Deployed Rails missing secret key - ruby-on-rails

I'm trying to deploy my Rails app to my Digital Ocean VPS. I've done all the steps in the GoRails guide but when I deploy my project and visit my ip adres I'm greeted by a message:
An error occurred.
Sorry, the page you are looking for is currently unavailable.
Please try again later.
If you are the system administrator of this resource then you should check the error log for details.
Faithfully yours, nginx.
I've checked the nginx error log which shows me:
Exception RuntimeError in Rack application object (Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml`) (process 2490, thread 0x007fbd33665ce0(Worker 1)):
On the VPS I've created a secret by running rake secret and then running export SECRET_KEY_BASE= + key. Now when I echo $SECRET_KEY_BASE it shows me my key. But still I'm getting the error message.
In my deploy.rb I have this:
set :linked_files, %w{config/database.yml config/secrets.yml}
And my secrets.yml on the VPS is this:
development:
secret_key_base: 89dacb16fd905ff4c6352ac93f4676a5dd&^%3f93edce9a5be796712d54b57b91e1335598fd73e3998fddbbdeaf3ee7f65157f2fb01ce1bea5658aa7bf745d1f
test:
secret_key_base: cf351585b2cb43459f5a073cbfd885b3dd2af44124f13a855522f678c1cf06625c121cd3b7857&&6e7fe2ba11180066753142143231c79c513e71e20372a0462
# Do not keep production secrets in the repository,
# instead read values from the environment.
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
I just restarted nginx, but still no result.
Update
deploy#movieseat:~$ ps aux | grep nginx
root 4545 0.0 0.6 98936 3360 ? Ss 11:32 0:00 nginx: master process /usr/sbin/nginx
www-data 4548 0.0 0.9 99304 4608 ? S 11:32 0:00 nginx: worker process
www-data 4549 0.0 0.9 99304 4608 ? S 11:32 0:00 nginx: worker process
www-data 4550 0.0 0.9 99304 4608 ? S 11:32 0:00 nginx: worker process
www-data 4551 0.0 0.9 99304 4608 ? S 11:32 0:00 nginx: worker process
deploy 4655 0.0 0.3 9436 1660 pts/1 S+ 11:33 0:00 grep --color=auto nginx

I would assume that you hadn't checked in the secrets.yml file in the repository as you have defined it as a linked file in deploy.rb i.e
set :linked_files, %w{config/database.yml config/secrets.yml}
You can do the same for the secrets.yml like database.yml. My recommendation is to put the value of secret_key_base itself in the secret.yml file instead of reading it from the ENV as the person who have access to linked file in the deploy server would have access to ENV vars anyway.
But, if you have added the secrets.yml file in the repository, it makes sense to try to read the value from the system environments.

Related

setup ROR application using puma nginx and capistrano

I'm trying to deploy ruby on rails application to the Amazon EC2 instance, using puma as an application server, nginx server and capistrano for deployments. Currently I'm stuck with the error message:
nginx logs are not showing any error,
puma logs are also not showing what's the error
I have verified that puma server is started and running, using the following command:
ubuntu#ip-nnnnn:~$ ps aux | grep puma
deployer 89555 0.0 1.5 652040 248180 ? Sl 21:48 0:00 puma 3.12.1 (unix://nnnn/nnn/current/tmp/sockets/puma.sock) [20211130214658]
deployer 89561 0.0 1.5 854804 259336 ? Sl 21:48 0:00 puma: cluster worker 0: 89555 [20211130214658]
deployer 89566 0.0 1.5 787216 247824 ? Sl 21:48 0:00 puma: cluster worker 1: 89555 [20211130214658]
ubuntu 89845 0.0 0.0 8168 740 pts/0 S+ 22:23 0:00 grep --color=auto puma
capistrano deploys without any error, all tasks are completed fine, the puma server is restarted fine during the capistrano deployment.
application log has no recent data, it looks like it doesn't reach to that point, it breaks before that.
In my particular case it was due to the stopped REDIS service. The application was configured to utilize REDIS for caching, however REDIS service wasn't running. This wasn't reflected in the logs for some reason and I spent a good amount of time figuring out what was wrong.

