I'm following along with this wonderful book: Reliably Deploying Rails Applications, and there is a suggestion that I:
Copy the contents of nodes/rails_- postgres_redis.json.example to this
file and change the username and password for monit.
The Monit docs say I can it's safe to send a user and pass across with an SSL certificate, but my question is which user/pass am I supposed to use? (the one for my VPS? my own computer? some Monit generated user?)
Context: Learning to deploy Rails app to a VPS such as DigitalOcean or Linode
Author here, so it's this line:
https://github.com/TalkingQuickly/rails-server-template/blob/master/nodes/rails_postgres_redis.json.example#L27
And it should be a new user name and password just for Monit. So it can be anything you want but ideally shouldn't be the same as any of your other usernames and passwords.
Related
Alright, so I deployed my Ruby app to Heroku which I use Mailgun to handle email.
I linked my heroku account and dyno to mailgun. I set up my production.rb and I enter my domain so it can be verified by Mailgun.
To they approve my account I have add some TXT records to my Heroku DNS. But I cannot find where to do it. Is it possible? Or I have to buy my own domain in order to config on GoDaddy (for instance).
Thank you.
Generally TXT records can be added/modified by owner of host. Since you deploy application on Heroku, you cannot manage these records yourself.
Instead you probably need to add Mailgun from Heroku's dashboard as add-on. This action doesn't requires any further DNS configuration as far as I remember.
Your account on Mailgun's dashboard will look like 'app123456.mailgun.org' under section 'Sandbox Domains'. All Mailgun environment variables are set-up automatically after adding add-on thus you start sending quickly.
If you already have Mailgun account, I guess, adding Mailgun add-on will overwrite all related environment variables.
I try to set up Postgres for rails in order to be able to deploy on Heroku. I am actually resuming rails tutorials and am a bit lost (am no programmer)
In PgadminIII I try to connect to the single server available (POSTGRESQL 9.3 Localhost 5432)
It asks for a password (which I am guessing at the moment) and shows error:
server doesn't listen
My questions are:
Is the password the super user password? (the only one I own at the moment)
what is the purpose of the super user password?
How can I recover the password that activates the server?
Follow up this tutorial from command line and that way you can alter the password and create a new user with custom password.
Actually by default there will be template1 database that creates postgresql while intalling it for the first time and then you can create your database.
First you do all the steps mention in this tutorial and then from you applicatio you eed to create a database like
rake db:create:all
Postgresql Tutorial
super user password need to setup postgresql on you system, by which you can get access of super admin.
Password recovery command is also there in tutorial.
-------Updates---------
There are two possible reasons for this: either the server isn’t running at all. Simply start it.
The other non-trivial cause for this message is that the server isn’t configured to accept TCP/IP requests on the address shown.
Check your postgresql.conf file, add a line
tcpip = true
or if it is already there as "FALSE" value then just replace above line.
Hope this helps.
I'd like to be able ato implement the following behaviour :
An admin should be asked the passphrase to the GPG production key during the Rails server startup in production
The passphrase should not be stored anywhere other than RAM
Decryption capabilities should not be available in rake tasks or rails console
A gpg-agent seems out of the question, since any process launched by the same user the rails server runs with would be able to decrypt content.
A passphrase callback for the GPGME class asking for the passphrase seems to be the best solution (although tricky to implement because of the start-stop-daemon wrapper in /etc/init.d/unicorn which grabs stdin).
Am I missing something ? Are there any security holes with such a setup ? What would be a better solution ? Many thanks.
I have had a quick look on google to no avail.
I am looking for a way to write a rails app that can deploy another rails app using nginx unicorn and what ever else is necessary to get the job done.
Ideal the user would be presented with a screen where they would enter username password, email and sitename.
Then the app would create the site and give it the url sitename.appname.com
Thanks
Ash
They are called engineyard, and heroku.
Rails probably wouldn't do much but give you the control panel, all the magic would be behind the scenes. If you are just subdomaining an existing app, rails can do that too and you wouldn't need a new nginx/unicorn on each subdomain either.
The typical answer of "it depends on your app and there is not enough information to go on" applies as well.
I've got our Ruby on Rails app up and running on Heroku using HTTP. Now it's time to use HTTPS during the login process and for all transactions after the user is logged in. But I'm not sure where to start.
configuration
We're using:
Ruby (1.9.2)
Rails (3.0.5)
Devise (1.5.3)
Our domain (registered by GoDaddy) is oursite.com (not its real name), which resolves to oursite.herokuapp.com. I want secure transactions to be performed in a subdomain https://secure.oursite.com. I've purchased an SSL certificate from GoDaddy, created the key files, signed up for the Zerigo DNS service and set oursite.com nameservers to point at Zergo's servers. And on Heroku, I've done:
heroku domains:add secure.oursite.com
heroku ssl:add final.crt site.key
heroku addons:add ssl:hostname
the questions
If a user arrives at our site under http://oursite.com, how (and when) do I switch to https://secure.oursite.com?
How do I enforce using https for any secure transaction (e.g. submitting a password)?
How does one test this stuff using localhost:3000?
Concrete answers, general answers, and pointers to tutorials and examples are equally welcome. Thanks!
First:
redirecting from http://example.com to https://example.mysite.com
... is a very specific question that supersedes this very general question. I'll summarize the best bits of info I found in the last 24 hours, as it may be helpful to someone else.
The Heroku article on SSL is a must-read if you're deploying on Heroku.
Heroku also has an article describing how to purchase an SSL certificate from a general vendor as well an article describing how to purchase an SSL certificate from GoDaddy.
I was stuck for a while trying to configure the CNAME records for my Zerigo DNS service. The punch line is that if you create your Zerigo account using the Heroku dashboard, then you must configure your CNAME records using the Heroku dashboard as well. Gory details listed here.
If you're planning on upgrading to Rails 3.1, this is a good time to do so, since it has a built-in force_ssl method that is a clean replacement for various add-in gems (notably ssl_requirement).
Having said as much, the implementation of ssl_requirement in https://github.com/rails/ssl_requirement/blob/master/lib/ssl_requirement.rb is worth looking at, just to see how it uses redirect_to and the request object.
Simone Carletti has a comprehensive blog entry Configuring Rails 3 to use HTTPS and SSL, covering both Rails 3.0 and Rails 3.1.
Hope this is helpful...
I would have a look at ssl_requirement. This allows you to secure various parts of your application thus forcing you to only serve certain pages over HTTPS.
https://github.com/rails/ssl_requirement
With local development, you'll need to setup some sort of Apache / NGinx setup with a locally signed cert bolted on. A quick google uncovered this:
http://www.subelsky.com/2007/11/testing-rails-ssl-requirements-on-your.html