diff --git a/Procfile b/Procfile deleted file mode 100644 index 20134966..00000000 --- a/Procfile +++ /dev/null @@ -1 +0,0 @@ -web: scripts/build_nginx.sh diff --git a/README.md b/README.md new file mode 100644 index 00000000..ab6228c5 --- /dev/null +++ b/README.md @@ -0,0 +1,178 @@ +Heroku Buildpack: NGINX +======================= + +Nginx-buildpack vendors NGINX inside a dyno and connects NGINX to an app server via UNIX domain sockets. + +This buildpack forks [Ryan Smith's excellent buildpack](https://github.com/ryandotsmith/nginx-buildpack) and maintains his feature list: + +* Unified NGINX/App Server logs. +* [L2met](https://github.com/ryandotsmith/l2met) friendly NGINX log format. +* [Heroku request ids](https://devcenter.heroku.com/articles/http-request-id) embedded in NGINX logs. +* Crashes dyno if NGINX or App server crashes. Safety first. +* Language/App Server agnostic. +* Customizable NGINX config. +* Application coordinated dyno starts. + +However there are some significant differences: + +* NGINX is built during initial deployment, rather than using a prebuilt binary. The binary is cached between deploys. +* NGINX logs are sent directly to stderr rather than to the filesystem. This results in faster log delivery to Heroku logplex, and doesn't gradually fill the filesystem. +* Signals are handled gracefully by the wrapper script, allowing both the app and NGINX to stop properly on dyno shutdown. +* `PORT` is overridden to refer to the UNIX domain socket, so the application can detect whether it's running under NGINX or directly. This is especially because NGINX can be enabled or disabled at run-time by toggling `NGINX_ENABLED`. + +Versions +-------- + +* [NGINX](http://nginx.org/) 1.12.1 +* [PCRE](http://sourceforge.net/projects/pcre/) 8.41 +* [ngx_headers_more](https://github.com/agentzh/headers-more-nginx-module) 0.32 + +These versions are tunable by setting `NGINX_VERSION`, `NGINX_PCRE_VERSION` and `NGINX_HEADERS_MORE_VERSION` in the app config, so you can update even if the buildpack hasn't been updated yet. + +Requirements +------------ + +* Your webserver listens to the socket at `/tmp/nginx.socket`. +* You can start your web server with a shell command. + +Logging +------- + +NGINX will output the following style of logs: + +``` +measure.nginx.service=0.007 request_id=e2c79e86b3260b9c703756ec93f8a66d +``` + +You can correlate this id with your Heroku router logs: + +``` +at=info method=GET path=/ host=salty-earth-7125.herokuapp.com request_id=e2c79e86b3260b9c703756ec93f8a66d fwd="67.180.77.184" dyno=web.1 connect=1ms service=8ms status=200 bytes=21 +``` + +Language/App Server Agnostic +---------------------------- + +Nginx-buildpack provides a command named `bin/start-nginx` this command takes another command as an argument. You must pass your app server's startup command to `start-nginx`. + +For example, to get NGINX and Unicorn up and running: + +```bash +$ cat Procfile +web: bin/start-nginx bundle exec unicorn -c config/unicorn.rb +``` + +### Application/Dyno coordination + +The buildpack will not start NGINX until the application is listening on `/tmp/nginx-socket`. Since NGINX binds to the dyno's `PORT` and since the `PORT` determines if the app can receive traffic, you can delay NGINX accepting traffic until your application is ready to handle it. The examples below show how/when you should write the file when working with Unicorn. + +### Setting the Worker Processes + +You can configure NGINX's `worker_processes` directive via the `NGINX_WORKERS` environment variable. + +For example, to set your `NGINX_WORKERS` to 8 on a PX dyno: + +```bash +$ heroku config:set NGINX_WORKERS=8 +``` + +Customizable NGINX Config +------------------------- + +You can provide your own NGINX config by creating a file named `config/nginx.conf.erb` in your app. Start by copying the buildpack's [default config file](https://raw.githubusercontent.com/agriffis/nginx-buildpack/develop/config/nginx.conf.erb). + +Alternatively, if you like the defaults, you can add a file `config/nginx-local.conf` and it will be included automatically. + +### Patched Logging + +This buildpack patches NGINX to send the access log directly to stderr, which is not a feature NGINX provides normally. If you override the default config and want to make use of this logging feature, use the following: + +``` +error_log stderr; + +http { + access_log error; +} +``` + +This instructs NGINX to send the error log to stderr (this is provided by NGINX upstream) and then to send the access log to the error log output (this is provided by the patch). + +Examples +-------- + +### Ruby/Unicorn + +#### Update Buildpacks + +Use [heroku-buildpack-multii](https://github.com/agriffis/heroku-buildpack-multii) to load nginx-buildpack in addition to the Ruby buildpack. + +```bash +$ heroku config:set BUILDPACK_URL=https://github.com/agriffis/heroku-buildpack-multii.git +$ echo 'https://github.com/agriffis/nginx-buildpack.git' >> .buildpacks +$ echo 'https://codon-buildpacks.s3.amazonaws.com/buildpacks/heroku/ruby.tgz' >> .buildpacks +$ git add .buildpacks +$ git commit -m 'Add multi-buildpack' +``` + +#### Update Unicorn Config + +Listen on `ENV['PORT']` which will be the UNIX domain socket when running under NGINX. + +```ruby +listen ENV['PORT'] +``` + +#### Update Procfile + +Prefix your server with `bin/start-nginx`. + +``` +web: bin/start-nginx bundle exec unicorn -c config/unicorn.rb +``` + +### Python/Gunicorn + +#### Update Buildpacks + +Use [heroku-buildpack-multii](https://github.com/agriffis/heroku-buildpack-multii) to load nginx-buildpack in addition to the Python buildpack. + +```bash +$ heroku config:set BUILDPACK_URL=https://github.com/agriffis/heroku-buildpack-multii.git +$ echo 'https://github.com/agriffis/nginx-buildpack.git' >> .buildpacks +$ echo 'https://github.com/heroku/heroku-buildpack-python.git' >> .buildpacks +$ git add .buildpacks +$ git commit -m 'Add multi-buildpack' +``` + +#### Update Gunicorn Config + +Check for the UNIX domain socket and prefix with `unix:` for Gunicorn in `config/gunicorn.py`. + +```python +import os + +bind = os.environ['PORT'] + +if bind.startswith('/'): + bind = 'unix:' + bind +``` + +#### Update Procfile + +Prefix your server with `bin/start-nginx`. + +``` +web: bin/start-nginx gunicorn -c config/gunicorn.py +``` + +License +------- + +* Copyright (c) 2013 Ryan R. Smith +* Copyright (c) 2014 Aron Griffis + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/bin/compile b/bin/compile index cd030263..81de6d56 100755 --- a/bin/compile +++ b/bin/compile @@ -1,23 +1,114 @@ #!