Deploying a Ruby app on an AWS production server
with Passenger Enterprise in Nginx mode from RubyGems (with RVM)
On this page you will learn how you can deploy your app to a server that is running Passenger. You can either follow these instructions with your own app, or you can use the sample Rails app we prepared.
Please tell us a bit about your app and your system
With this information, we can provide you with the most relevant instructions.
Table of contents
- Loading...
1 Transferring the app code to the server
1.1 Push your code to a Git repository
We want to transfer our application's code to the server. The easiest way to do that is via Git.
If you have already setup a Git repository, push your application's code to that repository by running this on your local computer:
$ git push
If you have not already setup a Git repository, go to Github, create a repository and push your application's code there.
1.2 Login to your server, create a user for the app
Login to your server with SSH:
$ ssh -i your_ec2_key.pem adminuser@yourserver.com
Replace adminuser
with the name of an account with administrator privileges or sudo privileges.
This is usually admin
, ec2-user
, root
or ubuntu
.
Now that you have logged in, you should create an operating system user account for your app. For security reasons, it is a good idea to run each app under its own user account, in order to limit the damage that security vulnerabilities in the app can do. Passenger will automatically run your app under this user account as part of its user account sandboxing feature.
You should give the user account the same name as your app. But for demonstration purposes, this tutorial names the user account myappuser
.
$ sudo adduser myappuser
We also ensure that that user has your SSH key installed:
$ sudo mkdir -p ~myappuser/.ssh $ touch $HOME/.ssh/authorized_keys $ sudo sh -c "cat $HOME/.ssh/authorized_keys >> ~myappuser/.ssh/authorized_keys" $ sudo chown -R myappuser: ~myappuser/.ssh $ sudo chmod 700 ~myappuser/.ssh $ sudo sh -c "chmod 600 ~myappuser/.ssh/*"
1.3 Install Git on the server
1.4 Pull code
You need to pick a location in which to permanently store your application's code. A good location is /var/www/APP_NAME
. Let us create that directory.
$ sudo mkdir -p /var/www/myapp $ sudo chown myappuser: /var/www/myapp
Replace myapp
and myappuser
with your app's name and your app user account's name.
Now let us pull the code from Git:
$ cd /var/www/myapp $ sudo -u myappuser -H git clone git://github.com/username/myapp.git code
If you are using our sample app, use this Git clone command instead:
$ cd /var/www/myapp $ sudo -u myappuser -H git clone --branch=end_result https://github.com/phusion/passenger-ruby-rails-demo.git code
Your app's code now lives on the server at /var/www/myapp/code
.
2 Preparing the app's environment
2.1 Login as the app's user
All subsequent instructions must be run under the application's user account. While logged into your server, login under the application's user account as follows:
$ sudo -u myappuser -H bash -l
Since you are using RVM, make sure that you activate the Ruby version that you want to run your app under. For example:
$ rvm use ruby-2.3.3
2.2 Install app dependencies
Your application has various dependencies.
They must be installed. Most of these dependencies are gems in your Gemfile, managed by Bundler. You can install them by running bundle install --deployment --without development test -j 2
in your app's directory:
$ cd /var/www/myapp/code $ bundle install --deployment --without development test
Your app may also depend on services, such as PostgreSQL, Redis, etc. Installing services that your app depends on is outside of this tutorial's scope.
2.3 Configure database.yml and secrets.yml
Since your Rails app probably needs a database, you need to edit config/database.yml. For demonstration purposes, we will setup your app with an SQLite database because that is the easiest.
Open the file:
$ nano config/database.yml
Ensure that the production
section looks like this:
production:
adapter: sqlite3
database: db/production.sqlite3
Rails also needs a unique secret key with which to encrypt its sessions. Starting from Rails 4, this secret key is stored in config/secrets.yml. But first, we need to generate a secret key. Run:
$ bundle exec rake secret ...
This command will output a secret key. Copy that value to your clipboard. Next, open config/secrets.yml:
$ nano config/secrets.yml
If the file already exists, look for this:
production:
secret_key_base: <%=ENV["SECRET_KEY_BASE"]%>
Then replace it with the following. If the file didn't already exist, simply insert the following.
production: secret_key_base: the value that you copied from 'rake secret'
To prevent other users on the system from reading sensitive information belonging to your app, let's tighten the security on the configuration directory and the database directory:
$ chmod 700 config db $ chmod 600 config/database.yml config/secrets.yml
2.4 Compile Rails assets and run database migrations
Run the following command to compile assets for the Rails asset pipeline, and to run database migrations:
$ bundle exec rake assets:precompile db:migrate RAILS_ENV=production
3 Configuring Nginx and Passenger
Now that you are done with transferring your app's code to the server and setting up an environment for your app, it is time to configure Nginx so that Passenger knows how to serve your app.
