Skip to content

Instantly share code, notes, and snippets.

@tmcallister
Created May 23, 2012 23:52
Show Gist options
  • Save tmcallister/2778524 to your computer and use it in GitHub Desktop.
Save tmcallister/2778524 to your computer and use it in GitHub Desktop.
Faye with nginx config
FAYE_TOKEN = 'secretToken'
if defined? Rails
if Rails.env == 'development'
FAYE_URI = "http://#{APP_CONFIG[:nameremoved_service][:host]}:9292/faye"
else
FAYE_URI = "https://#{APP_CONFIG[:nameremoved_service][:host]}/faye"
end
plist = `ps -eo command | grep "faye"`.split("\n")
running = plist.select {|p| p.match('\Aruby faye.ru')}.present?
unless running
Thread.new do
if Rails.env == 'development'
command = "ruby faye.ru -s thin -E production rails_#{Rails.env}"
else
command = "ruby faye.ru -s thin --ssl -E production rails_#{Rails.env}"
end
sleep(5)
puts "Rackup Faye with #{command}"
puts "Faye uri is #{FAYE_URI}"
system(command)
end
end
end
require 'faye'
require File.expand_path('../config/initializers/faye.rb', __FILE__)
class ServerAuth
def incoming(message, callback)
if message['channel'] !~ %r{^/meta/}
if message['ext']['auth_token'] != FAYE_TOKEN
message['error'] = 'Invalid authentication token'
end
end
callback.call(message)
end
end
server = Faye::RackAdapter.new(:mount => '/faye', :timeout => 25)
server.add_extension(ServerAuth.new)
if ARGV.include? 'rails_development'
server.listen(9292)
else
server.listen(9292,
key: '/path/to/key.key',
cert: '/path/to/certificate.pem'
)
end
upstream faye {
server unix:/tmp/faye.0.sock;
server unix:/tmp/faye.1.sock;
}
upstream <%= application %> {
server unix:/tmp/<%= application %>.socket fail_timeout=0;
}
<%# HTTPS %>
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /path/to/certificate.pem;
ssl_certificate_key /path/to/key.key;
ssl_protocols SSLv3;
ssl_ciphers HIGH:!aNULL:!MD5;
root /var/www/<%= application %>/current/public;
location ^~ /assets/ {
gzip_static on; # is gzipping SSL encrypted data beneficial?
expires max;
add_header Cache-Control public;
}
# if a maintenance files exists, return it. We're done.
try_files /system/maintenance.html $uri/index.html $uri $uri.html @<%= application %>;
# -----------------------------------------
location @<%= application %> {
# needed to forward user's IP address to rails
proxy_set_header X-Real-IP $remote_addr;
# needed for HTTPS
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_pass http://<%= application %>;
}
# -----------------------------------------
location /faye {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://stage.fayeserver.com:9292;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 30;
}
<%# HTTP %>
server {
listen 80;
#listen 80 default deferred;
server_name localhost;
rewrite ^(.*) https://$http_host$request_uri permanent;
}
@chiragnayyar
Copy link

Thank you so much for this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment