==== Recordexa server setup ====
Steps verified https://tracker.exphosted.com/view.php?id=0011831
===Server Access===
A. Create application user \\
usr/sbin/adduser "expdev01" (user should have 'exp'+environment keyword)\\
B. Set user password \\
C. Login as application user\\
ssh username@ip / username@domainname\\
Login is only allowed with authorized ssh keys, User public key has to be added in the server authorized_keys file in order to access the machine.\\
===Software Components:===
Web Server: Nginx, Passenger 4.0.4
Application Programming Language: Ruby 2.1.5 via RVM
Database: MySQL (5.6.36)
Search: Apache Solr (4.8.1) and Tomcat (7.0.54)
rubygems: 2.4.5
Rails: 4.2.6 via bundle install
capistrano: 3.3.5
===Software Installation:===
**1. Extend Repositories and update**
1. Install epel source.
yum install epel-release
2. Update system
yum update -y
**2. Install Dev Libraries**
yum groupinstall "Development Tools" -y
yum groupinstall "Additional Development" -y
yum install gcc gcc-c++ make libtool libxml libxml-devel libxslt libxslt-devel subversion curl-devel java-1.7.0-openjdk java-1.7.0-openjdk-devel git-core openssl-devel patch libyaml-devel patch libffi-devel bison -y
wget http://vault.centos.org/6.5/updates/x86_64/Packages/ImageMagick-devel-6.5.4.7-7.el6_5.x86_64.rpm
wget http://vault.centos.org/6.5/updates/x86_64/Packages/ImageMagick-6.5.4.7-7.el6_5.x86_64.rpm
yum install ImageMagick-6.5.4.7-7.el6_5.x86_64.rpm ImageMagick-devel-6.5.4.7-7.el6_5.x86_64.rpm -y
==== Install Database ====
1. Create a dedicated group and user
groupadd mysql
useradd -r -g mysql mysql
vi /etc/yum.repos.d/mysql-community.repo
[mysql-connectors-community]
name=MySQL Connectors Community
baseurl=http://repo.mysql.com/yum/mysql-connectors-community/el/5/$basearch/
enabled=1
gpgcheck=0
gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
# Enable to use MySQL 5.6
[mysql56-community]
name=MySQL 5.6 Community Server
baseurl=http://repo.mysql.com/yum/mysql-5.6-community/el/5/$basearch/
enabled=1
gpgcheck=0
gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
# Note: MySQL 5.7 is currently in development. For use at your own risk.
# Please read with sub pages: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/
[mysql57-community-dmr]
name=MySQL 5.7 Community Server Development Milestone Release
baseurl=http://repo.mysql.com/yum/mysql-5.7-community/el/5/$basearch/
enabled=0
gpgcheck=0
gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
vi /etc/yum.repos.d/mysql-community-source.repo
[mysql-connectors-community-source]
name=MySQL Connectors Community - Source
baseurl=http://repo.mysql.com/yum/mysql-connectors-community/el/5/SRPMS
enabled=0
gpgcheck=0
gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
[mysql56-community-source]
name=MySQL 5.6 Community Server - Source
baseurl=http://repo.mysql.com/yum/mysql-5.6-community/el/5/SRPMS
enabled=0
gpgcheck=0
gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
[mysql57-community-dmr-source]
name=MySQL 5.7 Community Server Development Milestone Release - Source
baseurl=http://repo.mysql.com/yum/mysql-5.7-community/el/5/SRPMS
enabled=0
gpgcheck=0
gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
rpm -qa | grep mysql
#remove if already mysql package installed remove below commands
yum remove mysql-libs-5.1.73-8.el6_8.x86_64 mysql-5.1.73-8.el6_8.x86_64 mysql-devel-5.1.73-8.el6_8.x86_64
yum install cronie cronie-anacron crontabs
yum install mysql-community-server mysql-community-devel mysql-community-release -y
/etc/init.d/mysqld start
/usr/bin/mysqladmin -u root -hlocalhost password 'xxxx' #pwd reset
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql -p
chkconfig mysqld on
**3. Install Ruby via RVM**
curl -sSL https://get.rvm.io | sudo bash -s stable
vi ~/.profile
[[ -s "$HOME/.rvm/scripts/rvm" ]] && source "$HOME/.rvm/scripts/rvm"
vi ~/.bashrc
export PATH="$PATH:$HOME/.rvm/bin" # Add RVM to PATH for scripting
[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm"
rvm install ruby 2.1.5p273
rvm use 2.1.5p273
**4. Install Tomcat and Solr**
Install Apache Solr (4.8.1) and Tomcat (7.0.54) \\
useradd tomcat \\
take existing working machine following folder /opt/tomcat7 /opt/solr
vi /etc/init.d/tomcat7 , save and chmod +x /etc/init.d/tomcat7
#!/bin/bash
# description: Tomcat Start Stop Restart
# processname: tomcat
# chkconfig: 234 20 80
#JAVA_HOME=/usr/java/jdk1.7.0_05
#export JAVA_HOME
#PATH=$JAVA_HOME/bin:$PATH
export PATH
CATALINA_HOME=/opt/tomcat7/bin
case $1 in
start)
/bin/su tomcat $CATALINA_HOME/startup.sh
;;
stop)
/bin/su tomcat $CATALINA_HOME/shutdown.sh
;;
restart)
/bin/su tomcat $CATALINA_HOME/shutdown.sh
/bin/su tomcat $CATALINA_HOME/startup.sh
;;
status)
test "$(ps -ef|grep java|grep -i catalina 2>1)" && echo "Tomcat-Solr is running" || echo -e "\e[31m\e[0mTomcat-Solr is not running"
;;
esac
exit 0