3.1 Determine the Ruby command that Passenger should use
We need to tell Passenger which Ruby command it should use to run your app, just in case there are multiple Ruby interpreters on your system. Please run passenger-config about ruby-command
to find out which Ruby interpreter you are using. For example:
$ passenger-config about ruby-command passenger-config was invoked through the following Ruby interpreter: Command: /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby Version: ruby 2.3.3p85 (2015-02-26 revision 49769) [x86_64-linux] ...
Please take note of the path after "Command" (in this example, /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby
). You will need it in one of the next steps.
3.2 Go back to the admin account
You have previously logged into your app's user account in order to prepare the app's environment. That user does not have sudo access. In the next steps, you need to edit configuration files, for which sudo access is needed. So you need to switch back to the admin account.
This can be done by simply exiting the shell that was logged into the app's user account. You will then be dropped back to the admin account. For example:
# This is what you previously ran: admin$ sudo -u myappuser -H bash -l myappuser$ ... # Type `exit` to go back to the account you were before myappuser$ exit admin$ _
3.3 Edit Nginx configuration file
We need to edit your Nginx configuration file and setup a virtual host entry that points to your app. This virtual host entry tells Nginx (and Passenger) where your app is located.
The location of the Nginx configuration file depends on the Nginx installation prefix you chose while installing Passenger. Assuming you installed Nginx to the default prefix /opt/nginx
, you need to open /opt/nginx/conf/nginx.conf:
$ sudo nano /opt/nginx/conf/nginx.conf
Let us add a virtual host entry at the end of that file. At the end of the file, insert:
server { listen 80; server_name yourserver.com; # Tell Nginx and Passenger where your app's 'public' directory is root /var/www/myapp/code/public; # Turn on Passenger passenger_enabled on; passenger_ruby /path-to-ruby; }
Replace yourserver.com
with your server's host name, and replace /var/www/myapp/code
with your application's code directory path. However, make sure that Nginx is configured to point to the public
subdirectory inside it!
Replace /path-to-ruby
with the Ruby command that you obtained in step 3.1.
When you are done, restart Nginx:
$ sudo kill $(cat /opt/nginx/logs/nginx.pid) $ sudo /opt/nginx/sbin/nginx
(Learn more about restarting Nginx)
3.4 Test drive
You should now be able to access your app through the server's host name! Try running this from your local computer. Replace yourserver.com
with your server's hostname, exactly as it appears in the Nginx config file's server_name
directive.
$ curl http://yourserver.com/ ...your app's front page HTML...
If you do not see your app's front page HTML, then these are the most likely causes:
- You did not correctly configure your
server_name
directive. Theserver_name
must exactly match the host name in the URL. For example, if you use the commandcurl http://45.55.91.235/
to access your app, then theserver_name
must be45.55.91.235
. - You did not setup DNS records. Setting up DNS is outside the scope of this tutorial. In the mean time, we recommend that you use your server's IP address as the server name.
1 Transferring the app code to the server
1.1 Push your code to a Git repository
We want to transfer our application's code to the server. The easiest way to do that is via Git.
If you have already setup a Git repository, push your application's code to that repository by running this on your local computer:
$ git push
If you have not already setup a Git repository, go to Github, create a repository and push your application's code there.
1.2 Login to your server, create a user for the app
Login to your server with SSH:
$ ssh -i your_ec2_key.pem adminuser@yourserver.com
Replace adminuser
with the name of an account with administrator privileges or sudo privileges.
This is usually admin
, ec2-user
, root
or ubuntu
.
Now that you have logged in, you should create an operating system user account for your app. For security reasons, it is a good idea to run each app under its own user account, in order to limit the damage that security vulnerabilities in the app can do. Passenger will automatically run your app under this user account as part of its user account sandboxing feature.
You should give the user account the same name as your app. But for demonstration purposes, this tutorial names the user account myappuser
.
$ sudo adduser myappuser
We also ensure that that user has your SSH key installed:
$ sudo mkdir -p ~myappuser/.ssh $ touch $HOME/.ssh/authorized_keys $ sudo sh -c "cat $HOME/.ssh/authorized_keys >> ~myappuser/.ssh/authorized_keys" $ sudo chown -R myappuser: ~myappuser/.ssh $ sudo chmod 700 ~myappuser/.ssh $ sudo sh -c "chmod 600 ~myappuser/.ssh/*"
1.3 Install Git on the server
1.4 Pull code
You need to pick a location in which to permanently store your application's code. A good location is /var/www/APP_NAME
. Let us create that directory.
