README.md 3.73 KB
Newer Older
1 2 3
## Setup
* Install `iPhone Distribution: Duke University` certificate and private key to `System` keychain on signing server.
    - Get Info > Access Control > Allow all applications to access this item
4
* Install [Jiehan's fork of floatsign.sh](https://github.com/jiehanzheng/floatsign) and make it part of the PATH
jz143's avatar
jz143 committed
5
* Install ImageMagick
jz143's avatar
jz143 committed
6 7 8 9
* Install Redis

## Deploy and maintenance
### Deploy from branch `deploy`
10
On development machine, deploy to remote:
jz143's avatar
jz143 committed
11 12 13 14
```
cap production deploy
```

15
### Auto-start worker on signing server
16 17
1. Git clone this repository
2. Gather config files.  Most files should be identical to production web app server, except that the MySQL username is `'appstore_sign'@'152.3.124.119'`, which allows remote usage but with fewer privileges.
jz143's avatar
jz143 committed
18 19
```
scp config/database.yml config/secrets.yml config/settings.local.yml appstore@appstore-mac.colab.managed.jiehan.org:~/appstore_sign/config/
jz143's avatar
jz143 committed
20
# ALSO copy provisioning profile to signing server
jz143's avatar
jz143 committed
21 22
# be sure to edit config/database.yml on signing server to use the remote MySQL user
```
23
3. Set up cron job:
24
```
25
@reboot cd /Users/appstore/appstore_sign; bash -l -c 'bundle exec god -c config/god/mac_worker.rb'
26
```
jz143's avatar
jz143 committed
27 28 29 30 31
4. Step 3 simply doesn't work.  So delete the cron job that you just created.
5. Manually sign in via the GUI on signing server, so that the Keychains can be unlocked.  Then, switch to Rails directory, and run
```
VERBOSE=1 QUEUE=mac_online rake environment resque:work
```
32

jz143's avatar
jz143 committed
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71
### Configure Nginx
```
# /etc/nginx/sites-enabled/appstore.conf

upstream puma {
  server unix:///home/appstore/appstore/shared/tmp/sockets/puma.sock;
}

server {
  listen 80;
  listen 443 default ssl;
  server_name appstore.colab.duke.edu;
 
  ssl_certificate /home/appstore/appstore.colab.duke.edu.crt;
  ssl_certificate_key /home/appstore/appstore.colab.duke.edu.key;
 
  client_max_body_size 500m;

  root /home/appstore/appstore/current/public;
  try_files $uri/index.html $uri @app;
  
  if ($ssl_protocol = "") {
    rewrite     ^   https://$server_name$request_uri? redirect;
  }

  location /system/app_files/archives {
    internal;
  }

  location @app {
    proxy_pass http://puma;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Sendfile-Type X-Accel-Redirect;
  }
}
```

72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105
### Auto-start Rails app on app server
#### Rails server
```
# /etc/systemd/system/appstore.service

[Unit]
Description=App Store Puma daemon
After=network.target

[Service]
WorkingDirectory=/home/appstore/appstore/current
ExecStart=/bin/bash -l -c 'bundle exec puma -C /home/appstore/appstore/shared/puma.rb'
User=appstore

[Install]
WantedBy=multi-user.target
```

#### Background jobs
```
# /etc/systemd/system/appstore_worker.service

[Unit]
Description=App Store background jobs worker
After=network.target

[Service]
WorkingDirectory=/home/appstore/appstore/current
ExecStart=/bin/bash -l -c 'bundle exec god -c config/god/web_worker.rb --no-daemonize'
User=appstore

[Install]
WantedBy=multi-user.target
```
106

jz143's avatar
jz143 committed
107 108 109 110 111 112 113 114 115 116 117
### See Puma (app server) status
```
bundle exec pumactl -F /home/appstore/appstore/shared/puma.rb status
```

By the way, Puma socket is at:
```
unix:///home/appstore/appstore/shared/tmp/sockets/puma.sock
```

## TODO
118
* Better instructions about how to upload an app
jz143's avatar
jz143 committed
119
* Also log download counts by application, so when we delete history versions, the counts will still be there
jz143's avatar
jz143 committed
120
* Logrotate (seems like Logger has rotation capability)
jz143's avatar
jz143 committed
121 122 123 124
* Only keep most recent 3 app versions
* Add ability for app owner to test the app, app version before marking them as 'Published'
* Better app ordering, categories, etc.
* Sidebar on app download page to showcase related apps, as well as more info about us
jz143's avatar
jz143 committed
125
* Slack integration
jz143's avatar
jz143 committed
126 127
* Support for Android apps
* External app store support