Nervetree

Heres some tips for rails https.

First – use the plugin SslRequirement. But REMEMBER this ONLY works on controllers that are listed in the routes.rb file as RESOURCES

map.resources :blahblah

IE they only work on resources. Period. For non resource controllers, you will have to stick it in the links.

<%= button_to "Checkout", {:action => :checkout,:controller=>"catalog",:protocol=>"https://",:only_path=>false },{}%>

Here is how to use the ssl plugin

ruby script/plugin install ssl_requirement


class ApplicationController < ActiveRecord::Base
    include SslRequirement
end


class AccountController < ApplicationController
    ssl_required :signup, :payment
    ssl_allowed :index

    def signup
      # Non-SSL access will be redirected to SSL
    end

    def payment
      # Non-SSL access will be redirected to SSL
    end

    def index
      # This action will work either with or without SSL
    end

    def other
      # SSL access will be redirected to non-SSL
    end
end

Next Here is a working apache / mongrel config for a https ssl virtualhost. REMEMBER enable proxy, rewrite, and headers in the apache modules stanza

<IfDefine SSL>
<IfDefine !NOSSL>
<VirtualHost 192.168.1.42:443>
    DocumentRoot /srv/www/site-name/current/public
    ServerName www.site-name.com:443
    ServerAdmin webmaster@site-name.com
    ErrorLog /var/log/apache2/site-name.com-error_log
    CustomLog  /var/log/apache2/site-name.com-access_log combined
    HostnameLookups Off
    UseCanonicalName Off
    ServerSignature Off

    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL 
    SSLCertificateFile    /etc/apache2/site-name-ssl/www.site-name.com.crt
    SSLCertificateKeyFile /etc/apache2/site-name-ssl/site-name.key
    SSLCertificateChainFile  /etc/apache2/site-name-ssl/gd_intermediate_bundle.crt
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

    <Directory "/srv/www/site-name/current/public">
        Options FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    RewriteEngine On


    # Don't do forward proxying
    ProxyRequests Off

    # Enable reverse proxying
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>


    RequestHeader set X_FORWARDED_PROTO 'https'

    RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
    RewriteCond %{SCRIPT_FILENAME} !maintenance.html
    RewriteRule ^.*$ /system/maintenance.html [L]

    RewriteRule ^/$ /index.html [QSA] 
    RewriteRule ^([^.]+)$ $1.html [QSA]


    # Redirect all non-static requests to cluster
    RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f
    RewriteRule .* http://127.0.0.1:3000%{REQUEST_URI} [L,P,QSA]

    # Deflate
    AddOutputFilterByType DEFLATE text/html text/plain text/css text/xml application/xml application/xhtml+xml text/javascript 
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4.0[678] no-gzip
    BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

</VirtualHost>                                  

</IfDefine>
</IfDefine>

My pain is your gain.

Here is how to set a directory to fetch as an svn:externals directory. I keep forgetting this. Now you can remember it too.

#make sure your editor variable is set, find the editor
# or which vi or whatever
which emacs  

#no spaces in EDITOR="
export EDITOR="/usr/bin/emacs"     

cd THE-DIRECTORY-YOU-WANT-EXTERNAL-TO-BE-IN

#propset the svn externals on the current directory, this pops up the editor
svn propedit svn:externals .     

# in emacs --- in emacs -- in emacs one directory per line.
apache-ant http://svn.repository.my/apache-ant/trunk/

# you saved the file, back in the shell
#download the repo as the new directory directory-name, in this case apache-ant
svn update

DONE

I had to send large files with rails, so huge that it was killing rails.

Here is the solution, note the allow-x-send-file NOT allow-x-sendfile, this wasted a few hours of mine.

