pow and powprox install/reinstall

setup-pow.bash

#!/usr/bin/env bash

install() {
  brew cask list lunchy >/dev/null || brew cask install lunchy
  pwd=$(pwd)

  reinstall_openssl
  reinstall_nginx

  cd # In case user uses gemsets, ensure we're installing powder outside of a project
  reinstall_pow
  cd $pwd # back to where we were.
  fix_pow_forwarding
  test_pow # test loading an app
  link_apps

  install ssl support
  cd ..
  [ ! -d 'powprox' ] && git clone https://github.com/basecamp/powprox.git
  reinstall_powprox

  cd $pwd
}

reinstall_openssl() {
  brew uninstall openssl
  echo 'reinstalling openssl'
  brew install openssl
}

reinstall_nginx() {
  echo "removing  nginx"
  brew uninstall nginx
  lunchy stop nginx
  lunchy remove nginx
  sudo pkill -9 -f nginx
  sudo rm -f /Library/LaunchDaemons/homebrew.mxcl.nginx.plist
  ps aux | grep -q nginx || exit 1
  reinstall_openssl
  brew install nginx --with-spdy
  # Docroot is: /usr/local/var/www
  # The default port has been set in /usr/local/etc/nginx/nginx.conf to 8080 so that
  # nginx can run without sudo.
  # nginx will load all files in /usr/local/etc/nginx/servers/.
  ln -sfv /usr/local/opt/nginx/*.plist ~/Library/LaunchAgents
  launchctl load ~/Library/LaunchAgents/homebrew.mxcl.nginx.plist
}

# DEBUGGING
# PORT 80
#   else try:
fix_pow_forwarding() {
  powder status
  powder up
  # https://github.com/basecamp/pow/issues/480#issuecomment-62254317
  sudo sysctl -w net.inet.ip.forwarding=1;
  sudo echo "rdr pass proto tcp from any to any port {80,20559} -> 127.0.0.1 port 20559" | sudo pfctl -a "com.apple/250.PowFirewall" -Ef -
  # sudo pfctl -f /etc/pf.conf; sudo pfctl -e
}

# UNTRUSTED CERT IN CHROME
# Search pow in Keychain.
# If present, click, command+I, edit trust settings to always trust
# Else,
#  1. click on the https with the / through it in the address bar
#  2. click view certificate
#  3. drag the picture of the cert to the desktop (or another folder)
#  4. double click it to import it to the Keychain
#  5. edit trust settings to always trust as above
#
# Else restart chrome
# go to 'chrome://flags' and
# Try: Enable 'Allow invalid certificates for resources loaded from localhost.'
# Try: 'Mark non-secure origins as non-secure' as 'neutral'
test_pow() {
  cat /etc/resolver/dev
  echo -n "Pow upstream: "
  curl -H host:pow http://localhost:20559/status.json
  echo
  echo -n "Pow with pf port forward: "
  curl -H host:pow http://localhost:80/status.json
  echo
  echo -n "Nginx TLS proxy: "
  curl -H host:pow --insecure https://localhost:443/status.json
  echo
  mkdir -p /tmp/powtest
  cd /tmp/powtest
cat <<- EOF > config.ru
  run ->(*){ [200, {}, ["Yay, it works"]] }
EOF
  echo
  powder link
  echo
  echo 'curl http://powtest.dev'
  curl http://powtest.dev
  echo
  echo 'curl https://powtest.dev'
  curl --insecure https://powtest.dev
  echo
  powder unlink
  echo
  cd ~/projects/rails_server
  rm -rf /tmp/powtest
}

reinstall_pow() {
  gem install powder --conservative
  curl get.pow.cx/uninstall.sh | sh
  lunchy stop powd
  lunchy remove powd
  sudo pkill -9 -f pow
  sudo rm -f /Library/LaunchDaemons/cx.pow.firewall.plist
  sudo pkill -9 -f nack
  rm -rf ~/.pow
  rm -rf ~/Library/Application\ Support/Pow/
  # sudo rm -rf /etc/resolver/dev
  # rm ~/.powconfig
  ps aux | grep -q 'pow ' || exit 1

  powder install # Install pow
  test_pow
}

reinstall_powprox() {
  echo "stopping powprox"
  lunchy stop hostwatcher
  lunchy remove hostwatcher
  sudo rm -f /Library/LaunchDaemons/com.basecamp.powprox.nginxreloader.plist
  sudo rm -rf ~/.powprox
  rm -f /usr/local/etc/nginx/servers/powprox.conf
  $(lunchy status hostwatcher | grep -q hostwatcher)
  if [ $? -eq 0 ]; then
    echo 'hostwatcher is still running'
    exit 1
  fi
  echo "removing powprox"
  cd ~/projects/powprox
  POWPROX_DIR="${POWPROX_DIR:-$HOME/.powprox}"
  echo 'removing powprox certs; will error is not in keychain'
  sudo security remove-trusted-cert -d "$POWPROX_DIR/ssl/ca/pow-root-ca.crt" || echo "$!"
  sudo security remove-trusted-cert -d "$POWPROX_DIR/ssl/certs/pow-server.crt" || echo "$!"
  bin/powprox
  echo 'ensuring both root and server certs are added trusted to keychain'
  sudo security add-trusted-cert -d -r trustRoot -k "$HOME/Library/Keychains/login.keychain" "$POWPROX_DIR/ssl/ca/pow-root-ca.crt" || echo "$!"
  sudo security add-trusted-cert -d -r trustRoot -k "$HOME/Library/Keychains/login.keychain" "$POWPROX_DIR/ssl/certs/pow-server.crt" || echo "$!"
  powder respawn
}

link_apps() {
  cd ~/projects/rails_server
  powder link
}

# TODO: case
install

😁 👍