From ff47edc1e08123235d9a33cea2d8f5d015f4604f Mon Sep 17 00:00:00 2001 From: Niko Kurtti Date: Sun, 29 Mar 2015 11:08:36 +0300 Subject: [PATCH 1/4] dockerify --- Dockerfile | 26 ++++++++++++++++++++++++++ build_docker | 15 +++++++++++++++ config/config.production.ejson | 19 +++++++++++++++++++ 3 files changed, 60 insertions(+) create mode 100644 Dockerfile create mode 100755 build_docker create mode 100644 config/config.production.ejson diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..023aef7 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,26 @@ +FROM ubuntu:trusty +MAINTAINER "Niko Kurtti niko@salaliitto.com" + +ENV NODE_VER v0.10.25 +ENV PORT 9000 + +RUN apt-get update +RUN apt-get install -y git build-essential libssl-dev curl + +RUN git clone https://github.com/creationix/nvm ~/.nvm +RUN cd ~/.nvm && git checkout `git describe --abbrev=0 --tags` +RUN /bin/bash -c "source ~/.nvm/nvm.sh \ + && nvm install ${NODE_VER} \ + && nvm alias koodiklinikka.fi-api ${NODE_VER}" + +ADD . /koodiklinikka.fi-api +WORKDIR /koodiklinikka.fi-api + +RUN /bin/bash -c "source ~/.nvm/nvm.sh \ + && nvm use koodiklinikka.fi-api \ + && npm install" + +CMD NODE_ENV=$NODE_ENV PORT=$PORT /bin/bash -c "source ~/.nvm/nvm.sh \ + && nvm use koodiklinikka.fi-api \ + && node index.js >> /var/log/koodiklinikka.fi-api.log 2>&1" +EXPOSE $PORT diff --git a/build_docker b/build_docker new file mode 100755 index 0000000..1ee9184 --- /dev/null +++ b/build_docker @@ -0,0 +1,15 @@ +#!/bin/bash +if [[ -z "$1" ]] + then + KEYROOT=$HOME +else + KEYROOT=$1 +fi + +gem install ejson + +ejson --keydir=$KEYROOT/.ejson decrypt config/config.production.ejson > config.json + +docker build -t koodiklinikka.fi-api . + +rm -rf config.json diff --git a/config/config.production.ejson b/config/config.production.ejson new file mode 100644 index 0000000..fe122e6 --- /dev/null +++ b/config/config.production.ejson @@ -0,0 +1,19 @@ +{ + "_public_key": "94f3af35ad208d7bc7e3ddf1f9d181d090e3a1c74f9d56851c4f0f1efb04b571", + "all": { + "slack": { + "token": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:UnuYGaTDvKGUyxTiEKrZgLhE0MueLY/+:Ffi/y1/18/r0+zG3q4nHsqlkzsyIgZjXjvpaCnZRQ541xXOTzOyy/gj745vmgCInLDJ8aro6V/IA/MVw+U7AXw==]", + "private_channel": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:ySi0nadjyCXSrukgD3Ro7z4+QSA8lxXL:YEezyvry6+ogSxDeTDVVoW6MZ954ndLbIQ==]", + "public_channel": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:4w8EpA/U2FNlDfj0qEwEMD4yM7Po4aK/:tOvNzYvbJ6DKQcYY5+tI4EWWu/ILMkAkFg==]" + }, + "github": { + "token": