Advantages over other settings in Webbynode:
- Deployment through command line (git push via webbynode gem). This is similar to Heroku, but with different choices.
The ReadyStack probably uses git clone from public repositories.
- Neat directory structure. Because of that, RAPP is convenient to be customised as necessary.
Disadvantages:
- More initial setups for deployment from Windows (e.g. git, ssh, plink, etc.)
Setup details are on Webbynode Guide on RAPP. The RAPP bootstrap guide didn’t work out pretty smooth on my laptop, probably due to some settings. So, I tried the following settings.
Settings on Webby
- Ubuntu 10.04
- Ruby Enterprise Edition (REE) 1.8.7, Rails 3, Passenger 3, Nginx
- My SSH public key on /var/rapp/.ssh/authorized_keys (see Public Key Authentication section on Security) –> probably I should have used wn add_key on my laptop instead
Settings on my laptop
- Fedora 14
- REE 1.8.7, Rails 3
- My SSH private key on /home/myuser/.ssh/priv_key
Here are some stuff from my first deployment. Hurray! My first app has been deployed.
Security
Public Key Authentication
The main reason is to prevent password’s brute force attack.
In my laptop, I did the following.
1. Save the Webby IP
$ webby_ip=66.58.30.39 #whatever ip it is.. probably better to put this line on ~/.bashrc, or configure /etc/hosts
2. Create SSH public/private key pair
$ ssh-keygen -t dsa
[enter your details..]
3. Copy public key to Webby
username can be root, git, or any other Operating System users in the Webby. The users must have SSH access enabled (by default, each OS user has SSH enabled I guess).
$ ssh username@$webby_ip mkdir -p .ssh
[password prompt]
$ cd ~
$ cat .ssh/id_rsa.pub | ssh username@$webby_ip “cat – >> ~/.ssh/authorized_keys”
[password prompt]
In the Webby, change .ssh folder and authorized_keys file permissions. This is to ensure that keys inside .ssh can only be accessed by username
$ ssh username@$webby_ip
[prompt for unlocking your private key]
$ chmod 700 .ssh
$ chmod 600 .ssh/authorized_keys
Reference: SSH login without password
User/Group Management
This part is optional. Some say that ssh using root is not a good security practice. Some probably want to have user-centric app folders configuration.
Add group
# groupadd developers
# grep developers /etc/group
Add user to group
# useradd -G developers your_username
# passwd your_username
# id your_username #print out username details
Reference: Howto: Linux Add User To Group
Create home folder for user
# cd /home
# mkdir your_username
# chown your_username:your_username your_username
List of all users
# awk -F”:” ‘{ print “username: ” $1 “\t\tuid:” $3 }’ /etc/passwd
Reference: How to list all your USERs..
