From 1fea5fd9f7df4330cc426f7a4b41db22bb5fb12a Mon Sep 17 00:00:00 2001 From: Jyri Genral Date: Wed, 19 May 2021 21:55:50 +0300 Subject: [PATCH 1/5] Configure secrets at runtime in prod release --- config/prod.exs | 2 +- config/{prod.secret.exs => releases.exs} | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) rename config/{prod.secret.exs => releases.exs} (93%) diff --git a/config/prod.exs b/config/prod.exs index 5486193..359eb97 100644 --- a/config/prod.exs +++ b/config/prod.exs @@ -52,4 +52,4 @@ config :logger, level: :info # Finally import the config/prod.secret.exs which loads secrets # and configuration from environment variables. -import_config "prod.secret.exs" +# import_config "prod.secret.exs" # removed for using runtime configuration diff --git a/config/prod.secret.exs b/config/releases.exs similarity index 93% rename from config/prod.secret.exs rename to config/releases.exs index 11d66d0..30abce4 100644 --- a/config/prod.secret.exs +++ b/config/releases.exs @@ -2,7 +2,7 @@ # from environment variables. You can also hardcode secrets, # although such is generally not recommended and you have to # remember to add this file to your .gitignore. -use Mix.Config +import Config database_url = System.get_env("DATABASE_URL") || @@ -35,7 +35,7 @@ config :runosaari, RunosaariWeb.Endpoint, # If you are doing OTP releases, you need to instruct Phoenix # to start each relevant endpoint: # -# config :runosaari, RunosaariWeb.Endpoint, server: true +config :runosaari, RunosaariWeb.Endpoint, server: true # # Then you can assemble a release by calling `mix release`. # See `mix help release` for more information. From 97b28d24439411ea63af4476918b121ebeacf521 Mon Sep 17 00:00:00 2001 From: Jyri Genral Date: Wed, 19 May 2021 22:04:24 +0300 Subject: [PATCH 2/5] Add very basic database migration helpers. For example, you can do Ecto migrations by running $ _build/prod/rel/runosaari/bin/runosaari eval "Runosaari.Release.migrate" --- lib/runosaari/release.ex | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 lib/runosaari/release.ex diff --git a/lib/runosaari/release.ex b/lib/runosaari/release.ex new file mode 100644 index 0000000..4901818 --- /dev/null +++ b/lib/runosaari/release.ex @@ -0,0 +1,24 @@ +defmodule Runosaari.Release + @app :runosaari + + def migrate do + load_app() + + for repo <- repos() do + {:ok, _, _} = Ecto.Migrator.with_repo(repo, &Ecto.Migrator.run(&1, :up, all: true)) + end + end + + def rollback(repo, version) do + load_app() + {:ok, _, _} = Ecto.Migrator.with_repo(repo, &Ecto.Migrator.run(&1, :down, to: version)) + end + + defp repos do + Application.fetch_env!(@app, :ecto_repos) + end + + defp load_app do + Application.load(@app) + end +end From 0eba4b3e56c44b0a2fc4592dfd142a9fbfc2771f Mon Sep 17 00:00:00 2001 From: Jyri Genral Date: Fri, 21 May 2021 22:41:07 +0300 Subject: [PATCH 3/5] Minor changes --- config/prod.exs | 49 +-------------------------------------------- config/releases.exs | 7 ------- 2 files changed, 1 insertion(+), 55 deletions(-) diff --git a/config/prod.exs b/config/prod.exs index 359eb97..ac591b8 100644 --- a/config/prod.exs +++ b/config/prod.exs @@ -1,55 +1,8 @@ use Mix.Config -# For production, don't forget to configure the url host -# to something meaningful, Phoenix uses this information -# when generating URLs. -# -# Note we also include the path to a cache manifest -# containing the digested version of static files. This -# manifest is generated by the `mix phx.digest` task, -# which you should run after static files are built and -# before starting your production server. config :runosaari, RunosaariWeb.Endpoint, - url: [host: "example.com", port: 80], + url: [host: "runosaari.net", port: 3000], cache_static_manifest: "priv/static/cache_manifest.json" # Do not print debug messages in production config :logger, level: :info - -# ## SSL Support -# -# To get SSL working, you will need to add the `https` key -# to the previous section and set your `:url` port to 443: -# -# config :runosaari, RunosaariWeb.Endpoint, -# ... -# url: [host: "example.com", port: 443], -# https: [ -# port: 443, -# cipher_suite: :strong, -# keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"), -# certfile: System.get_env("SOME_APP_SSL_CERT_PATH"), -# transport_options: [socket_opts: [:inet6]] -# ] -# -# The `cipher_suite` is set to `:strong` to support only the -# latest and more secure SSL ciphers. This means old browsers -# and clients may not be supported. You can set it to -# `:compatible` for wider support. -# -# `:keyfile` and `:certfile` expect an absolute path to the key -# and cert in disk or a relative path inside priv, for example -# "priv/ssl/server.key". For all supported SSL configuration -# options, see https://hexdocs.pm/plug/Plug.SSL.html#configure/1 -# -# We also recommend setting `force_ssl` in your endpoint, ensuring -# no data is ever sent via http, always redirecting to https: -# -# config :runosaari, RunosaariWeb.Endpoint, -# force_ssl: [hsts: true] -# -# Check `Plug.SSL` for all available options in `force_ssl`. - -# Finally import the config/prod.secret.exs which loads secrets -# and configuration from environment variables. -# import_config "prod.secret.exs" # removed for using runtime configuration diff --git a/config/releases.exs b/config/releases.exs index 30abce4..3a5a950 100644 --- a/config/releases.exs +++ b/config/releases.exs @@ -1,7 +1,3 @@ -# In this file, we load production configuration and secrets -# from environment variables. You can also hardcode secrets, -# although such is generally not recommended and you have to -# remember to add this file to your .gitignore. import Config database_url = @@ -36,6 +32,3 @@ config :runosaari, RunosaariWeb.Endpoint, # to start each relevant endpoint: # config :runosaari, RunosaariWeb.Endpoint, server: true -# -# Then you can assemble a release by calling `mix release`. -# See `mix help release` for more information. From 2d805b987f1883290ed460793d5875ab4c97c282 Mon Sep 17 00:00:00 2001 From: Jyri Genral Date: Fri, 21 May 2021 22:43:51 +0300 Subject: [PATCH 4/5] Add missing do --- lib/runosaari/release.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/runosaari/release.ex b/lib/runosaari/release.ex index 4901818..657ac8e 100644 --- a/lib/runosaari/release.ex +++ b/lib/runosaari/release.ex @@ -1,4 +1,4 @@ -defmodule Runosaari.Release +defmodule Runosaari.Release do @app :runosaari def migrate do From 9c56e10942f34cc9f88bd288f8620316f22cb32d Mon Sep 17 00:00:00 2001 From: codevictory Date: Sat, 22 May 2021 09:52:27 +0300 Subject: [PATCH 5/5] Fixed prod config. --- config/releases.exs | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/config/releases.exs b/config/releases.exs index 3a5a950..26ac557 100644 --- a/config/releases.exs +++ b/config/releases.exs @@ -1,15 +1,23 @@ import Config -database_url = - System.get_env("DATABASE_URL") || +database_name = + System.get_env("DATABASE_NAME") || raise """ - environment variable DATABASE_URL is missing. - For example: ecto://USER:PASS@HOST/DATABASE + environment variable DATABASE_NAME is missing. + For example: runosaari + """ + +database_socket_dir = + System.get_env("DATABASE_SOCKET_DIR") || + raise """ + environment variable DATABASE_SOCKET_DIR is missing. + For example: /var/run/postgresql """ config :runosaari, Runosaari.Repo, # ssl: true, - url: database_url, + database: database_name, + socket_dir: database_socket_dir, pool_size: String.to_integer(System.get_env("POOL_SIZE") || "10") secret_key_base =