Skip to content

AMS Production Server

Jump to bottom
Alberto Pérez de Rada Fiol edited this page Sep 8, 2019 · 1 revision

First deployment (bootstrap)

The production server of the AMS is a VPS at OVH (see the info of the identifiers).

Once the VPS of OVH has been (re-)installed (choose Debian 9 in English), it is necessary to log on it (in root), to recover the file scripts/bootstrap.sh of the repository and execute it.

wget https://raw.githubusercontent.com/speedcubingmadrid/speedcubingmadrid.org/master/scripts/bootstrap.sh
chmod +x ./bootstrap.sh
./bootstrap.sh

It will do:

  • Install the necessary packaged
  • Create the ams user
  • Install GitHub's public keys of the admins
  • Clone the speedcubingmadrid.org repository
  • Configure the postgres user
  • Set up the DATABASE_PASSWORD in the environment variables (in the .env.production file). The password is generated randomly, the only way to have it is to consult the environment file.
  • Create a certificate (you must enter the AMS email address, and accept the conditions of use of letsencrypt)
  • Install nginx and its configuration
  • Install cron for certificate renewal
  • Launch the AMS bootstrap

The AMS bootstrap will do:

  • Install rbenv and the ruby version necessary for the site
  • Install the crontab of rake jobs
  • Optionally set up rails and a blank db
  • Optionally set the environment variables (in the .env.production file): WCA_CLIENT_ID, WCA_CLIENT_SECRET, SENDGRID_API_KEY, STRIPE_PUBLISHABLE_KEY, STRIPE_SECRET_KEY, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_BUCKET, AWS_REGION, and TELEGRAM_GROUP_URL.

Once the bootstraping is completed, start the server with the AMS account : ssh [email protected] speedcubingmadrid.org/scripts/deploy.sh rebuild_rails.

Notes about nginx

During the first deployment the SSL certificate is not yet generated, so there are two configuration files for www.speedcubingmadrid.org:

  • one for before the creation of the certificate (prod_conf/pre_certif.conf)
  • one for after the creation of the certificate (prod_conf/post_certif.conf)

During the bootsraping the script should automatically remove the first configuration and add the second one. However, if the creation of the certificate fails, it will be necessary to restore the initial configuration (in /etc/nginx/conf.d), remove the configuration post_certif.conf, and empty the file /etc/nginx/ams_https.conf (it must exist!).

Regular deployment

The script deploy.sh contains useful commands for deployment:

  • pull_latest: get the latest commit on master.
  • restart_app: (re-)start the puma server.
  • rebuild_rails: install the ruby gems, recompile the assets, and run restart_app.

So, to deploy a change, just launch:

ssh [email protected] speedcubingmadrid.org/scripts/deploy.sh pull_latest rebuild_rails

And log in to run any migrations with RAILS_ENV=production bin/rails db:migrate (do not forget to reboot server after running migrations!).

Backup

To get a backup of the production database:

pg_dump -Fc --no-acl --no-owner -h localhost -U speedcubingmadrid speedcubingmadrid-prod > prod.dump

Restoring a backup

In production

Put latest.dump on the server, and run: pg_restore --verbose --clean --no-acl --no-owner -h localhost -U speedcubingmadrid -d speedcubingmadrid-prod latest.dump

In local

pg_restore --verbose --clean --no-acl --no-owner -h localhost -U speedcubingmadrid -d speedcubingmadrid-dev latest.dump

Clone this wiki locally