Process & Technology2022-04-30T08:24:51-05:00http://opendemocracymanitoba.github.io/Kyle GeskeVPS Wordpress & Rails Hosting2017-06-22T00:00:00-05:00http://opendemocracymanitoba.github.io/2017/06/22/vps-rails-and-wordpress-hosting<p><em>ODM Technology Post</em></p>
<p><strong>In this post we will configure Rails and Wordpress on a <a href="https://m.do.co/c/9c57a647fd20">Digital Ocean</a> VPS.</strong></p>
<p>This is an update to <a href="/2015/01/10/vps-ruby-on-rails-hosting-2/">a similar post from two years ago</a>, which was an update of <a href="/2014/04/07/vps-ruby-on-rails-hosting/">a post from 2014</a>.</p>
<p>Our final hosting setup will be:</p>
<ul>
<li>OS: Linux - <a href="http://ubuntu.com/">Ubuntu</a> LTS Version</li>
<li>Web Server: <a href="http://nginx.org/">Nginx</a></li>
<li>Rails Hosting: <a href="https://www.phusionpassenger.com/">Phussion Passenger</a></li>
<li>Database Server: <a href="https://mariadb.com/">MariaDb</a></li>
<li>Language and Framework: <a href="http://www.ruby-lang.org/">Ruby</a> 1.87 (legacy) & 2.x, plus <a href="http://rubyonrails.org/">Rails</a> 5.x</li>
<li>Language and Framework: <a href="http://php.net">PHP</a> 7.x and <a href="http://wordpress.org">Wordpress</a> 4.9.x</li>
</ul>
<p><strong>NOTE:</strong> I used MariaDB instead of Postgres because Wordpress doesn’t support Postgres.</p>
<p><em>This tutorial assumes a familiarity with the Linux command line, server administration, and Rails configuration.</em></p>
<h3 id="background-information">Background Information</h3>
<p>A VPS is a <a href="https://en.wikipedia.org/wiki/Virtual_private_server">Virtual Private Server</a>. In our case, a virtualized Ubuntu Linux server from <a href="https://m.do.co/c/9c57a647fd20">Digital Ocean</a> to host <a href="http://opendemocracymanitoba.ca">ODM</a> Ruby projects.</p>
<p>The 1GB plan on <a href="https://m.do.co/c/9c57a647fd20">Digital Ocean</a> is only $5 a month. Nice.</p>
<h3 id="automation-and-config-management">Automation and Config Management</h3>
<p>This post does not rely on a configuration management tool.</p>
<p>I figured I’d be done setting up the server long before I’d figured out the intricacies of <a href="http://puppetlabs.com/">Puppet</a>, <a href="http://www.getchef.com/">Chef</a>, or <a href="http://www.ansible.com">Ansible</a>. I tend to do a big deploy like this once every two years, often with significant changes required to the workflow, so I’m glad I haven’t automated the process yet.</p>
<p>That said, if you can see yourself setting up multiple servers following this tutorial, you may wish to look into one of the automated provisioning solution listed in the previous paragraph.</p>
<h3 id="step-1---create-the-droplet">Step 1 - Create the Droplet</h3>
<p>Digital Ocean (DO) calls their VPS instances Droplets. Once you have a DO account you can create new droplets by clicking on the ‘Create’ button in your admin dashboard. I selected the following options:</p>
<ul>
<li>Size: 2GB</li>
<li>Region: Toronto 1</li>
<li>Linux Distribution: Ubuntu 18.04 LTS</li>
</ul>
<h3 id="step-2---user-setup">Step 2 - User Setup</h3>
<p>Once the droplet was created, I was emailed a root username and password. I was then able to SSH to the server as root using <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/">Putty</a>. My first order of business was to create a new user with sudoer privileges, and then lock root out of SSH access:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>adduser serveruser
visudo
</code></pre></div></div>
<p>The second command opens up the sudoers file to which I added:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>serveruser ALL=(ALL:ALL) ALL
</code></pre></div></div>
<p>I then edited the <code class="language-plaintext highlighter-rouge">/etc/ssh/sshd_config</code> file to add:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>PermitRootLogin no
</code></pre></div></div>
<p>And then I restarted ssh and logged back in with my <code class="language-plaintext highlighter-rouge">serveruser</code> user:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo service ssh restart
</code></pre></div></div>
<p>From now on when I need to run a command as root I will proceed the command with <code class="language-plaintext highlighter-rouge">sudo</code>.</p>
<p>Not shown in this tutorial: <a href="https://www.digitalocean.com/community/articles/how-to-use-ssh-keys-with-digitalocean-droplets">How to use SSH keys with Digital Ocean Droplets</a>.</p>
<h3 id="step-3---create-a-swap-file-optional">Step 3 - Create a Swap File (Optional)</h3>
<p>Some of the following steps require compilation, so it’s nice to have a swap file on the server. By default DO droplets to not have swap files, but <a href="https://www.digitalocean.com/community/tutorials/how-to-add-swap-on-ubuntu-14-04">adding one isn’t difficult</a>. This steps was much more necessary when I was using droplets with only 512MB RAM so feel free to skip this step.</p>
<p>I created a 1GB swapfile, half my physical RAM, since I’m going to dial the swappiness way down:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo fallocate -l 1G /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo chown root:root /swapfile
sudo chmod 0600 /swapfile
</code></pre></div></div>
<p>Then open <code class="language-plaintext highlighter-rouge">/etc/fstab</code> with sudo privs and add:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/swapfile none swap sw 0 0
</code></pre></div></div>
<p>Using swap too aggressively on a SSD drive can lead to hardware degradation. So let’s dial down the “<a href="https://help.ubuntu.com/community/SwapFaq#What_is_swappiness_and_how_do_I_change_it.3F">swappiness</a>” from 60 to 5:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>echo 5 | sudo tee /proc/sys/vm/swappiness
echo vm.swappiness = 5 | sudo tee -a /etc/sysctl.conf
</code></pre></div></div>
<h3 id="step-4---install-required-ubuntu-packages">Step 4 - Install Required Ubuntu Packages</h3>
<p>Let’s start by upgrading all the pre-installed packages:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get update
sudo apt-get upgrade
</code></pre></div></div>
<p>Reboot after that:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo reboot
</code></pre></div></div>
<p>Then install the ubuntu packages we need</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get install git g++ make nodejs libsqlite3-dev postgresql postgresql-contrib gconf2 libcurl4-openssl-dev imagemagick zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev sqlite3 libxml2-dev libxslt1-dev libffi-dev php-fpm php-curl php-imagick php-mbstring php-zip php-mysql subversion autoconf bison mariadb-server mariadb-client
</code></pre></div></div>
<h3 id="step-5---mariadb-setup">Step 5 - MariaDB Setup</h3>
<p><a href="https://mariadb.com/">MariaDB</a> is a fork of the MySQL project. I normally use Postgres when working with Rails, but because I needed to support Wordpress too, I used Maria.</p>
<p>Switch to the root user:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo su -
</code></pre></div></div>
<p>Secure the database (press ENTER for the current password):</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo mysql_secure_installation
</code></pre></div></div>
<p>Login with the root password you just set:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo mariadb -uroot -p
</code></pre></div></div>
<p>Add a new database from the SQL prompt:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>create database newdatabasename;
</code></pre></div></div>
<p>Create a new user with full permissions to this database. Also from the SQL prompt:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER ON newdatabasename.* TO 'newusername'@'localhost' IDENTIFIED BY 'newuserpassword';