/usr/bin/env bash -set -e - -mkdir -p "$1/bin/" -cp "bin/nginx-$STACK" "$1/bin/nginx" -nginx_version=$(./bin/nginx-$STACK -V 2>&1 | head -1 | awk '{ print $NF }') -echo "-----> nginx-buildpack: Installed ${nginx_version} to app/bin" -cp bin/start-nginx "$1/bin/" -echo '-----> nginx-buildpack: Added start-nginx to app/bin' - -mkdir -p "$1/config" - -cp config/mime.types "$1/config/" -echo '-----> nginx-buildpack: Default mime.types copied to app/config/' - -if [[ ! -f $1/config/nginx.conf.erb ]]; then - cp config/nginx.conf.erb "$1/config/" - echo '-----> nginx-buildpack: Default config copied to app/config.' -else - echo '-----> nginx-buildpack: Custom config found in app/config.' -fi -exit 0 +main() { + APP_DIR=/app + BUILD_DIR=$1 # /tmp/build_76471de2-7dff-46b7-b331-c8dd07653def + CACHE_DIR=$2 # /app/tmp/cache + ENV_DIR=$3 + BUILDPACK_DIR=$(readlink -f $(dirname $(type -P "$0"))/..) + + : ${NGINX_VERSION:=1.12.1} + : ${NGINX_PCRE_VERSION:=8.41} + : ${NGINX_HEADERS_MORE_VERSION:=0.32} + + set -eo pipefail + + load-env + + declare cached_version + if ! is-enabled "$NGINX_FORCE_BUILD"; then + cached_version=$($CACHE_DIR/sbin/nginx -V 2>&1 | head -n1 | awk -F/ '{print $NF}') || true + fi + + if [[ "$cached_version" != "$NGINX_VERSION" ]]; then + announce "Building NGINX $NGINX_VERSION" + build-nginx $CACHE_DIR + else + announce "Using cached NGINX $NGINX_VERSION" + fi + + install $CACHE_DIR/sbin/nginx bin/nginx + install $BUILDPACK_DIR/bin/start-nginx bin/start-nginx + cond-install $BUILDPACK_DIR/config/mime.types config/mime.types + cond-install $BUILDPACK_DIR/config/nginx.conf.erb config/nginx.conf.erb +} + +load-env() { + declare e + for e in $ENV_DIR/*; do + e=${e##*/} + if [[ $e == NGINX_* ]]; then + export "$e=$(<$ENV_DIR/$e)" + fi + done +} + +build-nginx() { + declare nginx_install_dir=$1 + declare nginx_build_dir=/tmp/nginx-build + + declare nginx_url=http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz + declare pcre_url=http://downloads.sourceforge.net/project/pcre/pcre/$NGINX_PCRE_VERSION/pcre-$NGINX_PCRE_VERSION.tar.bz2 + declare headers_more_url=https://github.com/agentzh/headers-more-nginx-module/archive/v$NGINX_HEADERS_MORE_VERSION.tar.gz + + ( + set-indent + + mkdir -p $nginx_build_dir + cd $nginx_build_dir + + curl -#L $nginx_url | tar xz + cd nginx-$NGINX_VERSION + curl -#L $pcre_url | tar xj + curl -#L $headers_more_url | tar xz + + patch -p1 < $BUILDPACK_DIR/nginx-1.5.12-heroku.patch + + CFLAGS="-O3 -pipe" ./configure \ + --prefix=$nginx_install_dir \ + --with-pcre=pcre-$NGINX_PCRE_VERSION \ + --add-module=$PWD/headers-more-nginx-module-$NGINX_HEADERS_MORE_VERSION \ + --with-http_addition_module \ + --with-http_dav_module \ + --with-http_gzip_static_module \ + --with-http_realip_module \ + --with-http_stub_status_module \ + --with-http_ssl_module \ + --with-http_sub_module \ + --with-http_xslt_module + make -j4 + + mkdir -p $nginx_install_dir + make install + ) +} + +cond-install() { + if [[ -e $BUILD_DIR/$2 ]]; then + announce "Found custom $2" + else + install "$1" "$2" + fi +} + +install() { + mkdir -p "$BUILD_DIR/$(dirname $2)" + announce "Installing $2" + cp -a "$1" "$BUILD_DIR/$(dirname $2)/" +} + +set-indent() { + exec &> >(sed -u 's/^/ /') +} + +announce() { + echo "-----> nginx-buildpack: $*" +} + +is-enabled() { + ( shopt -s extglob nocasematch + [[ $1 == @(1|true|yes|on) ]] + ) +} + +[[ "$0" != "$BASH_SOURCE" ]] || main "$@" diff --git a/bin/nginx-cedar b/bin/nginx-cedar deleted file mode 100755 index ab924a91..00000000 Binary files a/bin/nginx-cedar and /dev/null differ diff --git a/bin/nginx-cedar-14 b/bin/nginx-cedar-14 deleted file mode 100755 index 9065133c..00000000 Binary files a/bin/nginx-cedar-14 and /dev/null differ diff --git a/bin/start-nginx b/bin/start-nginx index 804d449f..2d9a5c49 100755 --- a/bin/start-nginx +++ b/bin/start-nginx @@ -1,72 +1,194 @@ #!