tmcallister · May 23, 2012 23:52 · chiragnayyar · Jan 1, 2016
diff --git a/faye.rb b/faye.rb
 FAYE_TOKEN = 'secretToken'

 if defined? Rails

  if Rails.env == 'development'
    FAYE_URI   = "http://#{APP_CONFIG[:nameremoved_service][:host]}:9292/faye"
  else
    FAYE_URI   = "https://#{APP_CONFIG[:nameremoved_service][:host]}/faye"
  end

  plist = `ps -eo command  | grep "faye"`.split("\n")
  running = plist.select {|p| p.match('\Aruby faye.ru')}.present?
  unless running
    Thread.new do
      if Rails.env == 'development'
        command = "ruby faye.ru -s thin  -E production rails_#{Rails.env}"
      else
        command = "ruby faye.ru -s thin --ssl -E production rails_#{Rails.env}"
      end
      sleep(5)
      puts "Rackup Faye with #{command}"
      puts "Faye uri is #{FAYE_URI}"
      system(command)
    end
  end
 end
diff --git a/faye.ru b/faye.ru
 require 'faye'
 require File.expand_path('../config/initializers/faye.rb', __FILE__)

  class ServerAuth
    def incoming(message, callback)
      if message['channel'] !~ %r{^/meta/}
        if message['ext']['auth_token'] != FAYE_TOKEN
          message['error'] = 'Invalid authentication token'
        end
      end
      callback.call(message)
    end
  end

  server = Faye::RackAdapter.new(:mount => '/faye', :timeout => 25)
  server.add_extension(ServerAuth.new)

  if ARGV.include? 'rails_development'
    server.listen(9292)
  else
    server.listen(9292,
      key: '/path/to/key.key',
      cert: '/path/to/certificate.pem'
    )
  end
diff --git a/nginx.conf b/nginx.conf
 upstream faye {
   server unix:/tmp/faye.0.sock;
   server unix:/tmp/faye.1.sock;
 }
 upstream <%= application %> {
   server unix:/tmp/<%= application %>.socket fail_timeout=0;
 }

 <%# HTTPS %>
 server {
   listen 443;
   server_name localhost;
   ssl on;
   ssl_certificate      /path/to/certificate.pem;
   ssl_certificate_key  /path/to/key.key;
   ssl_protocols        SSLv3;
   ssl_ciphers          HIGH:!aNULL:!MD5;

   root /var/www/<%= application %>/current/public;

   location ^~ /assets/ {
      gzip_static on; # is gzipping SSL encrypted data beneficial?
      expires max;
      add_header Cache-Control public;
   }

   # if a maintenance files exists, return it. We're done.
   try_files /system/maintenance.html $uri/index.html $uri $uri.html @<%= application %>;

   # -----------------------------------------
   location @<%= application %> {
      # needed to forward user's IP address to rails
      proxy_set_header  X-Real-IP  $remote_addr;
      # needed for HTTPS
      proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $http_host;
      proxy_redirect off;
      proxy_max_temp_file_size 0;
      proxy_pass http://<%= application %>;
   }

   # -----------------------------------------
   location /faye {
     proxy_set_header  X-Real-IP  $remote_addr;
     proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_set_header Host $http_host;
     proxy_redirect off;

     proxy_pass http://stage.fayeserver.com:9292;
   }

   error_page 500 502 503 504 /500.html;
   client_max_body_size 4G;
   keepalive_timeout 30;
 }


 <%# HTTP %>
 server {
   listen 80;
   #listen 80 default deferred;
   server_name localhost;
   rewrite     ^(.*)   https://$http_host$request_uri permanent;
 }
	FAYE_TOKEN = 'secretToken'

	if defined? Rails

	if Rails.env == 'development'
	FAYE_URI = "http://#{APP_CONFIG[:nameremoved_service][:host]}:9292/faye"
	else
	FAYE_URI = "https://#{APP_CONFIG[:nameremoved_service][:host]}/faye"
	end

	plist = `ps -eo command \| grep "faye"`.split("\n")
	running = plist.select {\|p\| p.match('\Aruby faye.ru')}.present?
	unless running
	Thread.new do
	if Rails.env == 'development'
	command = "ruby faye.ru -s thin -E production rails_#{Rails.env}"
	else
	command = "ruby faye.ru -s thin --ssl -E production rails_#{Rails.env}"
	end
	sleep(5)
	puts "Rackup Faye with #{command}"
	puts "Faye uri is #{FAYE_URI}"
	system(command)
	end
	end
	end
	require 'faye'
	require File.expand_path('../config/initializers/faye.rb', __FILE__)

	class ServerAuth
	def incoming(message, callback)
	if message['channel'] !~ %r{^/meta/}
	if message['ext']['auth_token'] != FAYE_TOKEN
	message['error'] = 'Invalid authentication token'
	end
	end
	callback.call(message)
	end
	end

	server = Faye::RackAdapter.new(:mount => '/faye', :timeout => 25)
	server.add_extension(ServerAuth.new)

	if ARGV.include? 'rails_development'
	server.listen(9292)
	else
	server.listen(9292,
	key: '/path/to/key.key',
	cert: '/path/to/certificate.pem'
	)
	end
	upstream faye {
	server unix:/tmp/faye.0.sock;
	server unix:/tmp/faye.1.sock;
	}
	upstream <%= application %> {
	server unix:/tmp/<%= application %>.socket fail_timeout=0;
	}

	<%# HTTPS %>
	server {
	listen 443;
	server_name localhost;
	ssl on;
	ssl_certificate /path/to/certificate.pem;
	ssl_certificate_key /path/to/key.key;
	ssl_protocols SSLv3;
	ssl_ciphers HIGH:!aNULL:!MD5;

	root /var/www/<%= application %>/current/public;

	location ^~ /assets/ {
	gzip_static on; # is gzipping SSL encrypted data beneficial?
	expires max;
	add_header Cache-Control public;
	}

	# if a maintenance files exists, return it. We're done.
	try_files /system/maintenance.html $uri/index.html $uri $uri.html @<%= application %>;

	# -----------------------------------------
	location @<%= application %> {
	# needed to forward user's IP address to rails
	proxy_set_header X-Real-IP $remote_addr;
	# needed for HTTPS
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $http_host;
	proxy_redirect off;
	proxy_max_temp_file_size 0;
	proxy_pass http://<%= application %>;
	}

	# -----------------------------------------
	location /faye {
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $http_host;
	proxy_redirect off;

	proxy_pass http://stage.fayeserver.com:9292;
	}

	error_page 500 502 503 504 /500.html;
	client_max_body_size 4G;
	keepalive_timeout 30;
	}


	<%# HTTP %>
	server {
	listen 80;
	#listen 80 default deferred;
	server_name localhost;
	rewrite ^(.*) https://$http_host$request_uri permanent;
	}