1

$ cat ~/.ssh/id_rsa.pub

1
2
3

$ ssh-copy-id root@47.114.89.76
# 输入密码登录后ctrl d注销登录
$ ssh root@47.114.89.76

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

# root用户不需要sudo
$ sudo apt-get update
$ sudo apt-get install \
    	ca-certificates \
    	curl \
   		gnupg \
    	lsb-release
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
$ echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
$ sudo apt-get update
$ sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
# 看看是否安装成功
$ docker --version

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17

$ adduser mangosteen
# 输入两次密码，然后回车*n
# 将新用户加入docker命令组
$ usermod -a -G docker mangosteen
# 把root的ssh key及其所有权复制转移到mangosteen用户下
# 创建目录
$ mkdir /home/mangosteen/.ssh
# 复制文件
$ cp ~/.ssh/authorized_keys /home/mangosteen/.ssh
# 转移文件夹权限
$ cd ..
# chown:change own
# -R:递归地
# 用户组:用户
$ chown -R mangosteen:mangosteen .ssh
# 退出，再用新用户登录
$ ssh mangosteen@47.114.89.76

1

$ ssh-keygen -t rsa -C "your_email@qq.com"   

1

$ ssh-copy-id mangosteen@your_ip

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

$ ssh root@your_ip
# 检查authorized_keys，应该是多了一个
$ cat ~/.ssh/authorized_keys
# 拷贝authorized_keys至mangosteen用户
$ cp ~/.ssh/authorized_keys /home/mangosteen/.ssh
# 权限也移交给mangosteen用户
$ cd /home/mangosteen
$ chown -R mangosteen:mangosteen .ssh
# exit 然后直接使用ssh登录mangosteen用户即可
$ ssh mangosteen@your_ip

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

# 服务器的user和ip
user=mangosteen
ip=47.111.31.50

time=$(date +'%Y%m%d-%H%M%S')
dist=tmp/mangosteen-$time.tar.gz
current_dir=$(dirname $0)
deploy_dir=/home/$user/deploys/$time
gemfile=$current_dir/../Gemfile
gemfile_lock=$current_dir/../Gemfile.lock

function title {
  echo 
  echo "###############################################################################"
  echo "## $1"
  echo "###############################################################################" 
  echo 
}

yes | rm tmp/mangosteen-*.tar.gz

title '打包源代码为压缩文件'
# 缓存依赖到本地 记得git ignore
bundle cache
tar --exclude="tmp/cache/*" -czv -f $dist *
title '创建远程目录'
ssh $user@$ip "mkdir -p $deploy_dir"
title '上传压缩文件'
# scp = ssh copy
scp $dist $user@$ip:$deploy_dir/
scp $gemfile $user@$ip:$deploy_dir/
scp $gemfile_lock $user@$ip:$deploy_dir/
title '上传 Dockerfile'
scp $current_dir/../config/host.Dockerfile $user@$ip:$deploy_dir/Dockerfile
title '上传 setup 脚本'
scp $current_dir/setup_remote.sh $user@$ip:$deploy_dir/
title '上传版本号'
ssh $user@$ip "echo $time > $deploy_dir/version"
title '执行远程脚本'
ssh $user@$ip "export version=$time; /bin/bash $deploy_dir/setup_remote.sh"

# 要有回车

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

user=mangosteen
root=/home/$user/deploys/$version
container_name=mangosteen-prod-1
db_container_name=db-for-mangosteen

function set_env {
  name=$1
  while [ -z "${!name}" ]; do
    echo "> 请输入 $name:"
    read $name
    sed -i "1s/^/export $name=${!name}\n/" ~/.bashrc
    echo "${name} 已保存至 ~/.bashrc"
  done
}
function title {
  echo 
  echo "###############################################################################"
  echo "## $1"
  echo "###############################################################################" 
  echo 
}

title '设置远程机器的环境变量'
set_env DB_HOST
set_env DB_PASSWORD
set_env RAILS_MASTER_KEY

title '创建数据库'
if [ "$(docker ps -aq -f name=^${DB_HOST}$)" ]; then
  echo '已存在数据库'
else
  docker run -d --name $DB_HOST \
            --network=network1 \
            -e POSTGRES_USER=mangosteen \
            -e POSTGRES_DB=mangosteen_production \
            -e POSTGRES_PASSWORD=$DB_PASSWORD \
            -e PGDATA=/var/lib/postgresql/data/pgdata \
            -v mangosteen-data:/var/lib/postgresql/data \
            postgres:14
  echo '创建成功'
fi

title 'docker build'
docker build $root -t mangosteen:$version

if [ "$(docker ps -aq -f name=^mangosteen-prod-1$)" ]; then
  title 'docker rm'
  docker rm -f $container_name
fi

title 'docker run'
docker run -d -p 3000:3000 \
           --network=network1 \
           --name=$container_name \
           -e DB_HOST=$DB_HOST \
           -e DB_PASSWORD=$DB_PASSWORD \
           -e RAILS_MASTER_KEY=$RAILS_MASTER_KEY \
           mangosteen:$version

echo
echo "是否要更新数据库？[y/N]"
read ans
case $ans in
    y|Y|1  )  echo "yes"; title '更新数据库'; docker exec $container_name bin/rails db:create db:migrate ;;
    n|N|2  )  echo "no" ;;
    ""     )  echo "no" ;;
esac

title '全部执行完毕'

1
2
3
4

...
# 使用bundle cache的包直接安装，无下载过程
RUN bundle install --local
...

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

FROM ruby:3.0.0

ENV RAILS_ENV production
RUN mkdir /mangosteen
RUN bundle config mirror.https://rubygems.org https://gems.ruby-china.com
WORKDIR /mangosteen
# 把Gemfile先拷贝过去，优先进行本地依赖安装
ADD Gemfile /mangosteen
ADD Gemfile.lock /mangosteen
ADD vendor/cache /mangosteen/vendor/cache
RUN bundle config set --local without 'development test'
RUN bundle install --local
# 安装好依赖再把源码拷贝过来，会覆盖掉之前的Gemfile，不过不执行bundle install，所以也无所谓的
ADD mangosteen-*.tar.gz ./
ENTRYPOINT bundle exec puma

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17

...
vendor_cache_dir=$current_dir/../vendor/cache
...
title '打包源代码为压缩文件'
# 缓存依赖到本地 记得git ignore
bundle cache
tar --exclude="tmp/cache/*" -czv -f $dist *
...
# 创建deploy_dir以及vendor目录
ssh $user@$ip "mkdir -p $deploy_dir/vendor"
title '上传压缩文件'
...
scp $gemfile_lock $user@$ip:$deploy_dir/
# 将cache也上传到部署目录下 -r表示整个路径下的内容
scp -r $vendor_cache_dir $user@$ip:$deploy_dir/vendor/
title '上传 Dockerfile'
...