rinaldifonseca · May 15, 2011 03:03
diff --git a/Nesting and authenticating resque-web on ey-cloud b/Nesting and authenticating resque-web on ey-cloud
 Wouldn't it then be nice to include the resque-web interface underneath your current application's url.

 Wouldn't it be nice to use the same authentication mechanism that your web application uses?

 Here's a solution that we used on a recent Rails 2.3 ey-cloud project that accomplished both goals.

 First, we created a simple resque_web.ru file within our Rails 2.3 project. In this example we used the same Warden SSO authentication mechanism and fired up the resque-web server from the new mapping.

 <pre>

 # Set up Resque environment
 resque_config = YAML.load_file(File.join(File.dirname(__FILE__), 'config', 'resque.yml'))

 env = ENV['RACK_ENV'] || ENV['RAILS_ENV'] || 'development'
 Resque.redis = resque_config[env]
    
 map '/resque-web' do
  use Rack::Session::Cookie, :key => 'rack.session',
    :path => '/',
    :expire_after => 60 ** 2,
    :secret => 'supersecretresquekey'

  use CasrackTheAuthenticator::Simple, :cas_server => "http://sso.your_sso_server.com"
  use CasrackTheAuthenticator::RequireCAS
  use Rack::ShowExceptions
  run Resque::Server.new
 end

 </pre>

 The important piece here is that we use '/resque-web', we'll use this same path in a bit within our Nginx configuration. We also used the rack session cookies with our SSO authenticator.

 Another interesting piece here is that we're using Castronaut and Casrack the Authenticator, which makes SSO pretty straight forward.

 Next we created an upstream server in Nginx to resolve the path.

 Here's our Chef template for the upstream server.

 <pre>

 upstream resque_web_upstream {
   server unix:/var/run/engineyard/<%= @app_name %>/<%= @app_name %>.thin.1.sock;
 }

 </pre>

 The important piece here is that the upstream server lives outside of our web application config area.

 Here's our Chef recipe for creating the upstream server file.

 <pre>

 template "/etc/nginx/servers/resque_web.conf" do
  owner "root"
  group "root"
  mode 0755
  source "resque_web.conf.erb"
  variables({
    :app_name => app_name
  })
 end

 </pre>

 And then finally, we created a new custom location within our Nginx server configuration.

 Here's our Chef template for the custom Nginx Location.

 <pre>

 location /resque-web {
  proxy_set_header Host $http_host;
  include /etc/nginx/common/proxy.conf;
  proxy_pass http://resque_web_upstream;
 }

 </pre>

 And here's our Chef recipe for creating the custom location file.

 <pre>

 template "/etc/nginx/servers/#{app_name}/custom.locations.conf" do
  owner "root"
  group "root"
  mode 0755
  source "custom.locations.conf.erb"
  variables({
    :app_name => app_name
  })
 end

 </pre>

 That's it!
	Wouldn't it then be nice to include the resque-web interface underneath your current application's url.

	Wouldn't it be nice to use the same authentication mechanism that your web application uses?

	Here's a solution that we used on a recent Rails 2.3 ey-cloud project that accomplished both goals.

	First, we created a simple resque_web.ru file within our Rails 2.3 project. In this example we used the same Warden SSO authentication mechanism and fired up the resque-web server from the new mapping.

	<pre>

	# Set up Resque environment
	resque_config = YAML.load_file(File.join(File.dirname(__FILE__), 'config', 'resque.yml'))

	env = ENV['RACK_ENV'] \|\| ENV['RAILS_ENV'] \|\| 'development'
	Resque.redis = resque_config[env]

	map '/resque-web' do
	use Rack::Session::Cookie, :key => 'rack.session',
	:path => '/',
	:expire_after => 60 ** 2,
	:secret => 'supersecretresquekey'

	use CasrackTheAuthenticator::Simple, :cas_server => "http://sso.your_sso_server.com"
	use CasrackTheAuthenticator::RequireCAS
	use Rack::ShowExceptions
	run Resque::Server.new
	end

	</pre>

	The important piece here is that we use '/resque-web', we'll use this same path in a bit within our Nginx configuration. We also used the rack session cookies with our SSO authenticator.

	Another interesting piece here is that we're using Castronaut and Casrack the Authenticator, which makes SSO pretty straight forward.

	Next we created an upstream server in Nginx to resolve the path.

	Here's our Chef template for the upstream server.

	<pre>

	upstream resque_web_upstream {
	server unix:/var/run/engineyard/<%= @app_name %>/<%= @app_name %>.thin.1.sock;
	}

	</pre>

	The important piece here is that the upstream server lives outside of our web application config area.

	Here's our Chef recipe for creating the upstream server file.

	<pre>

	template "/etc/nginx/servers/resque_web.conf" do
	owner "root"
	group "root"
	mode 0755
	source "resque_web.conf.erb"
	variables({
	:app_name => app_name
	})
	end

	</pre>

	And then finally, we created a new custom location within our Nginx server configuration.

	Here's our Chef template for the custom Nginx Location.

	<pre>

	location /resque-web {
	proxy_set_header Host $http_host;
	include /etc/nginx/common/proxy.conf;
	proxy_pass http://resque_web_upstream;
	}

	</pre>

	And here's our Chef recipe for creating the custom location file.

	<pre>

	template "/etc/nginx/servers/#{app_name}/custom.locations.conf" do
	owner "root"
	group "root"
	mode 0755
	source "custom.locations.conf.erb"
	variables({
	:app_name => app_name
	})
	end

	</pre>

	That's it!