$ sudo mkdir -p /var/www/myapp $ sudo chown myappuser: /var/www/myapp
Replace myapp
and myappuser
with your app's name and your app user account's name.
Now let us pull the code from Git:
$ cd /var/www/myapp $ sudo -u myappuser -H git clone git://github.com/username/myapp.git code
If you are using our sample app, use this Git clone command instead:
$ cd /var/www/myapp $ sudo -u myappuser -H git clone --branch=end_result https://github.com/phusion/passenger-ruby-rails-demo.git code
Your app's code now lives on the server at /var/www/myapp/code
.
2 Preparing the app's environment
2.1 Login as the app's user
All subsequent instructions must be run under the application's user account. While logged into your server, login under the application's user account as follows:
$ sudo -u myappuser -H bash -l
Since you are using RVM, make sure that you activate the Ruby version that you want to run your app under. For example:
$ rvm use ruby-2.3.3
2.2 Install app dependencies
Your application has various dependencies.
They must be installed. Most of these dependencies are gems in your Gemfile, managed by Bundler. You can install them by running bundle install --deployment --without development test -j 2
in your app's directory:
$ cd /var/www/myapp/code $ bundle install --deployment --without development test
Your app may also depend on services, such as PostgreSQL, Redis, etc. Installing services that your app depends on is outside of this tutorial's scope.
3 Configuring Nginx and Passenger
Now that you are done with transferring your app's code to the server and setting up an environment for your app, it is time to configure Nginx so that Passenger knows how to serve your app.
3.1 Determine the Ruby command that Passenger should use
We need to tell Passenger which Ruby command it should use to run your app, just in case there are multiple Ruby interpreters on your system. Please run passenger-config about ruby-command
to find out which Ruby interpreter you are using. For example:
$ passenger-config about ruby-command passenger-config was invoked through the following Ruby interpreter: Command: /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby Version: ruby 2.3.3p85 (2015-02-26 revision 49769) [x86_64-linux] ...
Please take note of the path after "Command" (in this example, /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby
). You will need it in one of the next steps.
3.2 Go back to the admin account
You have previously logged into your app's user account in order to prepare the app's environment. That user does not have sudo access. In the next steps, you need to edit configuration files, for which sudo access is needed. So you need to switch back to the admin account.
This can be done by simply exiting the shell that was logged into the app's user account. You will then be dropped back to the admin account. For example:
# This is what you previously ran: admin$ sudo -u myappuser -H bash -l myappuser$ ... # Type `exit` to go back to the account you were before myappuser$ exit admin$ _
3.3 Edit Nginx configuration file
We need to edit your Nginx configuration file and setup a virtual host entry that points to your app. This virtual host entry tells Nginx (and Passenger) where your app is located.
The location of the Nginx configuration file depends on the Nginx installation prefix you chose while installing Passenger. Assuming you installed Nginx to the default prefix /opt/nginx
, you need to open /opt/nginx/conf/nginx.conf:
$ sudo nano /opt/nginx/conf/nginx.conf
Let us add a virtual host entry at the end of that file. At the end of the file, insert:
server { listen 80; server_name yourserver.com; # Tell Nginx and Passenger where your app's 'public' directory is root /var/www/myapp/code/public; # Turn on Passenger passenger_enabled on; passenger_ruby /path-to-ruby; }
Replace yourserver.com
with your server's host name, and replace /var/www/myapp/code
with your application's code directory path. However, make sure that Nginx is configured to point to the public
subdirectory inside it!
Replace /path-to-ruby
with the Ruby command that you obtained in step 3.1.
When you are done, restart Nginx:
$ sudo kill $(cat /opt/nginx/logs/nginx.pid) $ sudo /opt/nginx/sbin/nginx
(Learn more about restarting Nginx)
3.4 Test drive
You should now be able to access your app through the server's host name! Try running this from your local computer. Replace yourserver.com
with your server's hostname, exactly as it appears in the Nginx config file's server_name
directive.
$ curl http://yourserver.com/ ...your app's front page HTML...
If you do not see your app's front page HTML, then these are the most likely causes:
- You did not correctly configure your
server_name
directive. Theserver_name
must exactly match the host name in the URL. For example, if you use the commandcurl http://45.55.91.235/
to access your app, then theserver_name
must be45.55.91.235
. - You did not setup DNS records. Setting up DNS is outside the scope of this tutorial. In the mean time, we recommend that you use your server's IP address as the server name.
Next step
Congratulations, you have successfully deployed your app!
Continue: Deploying updates »