CentOS 6.4 Server Setup With Ruby on Rails, Nginx and PostgreSQL
Server setup with the entire environment for Rails applications can be quite tricky, especially when you do it for the first time. Here is step by step guide how to setup CentOS 6.4 server with a basic environment for deploying Rails applications. I encourage you to choose CentOS Linux - it is a reliable distro (well, based on Red Hat Enterprise Linux), easy to handle and doesn’t require advanced Unix knowledge like Gentoo (especially while updating system related stuff).
You need to ssh on your server:
Start with creating new user deploy:
And create password for the new user:
You shouldn’t use root user often, but you will need root privileges for performing many tasks, like installing stuff, so it is quite useful to edit sudo configuration - it will give deploy user an ability to perform all tasks which require root privileges by preceding command with sudo. Run:
find section that looks like that:
## Allow root to run any commands anywhereroot ALL=(ALL) ALL
and add the following line:
deploy ALL=(ALL) ALL
If you are not familiar with Vi editor, you have to press a, and then you can type :). When you finish hit escape and type :wq!.
Enhance security - configure SSH
You can easily make your server more secure by editing SSH configuration. Type:
Here are some default options which you may change:
#Port 22#PermitRootLogin yes
Default 22 port for SSH is not insecure, but changing it to some other value will make it more difficult to compromise your server by automated attacks. Pick any number less than 65536 and uncomment this line.
Another option is PermitRootLogin - change it to no to disable logging as root through ssh. You have root privileges by using sudo, so you don’t need to login as root anyway.
If you are going to create some more users, but you don’t want them to login through ssh, add following line:
When you are finished type:
Now, open NEW terminal window and check if everything works:
ssh -p new-port deploy@your-ip
Uhh, what was that IP?
You can avoid typing your IP number on every login by using named hosts, which is quite simple: create or edit ~/.ssh/config (on your local machine, not server) and add:
Now you can login on your server by:
But you can also skip password - you have to generate authentication keys on your local machine:
ssh-keygen -t rsa
And that’s the entire output:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/azdaroth/.ssh/id_rsa):
Created directory '/home/azdaroth/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/azdaroth/.ssh/id_rsa.
Your public key has been saved in /home/azdaroth/.ssh/id_rsa.pub.
The key fingerprint is:
The key's randomart image is:
+--[ RSA 2048]----+
| =o. |
| + . .|
| + o o=|
| . B o .E|
| S= .|
| + .|
| . + o . |
| oo o |
| .o |
What about the passphrase? It’s up to you. If you leave it blank, you can ssh on your server by just entering: ssh server-name and that’s all. Pretty nice, but if your local machine gets stolen, something really bad may happen with your server. So, you should enter a passphrase, at least on your laptop. The only downside of passphrase is that you will be asked to enter it on each login.
To finish setup on your server, enter the following commands:
[remi]name=Les RPM de remi pour Enterprise Linux 6 - $basearch#baseurl=http://rpms.famillecollet.com/enterprise/6/remi/$basearch/mirrorlist=http://rpms.famillecollet.com/enterprise/6/remi/mirror
Now, you are going to install some packages, like RVM dependencies and other stuff.
Make sure you have following lines in your ~/.bashrc file :
[[ -s "$HOME/.rvm/scripts/rvm"]]&& . "$HOME/.rvm/scripts/rvm"PATH=$PATH:$HOME/.rvm/bin # Add RVM to PATH for scripting
To check if everything was installed properly enter:
type rvm | head -1
It should return something like: rvm is a function. If not, reload terminal session (simply log out and log in again).
And now you can install specified Ruby Version:
rvm install 2.1.0
Use installed Ruby version as the default one:
rvm use 2.1.0
rvm use 2.1.0 --default
Nice! You’ve successfully installed Ruby. Now, you can install Bundler and Rails.
gem install bundler rails
Nginx and Passenger
You will need an http server to run your applications. Nginx is fast, lightweight and easy to configure and Phusion Passenger module makes Nginx and Rails integration painless. Firstly, install Passenger gem:
gem install passenger
and then, install Nginx with compiled Passenger module:
Choose the recommended install mode.
Now, open the Nginx configuration file (/opt/nginx/cong/nginx.conf if you haven’t changed it during installation).
sudo vi /opt/nginx/conf/nginx.conf
Let’s change some default config. Change worker_processes to be equal to number of CPU cores. You can also enable gzip compression. Just add following lines:
sudo service nginx start
sudo service nginx stop
sudo service nginx reload
sudo service nginx restart
sudo service nginx status
sudo service nginx configtest
To add Nginx to the default run levels, enter:
sudo /sbin/chkconfig nginx on
This part is optional, but you will probably need ImageMagick in some applications - it is a powerful software for creating, editing and converting images. The ImageMagick version available in repositories is probably outdated, so we will compile it from source.
Start with installing some delegates (you have to install them before compiling ImageMagick).
You have to initialize database cluster before doing anything:
sudo /etc/init.d/postgresql-9.3 initdb
And you can start Postgres and add it do default run levels:
sudo service postgresql-9.3 start
sudo chkconfig --levels 235 postgresql-9.3 on
The very first thing you should do with Postgres is setting password for postgres user:
sudo su postgres
Now, you are in psql console. To change password, enter:
alter user postgres with password 'postgres-user-password';
Logout from postgres user and modify /var/lib/pgsql/9.3/data/pg_hba.conf:
sudo vi /var/lib/pgsql/9.3/data/pg_hba.conf
At the bottom of the file change authentication method to md5:
# TYPE DATABASE USER ADDRESS METHOD# "local" is for Unix domain socket connections onlylocal all all md5
# IPv4 local connections:host all all 127.0.0.1/32 md5
# IPv6 local connections:host all all ::1/128 md5
and restart Postgres:
sudo service postgresql-9.3 restart
To run psql console as deploy user just enter:
psql postgres postgres
and create a new user and database:
create user username with password 'secretPassword';
create database testdb owner=username;