/usr/bin/env bash -psmgr=/tmp/nginx-buildpack-wait -rm -f $psmgr -mkfifo $psmgr - -#Evaluate config to get $PORT -erb config/nginx.conf.erb > config/nginx.conf - -n=1 -while getopts :f option ${@:1:2} -do - case "${option}" - in - f) FORCE=$OPTIND; n=$((n+1));; - esac -done - -#Initialize log directory. -mkdir -p logs/nginx -touch logs/nginx/access.log logs/nginx/error.log -echo 'buildpack=nginx at=logs-initialized' - -#Start log redirection. -( - #Redirect NGINX logs to stdout. - tail -qF -n 0 logs/nginx/*.log - echo 'logs' >$psmgr -) & - -#Start App Server -( - #Take the command passed to this bin and start it. - #E.g. bin/start-nginx bundle exec unicorn -c config/unicorn.rb - COMMAND=${@:$n} - echo "buildpack=nginx at=start-app cmd=$COMMAND" - $COMMAND - echo 'app' >$psmgr -) & - -if [[ -z "$FORCE" ]] -then - FILE="/tmp/app-initialized" - - #We block on app-initialized so that when NGINX binds to $PORT - #are app is ready for traffic. - while [[ ! -f "$FILE" ]] - do - echo 'buildpack=nginx at=app-initialization' - sleep 1 - done - echo 'buildpack=nginx at=app-initialized' -fi - -#Start NGINX -( - #We expect nginx to run in foreground. - #We also expect a socket to be at /tmp/nginx.socket. - echo 'buildpack=nginx at=nginx-start' - bin/nginx -p . -c config/nginx.conf - echo 'nginx' >$psmgr -) & - -#This read will block the process waiting on a msg to be put into the fifo. -#If any of the processes defined above should exit, -#a msg will be put into the fifo causing the read operation -#to un-block. The process putting the msg into the fifo -#will use it's process name as a msg so that we can print the offending -#process to stdout. -read exit_process <$psmgr -echo "buildpack=nginx at=exit process=$exit_process" -exit 1 +main() { + if ! is-enabled "${NGINX_ENABLED:-1}"; then + at nginx-disabled + exec "$@" + fi + + at nginx-enabled + run-nginx "$@" +} + +run-nginx() { + declare psmgr=/tmp/nginx-buildpack-wait + declare -A pids signals + + set-vars + + # Evaluate configs to get $PORT + for c in config/*.conf.erb; do + erb $c > ${c%.erb} + done + + # Use named pipe to detect exit of any subprocess. + rm -f "$psmgr" + mkfifo "$psmgr" + + # Start app. + app-start SIGTERM "$@" + pid=$! + + # Wait for app to start. + if is-enabled "$NGINX_WAIT_ENABLED"; then + while [[ ! -e "$NGINX_WAIT_FILE" ]]; do + at app-waiting + sleep 1 + done + at app-initialized + fi + + # Create logs dir. NGINX insists on creating logs/error.log even + # though it will remain an empty file, with actual logging on stderr. + mkdir -p logs + + # Start NGINX. SIGQUIT for graceful shutdown. + aux-start nginx SIGQUIT bin/nginx -p "$PWD" -c config/nginx.conf + + # Don't exit top script until all subprocesses are done. + trap '' SIGTERM + + # This read will block the process waiting on a msg to be put into the + # fifo. If any of the processes defined above should exit, a msg will be + # put into the fifo causing the read operation to un-block. The process + # putting the msg into the fifo will use it's process name as a msg so that + # we can print the offending process to stdout. + declare exit_process + read exit_process < "$psmgr" + at "exit process=$exit_process" + + # Remove the FIFO. This allows following writes to simply create a file, + # rather than blocking because there's nothing reading the other end. + rm -f "$psmgr" + + # Clean up any running processes. + # SIGTERM application just in case something else crashed. + # If