</code></pre></div></div>
<p>(Be sure to replacce the <code class="language-plaintext highlighter-rouge">newdatabasename</code>, <code class="language-plaintext highlighter-rouge">newusername</code> and <code class="language-plaintext highlighter-rouge">newuserpassword</code> with values of your own.)</p>
<p>Exit the SQL prompt and switch back to the <code class="language-plaintext highlighter-rouge">serveruser</code>:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>exit
exit
</code></pre></div></div>
<h3 id="step-6---install-ruby-and-rails">Step 6 - Install Ruby and Rails</h3>
<p>We are going to install Ruby by way of <a href="https://github.com/sstephenson/rbenv">rbenv</a>.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git clone https://github.com/rbenv/rbenv.git ~/.rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
source ~/.bash_profile
cd ~/.rbenv && src/configure && make -C src
mkdir -p "$(rbenv root)"/plugins
git clone https://github.com/rbenv/ruby-build.git "$(rbenv root)"/plugins/ruby-build
~/.rbenv/bin/rbenv init
echo 'eval "$(rbenv init -)"' >> ~/.bash_profile
source ~/.bash_profile
</code></pre></div></div>
<p>Install Ruby (the latest version at the time of this post was 2.5.1):</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv install 2.5.1
rbenv global 2.5.1
</code></pre></div></div>
<p>Test your install with version switch:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ruby -v
</code></pre></div></div>
<p>And then install bundler using gem:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>echo "gem: --no-document" > ~/.gemrc
gem install bundler
</code></pre></div></div>
<p>I also need to install Ruby 1.8.7 for legacy reasons. The apt-get is a fix for openssl support.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get install libssl1.0-dev
CONFIGURE_OPTS="--with-readline-dir=/usr/include/readline --with-openssl-dir=/usr/include/openssl" rbenv install 1.8.7-p375
</code></pre></div></div>
<h3 id="step-7---install-passenger--nginx">Step 7 - Install Passenger & Nginx:</h3>
<p>Install <a href="https://www.phusionpassenger.com/">Phusion Passenger</a> and the <a href="http://nginx.org/">Nginx</a> web server:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># Install our PGP key and add HTTPS support for APT
sudo apt-get install -u dirmngr gnupg
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7
sudo apt-get install -y apt-transport-https ca-certificates
# Add our APT repository
sudo sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger bionic main > /etc/apt/sources.list.d/passenger.list'
sudo apt-get update
# Install Passenger + Nginx
sudo apt-get install -y nginx-extras libnginx-mod-http-passenger
</code></pre></div></div>
<p>Re-start Nginx:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo service nginx restart
</code></pre></div></div>
<h3 id="step-8---file-permissions-and-other-git-config">Step 8 - File Permissions and Other Git Config</h3>
<p>Create the /var/www folder and give it permissions. If /var/www already exists you can skip the <code class="language-plaintext highlighter-rouge">mkdir</code> step.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mkdir /var/www
sudo groupadd www-data
sudo usermod -a -G www-data serveruser
sudo chown -R serveruser:www-data /var/www
sudo chmod 2775 /var/www
</code></pre></div></div>
<p>Set up a ssh key for the server:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh-keygen -t rsa -b 4096 -C "stungeye@gmail.com"
</code></pre></div></div>
<p>Configure git:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git config --global user.email "youremail@example.com"
git config --global user.name "Your Name"
</code></pre></div></div>
<p>Not shown in this tutorial: <a href="https://help.github.com/articles/generating-ssh-keys#platform-linux">Linking the SSH key created above to your Github account</a>.</p>
<h3 id="step-9---configure-nginx-to-host-a-rails-app">Step 9 - Configure Nginx to Host a Rails App</h3>
<p>To test a Rails app, here’s simple ngnix server block that you can put in your <code class="language-plaintext highlighter-rouge">/etc/nginx/sites-available/default</code> config file. You will need to edit this file using <code class="language-plaintext highlighter-rouge">sudo</code> and you should replace the existing server block that is already present in the file.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>server {
listen 80;
server_name localhost;
passenger_enabled on;
rails_env development;
root /var/www/railsapp/public;
}
</code></pre></div></div>
<p>Note that the folder you specific for the <code class="language-plaintext highlighter-rouge">root</code> must point to the <code class="language-plaintext highlighter-rouge">public</code> folder of a Rails app you’ve install in your <code class="language-plaintext highlighter-rouge">/var/www/</code> folder. If you’ve mapped your droplet to a domain, replace <code class="language-plaintext highlighter-rouge">localhost</code> with the name of your domain.</p>
<p>You’ll also want to configure your Rails app to use MySQL using the credentials you created above. And don’t forget to run your migrations!</p>
<p>If you’re hosting multiple sites you might want to use the <a href="https://github.com/perusio/nginx_ensite.git">ensite tool</a> along with the <code class="language-plaintext highlighter-rouge">/etc/nginx/sites-available</code> folder.</p>
<h3 id="step-10---install-wordpress">Step 10 - Install Wordpress</h3>
<p>Grab the latest version of Wordpress and move it to your <code class="language-plaintext highlighter-rouge">/var/www</code> folder:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>wget http://wordpress.org/latest.tar.gz
tar -xzf latest.tar.gz
mkdir /var/www/wordpress
mv latest /var/www/wordpress/production
</code></pre></div></div>
<p>Configure Wordpress:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cd /var/www/wordpress/production
cp wp-config-sample.php wp-config.php
curl -s https://api.wordpress.org/secret-key/1.1/salt/
</code></pre></div></div>
<p>The last of those three commands will provide you with some secrets to add to the <code class="language-plaintext highlighter-rouge">wp-config.php</code> file. You also need to add your database credentials to this config file.</p>
<p>I also changed the database encoding type (as per <a href="https://medium.com/@adamhooper/in-mysql-never-use-utf8-use-utf8mb4-11761243e434">this article</a>):</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>define('DB_CHARSET', 'utf8mb4');
</code></pre></div></div>
<p>If you want Wordpress to be able to directly download plugins/updates you should also add:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>define('FS_METHOD', 'direct');
</code></pre></div></div>
<p>Next you’ll want to set up some file permissions:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mkdir /var/www/wordpress/production/wp-content/uploads
sudo chown -R www-data:www-data /var/www/winnipegelection/production/wp-content/
</code></pre></div></div>
<h3 id="step-11---configure-nginx-to-host-wordpress">Step 11 - Configure Nginx to host Wordpress</h3>
<p>Here’s a sample Nginx file for Wordpress hosting:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/wordpress/production;
index index.php;
server_name _;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Required for supporting fancy permalinks
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
}
</code></pre></div></div>
<p>I also find it handy to increase the upload size nginx and php can handle to allow for large image uploads through Wordpress.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># File: /etc/nginx/nginx.conf
client_max_body_size 25M;