Make sure that “mod_fastcgi” is in the server.modules stanza of the lighttpd.conf file

Here is the vhosts.conf file

$HTTP["host"] =~ "www.yoursite.com" {
    server.document-root        = base + "/domains/yoursite.com/web/public/"
    server.error-handler-404 = "/dispatch.fcgi"
    compress.filetype        = ( "text/plain", "text/html", "text/css", "text/javascript" )
    compress.cache-dir       = base + "/domains/yoursite.com/web/tmp/cache"
    fastcgi.server = ( ".fcgi" =>
        ( "localhost" =>
            ( "socket" => base + "/var/run/yoursite-0.socket",
                "allow-x-send-file" => "enable",
                "bin-environment"   => ("RAILS_ENV" => "production")
            )
        )
    )
}

rails controller code

def send_this_file
    # this will force rails to read the entire file then stream it out BAD
    #send_file "#{RAILS_ROOT}/public/pdf/#{params[:id]}" , :type => mime_for(params[:id]), :disposition => 'inline', :stream => false

    # this will pass the headers to lighttpd and force it to handle the large static file, rails doesn't read the large file.
    filename = "#{RAILS_ROOT}/public/pdf/#{params[:id]}"
    response.headers['Content-Type'] = "application/force-download"
    response.headers['Content-Disposition'] = "attachment; filename=\"#{File.basename(filename)}\"" 
    response.headers["X-LIGHTTPD-send-file"] = filename
    response.headers['Content-length'] = File.size(filename)
    render :nothing => true
end

I am making a site which uses an object datastore cache and rails. The only feasable way of getting data to rails is via XML. The simplest way is to use ActiveResource , which is still way way beta.

Here’s how I did it.

from http://reprocessed.org/blog/archives/2006/08/01/active_resource_on_edge.html

You may be tempted to use edge rails

rake rails:freeze:edge

This won’t work, ActiveResource is not included in Edge, only Trunk. Here is how to set up a rails instance that uses ActiveResource.

mkdir -p some_name/vendor; cd some_name
svn co http://dev.rubyonrails.org/svn/rails/trunk vendor/rails
rails .

Then, add this line to your config/environment.rb file, somewhere inside the Rails::Initializer.run do |config| block:

config.load_paths += %W( #{RAILS_ROOT}/vendor/rails/activeresource/lib )

You are running on trunk now, this is the latest version of rails, and may be flakey.

Here is how to use it

From http://weblog.techno-weenie.net/2006/12/13/taking-ares-out-for-a-test-drive

I created two rails sites on my local machine, one is the server. One is the client. ActiveResource needs to be on the client. On the server I made a RESTful site which hooked up to MySQL

Here is the Migration for the database.

class CreateParts < ActiveRecord::Migration
  def self.up
    create_table :parts do |t|
      t.column :date, :date
      t.column :customer, :string
      t.column :customer_part_number, :string
      t.column :manufacturer, :string
      t.column :factory_part_number, :string
      t.column :description, :string
      t.column :cost, :string
      t.column :selling_price, :string
      t.column :notes, :text
    end
  end

  def self.down
    drop_table :parts
  end
end

This command generates the restful scaffolding to view the data.

ruby script/generate scaffold_resource part date:date customer:string customer_part_number:string manufacturer:string factory_part_number:string description:string cost:string selling_price:string notes:text

Then on the client site I did the same. Except there is no database, just the previous classes.

In the Models section on the client, use this as your model for the part
class PartResource < ActiveResource::Base
  self.site = 'http://localhost:3000'
  # site.user = 'username'
  # site.password = 'secret_sauce'
end

class Part < PartResource
end

When I started each server up on a different port, the client can query the server and the server queries the database.

script/server lighttpd -p3000    # server
script/server lighttpd -p3001    # client

Pull up a page at http://localhost:3001/parts/1000 and check it out.

Enjoy

I had to update the repository on a linux server to use local copies of cd’s I made

first remove the old repos rpm.removemedia -a

then add the new ones

urpmi.addmedia "linux1" file://home/linux/2006/media/main with_hdlist ../media_info/hdlist1.cz
urpmi.addmedia "linux2" file://home/linux/2006/media/applications   with_hdlist: ../media_info/hdlist2.cz
urpmi.addmedia "linux3" file://home/linux/2006/media/modules with_hdlist: ../media_info/hdlist3.cz
urpmi.addmedia "linux4" file://home/linux/2006/media/dkms with_hdlist: ../media_info/hdlist4.cz
urpmi.addmedia "linux5" file://home/linux/2006/media/firmwares with_hdlist: ../media_info/hdlist5.cz
urpmi.addmedia "linux6" file://home/linux/2006/media/contrib with_hdlist: ../media_info/hdlist6.cz

then install my file urpmi -i apache-mod_proxy

Don’t install the fcgi gem. If you did, run:

gem uninstall fcgi

Install FastCGI

wget http://www.fastcgi.com/dist/fcgi-2.4.0.tar.gz
cd fcgi-2.4.0
./configure
make
sudo make install