the dyno is shutting down, then SIGTERM has already been sent. + at "kill-app pid=$pid" + kill -SIGTERM $pid + + # Wait for the app to finish. + at "wait-app pid=$pid" + wait $pid + + # Kill the auxiliary processes. + # Send each one SIGHUP which will be translated by the trap in aux-start. + declare name + for name in "${!pids[@]}"; do + at "kill-aux name=$name pid=${pids[$name]} signal=${signals[$name]}" + kill -SIGHUP "${pids[$name]}" + done +} + +app-start() { + declare name=app signal=$1 + shift + + ( + at "$name-start" + + # Start child in the background. This is before the trap because + # the app needs to be able to receive when the dyno broadcasts + # SIGTERM on shutdown. + "$@" & + + # Translate SIGHUP/SIGTERM to the appropriate signal to stop the child + # (probably SIGTERM in this case). Since this doesn't exit, it won't + # cancel the wait. + trap "kill -$signal $!" SIGHUP SIGTERM + + # Wait for the app to finish, either by crash or by $signal + wait + + # Notify FIFO if this finishes first + echo "$name" > "$psmgr" + + at "$name-end" + ) & + + at "$name-launched pid=$!" +} + +aux-start() { + declare name=$1 signal=$2 + shift 2 + + ( + at "$name-start" + + # Ignore SIGTERM; this is inherited by the child process. + trap '' SIGTERM + + # Start child in the background. + "$@" & + + # Translate SIGHUP to the appropriate signal to stop the child + # (anything except SIGTERM which is ignored). Since this doesn't + # exit, it won't cancel the wait. + trap "kill -$signal $!" SIGHUP + + # Wait for child to finish, either by crash or by $signal + wait + + # Notify FIFO if this finishes first + echo "$name" > "$psmgr" + + at "$name-end" + ) & + + pids[$name]=$! + signals[$name]=$signal + at "$name-launched pid=$!" +} + +set-vars() { + : ${NGINX_ENABLED:=1} + : ${NGINX_LISTEN:=$PORT} + : ${NGINX_SOCKET:=/tmp/nginx.socket} + : ${NGINX_WAIT_FILE:=$NGINX_SOCKET} + : ${NGINX_WAIT_ENABLED:=1} + : ${NGINX_WORKERS:=4} + NGINX_GZIP_ENABLED=$(norm-enabled "${NGINX_GZIP_ENABLED:-1}") + : ${NGINX_GZIP_PROXIED:=any} + NGINX_GZIP_TYPES=$(expand-types "${NGINX_GZIP_TYPES:-plain css javascript json xml atom+xml rss+xml}") + + if [[ $NGINX_SOCKET == /* ]]; then + NGINX_SOCKET=unix:$NGINX_SOCKET + fi + + # Override $PORT for the app + PORT=$NGINX_SOCKET + + export ${!NGINX_*} PORT +} + +expand-types() { + declare -a types + declare t + + for t in $*; do + if [[ $t == */* ]]; then + types+=( $t ) + else + types+=( {application,text}/{,x-}$t ) + fi + done + + echo ${types[*]} +} + +at() { + echo "buildpack=nginx at=$*" +} + +is-enabled() { + ( shopt -s extglob nocasematch + [[ $1 == @(1|true|yes|on) ]] + ) +} + +norm-enabled() { + is-enabled "$1" && echo 1 || echo 0 +} + +[[ "$0" != "$BASH_SOURCE" ]] || main "$@" diff --git a/changelog.md b/changelog.md deleted file mode 100644 index 38aac7f4..00000000 --- a/changelog.md +++ /dev/null @@ -1,27 +0,0 @@ -## v0.4 - -2012-05-13 - -Update NGINX config - -* enabled gzip compression -* using epoll and increasing workers to 4 - -## v0.3 - -2012-05-11 - -* Improve process managment using a fifo. - -## v0.2 - -2012-05-10 - -* Improve the handling of app server failures - -## v0.1 - -2012-05-09 - -* NGINX 1.4.1 -* inital release diff --git a/config/nginx.conf.erb b/config/nginx.conf.erb index 9881850c..037b700e 100644 --- a/config/nginx.conf.erb +++ b/config/nginx.conf.erb @@ -1,45 +1,52 @@ daemon off; -#Heroku dynos have at least 4 cores. -worker_processes <%= ENV['NGINX_WORKERS'] || 4 %>; +worker_processes <%= ENV['NGINX_WORKERS'] %>; +pid /app/nginx.pid; +error_log stderr; events { - use epoll; - accept_mutex on; - worker_connections 1024; + use epoll; + accept_mutex on; + worker_connections 1024; } http { - gzip on; - gzip_comp_level 2; - gzip_min_length 512; - - server_tokens off; - - log_format l2met 'measure#nginx.service=$request_time request_id=$http_x_request_id'; - access_log logs/nginx/access.log l2met; - error_log logs/nginx/error.log; - - include mime.types; - default_type application/octet-stream; - sendfile on; - - #Must read the body in 5 seconds. - client_body_timeout 5; - - upstream app_server { - server unix:/tmp/nginx.socket fail_timeout=0; - } - - server { - listen <%= ENV["PORT"] %>; - server_name _; - keepalive_timeout 5; - - location / { - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_redirect off; - proxy_pass http://app_server; - } - } + <% if ENV['NGINX_GZIP_ENABLED'] == '1' %> + gzip on; + gzip_disable msie6; + gzip_min_length 512; + gzip_proxied <%= ENV['NGINX_GZIP_PROXIED'] %>; + gzip_types <%= ENV['NGINX_GZIP_TYPES'] %>; + <% end %> + + server_tokens off; + + log_format l2met 'measure#nginx.service=$request_time request_id=$http_x_request_id'; + access_log error l2met; + + include mime.types; + default_type application/octet-stream; + sendfile on; + + # Increase default upload size from 1M to allow uploading larger images. + client_max_body_size 10M; + + upstream app_server { + server <%= ENV['NGINX_SOCKET'] %> fail_timeout=0; + } + + server { + listen <%= ENV['NGINX_LISTEN'] %>; + server_name _; + keepalive_timeout 5; + + location / { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_pass http://app_server; + } + } + + # relative to location of nginx.conf + include nginx-local*.conf; } diff --git a/nginx-1.5.12-heroku.patch b/nginx-1.5.12-heroku.patch new file mode 100644 index 00000000..8c86fea2 --- /dev/null +++ b/nginx-1.5.12-heroku.patch @@ -0,0 +1,17 @@ +--- nginx-1.5.12/src/http/modules/ngx_http_log_module.c.heroku 2014-03-29 11:21:50.000000000 -0400 ++++ nginx-1.5.12/src/http/modules/ngx_http_log_module.c 2014-03-29 11:33:33.977839701 -0400 +@@ -1128,7 +1128,13 @@ + n = ngx_http_script_variables_count(&value[1]); + + if (n == 0) { +- log->file = ngx_conf_open_file(cf->cycle, &value[1]); ++ name = value[1]; ++ ++ if (ngx_strcmp(value[1].data, "error") == 0) { ++ ngx_str_null(&name); ++ } ++ ++ log->file = ngx_conf_open_file(cf->cycle, &name); + if (log->file == NULL) { + return NGX_CONF_ERROR; + } diff --git a/readme.md b/readme.md deleted file mode 100644 index 56485704..00000000 --- a/readme.md +++ /dev/null @@ -1,174 +0,0 @@ -# Heroku Buildpack: NGINX - -Nginx-buildpack vendors NGINX inside a dyno and connects NGINX to an app server via UNIX domain sockets. - -## Motivation - -Some application servers (e.g. Ruby's Unicorn) halt progress when dealing with network I/O. Heroku's Cedar routing stack [buffers only the headers](https://devcenter.heroku.com/articles/http-routing#request-buffering) of inbound requests. (The Cedar router will buffer the headers and body of a response up to 1MB) Thus, the Heroku router engages the dyno during the entire body transfer –from the client to dyno. For applications servers with blocking I/O, the latency per request will be degraded by the content transfer. By using NGINX in front of the application server, we can eliminate a great deal of transfer time from the application server. In addition to making request body transfers