# File /etc/php/<version>/fpm/php.ini Where version your php version.
upload_max_filesize = 25M
post_max_size = 25M
</code></pre></div></div>
<h3 id="step-12---extra-security-stuff-optional">Step 12 - Extra Security Stuff (Optional)</h3>
<p>Enable SSL with certbot:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get update
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
sudo certbot --nginx
sudo service nginx reload
</code></pre></div></div>
<p>Certbox will also add a daily cron task to check and renew certificates if required.</p>
<p>Enable the <a href="https://help.ubuntu.com/community/UFW">ufw</a> Firewall to only permit web (port 80) and ssh (port 22) traffic:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw enable
</code></pre></div></div>
<p>At this point you might also want to install <a href="http://www.fail2ban.org/">fail2ban</a>. I found the following two tutorials helpful:</p>
<ul>
<li><a href="https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04">How To Protect SSH with fail2ban on Ubuntu 14.04</a></li>
<li><a href="http://snippets.aktagon.com/snippets/554-how-to-secure-an-nginx-server-with-fail2ban">How to Secure an Nginx Server with Fail2Ban</a> (I only used the <code class="language-plaintext highlighter-rouge">badbots</code> and <code class="language-plaintext highlighter-rouge">noscript</code> jails.)</li>
</ul>
<p>Be cautious with fail2ban. You don’t want to lock yourself out of your own server. If you do get blocked, you can login using the Digital Ocean web console for your droplet.</p>
<h3 id="step-13---test-your-sever">Step 13 - Test Your Sever</h3>
<p>Congrats! At this point you should now be able to load either a Rails app or Wordpress. When testing your app be sure to trigger actions that both read and write to your database to ensure that MariaDB is properly configured.</p>
<h3 id="step-14---keeping-your-system-up-to-date">Step 14 - Keeping Your System Up To Date</h3>
<p>When you connect via SSH to your droplet a login message will let you know if there are pending security updates. To download and install these updates, run the following commands:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
</code></pre></div></div>
<p>After which you may have to restart your droplet:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo reboot
</code></pre></div></div>
<p>To list newly available Ruby versions:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv install -l
</code></pre></div></div>
<p>To install a new version:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv install <version number>
rbenv global <version number>
rbenv rehash
</code></pre></div></div>
<p>To install a new version of Rails, update your Rails project <code class="language-plaintext highlighter-rouge">Gemfile</code> and then run:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>bundle update
rbenv rehash
</code></pre></div></div>
VPS Ruby on Rails Hosting Revisted2015-01-10T00:00:00-06:00http://opendemocracymanitoba.github.io/2015/01/10/vps-ruby-on-rails-hosting-2<p><em>ODM Technology Post</em></p>
<p><strong>In this post we will configure Ruby on Rails on a <a href="https://m.do.co/c/9c57a647fd20">Digital Ocean</a> VPS.</strong></p>
<p><strong>This is an update to <a href="/2014/04/07/vps-ruby-on-rails-hosting/">a similar post from two years ago</a>.</strong> This article was originally posted in January of 2015, but was updated again in November of 2016.</p>
<p>Our final hosting setup will be:</p>
<ul>
<li>OS: Linux - <a href="http://ubuntu.com/">Ubuntu</a> LTS Version</li>
<li>Web Server: <a href="http://nginx.org/">Nginx</a></li>
<li>Rails Hosting: <a href="https://www.phusionpassenger.com/">Phussion Passenger</a></li>
<li>Database Server: <a href="http://www.postgresql.org/">PostgreSQL</a></li>
<li>Language and Framework: <a href="http://www.ruby-lang.org/">Ruby</a> 2.x & <a href="http://rubyonrails.org/">Rails</a> 5.x</li>
</ul>
<p><em>This tutorial assumes a familiarity with the Linux command line, server administration, and Rails configuration.</em></p>
<h3 id="background-information">Background Information</h3>
<p>A VPS is a <a href="https://en.wikipedia.org/wiki/Virtual_private_server">Virtual Private Server</a>. In our case, a virtualized Ubuntu Linux server from <a href="https://m.do.co/c/9c57a647fd20">Digital Ocean</a> to host <a href="http://opendemocracymanitoba.ca">ODM</a> Ruby projects.</p>
<p>The 512MB plan on <a href="https://m.do.co/c/9c57a647fd20">Digital Ocean</a> is only $5 a month. Nice.</p>
<h3 id="automation-and-config-management">Automation and Config Management</h3>
<p>This post does not rely on a configuration management tool.</p>
<p>I figured I’d be done setting up the server long before I’d figured out the intricacies of <a href="http://puppetlabs.com/">Puppet</a>, <a href="http://www.getchef.com/">Chef</a>, or <a href="http://www.ansible.com">Ansible</a>. Considering all the changes when compared with <a href="/2014/04/07/vps-ruby-on-rails-hosting/">the install I did in 2014</a> I’m glad I hadn’t automated the process yet.</p>
<p>That said, if you can see yourself setting up multiple servers following this tutorial, you may wish to look into one of the automated provisioning solution listed in the previous paragraph.</p>
<p>Also, if you only plan on hosting one Rails app on your VPS, <a href="https://www.digitalocean.com/community/tutorials/how-to-use-the-ruby-on-rails-one-click-application-on-digitalocean">Digital Ocean’s one-click Rails install</a> might be the easiest solution. Their one-click install uses <a href="http://rvm.beginrescueend.com/">RVM</a> instead of rbenv and <a href="http://unicorn.bogomips.org/">Unicorn</a> in place of Passenger. Although, fair warning, it requires much more than just one-click.</p>
<h3 id="step-1---create-the-droplet">Step 1 - Create the Droplet</h3>
<p>Digital Ocean (DO) calls their VPS instances Droplets. Once you have a DO account you can create new droplets by clicking on the ‘Create’ button in your admin dashboard. I selected the following options:</p>
<ul>
<li>Size: 1GB</li>
<li>Region: Toronto 1</li>
<li>Linux Distribution: Ubuntu 16.04 LTS</li>
</ul>
<h3 id="step-2---user-setup">Step 2 - User Setup</h3>
<p>Once the droplet was created, I was emailed a root username and password. I was then able to SSH to the server as root using <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/">Putty</a>. My first order of business was to create a new user with sudoer privileges, and then lock root out of SSH access:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>adduser serveruser
visudo
</code></pre></div></div>
<p>The second command opens up the sudoers file to which I added:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>serveruser ALL=(ALL:ALL) ALL
</code></pre></div></div>
<p>I then edited the <code class="language-plaintext highlighter-rouge">/etc/ssh/sshd_config</code> file to add:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>PermitRootLogin no
</code></pre></div></div>
<p>And then I restarted ssh and logged back in with my <code class="language-plaintext highlighter-rouge">serveruser</code> user:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo service ssh restart
</code></pre></div></div>
<p>From now on when I need to run a command as root I will proceed the command with <code class="language-plaintext highlighter-rouge">sudo</code>.</p>
<p>Not shown in this tutorial: <a href="https://www.digitalocean.com/community/articles/how-to-use-ssh-keys-with-digitalocean-droplets">How to use SSH keys with Digital Ocean Droplets</a>.</p>
<h3 id="step-3---create-a-swap-file-optional">Step 3 - Create a Swap File (Optional)</h3>
<p>Some of the following steps require compilation, so it’s nice to have a swap file on the server. By default DO droplets to not have swap files, but <a href="https://www.digitalocean.com/community/tutorials/how-to-add-swap-on-ubuntu-14-04">adding one isn’t difficult</a>. Feel free to skip this step.</p>
<p>I created a 1GB swapfile:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo fallocate -l 1G /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo chown root:root /swapfile
sudo chmod 0600 /swapfile
</code></pre></div></div>
<p>Then open <code class="language-plaintext highlighter-rouge">/etc/fstab</code> with sudo privs and add:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/swapfile none swap sw 0 0
</code></pre></div></div>
<p>Using swap too aggressively on a SSD drive can lead to hardware degradation. So let’s dial down the “<a href="https://help.ubuntu.com/community/SwapFaq#What_is_swappiness_and_how_do_I_change_it.3F">swappiness</a>” from 60 to 10:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>echo 10 | sudo tee /proc/sys/vm/swappiness
echo vm.swappiness = 10 | sudo tee -a /etc/sysctl.conf
</code></pre></div></div>
<h3 id="step-4---install-required-ubuntu-packages">Step 4 - Install Required Ubuntu Packages</h3>
<p>Let’s start by upgrading all the pre-installed packages:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get update
sudo apt-get upgrade
