Created
September 10, 2009 23:37
-
-
Save edavis10/184922 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # install passenger (I like this but others will choose mongrel clusters) | |
| ## Temporarily disable SELinux | |
| echo 0 > /selinux/enforce | |
| ## Permantly disable by changing SELINUX=enforcing to SELINUX=disabled | |
| ## in the file: /etc/selinux/config use the command: | |
| vi /etc/selinux/config | |
| ## Fix SELINUX (from passenger site) if installed from a gem (like here) | |
| ## find the passenger root folder: | |
| passenger-config --root | |
| ## run the command: | |
| chcon -R -h -t httpd_sys_content_t /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.4 | |
| # now the last install step for passenger | |
| passenger-install-apache2-module | |
| # configure apache for passenger | |
| echo "" >> /etc/httpd/conf/httpd.conf | |
| echo "# The Ruby-Rails-Passenger config" >> /etc/httpd/conf/httpd.conf | |
| echo "LoadModule passenger_module /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.4/ext/apache2/mod_passenger.so" >> /etc/httpd/conf/httpd.conf | |
| echo "PassengerRoot /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.4" >> /etc/httpd/conf/httpd.conf | |
| echo "PassengerRuby /usr/local/bin/ruby" >> /etc/httpd/conf/httpd.conf | |
| #Deploying a Ruby on Rails application | |
| echo "<VirtualHost *:80>" >> /etc/httpd/conf.d/itsupport.conf | |
| echo " ServerName mysite.com" >> /etc/httpd/conf.d/itsupport.conf | |
| echo " DocumentRoot /var/rails/itsupport/public" >> /etc/httpd/conf.d/itsupport.conf # <-- be sure to point to 'public'! | |
| echo " Redirect /login https://mysite.com/login" >> /etc/httpd/conf.d/itsupport.conf # enables ssl connections for login (a good idea) | |
| echo "</VirtualHost>" >> /etc/httpd/conf.d/itsupport.conf | |
| #Setup SSL (for login at least) | |
| # edit /etc/httpd/conf.d/ssl.conf | |
| # comment out this line: <VirtualHost _default_:443> | |
| # and add these lines just below the commented out line (DO NOT INCLUDE the #) | |
| #<VirtualHost *:443> | |
| # ServerName mysite.com | |
| # DocumentRoot /var/rails/itsupport/public | |
| # I use: vi /etc/httpd/conf.d/ssl.conf | |
| # GENERATE SSL KEYS FOR APACHE | |
| mkdir /home/manager/Desktop/certs | |
| cd /home/manager/Desktop/certs | |
| # Generate the private Key | |
| openssl genrsa -out ca.key 1024 | |
| # (or more securely) | |
| #openssl genrsa -des3 -out ca.key 1024 | |
| # Generate a Certificate Signing Request (CSR) - here you use the sitename | |
| openssl req -new -key ca.key -out ca.csr | |
| # Sign the Request (yourself) | |
| openssl x509 -req -days 1000 -in ca.csr -signkey ca.key -out ca.crt | |
| # Remove the PassPhrase (if used so you need not login on each reboot) | |
| #cp ca.key ca-secure.key | |
| #openssl rsa -in ca-secure.key -out ca.key | |
| # Install the keys | |
| mv ca.crt /etc/pki/tls/certs/ca.crt | |
| mv ca.key /etc/pki/tls/private/ca.key | |
| mv ca.csr /etc/pki/tls/private/ca.csr | |
| # Secure the keys | |
| chmod 400 /etc/pki/tls/certs/ca.crt | |
| chmod 400 /etc/pki/tls/private/ca.key | |
| chmod 400 /etc/pki/tls/private/ca.csr | |
| # Check that these lines are also present in the same file: /etc/httpd/conf.d/ssl.conf | |
| # Edit the line: SSLCertificateFile /etc/pki/tls/certs/ca.crt | |
| # & | |
| # Edit the line: SSLCertificateKeyFile /etc/pki/tls/private/ca.key | |
| # RESTART APACHE | |
| /etc/init.d/httpd restart | |
| # be sure apache is set to auto start on boot (if a server) | |
| /sbin/chkconfig --levels 2345 httpd on | |
| # check that it worked | |
| /sbin/chkconfig --list httpd | |
| # hopefully you see: | |
| #httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment