When accessing my ssl certs with nginx from /etc/ssl/, everything works fine. But when I run rails development server (puma) as the normal user, it can't access the key in /etc/ssl/private/ because of permissions.
How can I access /etc/ssl/private from the rails server? Do I need to add my user to a group or run the server with a different command?
Related
I have completed development of an ember.js app for the time being, and am wondering how I can deploy it to a production server? I successfully built a dist dir within the app, and I also cloned the ember app repo to the production server.
I am deploying the rails app with capistrano from my local box to the VPS, and everything appears to be working there. Side note, I am using Nginx as the web server, and puma as the application server for the rails apps.
Also, I have the local dev versions of the ember / rails app working great on my local box running the below commands,
rails s --binding 127.0.0.1 and,
ember server --proxy http://127.0.0.1:3000
So I decided to copy the files that were in the dist dir to the public dir of the rails app, and move the assets for the ember app to the assets dir of the rails app.
On my local dev box, I see CSV files being presented like,
However when I load the "ember app" on the production box I am not seeing the CSV files being presented like,
Which brings me to my question, what is the proper way to deploy a ember-cli app to a production server and have it communicate to a rails API backend?
UPDATE
This is what I am seeing in the network tab,
In an ideal system, I use this setup:
On disk:
/srv/frontend/
/srv/backend/
frontend
With Ember CLI, /srv/frontend contains the output of ember build. I can use the --output-path=/srv/frontend flag to set this, if the Ember CLI source is also on the same machine. All API requests should be prefixed with /api. I do this by setting the namespace property to my ApplicationAdapter to api/ (or api/v1 sometimes.)
backend
/srv/backend contains my backend API (The location doesn't really matter in most cases).
For the Rails API, I use puma as a standalone server. As long as you have a standalone server that listens on a port, it doesn't matter if it's puma or something else. All API routes must be namespaced under /api. you can wrap all your routes in a scope block to do this without changing your codebase. I go one step further and add another namespace v1.
reverse proxy
Then I install nginx and make my config like this:
server {
listen 80;
server_name localhost;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
# add SSL paths
server_name localhost;
# UI, Static Build
location / {
alias /srv/frontend/;
index index.html;
}
# Rails API
location /api {
proxy_pass http://localhost:3000/;
}
}
So now I have an Nginx config that proxies / requests to the /srv/frontend/index.html and /api requests to Puma on port 3000.
The only downside to this is that I'm forced to use hash location on my Ember application. There are ways to circumvent this, but it's just easier to use hash location and history location doesn't really buy me much.
I have a php site on my server, suppose it is example.com.
And I want to run an rails app inside the domain like example.com/rails.
I am using nginx and tried to edit the example.com's host config and proxied the /rails location to unicorn upstream. But that did not work.
Is it possible to do like example.com/rails ?
I'm working on deploying my Rails app with Capistrano and the deploy is failing as it cannot create directory.
I have two users on my server:- root and deploy.
Capistrano is using the deploy user.
I have told Capistrano to deploy the app to /var/rails_apps/
It's /var/rails_apps/ that it cannot create a directory in.
What user should own that folder? root or deploy?
The server has nginx on it so I guess the site will run as www-data which looks to be nginx's user but I'm not sure what other areas should be owned by? Any clarification on this area?
deploy should own that folder. Nginx is just your web server, it is going to proxy requests to your application, which is likely running as a unicorn process (should run as deploy).
I bought a godaddy server, I want to deploy my rails app on it using Apache + Passenger + Capistrano.
However, it seems I can't install passenger in my server.
After I connect to my server using ssh and type 'sudo gem install passenger', it says sudo is an unknown command..
So can anyone tell me how to deploy rails app on a godaddy server?...
It depends on the Linux distribution you have installed on your machine, in order to log in as superuser you can try "sudo su" or simply "su".
Obviously you need to have the superuser password.
By default Go Daddy servers have a user you set with a password. To gain root access you will type:
su -
You will then enter the same password you logged in with originally. By default the user and root passwords are the same.
I have configured the Ruby On Rails Project on the Apache with the passenger but when I am doing the ssh using the application then its not working and gives this error in the apache log.
Could not create directory '/var/www/.ssh'.
Host key verification failed.
But when I run the same project on the WEBrick server then it works fine.
I am running the command in following way.
system("ssh machine command")
Check it out : http://blog.servergrove.com/2010/08/02/ssh-strange-error-host-key-verification-failed/
Host Key Verification Failure happens because you've already attempted to connect to a host # the same address, but the key that identifies the SSH server does not match the one that you connected to previously.
Make sure you are connecting to the server you think you are
If you are absolutely certain you are connecting to the same server then you can do one of the following:
Remove the offending key from ~/.ssh/known_hosts and try again
Edit your ssh config ( /etc/ssh/ssh_config ) and disable host-key checking: StrictHostKeyChecking no