</code></pre></div></div>
<p>Reboot after that:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo reboot
</code></pre></div></div>
<p>Then install the ubuntu packages we need</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash
sudo apt-get install git g++ make nodejs libsqlite3-dev postgresql postgresql-contrib postgresql-server-dev-9.5 gconf2 libcurl4-openssl-dev imagemagick zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev sqlite3 libxml2-dev libxslt1-dev python-software-properties libffi-dev
</code></pre></div></div>
<p>(The first line enables the installation of node.js for CoffeeScript support in Rails.)</p>
<h3 id="step-5---postgresql-setup">Step 5 - PostgreSQL Setup</h3>
<p>Switch to the postgres user:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo su - postgres
</code></pre></div></div>
<p>Add a database role/user with a password:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>createuser --pwprompt myapp_postgres_user
</code></pre></div></div>
<p>You’re going to need the role/password details again in step 8.</p>
<p>Add a new database where <code class="language-plaintext highlighter-rouge">myapp</code> is the name of the Rails app you will be deploying:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>createdb --owner myapp_postgres_user myapp_development
createdb --owner myapp_postgres_user myapp_test
createdb --owner myapp_postgres_user myapp_production
</code></pre></div></div>
<p>Switch back to the <code class="language-plaintext highlighter-rouge">serveruser</code>:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>exit
</code></pre></div></div>
<h3 id="step-6---install-ruby-and-rails">Step 6 - Install Ruby and Rails</h3>
<p>We are going to install Ruby by way of <a href="https://github.com/sstephenson/rbenv">rbenv</a>.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git clone git://github.com/sstephenson/rbenv.git ~/.rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
echo 'eval "$(rbenv init -)"' >> ~/.bash_profile
git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build
echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bash_profile
</code></pre></div></div>
<p>This command will provide you with lines to add to your .bash_profile. Add those lines and reload the file:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>source ~/.bash_profile
</code></pre></div></div>
<p>Install Ruby (the latest version at the time of this post was 2.3.0):</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv install 2.3.3
rbenv global 2.3.3
</code></pre></div></div>
<p>Test your install with version switch:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ruby -v
</code></pre></div></div>
<p>And then install bundler using gem:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>echo "gem: --no-document" > ~/.gemrc
gem install bundler
</code></pre></div></div>
<h3 id="step-7---install-passenger--nginx">Step 7 - Install Passenger & Nginx:</h3>
<p>Install <a href="https://www.phusionpassenger.com/">Phusion Passenger</a> and the <a href="http://nginx.org/">Nginx</a> web server:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># Install our PGP key and add HTTPS support for APT
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7
sudo apt-get install -y apt-transport-https ca-certificates
# Add our APT repository
sudo sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger xenial main > /etc/apt/sources.list.d/passenger.list'
sudo apt-get update
# Install Passenger + Nginx
sudo apt-get install -y nginx-extras passenger
</code></pre></div></div>
<p>Enable Passenger in the Nginx config file:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo vim /etc/nginx/nginx.conf
</code></pre></div></div>
<p>And uncomment (remove the #) from the following lines:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># include /etc/nginx/passenger.conf;
</code></pre></div></div>
<p>Re-start Nginx:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo service nginx restart
</code></pre></div></div>
<h3 id="step-8---install-your-rails-app">Step 8 - Install Your Rails App</h3>
<p>Create the /var/www folder and give it permissions. If /var/www already exists you can skip the <code class="language-plaintext highlighter-rouge">mkdir</code> step.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo groupadd www-pub
sudo usermod -a -G www-pub serveruser
sudo mkdir /var/www
sudo chown -R serveruser:www-pub /var/www
sudo chmod 2775 /var/www
</code></pre></div></div>
<p>And then place your Rails app in the <code class="language-plaintext highlighter-rouge">/var/www</code> folder. I did so by cloning the github repo.</p>
<p>Set up a ssh key for the server:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh-keygen -t rsa -b 4096 -C "stungeye@gmail.com"
</code></pre></div></div>
<p>Configure git:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git config --global user.email "youremail@example.com"
git config --global user.name "Your Name"
</code></pre></div></div>
<p>Clone the repository:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git clone git@github.com:OpenDemocracyManitoba/winnipegelection.git
</code></pre></div></div>
<p>Not shown in this tutorial: <a href="https://help.github.com/articles/generating-ssh-keys#platform-linux">Linking the SSH key created above to your Github account</a>.</p>
<h3 id="step-9---configure-your-app-for-postgres">Step 9 - Configure Your App for Postgres</h3>
<p>Remove sqlite from the Gemfile and replace it with the pg gem. And then update:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>bundle update
</code></pre></div></div>
<p>Edit the <code class="language-plaintext highlighter-rouge">config/database.yml</code> <a href="http://guides.rubyonrails.org/configuring.html#configuring-a-database">for use with Postgres</a> using the role/password you created in step 5. A sample production config might look like this:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>production:
adapter: postgresql
encoding: unicode
host: localhost
pool: 5
database: myapp_production
username: myapp_postgres_user
password: thepasswordyoupickedinstep5
</code></pre></div></div>
<p>Don’t forget to run your migration!</p>
<h3 id="step-10---configure-nginx-to-host-your-rails-app">Step 10 - Configure Nginx to Host Your Rails App</h3>
<p>To test your app, here’s simple ngnix server block that you can put in your <code class="language-plaintext highlighter-rouge">/etc/nginx/sites-available/default</code> config file. You will need to edit this file using <code class="language-plaintext highlighter-rouge">sudo</code> and you should replace the existing server block that is already present in the file.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>server {
listen 80;
server_name localhost;
passenger_enabled on;
rails_env development;
root /var/www/winnipegelection/public;
}
</code></pre></div></div>
<p>Note that the folder you specific for the <code class="language-plaintext highlighter-rouge">root</code> must point to the <code class="language-plaintext highlighter-rouge">public</code> folder of the app you cloned into the <code class="language-plaintext highlighter-rouge">/var/www/</code> folder. If you’ve mapped your droplet to a domain, replace <code class="language-plaintext highlighter-rouge">localhost</code> with the name of your domain.</p>
<p>You can also set your <code class="language-plaintext highlighter-rouge">rails_env</code> to <code class="language-plaintext highlighter-rouge">production</code> if this is meant to be a production deployment. Doing so means you need to perform one extra step, described below as step 11.</p>
<p>Use <a href="https://www.linode.com/docs/websites/nginx/how-to-configure-nginx#server-virtual-domains-configuration">sites-available / sites-enabled config files</a> if you want to host multiple projects on this server.</p>
<h3 id="step-11---configure-rails-for-production">Step 11 - Configure Rails for Production</h3>
<p>When Rails runs in production mode there is an extra configuration step that you must before. You can skip this step if you set your <code class="language-plaintext highlighter-rouge">rails_env</code> to <code class="language-plaintext highlighter-rouge">development</code> in the last step.</p>
<p>In the <code class="language-plaintext highlighter-rouge">config</code> folder of your Rails Project you will find a file named <code class="language-plaintext highlighter-rouge">secrets.yml</code>. When running in production mode you will need to have a production <code class="language-plaintext highlighter-rouge">secret_key_base</code> set in this file. By default the file is configured to look for this secret in an OS environment variable called <code class="language-plaintext highlighter-rouge">SECRET_KEY_BASE</code>. You can also hardcode a secret into this file, but if you do, <strong>be sure to remove the <code class="language-plaintext highlighter-rouge">secrets.yml</code> from your git repo</strong>. You do not want to accidentally expose this secret to the world by pushing your project to a public Github repo. Rails uses this secret key to do things like encrypt session cookies, so exposing this secret would be a large security vulnerability.</p>