Passenger not running (Ruby on Rails + Nginx)

My AWS instance was working fine with my app. But, today, the server was down without memory ram. Then I run:
sync; echo 1 > /proc/sys/vm/drop_caches
sudo service nginx start
After that, ram memory consumption is ok, but the app not.
I'm running a Rails 4.2.1 website with Ruby 2.2.2 and nginx/1.8.0 in a Ubuntu 14 AWS instance.
When I access the site, I have the error:
502 Bad Gateway
nginx/1.8.0
When I run passenger-config restart-app I have:
*** ERROR: Phusion Passenger doesn't seem to be running. If you are sure that it
is running, then the causes of this problem could be one of:
1. You customized the instance registry directory using Apache's
PassengerInstanceRegistryDir option, Nginx's
passenger_instance_registry_dir option, or Phusion Passenger Standalone's
--instance-registry-dir command line argument. If so, please set the
environment variable PASSENGER_INSTANCE_REGISTRY_DIR to that directory
and run this command again.
2. The instance directory has been removed by an operating system background
service. Please set a different instance registry directory using Apache's
PassengerInstanceRegistryDir option, Nginx's passenger_instance_registry_dir
option, or Phusion Passenger Standalone's --instance-registry-dir command
line argument.
In the file /var/log/nginx/error.log I have:
2021/06/19 13:21:12 [crit] 26618#0: *48688773 connect() to unix:/tmp/passenger.26EHXct/agents.s/server failed (2: No such file or directory) while connecting to upstream, client: XXX.XXX.34.163, server: www.XXX.com, request: "GET / HTTP/1.1", upstream: "passenger:unix:/tmp/passenger.26EHXct/agents.s/server:", host: "XXX.com"
I already tried this solution and not working.
When I run: passenger-config validate-install I have:
Use <space> to select.
If the menu doesn't display correctly, press '!'
‣ ⬢ Passenger itself
⬡ Apache
-------------------------------------------------------------------------
* Checking whether this Passenger install is in PATH... ✓
* Checking whether there are no other Passenger installations... ✓
Everything looks good. :-)
When I run: sudo passenger-memory-stats I have:
Version: 5.0.10
Date : 2021-06-19 13:31:40 -0300
------------- Apache processes -------------
*** WARNING: The Apache executable cannot be found.
Please set the APXS2 environment variable to your 'apxs2' executable's filename, or set the HTTPD environment variable to your 'httpd' or 'apache2' executable's filename.
---------- Nginx processes ----------
PID PPID VMSize Private Name
-------------------------------------
26615 1 230.7 MB 26.3 MB nginx: worker process
26616 1 230.4 MB 27.4 MB nginx: worker process
26617 1 229.7 MB 25.8 MB nginx: worker process
26618 1 233.3 MB 27.4 MB nginx: worker process
### Processes: 4
### Total private dirty RSS: 106.78 MB
--- Passenger processes ---
### Processes: 0
### Total private dirty RSS: 0.00 MB
Anyone knows how can I solve this?
When I ran sudo service nginx restart, I didn't notice the flag [fail] on the right of the terminal.
Then, I ran sudo service nginx status I got the message nginx is not running.
After ran sudo nginx -t I got the message
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
But I saw several nginx processes, then, I killed all nginx process with sudo kill $(ps aux | grep '[n]ginx' | awk '{print $2}') and then, sudo service nginx start.
Everything works fine again.

Rails production with puma and nginx puma.sock missing

I'm setting up my rails production server on digital ocean with puma and nginx.
Following tutotials I have entered this in my /etc/nginx/sites-available/default
server unix:/home/deploy/appname/shared/sockets/puma.sock fail_timeout=0;
But on the server the folder home/deploy/appname/shared/sockets/ is empty.
I double checked the tutorials and none of them mentions creating such file.
If I run ps aux | grep pumaI get
root 2076 0.0 0.3 52992 3544 pts/0 T 05:51 0:00 sudo
nano require capistrano/puma root 2077 0.0 0.3 23872 3888
pts/0 T 05:51 0:00 nano require capistrano/puma rails 2407
0.0 0.0 14484 1012 pts/0 S+ 06:38 0:00 grep puma
which it doesn't really makes sense to me as I'm not using capistrano.
My question is. How is puma.sock created? During puma installation? What step have I missed if that directory is empty?
Without capistrano you need to start puma with -b option to create sock file:
puma -b unix:///__abs_path_to_your_app__/puma.sock
and in /etc/nginx/sites-available/default you need to change path to .sock file:
server unix:///__abs_path_to_your_app__/puma.sock fail_timeout=0;

docker apache passenger: error cannot load such file bundler/setup (LoadError)

