Categories
computer

Capistrano Hanging During .tgz Upload

I just spent an annoying amount of time troubleshooting a new cap-based deploy.rb for a Rails app to a new CentOS 6.4 server. The deploy.rb worked perfectly on other systems, but something about the configuration was causing `cap deploy’ to hang during the following:

servers: [“myapp.example.com”]
** sftp upload /var/folders/0j/vmvt2by53m901wtmfv8xfjw40000gn/T/20130530225953.tar.gz -> /tmp/20130530225953.tar.gz

Long story short, when manually sftp’ing to the server, I’d get:

Received message too long 458961005

Ah ha! After taking a cue from this dude, I edited the .bashrc to redirect any output to /dev/null. I could then successufully sftp to the server manually, and `cap deploy’ magically worked as expected. The offending line was actually rvm, which of course insists on print a color-coded message when you `rvm use 2.0.0′ (or whatever). Changing the offending line to:

rvm use 2.0.0 >> /dev/null

..did the trick.

Categories
computer

Proxy Authentication Against Devise-Based Ruby Applications

(Quick GitHub link!)

My team at TGen has a Rails application using a typical devise + cancan installation for authentication and authorization, respectively, and a related Apache HTTPD proxy server we needed to authenticate against active accounts in the webapp before passing traffic to their destination, which is a single host. We tried mod_authn_dbd for a while, but the combination of Devise’s default adapive bcrypt password encryption that is not supported by mod_authn_dbd by default, a complex set of SQL statements to process the authorization directly, and that none of the existing modules seem to be able to do what we want, made it a messy ordeal.

Instead, we created devise-proxy: a simple proxy server written as Rack Middleware that you can deploy using Passenger within Apache or nginx. You simply provide devise-proxy with a config.yml file defining the hostname and port of the devise webapp to use as an authentication web service, and hostname and port of a single server to use as a forwarding target.

Clients connecting to the proxy use the email/password for their proxy username/password credentials. All authenticated clients will be forwarded to your provided host/port, but using the path in the client’s original HTTP request. Clients failing to authenticate will receive a 403 and the forwarding host will never be hit.

gem install devise-proxy # to install

git clone git://github.com/preston/devise-proxy.git # to clone!

devise-proxy is released under a BSD license via the GitHub project, here. Good luck!