**5. Run the Passenger Nginx module installer and follow the on-screen instructions **
su - expdev01
gem install rack -v=1.6.4
gem install passenger -v=4.0.44 --conservative
rvmsudo passenger-install-nginx-module
**6. Setup Bundler and Gems**
gem install bundler -v '1.11.2'
gem install passenger -v '4.0.44'
gem install capistrano-bundler -v '1.1.4'
gem install capistrano-ext -v '1.2.1'
gem install capistrano-log_with_awesome -v '0.0.2'
gem install capistrano-passenger -v '0.0.2'
gem install capistrano-rails -v '1.1.1'
gem install capistrano-rvm -v '0.1.1'
**7. Install the ssl certificate**
**8. Nginx configuration example file(make the required changes based on the environment and installation path)**
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
passenger_root /home/expdev01/.rvm/gems/ruby-2.1.5/gems/passenger-4.0.44;
passenger_ruby /home/expdev01/.rvm/gems/ruby-2.1.5/wrappers/ruby;
passenger_max_pool_size 12;
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name dev01.recordexa.com;
rewrite ^/?(.*) https://$host/$1 redirect;
}
server {
listen 443 ssl;
server_name dev01.recordexa.com;
ssl_certificate /opt/nginx/conf/ssl/recordexa/server.crt;
ssl_certificate_key /opt/nginx/conf/ssl/recordexa/server.key;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/pki/tls/private/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
root /deploy/tincan/current/public;
passenger_enabled on;
passenger_app_env development;
passenger_min_instances 12;
client_max_body_size 8M;
# server {
# listen 80;
# server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# root html;
# index index.html index.htm;
# }
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
=== Deploy Application: ===
In home directory /home/expdev01
1. mkdir tincan and copy the deployment script and capistrano files from the existing app(Whole tincan/ directory)
2. mkdir bin and copy the backup and tomcat shell script(runbackup.sh, tomcat_sss.sh)
3. Make sure capistrano structure has been created in /deploy/tincan/
current releases shared
4. Clone the code inside /deploy/tincan/current (This is required at the first time of server setup)
svn co https://repos.exphosted.com/svnrepos/tincan/trunk
5. Change the database name and password in database.yml which should be symlinked from shared to current directory also make sure all the configuration file has symlinked.
1. Files to be symlinked(config/application.yml config/database.yml config/sunspot.yml config/subdomain.yml)
2. Directory to be symlinked(config/environments log public/system/site_logos)
Make sure the solr running port number and location has specified in the config/sunspot.yml under the specific environments
In the config/subdomain.yml under the specific environments if the main url has subdomain then mention tld_size=2(eg: qa01.recordexa.com should have 2 and recordexa.com should have 1) and mention proper custom_domain_ip as server ip
6. Change the environment variable(development/staging/production) in the required file in tincan/ directory
7. In the environment config file(config/environments/development.rb, config/environments/staging.rb, config/environments/production.rb)
a. Check the following configuration if already exists make sure the boolean value set as follows, if not exists add it.
config.cache_classes = true
config.eager_load = true
config.consider_all_requests_local = false
config.action_controller.perform_caching = true
config.action_mailer.raise_delivery_errors = true
config.action_mailer.perform_deliveries = true
config.assets.debug = false
config.assets.raise_runtime_errors = true
b. Set log errors
LOG_ERRORS = true
c. set site flavor
DEFAULT_FLAVOR = "recordexa or expertusone" based on the requirment
d. Set ssl based on the server SSL certificate enabled/disabled
SSL_ENABLED = true/false
e. Change the following URL based on the environment
APP_URL = "#{PROTOCOL_STR}://dev01.recordexa.com"
API_URL = "#{PROTOCOL_STR}://dev01.recordexa.com"
PUBLIC_URL = "#{PROTOCOL_STR}://dev01.recordexa.com"
8. Run the following command in the /deploy/tincan/current directory
a. bundle install
b. bundle exec rake db:create RAILS_ENV=development
c. bundle exec rake db:migrate RAILS_ENV=development
d. bundle exec rake db:seed RAILS_ENV=development
9. Setup god monitoring(God script location: /deploy/systasks/god.sh)
10. Check all the process are running(God, rufus, delayed_job, solr, Nginx, passenger, tomcat)
11. Verify the site(Sanity test cases: https://docs.google.com/spreadsheets/d/1Qz9vhTx_eSVy7t4sWFlRbO2lhrpdNuhAQIvu9hYHGX4/edit?ts=5950e819#gid=367975422)
12. Deploy and verify the deployment script(Deployment script location: /home/expdev01/tincan/runcap.sh)
13. Do the sanity testing and make sure the deployment is success(Sanity test cases: https://docs.google.com/spreadsheets/d/1Qz9vhTx_eSVy7t4sWFlRbO2lhrpdNuhAQIvu9hYHGX4/edit?ts=5950e819#gid=367975422)