1. Setup an Amazon EC2 Instance

Head on over to your Amazon Console and setup an EC2 instance. For the purposes of a Gem server, I do not see the need for much storage or a high performance machine. I set up an Ubunut 16.04 t2.micro instance with 8GB of storage — more than enough for our purposes.

2. Setup Gemstash Security Group

I setup a simple security group, called gemstash , allowing all TCP connections to port 8080 . We will also allow connections to ports 80 and 443 , and will redirect these to port 8080 at a later point. And of course SSH access on the standard port.

3. Create an Access Keypair

To allow for SSH access to your gemstash server, as part of your instance setup, create a new keypair, called gemstash and download it (the downloaded file will be called gemstash.pem . Be sure to back this keypair up in a password management system like LastPass. This will allow you to access your shiny new Gem server.

4. Set up a User to own your Gem Server

The default user on your Gem server machine, ( ubuntu if you created an Ubuntu based EC2 instance), will have root permissions. Obviously, this is not the user that you want to run your Gem server under, due to the obvious security risks that this would bring. Follow the gist below to create the necessary user gemstash , where $GEMSERVER_IP is the Public IP of your newly created EC2 instance. Reboot your EC2 instance once you have completed the instructions in the gist.

Note: When deploying to your gemstash server, you may need to add your key to your SSH identities (you’ll need to do this if ssh-add says that no identities are added):

5. Create a Gemstash Project

Create a Ruby on Rails application that we will use to maintain our Gem server. Push your project to Github or Bitbucket, and keep the repository git URL handy, as it will be needed later.

5.1 Configure Gemfile

Add the following to your Gemfile to setup the necessary dependencies — we will be using Capistrano to manage our deployments. Note: We are using the GitHub version of the gemstash Gem as it allows us to setup an authorization key solely for fetch actions. Previous versions did not allow this.

5.2 Configure Capfile

As we are using RVM to manage our Rubies on our Gem server, we need to configure the Capfile to reflect this. Please adjust this to suit whichever tool you use to manage your Rubies.

5.3 Create a Production Deployment

For the purposes of the Gem server, we only need to setup a production environment, there’s no value in setting up test or staging deployments like we usually would.

Place the following in config/deploy/production.rb , replacing $LOCAL_MACHINE_SSH_PUBLIC_KEY_PATH with the path to the public key on your local machine.

5.4 Setup Gemstash Configuration

Create a configuration file for gemstash at config/gemstash.yml and update it to include the following. For our private Gem server at Showoff, we are running it over SSL, so our puma configuration binds to SSL , but I have included a configuration for a standard connection via TCP below as well.

Within this configuration, we have set protected_fetch to be true. This configures gemstash to only allow fetches using a valid authorization key. This can be set to false if you are not concerned with who is accessing your private gems, or you are just using gemstash as a mirror for some other Gem provider.

SSL Configuration:

TCP Configuration:

Note: If your Gem server is to be available over SSL , you will need to update the configuration to reflect the correct paths (make sure $SSL_CERT_PATH and $SSL_KEY_PATH point to your SSL certificate and key).

5.5 Update Capistrano Deployment

Update your Capistrano deploy.rb to match the following. At a high level, this will deploy and restart gemstash on your Gem server.

Following this, Capistrano will perform its standard deployment, and then copy the gemstash configuration into the correct directory, which it creates if it needs to. Lastly, it will start the gemstash server binding it to the address specified in the configuration. (Update $REPO_URL to point to your gemstash repository.)

5.6 Remove Unnecessary Files (Optional)

As we have created this project using Ruby on Rails, there a lot of unnecessary files that have been created. The only files that are required for this project are the ones created above, and bin/bundle . Everything else can be removed if desired.

5.7 Deploy Gemstash