Kamal-proxy minimum version of v0.5.0

Changes: https://github.com/basecamp/kamal-proxy/compare/v0.4.0...v0.5.0

Also explain how to update the proxy.

Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    kamal (2.0.0.rc3)
+    kamal (2.0.0.rc2)
       activesupport (>= 7.0)
       base64 (~> 0.2)
       bcrypt_pbkdf (~> 1.0)

lib/kamal/cli/proxy.rb

@@ -14,7 +14,7 @@ class Kamal::Cli::Proxy < Kamal::Cli::Base
         version = capture_with_info(*KAMAL.proxy.version).strip.presence
 
         if version && Kamal::Utils.older_version?(version, Kamal::Configuration::PROXY_MINIMUM_VERSION)
-          raise "kamal-proxy version #{version} is too old, please reboot to update to at least #{Kamal::Configuration::PROXY_MINIMUM_VERSION}"
+          raise "kamal-proxy version #{version} is too old, please run `kamal proxy reboot` to update to at least #{Kamal::Configuration::PROXY_MINIMUM_VERSION}"
         end
         execute *KAMAL.proxy.start_or_run
       end

lib/kamal/cli/templates/deploy.yml

@@ -2,22 +2,11 @@
 service: my-app
 
 # Name of the container image.
-image: my-user/my-app
+image: user/my-app
 
 # Deploy to these servers.
 servers:
-  web:
+  - 192.168.0.1
-    - 192.168.0.1
-  # job:
-  #   hosts:
-  #     - 192.168.0.1
-  #   cmd: bin/jobs
-
-# Enable SSL auto certification via Let's Encrypt (and allow for multiple apps on one server).
-# Set ssl: false if using something like Cloudflare to terminate SSL (but keep host!).
-proxy:
-  ssl: true
-  host: app.example.com
 
 # Credentials for your image host.
 registry:
@@ -25,7 +14,7 @@ registry:
   # server: registry.digitalocean.com / ghcr.io / ...
   username: my-user
 
-  # Always use an access token rather than real password (pulled from .kamal/secrets).
+  # Always use an access token rather than real password when possible.
   password:
     - KAMAL_REGISTRY_PASSWORD
 
@@ -33,44 +22,19 @@ registry:
 builder:
   arch: amd64
 
-# Inject ENV variables into containers (secrets come from .kamal/secrets).
+# Inject ENV variables into containers (secrets come from .env).
-#
+# Remember to run `kamal env push` after making changes!
 # env:
 #   clear:
 #     DB_HOST: 192.168.0.2
 #   secret:
 #     - RAILS_MASTER_KEY
 
-# Aliases are triggered with "bin/kamal <alias>". You can overwrite arguments on invocation:
-# "bin/kamal logs -r job" will tail logs from the first server in the job section.
-#
-# aliases:
-#   shell: app exec --interactive --reuse "bash"
-
 # Use a different ssh user than root
-#
 # ssh:
 #   user: app
 
-# Use a persistent storage volume.
+# Use accessory services (secrets come from .env).
-#
-# volumes:
-#   - "app_storage:/app/storage"
-
-# Bridge fingerprinted assets, like JS and CSS, between versions to avoid
-# hitting 404 on in-flight requests. Combines all files from new and old
-# version inside the asset_path.
-#
-# asset_path: /app/public/assets
-
-# Configure rolling deploys by setting a wait time between batches of restarts.
-#
-# boot:
-#   limit: 10 # Can also specify as a percentage of total hosts, such as "25%"
-#   wait: 2
-
-# Use accessory services (secrets come from .kamal/secrets).
-#
 # accessories:
 #   db:
 #     image: mysql:8.0
@@ -92,3 +56,29 @@ builder:
 #     port: 6379
 #     directories:
 #       - data:/data
+
+# Bridge fingerprinted assets, like JS and CSS, between versions to avoid
+# hitting 404 on in-flight requests. Combines all files from new and old
+# version inside the asset_path.
+#
+# If your app is using the Sprockets gem, ensure it sets `config.assets.manifest`.
+# See https://github.com/basecamp/kamal/issues/626 for details
+#
+# asset_path: /rails/public/assets
+
+# Configure rolling deploys by setting a wait time between batches of restarts.
+# boot:
+#   limit: 10 # Can also specify as a percentage of total hosts, such as "25%"
+#   wait: 2
+
+# Configure the role used to determine the primary_host. This host takes
+# deploy locks, runs health checks during the deploy, and follow logs, etc.
+#
+# Caution: there's no support for role renaming yet, so be careful to cleanup
+#          the previous role on the deployed hosts.
+# primary_role: web
+
+# Controls if we abort when see a role with no hosts. Disabling this may be
+# useful for more complex deploy configurations.
+#
+# allow_empty_roles: false

lib/kamal/cli/templates/secrets

@@ -1,6 +1,5 @@
-# Secrets defined here are available for reference under registry/password, env/secret, builder/secrets,
+# WARNING: Avoid adding secrets directly to this file
-# and accessories/*/env/secret in config/deploy.yml. All secrets should be pulled from either
+# If you must, then add `.kamal/secrets*` to your .gitignore file
-# password manager, ENV, or a file. DO NOT ENTER RAW CREDENTIALS HERE! This file needs to be safe for git.
 
 # Option 1: Read secrets from the environment
 KAMAL_REGISTRY_PASSWORD=$KAMAL_REGISTRY_PASSWORD

lib/kamal/configuration.rb

@@ -14,7 +14,7 @@ class Kamal::Configuration
 
   include Validation
 
-  PROXY_MINIMUM_VERSION = "v0.4.0"
+  PROXY_MINIMUM_VERSION = "v0.5.0"
   PROXY_HTTP_PORT = 80
   PROXY_HTTPS_PORT = 443
 

lib/kamal/version.rb

@@ -1,3 +1,3 @@
 module Kamal
-  VERSION = "2.0.0.rc3"
+  VERSION = "2.0.0.rc2"
 end