<p>Secrets can be generated from the command line by running the following command from your project folder:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rake secret
</code></pre></div></div>
<h3 id="step-12---extra-security-stuff-optional">Step 12 - Extra Security Stuff (Optional)</h3>
<p>Enable the <a href="https://help.ubuntu.com/community/UFW">ufw</a> Firewall to only permit web (port 80) and ssh (port 22) traffic:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow www
sudo ufw enable
</code></pre></div></div>
<p>At this point you might also want to install <a href="http://www.fail2ban.org/">fail2ban</a>. I found the following two tutorials helpful:</p>
<ul>
<li><a href="https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04">How To Protect SSH with fail2ban on Ubuntu 14.04</a></li>
<li><a href="http://snippets.aktagon.com/snippets/554-how-to-secure-an-nginx-server-with-fail2ban">How to Secure an Nginx Server with Fail2Ban</a> (I only used the <code class="language-plaintext highlighter-rouge">badbots</code> and <code class="language-plaintext highlighter-rouge">noscript</code> jails.)</li>
</ul>
<p>Be cautious with fail2ban. You don’t want to lock yourself out of your own server. If you do get blocked, you can login using the Digital Ocean web console for your droplet.</p>
<h3 id="step-13---test-your-sever">Step 13 - Test Your Sever</h3>
<p>Congrats! At this point you should be able to load your Rails app via a web browser. When testing your app be sure to trigger actions that both read and write to your database to ensure that Postgres is properly configured.</p>
<h3 id="step-14---keeping-your-system-up-to-date">Step 14 - Keeping Your System Up To Date</h3>
<p>When you connect via SSH to your droplet a login message will let you know if there are pending security updates. To download and install these updates, run the following commands:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
</code></pre></div></div>
<p>After which you may have to restart your droplet:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo reboot
</code></pre></div></div>
<p>To keep rbenv up to date:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv update
</code></pre></div></div>
<p>To list newly available Ruby versions:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv install -l
</code></pre></div></div>
<p>To install a new version:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv install <version number>
rbenv global <version number>
rbenv rehash
</code></pre></div></div>
<p>To install a new version of Rails, update your Rails project <code class="language-plaintext highlighter-rouge">Gemfile</code> and then run:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>bundle update
rbenv rehash
</code></pre></div></div>
Richard Pietro's Open Government Tour - Winnipeg Retrospective2014-12-01T00:00:00-06:00http://opendemocracymanitoba.github.io/2014/12/01/open-government-tour-winnipeg-retrospective<p><br /></p>
<blockquote class="twitter-tweet" lang="en"><p>Hello <a href="https://twitter.com/stungeye">@stungeye</a>! I read that you're part of Open Democracy Manitoba and thought you might be interested about a project I'm working on :-)</p>— Richard Pietro (@richardpietro) <a href="https://twitter.com/richardpietro/status/456969530200580096">April 18, 2014</a></blockquote>
<script async="" src="//platform.twitter.com/widgets.js" charset="utf-8"></script>
<p><br />
It began with this tweet. On replying I learnt of Richard’s plan to tour Canada promoting democratic engagement. This past summer, in cities across Canada, Richard modeled civic engagement as an art form, curating discussions about <strong>Open Government</strong> with public servants, programmers, journalists, entrepreneurs, and citizens.</p>
<blockquote>
<p>Open government is the governing doctrine which holds that citizens have the right to access the documents and proceedings of the government to allow for effective public oversight. source: <a href="https://en.wikipedia.org/wiki/Open_government">wikipedia</a></p>
</blockquote>
<p>On August 11th 2014 <strong>Richard Pietro’s Open Government Tour</strong> (OGT14) attracted a crowd to the Millennium Library in downtown Winnipeg. The event was sponsored by <a href="http://opendemocracymanitoba.ca">Open Democracy Manitoba</a>, and hosted by <a href="http://www.communitynewscommons.org/">Community News Commons</a> and the <a href="http://wpl.winnipeg.ca/library/">Winnipeg Public Library</a>.</p>
<p><img src="/public/images/2014-11-30-open-government-tour-recap.jpg" alt="Richard Pietro with Motorcycle" /></p>
<blockquote>
<p>Above: Richard Pietro with the motorcycle he drove across Canada raising awareness about the Open Goverment movement.</p>
</blockquote>
<p>Although we’d spoken during the video chat planning sessions with other OGT14 “City Champions”, I first met Richard in person the day of the event. Fellow ODM member <a href="https://twitter.com/kenharasym">Ken Harasym</a> and I met him in the morning at a motorbike shop on Pembina, followed by breakfast at the Pancake house. Despite <a href="http://www.webnotwar.ca/ogt14-week-7-update/">the bike problems he was dealing with</a> Richard was in good spirits. With his bike out of commission, I voluteered to chauffeur him around for the day. This meant I was able to join him discussing Open Government and Open Data with <a href="https://twitter.com/DahliaKurtz">Dahlia Kurtz</a> on her <a href="http://www.cjob.com">CJOB</a> radio show. We also got to spend the day chatting and getting to know each other.</p>
<p>The Winnipeg OGT14 event was co-moderated by Richard and myself (<a href="http://twitter.com/stungeye">Kyle Geske</a> of Open Democracy Manitoba). The evening started with Richard defining Open Government and Open Data and why they are important, with the help of a few memes.</p>
<iframe width="600" height="450" src="//www.youtube.com/embed/f9DtEUJwevo" frameborder="0" allowfullscreen=""></iframe>
<p><br />
The crowd was eager to hear Richard and guests introduce the Open Government movement while discussing local Open Gov / Open Data ideas and initiatives. A number of city journalists and three mayoral candidates for the 2014 Winnipeg Election, Brian Bowman, Robert-Falcon Oullette and Judy Wasylycia-Leis, were in attendance along with 70+ engaged citizens.</p>
<h2 id="first-half-access-and-why-its-important">First Half: Access and why it’s important</h2>
<p>The first panel of guests included <a href="https://twitter.com/mawwelch">Mary Agnes Welch</a> of the Winnipeg Free Press, <a href="https://twitter.com/colincraig1">Colin Craig</a> of the Canadian Taxpayers Federation, and <a href="http://dennislewycky.ca/about/">Dennis Lewycky</a> of the Social Planning Council of Winnipeg. We were also joined by <a href="https://twitter.com/cotkeith">Keith McDonald</a> from the City of Toronto’s Open Data team via Skype.</p>
<h4 id="some-highlights">Some Highlights</h4>
<ul>
<li><strong>Richard:</strong> Open Data is about restoring trust in our government.</li>
<li><strong>Colin:</strong> Open Data and <a href="http://www.gov.mb.ca/chc/fippa/index.html">FIPPA Requests</a> can be used by citizens or organizations to push government for policy changes.</li>
<li><strong>Keith:</strong> “Paper is to Open Data as KFC is to the Canadian Food Guide.”</li>
<li><strong>Mary Agnes:</strong> Data in journalism as <em>starting place</em> for stories that might otherwise have been missed.</li>
<li><strong>Dennis:</strong> A reminder that technology is not objective. Different metrics used to quantify and explain data can create bias.</li>
</ul>
<p>When asked by audience member <a href="https://twitter.com/bernardic">Dan Bernardic</a> about what all this means for the average citizen, I tried to express what I see as the importance of Open Government. That government accountability isn’t something that comes pre-packaged with a democracy. We the citizens are the accountants, but accountants need their spreadsheets. ;)</p>
<h2 id="second-half-meeting-the-makers">Second Half: Meeting the Makers</h2>
<p>The second panel of guests included <a href="https://www.linkedin.com/pub/kirk-cumming/13/691/71">Kirk Cumming</a>, manager of data & application service for the City of Winnipeg and <a href="https://www.linkedin.com/pub/charles-thrift/15/18b/384">Charles Thrift</a> of the International Institute for Sustainable Development (IISD). <a href="http://twitter.com/jiguiniz">Jose Javier</a>, Senior Policy Analyst at Ontario Ministry of Government Services, and <a href="http://twitter.com/andrewfogg">Andrew Fogg</a> of <a href="import.io">import.io</a> joined us by way of Skype.</p>
<h4 id="some-highlights-1">Some Highlights</h4>
<ul>
<li><strong>Kirk:</strong> The City of Winnipeg’s Open Data journey begins <a href="http://data.winnipeg.ca">data.winnipeg.ca</a>. The three types of users being API users (programmers), data analysts (researchers/reporters), and the general public.</li>