more efficient, all other I/O should be improved since the application server need only communicate with a UNIX socket on localhost. Basically, for webservers that are not designed for efficient, non-blocking I/O, we will benefit from having NGINX to handle all I/O operations. - -## Versions - -* Buildpack Version: 0.4 -* NGINX Version: 1.5.7 - -## Requirements - -* Your webserver listens to the socket at `/tmp/nginx.socket`. -* You touch `/tmp/app-initialized` when you are ready for traffic. -* You can start your web server with a shell command. - -## Features - -* Unified NXNG/App Server logs. -* [L2met](https://github.com/ryandotsmith/l2met) friendly NGINX log format. -* [Heroku request ids](https://devcenter.heroku.com/articles/http-request-id) embedded in NGINX logs. -* Crashes dyno if NGINX or App server crashes. Safety first. -* Language/App Server agnostic. -* Customizable NGINX config. -* Application coordinated dyno starts. - -### Logging - -NGINX will output the following style of logs: - -``` -measure.nginx.service=0.007 request_id=e2c79e86b3260b9c703756ec93f8a66d -``` - -You can correlate this id with your Heroku router logs: - -``` -at=info method=GET path=/ host=salty-earth-7125.herokuapp.com request_id=e2c79e86b3260b9c703756ec93f8a66d fwd="67.180.77.184" dyno=web.1 connect=1ms service=8ms status=200 bytes=21 -``` - -### Language/App Server Agnostic - -Nginx-buildpack provides a command named `bin/start-nginx` this command takes another command as an argument. You must pass your app server's startup command to `start-nginx`. - -For example, to get NGINX and Unicorn up and running: - -```bash -$ cat Procfile -web: bin/start-nginx bundle exec unicorn -c config/unicorn.rb -``` - -### Setting the Worker Processes - -You can configure NGINX's `worker_processes` directive via the -`NGINX_WORKERS` environment variable. - -For example, to set your `NGINX_WORKERS` to 8 on a PX dyno: - -```bash -$ heroku config:set NGINX_WORKERS=8 -``` - -### Customizable NGINX Config - -You can provide your own NGINX config by creating a file named `nginx.conf.erb` in the config directory of your app. Start by copying the buildpack's [default config file](https://github.com/ryandotsmith/nginx-buildpack/blob/master/config/nginx.conf.erb). - -### Customizable NGINX Compile Options - -See [scripts/build_nginx.sh](scripts/build_nginx.sh) for the build steps. Configuring is as easy as changing the "./configure" options. - -### Application/Dyno coordination - -The buildpack will not start NGINX until a file has been written to `/tmp/app-initialized`. Since NGINX binds to the dyno's $PORT and since the $PORT determines if the app can receive traffic, you can delay NGINX accepting traffic until your application is ready to handle it. The examples below show how/when you should write the file when working with Unicorn. - -## Setup - -Here are 2 setup examples. One example for a new app, another for an existing app. In both cases, we are working with ruby & unicorn. Keep in mind that this buildpack is not ruby specific. - -### Existing App - -Update Buildpacks -```bash -$ heroku config:set BUILDPACK_URL=https://github.com/ddollar/heroku-buildpack-multi.git -$ echo 'https://github.com/ryandotsmith/nginx-buildpack.git' >> .buildpacks -$ echo 'https://codon-buildpacks.s3.amazonaws.com/buildpacks/heroku/ruby.tgz' >> .buildpacks -$ git add .buildpacks -$ git commit -m 'Add multi-buildpack' -``` -Update Procfile: -``` -web: bin/start-nginx bundle