Created
March 31, 2012 20:35
-
-
Save joakimk/2268269 to your computer and use it in GitHub Desktop.
Notes on how to successfully run faye in a rails app using thin behind a https / SSL nginx proxy with basic auth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'faye' | |
| Faye::WebSocket.load_adapter('thin') | |
| use Faye::RackAdapter, :mount => '/faye', :timeout => 25 | |
| require ::File.expand_path('../config/environment', __FILE__) | |
| run App::Application |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| faye_url = "#{window.location.protocol}//#{window.location.host}/faye" | |
| faye = new Faye.Client(faye_url) | |
| # We need to disable both of these to get faye to use long-polling | |
| faye.disable('websocket') | |
| faye.disable('eventsource') | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 443; | |
| server_name example.com; | |
| ssl on; | |
| ssl_certificate ssl.crt; | |
| ssl_certificate_key ssl.key; | |
| ssl_session_timeout 5m; | |
| ssl_protocols SSLv2 SSLv3 TLSv1; | |
| ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; | |
| ssl_prefer_server_ciphers on; | |
| location / { | |
| auth_basic "Restricted"; | |
| auth_basic_user_file /etc/nginx/htpass; | |
| proxy_pass http://127.0.0.1:4488; | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bundle exec thin start -p 4488 |
Is there a way for nginx to forward websockets?
do we require to use a different certificate from what we are using for the Rails server?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
One gotcha to watch out for here is that faye stores sessions in memory, if you have multiple processes for your rails app that won't work. In that case you probably need another storage backend, like redis.