ZenDesk's Deployment web ui with Ansible Ansistrano, Capistrano and PHP Deployer support

Installed packages:

• Samson deployment web ui
• Ansible with Ansistrano
• Capistrano
• PHP Deployer
• git
• rsync
• docker & docker-compose (as client)
• npm, gulp, grunt, bower
• java (jre 7)
• PHP cli & composer

What?

(from ZenDesk/Samson repository)

A web interface for deployments.

View the current status of all your projects:

Allow anyone to watch deploys as they happen:

View all recent deploys across all projects:

Setup

• Generate GitHub appliation key
• Generate GitHub access token
• Edit conf/samson.conf:
  • Set GitHub appliation credentials (GITHUB_CLIENT_ID, GITHUB_SECRET)
  • Set GitHub access token (GITHUB_TOKEN)
  • Set SECRET_TOKEN (random string with length of 128, can be generated with openssl rand -hex 128| head -c 128)
  • Set DEFAULT_URL (must be accessable url for SSO callbacks)
• Edit etc/provision.yml to setup public key fetching of .ssh/known_hosts
  • Fixed known_host keys can be stored inside etc/known_hosts folder and can be generated with ssh-keyscan -H HOSTNAME > etc/known_hosts/HOSTNAME (very secure)
  • All hosts without stored known_host keys will be automatically fetched when Dockerfile build is running (less secure)
• Add ssh keys to ssh (will be deployed to /home/application/.ssh) or generate an new one with make ssh-key
• Run docker-compose up -d or make restart

Ansistrano deployment

For an easy project independed deployment you can use the predefined deployment runner (based on Ansistrano).

Use following as deployment command:

export DEPLOYMENT_INVENTORY=vagrant
export DEPLOYMENT_DEPLOY_TO=/var/www/target-deployment-path
/opt/ansistrano/deploy

Deploy variables

Variable	Description
DEPLOYMENT_INVENTORY	Inventory file for deployment (required)
DEPLOYMENT_DEPLOY_TO	Target deployment directory (required)
DEPLOYMENT_CURRENT_DIR	Link name of the htdocs path (default: current)
DEPLOYMENT_APPLICATION	Include variables for specific application (eg. for shared paths, eg typo3 for including deployment/applications/typo3.yml)
DEPLOYMENT_PROJECT	Include variables for specific project (eg. for shared paths, eg foobar for including deployment/projects/foobar.yml)
DEPLOYMENT_OPTS	Ansible options (can also be append to /opt/ansistrano/deploy)
DEPLOYMENT_PLAYBOOK	Ansible playbook (default is deploy)
DEPLOYMENT_URL	URL to website (required for eg. PHP opcode cache clearing)

Customization

Variable	Description
Ansible inventory	deployment/inventory
Common project build task	deployment/tasks/build.yml
Main deploy playbook	deployment/deploy.yml
Common rsync excludes	deployment/rsync-excludes

PHP deployer

Use following as deployment command:

dep deploy

Makefile

Command	Description
make restart	Restart Samson (and update/deploy configuration)
make start	Start Samson
make stop	Stop Samson
make log	Show logs
make update	Update Samson docker image (docker pull) and restart Samson
make ssh-key	Generate new ssh-key (will not overwrite if exists)
make backup	Run backup (app:/app/db/ will be copied to ./backup/db/)
make restore	Run restore (./backup/db/ will be copied to app:/app/db/)
make shell	Jump into shell inside the container (as application user)
make root	Jump into shell inside the container (as root user)

Project specific deployment

If you need a project specific deployment feel free to put your ansistrano deployment within your project sources. Your deployment task should look like:

ansible-playbook -i inventory/server deploy.yml

SSH - jump to servers behind gateways transparently

With ssh you can jump over multiple servers transparently to reach servers behinde ssh gateways, use the ssh/config file for configuration:

Host ssh-gateway
    Hostname ssh-gateway.example.com
    User foo

Host server-behind-gateway
    Hostname server-behind-ssh-gateway.example.com
    User     root
    ProxyCommand ssh ssh-gateway -W %h:%p

Now you can use server-behind-gateway as target host for SSH'ing at it will automatically jump over ssh-gateway to reach this server.