exec unicorn -c config/unicorn.rb -``` -```bash -$ git add Procfile -$ git commit -m 'Update procfile for NGINX buildpack' -``` -Update Unicorn Config -```ruby -require 'fileutils' -listen '/tmp/nginx.socket' -before_fork do |server,worker| - FileUtils.touch('/tmp/app-initialized') -end -``` -```bash -$ git add config/unicorn.rb -$ git commit -m 'Update unicorn config to listen on NGINX socket.' -``` -Deploy Changes -```bash -$ git push heroku master -``` - -### New App - -```bash -$ mkdir myapp; cd myapp -$ git init -``` - -**Gemfile** -```ruby -source 'https://rubygems.org' -gem 'unicorn' -``` - -**config.ru** -```ruby -run Proc.new {[200,{'Content-Type' => 'text/plain'}, ["hello world"]]} -``` - -**config/unicorn.rb** -```ruby -require 'fileutils' -preload_app true -timeout 5 -worker_processes 4 -listen '/tmp/nginx.socket', backlog: 1024 - -before_fork do |server,worker| - FileUtils.touch('/tmp/app-initialized') -end -``` -Install Gems -```bash -$ bundle install -``` -Create Procfile -``` -web: bin/start-nginx bundle exec unicorn -c config/unicorn.rb -``` -Create & Push Heroku App: -```bash -$ heroku create --buildpack https://github.com/ddollar/heroku-buildpack-multi.git -$ echo 'https://codon-buildpacks.s3.amazonaws.com/buildpacks/heroku/ruby.tgz' >> .buildpacks -$ echo 'https://github.com/ryandotsmith/nginx-buildpack.git' >> .buildpacks -$ git add . -$ git commit -am "init" -$ git push heroku master -$ heroku logs -t -``` -Visit App -``` -$ heroku open -``` - -## License -Copyright (c) 2013 Ryan R. Smith -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/scripts/build_nginx.sh b/scripts/build_nginx.sh deleted file mode 100755 index 05702549..00000000 --- a/scripts/build_nginx.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Build NGINX and modules on Heroku. -# This program is designed to run in a web dyno provided by Heroku. -# We would like to build an NGINX binary for the builpack on the -# exact machine in which the binary will run. -# Our motivation for running in a web dyno is that we need a way to -# download the binary once it is built so we can vendor it in the buildpack. -# -# Once the dyno has is 'up' you can open your browser and navigate -# this dyno's directory structure to download the nginx binary. - -NGINX_VERSION=${NGINX_VERSION-1.5.7} -PCRE_VERSION=${PCRE_VERSION-8.21} -HEADERS_MORE_VERSION=${HEADERS_MORE_VERSION-0.23} - -nginx_tarball_url=http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz -pcre_tarball_url=http://garr.dl.sourceforge.net/project/pcre/pcre/${PCRE_VERSION}/pcre-${PCRE_VERSION}.tar.bz2 -headers_more_nginx_module_url=https://github.com/agentzh/headers-more-nginx-module/archive/v${HEADERS_MORE_VERSION}.tar.gz - -temp_dir=$(mktemp -d /tmp/nginx.XXXXXXXXXX) - -echo "Serving files from /tmp on $PORT" -cd /tmp -python -m SimpleHTTPServer $PORT & - -cd $temp_dir -echo "Temp dir: $temp_dir" - -echo "Downloading $nginx_tarball_url" -curl -L $nginx_tarball_url | tar xzv - -echo "Downloading $pcre_tarball_url" -(cd nginx-${NGINX_VERSION} && curl -L $pcre_tarball_url | tar xvj ) - -echo "Downloading $headers_more_nginx_module_url" -(cd nginx-${NGINX_VERSION} && curl -L $headers_more_nginx_module_url | tar xvz ) - -( - cd nginx-${NGINX_VERSION} - ./configure \ - --with-pcre=pcre-${PCRE_VERSION} \ - --prefix=/tmp/nginx \ - --add-module=/${temp_dir}/nginx-${NGINX_VERSION}/headers-more-nginx-module-${HEADERS_MORE_VERSION} - make install -) - -while true -do - sleep 1 - echo "." -done