# namespace :deploy do # desc “Precompile assets” # task :precompile do # on roles(:app) do # execute “cd #{release_path}/ && bundle exec rake assets:precompile” # end # end # end
namespace :rails do
namespace :secrets do desc "Create Rails secrets file using random secret key base" task :create_config do on roles(:app) do unless test("[ -f #{shared_path}/config/secrets.yml ]") set :secret_key_base, SecureRandom.hex(64) # get common secrets: we need to find a way to encrypt these really. local_secrets = YAML.load_file(File.join(fetch(:repo_tree,""),"config/secrets.yml")) if local_secrets.has_key?("common") set :common_secrets, local_secrets["common"] end file = File.join(File.dirname(__FILE__), "templates", "rails", "secrets.yml.erb") buffer = ERB.new(File.read(file), nil, '-').result(binding) upload! StringIO.new(buffer), "#{shared_path}/config/secrets.yml" end end end end # The order of tasks here is: rails:db:create_config [check the config doesn't exist] => rails:db:create => rails:db:grant namespace :db do set :db_password, (0...20).map{ [('0'..'9'),('A'..'Z'),('a'..'z')].map {|range| range.to_a}.flatten[rand(64)] }.join set :db_username, -> {"#{fetch(:application).gsub(/[^A-z]/,"").to_s[0..7]}_#{fetch(:stage).to_s[0..3]}"} set :db_name, -> {"#{fetch(:application).gsub(/[^A-z]/,"").to_s[0..53]}_#{fetch(:db_suffix, fetch(:stage).to_s[0..9])}"} desc "Create database.yml" task :create_config do on roles(:app) do unless test("[ -f #{File.join(shared_path, "config", "database.yml")} ]") file = File.join(File.dirname(__FILE__), "templates", "rails", "database.yml.erb") buffer = ERB.new(File.read(file)).result(binding) upload! StringIO.new(buffer), "#{shared_path}/config/database.yml" invoke "rails:db:create" end end end desc "Create database" task :create do on roles(:db) do prompt_for_login db_sql = "CREATE DATABASE IF NOT EXISTS #{fetch(:db_name)};" execute "mysql --user=#{fetch(:server_admin_username)} --password=#{fetch(:server_admin_password)} --execute=\"#{db_sql}\"" end invoke "rails:db:grant" end desc "Grant db rights" task :grant do puts "Creating user" on roles(:db) do |server| prompt_for_login [%w{10.% 127.% localhost},[server.hostname]].flatten.each do |ip| puts "#{ip}" user_sql = "GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES on #{fetch(:db_name)}.* TO '#{fetch(:db_username)}'@'#{ip}' IDENTIFIED BY '#{fetch(:db_password)}';" execute "mysql --user=#{fetch(:server_admin_username)} --password=#{fetch(:server_admin_password)} --execute=\"#{user_sql}\"" end end end end
end
after “deploy:check:make_linked_dirs”, “rails:secrets:create_config” after “deploy:check:make_linked_dirs”, “rails:db:create_config” # after “rails:db:create_config”, “rails:db:create” after “deploy:check”, “nginx:check_config”