What's New

New updates and improvements to Hatchbox.io

Assets default Cache-Control header

New
Assets from the Rails asset pipeline or webpacker are compiled with a hash at the end of the filename which allows them to be cached indefinitely. Today, we rolled out an update so Caddy will automatically add the Cache-Control header.

To use this new feature, use the Update Caddy button on one of the apps in your cluster. This will write the new Caddy config and enable the Cache-Control header. If you've customized your Caddy configuration, make sure to add the new variable to your config first.

Elasticsearch & Memcached Support

New
We've added unmanaged Elasticsearch & Memcached support! You can add this role to servers when you're editing or creating them. This will install and configure Elasticsearch and/or memcached on your servers.

Elasticsearch
Once installed, you can add Elasticsearch to your applications. This will set the ELASTICSEARCH_URL env var to your server's IP address. Elasticsearch uses SSL, so Hatchbox will automatically install the self-signed SSL certificate on your application servers to allow HTTPS access.

Memcached
Memcached is an excellent choice as a cache store for your applications. While Redis defaults to persisting all keys, Memcached is built specifically for handling caches and clearing out least recently used cache keys as needed.

We've configured memcached with SASL2 authentication so attaching Memcached to your applications will setup several environment variables with the connection information.

Jump Server / Bastion Host Support

New
If your servers are protected behind a jump server or bastion host, you can now specify the username, host, and port in your cluster's SSH tab.

With jump server settings enabled, Hatchbox will first login to your jump server using the cluster's SSH key and then connect to the servers inside your private network instead.
Screenshot 2023-07-04 at 2.54.20 PM.png 63.6 KB

GitHub Deployments

New
Applications deployed by Hatchbox using our GitHub App integration will now automatically have deployments recorded in their GitHub environments.
Screenshot 2023-07-04 at 2.51.47 PM.png 76.9 KB

Firewall Rules By Private IP Address

Update
We've updated our firewall rule management to handle firewall rules by private IP addresses in your cluster instead of subnets by default. 

This provides some added protection for servers in datacenters that don't use virtual private networks to separate servers by customer.

New default versions of Ruby 3.1.4 and Node.js 18.16.0

Update
We've updated our deploy script to install Ruby 3.1.4 and Node.js 18.16.0 for default versions. These were minor updates including bugfixes and no breaking changes. 

As always, if you'd like to use other versions, you can specify them in your repository by adding a .tool-versions file or .ruby-version and .node-version files.

🎉 Firewall Rule Management

New
We've introduced a new Firewall Rules tab on servers that you can use to customize the firewall rules for your servers.

Screenshot 2023-06-01 at 10.55.03 AM.png 320 KB

Hatchbox generates firewall rules automatically for your servers based upon their roles. For example, if you give a server the PostgreSQL role, we will automatically add a firewall rule to only allow port 5432 on the private subnet. This lets other servers in your cluster talk to Postgres, but nothing from the public internet to keep things secure. 

Firewall rules are handled by UFW on your servers which denies all incoming traffic by default.

Hetzner Cloud Integration

New
Hetzner provides cloud servers around the world. You can now use Hatchbox's integration to deploy servers with Hetzner Cloud!

For Hetzner's dedicated servers, you can create them and connect to Hatchbox using the Custom VPS option.

Ruby 3.2.2, 3.1.4, 3.0.6, and 2.7.8 support

New
New versions of Ruby were just released with a couple of security fixes. These are now available on Hatchbox and you can start using them today.

See the Ruby release page to learn more: https://www.ruby-lang.org/en/news/2023/03/30/ruby-3-2-2-released/

👨‍⚕️🩺 Introducing Application Health Checks!

New
For load balanced applications, you can now add a Health Check path to enable active health checks. 🎉

When enabled, Caddy will make an HTTP request every 30 seconds to determine if your application is healthy or not. If your application does not respond with a 200 OK, Caddy will remove the server from the load balancer until the next check that succeeds.

Plus, Rails 7.1 will ship with an /up route specifically for health checks like these out of the box!

GitHub Apps Integration

New
You now use our GitHub App for Hatchbox.io deployments! 🎉

This allows you to fine-tune access to your repositories that Hatchbox has access to and it can be configured separately for each organization.

To get started, click the "Connect GitHub" button on your App or Connected Accounts page. Install the Hatchbox GitHub App on your organization and update your app to use the GitHub app for deployments on the Repositories tab.

Existing applications will continue using GitHub OAuth for deployments, but we highly recommend switching to the GitHub Apps integration.

Caddy v2.6.3

Update
We've built the latest version of Caddy which includes a handful of bugfix improvements.

See the release for more details: https://github.com/caddyserver/caddy/releases/tag/v2.6.3

To update your server(s) to the latest Caddy, click the Configure button on your server.

Ruby 3.2.1 support

New
A new version of Ruby has shipped. Just bugfixes, no security vulnerabilities. See the release on Ruby's website: https://www.ruby-lang.org/en/news/2023/02/08/ruby-3-2-1-released/

Whenever cron job support

New
For Ruby apps, we now support managing cron jobs automatically during deploy using the whenever gem.

Ruby deployments are now slightly faster

Improvement
Hatchbox now runs "bundle check" before installing gems and if all the gems are installed, it will skip the "bundle install" command. Yay for speed improvements!

Postgres backups now use the custom format

Improvement
We've updated our Postgres backup script to now use the "custom" format. This format is compressed and makes it easier to restore backups using pg_restore, TablePlus, Postico, or your favorite Postgres GUI.

Ruby 3.2.0 Support

New
You can now deploy apps with Ruby 3.2

For more details about the release, see: https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released/

Ruby 3.1.3, 3.0.5, and 2.7.7 support

New
We've added support for the new Ruby versions: 3.1.3, 3.0.5, and 2.7.7

These new Ruby versions include a security fix for CGI. Read more.

BUNDLE_WITHOUT

Update
To provide more flexibility, we will no longer set the bundle "without" config. Bundler will install all gems during deploys by default now.

If you would like to speed up deployments as before, you can set the BUNDLE_WITHOUT environment variable to skip development and test groups.

BUNDLE_WITHOUT="development:test"

OpenSSL Updates

Update
Ubuntu has released a patch for OpenSSL for the recent CVEs. Rather than upgrading OpenSSL versions, they patch the current version to prevent bugs and regressions in LTS releases.

We've also recompiled all Ruby versions that use OpenSSL 1.1 against OpenSSL 1.1.1s so they also receive the patches. To update your apps, deploy a new version and the updated version of Ruby and OpenSSL will be installed.