<li><strong>Charles:</strong> <a href="http://www.mypeg.ca/">Peg</a> is providing Open Data as a Non-Governmental Organization to inspire action on community health.</li>
<li><strong>Jose:</strong> The <a href="http://open.canada.ca/en/open-government-licence-canada">Open Government Licence</a> establishes rules for governments and citizens. Encourages people to use Open Data.</li>
<li><strong>Andrew:</strong> <a href="https://import.io/">Import.io</a> as a way for non-programmers to extract data that exists on public websites.</li>
<li><strong>Richard:</strong> Instead of getting on the government case when data is incorrect or poorly organized, let’s get together and clean up the data.</li>
</ul>
<p>Kirk also fielded a number of questions from the journalists in the audience regarding the city’s randomization of locations details in their open datasets.</p>
<h2 id="richards-summary-of-the-winnipeg-event">Richard’s Summary of the Winnipeg Event</h2>
<blockquote>
<p>Kyle Geske, Ken Harasym, <a href="https://twitter.com/jody_gillis">Jody Gillis</a>, <a href="https://twitter.com/chefquix">Andrew Burton</a>, <a href="https://twitter.com/tessavanderhart">Tessa Vanderhart</a>, and <a href="https://twitter.com/CNCWpg">Noah Erenberg</a> were the folks that brought the #OGT14 Winnipeg event together and man, they couldn’t have been more awesome, and for so many different reason.</p>
</blockquote>
<blockquote>
<p>First, we had the perfect venue, awesome invited guests, lots of food, a dedicated person live tweeting the event, PLUS two cameramen capturing the event. The event ran like clockwork and afterwards the organizers told me their group had never organized an event before! If that’s the case, I can’t wait to see how good their events become once they become seasoned veterans lol.</p>
</blockquote>
<p><a href="http://www.webnotwar.ca/ogt14-week-7-update/">Read the rest of Richard’s Winnipeg OGT14 experience</a>.</p>
<h2 id="the-twitter-summary">The Twitter Summary</h2>
<p>The event was live-tweeted by <a href="https://twitter.com/tessavanderhart">Tessa Vanderhart</a>. Tessa’s currated collection of tweets from the evening is no longer available (the Storify platform no longer exists) but her tweets can still be seen <a href="https://twitter.com/search?q=(from%3Atessavanderhart)%20until%3A2014-08-13%20since%3A2014-08-11&src=typed_query&f=live">by following this link and scrolling down to tweets from August 11, 2014</a>. The tweets are in reverse-chronological order, so you may wish to start at the bottom.</p>
<h2 id="part-two---the-return-of-the-ogt14">Part Two - The Return of the #OGT14</h2>
<p>On September 6th we held a smaller Open Government Tour event when Richard stopped in Winnipeg on the return leg of the tour. This event was much more informal that the previous one. We gathered at Cousin’s Deli and discussed Open Government over a few drinks. Richard gave us a recap of the western Canada portion of the tour. We also discussed the dataset available on <a href="http://data.winnipeg.ca">data.winnipeg.ca</a> and how best to promote Open Government as a citizen.</p>
Richard Pietro's 2014 Open Government Tour2014-07-17T00:00:00-05:00http://opendemocracymanitoba.github.io/2014/07/17/richard-pietros-open-government-tour<p>August 11th is the Winnipeg stop of Richard Pietro’s Open Government Tour.</p>
<p>This summer <a href="https://twitter.com/richardpietro">Richard</a> is driving his motorcycle across the country promoting democratic engagement by way of technology, transparency and accountability. The intent of his tour (as described in <a href="http://o.canada.com/technology/internet/its-time-to-make-civic-engagement-sexy-again">this article</a>) is to <em>“introduce Open Gov/Data to Canadians, hopefully acting as a spark that will help push the movements over the tipping point and change the perspective that this kind of stuff isn’t only relegated to the uber-civically engaged, politico, or super-techie.”</em></p>
<p><a href="https://www.eventbrite.ca/e/the-open-government-tour-winnipeg-tickets-12153636855?aff=efbevent">Register to attend!</a></p>
<blockquote>
<p>“<strong>Open Data</strong> refers to the default release of all the information the government collects about us. All the studies, all the reports, all the numbers all available online.”</p>
</blockquote>
<blockquote>
<p>“<strong>Open Government</strong> is the idea that governments make this information available by default, without having to go through Freedom of Information requests or court battles. Open government means a government that works with the people, not above the people.”</p>
</blockquote>
<p>More Open Government Tour (OGT14) details can be found at <a href="http://opengovtour.org">opengovtour.org</a>.</p>
<h3 id="winnipeg-event---6pm-to-9pm-on-august-11th">Winnipeg Event - 6pm to 9pm on August 11th</h3>
<p>Open Democracy Manitoba is hosting the event along with sponsors the <a href="ihttp://www.communitynewscommons.org/">Community News Commons</a> and the <a href="http://wpl.winnipeg.ca/library/">Winnipeg Public Library</a>.</p>
<p>We have confirmed the following guests for the evening:</p>
<p><strong>Mary Agnes Welch</strong> of the Winnipeg Free Press. Mary Agnes has written a number of data-driven stories for the Winnipeg Free Press. She also works with journalism students at Red River College on FIPPA / Data research projects.</p>
<p><strong>Colin Craig</strong> of the Canadian Taxpayers Federation. Colin’s interest in open government is due to his experience with FIPPA requests and his organization’s focus on accountability.</p>
<p>A <strong>representative from the City of Winnipeg</strong>’s new Open Data Portal <a href="http://data.winnipeg.ca">data.winnipeg.ca</a>.</p>
<p><strong>Charles Thrift</strong> of the International Institute for Sustainable Development (IISD). The IISD and the United Way built Peg (<a href="http://mypeg.ca">mypeg.ca</a>) a data-driven community well-being portal.</p>
<p><strong>Dennis Lewycky</strong> of the Social Planning Council of Winnipeg is an advocate of more accessible government data for research on social equity issues. The SPCW led a coalition of organizations in buying more detailed neighbourhood-level cross-tabulation Census data from Statistics Canada.</p>
<p>We’re currently in talks with the following folks to secure more participants:</p>
<ul>
<li>The Province of Manitoba</li>
<li>The Winnipeg Art Council</li>
</ul>
<p>The event will follow a “late night talk-show” format. The evening will be broken down into two groups of guests, with a theme topic for each group. The Toronto event was organized into three sections:</p>
<ul>
<li>Intro; relationship with Make Web Not War; What is Open Source?</li>
<li>The culture of Open Government. What does it look like? What are the obstacles? Where are the low hanging fruits?</li>
<li>Open Data / Technology conversation. What are the tools and processes that can help make Open Government a reality?</li>
</ul>
<p><a href="https://www.eventbrite.ca/e/the-open-government-tour-winnipeg-tickets-12153636855?aff=efbevent">The Winnipeg event</a> is confirmed and we’ve booked the Carol Shields Auditorium at the Millennium Library (Downtown Graham at Donald) from 6 until 9:30pm on August 11th. <a href="https://www.eventbrite.ca/e/the-open-government-tour-winnipeg-tickets-12153636855?aff=efbevent">Register to Attend</a>.</p>
<p><a href="http://us8.campaign-archive1.com/home/?u=b94b0db339ea741f039bcb481&id=c8e6419b9b">Richard reports back</a> that the first four events on the tour in Toronto, Kingston, Montreal and Halifax were very successful.</p>
<h3 id="what-i-need-from-you">What I Need From You</h3>
<p>Start following and retweeting the <a href="https://twitter.com/search?q=%23ogt14">#OGT14 hashtag</a>, share <a href="https://www.eventbrite.ca/e/the-open-government-tour-winnipeg-tickets-12153636855?aff=efbbt">the Event Brite Event</a> and <a href="https://www.facebook.com/events/1448796188709824/">the Facebook Event</a>.</p>
<p>The event will be dedicated to introducing Open Gov/Data to people who are new to the space. If you’re well-informed in this area, please reach out to your family/friends and bring someone less open-savvy along.</p>
<p>Do you have anyone you can suggest as a local guest? We’re looking for open-data, open-source, or open-gov practitioners. Feel free to think beyond the tech world. How about a local educator, artist or activist working in this space? We are hoping to have all guests confirmed by July 22nd, next Tuesday.</p>
<p>I could also use some suggestions for pulling in a more diverse audience.</p>
<h3 id="this-is-what-open-source-looks-like">This is What Open Source Looks Like</h3>
<p>To model <a href="https://en.wikipedia.org/wiki/Open_source">the Open Source process</a>, ODM co-founder <a href="https://twitter.com/kenharasym">Ken Harasym</a> created an Open Source Poster for the 2014 Open Government Tour. A poster kit including editable DOC and PDF versions can be <a href="https://drive.google.com/file/d/0B1dJTagt8-2NOW5YZTBTbGJNTjQ/edit?usp=sharing">downloaded here</a>, there is also <a href="https://www.canva.com/design/DAA0vHvdxz0/9wkvi7mrfkXqlMcEukX-RA/edit">an editable version on Canva</a>.</p>