I'm trying to build a docker-image with running apache (+passenger), rails and shibboleth.
Unfortunately I can't get apache + passenger running ...
I appreciate every hint! Maybe it is a permission problem? Everything was installed as root, but obviously some processes are running as nobody (as shown in the error log).
My docker base-image is "ruby:2.0.0" (debian 8). In this image I installed apache2, apache2-threaded-dev, libapr1-dev, libaprutil1-dev via apt-get and passenger via 'gem install passenger -v 4.0.59'. After this I used passenger-install-apache2-module to install the module.
Here is the error log:
cannot load such file -- bundler/setup (LoadError)
/usr/local/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:55:in `require'
/usr/local/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:55:in `require'
/usr/lib/ruby/vendor_ruby/phusion_passenger/loader_shared_helpers.rb:411:in `activate_gem'
/usr/lib/ruby/vendor_ruby/phusion_passenger/loader_shared_helpers.rb:295:in `block in run_load_path_setup_code'
/usr/lib/ruby/vendor_ruby/phusion_passenger/loader_shared_helpers.rb:416:in `running_bundler'
/usr/lib/ruby/vendor_ruby/phusion_passenger/loader_shared_helpers.rb:294:in `run_load_path_setup_code'
/usr/share/passenger/helper-scripts/rack-preloader.rb:99:in `preload_app'
/usr/share/passenger/helper-scripts/rack-preloader.rb:153:in `<module:App>'
/usr/share/passenger/helper-scripts/rack-preloader.rb:29:in `<module:PhusionPassenger>'
/usr/share/passenger/helper-scripts/rack-preloader.rb:28:in `<main>'
Environment (value of RAILS_ENV, RACK_ENV, WSGI_ENV, NODE_ENV and PASSENGER_APP_ENV)
development
Ruby interpreter command
/usr/local/bin/ruby
User and groups
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
Apache passenger.load:
LoadModule passenger_module /usr/local/bundle/gems/passenger-4.0.59/buildout/apache2/mod_passenger.so
Apache passenger.conf:
IfModule mod_passenger.c>
PassengerRoot /usr/local/bundle/gems/passenger-4.0.59
PassengerDefaultRuby /usr/local/bin/ruby
</IfModule>
And myapp.conf:
<VirtualHost *:80>
#ServerName yourserver.com
# Tell Apache and Passenger where your app's 'public' directory is
DocumentRoot /var/www/myapp/public
PassengerRuby /usr/local/bin/ruby
RailsEnv development
# Relax Apache security settings
<Directory /var/www/myapp/public>
Allow from all
Options -MultiViews
# Uncomment this if you're on Apache >= 2.4:
Require all granted
</Directory>
Installed versions:
apache2 -v
Server version: Apache/2.4.10 (Debian)
ruby -v
ruby 2.0.0p645 (2015-04-13 revision 50299)
gem -v
2.0.14
rails -v
Rails 4.0.5
passenger-config validate-install says "Everything looks good". And 'passenger-status':
Version : 4.0.59
Date : 2015-10-13 09:03:32 +0000
Instance: 5578
----------- General information -----------
Max pool size : 6
Processes : 0
Requests in top-level queue : 0
----------- Application groups -----------
/var/www/myapp#default:
App root: /var/www/myapp
Requests in queue: 0
passenger-memory-stats:
Version: 4.0.59
Date : 2015-10-13 09:05:31 +0000
--------- Apache processes ---------
PID PPID VMSize Private Name
------------------------------------
5578 1 83.2 MB ? /usr/sbin/apache2 -k start
5599 5578 363.5 MB ? /usr/sbin/apache2 -k start
5600 5578 491.5 MB ? /usr/sbin/apache2 -k start
### Processes: 3
### Total private dirty RSS: 0.00 MB (?)
-------- Nginx processes --------
### Processes: 0
### Total private dirty RSS: 0.00 MB
---- Passenger processes -----
PID VMSize Private Name
------------------------------
5581 218.3 MB ? PassengerWatchdog
5584 564.5 MB ? PassengerHelperAgent
5590 217.8 MB ? PassengerLoggingAgent
### Processes: 3
### Total private dirty RSS: 0.00 MB (?)
All running processes:
ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 20300 1780 ? Ss 08:47 0:00 bash
root 6077 0.0 0.0 85160 3208 ? Ss 09:11 0:00 /usr/sbin/apache2 -k start
root 6080 0.0 0.0 223500 2044 ? Ssl 09:11 0:00 PassengerWatchdog
root 6083 0.0 0.0 578092 5556 ? Sl 09:11 0:00 PassengerHelperAgent
nobody 6089 0.0 0.0 223028 5008 ? Sl 09:11 0:00 PassengerLoggingAgent
www-data 6098 0.0 0.0 437788 5452 ? Sl 09:11 0:00 /usr/sbin/apache2 -k start
www-data 6099 0.0 0.0 437780 5300 ? Sl 09:11 0:00 /usr/sbin/apache2 -k start
EDIT
After 2 days searching and trying I found a solution (right after I post here my question ...):
I have to put this into my apache virtual host configuration of my app:
SetEnv GEM_HOME /usr/local/bundle
This solution was postet on https://stackoverflow.com/a/19099768/4846489
I don't know why this is necessary, because I don't have a previous installation (as stated there). This is really strange, because this environment variable is already there if I login into my docker container (docker exec -u nobody)...
Setting GEM_HOME just patches over the real problem. This information here is your hint:
User and groups:
id=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
Passenger is trying to run your app as the user 'nobody'. Most likely, this is not what you meant it to do. Your gem bundle is probably installed by a different user, and the 'nobody' user probably does not have access to that installed gem bundle.
Why is Passenger running your app as 'nobody'? Because of user sandboxing rules, most likely caused by wrong permissions on your app. You should fix that.
By the way, why are you building your own Docker image? Phusion provides its own passenger-docker base image.