Go to the homepage http://raa.ruby-lang.org/project/fcgi

Download the tarball read the README and follow the install instructions

wget http://www.moonwolf.com/ruby/archive/ruby-fcgi-0.8.7.tar.gz
ruby install.rb config -- --with-fcgi-include=/usr/local/include --with-fcgi-lib=/usr/local/lib
ruby install.rb setup
ruby install.rb install

Get lighttpd installed

yum install lighttpd-fastcgi

Set your security level

If your were unfortunate enough to install SeLinux ( Security Enhanced ), I feel your pain.

Go to the “Security level and firewall” settings, disable SeLinux

Configure Lighttpd

Go to rails root. Run “script/server lighttpd” it should fail the first time but it generates a /config/lighttpd.conf file. Use the config/lighttpd.conf, modify it and put in /etc/lighttpd/lighttpd.conf. It didn’t like the cwd part so I hardcoded all paths.

Set lighttpd to start automatically in the “Systems/Services” application

Osx can mount a subversion repository over webdav. The repository appears as a network drive. Any changes to files in the repository are autocommited. Cool, except..

The svn repository is filled with one .DS_store file for each directory. Annoying

type this in a terminal window and restart.

defaults write com.apple.desktopservices DSDontWriteNetworkStores true

No more problem.

I have been backing my stuff up weekly using an applescript. But ran into a wall trying to automate the mysql backup. The issue is I have ALOT of development databases and I do not want a single dumpfile, else I would have to blow away and rebuild everything if I needed a refresh of one table. I wrote this nifty automator script.

• 1 Basicly the steps are drag Automator::Run Shell Script.
• 2 Fill in the script.
• 3 Drag Mail::New Message and send confirmation to yourself. I would have preferred to add an event to iCal but there is no Time.now() feature in the iCal Automator actions, so my system would always be backed up freshly August 18th 2006 at 12:50 pm, This is a problem.
• 4 Drag the Mail::Send Outgoing Messages
• 5 Save as a workflow Here is the script from step one. It asssumes there is no root password. I never open my laptop up to the world so a password is a hassle.

I created a directory in /Users/joel/backup_mysql/ to hold the archived mysql I created a directory in /Volumes/DROPSHIP/backup to archive to ( This is an external firewire drive )

for x in `/usr/local/mysql/bin/mysql -u root -Bse "show databases"`; do
/usr/local/mysql/bin/mysqldump -u root $x | /sw/bin/gzip -9 > /Users/joel/backup_mysql/$x.gz
done;
/usr/bin/rsync -aE --delete ~ /Volumes/DROPSHIP/backup 2>>~/rsyncErr.txt || echo -n;

To execute, rightclick :: Automator :: Backup Laptop …

I just installed a Django site on Ubuntu 64. This will be for an insanely busy hardware review site, I recently set up a mandrake 64 system. This is a totally non-biased, scientific opinion; Ubuntu kicks ass. I’m not looking back.

I want to start using Capistano ( a deployment tool for ruby on rails ). Its pretty cool. It executes deployment commands on multiple servers in parallel over ssh.

It needs SVN to work. It says in the instructions that you cannot use file:/// repositories. So I thought hey why not use http://localhost. That brick wall dented my head.

**FATHER**
Listen, lad, I built this kingdom up from nothing.  
All I had when I started was swamp ... 

Other kings said I was daft to build a castle on a swamp, 
but I built it all the same ... 

just to show 'em. 

It sank into the swamp.  

So I built a another one ... 
that sank into the swamp.  

I built another one ...  
That fell over and THEN sank into the swamp ....  

So I built another ... 

and that stayed up.

... And that's what your gonna get, lad: 

the most powerful kingdom in this island.

**PRINCE**
But I don't want any of that, I'd rather ...

**FATHER**
Rather what?

**PRINCE**
I'd rather ... just ... sing ...

MUSIC INTRO