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:1/jbXdf+q8wSUaT4x6vNyNkO+Qib1mNE:iKtaee08Fw7vlZX7uuh9DXo9ejCoEBGcoVPdRpj22vRxI5Rdp03Ru4Xpp606InuYQgzhoNJjHyY=]" + }, + "twitter": { + "consumerKey": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:catMKtf36DTwOUyEo6G/q9EhS7aydT+C:cZuW+XzZ7wm1WDWHAyGLo8V2JYrV3xKQHnySRgw9YcIyip7Y/aeIUDY=]", + "consumerSecret": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:PAWn6PjcV4ziEmMcGiSYgnxeho9se2pL:dtCZP/qZl6HjVshry5qWRcZSBIuCvkeCLReMfAjUSBqbwuIw7T56s6dLb/VXrg5uU+RxtH5EK8LKVg69pLmA6r8y]", + "token": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:e9iE7i8uX1CwBy+I/Qcex0pqxnbs+wQO:OvQzUiaV1Xc8PDeUctytnEWDZs4+VOaZoc9b2JM2Rz51Rtnb2ION/IpRGczXOMKItmw8Wn7dgPWV1sV6g2E2ELXd]", + "tokenSecret": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:AzByOM9NRH4qQTHkhtsKtu2daXR6V3yJ:rZ5q4vEIwT5uwFKncP8TTMDa2pv3NCuvKGs/YdZxo1nq9m1QV4nS3DVlSd+6C1BWI/cdJ00nwGkToYuvsw==]" + } + } +} \ No newline at end of file From 3c46d9019252be77ae6b40f362158ff666f70cdf Mon Sep 17 00:00:00 2001 From: Niko Kurtti Date: Sun, 29 Mar 2015 14:10:15 +0300 Subject: [PATCH 2/4] add newrelic monitoring for nodejs --- Dockerfile | 3 +++ config/config.production.ejson | 17 +++++++++-------- index.js | 1 + package.json | 3 ++- 4 files changed, 15 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 023aef7..ddd819f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,6 +20,9 @@ RUN /bin/bash -c "source ~/.nvm/nvm.sh \ && nvm use koodiklinikka.fi-api \ && npm install" +RUN cp node_modules/newrelic/newrelic.js . +RUN NR_KEY=$(cat config.json |grep newrelic_key|cut -d'"' -f4) && sed -i "s/license key here/$NR_KEY/g" newrelic.js + CMD NODE_ENV=$NODE_ENV PORT=$PORT /bin/bash -c "source ~/.nvm/nvm.sh \ && nvm use koodiklinikka.fi-api \ && node index.js >> /var/log/koodiklinikka.fi-api.log 2>&1" diff --git a/config/config.production.ejson b/config/config.production.ejson index fe122e6..1e1d0e9 100644 --- a/config/config.production.ejson +++ b/config/config.production.ejson @@ -1,19 +1,20 @@ { "_public_key": "94f3af35ad208d7bc7e3ddf1f9d181d090e3a1c74f9d56851c4f0f1efb04b571", + "newrelic_key": "EJ[1:8U8evsrlrGhenQ0Cv3XQR0SAYe6atL3PVKdj36Ue6SU=:Pdy9ugoJ3SglDvX6lGz2AyS2eKHHPm2E:uSzlBglVbzdbPPy3Pp/UMiJQn+6hhx/d2ohg94E/zvoS+8Jtl/2tPf6CQ3uFtbFvymYuDAwm+Fs=]", "all": { "slack": { - "token": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:UnuYGaTDvKGUyxTiEKrZgLhE0MueLY/+:Ffi/y1/18/r0+zG3q4nHsqlkzsyIgZjXjvpaCnZRQ541xXOTzOyy/gj745vmgCInLDJ8aro6V/IA/MVw+U7AXw==]", - "private_channel": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:ySi0nadjyCXSrukgD3Ro7z4+QSA8lxXL:YEezyvry6+ogSxDeTDVVoW6MZ954ndLbIQ==]", - "public_channel": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:4w8EpA/U2FNlDfj0qEwEMD4yM7Po4aK/:tOvNzYvbJ6DKQcYY5+tI4EWWu/ILMkAkFg==]" + "token": "EJ[1:8U8evsrlrGhenQ0Cv3XQR0SAYe6atL3PVKdj36Ue6SU=:aXVSV+o3beRrV7ebgxf7c5D04RVnxu7s:Smhu1k+kH9IrlwUwzIuk2sJ/m+FuyLAbO4Da2PF0rIciwjJM881lM8GU+NcsxbuIUXMgzI1tRw/38hAAq6ISBA==]", + "private_channel": "EJ[1:8U8evsrlrGhenQ0Cv3XQR0SAYe6atL3PVKdj36Ue6SU=:UMpbg7pcRg6nVYLQZV8r6VCRyKQ+9gKd:DapGJCT2/aOzLAn00EfTSMfHGV+/pSrzZw==]", + "public_channel": "EJ[1:8U8evsrlrGhenQ0Cv3XQR0SAYe6atL3PVKdj36Ue6SU=:y8iIiUNS37cIAM7TBtExRmI9Cvn+LtRT:GjiDGA7mCUp5AaeKD4nnu9Qry9OUecI0DA==]" }, "github": { - "token": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:1/jbXdf+q8wSUaT4x6vNyNkO+Qib1mNE:iKtaee08Fw7vlZX7uuh9DXo9ejCoEBGcoVPdRpj22vRxI5Rdp03Ru4Xpp606InuYQgzhoNJjHyY=]" + "token": "EJ[1:8U8evsrlrGhenQ0Cv3XQR0SAYe6atL3PVKdj36Ue6SU=:EnbOnnCLRxPi7iZ1pWV8qVJc+avDKS9u:MZkoAW0i6SUhgZFBREyRN6jBGQ9ZqeslG45XHJpCKm3Spi7VxVG1xv75vCqRA0KW0Uzs7VwQaZo=]" }, "twitter": { - "consumerKey": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:catMKtf36DTwOUyEo6G/q9EhS7aydT+C:cZuW+XzZ7wm1WDWHAyGLo8V2JYrV3xKQHnySRgw9YcIyip7Y/aeIUDY=]", - "consumerSecret": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:PAWn6PjcV4ziEmMcGiSYgnxeho9se2pL:dtCZP/qZl6HjVshry5qWRcZSBIuCvkeCLReMfAjUSBqbwuIw7T56s6dLb/VXrg5uU+RxtH5EK8LKVg69pLmA6r8y]", - "token": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:e9iE7i8uX1CwBy+I/Qcex0pqxnbs+wQO:OvQzUiaV1Xc8PDeUctytnEWDZs4+VOaZoc9b2JM2Rz51Rtnb2ION/IpRGczXOMKItmw8Wn7dgPWV1sV6g2E2ELXd]", - "tokenSecret": "EJ[1:0VNp2YpGcWiglI/vwRtMRzDCQdR1TjDr24KPt4IbAD4=:AzByOM9NRH4qQTHkhtsKtu2daXR6V3yJ:rZ5q4vEIwT5uwFKncP8TTMDa2pv3NCuvKGs/YdZxo1nq9m1QV4nS3DVlSd+6C1BWI/cdJ00nwGkToYuvsw==]" + "consumerKey": "EJ[1:8U8evsrlrGhenQ0Cv3XQR0SAYe6atL3PVKdj36Ue6SU=:+1l4+Wdfd/0kegV1Xwu237xJut/XPRUi:fNTezQs1RJwTRZGlwm3Z3B6tV44H9nZUM/w7zYjyVyK8MpoX3NmhW68=]", + "consumerSecret": "EJ[1:8U8evsrlrGhenQ0Cv3XQR0SAYe6atL3PVKdj36Ue6SU=:YbWwBsImZi2bxNSB9byt9faJzS5Ug8Sd:Y4rZWaQJaIHfuyOFBIXJHCKxlfxrid14zTM7yECumhX5MZBTFCyAH5LijJCuCqm9PtZElEFW2nOrsLQBtnyF1I3V]", + "token": "EJ[1:8U8evsrlrGhenQ0Cv3XQR0SAYe6atL3PVKdj36Ue6SU=:3wRXcXnXmU5qekVuryuXT/sq1MuloOTe:TdGkIi7WEPXweAaVsLUjFekFrEHiTZuW7jr8Q4F8FLTjoXpHkwBD9f4SRnxQ4BC+CRRoaiOBe6zzTb99SWIDCZPS]", + "tokenSecret": "EJ[1:8U8evsrlrGhenQ0Cv3XQR0SAYe6atL3PVKdj36Ue6SU=:DwFvhyEfkpgRXlcuXVh6iHZXbPnWwRRV:q+RFJ0SXe5wkiccmM7n8pWJNf62ByMW6IXLU2tZkpHEo2zosU+eMAkXtF52x5vJiYaWrIsxUcJeYzLFyEQ==]" } } } \ No newline