monit does not find the unicorn worker in production server

I'm using this gem for deploy kapify.
This is my unicorn config:
unicorn config
unicorn.rb.erb
unicorn_init.erb
I have in my deploy:
server "111.111.111.111", :web, :app, :db, primary: true
set :application, 'myapp'
set :user, "hyperrjas"
set :deploy_to, "/home/#{user}/apps/#{application}"
set :deploy_via, :remote_cache
set :use_sudo, false
set :scm, "git"
set :repository, "path_to_my_remote_reposytory.git"
set :branch, "master"
set :current_path, "/home/#{user}/apps/#{application}/current"
set :shared_path, "/home/#{user}/apps/#{application}/shared"
set :unicorn_workers, 1
set :unicorn_pid, "#{shared_path}/pids/unicorn.pid"
set :server_name, "myserver.com"
this is my pid in remote server:
ps aux | grep unicorn
1000 6037 0.4 12.5 320464 127628 ? Sl 14:09 0:37 unicorn master -c /home/hyperrjas/apps/myapp/shared/config/unicorn.rb -D
1000 6079 0.2 13.8 335784 140828 ? Sl 14:10 0:17 unicorn worker[0] -c /home/hyperrjas/apps/myapp/shared/config/unicorn.rb -D
1000 6322 0.0 0.0 9384 868 pts/0 S+ 16:14 0:00 grep unicorn
this is my config/deploy/templates/monit/unicorn.erb file:
check process myapp_unicorn with pidfile /home/hyperrjas/apps/myapp/current/tmp/pids/unicorn.pid
start program = "/etc/init.d/unicorn_myapp start"
stop program = "/etc/init.d/unicorn_myapp force-stop"
check process myapp_unicorn_worker_0 with pidfile /home/hyperrjas/apps/myapp/current/tmp/pids/unicorn.0.pid
start program = "/bin/true"
stop program = "/usr/bin/test -s /home/hyperrjas/apps/myapp/current/tmp/pids/unicorn.0.pid && /bin/kill -QUIT `cat /home/hyperrjas/apps/myapp/current/tmp/pids/unicorn.0.pid`"
if mem > 200.0 MB for 5 cycles then restart
if cpu > 50% for 15 cycles then restart
if 5 restarts within 25 cycles then timeout
alert myapp#gmail.com only on { pid }
if changed pid 2 times within 64 cycles then alert
I can see in monit the next path to unicorn worker pid:
Pid file /home/hyperrjas/apps/myapp/current/tmp/pids/unicorn.0.pid
And the message:
Status Not monitored
The unicorn pid in remote server are in /home/myapp/apps/myapp/current/tmp/pids/unicorn.pid
I can not see the pid unicorn.0.pid in /home/hyperrjas/apps/myapp/current/tmp/pids/
Monit is monitoring fine the unicorn pid.
How can I monitorize with monit my unicorn worker?.
I used this configuration when setting up monit to watch unicorn master and worker processes for three different apps on my Linode. This article walks you through the settings and how each thing works together.
I wouldn't recommend trying to generate the monit config for unicorn on the fly, rather, I'd tell unicorn to always write PIDs to the same file name in your app, then reference those files in the monit config.
Let me know if you get stuck, and I'll help you out. Also, if my config would be helpful, let me know and I'll post that.

Resources