<p>OGT14 City champions across Canada can now customize is poster for their local event, print and promote.</p>
VPS Ruby on Rails Hosting2014-04-07T00:00:00-05:00http://opendemocracymanitoba.github.io/2014/04/07/vps-ruby-on-rails-hosting<p><em>ODM Technology Post</em></p>
<p><strong>In this post we will configure Ruby on Rails deployment on a <a href="https://www.digitalocean.com/?refcode=9c57a647fd20">Digital Ocean</a> VPS.</strong></p>
<p>Our final hosting setup will be:</p>
<ul>
<li>OS: Linux - <a href="http://ubuntu.com/">Ubuntu</a> LTS Version</li>
<li>Web Server: <a href="http://nginx.org/">Nginx</a></li>
<li>Rails Hosting: <a href="https://www.phusionpassenger.com/">Phussion Passenger</a></li>
<li>Database Server: <a href="http://www.postgresql.org/">PostgreSQL</a></li>
<li>Language and Framework: <a href="http://www.ruby-lang.org/">Ruby</a> 2.x & <a href="http://rubyonrails.org/">Rails</a> 4.x</li>
</ul>
<p><strong>WARNING</strong>: <em>This tutorial assumes a familiarity with the Linux command line, server administration, and Rails configuration.</em></p>
<h3 id="background-information">Background Information</h3>
<p>A VPS is a <a href="https://en.wikipedia.org/wiki/Virtual_private_server">Virtual Private Server</a>. In our case, a virtualized Ubuntu Linux server used to host the ODM websites. Before developing the new version of <a href="http://winnipegelection.ca">WinnipegElection.ca</a> I wanted to move our sites from their existing <a href="http://www.rackspace.com">Rackspace</a> VPS to a fresh VPS with <a href="https://www.digitalocean.com/?refcode=9c57a647fd20">Digital Ocean</a>.</p>
<p>On our existing VPS we are hosting close to 30 websites, the majority of which are not ODM projects. Some of these sites run PHP, some are Rails, and a few run Perl. The idea was to create two VPSs, isolating all PHP sites on one and all Rails sites on the other (while decommissioning the Perl sites). Our decision to move from Rackspace to Digital Ocean was based on price as well as on the simplicity of the Digital Ocean admin dashboard. The 512MB plan on <a href="https://www.digitalocean.com/?refcode=9c57a647fd20">Digital Ocean</a> is only $5 a month. Nice.</p>
<h3 id="automation-and-config-management">Automation and Config Management</h3>
<p>This post does not rely on a configuration management tool. I figured I’d be done setting up the server long before I’d figured out the intricacies of <a href="http://puppetlabs.com/">Puppet</a>, <a href="http://www.getchef.com/">Chef</a>, or <a href="http://www.ansible.com">Ansible</a>.</p>
<p>That said, if you can see yourself setting up multiple servers following this tutorial, you may wish to look into one of the automated provisioning solution listed in the previous paragraph. Also, if you only plan on hosting one Rails app on your VPS, <a href="https://www.digitalocean.com/community/articles/how-to-1-click-install-ruby-on-rails-on-ubuntu-12-10-with-digitalocean">Digital Ocean’s one-click Rails install</a> might be the easiest solution. Their one-click install uses <a href="http://rvm.beginrescueend.com/">RVM</a> instead of rbenv and <a href="http://unicorn.bogomips.org/">Unicorn</a> in place of Passenger.</p>
<h3 id="step-1---create-the-droplet">Step 1 - Create the Droplet</h3>
<p>Digital Ocean (DO) calls their VPS instances Droplets. Once you have a DO account you can create new droplets by clicking on the ‘Create’ button in your admin dashboard. I selected the following options:</p>
<ul>
<li>Size: 1GB*</li>
<li>Region: New York 2 (Default)</li>
<li>Linux Distribution: Ubuntu 12.04 LTS</li>
<li>Settings: Enable VirtIO</li>
</ul>
<p>* <em>I started with a 1GB droplet to speed up the config process and later scaled back down to 512MB.</em></p>
<h3 id="step-2---user-setup">Step 2 - User Setup</h3>
<p>Once the droplet was created, I was emailed a root username and password. I was then able to SSH to the server as root using <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/">Putty</a>. My first order of business was to create a new user with sudoer privileges, and then lock root out of SSH access:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>adduser serveruser
visudo
</code></pre></div></div>
<p>The second command opens up the sudoers file to which I added:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>serveruser ALL=(ALL:ALL) ALL
</code></pre></div></div>
<p>I then edited the <code class="language-plaintext highlighter-rouge">/etc/ssh/sshd_config</code> file to add:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>PermitRootLogin no
</code></pre></div></div>
<p>And then I restarted ssh and logged back in with my <code class="language-plaintext highlighter-rouge">serveruser</code> user:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo service ssh restart
</code></pre></div></div>
<p>From now on when I need to run a command as root I will proceed the command with <code class="language-plaintext highlighter-rouge">sudo</code>.</p>
<p>Not shown in this tutorial: <a href="https://www.digitalocean.com/community/articles/how-to-use-ssh-keys-with-digitalocean-droplets">How to use SSH keys with Digital Ocean Droplets</a>.</p>
<h3 id="step-3---create-a-swap-file">Step 3 - Create a Swap File</h3>
<p>Some of the following steps require compilation and so it’s nice to have a swap file on the server. By default DO droplets to not have swap files, but <a href="https://www.digitalocean.com/community/articles/how-to-add-swap-on-ubuntu-12-04">adding one isn’t difficult</a>. I created a 1GB swapfile:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024k
sudo mkswap /swapfile
sudo swapon /swapfile
sudo chown root:root /swapfile
sudo chmod 0600 /swapfile
</code></pre></div></div>
<p>Then open <code class="language-plaintext highlighter-rouge">/etc/fstab</code> with sudo privs and add:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/swapfile none swap sw 0 0
</code></pre></div></div>
<p>I then set the <a href="https://help.ubuntu.com/community/SwapFaq#What_is_swappiness_and_how_do_I_change_it.3F">swappiness</a> to 25:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>echo 25 | sudo tee /proc/sys/vm/swappiness
echo vm.swappiness = 20 | sudo tee -a /etc/sysctl.conf
</code></pre></div></div>
<h3 id="step-4---install-required-packages">Step 4 - Install Required Packages</h3>
<p>Let’s start by upgrading all the pre-installed packages:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get update
sudo apt-get upgrade
</code></pre></div></div>
<p>You may need to reboot after that:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo reboot
</code></pre></div></div>
<p>Then we install all the packages we need</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get install -y python-software-properties python
sudo add-apt-repository ppa:chris-lea/node.js
sudo apt-get update
sudo apt-get install curl git g++ make nodejs libsqlite3-dev postgresql postgresql-contrib postgresql-server-dev-9.1 gconf2 libcurl4-openssl-dev imagemagick
</code></pre></div></div>
<p>(Added Python for the handy <code class="language-plaintext highlighter-rouge">add-apt-repository</code> command. Added node.js for CoffeeScript support in Rails.)</p>
<h3 id="step-5---postgresql-setup">Step 5 - PostgreSQL Setup</h3>
<p>Switch to the postgres user:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo su postgres
</code></pre></div></div>
<p>Add a database role/user with a password:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>createuser --pwprompt
</code></pre></div></div>
<p>You’re going to need the role/password details again in step 8.</p>
<p>Add a new database where <code class="language-plaintext highlighter-rouge">myapp</code> is the name of the Rails app you will be deploying:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>createdb myapp_development
createdb myapp_test
createdb myapp_production
</code></pre></div></div>
<p>Switch back to the <code class="language-plaintext highlighter-rouge">serveruser</code>:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>exit
</code></pre></div></div>
<h3 id="step-6---install-ruby-and-rails">Step 6 - Install Ruby and Rails</h3>
<p>We are going to install Ruby by way of <a href="https://github.com/sstephenson/rbenv">rbenv</a>.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>curl https://raw.github.com/fesplugas/rbenv-installer/master/bin/rbenv-installer | bash
</code></pre></div></div>
<p>This command will provide you with lines to add to your .bashrc. Add those lines and reload the file:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>source ~/.bashrc
</code></pre></div></div>
<p>Get the required dependencies:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv bootstrap-ubuntu-12-04
</code></pre></div></div>
<p>Install Ruby (the latest version at the time of this post was 2.1.1):</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv install 2.1.1
rbenv global 2.1.1
