end0tknr's kipple - 新web写経開発

http://d.hatena.ne.jp/end0tknr/ から移転しました

install redmine + nginx + unicorn

前準備 - 必要moduleのinstall

# yum groupinstall "Development Tools"
# yum install openssl-devel readline-devel zlib-devel curl-devel \
      libyaml-devel ImageMagick ImageMagick-devel
# yum install ipa-pgothic-fonts
# yum install ruby ruby-devel

install redmine

と言っても、wgetして解凍するだけ

$ cd ~/dev
$ wget http://www.redmine.org/releases/redmine-3.3.0.tar.gz
$ tar -zxvf redmine-3.3.0.tar.gz
$ ln -s redmine-3.3.0  redmine

redmine 用 database準備

mysql> create database redmine CHARACTER SET utf8;
mysql> GRANT ALL ON redmine.* to redmine@localhost;
mysql> FLUSH PRIVILEGES;
mysql> SET PASSWORD FOR redmine@localhost=password('????');

redmine 設定と、追加module install

db接続と、gmail smtpによるメール設定

$ cd ~/dev/redmine/redmine/config
$ cp database.yml.example database.yml
$ vi database.yml
production:
  adapter: mysql2
  database: redmine
  host: localhost
  username: redmine
  password: "????"
  encoding: utf8
  
$ cp configuration.yml.example configuration.yml
email_delivery:
  delivery_method: :smtp
  smtp_settings:
    enable_starttls_auto: true
    address: "smtp.gmail.com"
    port: 587
    domain: "smtp.gmail.com" 
    authentication: :plain
    user_name: "????@gmail.com"
    password: "????"
# gem install io-console
# gem install bundler --no-rdoc --no-ri
   ## --no-rdoc --no-ri はドキュメント不要のため
# gem install json
# yum install mysql-devel
# gem install mysql2

$ cd ~/dev/redmine
$ bundle install --path vendor/bundler --without development test
$ bundle exec rake generate_secret_token
$ bundle exec rake db:migrate RAILS_ENV=production

ruby application server - unicorn

$ ~/dev/redmine
$ vi Gemfile
gem "unicorn"   #<-ADD

$ bundle update

config unicorn

$ vi /home/ec2-user/dev/redmine/config/unicorn.rb

# -*- coding: utf-8 -*-
worker_processes 2

listen 6000
pid '/home/ec2-user/logs/unicorn.pid'

stderr_path '/home/ec2-user/logs/unicorn.log'
stdout_path '/home/ec2-user/logs/unicorn.log'

preload_app true
GC.respond_to?(:copy_on_write_friendly=) and GC.copy_on_write_friendly = true

before_fork do |server, worker|
defined?(ActiveRecord::Base) and ActiveRecord::Base.connection.disconnect!

old_pid = "#{ server.config[:pid] }.oldbin"
unless old_pid == server.pid
  begin
   sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
   Process.kill :QUIT, File.read(old_pid).to_i
   rescue Errno::ENOENT, Errno::ESRCH
  end
end
end

after_fork do |server, worker|
  defined?(ActiveRecord::Base) and ActiveRecord::Base.establish_connection
end

config nginx

# vi /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    server_tokens off;
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;

    index   index.html index.htm;

   server {
     listen       80;
     location /favicon.ico {
       alias /home/ec2-user/dev/Splats/static/img/favicon.ico;
       break;
       access_log off;
     }

     location / {
       return 302 https://$host$request_uri;
     }
   }

  server {
    listen 443 ssl;
 
    ssl_certificate /etc/letsencrypt/live/????.????.mydns.jp/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/????.????.mydns.jp/privkey.pem;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;
 
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;
 
    root /usr/share/nginx/html;
 
    index index.html index.htm index.nginx-debian.html;

    allow ???.???.???.0/24;
    deny  all;
 
    server_name _;
        location /redmine {
            proxy_pass      http://127.0.0.1:6000;

            auth_basic "MEMBER ONLY";
            auth_basic_user_file /home/ec2-user/dev/htpasswd;

            proxy_set_header Host             $host;
            proxy_set_header X-Real-IP        $remote_addr;
            proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-User $remote_user;
        }
  }
}

start uncorn , nginx

「 ????.????.mydns.jp/redmine 」でアクセスする為、「 --path /redmine」を起動時に指定しています。

$ cd /home/ec2-user/dev/redmine
$ bundle exec unicorn_rails -D --path /redmine \
   -c config/unicorn.rb -E production

$ sudo su -
# /etc/rc.d/init.d/nginx start

access to https://????.????.mydns.jp/redmine
initial user'ss id/pw = admin/admin

後は、以下のurlを参照。

http://redmine.jp/tech_note/first-step/admin/