BLABLA_REDIS_HOST | |
type: env | |
- secret: BLABLA_SECRET_KEY_BASE | |
name: BLABLA_SECRET_KEY_BASE | |
type: env | |
- secret: SKYLIGHT_AUTHENTICATION | |
name: SKYLIGHT_AUTHENTICATION | |
type: env | |
environment: | |
- 'QUEUE=*' |
FROM nginx | |
RUN rm /etc/nginx/conf.d/* | |
COPY nginx.conf /etc/nginx/nginx.conf | |
CMD ["nginx"] |
daemon off; | |
worker_processes 1; | |
error_log /dev/stdout info; | |
events { | |
worker_connections 1024; | |
} | |
http { | |
server_names_hash_bucket_size 64; | |
include mime.types; | |
default_type application/octet-stream; | |
access_log /dev/stdout; | |
gzip on; | |
root /app/public; | |
error_page 404 /404.html; | |
error_page 500 /500.html; | |
server { | |
listen 80 default_server; | |
location / { | |
add_header Access-Control-Allow-Origin *; | |
add_header Access-Control-Request-Method *; | |
expires 60d; | |
} | |
} | |
} |
FROM ruby:2.3-slim | |
RUN apt-get update -qq && \ | |
DEBIAN_FRONTEND=noninteractive apt-get install -yq --no-install-recommends \ | |
make \ | |
gcc \ | |
g++ \ | |
libxml2-dev \ | |
libxslt-dev \ | |
pkg-config \ | |
libcurl3-dev \ | |
libpq-dev \ | |
libgmp3-dev && \ | |
apt-get clean && \ | |
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \ | |
truncate -s 0 /var/log/*log | |
# Add Tini | |
ADD https://github.com/krallin/tini/releases/download/v0.9.0/tini /tini | |
RUN chmod +x /tini | |
ENTRYPOINT ["/tini", "--"] | |
ENV RAILS_ENV production | |
EXPOSE 3000 | |
VOLUME /app/public | |
# Install gems | |
COPY Gemfile Gemfile.lock /app/ | |
WORKDIR /app | |
RUN echo 'gem: --no-rdoc --no-ri' >> /etc/gemrc && \ | |
bundle config build.nokogiri --use-system-libraries && \ | |
bundle install --deployment --without development test --jobs 4 | |
# Copy project files | |
COPY . /app | |
# Setup application | |
RUN mkdir -p tmp/pids tmp/builds && \ | |
rm -rf tmp/cache && \ | |
ln -sf /dev/stdout /app/log/unicorn.log && \ | |
ln -sf /dev/stdout /app/log/production.log && \ | |
ln -sf /dev/stdout /app/log/resque.log |
#!/usr/bin/env bash | |
set -euo pipefail | |
IFS=$'\n\t' | |
set -vx | |
bundle exec rake db:create | |
bundle exec rake db:migrate | |
bundle exec rake assets:precompile | |
exec bundle exec unicorn -c /app/config/unicorn.rb -E deployment |