</code></pre></div></div>
<p>Test your install with version switch:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ruby -v
</code></pre></div></div>
<p>And then install Rails using gem:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>gem install rails
</code></pre></div></div>
<h3 id="step-7---install-passenger--nginx">Step 7 - Install Passenger & Nginx:</h3>
<p>First we install the <a href="https://www.phusionpassenger.com/">Phusion Passenger</a> gem:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>gem install passenger
</code></pre></div></div>
<p>And then the <a href="http://nginx.org/">Nginx</a> web server:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo passenger-install-nginx-module
</code></pre></div></div>
<p>That command will likely fail to execute, in which case you need to find the full path to executable using:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>which passenger-install-nginx-module
sudo /full/path/to/passenger-install-nginx-module
</code></pre></div></div>
<p>Set up the startup scripts for Nginx:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>wget -O init-deb.sh http://library.linode.com/assets/660-init-deb.sh
sudo mv init-deb.sh /etc/init.d/nginx
sudo chmod +x /etc/init.d/nginx
sudo /usr/sbin/update-rc.d -f nginx defaults
</code></pre></div></div>
<p>Start Nginx:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo service nginx start
</code></pre></div></div>
<h3 id="step-8---install-your-rails-app">Step 8 - Install Your Rails App</h3>
<p>Create the /var/www folder and give it permissions.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo groupadd www-pub
sudo usermod -a -G www-pub vagrant
sudo chown -R serveruser:www-pub /var/www
sudo chmod 2775 /var/www
</code></pre></div></div>
<p>And then place your Rails app in the <code class="language-plaintext highlighter-rouge">/var/www</code> folder. I did so by clone the github repo:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git clone git@github.com:OpenDemocracyManitoba/winnipegelection.git
</code></pre></div></div>
<p>Not shown in this tutorial: <a href="https://help.github.com/articles/generating-ssh-keys#platform-linux">Setting up your SSH keys for GitHub</a>.</p>
<h3 id="step-9---configure-your-app-for-postgres">Step 9 - Configure Your App for Postgres</h3>
<p>Remove sqlite from the Gemfile and replace it with the pg gem. And then update:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>bundle update
</code></pre></div></div>
<p>Edit the <code class="language-plaintext highlighter-rouge">config/database.yml</code> <a href="http://guides.rubyonrails.org/configuring.html#configuring-a-database">for use with Postgres</a> using the role/password you created in step 5.</p>
<p>Don’t forget to run your migration!</p>
<h3 id="step-10---configure-nginx-to-host-your-rails-app">Step 10 - Configure Nginx to Host Your Rails App</h3>
<p>To test your app, here’s simple /opt/nginx/conf/nginx.conf server block:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>server {
listen 80;
server_name localhost;
passenger_enabled on;
rails_env development;
root /var/www/winnipegelection/public;
}
</code></pre></div></div>
<p>If you’ve mapped your droplet to a domain, replace <code class="language-plaintext highlighter-rouge">localhost</code> with the name of your domain.</p>
<h3 id="step-11---extra-security-stuff">Step 11 - Extra Security stuff:</h3>
<p>Enable the <a href="https://help.ubuntu.com/community/UFW">ufw</a> Firewall to only permit web (port 80) and ssh (port 22) traffic:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow www
sudo ufw enable
</code></pre></div></div>
<p>At this point you might also want to install <a href="http://www.fail2ban.org/">fail2ban</a>. I found the following two tutorials helpful:</p>
<ul>
<li><a href="https://www.digitalocean.com/community/articles/how-to-protect-ssh-with-fail2ban-on-ubuntu-12-04">How To Protect SSH with fail2ban on Ubuntu 12.04</a></li>
<li><a href="http://snippets.aktagon.com/snippets/554-how-to-secure-an-nginx-server-with-fail2ban">How to Secure an Nginx Server with Fail2Ban</a> (I only used the <code class="language-plaintext highlighter-rouge">badbots</code> and <code class="language-plaintext highlighter-rouge">noscript</code> jails.)</li>
</ul>
<p>Be cautious with fail2ban. You don’t want to lock yourself at of your own server.</p>
<h3 id="step-12---test-your-sever">Step 12 - Test Your Sever</h3>
<p>Congrats! At this point you should be able to load your Rails app via a web browser. When testing your app be sure to trigger actions that both read and write to your database to ensure that Postgres is properly configured.</p>
<h3 id="keeping-your-system-up-to-date">Keeping Your System Up To Date</h3>
<p>When you connect via SSH to your droplet a login message will let you know if there are pending security updates. To download and install these updates, run the following commands:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
</code></pre></div></div>
<p>After which you may have to restart your droplet:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo reboot
</code></pre></div></div>
<p>To keep rbenv up to date:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv update
</code></pre></div></div>
<p>To list newly available Ruby versions:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv install -l
</code></pre></div></div>
<p>To install a new version:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rbenv install <version number>
rbenv global <version number>
rbenv rehash
</code></pre></div></div>
<p>To install a new version of Rails, update your Rails project <code class="language-plaintext highlighter-rouge">Gemfile</code> and then run:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>bundle update
rbenv rehash
</code></pre></div></div>
<p>To install a new version of Phusion Passenger:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>gem update passenger
which passenger-install-nginx-module # To determine the path
sudo /path/from/previous/command/passenger-install-nginx-module
</code></pre></div></div>
<p>Notice that you have to re-install Nginx when upgrading passenger. At the end of the Nginx install you will be supplied with the new <code class="language-plaintext highlighter-rouge">passenger_root</code> and <code class="language-plaintext highlighter-rouge">passenger_ruby</code> settings for your <code class="language-plaintext highlighter-rouge">/opt/nginx/conf/nginx.conf</code>. After updating the Nginx conf file you can restart Nginx.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo service nginx restart
</code></pre></div></div>
Introducing Process & Technology2014-04-04T00:00:00-05:00http://opendemocracymanitoba.github.io/2014/04/04/introducting-odm-technology<p><a href="http://opendemocracymanitoba.ca">Open Democracy Manitoba</a> (ODM) is a community organization that builds online election resources with the goal of fostering government accountability, transparency and public education. I helped found ODM back in the summer of 2010 while we were building the <a href="http://winnipegelection.ca">WinnipegElection.ca</a> website. The following year we built <a href="http://manitobaelection.ca">ManitobaElection.ca</a>. These sites have helped over 75,000 voters research their candidates and learn about their local democratic process.</p>
<p>The name of this blog is Process and Technology. It’s goal is to document the technologies and processes used to build and maintain our websites.</p>
<p>This fall there will be a civic election in Winnipeg. As such, we have started rebuilding the <a href="http://winnipegelection.ca">WinnipegElection.ca</a> (WE) website from the ground up. The original WE site was built using <a href="http://www.ruby-lang.org">Ruby</a> on <a href="http://rubyonrails.org">Rails</a> 2.3 and was hosted on an <a href="http://ubuntu.com">Ubuntu</a> 8.04 server using <a href="http://www.apache.org">Apache</a>, <a href="https://www.phusionpassenger.com">Phusion Passenger</a>, and <a href="http://www.mysql.com">MySQL</a>. The upcoming version will be powered by Rails 4.1, Ubuntu 12.04, <a href="http://nginx.org">Nginx</a>, Phusion Passenger and <a href="http://www.postgresql.org">PostgreSQL</a>.</p>
<p>We’ve got lots of new features planned. I am especially excited to implement election-versioning to allow us to archive electoral races. If you want to follow along, plug the <a href="/atom.xml">RSS feed</a> into your favourite feed reader. You can also follow me (<a href="https://twitter.com/stungeye">@stungeye</a>) or <a href="http://twitter.com/WpgElection">@WpgElection</a> on Twitter. Comments are welcome (link below).</p>
<p><strong>P.S.</strong> This blog was built using <a href="http://getpoole.com/">Poole</a> and <a href="http://jekyllrb.com">Jekyll</a> following <a href="http://joshualande.com/jekyll-github-pages-poole/">Joshua Lande’s tutorial</a>. Blog entries are written in <a href="https://daringfireball.net/projects/markdown/">Markdown</a>. The blog is hosted on <a href="https://pages.github.com/">Github Pages</a>.</p>