Created
November 10, 2015 16:41
-
-
Save bf4/75e7b9b89bc823019a1d to your computer and use it in GitHub Desktop.
pow and powprox install/reinstall
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
install() { | |
brew cask list lunchy >/dev/null || brew cask install lunchy | |
pwd=$(pwd) | |
reinstall_openssl | |
reinstall_nginx | |
cd # In case user uses gemsets, ensure we're installing powder outside of a project | |
reinstall_pow | |
cd $pwd # back to where we were. | |
fix_pow_forwarding | |
test_pow # test loading an app | |
link_apps | |
install ssl support | |
cd .. | |
[ ! -d 'powprox' ] && git clone https://github.com/basecamp/powprox.git | |
reinstall_powprox | |
cd $pwd | |
} | |
reinstall_openssl() { | |
brew uninstall openssl | |
echo 'reinstalling openssl' | |
brew install openssl | |
} | |
reinstall_nginx() { | |
echo "removing nginx" | |
brew uninstall nginx | |
lunchy stop nginx | |
lunchy remove nginx | |
sudo pkill -9 -f nginx | |
sudo rm -f /Library/LaunchDaemons/homebrew.mxcl.nginx.plist | |
ps aux | grep -q nginx || exit 1 | |
reinstall_openssl | |
brew install nginx --with-spdy | |
# Docroot is: /usr/local/var/www | |
# The default port has been set in /usr/local/etc/nginx/nginx.conf to 8080 so that | |
# nginx can run without sudo. | |
# nginx will load all files in /usr/local/etc/nginx/servers/. | |
ln -sfv /usr/local/opt/nginx/*.plist ~/Library/LaunchAgents | |
launchctl load ~/Library/LaunchAgents/homebrew.mxcl.nginx.plist | |
} | |
# DEBUGGING | |
# PORT 80 | |
# else try: | |
fix_pow_forwarding() { | |
powder status | |
powder up | |
# https://github.com/basecamp/pow/issues/480#issuecomment-62254317 | |
sudo sysctl -w net.inet.ip.forwarding=1; | |
sudo echo "rdr pass proto tcp from any to any port {80,20559} -> 127.0.0.1 port 20559" | sudo pfctl -a "com.apple/250.PowFirewall" -Ef - | |
# sudo pfctl -f /etc/pf.conf; sudo pfctl -e | |
} | |
# UNTRUSTED CERT IN CHROME | |
# Search pow in Keychain. | |
# If present, click, command+I, edit trust settings to always trust | |
# Else, | |
# 1. click on the https with the / through it in the address bar | |
# 2. click view certificate | |
# 3. drag the picture of the cert to the desktop (or another folder) | |
# 4. double click it to import it to the Keychain | |
# 5. edit trust settings to always trust as above | |
# | |
# Else restart chrome | |
# go to 'chrome://flags' and | |
# Try: Enable 'Allow invalid certificates for resources loaded from localhost.' | |
# Try: 'Mark non-secure origins as non-secure' as 'neutral' | |
test_pow() { | |
cat /etc/resolver/dev | |
echo -n "Pow upstream: " | |
curl -H host:pow http://localhost:20559/status.json | |
echo | |
echo -n "Pow with pf port forward: " | |
curl -H host:pow http://localhost:80/status.json | |
echo | |
echo -n "Nginx TLS proxy: " | |
curl -H host:pow --insecure https://localhost:443/status.json | |
echo | |
mkdir -p /tmp/powtest | |
cd /tmp/powtest | |
cat <<- EOF > config.ru | |
run ->(*){ [200, {}, ["Yay, it works"]] } | |
EOF | |
echo | |
powder link | |
echo | |
echo 'curl http://powtest.dev' | |
curl http://powtest.dev | |
echo | |
echo 'curl https://powtest.dev' | |
curl --insecure https://powtest.dev | |
echo | |
powder unlink | |
echo | |
cd ~/projects/rails_server | |
rm -rf /tmp/powtest | |
} | |
reinstall_pow() { | |
gem install powder --conservative | |
curl get.pow.cx/uninstall.sh | sh | |
lunchy stop powd | |
lunchy remove powd | |
sudo pkill -9 -f pow | |
sudo rm -f /Library/LaunchDaemons/cx.pow.firewall.plist | |
sudo pkill -9 -f nack | |
rm -rf ~/.pow | |
rm -rf ~/Library/Application\ Support/Pow/ | |
# sudo rm -rf /etc/resolver/dev | |
# rm ~/.powconfig | |
ps aux | grep -q 'pow ' || exit 1 | |
powder install # Install pow | |
test_pow | |
} | |
reinstall_powprox() { | |
echo "stopping powprox" | |
lunchy stop hostwatcher | |
lunchy remove hostwatcher | |
sudo rm -f /Library/LaunchDaemons/com.basecamp.powprox.nginxreloader.plist | |
sudo rm -rf ~/.powprox | |
rm -f /usr/local/etc/nginx/servers/powprox.conf | |
$(lunchy status hostwatcher | grep -q hostwatcher) | |
if [ $? -eq 0 ]; then | |
echo 'hostwatcher is still running' | |
exit 1 | |
fi | |
echo "removing powprox" | |
cd ~/projects/powprox | |
POWPROX_DIR="${POWPROX_DIR:-$HOME/.powprox}" | |
echo 'removing powprox certs; will error is not in keychain' | |
sudo security remove-trusted-cert -d "$POWPROX_DIR/ssl/ca/pow-root-ca.crt" || echo "$!" | |
sudo security remove-trusted-cert -d "$POWPROX_DIR/ssl/certs/pow-server.crt" || echo "$!" | |
bin/powprox | |
echo 'ensuring both root and server certs are added trusted to keychain' | |
sudo security add-trusted-cert -d -r trustRoot -k "$HOME/Library/Keychains/login.keychain" "$POWPROX_DIR/ssl/ca/pow-root-ca.crt" || echo "$!" | |
sudo security add-trusted-cert -d -r trustRoot -k "$HOME/Library/Keychains/login.keychain" "$POWPROX_DIR/ssl/certs/pow-server.crt" || echo "$!" | |
powder respawn | |
} | |
link_apps() { | |
cd ~/projects/rails_server | |
powder link | |
} | |
# TODO: case | |
install |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
😁 👍