I've setup a rails production atmosphere with:
* The rails applications within user known as deploy.
* The deploy user is simply a regular user NOT getting sudo permissions.
* The deploy user uses its very own sand boxed rvm (no system-wide), so anything ruby is just underneath the deploy user.
* The consumer that runs apache does not need the ruby atmosphere also it dosen't must have access as apache dosen't need ruby.
* The deploy user runs a unicorn cluster.
This rvm non-system-wide configuration is effective for me personally. The benefits i see are:
* I don't have to use sudo each time i use a jewel.
* Ruby is sand boxed and just open to the deploy user, thus enhancing the safety from the system by minimalization. Apache dosen't worry about ruby, therefore it dosen't get can get on!
The only real downside is the fact that we can't use passenger-apache-module or passenger-nginx-modules, however passenger stand alone comes to save the day!
My Question: Exactly why is everybody on the web inclined towards using RVM system-wide installation? I possibly could not look for a single publish about RVM getting used in non-sudo mode in production. Am i missing probably the most critical piece here? I wish to understand what isn't so great about non-sudo rvm installation in production.
I usually perform a type of hybrid for deployments:
- I install RVM system wide (nevertheless its avaiable just for customers in rvm group)
- I produce a devoted user that is a part of various groups: rvm, db (mysql, postgres, or anything you use), nginx, etc...
by doing this you are able to:
- do all of the web-related administration tasks without needing sudo or root
- use capistrano without worries about rights or ruby instructions to operate
- keep control on rights and employ ruby from whatever place
- use bundler perfectly
should you install RVM within specific user, then you definitely can't use ruby outdoors that user.
Remember RVM isn't nearly rails or some rack based programs which for deployment are mainly transparent, because of different tools (web servers etc....) however for a ruby atmosphere.
Determine, for instance a threaded server designed in ruby watching the serial port, which must run as daemon, if you wish to start it by having an init script from init.d or simply from boot.local, trust me it is a headache to experience with
su - rvm_user -c"whatever in most cases impossible. During these moments you reconsider RVM install, a minimum of for production atmosphere.
I personally use rvm like a local user, too, however i could integrate passenger (version 5.by). Performs this page help? https://rvm.beginrescueend.com/integration/passenger/
I'm able to search into my config files (over the past weekend) and assist you should you find yourself in trouble. Tell me.
reaction to comment
Used to do non-system-wide-rvm-install because:
- It matched up my development atmosphere.
- I favor the "easy build from source without having affected system-wide install" method of doing things, generally.
- It had been simple to switch from distribution provided Ruby to local RVM provided Ruby in production and have the ability to switch back whether it did not work.
I haven't seen any issues with it, however i imagine system-wide-RVM and non-system-wide-RVM can function problem-free in production.
I'm using Apache, not Nginx. Also, I don't use Unicorn. These two variations could present an issue for you personally that may not affect me.