at end of file diff --git a/index.js b/index.js index ed7dcee..e2e378a 100644 --- a/index.js +++ b/index.js @@ -1,3 +1,4 @@ +require('newrelic'); 'use strict'; var express = require('express'); diff --git a/package.json b/package.json index ead638d..28680e6 100644 --- a/package.json +++ b/package.json @@ -26,6 +26,7 @@ "morgan": "^1.5.1", "node-twitter": "0.5.2", "superagent": "^0.21.0", - "validator": "^3.27.0" + "validator": "^3.27.0", + "newrelic": "^1.18.0" } } From 15033033b53a1ed9d5b14a3d984685e321e9b786 Mon Sep 17 00:00:00 2001 From: Niko Kurtti Date: Sun, 29 Mar 2015 16:43:34 +0300 Subject: [PATCH 3/4] app name --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index ddd819f..eb16cc5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,6 +22,7 @@ RUN /bin/bash -c "source ~/.nvm/nvm.sh \ RUN cp node_modules/newrelic/newrelic.js . RUN NR_KEY=$(cat config.json |grep newrelic_key|cut -d'"' -f4) && sed -i "s/license key here/$NR_KEY/g" newrelic.js +RUN sed -i "s/My Application/koodiklinikka.fi-api/g" newrelic.js CMD NODE_ENV=$NODE_ENV PORT=$PORT /bin/bash -c "source ~/.nvm/nvm.sh \ && nvm use koodiklinikka.fi-api \ From fb08283500ef002c161343b00a525b44f79bc4e9 Mon Sep 17 00:00:00 2001 From: Niko Kurtti Date: Sun, 29 Mar 2015 17:13:32 +0300 Subject: [PATCH 4/4] dont run as root --- Dockerfile | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index eb16cc5..9c77bb8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,14 +7,21 @@ ENV PORT 9000 RUN apt-get update RUN apt-get install -y git build-essential libssl-dev curl +RUN groupadd -r koodiklinikka-api && useradd --create-home -r -g koodiklinikka-api koodiklinikka-api + +ADD . /home/koodiklinikka/koodiklinikka.fi-api + +RUN chown -R koodiklinikka-api:koodiklinikka-api /home/koodiklinikka/koodiklinikka.fi-api + +USER koodiklinikka-api + RUN git clone https://github.com/creationix/nvm ~/.nvm RUN cd ~/.nvm && git checkout `git describe --abbrev=0 --tags` RUN /bin/bash -c "source ~/.nvm/nvm.sh \ && nvm install ${NODE_VER} \ && nvm alias koodiklinikka.fi-api ${NODE_VER}" -ADD . /koodiklinikka.fi-api -WORKDIR /koodiklinikka.fi-api +WORKDIR /home/koodiklinikka/koodiklinikka.fi-api RUN /bin/bash -c "source ~/.nvm/nvm.sh \ && nvm use koodiklinikka.fi-api \ @@ -26,5 +33,5 @@ RUN sed -i "s/My Application/koodiklinikka.fi-api/g" newrelic.js CMD NODE_ENV=$NODE_ENV PORT=$PORT /bin/bash -c "source ~/.nvm/nvm.sh \ && nvm use koodiklinikka.fi-api \ - && node index.js >> /var/log/koodiklinikka.fi-api.log 2>&1" + && node index.js >> ~/koodiklinikka.fi-api.log 2>&1" EXPOSE $PORT